entrouvert
/
authentic
16
0
Fork 0
Code Issues Pull Requests 35 Releases Activity

[idp.saml2] handle the 'cancel' return from login pages by return RequestDenied 

If the user cancel the login process, a RequestDenied status code is
returned in a SAML2 response.
This commit is contained in:
Benjamin Dauvergne 2011-04-21 11:36:40 +02:00
parent bb89acd2b3
commit 2f7a446ab4
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
authentic2/idp/saml/saml2_endpoints.py
View File

@ -387,6 +387,11 @@ def continue_sso(request):
if not load_provider(request, login.remoteProviderId, server=login.server,
autoload=True):
return error_page(request, _('continue_sso: unknown provider %s') %login.remoteProviderId, logger=logger)
if 'cancel' in request.GET:
logger.info('continue_sso: login canceled')
set_saml2_response_responder_status_code(login.response,
lasso.SAML2_STATUS_CODE_REQUEST_DENIED)
return finish_sso(request, login)
if consent_answer == 'refused':
logger.info('continue_sso: consent answer treatment, the user refused, return request denied to the requester')
set_saml2_response_responder_status_code(login.response,