From ee2fba7c0fba3eb855a1ab5d32df65c4860bdf0b Mon Sep 17 00:00:00 2001
From: Nicolas Clapies <nclapies@entrouvert.com>
Date: Fri, 23 Jul 2004 14:13:20 +0000
Subject: update of logout with better support of propagation from idp

---
 python/examples/logout-from-idp.py |  4 +-
 python/examples/logout.py          | 81 ++++++++++++++++++++++----------------
 2 files changed, 50 insertions(+), 35 deletions(-)

(limited to 'python/examples')

diff --git a/python/examples/logout-from-idp.py b/python/examples/logout-from-idp.py
index 398b9695..f1e21b05 100644
--- a/python/examples/logout-from-idp.py
+++ b/python/examples/logout-from-idp.py
@@ -43,7 +43,9 @@ while(next_provider_id):
     print 'url : ', logout.msg_url
     print 'body : ', logout.msg_body
 
-    user.remove_assertion(next_provider_id)
+    # use the fake response :
+    lasso_logout_process_response_msg()
+
     next_provider_id = user.get_next_assertion_remote_providerID()
 
 print "End of logout ..."
diff --git a/python/examples/logout.py b/python/examples/logout.py
index efdbcb96..c4f13254 100644
--- a/python/examples/logout.py
+++ b/python/examples/logout.py
@@ -6,55 +6,68 @@ import lasso
 
 lasso.init()
 
-spserver = lasso.Server.new("../../examples/sp.xml",
+# SP1 server and user :
+sp1server = lasso.Server.new("../../examples/sp1.xml",
 			    "../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
 			    lasso.signatureMethodRsaSha1)
+sp1server.add_provider("../../examples/idp.xml", None, None)
 
-spserver.add_provider("../../examples/idp.xml", None, None)
-spserver.add_provider("../../examples/idp2.xml", None, None)
+sp1user_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"C9DS8CD7CSD6CDSCKDKCS\"></Assertion></LassoAssertion></LassoAssertions><LassoIdentities><LassoIdentity RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><LassoRemoteNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">11111111111111111111111111</NameIdentifier></LassoRemoteNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
 
-spuser_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"CD8SCD7SC6SDCD5CDSDCD88SDCDSD\"></Assertion></LassoAssertion></LassoAssertions><LassoIdentities><LassoIdentity RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">11111111111111111111111111</NameIdentifier></LassoLocalNameIdentifier></LassoIdentity><LassoIdentity RemoteProviderID=\"https://identity-provider2:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">22222222222222222222222222</NameIdentifier></LassoLocalNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
+# SP2 server and user :
+sp2server = lasso.Server.new("../../examples/sp2.xml",
+			    "../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
+			    lasso.signatureMethodRsaSha1)
+sp2server.add_provider("../../examples/idp.xml", None, None)
 
-spuser = lasso.User.new_from_dump(spuser_dump)
+sp2user_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"4IK43JCJSDCSDKCSCSDL\"></Assertion></LassoAssertion></LassoAssertions><LassoIdentities><LassoIdentity RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><LassoRemoteNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">222222222222222222222222</NameIdentifier></LassoRemoteNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
 
-# LogoutRequest :
-splogout = lasso.Logout.new(spserver, spuser, lasso.providerTypeSp)
-splogout.init_request()
-splogout.build_request_msg()
+# IDP server and user :
+idpserver = lasso.Server.new("../../examples/idp.xml",
+			    "../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
+			    lasso.signatureMethodRsaSha1)
+idpserver.add_provider("../../examples/sp1.xml", None, None)
+idpserver.add_provider("../../examples/sp2.xml", None, None)
+idpserver.add_provider("../../examples/sp3.xml", None, None)
 
-request_msg = splogout.msg_body
-msg_url  = splogout.msg_url
-msg_body = splogout.msg_body
+idpuser_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"https://service-provider1:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"C9DS8CD7CSD6CDSCKDKCS\"></Assertion></LassoAssertion><LassoAssertion RemoteProviderID=\"https://service-provider2:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"4IK43JCJSDCSDKCSCSDL\"></Assertion></LassoAssertion></LassoAssertions><LassoIdentities><LassoIdentity RemoteProviderID=\"https://service-provider1:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">11111111111111111111111111</NameIdentifier></LassoLocalNameIdentifier></LassoIdentity><LassoIdentity RemoteProviderID=\"https://service-provider2:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">222222222222222222222222</NameIdentifier></LassoLocalNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
 
-splogout.destroy()
 
-print 'request url : ', msg_url
-print 'request body : ', msg_body
 
-request_type = lasso.get_request_type_from_soap_msg(msg_body)
-if request_type == lasso.requestTypeLogout:
-    print "it's a LogoutRequest !"
+# SP1 build a request :
+sp1user = lasso.User.new_from_dump(sp1user_dump)
 
+sp1logout = lasso.Logout.new(sp1server, sp1user, lasso.providerTypeSp)
+sp1logout.init_request()
+sp1logout.build_request_msg()
 
-# LogoutResponse :
-idpserver = lasso.Server.new("../../examples/idp.xml",
-			    "../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
-			    lasso.signatureMethodRsaSha1)
-idpserver.add_provider("../../examples/sp.xml", None, None)
+msg_url  = sp1logout.msg_url
+msg_body = sp1logout.msg_body
 
-idpuser_dump = "<LassoUser><LassoAssertions></LassoAssertions><LassoIdentities></LassoIdentities></LassoUser>"
-idpuser = lasso.User.new_from_dump(idpuser_dump)
+sp1logout.destroy()
 
+# IDP process request and return a response :
+idpuser = lasso.User.new_from_dump(idpuser_dump)
 idplogout = lasso.Logout.new(idpserver, idpuser, lasso.providerTypeIdp)
-idplogout.process_request_msg(request_msg, lasso.httpMethodSoap)
-idplogout.build_response_msg()
 
-msg_url  = idplogout.msg_url
-msg_body = idplogout.msg_body
-print 'body : ', idplogout.msg_body
 
-# process the response :
-splogout = lasso.Logout.new(spserver, spuser, lasso.providerTypeSp)
-splogout.process_response_msg(msg_body, lasso.httpMethodSoap)
+if lasso.get_request_type_from_soap_msg(msg_body)==lasso.requestTypeLogout:
+    print "it's a logout request !"
+
+#fake response, only for test !
+response_msg_body = "<Envelope><LogoutResponse><ProviderID>https://service-provider2:2003/liberty-alliance/metadata</ProviderID><Status><StatusCode Value=\"Samlp:Success\"></StatusCode></Status></LogoutResponse></Envelope>"
+
+idplogout.process_request_msg(msg_body, lasso.httpMethodSoap)
+next_provider_id = idplogout.get_next_providerID()
+while next_provider_id:
+    idplogout.init_request(next_provider_id)
+    idplogout.build_request_msg()
+
+    print "send soap msg to url", idplogout.msg_url
+    # remote SP send back a LogoutResponse, process it.
+    idplogout.process_response_msg(response_msg_body, lasso.httpMethodSoap)
+
+    next_provider_id = idplogout.get_next_providerID()
+
 
-lasso.shutdown()
+print "End of logout"
-- 
cgit