Add support for retrieving the last ID of the generated AuthNRequest / LogoutRequest

pitbulk · pitbulk · commit 73ee97717d75 · 2016-12-30T00:30:22.000+01:00
diff --git a/README.md b/README.md
@@ -523,6 +523,10 @@ The login method can recieve 3 more optional parameters:
 * is_passive        When true the AuthNReuqest will set the Ispassive='true'
 * set_nameid_policy When true the AuthNReuqest will set a nameIdPolicy element.
 
+If a match on the future SAMLResponse ID and the AuthNRequest ID to be sent is required, that AuthNRequest ID must to be extracted and stored for future validation, we can get that ID by
+
+auth.get_last_request_id()
+
 #### The SP Endpoints ####
 
 Related to the SP there are 3 important endpoints: The metadata view, the ACS view and the SLS view.
@@ -706,6 +710,10 @@ Also there are 2 optional parameters that can be set:
 SAML Response with a NameId, then this NameId will be used.
 * session_index. SessionIndex that identifies the session of the user.
 
+If a match on the LogoutResponse ID and the LogoutRequest ID to be sent is required, that LogoutRequest ID must to be extracted and stored for future validation, we can get that ID by
+
+auth.get_last_request_id()
+
 ####Example of a view that initiates the SSO request and handles the response (is the acs target)####
 
 We can code a unique file that initiates the SSO process, handle the response, get the attributes, initiate the slo and processes the logout response.
@@ -781,6 +789,7 @@ Main class of OneLogin Python Toolkit
 * ***get_last_error_reason*** Returns the reason of the last error
 * ***get_sso_url*** Gets the SSO url.
 * ***get_slo_url*** Gets the SLO url.
+* ***get_last_request_id*** The ID of the last Request SAML message generated (AuthNRequest, LogoutRequest).
 * ***build_request_signature*** Builds the Signature of the SAML Request.
 * ***build_response_signature*** Builds the Signature of the SAML Response.
 * ***get_settings*** Returns the settings info.
diff --git a/src/onelogin/saml2/auth.py b/src/onelogin/saml2/auth.py
@@ -58,6 +58,7 @@ def __init__(self, request_data, old_settings=None, custom_base_path=None):
         self.__authenticated = False
         self.__errors = []
         self.__error_reason = None
+        self.__last_request_id = None
 
     def get_settings(self):
         """
@@ -260,6 +261,13 @@ def get_attribute(self, name):
         assert isinstance(name, compat.str_type)
         return self.__attributes.get(name)
 
+    def get_last_request_id(self):
+        """
+        :returns: The ID of the last Request SAML message generated.
+        :rtype: string
+        """
+        return self.__last_request_id
+
     def login(self, return_to=None, force_authn=False, is_passive=False, set_nameid_policy=True):
         """
         Initiates the SSO process.
@@ -280,6 +288,7 @@ def login(self, return_to=None, force_authn=False, is_passive=False, set_nameid_
         :rtype: string
         """
         authn_request = OneLogin_Saml2_Authn_Request(self.__settings, force_authn, is_passive, set_nameid_policy)
+        self.__last_request_id = authn_request.get_id()
 
         saml_request = authn_request.get_request()
         parameters = {'SAMLRequest': saml_request}
@@ -328,6 +337,7 @@ def logout(self, return_to=None, name_id=None, session_index=None, nq=None):
             session_index=session_index,
             nq=nq
         )
+        self.__last_request_id = logout_request.id
 
         parameters = {'SAMLRequest': logout_request.get_request()}
         if return_to is not None:
