entrouvert
/
django-mellon
16
0
Fork 0
Code Issues Pull Requests Releases Activity

views,utils: keep the NameQualifier and SPNameQualifier attribut of NameID as they could be mandatory for some IdPs

This commit is contained in:
Benjamin Dauvergne 2014-05-02 16:00:48 +02:00
parent cf7da749cb
commit 0e3b0272f0
3 changed files with 17 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
mellon/templates/mellon/session_dump.xml Normal file
View File

@ -0,0 +1,10 @@
<ns0:Session xmlns:ns0="http://www.entrouvert.org/namespaces/lasso/0.0" xmlns:ns1="urn:oasis:names:tc:SAML:2.0:assertion" Version="2">
<ns0:NidAndSessionIndex AssertionID=""
ProviderID="{{ entity_id }}"
SessionIndex="{{ session_index }}">
<ns1:NameID Format="{{ name_id_format }}"
{% if name_id_name_qualifier %}NameQualifier="{{ name_id_name_qualifier }}"{% endif %}
{% if name_id_sp_name_qualifier %}SPNameQualiflier="{{ name_id_sp_name_qualifier }}"{% endif %}
>{{ name_id_content }}</ns1:NameID>
</ns0:NidAndSessionIndex>
</ns0:Session>

5
mellon/utils.py
View File

@ -119,12 +119,17 @@ def create_logout(request):
session_index = mellon_session.get('session_index')
name_id_format = mellon_session.get('name_id_format')
name_id_content = mellon_session.get('name_id_content')
name_id_name_qualifier = mellon_session.get('name_id_name_qualifier')
name_id_sp_name_qualifier = mellon_session.get('name_id_sp_name_qualifier')
session_dump = render_to_string('mellon/session_dump.xml', {
'entity_id': entity_id,
'session_index': session_index,
'name_id_format': name_id_format,
'name_id_content': name_id_content,
'name_id_name_qualifier': name_id_name_qualifier,
'name_id_sp_name_qualifier': name_id_sp_name_qualifier,
})
print 'session_dump', session_dump
logout = lasso.Logout(server)
if not app_settings.PRIVATE_KEY:
logout.setSignatureHint(lasso.PROFILE_SIGNATURE_HINT_FORBID)

2
mellon/views.py
View File

@ -67,6 +67,8 @@ class LoginView(View):
'issuer': name_id.nameQualifier or login.remoteProviderId,
'name_id_content': name_id.content,
'name_id_format': name_id.format,
'name_id_name_qualifier': name_id.nameQualifier,
'name_id_sp_name_qualifier': name_id.spNameQualifier,
})
authn_statement = login.assertion.authnStatement[0]
if authn_statement.authnInstant: