Use signed_instance_factory preferred. Include certificate if assertion is signed. Print to stderr if print at all

2010-04-08 08:56:09 +02:00
parent a50bc42251
commit 93b3c1b915
1 changed files with 9 additions and 8 deletions
--- a/src/saml2/server.py
+++ b/src/saml2/server.py
@@ -20,6 +20,7 @@ or attribute authority (AA) may use to conclude its tasks.
 """

 import shelve
+import sys

 from saml2 import saml, samlp, VERSION, make_instance

@@ -31,7 +32,7 @@ from saml2.utils import OtherError, do_attribute_statement
 from saml2.utils import VersionMismatch, UnknownPrincipal, UnsupportedBinding
 from saml2.utils import status_from_exception_factory

-from saml2.sigver import security_context
+from saml2.sigver import security_context, signed_instance_factory
 from saml2.sigver import pre_signature_part
 from saml2.time_util import instant, in_a_while
 from saml2.config import Config
@@ -233,7 +234,8 @@ class Server(object):
            if self.log:
                self.log.info("%s != %s" % (consumer_url, return_destination))
            else:
-                print "%s != %s" % (consumer_url, return_destination)
+                print >> sys.stderr,
+                            "%s != %s" % (consumer_url, return_destination)
            raise OtherError("ConsumerURL and return destination mismatch")
        
        response["consumer_url"] = consumer_url
@@ -295,8 +297,7 @@ class Server(object):
        :param policy: The attribute release policy for this instance
        :return: A Response instance
        """
-        
-
+                
        if not status:
            status = success_status_factory()
            
@@ -323,19 +324,19 @@ class Server(object):
                                        policy, issuer=_issuer)
            
            if sign:
-                assertion["signature"] = pre_signature_part(assertion["id"])
+                assertion["signature"] = pre_signature_part(assertion["id"],
+                                                        self.sc.my_cert, 1)

            # Store which assertion that has been sent to which SP about which
            # subject.
-            print assertion
            
            self.cache.set(assertion["subject"]["name_id"]["text"], 
                            sp_entity_id, assertion, 
                            assertion["conditions"]["not_on_or_after"])
            
            response.update({"assertion":assertion})
-            
-        return make_instance(samlp.Response, response)
+                
+        return signed_instance_factory(samlp.Response, response, self.sc)

    # ------------------------------------------------------------------------