e36d7928e4
add New fields for - assertion_valid_not_before - assertion_valid_not_on_or_after - session_valid_not_on_or_after allow flexible time durations for these fields fall back to Provider's ACS if none is specified in AuthNRequest
29 lines
844 B
Python
29 lines
844 B
Python
"""Functions for creating XML output."""
|
|
from structlog import get_logger
|
|
|
|
from passbook.lib.utils.template import render_to_string
|
|
from passbook.providers.saml.utils.xml_signing import get_signature_xml
|
|
|
|
LOGGER = get_logger()
|
|
|
|
|
|
def get_authnrequest_xml(parameters, signed=False):
|
|
"""Get AuthN Request XML"""
|
|
# Reset signature.
|
|
params = {}
|
|
params.update(parameters)
|
|
params["AUTHN_REQUEST_SIGNATURE"] = ""
|
|
|
|
unsigned = render_to_string("saml/sp/xml/authn_request.xml", params)
|
|
LOGGER.debug("AuthN Request", unsigned=unsigned)
|
|
if not signed:
|
|
return unsigned
|
|
|
|
# Sign it.
|
|
signature_xml = get_signature_xml()
|
|
params["AUTHN_REQUEST_SIGNATURE"] = signature_xml
|
|
signed = render_to_string("saml/sp/xml/authn_request.xml", params)
|
|
|
|
LOGGER.debug("AuthN Request", signed=signed)
|
|
return signed
|