+cherrypy.tools.require_content_type = cherrypy.Tool('before_request_body',
+ require_content_type)
+
+
+def is_lasso_ecp_enabled():
+ # Full ECP support appeared in lasso version 2.4.2
+ return lasso.checkVersion(2, 4, 2, lasso.CHECK_VERSION_NUMERIC)
+
+
+class SSO_SOAP(AuthenticateRequest):
+
+ def __init__(self, *args, **kwargs):
+ super(SSO_SOAP, self).__init__(*args, **kwargs)
+ self.binding = metadata.SAML2_SERVICE_MAP['sso-soap'][1]
+
+ @cherrypy.tools.require_content_type(
+ required=[SOAP_MEDIA_TYPE, XML_MEDIA_TYPE])
+ @cherrypy.tools.accept(media=[SOAP_MEDIA_TYPE, XML_MEDIA_TYPE])
+ @cherrypy.tools.response_headers(
+ headers=[('Content-Type', 'SOAP_MEDIA_TYPE')])
+ def POST(self, *args, **kwargs):
+ self.debug("SSO_SOAP.POST() begin")
+
+ self.debug("SSO_SOAP transaction provider=%s id=%s" %
+ (self.trans.provider, self.trans.transaction_id))
+
+ us = UserSession()
+ us.remote_login()
+ user = us.get_user()
+ self.debug("SSO_SOAP user=%s" % (user.name))
+
+ if not user:
+ raise cherrypy.HTTPError(403, 'No user specified for SSO_SOAP')
+
+ soap_xml_doc = cherrypy.request.rfile.read()
+ soap_xml_doc = soap_xml_doc.strip()
+ self.debug("SSO_SOAP soap_xml_doc=%s" % soap_xml_doc)
+ login = self.saml2login(soap_xml_doc)
+
+ return self.auth(login)
+