summaryrefslogtreecommitdiff
path: root/src/saml2/request.py
diff options
context:
space:
mode:
authorIvan Kanakarakis <ivan.kanak@gmail.com>2021-11-22 02:23:18 +0200
committerIvan Kanakarakis <ivan.kanak@gmail.com>2021-11-22 02:23:58 +0200
commit44d967d264609f12ab648d1c3be6e3a166185dcf (patch)
tree5911d2e2663dcf22f5c6fdeb0985163b8d880797 /src/saml2/request.py
parent937c866e901d27d30c40942e370e30e272301c2c (diff)
downloadpysaml2-44d967d264609f12ab648d1c3be6e3a166185dcf.tar.gz
Fix signing for requests with the soap binding
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Diffstat (limited to 'src/saml2/request.py')
-rw-r--r--src/saml2/request.py9
1 files changed, 4 insertions, 5 deletions
diff --git a/src/saml2/request.py b/src/saml2/request.py
index 200a1ff8..787af78f 100644
--- a/src/saml2/request.py
+++ b/src/saml2/request.py
@@ -2,7 +2,6 @@ import logging
from saml2 import time_util
from saml2 import BINDING_HTTP_REDIRECT
-from saml2 import BINDING_HTTP_POST
from saml2.attribute_converter import to_local
from saml2.s_utils import OtherError
@@ -55,22 +54,22 @@ class Request(object):
logger.debug("xmlstr: %s, relay_state: %s, sigalg: %s, signature: %s",
self.xmlstr, relay_state, sigalg, signature)
- signed_post = must and binding == BINDING_HTTP_POST
- signed_redirect = must and binding == BINDING_HTTP_REDIRECT
+ sign_redirect = must and binding == BINDING_HTTP_REDIRECT
+ sign_post = must and not sign_redirect
incorrectly_signed = IncorrectlySigned("Request was not signed correctly")
try:
self.message = self.signature_check(
xmldata,
origdoc=origdoc,
- must=signed_post,
+ must=sign_post,
only_valid_cert=only_valid_cert,
)
except Exception as e:
self.message = None
raise incorrectly_signed from e
- if signed_redirect:
+ if sign_redirect:
if sigalg is None or signature is None:
raise incorrectly_signed
View Lorry Controller Status