diff options
author | Rob Crittenden <rcritten@redhat.com> | 2015-01-30 15:07:12 -0500 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-02-13 17:51:14 -0500 |
commit | ac1bae1e0f2a4720db15852798346cb46f204dae (patch) | |
tree | a109f87b879c85331c80619a9218649822325504 /ipsilon/providers/saml2/auth.py | |
parent | d87d8df01c4ed93416910fa5eda34e98eacc5011 (diff) | |
download | ipsilon-ac1bae1e0f2a4720db15852798346cb46f204dae.tar.gz ipsilon-ac1bae1e0f2a4720db15852798346cb46f204dae.tar.xz ipsilon-ac1bae1e0f2a4720db15852798346cb46f204dae.zip |
Implement Single Logout Service for SP-initiated logout
https://fedorahosted.org/ipsilon/ticket/24
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'ipsilon/providers/saml2/auth.py')
-rw-r--r-- | ipsilon/providers/saml2/auth.py | 19 |
1 files changed, 19 insertions, 0 deletions
diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py index 46ad7eb..44ed834 100644 --- a/ipsilon/providers/saml2/auth.py +++ b/ipsilon/providers/saml2/auth.py @@ -20,6 +20,7 @@ from ipsilon.providers.common import AuthenticationError, InvalidRequest from ipsilon.providers.saml2.provider import ServiceProvider from ipsilon.providers.saml2.provider import InvalidProviderId from ipsilon.providers.saml2.provider import NameIdNotAllowed +from ipsilon.providers.saml2.sessions import SAMLSessionsContainer from ipsilon.util.user import UserSession from ipsilon.util.trans import Transaction import cherrypy @@ -239,6 +240,24 @@ class AuthenticateRequest(ProviderPageBase): self.debug('Assertion: %s' % login.assertion.dump()) + saml_sessions = us.get_provider_data('saml2') + if saml_sessions is None: + saml_sessions = SAMLSessionsContainer() + + session = saml_sessions.find_session_by_provider( + login.remoteProviderId) + if session: + # TODO: something... + self.debug('Login session for this user already exists!?') + session.dump() + + lasso_session = lasso.Session() + lasso_session.addAssertion(login.remoteProviderId, login.assertion) + saml_sessions.add_session(login.assertion.id, + login.remoteProviderId, + lasso_session) + us.save_provider_data('saml2', saml_sessions) + def saml2error(self, login, code, message): status = lasso.Samlp2Status() status.statusCode = lasso.Samlp2StatusCode() |