misc: include target URL in AuthnRequest Extensions node (#18560)
This commit is contained in:
parent
5292e605d4
commit
9e504d4a20
|
@ -293,6 +293,10 @@ def test_saml_backoffice_redirect(pub):
|
|||
assert urlparse.parse_qs(urlparse.urlparse(resp.location).query)['SAMLRequest']
|
||||
assert urlparse.parse_qs(urlparse.urlparse(resp.location).query)['RelayState'] == ['http://example.net/backoffice/']
|
||||
|
||||
request = lasso.Samlp2AuthnRequest()
|
||||
request.initFromQuery(urlparse.urlparse(resp.location).query)
|
||||
assert ':next_url>http://example.net/backoffice/<' in request.getOriginalXmlnode()
|
||||
|
||||
def test_saml_register(pub):
|
||||
get_app(pub).get('/register/', status=404)
|
||||
pub.cfg['saml_identities'] = {'identity-creation': 'self'}
|
||||
|
|
|
@ -20,6 +20,7 @@ import urllib
|
|||
import urlparse
|
||||
import time
|
||||
import sys
|
||||
from xml.sax.saxutils import escape
|
||||
|
||||
try:
|
||||
import lasso
|
||||
|
@ -228,6 +229,16 @@ class Saml2Directory(Directory):
|
|||
login.request.isPassive = get_request().form.get('IsPassive') == 'true'
|
||||
login.request.consent = 'urn:oasis:names:tc:SAML:2.0:consent:current-implicit'
|
||||
login.msgRelayState = get_request().form.get('next')
|
||||
|
||||
next_url = login.msgRelayState or get_publisher().get_frontoffice_url()
|
||||
login.request.extensions = lasso.Samlp2Extensions()
|
||||
login.request.extensions.setOriginalXmlnode(
|
||||
'''<samlp:Extensions
|
||||
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"
|
||||
xmlns:eo="https://www.entrouvert.com/">
|
||||
<eo:next_url>%s</eo:next_url>
|
||||
</samlp:Extensions>''' % escape(next_url))
|
||||
|
||||
login.buildAuthnRequestMsg()
|
||||
return redirect(login.msgUrl)
|
||||
|
||||
|
|
Loading…
Reference in New Issue