Project

General

Profile

0001-7879-statusMessage-in-SAML-Response-and-tests-added.patch

Josué Kouka, 09 October 2015 11:23 AM

Download (2.54 KB)

View differences:

Subject: [PATCH] #7879: statusMessage in SAML Response and tests added

 src/authentic2/idp/saml/saml2_endpoints.py | 4 ++--
 src/authentic2/idp/saml/tests.py           | 4 +++-
 2 files changed, 5 insertions(+), 3 deletions(-)
src/authentic2/idp/saml/saml2_endpoints.py
594 594
    if 'cancel' in request.GET:
595 595
        logger.info('login canceled')
596 596
        set_saml2_response_responder_status_code(login.response,
597
                lasso.SAML2_STATUS_CODE_REQUEST_DENIED)
597
                lasso.SAML2_STATUS_CODE_REQUEST_DENIED, _('User canceled login process').encode('utf-8'))
598 598
        return finish_sso(request, login)
599 599
    if consent_answer == 'refused':
600 600
        logger.info("consent answer treatment, the user "
601 601
            "refused, return request denied to the requester")
602 602
        set_saml2_response_responder_status_code(login.response,
603
                lasso.SAML2_STATUS_CODE_REQUEST_DENIED)
603
                lasso.SAML2_STATUS_CODE_REQUEST_DENIED, _('User refused to consent').encode('utf-8'))
604 604
        return finish_sso(request, login)
605 605
    if consent_answer == 'accepted':
606 606
        logger.info("consent answer treatment, the user "
src/authentic2/idp/saml/tests.py
252 252
            self.assertIn('SAMLResponse', doc.forms[0].fields)
253 253
            saml_response = doc.forms[0].fields['SAMLResponse']
254 254
            try:
255
                base64.b64decode(saml_response)
255
                saml_response_decoded = base64.b64decode(saml_response)
256 256
            except TypeError:
257 257
                self.fail('SAMLResponse is not base64 encoded: %s'
258 258
                          % saml_response)
259 259
            with self.assertRaises(lasso.ProfileRequestDeniedError):
260 260
                assertion = self.parse_authn_response(saml_response)
261
            self.assertIn('samlp:StatusMessage', saml_response_decoded)
262
            self.assertIn('User canceled login process', saml_response_decoded)
261 263
        else:
262 264
            response = client.post(url, {
263 265
                'username': self.email,
264
-