openstack/deb-python-pysaml2
Code Issues Proposed changes

Added a method that checks any given return URL against what's registered in metadata.

Browse Source
This commit is contained in:
Roland Hedberg
2014-03-24 12:25:20 +01:00
parent b6fe85543a
commit c5aa4a2adf
1 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
src/saml2/discovery.py
View File

@@ -62,7 +62,8 @@ class DiscoveryServer(Entity):
# ------------------------------------------------------------------------- # -------------------------------------------------------------------------
def create_discovery_service_response(self, return_url=None, @staticmethod
def create_discovery_service_response(return_url=None,
returnIDParam="entityID", returnIDParam="entityID",
entity_id=None, **kwargs): entity_id=None, **kwargs):
if return_url is None: if return_url is None:
@@ -87,3 +88,13 @@ class DiscoveryServer(Entity):
return True return True
return False return False
def verify_return(self, entity_id, return_url):
for endp in self.metadata.discovery_response(entity_id):
try:
assert return_url.startswith(endp["location"])
except AssertionError:
pass
else:
return True
return False