openstack/deb-python-pysaml2
Code Issues Proposed changes

correctly restoring environ["wsgi.input"] after reading POST content

Browse Source
This commit is contained in:
Patrick Brosi
2014-09-29 17:40:58 +02:00
parent 6c1b963a64
commit f5012004d3
1 changed files with 47 additions and 69 deletions
Download Patch File Download Diff File Expand all files Collapse all files

48
src/s2repoze/plugins/sp.py
View File

@@ -73,23 +73,6 @@ def cgi_field_storage_to_dict(field_storage):
return params return params
def get_body(environ):
length = int(environ["CONTENT_LENGTH"])
try:
body = environ["wsgi.input"].read(length)
except Exception, excp:
logger.exception("Exception while reading post: %s" % (excp,))
raise
# restore what I might have upset
from StringIO import StringIO
environ['wsgi.input'] = StringIO(body)
environ['s2repoze.body'] = body
return body
def exception_trace(tag, exc, log): def exception_trace(tag, exc, log):
message = traceback.format_exception(*sys.exc_info()) message = traceback.format_exception(*sys.exc_info())
log.error("[%s] ExcList: %s" % (tag, "".join(message),)) log.error("[%s] ExcList: %s" % (tag, "".join(message),))
@@ -162,20 +145,17 @@ class SAML2Plugin(object):
:param environ: A dictionary with environment variables :param environ: A dictionary with environment variables
""" """
post_env = environ.copy() body= ''
post_env['QUERY_STRING'] = ''
_ = get_body(environ)
try: try:
post = cgi.FieldStorage( length= int(environ.get('CONTENT_LENGTH', '0'))
fp=environ['wsgi.input'], except ValueError:
environ=post_env, length= 0
keep_blank_values=True if length!=0:
) body = environ['wsgi.input'].read(length) # get the POST variables
except Exception, excp: environ['s2repoze.body'] = body # store the request body for later use by pysaml2
logger.debug("Exception (II): %s" % (excp,)) environ['wsgi.input'] = StringIO(body) # restore the request body as a stream so that everything seems untouched
raise
post = parse_qs(body) # parse the POST fields into a dict
logger.debug('identify post: %s' % (post,)) logger.debug('identify post: %s' % (post,))
@@ -432,7 +412,7 @@ class SAML2Plugin(object):
# Evaluate the response, returns a AuthnResponse instance # Evaluate the response, returns a AuthnResponse instance
try: try:
authresp = self.saml_client.parse_authn_request_response( authresp = self.saml_client.parse_authn_request_response(
post["SAMLResponse"], binding, self.outstanding_queries, post["SAMLResponse"][0], binding, self.outstanding_queries,
self.outstanding_certs) self.outstanding_certs)
except Exception, excp: except Exception, excp:
@@ -495,8 +475,6 @@ class SAML2Plugin(object):
binding = BINDING_HTTP_REDIRECT binding = BINDING_HTTP_REDIRECT
else: else:
post = self._get_post(environ) post = self._get_post(environ)
if post.list is None:
post.list = []
binding = BINDING_HTTP_POST binding = BINDING_HTTP_POST
try: try:
@@ -514,7 +492,7 @@ class SAML2Plugin(object):
print("logout request received") print("logout request received")
try: try:
response = self.saml_client.handle_logout_request( response = self.saml_client.handle_logout_request(
post["SAMLRequest"], post["SAMLRequest"][0],
self.saml_client.users.subjects()[0], binding) self.saml_client.users.subjects()[0], binding)
environ['samlsp.pending'] = self._handle_logout(response) environ['samlsp.pending'] = self._handle_logout(response)
return {} return {}
@@ -536,7 +514,7 @@ class SAML2Plugin(object):
try: try:
if logout: if logout:
response = self.saml_client.parse_logout_request_response( response = self.saml_client.parse_logout_request_response(
post["SAMLResponse"], binding) post["SAMLResponse"][0], binding)
if response: if response:
action = self.saml_client.handle_logout_response( action = self.saml_client.handle_logout_response(
response) response)