How to use the onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query function in onelogin
To help you get started, we’ve selected a few onelogin examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
CityOfNewYork / NYCOpenRecords / src / onelogin / saml2 / response.py View on Github 
signed_elements = self.process_signed_elements()
if self.__settings.is_strict():
no_valid_xml_msg = 'Invalid SAML Response. Not match the saml-schema-protocol-2.0.xsd'
res = OneLogin_Saml2_XML.validate_xml(self.document, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
if isinstance(res, str):
raise Exception(no_valid_xml_msg)
# If encrypted, check also the decrypted document
if self.encrypted:
res = OneLogin_Saml2_XML.validate_xml(self.decrypted_document, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
if isinstance(res, str):
raise Exception(no_valid_xml_msg)
security = self.__settings.get_security_data()
current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
# Check if the InResponseTo of the Response matchs the ID of the AuthNRequest (requestId) if provided
in_response_to = self.document.get('InResponseTo', None)
if in_response_to and request_id:
if in_response_to != request_id:
raise Exception('The InResponseTo of the Response: %s, does not match the ID of the AuthNRequest sent by the SP: %s' % (in_response_to, request_id))
if not self.encrypted and security['wantAssertionsEncrypted']:
raise Exception('The assertion of the Response is not encrypted and the SP require it')
if security['wantNameIdEncrypted']:
encrypted_nameid_nodes = self.__query_assertion('/saml:Subject/saml:EncryptedID/xenc:EncryptedData')
if len(encrypted_nameid_nodes) == 0:
raise Exception('The NameID of the Response is not encrypted and the SP require it')
# Checks that there is at least one AttributeStatement if requiredtry:
root = OneLogin_Saml2_XML.to_etree(self.__logout_request)
idp_data = self.__settings.get_idp_data()
idp_entity_id = idp_data['entityId']
get_data = ('get_data' in request_data and request_data['get_data']) or dict()
if self.__settings.is_strict():
res = OneLogin_Saml2_XML.validate_xml(root, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
if isinstance(res, str):
raise Exception('Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd')
security = self.__settings.get_security_data()
current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
# Check NotOnOrAfter
if root.get('NotOnOrAfter', None):
na = OneLogin_Saml2_Utils.parse_SAML_to_time(root.get('NotOnOrAfter'))
if na <= OneLogin_Saml2_Utils.now():
raise Exception('Timing issues (please check your clock settings)')
# Check destination
if root.get('Destination', None):
destination = root.get('Destination')
if destination != '':
if current_url not in destination:
raise Exception(
'The LogoutRequest was received at '
'%(currentURL)s instead of %(destination)s' %
{if name_id is None and self.__nameid is not None:
name_id = self.__nameid
logout_request = OneLogin_Saml2_Logout_Request(
self.__settings,
name_id=name_id,
session_index=session_index,
nq=nq
)
parameters = {'SAMLRequest': logout_request.get_request()}
if return_to is not None:
parameters['RelayState'] = return_to
else:
parameters['RelayState'] = OneLogin_Saml2_Utils.get_self_url_no_query(self.__request_data)
security = self.__settings.get_security_data()
if security.get('logoutRequestSigned', False):
self.add_request_signature(parameters, security['signatureAlgorithm'])
return self.redirect_to(slo_url, parameters):param name_id_value_req: Optional argument. Indicates to the IdP the subject that should be authenticated
:type name_id_value_req: string
:returns: Redirection URL
:rtype: string
"""
authn_request = OneLogin_Saml2_Authn_Request(self.__settings, force_authn, is_passive, set_nameid_policy, name_id_value_req)
self.__last_request = authn_request.get_xml()
self.__last_request_id = authn_request.get_id()
saml_request = authn_request.get_request()
parameters = {'SAMLRequest': saml_request}
if return_to is not None:
parameters['RelayState'] = return_to
else:
parameters['RelayState'] = OneLogin_Saml2_Utils.get_self_url_no_query(self.__request_data)
security = self.__settings.get_security_data()
if security.get('authnRequestsSigned', False):
parameters['SigAlg'] = security['signatureAlgorithm']
parameters['Signature'] = self.build_request_signature(saml_request, parameters['RelayState'], security['signatureAlgorithm'])
return self.redirect_to(self.get_sso_url(), parameters)
get_data = {}
if 'lowercase_urlencoding' in request_data.keys():
lowercase_urlencoding = request_data['lowercase_urlencoding']
if self.__settings.is_strict():
res = OneLogin_Saml2_Utils.validate_xml(dom, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
if not isinstance(res, Document):
raise OneLogin_Saml2_ValidationError(
'Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd',
OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT
)
security = self.__settings.get_security_data()
current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
# Check NotOnOrAfter
if dom.get('NotOnOrAfter', None):
na = OneLogin_Saml2_Utils.parse_SAML_to_time(dom.get('NotOnOrAfter'))
if na <= OneLogin_Saml2_Utils.now():
raise OneLogin_Saml2_ValidationError(
'Could not validate timestamp: expired. Check system clock.',
OneLogin_Saml2_ValidationError.RESPONSE_EXPIRED
)
# Check destination
if dom.get('Destination', None):
destination = dom.get('Destination')
if destination != '':
if current_url not in destination:
raise Exception(self.__settings,
name_id=name_id,
session_index=session_index,
nq=nq,
name_id_format=name_id_format,
spnq=spnq
)
self.__last_request = logout_request.get_xml()
self.__last_request_id = logout_request.id
saml_request = logout_request.get_request()
parameters = {'SAMLRequest': logout_request.get_request()}
if return_to is not None:
parameters['RelayState'] = return_to
else:
parameters['RelayState'] = OneLogin_Saml2_Utils.get_self_url_no_query(self.__request_data)
security = self.__settings.get_security_data()
if security.get('logoutRequestSigned', False):
parameters['SigAlg'] = security['signatureAlgorithm']
parameters['Signature'] = self.build_request_signature(saml_request, parameters['RelayState'], security['signatureAlgorithm'])
return self.redirect_to(slo_url, parameters):param set_nameid_policy: Optional argument. When true the AuthNReuqest will set a nameIdPolicy element.
:type set_nameid_policy: bool
:returns: Redirection url
:rtype: string
"""
authn_request = OneLogin_Saml2_Authn_Request(self.__settings, force_authn, is_passive, set_nameid_policy)
saml_request = authn_request.get_request()
parameters = {'SAMLRequest': saml_request}
if return_to is not None:
parameters['RelayState'] = return_to
else:
parameters['RelayState'] = OneLogin_Saml2_Utils.get_self_url_no_query(self.__request_data)
security = self.__settings.get_security_data()
if security.get('authnRequestsSigned', False):
self.add_request_signature(parameters, security['signatureAlgorithm'])
return self.redirect_to(self.get_sso_url(), parameters)
onelogin
OneLogin API
Unknown
Latest version published 10 months agoPackage Health Score
45 / 100Popular onelogin functions
- onelogin.saml2.auth.OneLogin_Saml2_Auth
- onelogin.saml2.compat.to_bytes
- onelogin.saml2.constants.OneLogin_Saml2_Constants
- onelogin.saml2.constants.OneLogin_Saml2_Constants.RSA_SHA1
- onelogin.saml2.errors.OneLogin_Saml2_Error
- onelogin.saml2.errors.OneLogin_Saml2_ValidationError
- onelogin.saml2.settings.OneLogin_Saml2_Settings
- onelogin.saml2.utils.OneLogin_Saml2_Utils
- onelogin.saml2.utils.OneLogin_Saml2_Utils.b64encode
- onelogin.saml2.utils.OneLogin_Saml2_Utils.decrypt_element
- onelogin.saml2.utils.OneLogin_Saml2_Utils.element_text
- onelogin.saml2.utils.OneLogin_Saml2_Utils.format_cert
- onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url
- onelogin.saml2.utils.OneLogin_Saml2_Utils.get_self_url_no_query
- onelogin.saml2.utils.OneLogin_Saml2_Utils.now
- onelogin.saml2.utils.OneLogin_Saml2_Utils.parse_SAML_to_time
- onelogin.saml2.utils.OneLogin_Saml2_Utils.query
- onelogin.saml2.xml_utils.OneLogin_Saml2_XML
- onelogin.saml2.xml_utils.OneLogin_Saml2_XML.query
- onelogin.saml2.xml_utils.OneLogin_Saml2_XML.to_etree