From 5cd93d7aae992c9ffb5ba67c3daac2deaa2392e2 Mon Sep 17 00:00:00 2001
From: Roland Hedberg <roland.hedberg@adm.umu.se>
Date: Tue, 27 Nov 2012 14:27:28 +0100
Subject: [PATCH] Assertion consumer service binding is POST if request is a
 HTTP-Redirect

---
 src/saml2/server.py | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/src/saml2/server.py b/src/saml2/server.py
index 3570dcc..3e8cd02 100644
--- a/src/saml2/server.py
+++ b/src/saml2/server.py
@@ -24,7 +24,7 @@ import shelve
 import sys
 import memcache
 
-from saml2 import saml
+from saml2 import saml, BINDING_HTTP_POST
 from saml2 import class_name
 from saml2 import soap
 from saml2 import BINDING_HTTP_REDIRECT
@@ -342,13 +342,18 @@ class Server(object):
 
         sp_entity_id = authn_request.message.issuer.text
         # try to find return address in metadata
-        try:
-            # What's the binding ? ProtocolBinding
+        # What's the binding ? ProtocolBinding
+        if authn_request.message.protocol_binding == BINDING_HTTP_REDIRECT:
+            _binding = BINDING_HTTP_POST
+        else:
             _binding = authn_request.message.protocol_binding
+
+        try:
             consumer_url = self.metadata.assertion_consumer_service(sp_entity_id,
                                                       binding=_binding)[0]
         except (KeyError, IndexError):
             _log_info("Failed to find consumer URL for %s" % sp_entity_id)
+            _log_info("Binding: %s" % _binding)
             _log_info("entities: %s" % self.metadata.entity.keys())
             raise UnknownPrincipal(sp_entity_id)