added support for md5 as digest algorithm (used to test that this is rejected);

rhoerbe · rhoerbe · commit 3c3f1c1a8526 · 2014-07-18T08:59:07.000+02:00
added support for redirect signature algorithm check
diff --git a/src/saml2/samlp.py b/src/saml2/samlp.py
@@ -1317,6 +1317,18 @@ def authn_request_from_string(xml_string):
     return saml2.create_class_from_xml_string(AuthnRequest, xml_string)
 
 
+class HttpParameters():
+    """GET or POST parameters for Redirecto or POST-SimpleSign bindings"""
+    signature = None
+    sigalg = None
+    # Relaystate and SAML message are stored elsewhere
+    def __init__(self, dict):
+        try:
+            self.signature = dict["Signature"][0]
+            self.sigalg = dict["SigAlg"][0]
+        except KeyError:
+            pass
+
 class StatusType_(SamlBase):
     """The urn:oasis:names:tc:SAML:2.0:protocol:StatusType element """
 
diff --git a/src/xmldsig/__init__.py b/src/xmldsig/__init__.py
@@ -12,6 +12,7 @@
 ENCODING_BASE64 = 'http://www.w3.org/2000/09/xmldsig#base64'
 
 # digest and signature algorithms (not implemented = commented out)
+DIGEST_MD5 = 'http://www.w3.org/2001/04/xmldsig-more#md5' # test framework only!
 DIGEST_SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'
 DIGEST_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#sha224'
 DIGEST_SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256'
