Should generate 'true'/'false' in xml not 'True'/'False'.

2014-04-15 21:06:49 +02:00
parent 817733a821
commit 94a4f0f171
3 changed files with 7 additions and 17 deletions
--- a/src/saml2/md.py
+++ b/src/saml2/md.py
@@ -1039,10 +1039,8 @@ class IDPSSODescriptorType_(SSODescriptorType_):
    c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Attribute'] = (
        'attribute', [saml.Attribute])
    c_cardinality['attribute'] = {"min": 0}
-    c_attributes['WantAuthnRequestsSigned'] = ('want_authn_requests_signed',
-                                               'boolean', False)
-    c_attributes['WantAuthnRequestsOnlyWithValidCert'] = ('want_authn_requests_only_with_valid_cert',
-                                               'boolean', False)
+    c_attributes['WantAuthnRequestsSigned'] = (
+        'want_authn_requests_signed', 'boolean', False)
    c_child_order.extend(['single_sign_on_service', 'name_id_mapping_service',
                          'assertion_id_request_service', 'attribute_profile',
                          'attribute'])
--- a/src/saml2/metadata.py
+++ b/src/saml2/metadata.py
@@ -431,7 +431,7 @@ DEFAULT = {
    "want_assertions_signed": "true",
    "authn_requests_signed": "false",
    "want_authn_requests_signed": "false",
-    "want_authn_requests_only_with_valid_cert": "false",
+    #"want_authn_requests_only_with_valid_cert": "false",
 }


@@ -554,22 +554,13 @@ def do_idpsso_descriptor(conf, cert=None):
        idpsso.key_descriptor = do_key_descriptor(cert)

    for key in ["want_authn_requests_signed"]:
+                #"want_authn_requests_only_with_valid_cert"]:
        try:
            val = conf.getattr(key, "idp")
            if val is None:
-                setattr(idpsso, key, DEFAULT["want_authn_requests_signed"])
+                setattr(idpsso, key, DEFAULT[key])
            else:
-                setattr(idpsso, key, "%s" % val)
-        except KeyError:
-            setattr(idpsso, key, DEFAULTS[key])
-
-    for key in ["want_authn_requests_only_with_valid_cert"]:
-        try:
-            val = conf.getattr(key, "idp")
-            if val is None:
-                setattr(idpsso, key, DEFAULT["want_authn_requests_only_with_valid_cert"])
-            else:
-                setattr(idpsso, key, "%s" % val)
+                setattr(idpsso, key, ("%s" % val).lower())
        except KeyError:
            setattr(idpsso, key, DEFAULTS[key])

--- a/tests/test_20_assertion.py
+++ b/tests/test_20_assertion.py
@@ -190,6 +190,7 @@ def test_ava_filter_dont_fail():
        "default": {
            "lifetime": {"minutes": 15},
            "attribute_restrictions": None,  # means all I have
+            "fail_on_missing_requested": False
        },
        "urn:mace:umu.se:saml:roland:sp": {
            "lifetime": {"minutes": 5},