Merge pull request #112 from richtera/master

Roland Hedberg · Roland Hedberg · commit f3a65b162fcf · 2014-04-22T09:38:21.000+02:00
In order to get SAML working I had to modify the sp plugin
diff --git a/src/s2repoze/plugins/sp.py b/src/s2repoze/plugins/sp.py
@@ -490,7 +490,7 @@ def identify(self, environ):
         if ("CONTENT_LENGTH" not in environ or not environ["CONTENT_LENGTH"]) and \
                         "SAMLResponse" not in query and "SAMLRequest" not in query:
             logger.debug('[identify] get or empty post')
-            return {}
+            return None
         
         # if logger:
         #     logger.info("ENVIRON: %s" % environ)
@@ -597,7 +597,11 @@ def add_metadata(self, environ, identity):
         """ Add information to the knowledge I have about the user """
         name_id = identity['repoze.who.userid']
         if isinstance(name_id, basestring):
-            name_id = decode(name_id)
+            try:
+                # Make sure that userids authenticated by another plugin don't cause problems here.
+                name_id = decode(name_id)
+            except:
+                pass
 
         _cli = self.saml_client
         logger.debug("[add_metadata] for %s" % name_id)
@@ -648,10 +652,12 @@ def _service_url(environ, qstr=None):
     #noinspection PyUnusedLocal
     def authenticate(self, environ, identity=None):
         if identity:
+            if identity.get('user') and environ.get('s2repoze.sessioninfo') and identity.get('user') == environ.get('s2repoze.sessioninfo').get('ava'):
+                return identity.get('login')
             tktuser = identity.get('repoze.who.plugins.auth_tkt.userid', None)
             if tktuser and self.saml_client.is_logged_in(decode(tktuser)):
                 return tktuser
-            return identity.get('login', None)
+            return None
         else:
             return None
 
diff --git a/src/saml2/ident.py b/src/saml2/ident.py
@@ -39,8 +39,12 @@ def code(item):
 def decode(txt):
     _nid = NameID()
     for part in txt.split(","):
-        i, val = part.split("=")
-        setattr(_nid, ATTR[int(i)], unquote(val))
+        if part.find("=") != -1:
+            i, val = part.split("=")
+            try:
+                setattr(_nid, ATTR[int(i)], unquote(val))
+            except:
+                pass
     return _nid
 
 
