diff --git a/example/idp2/idp.py b/example/idp2/idp.py index 7520b87..b1188a9 100755 --- a/example/idp2/idp.py +++ b/example/idp2/idp.py @@ -943,10 +943,10 @@ from mako.lookup import TemplateLookup AUTHN_BROKER = AuthnBroker() AUTHN_BROKER.add(authn_context_class_ref(PASSWORD), - username_password_authn, 10, - "http://%s" % socket.gethostname()) + username_password_authn, 10, + "http://%s" % socket.gethostname()) AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), - "", 0, "http://%s" % socket.gethostname()) + "", 0, "http://%s" % socket.gethostname()) IDP = server.Server(args.config, cache=Cache()) IDP.ticket = {} diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py index fc21c566..876baa4 100644 --- a/src/saml2/client_base.py +++ b/src/saml2/client_base.py @@ -315,7 +315,6 @@ class Base(Entity): protocol_binding=binding, scoping=scoping, **args) - def create_attribute_query(self, destination, name_id=None, attribute=None, message_id=0, consent=None, extensions=None, sign=False, sign_prepare=False, diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py index 72a35fc..bbde35f 100644 --- a/src/saml2/mdstore.py +++ b/src/saml2/mdstore.py @@ -103,7 +103,8 @@ def repack_cert(cert): class MetaData(object): - def __init__(self, onts, attrc, metadata="", node_name=None, **kwargs): + def __init__(self, onts, attrc, metadata="", node_name=None, + check_validity=True, **kwargs): self.onts = onts self.attrc = attrc self.entity = {} @@ -112,6 +113,7 @@ class MetaData(object): self.node_name = node_name self.entities_descr = None self.entity_descr = None + self.check_validity = check_validity def items(self): return self.entity.items() @@ -129,13 +131,14 @@ class MetaData(object): return self.entity[item] def do_entity_descriptor(self, entity_descr): - try: - if not valid(entity_descr.valid_until): - logger.info("Entity descriptor (entity id:%s) to old" % ( - entity_descr.entity_id,)) - return - except AttributeError: - pass + if self.check_validity: + try: + if not valid(entity_descr.valid_until): + logger.info("Entity descriptor (entity id:%s) to old" % ( + entity_descr.entity_id,)) + return + except AttributeError: + pass # have I seen this entity_id before ? If so if log: ignore it if entity_descr.entity_id in self.entity: @@ -187,12 +190,14 @@ class MetaData(object): logger.error(exc.args[0]) return - try: - if not valid(self.entities_descr.valid_until): - raise ToOld("Metadata not valid anymore, it's after %s" % ( - self.entities_descr.valid_until,)) - except AttributeError: - pass + if self.check_validity: + try: + if not valid(self.entities_descr.valid_until): + raise ToOld( + "Metadata not valid anymore, it's after %s" % ( + self.entities_descr.valid_until,)) + except AttributeError: + pass for entity_descr in self.entities_descr.entity_descriptor: self.do_entity_descriptor(entity_descr) diff --git a/src/saml2/response.py b/src/saml2/response.py index 1742c27..55cb5ea 100644 --- a/src/saml2/response.py +++ b/src/saml2/response.py @@ -451,8 +451,8 @@ class AuthnResponse(StatusResponse): def __init__(self, sec_context, attribute_converters, entity_id, return_addrs=None, outstanding_queries=None, timeslack=0, asynchop=True, allow_unsolicited=False, - test=False, allow_unknown_attributes=False, want_assertions_signed=False, - **kwargs): + test=False, allow_unknown_attributes=False, + want_assertions_signed=False, **kwargs): StatusResponse.__init__(self, sec_context, return_addrs, timeslack, asynchop=asynchop) diff --git a/src/saml2/validate.py b/src/saml2/validate.py index 6fd4893..3ba2dff 100644 --- a/src/saml2/validate.py +++ b/src/saml2/validate.py @@ -248,6 +248,8 @@ def valid_anytype(val): :return: True is value is valid otherwise an exception is raised """ for validator in VALIDATOR.values(): + if validator == valid_anytype: # To hinder recursion + continue try: if validator(val): return True