def parse_logout_request(self, text, binding=BINDING_SOAP): """Parse a Logout Request :param text: The request in its transport format, if the binding is HTTP-Redirect or HTTP-Post the text *must* be the value of the SAMLRequest attribute. :return: A validated LogoutRequest instance or None if validation failed. """ try: slo = self.conf.endpoint("single_logout_service", binding, "idp") except IndexError: logger.info("enpoints: %s" % self.conf.getattr("endpoints", "idp")) logger.info("binding wanted: %s" % (binding,)) raise if not slo: raise Exception("No single_logout_server for that binding") logger.info("Endpoint: %s" % slo) req = LogoutRequest(self.sec, slo) if binding == BINDING_SOAP: lreq = soap.parse_soap_enveloped_saml_logout_request(text) try: req = req.loads(lreq, False) # Got it over SOAP so no base64+zip except Exception: return None else: try: req = req.loads(text) except Exception, exc: logger.error("%s" % (exc,)) return None
def logout_endpoint(self, xml_str, binding): if binding == BINDING_SOAP: _str = parse_soap_enveloped_saml_logout_request(xml_str) else: _str = xml_str req = logout_request_from_string(_str) _resp = self.create_logout_response(req, [binding]) if binding == BINDING_SOAP: # SOAP packing #headers = {"content-type": "application/soap+xml"} soap_message = make_soap_enveloped_saml_thingy(_resp) # if self.sign and self.sec: # _signed = self.sec.sign_statement_using_xmlsec(soap_message, # class_name(attr_resp), # nodeid=attr_resp.id) # soap_message = _signed response = "%s" % soap_message else: # Just POST response = "%s" % _resp return DummyResponse(200, response)