UњhjSSKJr SSKJr SSKJr SSKJrJr "SS\5r "SS\5r \ /r g ) )HttpResponseRedirect)reverse) urlencode)ProviderProviderAccountc\rSrSrSrg) SAMLAccountN)__name__ __module__ __qualname____firstlineno____static_attributes__r hD:\Anime\Ugyen\janka_web_project\venv\Lib\site-packages\allauth/socialaccount/providers/saml/provider.pyr r srr c^\rSrSrSrSrSr\rS/SS/S/S S /S /S /S .r U4Sjr Sr Sr Sr SrSrSSjrSrU=r$) SAMLProvider samlSAMLTz,urn:oasis:names:tc:SAML:attribute:subject-idz!urn:oid:0.9.2342.19200300.100.1.3zBhttp://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddressz'http://schemas.auth0.com/email_verifiedz?http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givennamezurn:oid:2.5.4.42zurn:oid:2.5.4.4z!http://schemas.auth0.com/nickname)uidemailemail_verified first_name last_nameusernamec>[TU]"U0UD6 URR=(d) URR=(d URUlgN)super__init__appname client_id)selfargskwargs __class__s rr!SAMLProvider.__init__(s< $)&)HHMMDTXX%7%7D499 rc v[SSURR0S9nU(aUS-[U5-nU$)N saml_loginorganization_slug)r'?)rr"r$r)r%requestr'urls r get_login_urlSAMLProvider.get_login_url,s9l,?ASAS+TU )i//C rc"UR5$r)get_attributes)r%datas rextract_extra_dataSAMLProvider.extract_extra_data2s""$$rclURU5RS5nUcUR5nU$)u/http://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/csprd01/saml-subject-id-attr-v1.0-csprd01.html Quotes: "While the Attributes defined in this profile have as a goal the explicit replacement of the element as a means of subject identification, it is certainly possible to compose them with existing NameID usage provided the same subject is being identified. This can also serve as a migration strategy for existing applications." "SAML does not define an identifier that meets all of these requirements well. It does standardize a kind of NameID termed “persistent” that meets some of them in the particular case of so-called “pairwise” identification, where an identifier varies by relying party. It has seen minimal adoption outside of a few contexts, and fails at the “compact” and “simple to handle” criteria above, on top of the disadvantages inherent with all NameID usage." Overall, our strategy is to prefer a uid resulting from explicit attribute mappings, and only if there is no such uid fallback to the NameID. r)_extractget get_nameid)r%r4rs r extract_uidSAMLProvider.extract_uid5s30mmD!%%e, ;//#C rcLURU5nURSS5 U$)Nr)r8pop)r%r4rets rextract_common_fields"SAMLProvider.extract_common_fieldsRs#mmD! t rchURRnUR5n0nURSUR5nUR 5HVupg[ U[5(aU/nUH3nURUS5n U cM[U 5S:dM+U SXF' MT MX URS5n U (aU R5S;n XS'URS5(d>UR5S:XdURSS5(aUR5US'U$) Nattribute_mappingrr)true1tyyesrz6urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddressuse_nameid_for_emailF) r"settingsr3r9default_attribute_mappingitems isinstancestrlenlowerget_nameid_formatr:) r%r4provider_configraw_attributes attributesrCkey provider_keys provider_keyattribute_listrs rr8SAMLProvider._extractWs-((++,,. +// !?!? #4"9"9"; C---!. - !/!3!3L$!G!-#n2E2I&4Q&7JO !.#<$(89 +1137UUN+9' (~~g&&  " " $G H""#95AA"&//"3Jw rc SSKJn U"X5nURSS9nUR"UUUU4SUR 50UD6 [ U5$)Nr) build_auth) return_tostate_id)*allauth.socialaccount.providers.saml.utilsr[loginstash_redirect_stateget_last_request_idr) r%r.processnext_urlr4r'r[authredirects rrfSAMLProvider.redirectwseI'(:::+ !!      --/    $H--r)r#)NN)r r rridr#supports_redirectr account_classrKr!r0r5r;r@r8rfr __classcell__)r(s@rrr s B DM ;  0 P 6  N    0 %!.E %: @..rrN) django.httpr django.urlsrdjango.utils.httpr$allauth.socialaccount.providers.baserrr rprovider_classesr rrrqs6,'J / z.8z.z!>r