|
Lines 1240-1246
class SAML(Ressource):
Link Here
|
| 1240 |
def attribute_consuming_service(self, binding, message, relay_state): |
1240 |
def attribute_consuming_service(self, binding, message, relay_state): |
| 1241 |
response = self.acs(message, binding) |
1241 |
response = self.acs(message, binding) |
| 1242 |
saml = SAMLUser(response, message) |
1242 |
saml = SAMLUser(response, message) |
| 1243 |
self.set_session(self.create_sessionid(), saml.username, saml=saml) |
1243 |
sessionid = self.create_sessionid() |
|
|
1244 |
self.set_session(sessionid, saml.username, saml=saml) |
| 1245 |
client = UMCP_Dispatcher.sessions.get(sessionid) |
| 1246 |
if client: |
| 1247 |
client.authenticated = False |
| 1244 |
|
1248 |
|
| 1245 |
# protect against javascript:alert('XSS'), mailto:foo and other non relative links! |
1249 |
# protect against javascript:alert('XSS'), mailto:foo and other non relative links! |
| 1246 |
location = urlparse(relay_state) |
1250 |
location = urlparse(relay_state) |
|
Lines 1256-1261
class SAML(Ressource):
Link Here
|
| 1256 |
saml = SAMLUser(response, message) |
1260 |
saml = SAMLUser(response, message) |
| 1257 |
sessionid = self.create_sessionid() |
1261 |
sessionid = self.create_sessionid() |
| 1258 |
self.set_session(sessionid, saml.username, saml=saml) |
1262 |
self.set_session(sessionid, saml.username, saml=saml) |
|
|
1263 |
client = UMCP_Dispatcher.sessions.get(sessionid) |
| 1264 |
if client: |
| 1265 |
client.authenticated = False |
| 1259 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
1266 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
| 1260 |
data = {"status": 200, "result": {"username": saml.username}} |
1267 |
data = {"status": 200, "result": {"username": saml.username}} |
| 1261 |
return b'<html><body><textarea>%s</textarea></body></html>' % (json.dumps(data).encode('ASCII'),) |
1268 |
return b'<html><body><textarea>%s</textarea></body></html>' % (json.dumps(data).encode('ASCII'),) |
| 1262 |
- |
|
|