Merge pull request #39 from ws0w/master

Fix for Issue #37

Author: knaperek

README.rst

@@ -415,7 +415,7 @@ following code to your app::
 
   from djangosaml2.signals import pre_user_save
 
-  def custom_update_user(sender=user, attributes=attributes, user_modified=user_modified)
+  def custom_update_user(sender=User, instance, attributes, user_modified, **kargs)
      ...
      return True  # I modified the user object
 

djangosaml2/backends.py

@@ -249,7 +249,8 @@ def update_user(self, user, attributes, attribute_mapping,
         logger.debug('Sending the pre_save signal')
         signal_modified = any(
             [response for receiver, response
-             in pre_user_save.send_robust(sender=user,
+             in pre_user_save.send_robust(sender=user.__class__,
+                                          instance=user,
                                           attributes=attributes,
                                           user_modified=user_modified)]
             )

djangosaml2/templates/djangosaml2/login_error.html

@@ -0,0 +1,13 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+  </head>
+  <body>
+    <h1>Authentication Error.</h1>
+
+    <h2>Access Denied.</h2>
+
+  </body>
+</html>

djangosaml2/templates/djangosaml2/permission_denied.html

@@ -0,0 +1,11 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
+    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
+  <head>
+    <meta http-equiv="Content-Type" content="text/html; charset=utf-8"/>
+  </head>
+  <body>
+    <h1>Permission Denied.</h1>
+
+  </body>
+</html>

djangosaml2/views.py

@@ -47,6 +47,7 @@ def csrf_exempt(view_func):
 from saml2.metadata import entity_descriptor
 from saml2.ident import code, decode
 from saml2.sigver import MissingKey
+from saml2.response import StatusError
 
 from djangosaml2.cache import IdentityCache, OutstandingQueriesCache
 from djangosaml2.cache import StateCache
@@ -223,6 +224,9 @@ def assertion_consumer_service(request,
     try:
         response = client.parse_authn_request_response(xmlstr, BINDING_HTTP_POST,
                                                        outstanding_queries)
+    except StatusError:
+        return render(request, 'djangosaml2/login_error.html', status=403)
+
     except MissingKey:
         logger.error('MissingKey error in ACS')
         return HttpResponseForbidden(
@@ -250,7 +254,7 @@ def assertion_consumer_service(request,
                              create_unknown_user=create_unknown_user)
     if user is None:
         logger.error('The user is None')
-        raise PermissionDenied
+        return render(request, 'djangosaml2/permission_denied.html', status=403)
 
     auth.login(request, user)
     _set_subject_id(request.session, session_info['name_id'])