def construct_message(self):
"""
A slightly modified version of the
prepare_for_negotiated_authenticate() method of saml2.client.Saml2Client
:return: Information necessary to do a requests.request operation
"""
args = {"binding": self.binding}
try:
args["entityid"] = self.req_args["entityid"]
except KeyError:
pass
destination = self.entity._sso_location(**args)
if not destination:
logger.error("'{}' does not support HTTP-Redirect binding for SSO " "location.".format(args["entityid"]))
raise ServiceProviderRequestHandlerError("IdP must support HTTP-Redirect binding for SSO location.")
logger.info("destination to IDP: %s", destination)
self.req_args = map_arguments(self.req_args, {"name_id.format": "nameid_format"})
# pysaml2 does not understand "response_binding" -> select related acs from metadata:
# acs_map = self.entity.config._sp_endpoints['assertion_consumer_service']
# resp_binding = self.req_args['response_binding']
# acs_map_inverse = {}
# for k, v in acs_map:
# acs_map_inverse[v] = k
# try:
# self.req_args['assertion_consumer_service_url'] = acs_map_inverse[resp_binding]
# except KeyError:
# logger.error('Could not find an assertion consumer service in sp metadata for binding '
# + resp_binding)
# raise
# del self.req_args['response_binding']
request_id, request = self.entity.create_authn_request(destination=destination, binding=None, **self.req_args)
self.conv.identify_with(request_id)
self.conv.events.store(EV_PROTOCOL_REQUEST, request, sender=self.__class__)
self.conv.events.store(EV_REQUEST_ARGS, self.req_args, sender=self.__class__)
_req_str = str(request)
self.conv.trace.request(_req_str)
logger.info("AuthNReq: %s", _req_str)
args = {}
for param in ["sigalg", "relay_state"]:
try:
args[param] = self.req_args[param]
except KeyError:
pass
http_info = self.entity.apply_binding(self.binding, _req_str, destination, **args)
self.conv.events.store(EV_HTTP_ARGS, http_info, sender=self.__class__)
self.conv.trace.info("http_info: {}".format(http_info))
if self.binding in [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST]:
return self.response(self.binding, http_info), request_id
else:
return http_info, request_id
def construct_message(self):
"""
A slightly modified version of the
prepare_for_negotiated_authenticate() method of saml2.client.Saml2Client
:return: Information necessary to do a requests.request operation
"""
args = {'binding': self.binding}
try:
args['entityid'] = self.req_args['entityid']
except KeyError:
pass
destination = self.entity._sso_location(**args)
logger.info("destination to provider: %s", destination)
self.req_args = map_arguments(self.req_args,
{'name_id.format': 'nameid_format'})
request_id, request = self.entity.create_authn_request(
destination=destination, **self.req_args)
self.conv.events.store(EV_REQUEST_ARGS, self.req_args,
sender=self.__class__, sub='construct_message')
self.conv.events.store(EV_PROTOCOL_REQUEST, request,
sender=self.__class__, sub='construct_message')
_req_str = str(request)
logger.info("AuthNReq: %s", _req_str)
args = {}
for param in ['sigalg', 'relay_state']:
try:
args[param] = self.req_args[param]
except KeyError:
pass
if self.binding == BINDING_HTTP_POST:
if 'relay_state' not in args:
args['relay_state'] = ''
args['typ'] = 'SAMLRequest'
http_info = self.entity.use_http_post(_req_str, destination, **args)
http_info["url"] = destination
http_info["method"] = "POST"
else:
http_info = self.entity.apply_binding(self.binding, _req_str,
destination, **args)
self.conv.events.store(EV_HTTP_ARGS, http_info, sender=self.__class__,
sub='construct_message')
return http_info, request_id
