def create_name_id_policy(usr_id_hash_type): """ Creates a name id policy :type usr_id_hash_type: satosa.internal_data.UserIdHashType :rtype: saml2.samlp.NameIDPolicy :param usr_id_hash_type: The internal id hash type :return: A name id policy """ nameid_format = get_saml_name_id_format(usr_id_hash_type) name_id_policy = NameIDPolicy(format=nameid_format) return name_id_policy
def _handle_authn_response(self, context, internal_response, idp): """ See super class satosa.frontends.base.FrontendModule :type context: satosa.context.Context :type internal_response: satosa.internal_data.InternalResponse :type idp: saml.server.Server :param context: The current context :param internal_response: The internal response :param idp: The saml frontend idp server :return: A saml response """ request_state = self.load_state(context.state) resp_args = request_state["resp_args"] ava = self.converter.from_internal(self.attribute_profile, internal_response.get_attributes()) auth_info = {} if self.acr_mapping: auth_info["class_ref"] = self.acr_mapping.get(internal_response.auth_info.issuer, self.acr_mapping[""]) else: auth_info["class_ref"] = internal_response.auth_info.auth_class_ref name_id = NameID( text=internal_response.get_user_id(), format=get_saml_name_id_format(internal_response.user_id_hash_type), sp_name_qualifier=None, name_qualifier=None, ) # Will signed the response by default resp = self.construct_authn_response( idp, context.state, ava, name_id=name_id, authn=auth_info, resp_args=resp_args, relay_state=request_state["relay_state"], sign_response=True, ) return resp
def _handle_authn_response(self, context, internal_response, idp): """ See super class satosa.frontends.base.FrontendModule :type context: satosa.context.Context :type internal_response: satosa.internal_data.InternalResponse :type idp: saml.server.Server :param context: The current context :param internal_response: The internal response :param idp: The saml frontend idp server :return: A saml response """ request_state = self.load_state(context.state) resp_args = request_state["resp_args"] ava = self.converter.from_internal(self.attribute_profile, internal_response.get_attributes()) auth_info = {} if self.acr_mapping: auth_info["class_ref"] = self.acr_mapping.get(internal_response.auth_info.issuer, self.acr_mapping[""]) else: auth_info["class_ref"] = internal_response.auth_info.auth_class_ref name_id = NameID(text=internal_response.get_user_id(), format=get_saml_name_id_format(internal_response.user_id_hash_type), sp_name_qualifier=None, name_qualifier=None) # Will signed the response by default resp = self.construct_authn_response(idp, context.state, ava, name_id=name_id, authn=auth_info, resp_args=resp_args, relay_state=request_state["relay_state"], sign_response=True) return resp