SAML bug fixes

* Fix error casting request_xml to bytes when request_xml is an object
* Fix _sp_force_authn error when value is missing
* Fix allow_create being set to true even when the value is false

Author: RouganStriker

djangosaml2/views.py

@@ -48,6 +48,7 @@
 from saml2.ident import code, decode
 from saml2.sigver import MissingKey
 from saml2.s_utils import UnsupportedBinding
+from saml2.request import AuthnRequest
 from saml2.response import (
     StatusError, StatusAuthnFailed, SignatureError, StatusRequestDenied,
     UnsolicitedResponse, StatusNoAuthnContext,
@@ -147,10 +148,10 @@ def login(request,
 
     kwargs = {}
     # pysaml needs a string otherwise: "cannot serialize True (type bool)"
-    if getattr(conf, '_sp_force_authn'):
+    if getattr(conf, '_sp_force_authn', False):
         kwargs['force_authn'] = "true"
-    if getattr(conf, '_sp_allow_create', "false"):
-        kwargs['allow_create'] = "true"
+    if hasattr(conf, '_sp_allow_create'):
+        kwargs['allow_create'] = str(conf._sp_allow_create is True).lower()
 
     # is a embedded wayf needed?
     idps = available_idps(conf)
@@ -226,6 +227,9 @@ def login(request,
                 **kwargs)
             try:
                 if PY3:
+                    if isinstance(request_xml, AuthnRequest):
+                        # request_xml will be an instance of AuthnRequest if the message is not signed
+                        request_xml = str(request_xml)
                     saml_request = base64.b64encode(binary_type(request_xml, 'UTF-8')).decode('utf-8')
                 else:
                     saml_request = base64.b64encode(binary_type(request_xml))