openstack/deb-python-pysaml2
Code Issues Proposed changes

Merge pull request #204 from HaToHo/master

Browse Source 
PEFIM fixes
This commit is contained in:
Roland Hedberg
2015-04-21 16:50:54 -07:00
parent d38e94715b 453061ca45
commit da91d0885f
3 changed files with 11 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
example/idp2/idp.py
View File

@@ -335,6 +335,8 @@ class SSO(Service):
_resp = IDP.create_authn_response(
identity, userid=self.user,
encrypt_cert=encrypt_cert,
encrypt_assertion_self_contained=True,
encrypted_advice_attributes=True,
**resp_args)
except Exception as excp:
logging.error(exception_trace(excp))
@@ -399,9 +401,9 @@ class SSO(Service):
return resp(self.environ, self.start_response)
if self.user:
saml_msg["req_info"] = self.req_info
if _req.force_authn is not None and \
_req.force_authn.lower() == 'true':
saml_msg["req_info"] = self.req_info
key = self._store_request(saml_msg)
return self.not_authn(key, _req.requested_authn_context)
else:
@@ -1013,6 +1015,7 @@ def application(environ, start_response):
if isinstance(callback, tuple):
cls = callback[0](environ, start_response, user)
func = getattr(cls, callback[1])
return func()
return callback(environ, start_response, user)

4
src/saml2/aes.py
View File

@@ -87,7 +87,7 @@ class AESCipher(object):
return cmsg
def decrypt(self, msg, iv=None, padding="PKCS#7", b64dec=True):
def decrypt(self, msg, iv=None, alg="aes_128_cbc", padding="PKCS#7", b64dec=True):
"""
:param key: The encryption key
:param iv: init vector
@@ -102,7 +102,7 @@ class AESCipher(object):
_iv = data[:AES.block_size]
if iv:
assert iv == _iv
cipher, iv = self.build_cipher(iv)
cipher, iv = self.build_cipher(iv, alg=alg)
res = cipher.decrypt(data)[AES.block_size:]
if padding in ["PKCS#5", "PKCS#7"]:
res = res[:-ord(res[-1])]

9
src/saml2/sigver.py
View File

@@ -1820,10 +1820,11 @@ def pre_encrypt_assertion(response):
assertion = response.assertion
response.assertion = None
response.encrypted_assertion = EncryptedAssertion()
if isinstance(assertion, list):
response.encrypted_assertion.add_extension_elements(assertion)
else:
response.encrypted_assertion.add_extension_element(assertion)
if assertion is not None:
if isinstance(assertion, list):
response.encrypted_assertion.add_extension_elements(assertion)
else:
response.encrypted_assertion.add_extension_element(assertion)
# txt = "%s" % response
# _ass = "%s" % assertion
# _ass = rm_xmltag(_ass)