Show AuthnStatement together with all attributes on result page.

example/sp-wsgi/sp.py

@@ -2,11 +2,13 @@
 from __future__ import print_function
 
 import argparse
+import cgi
 import importlib
 import logging
 import os
 import re
 import sys
+import xml.dom.minidom
 
 import six
 from six.moves.http_cookies import SimpleCookie
@@ -329,9 +331,15 @@ class Service(object):
 
 
 class User(object):
-    def __init__(self, name_id, data):
+    def __init__(self, name_id, data, saml_response):
         self.name_id = name_id
         self.data = data
+        self.response = saml_response
+
+    @property
+    def authn_statement(self):
+        xml_doc = xml.dom.minidom.parseString(str(self.response.assertion.authn_statement[0]))
+        return xml_doc.toprettyxml()
 
 
 class ACS(Service):
@@ -374,7 +382,7 @@ class ACS(Service):
 
         logger.info("AVA: %s", self.response.ava)
 
-        user = User(self.response.name_id, self.response.ava)
+        user = User(self.response.name_id, self.response.ava, self.response)
         cookie = self.cache.set_cookie(user)
 
         resp = Redirect("/", headers=[
@@ -668,7 +676,9 @@ def main(environ, start_response, sp):
         return sso.do()
 
     body = dict_to_table(user.data)
-    body += '<br><a href="/logout">logout</a>'
+    authn_stmt = cgi.escape(user.authn_statement)
+    body.append('<br><pre>' + authn_stmt + "</pre>")
+    body.append('<br><a href="/logout">logout</a>')
 
     resp = Response(body)
     return resp(environ, start_response)