def identify(self, environ):
"""identify"""
req = Request(environ)
if SAML2_FIELD_RESPONSE not in req.POST:
logger.debug('[saml2.identify] got an empty request')
return {}
uri = req.path
logger.debug('[saml2.identify] uri: %s', uri)
# path = req.path
login = Login(self.server)
try:
login.processAuthnResponseMsg(req.POST[SAML2_FIELD_RESPONSE])
# request_id = login.response.inResponseTo
login.acceptSso()
# attribs = get_attributes_from_assertion(login.assertion)
username = login.nameIdentifier
return {
'login': username,
'password': '',
'repoze.who.userid': username,
'user': '',
}
except Error as msg:
logger.debug(msg)
return {}
return None
def challenge(self, environ, status, app_headers, forget_headers):
"""challenge"""
req = Request(environ)
if req.path in [self.logout_handler_path, self.post_logout_url]:
headers = app_headers + forget_headers
return HTTPFound(headers=headers)
else:
came_from = get_came_from(environ)
logger.debug("[saml2.challenge] RelayState >> '%s'", came_from)
login = Login(self.server)
try:
login.initAuthnRequest()
login.buildAuthnRequestMsg()
logger.debug(
"[saml2.challenge] RequestID: %r", login.request.iD
)
headers = [('Location', login.msgUrl)]
logger.debug(
"[saml2.challenge] Redirected to: %s", login.msgUrl
)
cookies = [
(_hdr, _val) for (_hdr, _val) in app_headers
if _hdr.lower() == 'set-cookie'
]
headers = headers + forget_headers + cookies
return HTTPFound(headers=headers)
except Error as msg:
logger.debug("[saml2.challenge] error: %s", msg)
raise
def challenge(self, environ, status, app_headers, forget_headers):
"""challenge"""
req = Request(environ)
if req.path in [self.logout_handler_path, self.post_logout_url]:
headers = app_headers + forget_headers
return HTTPFound(headers=headers)
else:
came_from = get_came_from(environ)
logger.debug("[saml2.challenge] RelayState >> '%s'", came_from)
login = Login(self.server)
try:
login.initAuthnRequest()
login.buildAuthnRequestMsg()
logger.debug("[saml2.challenge] RequestID: %r", login.request.iD)
headers = [("Location", login.msgUrl)]
logger.debug("[saml2.challenge] Redirected to: %s", login.msgUrl)
cookies = [(_hdr, _val) for (_hdr, _val) in app_headers if _hdr.lower() == "set-cookie"]
headers = headers + forget_headers + cookies
return HTTPFound(headers=headers)
except Error as msg:
logger.debug("[saml2.challenge] error: %s", msg)
raise
def identify(self, environ):
"""identify"""
req = Request(environ)
if SAML2_FIELD_RESPONSE not in req.POST:
logger.debug("[saml2.identify] got an empty request")
return {}
uri = req.path
logger.debug("[saml2.identify] uri: %s", uri)
# path = req.path
login = Login(self.server)
try:
login.processAuthnResponseMsg(req.POST[SAML2_FIELD_RESPONSE])
# request_id = login.response.inResponseTo
login.acceptSso()
# attribs = get_attributes_from_assertion(login.assertion)
username = login.nameIdentifier
return {"login": username, "password": "", "repoze.who.userid": username, "user": ""}
except Error as msg:
logger.debug(msg)
return {}
return None