X-Git-Url: http://git.cascardo.info/?p=cascardo%2Fipsilon.git;a=blobdiff_plain;f=ipsilon%2Fproviders%2Fsaml2%2Fauth.py;h=9d2bb7d065ed84bf06ae7d0c92f408834515f264;hp=521e0c011814276727d74d86ee989998737c7d1d;hb=1bcc0d697dd37a9268641f0cbaa7e9e781552233;hpb=68b9e1d3138784c3793f0a04c411f14168748692

diff --git a/ipsilon/providers/saml2/auth.py b/ipsilon/providers/saml2/auth.py
index 521e0c0..9d2bb7d 100644
--- a/ipsilon/providers/saml2/auth.py
+++ b/ipsilon/providers/saml2/auth.py
@@ -35,7 +35,7 @@ class UnknownProvider(ProviderException):
 
     def __init__(self, message):
         super(UnknownProvider, self).__init__(message)
-        self._debug(message)
+        self.debug(message)
 
 
 class AuthenticateRequest(ProviderPageBase):
@@ -95,7 +95,7 @@ class AuthenticateRequest(ProviderPageBase):
                                                  e, message)
             raise UnknownProvider(msg)
 
-        self._debug('SP %s requested authentication' % login.remoteProviderId)
+        self.debug('SP %s requested authentication' % login.remoteProviderId)
 
         return login
 
@@ -108,13 +108,13 @@ class AuthenticateRequest(ProviderPageBase):
         try:
             login = self._parse_request(request)
         except InvalidRequest, e:
-            self._debug(str(e))
+            self.debug(str(e))
             raise cherrypy.HTTPError(400, 'Invalid SAML request token')
         except UnknownProvider, e:
-            self._debug(str(e))
+            self.debug(str(e))
             raise cherrypy.HTTPError(400, 'Unknown Service Provider')
         except Exception, e:  # pylint: disable=broad-except
-            self._debug(str(e))
+            self.debug(str(e))
             raise cherrypy.HTTPError(500)
 
         return login
@@ -197,7 +197,8 @@ class AuthenticateRequest(ProviderPageBase):
         elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_TRANSIENT:
             nameid = '_' + uuid.uuid4().hex
         elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_KERBEROS:
-            nameid = us.get_data('user', 'gssapi_principal_name')
+            userattrs = us.get_user_attrs()
+            nameid = userattrs.get('gssapi_principal_name')
         elif nameidfmt == lasso.SAML2_NAME_IDENTIFIER_FORMAT_EMAIL:
             nameid = us.get_user().email
             if not nameid:
@@ -305,7 +306,7 @@ class AuthenticateRequest(ProviderPageBase):
             raise cherrypy.HTTPError(501)
         elif login.protocolProfile == lasso.LOGIN_PROTOCOL_PROFILE_BRWS_POST:
             login.buildAuthnResponseMsg()
-            self._debug('POSTing back to SP [%s]' % (login.msgUrl))
+            self.debug('POSTing back to SP [%s]' % (login.msgUrl))
             context = {
                 "title": 'Redirecting back to the web application',
                 "action": login.msgUrl,
@@ -315,7 +316,6 @@ class AuthenticateRequest(ProviderPageBase):
                 ],
                 "submit": 'Return to application',
             }
-            # pylint: disable=star-args
             return self._template('saml2/post_response.html', **context)
 
         else: