From afe0146ff81d24bdc7c1c81102d9018501aa6a33 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Wed, 1 Apr 2015 18:01:37 +0200
Subject: [PATCH] Use get_or_create() to create KeyValue instances so that
 AuthnRequest replay does not fail (#6883)

---
 src/authentic2/saml/models.py | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/authentic2/saml/models.py b/src/authentic2/saml/models.py
index 1370d97..5833fa1 100644
--- a/src/authentic2/saml/models.py
+++ b/src/authentic2/saml/models.py
@@ -815,16 +815,17 @@ class KeyValue(models.Model):
     def __unicode__(self):
         return self.key
 
     class Meta:
         verbose_name = _("key value association")
         verbose_name_plural = _("key value associations")
 
 def save_key_values(key, *values):
-    KeyValue(key = key, value = values).save()
+    # never update an existing key, key are nonces
+    KeyValue.objects.get_or_create(key=key, defaults={'value': values})
 
 def get_and_delete_key_values(key):
     try:
         kv = KeyValue.objects.get(key=key)
         return kv.value
     except ObjectDoesNotExist:
         raise KeyError
-- 
1.9.1