IdentityPython
diff --git a/‎src/saml2/client.py
Lines changed: 8 additions & 9 deletions b/‎src/saml2/client.py
Lines changed: 8 additions & 9 deletions
diff --git a/‎src/saml2/client_base.py
Lines changed: 9 additions & 7 deletions b/‎src/saml2/client_base.py
Lines changed: 9 additions & 7 deletions
diff --git a/‎src/saml2/ecp.py
Lines changed: 3 additions & 4 deletions b/‎src/saml2/ecp.py
Lines changed: 3 additions & 4 deletions
diff --git a/‎src/saml2/entity.py
Lines changed: 19 additions & 11 deletions b/‎src/saml2/entity.py
Lines changed: 19 additions & 11 deletions
diff --git a/‎tests/test_50_server.py
Lines changed: 6 additions & 6 deletions b/‎tests/test_50_server.py
Lines changed: 6 additions & 6 deletions
@@ -79,7 +79,7 @@ def prepare_for_authenticate(self, entityid=None, relay_state="",
 
         destination = self._sso_location(entityid, binding)
 
-        req = self.create_authn_request(destination, vorg, scoping,
+        reqid, req = self.create_authn_request(destination, vorg, scoping,
                                         response_binding, nameid_format,
                                         consent=consent, extensions=extensions,
                                         sign=sign, **kwargs)
@@ -89,7 +89,7 @@ def prepare_for_authenticate(self, entityid=None, relay_state="",
 
         info = self.apply_binding(binding, _req_str, destination, relay_state)
 
-        return req.id, info
+        return reqid, info
 
     def global_logout(self, name_id, reason="", expire=None, sign=None):
         """ More or less a layer of indirection :-/
@@ -161,10 +161,9 @@ def do_logout(self, name_id, entity_ids, reason, expire, sign=None,
 
                 destination = destinations(srvs)[0]
                 logger.info("destination to provider: %s" % destination)
-                request = self.create_logout_request(destination, entity_id,
-                                                     name_id=name_id,
-                                                     reason=reason,
-                                                     expire=expire)
+                req_id, request = self.create_logout_request(
+                    destination, entity_id, name_id=name_id, reason=reason,
+                    expire=expire)
 
                 #to_sign = []
                 if binding.startswith("http://"):
@@ -178,7 +177,7 @@ def do_logout(self, name_id, entity_ids, reason, expire, sign=None,
                 else:
                     srequest = "%s" % request
 
-                relay_state = self._relay_state(request.id)
+                relay_state = self._relay_state(req_id)
 
                 http_info = self.apply_binding(binding, srequest, destination,
                                                relay_state)
@@ -196,7 +195,7 @@ def do_logout(self, name_id, entity_ids, reason, expire, sign=None,
                         logger.info("NOT OK response from %s" % destination)
 
                 else:
-                    self.state[request.id] = {"entity_id": entity_id,
+                    self.state[req_id] = {"entity_id": entity_id,
                                               "operation": "SLO",
                                               "entity_ids": entity_ids,
                                               "name_id": name_id,
@@ -264,7 +263,7 @@ def _use_soap(self, destination, query_type, **kwargs):
         except KeyError:
             response_args = None
 
-        query = _create_func(destination, **kwargs)
+        qid, query = _create_func(destination, **kwargs)
 
         response = self.send_using_soap(query, destination)
 
 
@@ -230,7 +230,7 @@ def create_authn_request(self, destination, vorg="", scoping=None,
             of fulfilling the request, to create a new identifier to represent
             the principal.
         :param kwargs: Extra key word arguments
-        :return: <samlp:AuthnRequest> instance
+        :return: tuple of request ID and <samlp:AuthnRequest> instance
         """
         client_crt = None
         if "client_crt" in kwargs:
@@ -304,13 +304,14 @@ def create_authn_request(self, destination, vorg="", scoping=None,
         except KeyError:
             pass
 
+        rid = ""
         if (sign and self.sec.cert_handler.generate_cert()) or client_crt is not None:
             with self.lock:
                 self.sec.cert_handler.update_cert(True, client_crt)
                 if client_crt is not None:
                     sign_prepare = True
-                return self._message(AuthnRequest, destination, message_id, consent,
-                                     extensions, sign, sign_prepare,
+                return self._message(AuthnRequest, destination, message_id,
+                                     consent, extensions, sign, sign_prepare,
                                      protocol_binding=binding,
                                      scoping=scoping, **args)
         return self._message(AuthnRequest, destination, message_id, consent,
@@ -343,7 +344,7 @@ def create_attribute_query(self, destination, name_id=None,
         :param extensions: Possible extensions
         :param sign: Whether the query should be signed or not.
         :param sign_prepare: Whether the Signature element should be added.
-        :return: An AttributeQuery instance
+        :return: Tuple of request ID and an AttributeQuery instance
         """
 
         if name_id is None:
@@ -666,7 +667,7 @@ def create_ecp_authn_request(self, entityid=None, relay_state="",
             # SingleSignOnService
             _, location = self.pick_binding("single_sign_on_service",
                                             [_binding], entity_id=entityid)
-            authn_req = self.create_authn_request(
+            req_id, authn_req = self.create_authn_request(
                 location, service_url_binding=BINDING_PAOS, **kwargs)
 
         # ----------------------------------------
@@ -677,7 +678,7 @@ def create_ecp_authn_request(self, entityid=None, relay_state="",
                                                         [paos_request,
                                                          relay_state])
 
-        return authn_req.id, "%s" % soap_envelope
+        return req_id, "%s" % soap_envelope
 
     def parse_ecp_authn_response(self, txt, outstanding=None):
         rdict = soap.class_instances_from_soap_enveloped_saml_thingies(txt,
@@ -757,7 +758,8 @@ def create_discovery_service_request(self, url, entity_id, **kwargs):
         params = urlencode(args)
         return "%s?%s" % (url, params)
 
-    def parse_discovery_service_response(self, url="", query="",
+    @staticmethod
+    def parse_discovery_service_response(url="", query="",
                                          returnIDParam="entityID"):
         """
         Deal with the response url from a Discovery Service
 
@@ -115,9 +115,8 @@ def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
     logger.info("entityid: %s, binding: %s" % (entityid, BINDING_SOAP))
 
     location = cls._sso_location(entityid, binding=BINDING_SOAP)
-    authn_req = cls.create_authn_request(location,
-                                         binding=BINDING_PAOS,
-                                         service_url_binding=BINDING_PAOS)
+    req_id, authn_req = cls.create_authn_request(
+        location, binding=BINDING_PAOS, service_url_binding=BINDING_PAOS)
 
     body = soapenv.Body()
     body.extension_elements = [element_to_extension_element(authn_req)]
@@ -128,7 +127,7 @@ def ecp_auth_request(cls, entityid=None, relay_state="", sign=False):
 
     soap_envelope = soapenv.Envelope(header=header, body=body)
 
-    return authn_req.id, "%s" % soap_envelope
+    return req_id, "%s" % soap_envelope
 
 
 def handle_ecp_authn_response(cls, soap_message, outstanding=None):
 
@@ -1,6 +1,5 @@
 import base64
 from binascii import hexlify
-import copy
 import logging
 from hashlib import sha1
 from saml2.metadata import ENDPOINTS
@@ -20,10 +19,10 @@
 from saml2 import element_to_extension_element
 from saml2 import extension_elements_to_elements
 
-from saml2.saml import NameID, EncryptedAssertion
+from saml2.saml import NameID
 from saml2.saml import Issuer
 from saml2.saml import NAMEID_FORMAT_ENTITY
-from saml2.response import LogoutResponse, AuthnResponse
+from saml2.response import LogoutResponse
 from saml2.time_util import instant
 from saml2.s_utils import sid
 from saml2.s_utils import UnravelError
@@ -32,7 +31,9 @@
 from saml2.s_utils import success_status_factory
 from saml2.s_utils import decode_base64_and_inflate
 from saml2.s_utils import UnsupportedBinding
-from saml2.samlp import AuthnRequest, AuthzDecisionQuery, AuthnQuery, response_from_string
+from saml2.samlp import AuthnRequest
+from saml2.samlp import AuthzDecisionQuery
+from saml2.samlp import AuthnQuery
 from saml2.samlp import AssertionIDRequest
 from saml2.samlp import ManageNameIDRequest
 from saml2.samlp import NameIDMappingRequest
@@ -50,8 +51,12 @@
 from saml2 import class_name
 from saml2.config import config_factory
 from saml2.httpbase import HTTPBase
-from saml2.sigver import security_context, response_factory, SigverError, CryptoBackendXmlSec1, make_temp, \
-    pre_encryption_part
+from saml2.sigver import security_context
+from saml2.sigver import response_factory
+from saml2.sigver import SigverError
+from saml2.sigver import CryptoBackendXmlSec1
+from saml2.sigver import make_temp
+from saml2.sigver import pre_encryption_part
 from saml2.sigver import pre_signature_part
 from saml2.sigver import signed_instance_factory
 from saml2.virtual_org import VirtualOrg
@@ -367,7 +372,8 @@ def _message(self, request_cls, destination=None, message_id=0,
         :param sign: Whether the request should be signed or not.
         :param sign_prepare: Whether the signature should be prepared or not.
         :param kwargs: Key word arguments specific to one request type
-        :return: An instance of the request_cls
+        :return: A tuple containing the request ID and an instance of the
+            request_cls
         """
         if not message_id:
             message_id = sid(self.seed)
@@ -377,6 +383,7 @@ def _message(self, request_cls, destination=None, message_id=0,
                 kwargs[key] = val
 
         req = request_cls(**kwargs)
+        reqid = req.id
 
         if destination:
             req.destination = destination
@@ -388,12 +395,13 @@ def _message(self, request_cls, destination=None, message_id=0,
             req.extensions = extensions
 
         if sign:
-            return self.sign(req, sign_prepare=sign_prepare)
+            return reqid, self.sign(req, sign_prepare=sign_prepare)
         else:
             logger.info("REQUEST: %s" % req)
-            return req
+            return reqid, req
 
-    def _filter_args(self, instance, extensions=None, **kwargs):
+    @staticmethod
+    def _filter_args(instance, extensions=None, **kwargs):
         args = {}
         if extensions is None:
             extensions = []
@@ -933,7 +941,7 @@ def artifact2message(self, artifact, descriptor):
             raise SAMLError("Missing endpoint location")
 
         _sid = sid()
-        msg = self.create_artifact_resolve(artifact, destination, _sid)
+        mid, msg = self.create_artifact_resolve(artifact, destination, _sid)
         return self.send_using_soap(msg, destination)
 
     def parse_artifact_resolve(self, txt, **kwargs):
 
@@ -124,7 +124,7 @@ def test_response(self):
         assert status.status_code.value == samlp.STATUS_SUCCESS
 
     def test_parse_faulty_request(self):
-        authn_request = self.client.create_authn_request(
+        req_id, authn_request = self.client.create_authn_request(
             destination="http://www.example.com", id="id1")
 
         # should raise an error because faulty spentityid
@@ -137,7 +137,7 @@ def test_parse_faulty_request(self):
                _dict["SAMLRequest"][0], binding)
 
     def test_parse_faulty_request_to_err_status(self):
-        authn_request = self.client.create_authn_request(
+        req_id, authn_request = self.client.create_authn_request(
             destination="http://www.example.com")
 
         binding = BINDING_HTTP_REDIRECT
@@ -163,7 +163,7 @@ def test_parse_faulty_request_to_err_status(self):
         assert status_code.status_code.value == samlp.STATUS_UNKNOWN_PRINCIPAL
 
     def test_parse_ok_request(self):
-        authn_request = self.client.create_authn_request(
+        req_id, authn_request = self.client.create_authn_request(
             message_id="id1", destination="http://localhost:8088/sso")
 
         print authn_request
@@ -378,7 +378,7 @@ def test_slo_http_post(self):
         }
         self.client.users.add_information_about_person(sinfo)
 
-        logout_request = self.client.create_logout_request(
+        req_id, logout_request = self.client.create_logout_request(
             destination="http://localhost:8088/slop", name_id=nid,
             issuer_entity_id="urn:mace:example.com:saml:roland:idp",
             reason="I'm tired of this")
@@ -404,7 +404,7 @@ def test_slo_soap(self):
         sp = client.Saml2Client(config_file="server_conf")
         sp.users.add_information_about_person(sinfo)
 
-        logout_request = sp.create_logout_request(
+        req_id, logout_request = sp.create_logout_request(
             name_id=nid, destination="http://localhost:8088/slo",
             issuer_entity_id="urn:mace:example.com:saml:roland:idp",
             reason="I'm tired of this")
@@ -483,7 +483,7 @@ class TestServerLogout():
 
     def test_1(self):
         server = Server("idp_slo_redirect_conf")
-        request = _logout_request("sp_slo_redirect_conf")
+        req_id, request = _logout_request("sp_slo_redirect_conf")
         print request
         bindings = [BINDING_HTTP_REDIRECT]
         response = server.create_logout_response(request, bindings)