| 85 |
85 |
|
| 86 |
86 |
def post(self, request, *args, **kwargs):
|
| 87 |
87 |
'''Assertion consumer'''
|
|
88 |
if 'SAMLart' in request.POST:
|
|
89 |
return self.continue_sso_artifact(request, lasso.HTTP_METHOD_ARTIFACT_POST)
|
| 88 |
90 |
if 'SAMLResponse' not in request.POST:
|
| 89 |
91 |
return self.get(request, *args, **kwargs)
|
| 90 |
92 |
if not utils.is_nonnull(request.POST['SAMLResponse']):
|
| ... | ... | |
| 208 |
210 |
|
| 209 |
211 |
return HttpResponseRedirect(next_url)
|
| 210 |
212 |
|
| 211 |
|
def continue_sso_artifact_get(self, request):
|
|
213 |
def continue_sso_artifact(self, request, method):
|
| 212 |
214 |
idp_message = None
|
| 213 |
215 |
status_codes = []
|
| 214 |
216 |
|
|
217 |
if method == lasso.HTTP_METHOD_ARTIFACT_GET:
|
|
218 |
message = request.META['QUERY_STRING']
|
|
219 |
artifact = request.GET['SAMLart']
|
|
220 |
relay_state = request.GET.get('RelayState')
|
|
221 |
else: # method == lasso.HTTP_METHOD_ARTIFACT_POST:
|
|
222 |
message = request.POST['SAMLart']
|
|
223 |
artifact = request.POST['SAMLart']
|
|
224 |
relay_state = request.POST.get('RelayState')
|
|
225 |
|
| 215 |
226 |
self.profile = login = utils.create_login(request)
|
| 216 |
227 |
try:
|
| 217 |
|
login.initRequest(request.META['QUERY_STRING'], lasso.HTTP_METHOD_ARTIFACT_GET)
|
|
228 |
login.initRequest(message, method)
|
| 218 |
229 |
except lasso.ProfileInvalidArtifactError:
|
| 219 |
|
self.log.warning(u'artifact is malformed %r', request.GET['SAMLart'])
|
| 220 |
|
return HttpResponseBadRequest(u'artifact is malformed %r' % request.GET['SAMLart'])
|
|
230 |
self.log.warning(u'artifact is malformed %r', artifact)
|
|
231 |
return HttpResponseBadRequest(u'artifact is malformed %r' % artifact)
|
| 221 |
232 |
except lasso.ServerProviderNotFoundError:
|
| 222 |
|
self.log.warning('no entity id found for artifact %s',
|
| 223 |
|
request.GET['SAMLart'])
|
|
233 |
self.log.warning('no entity id found for artifact %s', artifact)
|
| 224 |
234 |
return HttpResponseBadRequest(
|
| 225 |
|
'no entity id found for this artifact %r' %
|
| 226 |
|
request.GET['SAMLart'])
|
|
235 |
'no entity id found for this artifact %r' % artifact)
|
| 227 |
236 |
idp = utils.get_idp(login.remoteProviderId)
|
| 228 |
237 |
if not idp:
|
| 229 |
238 |
self.log.warning('entity id %r is unknown', login.remoteProviderId)
|
| ... | ... | |
| 275 |
284 |
self.log.exception('unexpected lasso error')
|
| 276 |
285 |
return HttpResponseBadRequest('error processing the authentication response: %r' % e)
|
| 277 |
286 |
else:
|
| 278 |
|
if 'RelayState' in request.GET and utils.is_nonnull(request.GET['RelayState']):
|
| 279 |
|
login.msgRelayState = request.GET['RelayState']
|
|
287 |
if relay_state and utils.is_nonnull(relay_state):
|
|
288 |
login.msgRelayState = relay_state
|
| 280 |
289 |
return self.sso_success(request, login)
|
| 281 |
290 |
return self.sso_failure(request, login, idp_message, status_codes)
|
| 282 |
291 |
|
| ... | ... | |
| 296 |
305 |
def get(self, request, *args, **kwargs):
|
| 297 |
306 |
'''Initialize login request'''
|
| 298 |
307 |
if 'SAMLart' in request.GET:
|
| 299 |
|
return self.continue_sso_artifact_get(request)
|
|
308 |
return self.continue_sso_artifact(request, lasso.HTTP_METHOD_ARTIFACT_GET)
|
| 300 |
309 |
|
| 301 |
310 |
# redirect to discovery service if needed
|
| 302 |
311 |
if (not 'entityID' in request.GET
|
| 303 |
|
-
|