25 |
25 |
lasso.setFlag('thin-sessions')
|
26 |
26 |
|
27 |
27 |
if six.PY3:
|
28 |
|
lasso_decode = lambda x: x
|
|
28 |
def lasso_decode(x):
|
|
29 |
return x
|
29 |
30 |
else:
|
30 |
|
lasso_decode = lambda x: x.decode('utf-8')
|
|
31 |
def lasso_decode(x):
|
|
32 |
return x.decode('utf-8')
|
31 |
33 |
|
32 |
34 |
|
33 |
35 |
class LogMixin(object):
|
... | ... | |
168 |
170 |
attributes['issuer'] = login.remoteProviderId
|
169 |
171 |
if login.nameIdentifier:
|
170 |
172 |
name_id = login.nameIdentifier
|
171 |
|
name_id_format = force_text(name_id.format
|
172 |
|
or lasso.SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED)
|
|
173 |
name_id_format = force_text(name_id.format or lasso.SAML2_NAME_IDENTIFIER_FORMAT_UNSPECIFIED)
|
173 |
174 |
attributes.update({
|
174 |
175 |
'name_id_content': lasso_decode(name_id.content),
|
175 |
176 |
'name_id_format': name_id_format
|
... | ... | |
204 |
205 |
self.log.info('user %s (NameID is %r) logged in using SAML', user,
|
205 |
206 |
attributes['name_id_content'])
|
206 |
207 |
request.session['mellon_session'] = utils.flatten_datetime(attributes)
|
207 |
|
if ('session_not_on_or_after' in attributes and
|
208 |
|
not settings.SESSION_EXPIRE_AT_BROWSER_CLOSE):
|
|
208 |
if ('session_not_on_or_after' in attributes and not settings.SESSION_EXPIRE_AT_BROWSER_CLOSE):
|
209 |
209 |
request.session.set_expiry(
|
210 |
210 |
utils.get_seconds_expiry(
|
211 |
211 |
attributes['session_not_on_or_after']))
|
... | ... | |
339 |
339 |
return self.continue_sso_artifact(request, lasso.HTTP_METHOD_ARTIFACT_GET)
|
340 |
340 |
|
341 |
341 |
# redirect to discovery service if needed
|
342 |
|
if (not 'entityID' in request.GET
|
343 |
|
and not 'nodisco' in request.GET
|
|
342 |
if ('entityID' not in request.GET
|
|
343 |
and 'nodisco' not in request.GET
|
344 |
344 |
and app_settings.DISCOVERY_SERVICE_URL):
|
345 |
345 |
return self.request_discovery_service(
|
346 |
346 |
request, is_passive=request.GET.get('passive') == '1')
|
... | ... | |
385 |
385 |
xmlns:eo="https://www.entrouvert.com/">
|
386 |
386 |
<eo:next_url>%s</eo:next_url>
|
387 |
387 |
</samlp:Extensions>''' % eo_next_url
|
388 |
|
)
|
|
388 |
)
|
389 |
389 |
self.set_next_url(next_url)
|
390 |
390 |
login.buildAuthnRequestMsg()
|
391 |
391 |
except lasso.Error as e:
|
392 |
|
-
|