Add authenticating authority as part of the internal AuthenticationInformation object

Signed-off-by: Ivan Kanakarakis <[email protected]>

Author: c00kiemon5ter

src/satosa/backends/saml2.py

@@ -384,15 +384,18 @@ def _translate_response(self, response, state):
         # The response may have been encrypted by the IdP so if we have an
         # encryption key, try it.
         if self.encryption_keys:
-            response.parse_assertion(self.encryption_keys)
+            response.parse_assertion(keys=self.encryption_keys)
 
-        authn_info = response.authn_info()[0]
-        auth_class_ref = authn_info[0]
-        timestamp = response.assertion.authn_statement[0].authn_instant
         issuer = response.response.issuer.text
-
+        authn_context_ref, authenticating_authorities, authn_instant = next(
+            iter(response.authn_info()), [None, None, None]
+        )
+        authenticating_authority = next(iter(authenticating_authorities), None)
         auth_info = AuthenticationInformation(
-            auth_class_ref, timestamp, issuer,
+            auth_class_ref=authn_context_ref,
+            timestamp=authn_instant,
+            authority=authenticating_authority,
+            issuer=issuer,
         )
 
         # The SAML response may not include a NameID.

src/satosa/internal.py

@@ -85,7 +85,13 @@ class AuthenticationInformation(_Datafy):
     """
 
     def __init__(
-        self, auth_class_ref=None, timestamp=None, issuer=None, *args, **kwargs
+        self,
+        auth_class_ref=None,
+        timestamp=None,
+        issuer=None,
+        authority=None,
+        *args,
+        **kwargs,
     ):
         """
         Initiate the data carrier
@@ -102,6 +108,7 @@ def __init__(
         self.auth_class_ref = auth_class_ref
         self.timestamp = timestamp
         self.issuer = issuer
+        self.authority = authority
 
 
 class InternalData(_Datafy):