diff options
author | Rob Crittenden <rcritten@redhat.com> | 2015-03-18 10:16:38 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-03-23 18:00:06 -0400 |
commit | 2ab0852570e3e18dfd7d959ae7c3bd62ea33dcca (patch) | |
tree | af22bc1bec36ccd5079c2978cc59042f3fe9911f | |
parent | c84eaa4d5f44524ea37f8c2444cbd53520d75a0c (diff) | |
download | ipsilon-2ab0852570e3e18dfd7d959ae7c3bd62ea33dcca.tar.gz ipsilon-2ab0852570e3e18dfd7d959ae7c3bd62ea33dcca.tar.xz ipsilon-2ab0852570e3e18dfd7d959ae7c3bd62ea33dcca.zip |
Implement urn:oasis:names:tc:SAML:2.0:nameid-format:transient
NameQualifier and SPNameQualifier are optional and are not included.
https://fedorahosted.org/ipsilon/ticket/27
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
-rw-r--r-- | ipsilon/providers/saml2/auth.py | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py index f5e8f0f..71bfc9a 100644 --- a/ipsilon/providers/saml2/auth.py +++ b/ipsilon/providers/saml2/auth.py @@ -27,6 +27,7 @@ from ipsilon.util.trans import Transaction import cherrypy import datetime import lasso +import uuid class UnknownProvider(ProviderException): @@ -185,8 +186,7 @@ class AuthenticateRequest(ProviderPageBase): # TODO map to something else ? nameid = provider.normalize_username(user.name) elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT: - # TODO map to something else ? - nameid = provider.normalize_username(user.name) + nameid = '_' + uuid.uuid4().hex elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_KERBEROS: nameid = us.get_data('user', 'krb_principal_name') elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_EMAIL: |