Skip to content

Commit 58a3bfd

Browse files
c00kiemon5terc00kiemon5ter
authored
Merge pull request #395 from DataShades/identify-session-info-fix
Initialize session_info before assignment
2 parents 39a29be + 6466c4e commit 58a3bfd

File tree

1 file changed

+21
-23
lines changed
  • src/saml2/s2repoze/plugins

1 file changed

+21
-23
lines changed

src/saml2/s2repoze/plugins/sp.py

Lines changed: 21 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -445,26 +445,25 @@ def identify(self, environ):
445445
"""
446446
#logger = environ.get('repoze.who.logger', '')
447447

448-
query = parse_dict_querystring(environ)
449-
if ("CONTENT_LENGTH" not in environ or not environ[
450-
"CONTENT_LENGTH"]) and \
451-
"SAMLResponse" not in query and "SAMLRequest" not in \
452-
query:
453-
logger.debug('[identify] get or empty post')
454-
return None
455-
456-
# if logger:
457-
# logger.info("ENVIRON: %s", environ)
458-
# logger.info("self: %s", self.__dict__)
448+
session_info = None
459449

460450
uri = environ.get('REQUEST_URI', construct_url(environ))
451+
query = parse_dict_querystring(environ)
461452

462453
logger.debug('[sp.identify] uri: %s', uri)
463-
464-
query = parse_dict_querystring(environ)
465454
logger.debug('[sp.identify] query: %s', query)
466455

467-
if "SAMLResponse" in query or "SAMLRequest" in query:
456+
is_request = "SAMLRequest" in query
457+
is_response = "SAMLResponse" in query
458+
has_content_length = \
459+
"CONTENT_LENGTH" in environ \
460+
or environ["CONTENT_LENGTH"]
461+
462+
if not has_content_length and not is_request and not is_response:
463+
logger.debug('[identify] get or empty post')
464+
return None
465+
466+
if is_request or is_response:
468467
post = query
469468
binding = BINDING_HTTP_REDIRECT
470469
else:
@@ -482,7 +481,7 @@ def identify(self, environ):
482481
if path in self.logout_endpoints:
483482
logout = True
484483

485-
if logout and "SAMLRequest" in post:
484+
if logout and is_request:
486485
print("logout request received")
487486
if binding == BINDING_HTTP_REDIRECT:
488487
saml_request = post["SAMLRequest"]
@@ -498,10 +497,9 @@ def identify(self, environ):
498497
import traceback
499498

500499
traceback.print_exc()
501-
elif "SAMLResponse" not in post:
500+
elif not is_response:
502501
logger.info("[sp.identify] --- NOT SAMLResponse ---")
503-
# Not for me, put the post back where next in line can
504-
# find it
502+
# Not for me, put the post back where next in line can find it
505503
environ["post.fieldstorage"] = post
506504
# restore wsgi.input incase that is needed
507505
# only of s2repoze.body is present
@@ -511,20 +509,18 @@ def identify(self, environ):
511509
else:
512510
logger.info("[sp.identify] --- SAMLResponse ---")
513511
# check for SAML2 authN response
514-
#if self.debug:
515512
try:
516513
if logout:
517514
response = \
518515
self.saml_client.parse_logout_request_response(
519-
post["SAMLResponse"][0], binding)
516+
post["SAMLResponse"][0], binding)
520517
if response:
521518
action = self.saml_client.handle_logout_response(
522519
response)
523520

524521
if type(action) == dict:
525522
request = self._handle_logout(action)
526523
else:
527-
#logout complete
528524
request = HTTPSeeOther(headers=[
529525
('Location', "/")])
530526
if request:
@@ -555,9 +551,11 @@ def identify(self, environ):
555551

556552
if session_info:
557553
environ["s2repoze.sessioninfo"] = session_info
558-
return self._construct_identity(session_info)
554+
identity_info = self._construct_identity(session_info)
559555
else:
560-
return None
556+
identity_info = None
557+
558+
return identity_info
561559

562560
# IMetadataProvider
563561
def add_metadata(self, environ, identity):

0 commit comments

Comments
 (0)