Skip to content

Commit c3019b9

Browse files
committed
More NameID Format improvements
1 parent 2fd0105 commit c3019b9

File tree

3 files changed

+40
-2
lines changed

3 files changed

+40
-2
lines changed

src/onelogin/saml2/auth.py

Lines changed: 8 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -318,7 +318,7 @@ def login(self, return_to=None, force_authn=False, is_passive=False, set_nameid_
318318
parameters['Signature'] = self.build_request_signature(saml_request, parameters['RelayState'], security['signatureAlgorithm'])
319319
return self.redirect_to(self.get_sso_url(), parameters)
320320

321-
def logout(self, return_to=None, name_id=None, session_index=None, nq=None):
321+
def logout(self, return_to=None, name_id=None, session_index=None, nq=None, name_id_format=None):
322322
"""
323323
Initiates the SLO process.
324324
@@ -334,6 +334,9 @@ def logout(self, return_to=None, name_id=None, session_index=None, nq=None):
334334
:param nq: IDP Name Qualifier
335335
:type: string
336336
337+
:param name_id_format: The NameID Format that will be set in the LogoutRequest.
338+
:type: string
339+
337340
:returns: Redirection url
338341
"""
339342
slo_url = self.get_slo_url()
@@ -345,12 +348,15 @@ def logout(self, return_to=None, name_id=None, session_index=None, nq=None):
345348

346349
if name_id is None and self.__nameid is not None:
347350
name_id = self.__nameid
351+
if name_id_format is None and self.__nameid_format is not None:
352+
name_id_format = self.__nameid_format
348353

349354
logout_request = OneLogin_Saml2_Logout_Request(
350355
self.__settings,
351356
name_id=name_id,
352357
session_index=session_index,
353-
nq=nq
358+
nq=nq,
359+
name_id_format=name_id_format
354360
)
355361
self.__last_request = logout_request.get_xml()
356362
self.__last_request_id = logout_request.id

src/onelogin/saml2/logout_request.py

Lines changed: 17 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -231,6 +231,23 @@ def get_nameid(request, key=None):
231231
name_id = OneLogin_Saml2_Logout_Request.get_nameid_data(request, key)
232232
return name_id['Value']
233233

234+
@staticmethod
235+
def get_nameid_format(request, key=None):
236+
"""
237+
Gets the NameID Format of the Logout Request Message
238+
:param request: Logout Request Message
239+
:type request: string|DOMDocument
240+
:param key: The SP key
241+
:type key: string
242+
:return: Name ID Value
243+
:rtype: string
244+
"""
245+
name_id_format = None
246+
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request, key)
247+
if name_id_data and 'Format' in name_id_data.keys():
248+
name_id_format = name_id_data['Format']
249+
return name_id_format
250+
234251
@staticmethod
235252
def get_issuer(request):
236253
"""

tests/src/OneLogin/saml2_tests/auth_test.py

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -826,14 +826,29 @@ def testLogoutNameID(self):
826826
auth.process_response()
827827

828828
name_id_from_response = auth.get_nameid()
829+
name_id_format_from_response = auth.get_nameid_format()
829830

830831
target_url = auth.logout()
831832
parsed_query = parse_qs(urlparse(target_url)[4])
832833
self.assertIn('SAMLRequest', parsed_query)
833834
logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0])
834835

835836
name_id_from_request = OneLogin_Saml2_Logout_Request.get_nameid(logout_request)
837+
name_id_format_from_request = OneLogin_Saml2_Logout_Request.get_nameid_format(logout_request)
836838
self.assertEqual(name_id_from_response, name_id_from_request)
839+
self.assertEqual(name_id_format_from_response, name_id_format_from_request)
840+
841+
new_name_id = "new_name_id"
842+
new_name_id_format = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
843+
target_url_2 = auth.logout(name_id=new_name_id, name_id_format=new_name_id_format)
844+
parsed_query = parse_qs(urlparse(target_url_2)[4])
845+
self.assertIn('SAMLRequest', parsed_query)
846+
logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(parsed_query['SAMLRequest'][0])
847+
848+
name_id_from_request = OneLogin_Saml2_Logout_Request.get_nameid(logout_request)
849+
name_id_format_from_request = OneLogin_Saml2_Logout_Request.get_nameid_format(logout_request)
850+
self.assertEqual(new_name_id, name_id_from_request)
851+
self.assertEqual(new_name_id_format, name_id_format_from_request)
837852

838853
def testSetStrict(self):
839854
"""

0 commit comments

Comments
 (0)