Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix case request is already signed #129

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Fix case request is already signed #129

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
592a746
Fix case request is already signed
Amertz08 Apr 5, 2021
aca56db
Write test to confirm bug
Amertz08 Apr 9, 2021
5bc26e9
uncomment block
Amertz08 May 26, 2021
5adc613
drop todo
Amertz08 May 26, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
15 changes: 15 additions & 0 deletions djangosaml2idp/views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -376,6 +376,21 @@ def get(self, request: HttpRequest, *args, **kwargs):

resp = idp_server.create_logout_response(req_info.message, [binding])

# Case request is already signed
if isinstance(resp, str):
binding, destination = idp_server.pick_binding(
"single_logout_service", [binding], "spsso", req_info
)
html_response = self.create_html_response(
request,
binding=binding,
authn_resp=resp,
destination=destination,
relay_state=relay_state
)
logout(request)
return self.render_response(request, html_response, None)

'''
# TODO: SOAP
# if binding == BINDING_SOAP:
Expand Down
16 changes: 16 additions & 0 deletions tests/private.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
-----BEGIN PRIVATE KEY-----
MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAPXIJ5Kpr24dHEFY
wKZKc3N2wTKey2q3JPbnuDo9J2NVAOzX0Aj32ZpnBg8VBDRdvv2+uxcIRqTSfvGh
54b/K+FtRXniFGjt+G+cUsFmCAoRqi1Po/qPECZfDWBujNeGWQC7LcYYauKRKXdl
ddunhs5US8nLa3g5qJwd8RyQ12nNAgMBAAECgYEA6qiVt75QYvZiIrXFAT916NiJ
7nWTyyhen2lvCBOZBoqC3p3R3q4cUQFp1H6BTCnxDrzKTVw2bmkWkEa/EbGQxsOc
xkR13cs8fyx+DLoakdZJHQGMUlPIjBiPv1iyeXKSghiX12NPdLzmT9yh8syYTRBg
A02NB/ptN7zGn035gtUCQQD7YOstkw48vUeG5d0pHD1mBaY9hVh3knBLyYkJvOTf
anojq2aE/hOpH2j3E0WS6Iig99XcerZu2Qxg93kU9KQ3AkEA+kzlRec5S09qT3oF
EgjJdqS9OrmZBVNys9fRWmeVxitdkk82CBtguprH3zil64dEmve8L7af+a9Cc9ts
c+qoGwJAaMKLQAL4+/clx+IjuO476DiSfzEDHVG52tuycIx4FWOaYyMbJnF8YA7m
/5DYfdDKn8qpJak+PhPWRNLdcw5BIQJARi6ZeuhCoGM8I9zK3yunkaTPik/QIDYt
y0+QXBD/Zfly2ztqowtKLAiKUoTHwSrEic887QQABzqlH2c/GaGKUQJAJGNs6eVS
3Wtj0Uuafpuu96qdLQ2et8IExtL1W8OO1/A+GiAGEAQS7pJV8cjmqeigRy1fD7Tp
CLtOh2fsKqeGNQ==
-----END PRIVATE KEY-----
14 changes: 14 additions & 0 deletions tests/public.pem
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
-----BEGIN CERTIFICATE-----
MIICOjCCAaOgAwIBAgIBADANBgkqhkiG9w0BAQ0FADA6MQswCQYDVQQGEwJ1czEN
MAsGA1UECAwEYmxhaDENMAsGA1UECgwEYmxhaDENMAsGA1UEAwwEYmxhaDAeFw0y
MTA0MDkwMjA2MjNaFw0yMjA0MDkwMjA2MjNaMDoxCzAJBgNVBAYTAnVzMQ0wCwYD
VQQIDARibGFoMQ0wCwYDVQQKDARibGFoMQ0wCwYDVQQDDARibGFoMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQD1yCeSqa9uHRxBWMCmSnNzdsEynstqtyT257g6
PSdjVQDs19AI99maZwYPFQQ0Xb79vrsXCEak0n7xoeeG/yvhbUV54hRo7fhvnFLB
ZggKEaotT6P6jxAmXw1gbozXhlkAuy3GGGrikSl3ZXXbp4bOVEvJy2t4OaicHfEc
kNdpzQIDAQABo1AwTjAdBgNVHQ4EFgQUM0Wt6vN/tu1bRZ4Cm8PXEe/CM+gwHwYD
VR0jBBgwFoAUM0Wt6vN/tu1bRZ4Cm8PXEe/CM+gwDAYDVR0TBAUwAwEB/zANBgkq
hkiG9w0BAQ0FAAOBgQCwHt6pVPil8Q6cXXGUp0G6dbwu8ICxaxJp6tJ1kbbzdc+I
fNbDa2P5HVB3KxsBrDoyd7eGdY4OgnmPKqxMajhXB/gPHohH7xnBVnKun4YMKR9k
nQ6xCUWg5dhMtc8hTSi/9hzuGRwvsPQuU8QoUQNB+QKpccdB2/U8BsX9K4CJEA==
-----END CERTIFICATE-----
6 changes: 4 additions & 2 deletions tests/settings.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -66,9 +66,11 @@
('%s/sso/redirect' % BASE_URL, saml2.BINDING_HTTP_REDIRECT),
],
},
'sign_response': True,
'name_id_format': [NAMEID_FORMAT_EMAILADDRESS, NAMEID_FORMAT_UNSPECIFIED],
}
},
},

'key_file': PROJECT_ROOT + '/private.pem',
'cert_file': PROJECT_ROOT + '/public.pem',
'valid_for': 365 * 24,
}
12 changes: 11 additions & 1 deletion tests/test_views.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
import base64
import pathlib
from urllib import parse

import pytest
Expand Down Expand Up @@ -85,7 +86,7 @@ def sp_conf_dict() -> dict:
}
},
"metadata": {
"local": ["tests/xml/metadata/idp_metadata.xml"]
"local": [str(pathlib.Path(__file__).parent / "xml/metadata/idp_metadata.xml")]
}
}

Expand Down Expand Up @@ -591,6 +592,15 @@ def test_slo_view_works_properly_redirect(self, sp_metadata_xml, logged_in_reque

assert isinstance(response, HttpResponse)

@pytest.mark.django_db
def test_sign_assertions_true(self, sp_metadata_xml, logged_in_request, saml_logout_request_factory, sp_conf_dict):
ServiceProvider.objects.create(entity_id='test_generic_sp', local_metadata=sp_metadata_xml)

logged_in_request.GET['SAMLRequest'] = saml_logout_request_factory()
response = LogoutProcessView.as_view()(logged_in_request)

assert response.status_code == 302


class TestMetadata:
@pytest.mark.django_db
Expand Down