From 37e48dcbdc9eda77e9efddf41fad40152e76bc26 Mon Sep 17 00:00:00 2001
From: Roland Hedberg <roland.hedberg@adm.umu.se>
Date: Sun, 28 Dec 2014 16:59:16 +0100
Subject: [PATCH] Added a possibly useful method.

---
 src/saml2/server.py | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/src/saml2/server.py b/src/saml2/server.py
index 8eee26a..9ae6bff 100644
--- a/src/saml2/server.py
+++ b/src/saml2/server.py
@@ -42,7 +42,7 @@ from saml2.assertion import Policy
 from saml2.assertion import restriction_from_attribute_spec
 from saml2.assertion import filter_attribute_value_assertions
 
-from saml2.ident import IdentDB
+from saml2.ident import IdentDB, decode
 from saml2.profile import ecp
 
 logger = logging.getLogger(__name__)
@@ -700,3 +700,27 @@ class Server(Entity):
 
     def close(self):
         self.ident.close()
+
+    def clean_out_user(self, name_id):
+        """
+        Remove all authentication statements that belongs to a user identified
+        by a NameID instance
+
+        :param name_id: NameID instance
+        :return: The local identifier for the user
+        """
+
+        lid = self.ident.find_local_id(name_id)
+        logger.info("Clean out %s" % lid)
+
+        # remove the authentications
+        try:
+            for _nid in [decode(x) for x in self.ident.db[lid].split(" ")]:
+                try:
+                    self.session_db.remove_authn_statements(_nid)
+                except KeyError:
+                    pass
+        except KeyError:
+            pass
+
+        return lid
\ No newline at end of file