Make the AuthnContextClassRefs available through the context

Signed-off-by: Ivan Kanakarakis <[email protected]>

Author: c00kiemon5ter

src/satosa/context.py

@@ -18,6 +18,7 @@ class Context(object):
     KEY_TARGET_ENTITYID = 'target_entity_id'
     KEY_FORCE_AUTHN = 'force_authn'
     KEY_MEMORIZED_IDP = 'memorized_idp'
+    KEY_AUTHN_CONTEXT_CLASS_REF = 'authn_context_class_ref'
 
     def __init__(self):
         self._path = None

src/satosa/frontends/saml2.py

@@ -247,6 +247,11 @@ def _handle_authn_request(self, context, binding_in, idp):
                 idp, idp_policy, requester, context.state
             )
 
+        authn_context_class_ref_nodes = getattr(
+            authn_req.requested_authn_context, 'authn_context_class_ref', []
+        )
+        authn_context = [ref.text for ref in authn_context_class_ref_nodes]
+        context.decorate(Context.KEY_AUTHN_CONTEXT_CLASS_REF, authn_context)
         context.decorate(Context.KEY_METADATA_STORE, self.idp.metadata)
         return self.auth_req_callback_func(context, internal_req)