from ipsilon.providers.saml2.provider import ServiceProvider
from ipsilon.providers.saml2.provider import InvalidProviderId
from ipsilon.providers.saml2.provider import NameIdNotAllowed
-from ipsilon.providers.saml2.sessions import SAMLSessionsContainer
from ipsilon.tools import saml2metadata as metadata
from ipsilon.util.policy import Policy
from ipsilon.util.user import UserSession
login.assertion.subject.nameId.content = nameid
else:
self.trans.wipe()
+ self.error('Authentication succeeded but it was not ' +
+ 'provided by NameID %s' % nameidfmt)
raise AuthenticationError("Unavailable Name ID type",
lasso.SAML2_STATUS_CODE_AUTHN_FAILED)
self.debug('Assertion: %s' % login.assertion.dump())
- saml_sessions = us.get_provider_data('saml2')
- if saml_sessions is None:
- saml_sessions = SAMLSessionsContainer()
-
- session = saml_sessions.find_session_by_provider(
- login.remoteProviderId)
- if session:
- # TODO: something...
- self.debug('Login session for this user already exists!?')
- session.dump()
+ saml_sessions = self.cfg.idp.sessionfactory
lasso_session = lasso.Session()
lasso_session.addAssertion(login.remoteProviderId, login.assertion)
+ provider = ServiceProvider(self.cfg, login.remoteProviderId)
saml_sessions.add_session(login.assertion.id,
login.remoteProviderId,
- lasso_session)
- us.save_provider_data('saml2', saml_sessions)
+ user.name,
+ lasso_session.dump(),
+ None,
+ provider.logout_mechs)
def saml2error(self, login, code, message):
status = lasso.Samlp2Status()
projects / cascardo / ipsilon.git / blobdiff