summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/saml2/config.py1
-rw-r--r--tests/test_31_config.py14
2 files changed, 12 insertions, 3 deletions
diff --git a/src/saml2/config.py b/src/saml2/config.py
index 6687a60f..f441f337 100644
--- a/src/saml2/config.py
+++ b/src/saml2/config.py
@@ -104,6 +104,7 @@ SP_ARGS = [
"sp_type",
"sp_type_in_metadata",
"requested_attributes",
+ "requested_authn_context",
]
AA_IDP_ARGS = [
diff --git a/tests/test_31_config.py b/tests/test_31_config.py
index bb19d85c..9cf891e2 100644
--- a/tests/test_31_config.py
+++ b/tests/test_31_config.py
@@ -7,7 +7,8 @@ from saml2.mdstore import MetadataStore, name
from saml2 import BINDING_HTTP_REDIRECT, BINDING_SOAP, BINDING_HTTP_POST
from saml2.config import SPConfig, IdPConfig, Config
-
+from saml2.saml import AUTHN_PASSWORD_PROTECTED, AuthnContextClassRef
+from saml2.samlp import RequestedAuthnContext
from saml2 import logger
from pathutils import dotname, full_path
@@ -26,8 +27,14 @@ sp1 = {
"urn:mace:example.com:saml:roland:idp": {
'single_sign_on_service':
{'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect':
- 'http://localhost:8088/sso/'}},
- }
+ 'http://localhost:8088/sso/'}},
+ },
+ "requested_authn_context": RequestedAuthnContext(
+ authn_context_class_ref=[
+ AuthnContextClassRef(AUTHN_PASSWORD_PROTECTED),
+ ],
+ comparison="exact",
+ ),
}
},
"key_file": full_path("test.key"),
@@ -217,6 +224,7 @@ def test_1():
'http://localhost:8088/sso/'}}]
assert c.only_use_keys_in_metadata
+ assert 'PasswordProtectedTransport' in c._sp_requested_authn_context.to_string().decode()
def test_2():