Skip to content

REBASED Introduce SAML SP-initiated Logout to SATOSA proxy #431 #485

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 57 commits into
base: master
Choose a base branch
from
Open

REBASED Introduce SAML SP-initiated Logout to SATOSA proxy #431 #485

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
57 commits
Select commit Hold shift + click to select a range
28e6faa
feat: register method to single_logout_service endpoints on saml fron…
sebulibah Mar 10, 2022
266f1e7
feat: register logout callback functions
sebulibah Mar 10, 2022
08c5b66
feat: handle logout request on saml frontend
sebulibah Mar 15, 2022
ac60641
feat: create logout request on saml backend
sebulibah Mar 15, 2022
d7837d1
feat: build internal logout request
sebulibah Mar 30, 2022
818bd25
feat: add database for session storage
sebulibah Mar 30, 2022
02d1e41
feat: build saml backend logout request
sebulibah Mar 30, 2022
fbd1eb7
feat: register single_logout_service endpoints on saml backend
sebulibah Mar 31, 2022
e453a3a
feat: bind handle_logout_message to single_logout_service endpoint on…
sebulibah Apr 11, 2022
ff8c4ae
feat: handle logout response at saml backend
sebulibah Jul 19, 2022
0364a21
feat: add logout response handlers in saml frontend
sebulibah Jul 21, 2022
c415ac7
feat: create logout response for sp that initiates logout
sebulibah Aug 3, 2022
3de2f33
feat: create logout requests for sps with participating sessions
sebulibah Aug 12, 2022
2762755
feat: return response object on saml backend after handling logout re…
sebulibah Aug 17, 2022
b0f9085
feat: add postgres and dictionary state storage
sebulibah Feb 15, 2023
87f1027
test: add logout arguments to satosa/frontends/test_saml2 to fix tests
sebulibah Feb 24, 2023
c3daa69
test: add logout arguments to satosa/frontends/test_openid_connect to…
sebulibah Feb 24, 2023
7a82a95
fix: add logout callback function to samlvirtualcofrontend class
sebulibah Feb 24, 2023
b769079
fix: add logout callback function to openid connect frontend module
sebulibah Feb 24, 2023
f92ff92
test: add logout arguments to satosa/backends/test_saml2 to fix tests
sebulibah Feb 24, 2023
9464941
test: add logout arguments to fix backend tests
sebulibah Feb 28, 2023
3f4e879
fix: add logout callback arguments to backends
sebulibah Feb 28, 2023
845f607
fix: add logout argument to ping frontend
sebulibah Feb 28, 2023
a315e76
test: add logout arguments to fix failing test
sebulibah Mar 2, 2023
9abce1f
fix: handle case where entity_id is None in start_logout
sebulibah Mar 14, 2023
8615b53
test: add single_logout_service endpoints to test configuration
sebulibah Apr 4, 2023
1b8dbba
test: add logout callback function arguments to test utils
sebulibah Apr 4, 2023
ccc456f
test: add assertion for single logout endpoints for saml frontend in …
sebulibah Apr 4, 2023
0f4a261
test: add assertion for single logout service endpoints for saml backend
sebulibah Apr 5, 2023
3aec8d2
test: update rontends/test_saml2 with single_logout_service endpoints
sebulibah Apr 6, 2023
ab04ab9
refactor: improve error handling for logout request construction on …
sebulibah Apr 6, 2023
37c52cb
feat: improve logout response handling
sebulibah Apr 25, 2023
137b908
feat: delete session before proceeding to the saml backend to handle …
sebulibah Apr 25, 2023
502dd57
fix(store): remove invalid parameter in delete_session method
sebulibah Jul 5, 2023
cc5ea6c
refactor(frontends/saml2): check for sp sessions in the store
sebulibah Jul 11, 2023
e371f85
refactor(frontends/saml2): check for extensions in the logoutrequest
sebulibah Jul 11, 2023
b3a41f2
feat(saml_util): add content-type for soap binding responses
sebulibah Jul 13, 2023
d972b13
fix(frontends/saml2): handle key error on receiving SAMLResponse
sebulibah Aug 18, 2023
ad77c2c
feat(frontends/saml2): sign outbound logout requests
sebulibah Aug 18, 2023
9598eb3
feat: prevent redundant logout for deleted sessions
sebulibah Sep 14, 2023
9fb695d
fix: handle empty authn_response to prevent IndexError
sebulibah Sep 14, 2023
e58e0ef
feat: add function to send requests from satosa
sebulibah Sep 15, 2023
814c47d
fix: make_saml_response to handle multiple binding types
sebulibah Sep 18, 2023
49680cd
feat: make logout_callback optional for fontends and backends
sebulibah Oct 6, 2023
fdf251b
fix: remove logout_callback function from backend constructors
sebulibah Oct 6, 2023
fdeb50a
fix: remove logout_callback function from frontend constructors
sebulibah Oct 6, 2023
c958e1b
test: remove unused parameter from backend test fixtures
sebulibah Oct 6, 2023
9d734bd
fix: remove logout parameter from facebook backend
sebulibah Oct 10, 2023
014e878
test: make logout_callback_func optional for saml2 frontend
sebulibah Oct 16, 2023
af6bc4a
fix: move logout callback to the end in saml backend module
sebulibah Oct 16, 2023
b165c55
fix: move logout callback to the end in saml frontend module class co…
sebulibah Oct 16, 2023
e3dcd83
fix: make logout callback argument optional
sebulibah Oct 16, 2023
29d5545
feat: introduce proxy config parameter to enable slo and load databas…
sebulibah Oct 16, 2023
ca070ab
fix: correct typo when deleting context
sebulibah Oct 18, 2023
b9c9dd8
feat: make logout request signing configurable for saml frontend and …
sebulibah Oct 27, 2023
1c5fd72
fix: handle errors from SPs that don't support SLO during frontend pr…
sebulibah Oct 27, 2023
7fd6379
test: remove logout callback from SAMLVirtualCoFrontend
sebulibah Nov 28, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
20 changes: 19 additions & 1 deletion src/satosa/backends/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,13 +10,14 @@ class BackendModule(object):
Base class for a backend module.
"""

def __init__(self, auth_callback_func, internal_attributes, base_url, name):
def __init__(self, auth_callback_func, internal_attributes, base_url, name, logout_callback_func=None):
"""
:type auth_callback_func:
(satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response
:type internal_attributes: dict[string, dict[str, str | list[str]]]
:type base_url: str
:type name: str
:type logout_callback_func:

:param auth_callback_func: Callback should be called by the module after
the authorization in the backend is done.
Expand All @@ -25,8 +26,11 @@ def __init__(self, auth_callback_func, internal_attributes, base_url, name):
RP's expects namevice.
:param base_url: base url of the service
:param name: name of the plugin
:param logout_callback_func: Callback should be called by the module after
the logout in the backend is complete
"""
self.auth_callback_func = auth_callback_func
self.logout_callback_func = logout_callback_func
self.internal_attributes = internal_attributes
self.converter = AttributeMapper(internal_attributes)
self.base_url = base_url
Expand All @@ -46,6 +50,20 @@ def start_auth(self, context, internal_request):
"""
raise NotImplementedError()

def start_logout(self, context, internal_request):
"""
This is the start up function of the backend logout.

:type context: satosa.context.Context
:type internal_request: satosa.internal.InternalData
:rtype

:param context: the request context
:param internal_request: Information about the logout request
:return:
"""
raise NotImplementedError()

def register_endpoints(self):
"""
Register backend functions to endpoint urls.
Expand Down
1 change: 1 addition & 0 deletions src/satosa/backends/reflector.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@ def __init__(self, outgoing, internal_attributes, config, base_url, name):
"""
:type outgoing:
(satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response

:type internal_attributes: dict[str, dict[str, list[str] | str]]
:type config: dict[str, Any]
:type base_url: str
Expand Down
Loading