Projet

Général

Profil

0003-Only-send-values-for-enabled-SAMLAttribute-to-servic.patch

Benjamin Dauvergne, 05 novembre 2014 11:06

Télécharger (1,11 ko)

Voir les différences: 

Subject: [PATCH 3/3] Only send values for enabled SAMLAttribute to service
 providers

fixes #5874

 authentic2/idp/saml/saml2_endpoints.py |    6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)
authentic2/idp/saml/saml2_endpoints.py
186 186 

  		




  187
  187
  
    

  		




  188
  188
  
    
def add_attributes(assertion, provider, policy, ctx):

  		




  189
  
  
    
    qs = SAMLAttribute.objects.for_generic_object(provider)

  		




  190
  
  
    
    qs |= SAMLAttribute.objects.for_generic_object(policy)

  		




  
  189
  
    
    qs = SAMLAttribute.objects.for_generic_object(provider) \

  		




  
  190
  
    
            .filter(enabled=True)

  		




  
  191
  
    
    qs |= SAMLAttribute.objects.for_generic_object(policy) \

  		




  
  192
  
    
            .filter(enabled=True)

  		




  191
  193
  
    
    qs = qs.distinct()

  		




  192
  194
  
    

  		




  193
  195
  
    
    if not assertion.attributeStatement:

  		




  194
  
  
    
-