diff options
author | Scott Koranda <skoranda@gmail.com> | 2017-05-15 12:54:15 -0500 |
---|---|---|
committer | Scott Koranda <skoranda@gmail.com> | 2017-05-15 12:54:15 -0500 |
commit | 0d2e0baf5277f9dd9248c64bf5a42fea3ff7be58 (patch) | |
tree | f3eb29cce88ee8ff96a1c897b16d02d90aa60699 /src | |
parent | 8aa80e9e67f76ef230cb377dfe8b2050fc1f82bf (diff) | |
download | pysaml2-0d2e0baf5277f9dd9248c64bf5a42fea3ff7be58.tar.gz |
Enable deployer to signal no name format in authn request
Enable a deployer to configure name_id_format with the string
'None' to signal that no Format attribute should be included
in the <NameIDPolicy> that is sent with the <AuthnRequest>. A
yaml null is still converted to a Python None that then results
in the default of Format being set to transient, so this patch
does not change default behavior.
Diffstat (limited to 'src')
-rw-r--r-- | src/saml2/client_base.py | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py index 4b1b350e..f740cb07 100644 --- a/src/saml2/client_base.py +++ b/src/saml2/client_base.py @@ -304,12 +304,21 @@ class Base(Entity): if nameid_format is None: nameid_format = self.config.getattr("name_id_format", "sp") + # If no nameid_format has been set in the configuration + # or passed in then transient is the default. if nameid_format is None: nameid_format = NAMEID_FORMAT_TRANSIENT + + # If a list has been configured or passed in choose the + # first since NameIDPolicy can only have one format specified. elif isinstance(nameid_format, list): - # NameIDPolicy can only have one format specified nameid_format = nameid_format[0] + # Allow a deployer to signal that no format should be specified + # in the NameIDPolicy by passing in or configuring the string 'None'. + elif nameid_format == 'None': + nameid_format = None + name_id_policy = samlp.NameIDPolicy(allow_create=allow_create, format=nameid_format) |