From 696e36accc3eff12262753810ea8b1de2a024c8c Mon Sep 17 00:00:00 2001
From: Ivan Kanakarakis <ivan.kanak@gmail.com>
Date: Tue, 24 Nov 2020 21:26:45 +0200
Subject: WIP callers

Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
---
 src/saml2/ecp.py                 | 37 +++++++++++++++++++++++++------------
 src/saml2/s2repoze/plugins/sp.py |  8 +++++---
 2 files changed, 30 insertions(+), 15 deletions(-)

diff --git a/src/saml2/ecp.py b/src/saml2/ecp.py
index 56448e9c..8db0afad 100644
--- a/src/saml2/ecp.py
+++ b/src/saml2/ecp.py
@@ -40,7 +40,9 @@ def ecp_capable(headers):
 
 
 #noinspection PyUnusedLocal
-def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
+def ecp_auth_request(
+    cls, entityid=None, relay_state="", sign=None, sign_alg=None, digest_alg=None
+):
     """ Makes an authentication request.
 
     :param entityid: The entity ID of the IdP to send the request to
@@ -59,9 +61,12 @@ def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
 
     # must_understand and actor according to the standard
     #
-    paos_request = paos.Request(must_understand="1", actor=ACTOR,
-                                response_consumer_url=my_url,
-                                service=SERVICE)
+    paos_request = paos.Request(
+        must_understand="1",
+        actor=ACTOR,
+        response_consumer_url=my_url,
+        service=SERVICE,
+    )
 
     eelist.append(element_to_extension_element(paos_request))
 
@@ -73,7 +78,13 @@ def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
 
     location = cls._sso_location(entityid, binding=BINDING_SOAP)
     req_id, authn_req = cls.create_authn_request(
-        location, binding=BINDING_PAOS, service_url_binding=BINDING_PAOS)
+        location,
+        binding=BINDING_PAOS,
+        service_url_binding=BINDING_PAOS,
+        sign=sign,
+        sign_alg=sign_alg,
+        digest_alg=digest_alg,
+    )
 
     body = soapenv.Body()
     body.extension_elements = [element_to_extension_element(authn_req)]
@@ -96,7 +107,8 @@ def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
         must_understand="1",
         provider_name=None,
         issuer=saml.Issuer(text=authn_req.issuer.text),
-        idp_list=idp_list)
+        idp_list=idp_list,
+    )
 
     eelist.append(element_to_extension_element(ecp_request))
 
@@ -104,8 +116,7 @@ def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
     # <ecp:RelayState>
     # ----------------------------------------
 
-    relay_state = ecp.RelayState(actor=ACTOR, must_understand="1",
-                                 text=relay_state)
+    relay_state = ecp.RelayState(actor=ACTOR, must_understand="1", text=relay_state)
 
     eelist.append(element_to_extension_element(relay_state))
 
@@ -118,20 +129,22 @@ def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
 
     soap_envelope = soapenv.Envelope(header=header, body=body)
 
-    return req_id, "%s" % soap_envelope
+    return req_id, str(soap_envelope)
 
 
 def handle_ecp_authn_response(cls, soap_message, outstanding=None):
     rdict = soap.class_instances_from_soap_enveloped_saml_thingies(
-        soap_message, [paos, ecp, samlp])
+        soap_message, [paos, ecp, samlp]
+    )
 
     _relay_state = None
     for item in rdict["header"]:
         if item.c_tag == "RelayState" and item.c_namespace == ecp.NAMESPACE:
             _relay_state = item
 
-    response = authn_response(cls.config, cls.service_urls(), outstanding,
-                              allow_unsolicited=True)
+    response = authn_response(
+        cls.config, cls.service_urls(), outstanding, allow_unsolicited=True
+    )
 
     response.loads("%s" % rdict["body"], False, soap_message)
     response.verify()
diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py
index a840ab37..3dec8d14 100644
--- a/src/saml2/s2repoze/plugins/sp.py
+++ b/src/saml2/s2repoze/plugins/sp.py
@@ -271,7 +271,6 @@ class SAML2Plugin(object):
     #### IChallenger ####
     # noinspection PyUnusedLocal
     def challenge(self, environ, _status, _app_headers, _forget_headers):
-
         _cli = self.saml_client
 
         if "REMOTE_USER" in environ:
@@ -346,7 +345,7 @@ class SAML2Plugin(object):
                     )
 
                 if _cli.authn_requests_signed:
-                    _sid = saml2.s_utils.sid()
+                    _sid = sid()
                     req_id, msg_str = _cli.create_authn_request(
                         dest,
                         vorg=vorg_name,
@@ -357,7 +356,10 @@ class SAML2Plugin(object):
                     _sid = req_id
                 else:
                     req_id, req = _cli.create_authn_request(
-                        dest, vorg=vorg_name, sign=False, extensions=extensions
+                        dest,
+                        vorg=vorg_name,
+                        sign=False,
+                        extensions=extensions,
                     )
                     msg_str = "%s" % req
                     _sid = req_id
-- 
cgit v1.2.1