0001-misc-do-not-send-logout-requests-if-SingleLogout-pro.patch

Benjamin Dauvergne, 07 novembre 2022 16:00

Voir les différences: en ligne côte à côte

Subject: [PATCH] misc: do not send logout requests if SingleLogout profile is
 not supported (#71041)

 mellon/utils.py | 17 ++++++++++++++---
 mellon/views.py |  5 ++++-
 2 files changed, 18 insertions(+), 4 deletions(-)

         return render_to_string('mellon/metadata.xml', ctx)
     def create_server(request):
     def create_server(request, remote_provider_id=None):
         root = request.build_absolute_uri('/')
         cache = getattr(settings, '_MELLON_SERVER_CACHE', {})
         if root not in cache:
-...
                     key = key[0]
                 server.setEncryptionPrivateKeyWithPassword(key, password)
             for idp in get_idps():
                 if remote_provider_id and idp.get('ENTITY_ID') != remote_provider_id:
                     continue
                 if idp and idp.get('METADATA'):
                     try:
                         server.addProviderFromBuffer(lasso.PROVIDER_ROLE_IDP, idp['METADATA'])
-...
         return render_to_string('mellon/session_dump.xml', {'session_indexes': session_indexes})
     def create_logout(request):
         server = create_server(request)
     def create_logout(request, remote_provider_id=None):
         server = create_server(request, remote_provider_id=remote_provider_id)
         logout = lasso.Logout(server)
         if not app_settings.PRIVATE_KEY and not app_settings.PRIVATE_KEYS:
             logout.setSignatureHint(lasso.PROFILE_SIGNATURE_HINT_FORBID)
-...
         if request.META.get('SCRIPT_NAME'):
             path = path[len(request.META['SCRIPT_NAME']) :]
         return path
     def is_slo_supported(request, issuer):
         server = create_server(request, remote_provider_id=issuer)
         # verify that at least one logout method is supported
         return (
             server.getFirstHttpMethod(server.providers[issuer], lasso.MD_PROTOCOL_TYPE_SINGLE_SIGN_ON)
             != lasso.HTTP_METHOD_NONE
+        )

                     logout = None
                     try:
                         issuer = request.session.get('mellon_session', {}).get('issuer')
                         if issuer:
                         if issuer and utils.is_slo_supported(request, issuer=issuer):
                             self.profile = logout = utils.create_logout(request)
                             self.get_relay_state(create=True)
                             try:
-...
             issuer = request.session.get('mellon_session', {}).get('issuer')
             if not issuer:
                 return None
             # verify that at least one binding the logout profile is supported
             if not utils.is_slo_supported(request, issuer=issuer):
                 return None
             session_indexes = models.SessionIndex.objects.filter(
                 saml_identifier__user=request.user, saml_identifier__issuer__entity_id=issuer
             ).order_by('-id')
+    -

Projet

Général

Profil

Produits Entr'ouvert » django-mellon

0001-misc-do-not-send-logout-requests-if-SingleLogout-pro.patch