Switched to use the structure used in AuthnBroker
This commit is contained in:
Roland Hedberg
@@ -229,8 +229,7 @@ class Server(Entity):
|
|||||||
|
|
||||||
def _authn_response(self, in_response_to, consumer_url,
|
def _authn_response(self, in_response_to, consumer_url,
|
||||||
sp_entity_id, identity=None, name_id=None,
|
sp_entity_id, identity=None, name_id=None,
|
||||||
status=None, authn=None,
|
status=None, authn=None, issuer=None, policy=None,
|
||||||
authn_decl=None, issuer=None, policy=None,
|
|
||||||
sign_assertion=False, sign_response=False):
|
sign_assertion=False, sign_response=False):
|
||||||
""" Create a response. A layer of indirection.
|
""" Create a response. A layer of indirection.
|
||||||
|
|
||||||
@@ -241,9 +240,8 @@ class Server(Entity):
|
|||||||
expected to be the bases for the assertion in the response.
|
expected to be the bases for the assertion in the response.
|
||||||
:param name_id: The identifier of the subject
|
:param name_id: The identifier of the subject
|
||||||
:param status: The status of the response
|
:param status: The status of the response
|
||||||
:param authn: A 2-tuple denoting the authn class and the authn
|
:param authn: A dictionary containing information about the
|
||||||
authority.
|
authn context.
|
||||||
:param authn_decl:
|
|
||||||
:param issuer: The issuer of the response
|
:param issuer: The issuer of the response
|
||||||
:param sign_assertion: Whether the assertion should be signed or not
|
:param sign_assertion: Whether the assertion should be signed or not
|
||||||
:param sign_response: Whether the response should be signed or not
|
:param sign_response: Whether the response should be signed or not
|
||||||
@@ -263,20 +261,21 @@ class Server(Entity):
|
|||||||
return self.create_error_response(in_response_to, consumer_url,
|
return self.create_error_response(in_response_to, consumer_url,
|
||||||
exc, sign_response)
|
exc, sign_response)
|
||||||
|
|
||||||
if authn: # expected to be a 2-tuple class+authority
|
if authn: # expected to be a dictionary
|
||||||
(authn_class, authn_authn) = authn
|
if "decl" in authn:
|
||||||
assertion = ast.construct(sp_entity_id, in_response_to,
|
assertion = ast.construct(sp_entity_id, in_response_to,
|
||||||
consumer_url, name_id,
|
consumer_url, name_id,
|
||||||
self.config.attribute_converters,
|
self.config.attribute_converters,
|
||||||
policy, issuer=_issuer,
|
policy, issuer=_issuer,
|
||||||
authn_class=authn_class,
|
authn_decl=authn["decl"],
|
||||||
authn_auth=authn_authn)
|
authn_auth=authn["authn_auth"])
|
||||||
elif authn_decl:
|
else:
|
||||||
assertion = ast.construct(sp_entity_id, in_response_to,
|
assertion = ast.construct(sp_entity_id, in_response_to,
|
||||||
consumer_url, name_id,
|
consumer_url, name_id,
|
||||||
self.config.attribute_converters,
|
self.config.attribute_converters,
|
||||||
policy, issuer=_issuer,
|
policy, issuer=_issuer,
|
||||||
authn_decl=authn_decl)
|
authn_class=authn["class_ref"],
|
||||||
|
authn_auth=authn["authn_auth"])
|
||||||
else:
|
else:
|
||||||
assertion = ast.construct(sp_entity_id, in_response_to,
|
assertion = ast.construct(sp_entity_id, in_response_to,
|
||||||
consumer_url, name_id,
|
consumer_url, name_id,
|
||||||
@@ -373,9 +372,9 @@ class Server(Entity):
|
|||||||
|
|
||||||
def create_authn_response(self, identity, in_response_to, destination,
|
def create_authn_response(self, identity, in_response_to, destination,
|
||||||
sp_entity_id, name_id_policy=None, userid=None,
|
sp_entity_id, name_id_policy=None, userid=None,
|
||||||
name_id=None, authn=None, authn_decl=None,
|
name_id=None, authn=None, issuer=None,
|
||||||
issuer=None, sign_response=False,
|
sign_response=False, sign_assertion=False,
|
||||||
sign_assertion=False, **kwargs):
|
**kwargs):
|
||||||
""" Constructs an AuthenticationResponse
|
""" Constructs an AuthenticationResponse
|
||||||
|
|
||||||
:param identity: Information about an user
|
:param identity: Information about an user
|
||||||
@@ -385,8 +384,7 @@ class Server(Entity):
|
|||||||
:param sp_entity_id: The entity identifier of the Service Provider
|
:param sp_entity_id: The entity identifier of the Service Provider
|
||||||
:param name_id_policy: How the NameID should be constructed
|
:param name_id_policy: How the NameID should be constructed
|
||||||
:param userid: The subject identifier
|
:param userid: The subject identifier
|
||||||
:param authn: Information about the authentication
|
:param authn: Information about the authentication context
|
||||||
:param authn_decl:
|
|
||||||
:param issuer: Issuer of the response
|
:param issuer: Issuer of the response
|
||||||
:param sign_assertion: Whether the assertion should be signed or not.
|
:param sign_assertion: Whether the assertion should be signed or not.
|
||||||
:param sign_response: Whether the response should be signed or not.
|
:param sign_response: Whether the response should be signed or not.
|
||||||
@@ -431,7 +429,6 @@ class Server(Entity):
|
|||||||
identity, # identity as dictionary
|
identity, # identity as dictionary
|
||||||
name_id,
|
name_id,
|
||||||
authn=authn,
|
authn=authn,
|
||||||
authn_decl=authn_decl,
|
|
||||||
issuer=issuer,
|
issuer=issuer,
|
||||||
policy=policy,
|
policy=policy,
|
||||||
sign_assertion=sign_assertion,
|
sign_assertion=sign_assertion,
|
||||||
|
|||||||
Reference in New Issue
Block a user