def create_name_id_policy(usr_id_hash_type):
"""
Creates a name id policy
:type usr_id_hash_type: satosa.internal_data.UserIdHashType
:rtype: saml2.samlp.NameIDPolicy
:param usr_id_hash_type: The internal id hash type
:return: A name id policy
"""
nameid_format = get_saml_name_id_format(usr_id_hash_type)
name_id_policy = NameIDPolicy(format=nameid_format)
return name_id_policy
def create_name_id_policy(usr_id_hash_type):
"""
Creates a name id policy
:type usr_id_hash_type: satosa.internal_data.UserIdHashType
:rtype: saml2.samlp.NameIDPolicy
:param usr_id_hash_type: The internal id hash type
:return: A name id policy
"""
nameid_format = get_saml_name_id_format(usr_id_hash_type)
name_id_policy = NameIDPolicy(format=nameid_format)
return name_id_policy
def _handle_authn_response(self, context, internal_response, idp):
"""
See super class satosa.frontends.base.FrontendModule
:type context: satosa.context.Context
:type internal_response: satosa.internal_data.InternalResponse
:type idp: saml.server.Server
:param context: The current context
:param internal_response: The internal response
:param idp: The saml frontend idp server
:return: A saml response
"""
request_state = self.load_state(context.state)
resp_args = request_state["resp_args"]
ava = self.converter.from_internal(self.attribute_profile, internal_response.get_attributes())
auth_info = {}
if self.acr_mapping:
auth_info["class_ref"] = self.acr_mapping.get(internal_response.auth_info.issuer, self.acr_mapping[""])
else:
auth_info["class_ref"] = internal_response.auth_info.auth_class_ref
name_id = NameID(
text=internal_response.get_user_id(),
format=get_saml_name_id_format(internal_response.user_id_hash_type),
sp_name_qualifier=None,
name_qualifier=None,
)
# Will signed the response by default
resp = self.construct_authn_response(
idp,
context.state,
ava,
name_id=name_id,
authn=auth_info,
resp_args=resp_args,
relay_state=request_state["relay_state"],
sign_response=True,
)
return resp
def _handle_authn_response(self, context, internal_response, idp):
"""
See super class satosa.frontends.base.FrontendModule
:type context: satosa.context.Context
:type internal_response: satosa.internal_data.InternalResponse
:type idp: saml.server.Server
:param context: The current context
:param internal_response: The internal response
:param idp: The saml frontend idp server
:return: A saml response
"""
request_state = self.load_state(context.state)
resp_args = request_state["resp_args"]
ava = self.converter.from_internal(self.attribute_profile,
internal_response.get_attributes())
auth_info = {}
if self.acr_mapping:
auth_info["class_ref"] = self.acr_mapping.get(internal_response.auth_info.issuer, self.acr_mapping[""])
else:
auth_info["class_ref"] = internal_response.auth_info.auth_class_ref
name_id = NameID(text=internal_response.get_user_id(),
format=get_saml_name_id_format(internal_response.user_id_hash_type),
sp_name_qualifier=None,
name_qualifier=None)
# Will signed the response by default
resp = self.construct_authn_response(idp,
context.state,
ava,
name_id=name_id,
authn=auth_info,
resp_args=resp_args,
relay_state=request_state["relay_state"],
sign_response=True)
return resp
