diff options
| author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2014-12-10 14:37:20 +0100 |
|---|---|---|
| committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2014-12-10 14:37:20 +0100 |
| commit | c3f51e34cd51cccd6f5bb076dd3bf6a5b247d727 (patch) | |
| tree | 89d3b458db953db9cb71b5522a500e705ffd0df6 | |
| parent | a941f1c3f04fe3ff7b6a36c29fef50ba07b71e08 (diff) | |
| download | pysaml2-c3f51e34cd51cccd6f5bb076dd3bf6a5b247d727.tar.gz | |
Allow the addition of SessionIndexes to a LogoutRequest
| -rw-r--r-- | src/saml2/client_base.py | 1 | ||||
| -rw-r--r-- | src/saml2/entity.py | 18 | ||||
| -rwxr-xr-x | tools/make_metadata.py | 1 |
3 files changed, 16 insertions, 4 deletions
diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py index 86756cd5..6fc1effc 100644 --- a/src/saml2/client_base.py +++ b/src/saml2/client_base.py @@ -253,6 +253,7 @@ class Base(Entity): args["provider_name"] = self._my_name() # Allow argument values either as class instances or as dictionaries + # all of these have cardinality 0..1 _msg = AuthnRequest() for param in ["scoping", "requested_authn_context", "conditions", "subject", "scoping"]: diff --git a/src/saml2/entity.py b/src/saml2/entity.py index b613aee3..07d6415d 100644 --- a/src/saml2/entity.py +++ b/src/saml2/entity.py @@ -35,7 +35,7 @@ from saml2.s_utils import rndstr from saml2.s_utils import success_status_factory from saml2.s_utils import decode_base64_and_inflate from saml2.s_utils import UnsupportedBinding -from saml2.samlp import AuthnRequest +from saml2.samlp import AuthnRequest, SessionIndex from saml2.samlp import AuthzDecisionQuery from saml2.samlp import AuthnQuery from saml2.samlp import AssertionIDRequest @@ -673,7 +673,8 @@ class Entity(HTTPBase): def create_logout_request(self, destination, issuer_entity_id, subject_id=None, name_id=None, reason=None, expire=None, message_id=0, - consent=None, extensions=None, sign=False): + consent=None, extensions=None, sign=False, + session_indexes=None): """ Constructs a LogoutRequest :param destination: Destination of the request @@ -689,6 +690,7 @@ class Entity(HTTPBase): :param consent: Whether the principal have given her consent :param extensions: Possible extensions :param sign: Whether the query should be signed or not. + :param session_indexes: SessionIndex instances or just values :return: A LogoutRequest instance """ @@ -703,10 +705,20 @@ class Entity(HTTPBase): if not name_id: raise SAMLError("Missing subject identification") + args = {} + if session_indexes: + sis = [] + for si in session_indexes: + if isinstance(si, SessionIndex): + sis.append(si) + else: + sis.append(SessionIndex(text=si)) + args["session_index"] = sis + return self._message(LogoutRequest, destination, message_id, consent, extensions, sign, name_id=name_id, reason=reason, not_on_or_after=expire, - issuer=self._issuer()) + issuer=self._issuer(), **args) def create_logout_response(self, request, bindings=None, status=None, sign=False, issuer=None): diff --git a/tools/make_metadata.py b/tools/make_metadata.py index d34ea63c..eff71d2d 100755 --- a/tools/make_metadata.py +++ b/tools/make_metadata.py @@ -2,7 +2,6 @@ import argparse import os import sys -from saml2.s_utils import rndstr from saml2.metadata import entity_descriptor, metadata_tostring_fix from saml2.metadata import entities_descriptor from saml2.metadata import sign_entity_descriptor |