SessionControllerの書き換え

[boke0]

login処理の中で、configにsamlを使う指示があった場合にSAMLでのログインを試みるようにしてください。

PySAML2内のサンプルでの該当コードは以下です。

class SSO(object):
    def __init__(
        self,
        sp,
        environ,
        start_response,
        cache=None,
        wayf=None,
        discosrv=None,
        bindings=None,
    ):
        self.sp = sp
        self.environ = environ
        self.start_response = start_response
        self.cache = cache
        self.idp_query_param = "IdpQuery"
        self.wayf = wayf
        self.discosrv = discosrv
        if bindings:
            self.bindings = bindings
        else:
            self.bindings = [
                BINDING_HTTP_REDIRECT,
                BINDING_HTTP_POST,
                BINDING_HTTP_ARTIFACT,
            ]
        logger.debug("--- SSO ---")
...
    def do(self):
        _cli = self.sp

        # Which page was accessed to get here
        came_from = geturl(self.environ)
        logger.debug("[sp.challenge] RelayState >> '%s'", came_from)

        # If more than one idp and if none is selected, I have to do wayf
        (done, response) = self._pick_idp(came_from)
        # Three cases: -1 something went wrong or Discovery service used
        #               0 I've got an IdP to send a request to
        #               >0 ECP in progress
        logger.debug("_idp_pick returned: %s", done)
        if done == -1:
            return response(self.environ, self.start_response)
        elif done > 0:
            self.cache.outstanding_queries[done] = came_from
            return ECPResponse(response)
        else:
            entity_id = response
            # Do the AuthnRequest
            resp = self.redirect_to_auth(_cli, entity_id, came_from)
            return resp(self.environ, self.start_response)