correctly restoring environ["wsgi.input"] after reading POST content

src/s2repoze/plugins/sp.py

@@ -73,23 +73,6 @@ def cgi_field_storage_to_dict(field_storage):
 
     return params
 
-
-def get_body(environ):
-    length = int(environ["CONTENT_LENGTH"])
-    try:
-        body = environ["wsgi.input"].read(length)
-    except Exception, excp:
-        logger.exception("Exception while reading post: %s" % (excp,))
-        raise
-
-    # restore what I might have upset
-    from StringIO import StringIO
-    environ['wsgi.input'] = StringIO(body)
-    environ['s2repoze.body'] = body
-
-    return body
-
-
 def exception_trace(tag, exc, log):
     message = traceback.format_exception(*sys.exc_info())
     log.error("[%s] ExcList: %s" % (tag, "".join(message),))
@@ -162,20 +145,17 @@ class SAML2Plugin(object):
         :param environ: A dictionary with environment variables
         """
 
-        post_env = environ.copy()
-        post_env['QUERY_STRING'] = ''
-    
-        _ = get_body(environ)
-        
+        body= ''
         try:
-            post = cgi.FieldStorage(
-                fp=environ['wsgi.input'],
-                environ=post_env,
-                keep_blank_values=True
-            )
-        except Exception, excp:
-            logger.debug("Exception (II): %s" % (excp,))
-            raise
+            length= int(environ.get('CONTENT_LENGTH', '0'))
+        except ValueError:
+            length= 0
+        if length!=0:
+            body = environ['wsgi.input'].read(length)  # get the POST variables
+            environ['s2repoze.body'] = body            # store the request body for later use by pysaml2
+            environ['wsgi.input'] = StringIO(body)     # restore the request body as a stream so that everything seems untouched
+
+        post = parse_qs(body)                          # parse the POST fields into a dict
 
         logger.debug('identify post: %s' % (post,))
 
@@ -432,7 +412,7 @@ class SAML2Plugin(object):
             # Evaluate the response, returns a AuthnResponse instance
             try:
                 authresp = self.saml_client.parse_authn_request_response(
-                    post["SAMLResponse"], binding, self.outstanding_queries,
+                    post["SAMLResponse"][0], binding, self.outstanding_queries,
                     self.outstanding_certs)
 
             except Exception, excp:
@@ -495,8 +475,6 @@ class SAML2Plugin(object):
             binding = BINDING_HTTP_REDIRECT
         else:
             post = self._get_post(environ)
-            if post.list is None:
-                post.list = []
             binding = BINDING_HTTP_POST
 
         try:
@@ -514,7 +492,7 @@ class SAML2Plugin(object):
                 print("logout request received")
                 try:
                     response = self.saml_client.handle_logout_request(
-                        post["SAMLRequest"],
+                        post["SAMLRequest"][0],
                         self.saml_client.users.subjects()[0], binding)
                     environ['samlsp.pending'] = self._handle_logout(response)
                     return {}
@@ -536,7 +514,7 @@ class SAML2Plugin(object):
                 try:
                     if logout:
                         response = self.saml_client.parse_logout_request_response(
-                            post["SAMLResponse"], binding)
+                            post["SAMLResponse"][0], binding)
                         if response:
                             action = self.saml_client.handle_logout_response(
                                 response)