projects
/
cascardo
/
ipsilon.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
IdP-initiated logout for current user
[cascardo/ipsilon.git]
/
ipsilon
/
providers
/
saml2
/
sessions.py
diff --git
a/ipsilon/providers/saml2/sessions.py
b/ipsilon/providers/saml2/sessions.py
index
fb1f646
..
5931734
100644
(file)
--- a/
ipsilon/providers/saml2/sessions.py
+++ b/
ipsilon/providers/saml2/sessions.py
@@
-140,12
+140,16
@@
class SAMLSessionsContainer(Log):
self.sessions_logging_out[session.provider_id] = session
self.sessions_logging_out[session.provider_id] = session
- def get_next_logout(self):
+ def get_next_logout(self
, remove=True
):
"""
Get the next session in the logged-in state and move
it to the logging_out state. Return the session that is
found.
"""
Get the next session in the logged-in state and move
it to the logging_out state. Return the session that is
found.
+ :param remove: for IdP-initiated logout we can't remove the
+ session otherwise when the request comes back
+ in the user won't be seen as being logged-on.
+
Return None if no more sessions in login state.
"""
try:
Return None if no more sessions in login state.
"""
try:
@@
-153,7
+157,10
@@
class SAMLSessionsContainer(Log):
except IndexError:
return None
except IndexError:
return None
- session = self.sessions.pop(provider_id)
+ if remove:
+ session = self.sessions.pop(provider_id)
+ else:
+ session = self.sessions.itervalues().next()
if provider_id in self.sessions_logging_out:
self.sessions_logging_out.pop(provider_id)
if provider_id in self.sessions_logging_out:
self.sessions_logging_out.pop(provider_id)