Be able to retrieve Session Timeout after processResponse

Author: pitbulk

src/onelogin/saml2/auth.py

@@ -54,6 +54,7 @@ def __init__(self, request_data, old_settings=None, custom_base_path=None):
         self.__attributes = []
         self.__nameid = None
         self.__session_index = None
+        self.__session_expiration = None
         self.__authenticated = False
         self.__errors = []
         self.__error_reason = None
@@ -95,6 +96,7 @@ def process_response(self, request_id=None):
                 self.__attributes = response.get_attributes()
                 self.__nameid = response.get_nameid()
                 self.__session_index = response.get_session_index()
+                self.__session_expiration = response.get_session_not_on_or_after()
                 self.__authenticated = True
 
             else:
@@ -213,6 +215,14 @@ def get_session_index(self):
         """
         return self.__session_index
 
+    def get_session_expiration(self):
+        """
+        Returns the SessionNotOnOrAfter from the AuthnStatement.
+        :returns: The SessionNotOnOrAfter of the assertion
+        :rtype: DateTime|null
+        """
+        return self.__session_expiration
+
     def get_errors(self):
         """
         Returns a list with code errors if something went wrong

tests/src/OneLogin/saml2_tests/auth_test.py

@@ -96,6 +96,26 @@ def testGetSessionIndex(self):
         auth2.process_response()
         self.assertEqual('_6273d77b8cde0c333ec79d22a9fa0003b9fe2d75cb', auth2.get_session_index())
 
+    def testGetSessionExpiration(self):
+        """
+        Tests the get_session_expiration method of the OneLogin_Saml2_Auth class
+        """
+        settings_info = self.loadSettingsJSON()
+        auth = OneLogin_Saml2_Auth(self.get_request(), old_settings=settings_info)
+        self.assertIsNone(auth.get_session_expiration())
+
+        request_data = self.get_request()
+        message = self.file_contents(join(self.data_path, 'responses', 'valid_response.xml.base64'))
+        del request_data['get_data']
+        request_data['post_data'] = {
+            'SAMLResponse': message
+        }
+        auth2 = OneLogin_Saml2_Auth(request_data, old_settings=self.loadSettingsJSON())
+        self.assertIsNone(auth2.get_session_expiration())
+
+        auth2.process_response()
+        self.assertEqual(1392802621, auth2.get_session_expiration())
+
     def testGetLastErrorReason(self):
         """
         Tests the get_last_error_reason method of the OneLogin_Saml2_Auth class