diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2021-11-22 02:23:18 +0200 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2021-11-22 02:23:58 +0200 |
commit | 44d967d264609f12ab648d1c3be6e3a166185dcf (patch) | |
tree | 5911d2e2663dcf22f5c6fdeb0985163b8d880797 /src/saml2/request.py | |
parent | 937c866e901d27d30c40942e370e30e272301c2c (diff) | |
download | pysaml2-44d967d264609f12ab648d1c3be6e3a166185dcf.tar.gz |
Fix signing for requests with the soap binding
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Diffstat (limited to 'src/saml2/request.py')
-rw-r--r-- | src/saml2/request.py | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/src/saml2/request.py b/src/saml2/request.py index 200a1ff8..787af78f 100644 --- a/src/saml2/request.py +++ b/src/saml2/request.py @@ -2,7 +2,6 @@ import logging from saml2 import time_util from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST from saml2.attribute_converter import to_local from saml2.s_utils import OtherError @@ -55,22 +54,22 @@ class Request(object): logger.debug("xmlstr: %s, relay_state: %s, sigalg: %s, signature: %s", self.xmlstr, relay_state, sigalg, signature) - signed_post = must and binding == BINDING_HTTP_POST - signed_redirect = must and binding == BINDING_HTTP_REDIRECT + sign_redirect = must and binding == BINDING_HTTP_REDIRECT + sign_post = must and not sign_redirect incorrectly_signed = IncorrectlySigned("Request was not signed correctly") try: self.message = self.signature_check( xmldata, origdoc=origdoc, - must=signed_post, + must=sign_post, only_valid_cert=only_valid_cert, ) except Exception as e: self.message = None raise incorrectly_signed from e - if signed_redirect: + if sign_redirect: if sigalg is None or signature is None: raise incorrectly_signed |