Lines 1240-1246
class SAML(Ressource):
|
Link Here
|
---|
|
1240 |
def attribute_consuming_service(self, binding, message, relay_state): |
1240 |
def attribute_consuming_service(self, binding, message, relay_state): |
1241 |
response = self.acs(message, binding) |
1241 |
response = self.acs(message, binding) |
1242 |
saml = SAMLUser(response, message) |
1242 |
saml = SAMLUser(response, message) |
1243 |
self.set_session(self.create_sessionid(), saml.username, saml=saml) |
1243 |
sessionid = self.create_sessionid() |
|
|
1244 |
self.set_session(sessionid, saml.username, saml=saml) |
1245 |
client = UMCP_Dispatcher.sessions.get(sessionid) |
1246 |
if client: |
1247 |
client.authenticated = False |
1244 |
|
1248 |
|
1245 |
# protect against javascript:alert('XSS'), mailto:foo and other non relative links! |
1249 |
# protect against javascript:alert('XSS'), mailto:foo and other non relative links! |
1246 |
location = urlparse(relay_state) |
1250 |
location = urlparse(relay_state) |
Lines 1256-1261
class SAML(Ressource):
|
Link Here
|
---|
|
1256 |
saml = SAMLUser(response, message) |
1260 |
saml = SAMLUser(response, message) |
1257 |
sessionid = self.create_sessionid() |
1261 |
sessionid = self.create_sessionid() |
1258 |
self.set_session(sessionid, saml.username, saml=saml) |
1262 |
self.set_session(sessionid, saml.username, saml=saml) |
|
|
1263 |
client = UMCP_Dispatcher.sessions.get(sessionid) |
1264 |
if client: |
1265 |
client.authenticated = False |
1259 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
1266 |
cherrypy.response.headers['Content-Type'] = 'text/html' |
1260 |
data = {"status": 200, "result": {"username": saml.username}} |
1267 |
data = {"status": 200, "result": {"username": saml.username}} |
1261 |
return b'<html><body><textarea>%s</textarea></body></html>' % (json.dumps(data).encode('ASCII'),) |
1268 |
return b'<html><body><textarea>%s</textarea></body></html>' % (json.dumps(data).encode('ASCII'),) |
1262 |
- |
|
|