Allow the addition of SessionIndexes to a LogoutRequest

2014-12-10 14:37:20 +01:00
parent a941f1c3f0
commit c3f51e34cd
3 changed files with 16 additions and 4 deletions
--- a/src/saml2/client_base.py
+++ b/src/saml2/client_base.py
@@ -253,6 +253,7 @@ class Base(Entity):
                args["provider_name"] = self._my_name()

        # Allow argument values either as class instances or as dictionaries
+        # all of these have cardinality 0..1
        _msg = AuthnRequest()
        for param in ["scoping", "requested_authn_context", "conditions",
                      "subject", "scoping"]:
--- a/src/saml2/entity.py
+++ b/src/saml2/entity.py
@@ -35,7 +35,7 @@ from saml2.s_utils import rndstr
 from saml2.s_utils import success_status_factory
 from saml2.s_utils import decode_base64_and_inflate
 from saml2.s_utils import UnsupportedBinding
-from saml2.samlp import AuthnRequest
+from saml2.samlp import AuthnRequest, SessionIndex
 from saml2.samlp import AuthzDecisionQuery
 from saml2.samlp import AuthnQuery
 from saml2.samlp import AssertionIDRequest
@@ -673,7 +673,8 @@ class Entity(HTTPBase):
    def create_logout_request(self, destination, issuer_entity_id,
                              subject_id=None, name_id=None,
                              reason=None, expire=None, message_id=0,
-                              consent=None, extensions=None, sign=False):
+                              consent=None, extensions=None, sign=False,
+                              session_indexes=None):
        """ Constructs a LogoutRequest

        :param destination: Destination of the request
@@ -689,6 +690,7 @@ class Entity(HTTPBase):
        :param consent: Whether the principal have given her consent
        :param extensions: Possible extensions
        :param sign: Whether the query should be signed or not.
+        :param session_indexes: SessionIndex instances or just values
        :return: A LogoutRequest instance
        """

@@ -703,10 +705,20 @@ class Entity(HTTPBase):
        if not name_id:
            raise SAMLError("Missing subject identification")

+        args = {}
+        if session_indexes:
+            sis = []
+            for si in session_indexes:
+                if isinstance(si, SessionIndex):
+                    sis.append(si)
+                else:
+                    sis.append(SessionIndex(text=si))
+            args["session_index"] = sis
+
        return self._message(LogoutRequest, destination, message_id,
                             consent, extensions, sign, name_id=name_id,
                             reason=reason, not_on_or_after=expire,
-                             issuer=self._issuer())
+                             issuer=self._issuer(), **args)

    def create_logout_response(self, request, bindings=None, status=None,
                               sign=False, issuer=None):
--- a/tools/make_metadata.py
+++ b/tools/make_metadata.py
@@ -2,7 +2,6 @@
 import argparse
 import os
 import sys
-from saml2.s_utils import rndstr
 from saml2.metadata import entity_descriptor, metadata_tostring_fix
 from saml2.metadata import entities_descriptor
 from saml2.metadata import sign_entity_descriptor