blob: 9922ff8c60dbf6b25e5f6a7386224028d60ea4d7 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
import lasso
lasso.init()
## SOAP Logout initiated by identity provider.
soap_request = [...] # Get content of HTTP POST command.
server_dump = [...] # Load string server_dump from file or database or...
server = lasso.Server.new_from_dump(server_dump)
logout = lasso.Logout.new(server)
if logout.handle_request(soap_request, lasso.httpMethods['soap']):
raise Exception('Logout error')
name_identifier = logout.response.name_identifier
account = [...] # Retrieve user account having this name_identifier.
if not account:
# Unknown account.
logout.response_status = lasso.libStatusCodes['unknownPrincipal']
else:
user_dump = [...] # Retrieve string user_dump from account.
if not user_dump:
logout.response_status = lasso.libStatusCodes['unknownPrincipal']
else:
user = lasso.User.new_from_dump(user_dump)
del user.authn_assertion
user_dump = user.dump()
[...] # Store string user_dump into account (replace the previous one).
# User is now logged out => delete session, cookie...
[...]
if logout.build_response_msg():
raise Exception('Logout error')
[...] # Reply a HTTP SOAP response using logout.msg_body.
lasso.shutdown()
|
