def createLogoutRequest(RelayState, issuer_name, session_index, name_id):
response_creator = responsecreator.create("default", config)
logout_request = response_creator.createLogoutRequest(session_index, name_id)
signed_request = saml2.utils.sign(logout_request.ToString(),
config.get('apps.privkey_filename'))
logoutURL = config.get("logout_request_urls").get(issuer_name)
ret = {"SAMLRequest": base64.b64encode(signed_request),
"RelayState": RelayState,
"logoutURL": logoutURL,
"tg_template": 'gheimdall.templates.gheimdall-logout-request'}
return ret
def createLogoutResponse(RelayState, issuer_name, req_id, status_code):
response_creator = responsecreator.create("default", config)
logout_response = response_creator.createLogoutResponse(
req_id, status_code)
signed_response = saml2.utils.sign(logout_response.ToString(),
config.get('apps.privkey_filename'))
logoutURL = config.get("logout_response_urls").get(issuer_name)
ret = {"SAMLResponse": base64.b64encode(signed_response),
"RelayState": RelayState,
"logoutURL": logoutURL,
"tg_template": 'gheimdall.templates.gheimdall-logout-response'}
return ret
log.error(e)
flash(_('The value of SAMLRequest is wrong'))
raise errors.GheimdallException()
if authn_request is None:
log.error(e)
flash(_('The value of SAMLRequest is wrong'))
raise errors.GheimdallException()
acsURL = authn_request.assertion_consumer_service_url
issuer = authn_request.issuer.text.strip()
# create response
creators = config.get('apps.response_creators', dict())
module_name = creators.get(
issuer, config.get("apps.default_response_creator","default"))
response_creator = responsecreator.create(module_name, config)
if set_time:
auth_time = time.time()
valid_time = auth_time + config.get('idp_session_lifetime')
else:
auth_time = cherrypy.session.get('auth_time')
valid_time = cherrypy.session.get('valid_time')
# create saml response
saml_response = response_creator.createAuthnResponse(user_name,
authn_request,
valid_time,
auth_time,
acsURL)
