misc: fix passing of RequestedAuthnContext (#10243)

This commit is contained in:
Frédéric Péters 2016-03-09 08:59:16 +01:00
parent 78a35d9313
commit a3bc087890
2 changed files with 21 additions and 2 deletions

View File

@ -262,9 +262,9 @@ class LoginView(LogMixin, View):
# configure requested AuthnClassRef
authn_classref = utils.get_setting(idp, 'AUTHN_CLASSREF')
if authn_classref:
req_authncontext = lasso.RequestedAuthnContext()
req_authncontext = lasso.Samlp2RequestedAuthnContext()
authn_request.requestedAuthnContext = req_authncontext
req_authncontext.authnContextClassRef = authn_classref
req_authncontext.authnContextClassRef = tuple(authn_classref)
if next_url and utils.is_nonnull(next_url):
login.msgRelayState = next_url
login.buildAuthnRequestMsg()

View File

@ -186,3 +186,22 @@ def test_sp_initiated_login_chosen(private_settings, client):
assert len(params['SAMLRequest']) == 1
assert base64.b64decode(params['SAMLRequest'][0])
assert params['RelayState'] == ['/whatever']
def test_sp_initiated_login_requested_authn_context(private_settings, client):
private_settings.MELLON_IDENTITY_PROVIDERS = [{
'METADATA': open('tests/metadata.xml').read(),
'AUTHN_CLASSREF': ['urn:be:fedict:iam:fas:citizen:eid',
'urn:be:fedict:iam:fas:citizen:token'],
}]
response = client.get('/login/')
assert response.status_code == 302
params = parse_qs(urlparse(response['Location']).query)
assert response['Location'].startswith('https://cresson.entrouvert.org/idp/saml2/sso?')
assert params.keys() == ['SAMLRequest']
assert len(params['SAMLRequest']) == 1
assert base64.b64decode(params['SAMLRequest'][0])
request = lasso.Samlp2AuthnRequest()
assert request.initFromQuery(urlparse(response['Location']).query)
assert request.requestedAuthnContext.authnContextClassRef == (
'urn:be:fedict:iam:fas:citizen:eid', 'urn:be:fedict:iam:fas:citizen:token')