saml_idp(minor): rewrite to use defusedxml instead of bs4
This commit is contained in:
parent
c7322a32a0
commit
2b8fed8f4e
|
@ -1,15 +1,15 @@
|
|||
"""passbook policy engine"""
|
||||
from multiprocessing import Pipe
|
||||
from multiprocessing.connection import Connection
|
||||
from typing import List, Tuple, Tuple
|
||||
from typing import List, Tuple
|
||||
|
||||
from django.core.cache import cache
|
||||
from django.http import HttpRequest
|
||||
from structlog import get_logger
|
||||
|
||||
from passbook.core.models import Policy, User
|
||||
from passbook.policy.struct import PolicyRequest, PolicyResult
|
||||
from passbook.policy.task import PolicyTask
|
||||
from passbook.policy.struct import PolicyResult, PolicyRequest
|
||||
|
||||
LOGGER = get_logger()
|
||||
|
||||
|
|
|
@ -1,16 +1,18 @@
|
|||
"""policy structs"""
|
||||
from typing import List
|
||||
from typing import TYPE_CHECKING, List
|
||||
|
||||
from django.http import HttpRequest
|
||||
|
||||
if TYPE_CHECKING:
|
||||
from passbook.core.models import User
|
||||
|
||||
class PolicyRequest:
|
||||
"""Data-class to hold policy request data"""
|
||||
|
||||
user: 'passbook.core.models.User'
|
||||
user: 'User'
|
||||
http_request: HttpRequest
|
||||
|
||||
def __init__(self, user: 'passbook.core.models.User'):
|
||||
def __init__(self, user: 'User'):
|
||||
self.user = user
|
||||
|
||||
def __str__(self):
|
||||
|
|
|
@ -3,7 +3,7 @@
|
|||
import time
|
||||
import uuid
|
||||
|
||||
from bs4 import BeautifulSoup
|
||||
from defusedxml import ElementTree
|
||||
from structlog import get_logger
|
||||
|
||||
from passbook.saml_idp import exceptions, utils, xml_render
|
||||
|
@ -204,13 +204,13 @@ class Processor:
|
|||
if not str(self._request_xml.strip()).startswith('<'):
|
||||
raise Exception('RequestXML is not valid XML; '
|
||||
'it may need to be decoded or decompressed.')
|
||||
soup = BeautifulSoup(self._request_xml, features="xml")
|
||||
request = soup.findAll()[0]
|
||||
|
||||
root = ElementTree.fromstring(self._request_xml)
|
||||
params = {}
|
||||
params['ACS_URL'] = request['AssertionConsumerServiceURL']
|
||||
params['REQUEST_ID'] = request['ID']
|
||||
params['DESTINATION'] = request.get('Destination', '')
|
||||
params['PROVIDER_NAME'] = request.get('ProviderName', '')
|
||||
params['ACS_URL'] = root.attrib['AssertionConsumerServiceURL']
|
||||
params['REQUEST_ID'] = root.attrib['ID']
|
||||
params['DESTINATION'] = root.attrib.get('Destination', '')
|
||||
params['PROVIDER_NAME'] = root.attrib.get('ProviderName', '')
|
||||
self._request_params = params
|
||||
|
||||
def _reset(self, django_request, sp_config=None):
|
||||
|
|
Reference in a new issue