Fix the saml sso after the change to uuid

trurt/sso/forms.py

@@ -5,5 +5,4 @@ import flask_wtf
 
 
 class SSOValidateForm(flask_wtf.FlaskForm):
-    service_id = fields.IntegerField('service', [])
-    profile_id = fields.IntegerField('profile', [])
+    profile_uuid = fields.TextField('profile', [])

trurt/sso/saml.py

@@ -96,18 +96,18 @@ class SecurityContext(sigver.SecurityContext):
 def redirect(service_uuid):
     service = models.Service.query.get(service_uuid) or flask.abort(404)
     return flask.redirect(utils.url_for(
-        "account.pick", intent="sso.reply", service_spn=service_spn,
+        "account.pick", intent="sso.reply", service_uuid=service_uuid,
     ))
 
 
-@blueprint.route('/saml/reply', methods=["POST"])
-def reply():
+@blueprint.route('/saml/<service_uuid>/reply', methods=["POST"])
+def reply(service_uuid):
     # First check the service and picked profile
     form = forms.SSOValidateForm()
     form.validate() or flask.abort(403)
     service = models.Service.query.get(service_uuid) or flask.abort(404)
-    profile = models.Profile.query.get(profile_uuid) or flask.abort(404)
-    if not (profile.user is flask_login.current_user and profile.service is service):
+    profile = models.Profile.query.get(form.profile_uuid.data) or flask.abort(404)
+    if not (profile.user == flask_login.current_user and profile.service == service):
         return flask.abort(403)
     # Parse the authentication request
     idp = server.Server(config=(MetaData.get_config(service)))
@@ -116,7 +116,7 @@ def reply():
     if not service.config["acs"] == request.message.issuer.text:
         return flask.abort(403)
     # Provide a SAML response
-    response = idp.cclass_refreate_authn_response(
+    response = idp.create_authn_response(
         identity={
             'uid': profile.username,
             'email': profile.email

trurt/sso/templates/sso_pick.html

-{% extends "base.html" %}
-
-{% block title %}Pick a profile{% endblock %}
-{% block subtitle %}for the service {{ service.spn }}{% endblock %}
-
-{% block content %}
-{% for profile in profiles %}
-<form method="POST" action="{{ action }}">
-    {{ form.hidden_tag() }}
-    <input type="hidden" name="service_id" value="{{ service.id }}">
-    <input type="hidden" name="profile_id" value="{{ profile.id }}">
-    <input type="submit" value="{{ profile.username }}">
-</form>
-{% endfor %}
-{% endblock %}

trurt/utils.py

@@ -42,7 +42,7 @@ def url_or_intent(endpoint):
     intents = flask.request.args.get(INTENTS, "")
     if intents:
         intents = intents.split(":")
-        return url_for(intents.pop(0), intents=":".join(intents) or None)
+        return url_for(intents.pop(), intents=":".join(intents) or None)
     else:
         return flask.url_for(endpoint)