Should generate 'true'/'false' in xml not 'True'/'False'.

Roland Hedberg · Roland Hedberg · commit 94a4f0f17150 · 2014-04-15T21:06:49.000+02:00
diff --git a/src/saml2/md.py b/src/saml2/md.py
@@ -1039,10 +1039,8 @@ class IDPSSODescriptorType_(SSODescriptorType_):
     c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Attribute'] = (
         'attribute', [saml.Attribute])
     c_cardinality['attribute'] = {"min": 0}
-    c_attributes['WantAuthnRequestsSigned'] = ('want_authn_requests_signed',
-                                               'boolean', False)
-    c_attributes['WantAuthnRequestsOnlyWithValidCert'] = ('want_authn_requests_only_with_valid_cert',
-                                               'boolean', False)
+    c_attributes['WantAuthnRequestsSigned'] = (
+        'want_authn_requests_signed', 'boolean', False)
     c_child_order.extend(['single_sign_on_service', 'name_id_mapping_service',
                           'assertion_id_request_service', 'attribute_profile',
                           'attribute'])
diff --git a/src/saml2/metadata.py b/src/saml2/metadata.py
@@ -431,7 +431,7 @@ def do_endpoints(conf, endpoints):
     "want_assertions_signed": "true",
     "authn_requests_signed": "false",
     "want_authn_requests_signed": "false",
-    "want_authn_requests_only_with_valid_cert": "false",
+    #"want_authn_requests_only_with_valid_cert": "false",
 }
 
 
@@ -554,22 +554,13 @@ def do_idpsso_descriptor(conf, cert=None):
         idpsso.key_descriptor = do_key_descriptor(cert)
 
     for key in ["want_authn_requests_signed"]:
+                #"want_authn_requests_only_with_valid_cert"]:
         try:
             val = conf.getattr(key, "idp")
             if val is None:
-                setattr(idpsso, key, DEFAULT["want_authn_requests_signed"])
-            else:
-                setattr(idpsso, key, "%s" % val)
-        except KeyError:
-            setattr(idpsso, key, DEFAULTS[key])
-
-    for key in ["want_authn_requests_only_with_valid_cert"]:
-        try:
-            val = conf.getattr(key, "idp")
-            if val is None:
-                setattr(idpsso, key, DEFAULT["want_authn_requests_only_with_valid_cert"])
+                setattr(idpsso, key, DEFAULT[key])
             else:
-                setattr(idpsso, key, "%s" % val)
+                setattr(idpsso, key, ("%s" % val).lower())
         except KeyError:
             setattr(idpsso, key, DEFAULTS[key])
 
diff --git a/tests/test_20_assertion.py b/tests/test_20_assertion.py
@@ -190,6 +190,7 @@ def test_ava_filter_dont_fail():
         "default": {
             "lifetime": {"minutes": 15},
             "attribute_restrictions": None,  # means all I have
+            "fail_on_missing_requested": False
         },
         "urn:mace:umu.se:saml:roland:sp": {
             "lifetime": {"minutes": 5},
