Skip to content

Commit 1d1e1f5

Browse files
abhidnya13abhidnya13
authored
Adding SAML 1.1 token types (#20)
1 parent 4f08477 commit 1d1e1f5

File tree

2 files changed

+9
-3
lines changed

2 files changed

+9
-3
lines changed

msal/application.py

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
from .authority import Authority
1111
from .mex import send_request as mex_send_request
1212
from .wstrust_request import send_request as wst_send_request
13-
from .wstrust_response import SAML_TOKEN_TYPE_V1, SAML_TOKEN_TYPE_V2
13+
from .wstrust_response import *
1414
from .token_cache import TokenCache
1515

1616

@@ -405,9 +405,12 @@ def _acquire_token_by_username_password_federated(
405405
wstrust_endpoint.get("action"), verify=verify, proxies=proxies)
406406
if not ("token" in wstrust_result and "type" in wstrust_result):
407407
raise RuntimeError("Unsuccessful RSTR. %s" % wstrust_result)
408+
GRANT_TYPE_SAML1_1 = 'urn:ietf:params:oauth:grant-type:saml1_1-bearer'
408409
grant_type = {
409-
SAML_TOKEN_TYPE_V1: 'urn:ietf:params:oauth:grant-type:saml1_1-bearer',
410+
SAML_TOKEN_TYPE_V1: GRANT_TYPE_SAML1_1,
410411
SAML_TOKEN_TYPE_V2: self.client.GRANT_TYPE_SAML2,
412+
WSS_SAML_TOKEN_PROFILE_V1_1: GRANT_TYPE_SAML1_1,
413+
WSS_SAML_TOKEN_PROFILE_V2: self.client.GRANT_TYPE_SAML2
411414
}.get(wstrust_result.get("type"))
412415
if not grant_type:
413416
raise RuntimeError(

msal/wstrust_response.py

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -37,6 +37,10 @@
3737
SAML_TOKEN_TYPE_V1 = 'urn:oasis:names:tc:SAML:1.0:assertion'
3838
SAML_TOKEN_TYPE_V2 = 'urn:oasis:names:tc:SAML:2.0:assertion'
3939

40+
# http://docs.oasis-open.org/wss-m/wss/v1.1.1/os/wss-SAMLTokenProfile-v1.1.1-os.html#_Toc307397288
41+
WSS_SAML_TOKEN_PROFILE_V1_1 = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1"
42+
WSS_SAML_TOKEN_PROFILE_V2 = "http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0"
43+
4044
def parse_response(body): # Returns {"token": "<saml:assertion ...>", "type": "..."}
4145
token = parse_token_by_re(body)
4246
if token:
@@ -84,6 +88,5 @@ def parse_token_by_re(raw_response): # Returns the saml:assertion
8488
token_types = findall_content(rstr, "TokenType")
8589
tokens = findall_content(rstr, "RequestedSecurityToken")
8690
if token_types and tokens:
87-
assert token_types[0] in (SAML_TOKEN_TYPE_V1, SAML_TOKEN_TYPE_V2)
8891
return {"token": tokens[0].encode('us-ascii'), "type": token_types[0]}
8992

0 commit comments

Comments
 (0)