diff options
author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2020-12-07 23:11:30 +0200 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2020-12-07 23:20:59 +0200 |
commit | ac59e8a3763892379d2bb48ad9f8061096a51456 (patch) | |
tree | f0132f605d8c0fcfd712eef86991fc939729e80a /src/saml2/server.py | |
parent | c0c412e2f17edb9abdd89ee8ef103c85d23d285c (diff) | |
download | pysaml2-ac59e8a3763892379d2bb48ad9f8061096a51456.tar.gz |
Do no prepare assertion signature in create_attribute_response but in _response
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Diffstat (limited to 'src/saml2/server.py')
-rw-r--r-- | src/saml2/server.py | 18 |
1 files changed, 3 insertions, 15 deletions
diff --git a/src/saml2/server.py b/src/saml2/server.py index afb4e35a..d23418ff 100644 --- a/src/saml2/server.py +++ b/src/saml2/server.py @@ -548,7 +548,6 @@ class Server(Entity): # ------------------------------------------------------------------------ - # XXX calls pre_signature_part without ensuring sign_alg/digest_alg # XXX DONE idp create > _response def create_attribute_response( self, @@ -616,20 +615,6 @@ class Server(Entity): issuer=_issuer, name_id=name_id, farg=farg['assertion']) - if sign_assertion: - # XXX calls pre_signature_part without ensuring sign_alg/digest_alg - assertion.signature = pre_signature_part( - assertion.id, self.sec.my_cert, 1, sign_alg=sign_alg, digest_alg=digest_alg - ) - # Just the assertion or the response and the assertion ? - to_sign = [(class_name(assertion), assertion.id)] - kwargs['sign_assertion'] = True - - kwargs["assertion"] = assertion - - if sp_entity_id: - kwargs['sp_entity_id'] = sp_entity_id - return self._response( in_response_to, destination, @@ -637,8 +622,11 @@ class Server(Entity): issuer, sign_response, to_sign, + sign_assertion=sign_assertion, sign_alg=sign_alg, digest_alg=digest_alg, + assertion=assertion, + sp_entity_id=sp_entity_id, **kwargs, ) |