openstack/deb-python-pysaml2
Code Issues Proposed changes

Merge pull request #112 from richtera/master

Browse Source 
In order to get SAML working I had to modify the sp plugin
This commit is contained in:
Roland Hedberg
2014-04-22 09:38:21 +02:00
parent 817733a821 5174a48817
commit f3a65b162f
2 changed files with 15 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
src/s2repoze/plugins/sp.py
View File

@@ -490,7 +490,7 @@ class SAML2Plugin(object):
if ("CONTENT_LENGTH" not in environ or not environ["CONTENT_LENGTH"]) and \ if ("CONTENT_LENGTH" not in environ or not environ["CONTENT_LENGTH"]) and \
"SAMLResponse" not in query and "SAMLRequest" not in query: "SAMLResponse" not in query and "SAMLRequest" not in query:
logger.debug('[identify] get or empty post') logger.debug('[identify] get or empty post')
return {} return None
# if logger: # if logger:
# logger.info("ENVIRON: %s" % environ) # logger.info("ENVIRON: %s" % environ)
@@ -597,7 +597,11 @@ class SAML2Plugin(object):
""" Add information to the knowledge I have about the user """ """ Add information to the knowledge I have about the user """
name_id = identity['repoze.who.userid'] name_id = identity['repoze.who.userid']
if isinstance(name_id, basestring): if isinstance(name_id, basestring):
try:
# Make sure that userids authenticated by another plugin don't cause problems here.
name_id = decode(name_id) name_id = decode(name_id)
except:
pass
_cli = self.saml_client _cli = self.saml_client
logger.debug("[add_metadata] for %s" % name_id) logger.debug("[add_metadata] for %s" % name_id)
@@ -648,10 +652,12 @@ class SAML2Plugin(object):
#noinspection PyUnusedLocal #noinspection PyUnusedLocal
def authenticate(self, environ, identity=None): def authenticate(self, environ, identity=None):
if identity: if identity:
if identity.get('user') and environ.get('s2repoze.sessioninfo') and identity.get('user') == environ.get('s2repoze.sessioninfo').get('ava'):
return identity.get('login')
tktuser = identity.get('repoze.who.plugins.auth_tkt.userid', None) tktuser = identity.get('repoze.who.plugins.auth_tkt.userid', None)
if tktuser and self.saml_client.is_logged_in(decode(tktuser)): if tktuser and self.saml_client.is_logged_in(decode(tktuser)):
return tktuser return tktuser
return identity.get('login', None) return None
else: else:
return None return None

4
src/saml2/ident.py
View File

@@ -39,8 +39,12 @@ def code(item):
def decode(txt): def decode(txt):
_nid = NameID() _nid = NameID()
for part in txt.split(","): for part in txt.split(","):
if part.find("=") != -1:
i, val = part.split("=") i, val = part.split("=")
try:
setattr(_nid, ATTR[int(i)], unquote(val)) setattr(_nid, ATTR[int(i)], unquote(val))
except:
pass
return _nid return _nid