diff options
| author | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2022-09-23 14:35:07 +0300 |
|---|---|---|
| committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2022-09-23 15:23:33 +0300 |
| commit | 52b7ccdcc81a56075c1e97b38868eb8b45611261 (patch) | |
| tree | 8c79e8eb6b12204eea30b9be854834e62e731a74 /src | |
| parent | 71c94d542d437861df57d3e777c93a6bdcf74498 (diff) | |
| download | pysaml2-52b7ccdcc81a56075c1e97b38868eb8b45611261.tar.gz | |
Fix signing when logout is requested
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
Diffstat (limited to 'src')
| -rw-r--r-- | src/saml2/client.py | 11 |
1 files changed, 6 insertions, 5 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py index ee773d3b..d4ab2eec 100644 --- a/src/saml2/client.py +++ b/src/saml2/client.py @@ -700,16 +700,17 @@ class Saml2Client(Base): BINDING_HTTP_REDIRECT: [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST], }.get(binding, []) - if sign is None: - sign = self.logout_responses_signed - for response_binding in response_bindings: + sign = sign if sign is not None else self.logout_responses_signed + sign_redirect = sign and response_binding == BINDING_HTTP_REDIRECT + sign_post = sign and not sign_redirect + try: response = self.create_logout_response( _req.message, bindings=[response_binding], status=status, - sign=sign, + sign=sign_post, sign_alg=sign_alg, digest_alg=digest_alg, ) @@ -721,7 +722,7 @@ class Saml2Client(Base): rinfo["destination"], relay_state, response=True, - sign=sign, + sign=sign_redirect, sigalg=sign_alg, ) except Exception: |