Authn_Broker fixed

Authn_Broker for comparison 'exact' should return all methods matching from RequestedAuthnContext. Default comparison of omitted should be 'exact'
author: tpazderka <tomas.pazderka@nic.cz> 2014-12-18 11:38:50 +0100
committer: tpazderka <tomas.pazderka@nic.cz> 2014-12-18 11:41:57 +0100
commit: 9d96905d8b2e832e1bdedc24594b51cba1815439 (patch)
tree: 485c87ef6c0a02b7368ffdd8586fc4a56746106b
parent: cf7b831ee08b91d21182856b6d790b63e382468d (diff)
download: pysaml2-9d96905d8b2e832e1bdedc24594b51cba1815439.tar.gz
2 files changed, 28 insertions, 4 deletions
diff --git a/src/saml2/authn_context/__init__.py b/src/saml2/authn_context/__init__.py
index 1faabbca..97461396 100644
--- a/src/saml2/authn_context/__init__.py
+++ b/src/saml2/authn_context/__init__.py
@@ -166,14 +166,20 @@ class AuthnBroker(object):
             if req_authn_context.comparison:
                 _cmp = req_authn_context.comparison
             else:
-                _cmp = "minimum"
-            return self._pick_by_class_ref(
-                req_authn_context.authn_context_class_ref[0].text, _cmp)
+                _cmp = "exact"
+            if _cmp == 'exact':
+                res = []
+                for cls_ref in req_authn_context.authn_context_class_ref:
+                    res += (self._pick_by_class_ref(cls_ref.text, _cmp))
+                return res
+            else:
+                return self._pick_by_class_ref(
+                    req_authn_context.authn_context_class_ref[0].text, _cmp)
         elif req_authn_context.authn_context_decl_ref:
             if req_authn_context.comparison:
                 _cmp = req_authn_context.comparison
             else:
-                _cmp = "minimum"
+                _cmp = "exact"
             return self._pick_by_class_ref(
                 req_authn_context.authn_context_decl_ref, _cmp)
 
diff --git a/tests/test_77_authn_context.py b/tests/test_77_authn_context.py
index cc0f3551..ed7c4b4f 100644
--- a/tests/test_77_authn_context.py
+++ b/tests/test_77_authn_context.py
@@ -142,6 +142,24 @@ def test_authn_3():
     method, ref = info[0]
     assert REF2METHOD[AL1] == method
 
+    rac = requested_authn_context([AL1, AL2], "exact")
+
+    info = authn.pick(rac)
+    assert len(info) == 2
+    method, ref = info[0]
+    assert REF2METHOD[AL1] == method
+    method, ref = info[1]
+    assert REF2METHOD[AL2] == method
+
+    rac = requested_authn_context([AL3, AL2], "exact")
+
+    info = authn.pick(rac)
+    assert len(info) == 2
+    method, ref = info[0]
+    assert REF2METHOD[AL3] == method
+    method, ref = info[1]
+    assert REF2METHOD[AL2] == method
+
     rac = requested_authn_context(AL1, "better")
 
     info = authn.pick(rac)
author	tpazderka <tomas.pazderka@nic.cz>	2014-12-18 11:38:50 +0100
committer	tpazderka <tomas.pazderka@nic.cz>	2014-12-18 11:41:57 +0100
commit	9d96905d8b2e832e1bdedc24594b51cba1815439 (patch)
tree	485c87ef6c0a02b7368ffdd8586fc4a56746106b
parent	cf7b831ee08b91d21182856b6d790b63e382468d (diff)
download	pysaml2-9d96905d8b2e832e1bdedc24594b51cba1815439.tar.gz