From 2751451f4158417e66974d6415d2da84f612ab3c Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Thu, 25 Jun 2015 11:00:59 -0400 Subject: Add support for logout over SOAP As each login session comes in, store the supported logout mechanisms in the SP metadata. Upon a logout request, loop through all of those SP's that support SOAP and log those out first, then log out any remaining sessions using HTTP Redirect. https://fedorahosted.org/ipsilon/ticket/59 Signed-off-by: Rob Crittenden Reviewed-by: Patrick Uiterwijk --- ipsilon/util/data.py | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'ipsilon/util/data.py') diff --git a/ipsilon/util/data.py b/ipsilon/util/data.py index 53a1756..e0cd6e1 100644 --- a/ipsilon/util/data.py +++ b/ipsilon/util/data.py @@ -551,6 +551,10 @@ class SAML2SessionStore(Store): return self.get_unique_data(self.table, idval, name, value) def new_session(self, datum): + if 'supported_logout_mechs' in datum: + datum['supported_logout_mechs'] = ','.join( + datum['supported_logout_mechs'] + ) return self.new_unique_data(self.table, datum) def get_session(self, session_id=None, request_id=None): @@ -567,7 +571,7 @@ class SAML2SessionStore(Store): def get_user_sessions(self, user): """ - Retrun a list of all sessions for a given user. + Return a list of all sessions for a given user. """ rows = self.get_unique_data(self.table, name='user', value=user) @@ -575,6 +579,8 @@ class SAML2SessionStore(Store): logged_in = [] for r in rows: data = self.get_unique_data(self.table, uuidval=r) + data[r]['supported_logout_mechs'] = data[r].get( + 'supported_logout_mechs', '').split(',') logged_in.append(data) return logged_in -- cgit