85 |
85 |
|
86 |
86 |
def post(self, request, *args, **kwargs):
|
87 |
87 |
'''Assertion consumer'''
|
|
88 |
if 'SAMLart' in request.POST:
|
|
89 |
return self.continue_sso_artifact(request, lasso.HTTP_METHOD_ARTIFACT_POST)
|
88 |
90 |
if 'SAMLResponse' not in request.POST:
|
89 |
91 |
return self.get(request, *args, **kwargs)
|
90 |
92 |
if not utils.is_nonnull(request.POST['SAMLResponse']):
|
... | ... | |
208 |
210 |
|
209 |
211 |
return HttpResponseRedirect(next_url)
|
210 |
212 |
|
211 |
|
def continue_sso_artifact_get(self, request):
|
|
213 |
def continue_sso_artifact(self, request, method):
|
212 |
214 |
idp_message = None
|
213 |
215 |
status_codes = []
|
214 |
216 |
|
|
217 |
if method == lasso.HTTP_METHOD_ARTIFACT_GET:
|
|
218 |
message = request.META['QUERY_STRING']
|
|
219 |
artifact = request.GET['SAMLart']
|
|
220 |
relay_state = request.GET.get('RelayState')
|
|
221 |
else: # method == lasso.HTTP_METHOD_ARTIFACT_POST:
|
|
222 |
message = request.POST['SAMLart']
|
|
223 |
artifact = request.POST['SAMLart']
|
|
224 |
relay_state = request.POST.get('RelayState')
|
|
225 |
|
215 |
226 |
self.profile = login = utils.create_login(request)
|
216 |
227 |
try:
|
217 |
|
login.initRequest(request.META['QUERY_STRING'], lasso.HTTP_METHOD_ARTIFACT_GET)
|
|
228 |
login.initRequest(message, method)
|
218 |
229 |
except lasso.ProfileInvalidArtifactError:
|
219 |
|
self.log.warning(u'artifact is malformed %r', request.GET['SAMLart'])
|
220 |
|
return HttpResponseBadRequest(u'artifact is malformed %r' % request.GET['SAMLart'])
|
|
230 |
self.log.warning(u'artifact is malformed %r', artifact)
|
|
231 |
return HttpResponseBadRequest(u'artifact is malformed %r' % artifact)
|
221 |
232 |
except lasso.ServerProviderNotFoundError:
|
222 |
|
self.log.warning('no entity id found for artifact %s',
|
223 |
|
request.GET['SAMLart'])
|
|
233 |
self.log.warning('no entity id found for artifact %s', artifact)
|
224 |
234 |
return HttpResponseBadRequest(
|
225 |
|
'no entity id found for this artifact %r' %
|
226 |
|
request.GET['SAMLart'])
|
|
235 |
'no entity id found for this artifact %r' % artifact)
|
227 |
236 |
idp = utils.get_idp(login.remoteProviderId)
|
228 |
237 |
if not idp:
|
229 |
238 |
self.log.warning('entity id %r is unknown', login.remoteProviderId)
|
... | ... | |
275 |
284 |
self.log.exception('unexpected lasso error')
|
276 |
285 |
return HttpResponseBadRequest('error processing the authentication response: %r' % e)
|
277 |
286 |
else:
|
278 |
|
if 'RelayState' in request.GET and utils.is_nonnull(request.GET['RelayState']):
|
279 |
|
login.msgRelayState = request.GET['RelayState']
|
|
287 |
if relay_state and utils.is_nonnull(relay_state):
|
|
288 |
login.msgRelayState = relay_state
|
280 |
289 |
return self.sso_success(request, login)
|
281 |
290 |
return self.sso_failure(request, login, idp_message, status_codes)
|
282 |
291 |
|
... | ... | |
296 |
305 |
def get(self, request, *args, **kwargs):
|
297 |
306 |
'''Initialize login request'''
|
298 |
307 |
if 'SAMLart' in request.GET:
|
299 |
|
return self.continue_sso_artifact_get(request)
|
|
308 |
return self.continue_sso_artifact(request, lasso.HTTP_METHOD_ARTIFACT_GET)
|
300 |
309 |
|
301 |
310 |
# redirect to discovery service if needed
|
302 |
311 |
if (not 'entityID' in request.GET
|
303 |
|
-
|