def handle_logout_request(self,
request,
name_id,
binding,
sign=False,
relay_state=""):
"""
Deal with a LogoutRequest
:param request: The request as text string
:param name_id: The id of the current user
:param binding: Which binding the message came in over
:param sign: Whether the response will be signed or not
:return: Keyword arguments which can be used to send the response
what's returned follow different patterns for different bindings.
If the binding is BINDIND_SOAP, what is returned looks like this::
{
"data": <the SOAP enveloped response>
"url": "",
'headers': [('content-type', 'application/soap+xml')]
'method': "POST
}
"""
logger.info("logout request: %s" % request)
_req = self._parse_request(request, LogoutRequest,
"single_logout_service", binding)
if _req.message.name_id == name_id:
try:
if self.local_logout(name_id):
status = success_status_factory()
else:
status = status_message_factory("Server error",
STATUS_REQUEST_DENIED)
except KeyError:
status = status_message_factory("Server error",
STATUS_REQUEST_DENIED)
else:
status = status_message_factory("Wrong user",
STATUS_UNKNOWN_PRINCIPAL)
if binding == BINDING_SOAP:
response_bindings = [BINDING_SOAP]
elif binding == BINDING_HTTP_POST or BINDING_HTTP_REDIRECT:
response_bindings = [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT]
else:
response_bindings = self.config.preferred_binding[
"single_logout_service"]
response = self.create_logout_response(_req.message, response_bindings,
status, sign)
rinfo = self.response_args(_req.message, response_bindings)
return self.apply_binding(rinfo["binding"],
response,
rinfo["destination"],
relay_state,
response=True)
def handle_logout_request(self, request, name_id, binding, sign=False,
relay_state=""):
"""
Deal with a LogoutRequest
:param request: The request as text string
:param name_id: The id of the current user
:param binding: Which binding the message came in over
:param sign: Whether the response will be signed or not
:return: Keyword arguments which can be used to send the response
what's returned follow different patterns for different bindings.
If the binding is BINDIND_SOAP, what is returned looks like this::
{
"data": <the SOAP enveloped response>
"url": "",
'headers': [('content-type', 'application/soap+xml')]
'method': "POST
}
"""
logger.info("logout request: %s", request)
_req = self._parse_request(request, LogoutRequest,
"single_logout_service", binding)
if _req.message.name_id == name_id:
try:
if self.local_logout(name_id):
status = success_status_factory()
else:
status = status_message_factory("Server error",
STATUS_REQUEST_DENIED)
except KeyError:
status = status_message_factory("Server error",
STATUS_REQUEST_DENIED)
else:
status = status_message_factory("Wrong user",
STATUS_UNKNOWN_PRINCIPAL)
if binding == BINDING_SOAP:
response_bindings = [BINDING_SOAP]
elif binding == BINDING_HTTP_POST or BINDING_HTTP_REDIRECT:
response_bindings = [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT]
else:
response_bindings = self.config.preferred_binding[
"single_logout_service"]
response = self.create_logout_response(_req.message, response_bindings,
status, sign)
rinfo = self.response_args(_req.message, response_bindings)
return self.apply_binding(rinfo["binding"], response,
rinfo["destination"], relay_state,
response=True)
def test_error_status():
status = utils.status_message_factory("Error resolving principal",
samlp.STATUS_UNKNOWN_PRINCIPAL,
samlp.STATUS_RESPONDER)
status_text = "%s" % status
print status_text
assert status_text == ERROR_STATUS
def test_error_status():
status = utils.status_message_factory("Error resolving principal",
samlp.STATUS_UNKNOWN_PRINCIPAL,
samlp.STATUS_RESPONDER)
status_text = "%s" % status
print status_text
assert status_text == ERROR_STATUS
def handle_logout_request(
self,
request,
name_id,
binding,
sign=None,
sign_alg=None,
digest_alg=None,
relay_state=None,
sigalg=None,
signature=None,
):
"""
Deal with a LogoutRequest
:param request: The request as text string
:param name_id: The id of the current user
:param binding: Which binding the message came in over
:param sign: Whether the response will be signed or not
:param sign_alg: The signing algorithm for the response
:param digest_alg: The digest algorithm for the the response
:param relay_state: The relay state of the request
:param sigalg: The SigAlg query param of the request
:param signature: The Signature query param of the request
:return: Keyword arguments which can be used to send the response
what's returned follow different patterns for different bindings.
If the binding is BINDIND_SOAP, what is returned looks like this::
{
"data": <the SOAP enveloped response>
"url": "",
'headers': [('content-type', 'application/soap+xml')]
'method': "POST
}
"""
logger.info("logout request: %s", request)
_req = self.parse_logout_request(
xmlstr=request,
binding=binding,
relay_state=relay_state,
sigalg=sigalg,
signature=signature,
)
if _req.message.name_id == name_id:
try:
if self.local_logout(name_id):
status = success_status_factory()
else:
status = status_message_factory("Server error",
STATUS_REQUEST_DENIED)
except KeyError:
status = status_message_factory("Server error",
STATUS_REQUEST_DENIED)
else:
status = status_message_factory("Wrong user",
STATUS_UNKNOWN_PRINCIPAL)
response_bindings = {
BINDING_SOAP: [BINDING_SOAP],
BINDING_HTTP_POST: [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT],
BINDING_HTTP_REDIRECT: [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST],
}.get(binding)
if sign is None:
sign = self.logout_responses_signed
response = self.create_logout_response(
_req.message,
bindings=response_bindings,
status=status,
sign=sign,
sign_alg=sign_alg,
digest_alg=digest_alg,
)
rinfo = self.response_args(_req.message, response_bindings)
return self.apply_binding(
rinfo["binding"],
response,
rinfo["destination"],
relay_state,
response=True,
sign=sign,
sigalg=sign_alg,
)