def handle_logout_request(self, request, name_id, binding, sign=False, relay_state=""): """ Deal with a LogoutRequest :param request: The request as text string :param name_id: The id of the current user :param binding: Which binding the message came in over :param sign: Whether the response will be signed or not :return: Keyword arguments which can be used to send the response what's returned follow different patterns for different bindings. If the binding is BINDIND_SOAP, what is returned looks like this:: { "data": <the SOAP enveloped response> "url": "", 'headers': [('content-type', 'application/soap+xml')] 'method': "POST } """ logger.info("logout request: %s" % request) _req = self._parse_request(request, LogoutRequest, "single_logout_service", binding) if _req.message.name_id == name_id: try: if self.local_logout(name_id): status = success_status_factory() else: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) except KeyError: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) else: status = status_message_factory("Wrong user", STATUS_UNKNOWN_PRINCIPAL) if binding == BINDING_SOAP: response_bindings = [BINDING_SOAP] elif binding == BINDING_HTTP_POST or BINDING_HTTP_REDIRECT: response_bindings = [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT] else: response_bindings = self.config.preferred_binding[ "single_logout_service"] response = self.create_logout_response(_req.message, response_bindings, status, sign) rinfo = self.response_args(_req.message, response_bindings) return self.apply_binding(rinfo["binding"], response, rinfo["destination"], relay_state, response=True)
def handle_logout_request(self, request, name_id, binding, sign=False, relay_state=""): """ Deal with a LogoutRequest :param request: The request as text string :param name_id: The id of the current user :param binding: Which binding the message came in over :param sign: Whether the response will be signed or not :return: Keyword arguments which can be used to send the response what's returned follow different patterns for different bindings. If the binding is BINDIND_SOAP, what is returned looks like this:: { "data": <the SOAP enveloped response> "url": "", 'headers': [('content-type', 'application/soap+xml')] 'method': "POST } """ logger.info("logout request: %s", request) _req = self._parse_request(request, LogoutRequest, "single_logout_service", binding) if _req.message.name_id == name_id: try: if self.local_logout(name_id): status = success_status_factory() else: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) except KeyError: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) else: status = status_message_factory("Wrong user", STATUS_UNKNOWN_PRINCIPAL) if binding == BINDING_SOAP: response_bindings = [BINDING_SOAP] elif binding == BINDING_HTTP_POST or BINDING_HTTP_REDIRECT: response_bindings = [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT] else: response_bindings = self.config.preferred_binding[ "single_logout_service"] response = self.create_logout_response(_req.message, response_bindings, status, sign) rinfo = self.response_args(_req.message, response_bindings) return self.apply_binding(rinfo["binding"], response, rinfo["destination"], relay_state, response=True)
def test_error_status(): status = utils.status_message_factory("Error resolving principal", samlp.STATUS_UNKNOWN_PRINCIPAL, samlp.STATUS_RESPONDER) status_text = "%s" % status print status_text assert status_text == ERROR_STATUS
def handle_logout_request( self, request, name_id, binding, sign=None, sign_alg=None, digest_alg=None, relay_state=None, sigalg=None, signature=None, ): """ Deal with a LogoutRequest :param request: The request as text string :param name_id: The id of the current user :param binding: Which binding the message came in over :param sign: Whether the response will be signed or not :param sign_alg: The signing algorithm for the response :param digest_alg: The digest algorithm for the the response :param relay_state: The relay state of the request :param sigalg: The SigAlg query param of the request :param signature: The Signature query param of the request :return: Keyword arguments which can be used to send the response what's returned follow different patterns for different bindings. If the binding is BINDIND_SOAP, what is returned looks like this:: { "data": <the SOAP enveloped response> "url": "", 'headers': [('content-type', 'application/soap+xml')] 'method': "POST } """ logger.info("logout request: %s", request) _req = self.parse_logout_request( xmlstr=request, binding=binding, relay_state=relay_state, sigalg=sigalg, signature=signature, ) if _req.message.name_id == name_id: try: if self.local_logout(name_id): status = success_status_factory() else: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) except KeyError: status = status_message_factory("Server error", STATUS_REQUEST_DENIED) else: status = status_message_factory("Wrong user", STATUS_UNKNOWN_PRINCIPAL) response_bindings = { BINDING_SOAP: [BINDING_SOAP], BINDING_HTTP_POST: [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT], BINDING_HTTP_REDIRECT: [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST], }.get(binding) if sign is None: sign = self.logout_responses_signed response = self.create_logout_response( _req.message, bindings=response_bindings, status=status, sign=sign, sign_alg=sign_alg, digest_alg=digest_alg, ) rinfo = self.response_args(_req.message, response_bindings) return self.apply_binding( rinfo["binding"], response, rinfo["destination"], relay_state, response=True, sign=sign, sigalg=sign_alg, )