openstack/deb-python-pysaml2
Code Issues Proposed changes

SAML Authenticate not recognizing sessioninfo during initial authentication.

Browse Source
This commit is contained in:
Andreas Richter
2014-04-16 10:34:38 -04:00
parent 1cd3275b82
commit c40ba8d177
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/s2repoze/plugins/sp.py
View File

@@ -490,7 +490,7 @@ class SAML2Plugin(object):
if ("CONTENT_LENGTH" not in environ or not environ["CONTENT_LENGTH"]) and \ if ("CONTENT_LENGTH" not in environ or not environ["CONTENT_LENGTH"]) and \
"SAMLResponse" not in query and "SAMLRequest" not in query: "SAMLResponse" not in query and "SAMLRequest" not in query:
logger.debug('[identify] get or empty post') logger.debug('[identify] get or empty post')
return {} return None
# if logger: # if logger:
# logger.info("ENVIRON: %s" % environ) # logger.info("ENVIRON: %s" % environ)
@@ -652,6 +652,8 @@ class SAML2Plugin(object):
#noinspection PyUnusedLocal #noinspection PyUnusedLocal
def authenticate(self, environ, identity=None): def authenticate(self, environ, identity=None):
if identity: if identity:
if identity.get('user') and environ.get('s2repoze.sessioninfo') and identity.get('user') == environ.get('s2repoze.sessioninfo').get('ava'):
return identity.get('login')
tktuser = identity.get('repoze.who.plugins.auth_tkt.userid', None) tktuser = identity.get('repoze.who.plugins.auth_tkt.userid', None)
if tktuser and self.saml_client.is_logged_in(decode(tktuser)): if tktuser and self.saml_client.is_logged_in(decode(tktuser)):
return tktuser return tktuser