saml: pass strings to lasso (#37978)

2019-11-26 16:43:53 +01:00 · 2019-11-26 16:43:53 +01:00 · bc194f23aa
parent 3547597d82
commit bc194f23aa
1 changed files with 7 additions and 7 deletions
--- a/wcs/qommon/saml2.py
+++ b/wcs/qommon/saml2.py
@ -34,7 +34,7 @@ from quixote import get_session, get_session_manager

 from . import misc
 from .publisher import get_cfg, get_logger
-from . import _
+from . import _, force_str
 from . import template
 from .template import error_page
 from wcs.roles import Role
@ -254,7 +254,7 @@ class Saml2Directory(Directory):
            else:
                get_logger().info('Bad HTTP method on assertionConsumerArtifact endpoint')
                return error_page(_('Invalid authentication response'))
-            login.initRequest(message, method)
+            login.initRequest(force_str(message), method)
        except lasso.Error as error:
            self.log_profile_error(login, error, 'login.initRequest')
            return error_page(_('Invalid authentication response'))
@ -269,7 +269,7 @@ class Saml2Directory(Directory):
            return error_page(_('Failure to communicate with identity provider'))

        try:
-            login.processResponseMsg(soap_answer)
+            login.processResponseMsg(force_str(soap_answer))
        except lasso.Error as error:
            return self.assertion_consumer_process_response_error(login, error)
        return self.sso_after_response(login)
@ -642,7 +642,7 @@ class Saml2Directory(Directory):
        session = get_session()

        try:
-            logout.processResponseMsg(message)
+            logout.processResponseMsg(force_str(message))
        except lasso.Error as error:
            self.log_profile_error(logout, error, 'logout.processResponseMsg')
            if error[0] == lasso.LOGOUT_ERROR_UNKNOWN_PRINCIPAL:
@ -760,7 +760,7 @@ class Saml2Directory(Directory):
    def slo_idp(self, message, soap = False):
        logout = lasso.Logout(misc.get_lasso_server())
        try:
-            logout.processRequestMsg(message)
+            logout.processRequestMsg(force_str(message))
        except lasso.Error as error:
            # XXX: add option to ignore signature errors for a specific sp
            self.log_profile_error(logout, error, 'logout.processRequestMsg')
@ -863,7 +863,7 @@ class Saml2Directory(Directory):
            return

        manage = lasso.NameIdManagement(misc.get_lasso_server())
-        manage.processRequestMsg(soap_message)
+        manage.processRequestMsg(force_str(soap_message))

        ni = manage.nameIdentifier.content
        nis = list(get_publisher().user_class.get_users_with_name_identifier(ni))
@ -928,7 +928,7 @@ class Saml2Directory(Directory):
    def manage_name_id_return(self, manage, message):
        load_identity(manage)
        try:
-            manage.processResponseMsg(message)
+            manage.processResponseMsg(force_str(message))
        except lasso.Error as error:
            self.log_profile_error(manage, error, 'manageNameID.processResponseMsg')
            get_session().message = ('error', _('Defederation failed'))