The small matter of using what's there :-)

2010-03-28 17:33:33 +02:00
parent be30699e87
commit cc27224cd3
3 changed files with 14 additions and 8 deletions
--- a/src/s2repoze/plugins/sp.py
+++ b/src/s2repoze/plugins/sp.py
@@ -233,12 +233,12 @@ class SAML2Plugin(FormPluginBase):
        # check for SAML2 authN response
        scl = Saml2Client(environ, self.conf)
        try:
-            # Evaluate the response
-            session_info = scl.response(post, self.conf["entityid"], 
+            # Evaluate the response, returns a AuthnResponse instance
+            ar = scl.response(post, self.conf["entityid"], 
                                        self.outstanding_authn,
                                        self.log)
            # Cache it
-            name_id = self._cache_session(session_info)
+            name_id = self._cache_session(ar.session_info())
            if self.debug:
                self.log and self.log.info("stored %s with key %s" % (
                                        session_info, name_id))
--- a/src/saml2/authnresponse.py
+++ b/src/saml2/authnresponse.py
@@ -112,6 +112,8 @@ class AuthnResponse(object):

        if self.debug:
            self.log.debug("response: %s" % (response,))
+
+        return self
        
    def clear(self):
        self.xmlstr = ""
@@ -263,6 +265,11 @@ class AuthnResponse(object):
    def id(self):
        return self.response.id

+    def session_info(self):
+        return { "ava": self.ava, "name_id": name_id, 
+                "came_from": self.came_from, "issuer": self.issuer(),
+                "not_on_or_after": self.not_on_or_after }
+    
 # ======================================================================
                                    
   # session_info["ava"]["__userid"] = session_info["name_id"]
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -323,11 +323,10 @@ class Saml2Client(object):
        log and log.info("SOAP request sent and got response: %s" % response)
        if response:
            log and log.info("Verifying response")
-            session_info = self.verify_response(response, 
-                                                issuer,
-                                                outstanding={session_id:""}, 
-                                                log=log, decode=False,
-                                                context="AttrReq")
+            
+            ar = authn_response(self.conf, issuer, {session_id:""}, log)            
+            session_info = ar.loads(response).verify().session_info()
+            
            log and log.info("session: %s" % session_info)
            return session_info
        else: