code and comments cleanup

dowjones · Dec 1, 2023 · b71ea26 · b71ea26
1 parent d7409d2
commit b71ea26
Showing 1 changed file with 7 additions and 10 deletions.
diff --git a/tokendito/okta.py b/tokendito/okta.py
@@ -149,7 +149,6 @@ def send_saml_request(saml_request):
     Submit SAML request to IdP, and get the response back.
 
     :param saml_request: dict with IdP post_url, relay_state, and saml_request
-    :param cookies: session cookies with `sid`
     :returns: dict with with SP post_url, relay_state, and saml_response
     """
     # Define the payload and headers for the request
@@ -257,7 +256,6 @@ def send_saml_response(config, saml_response):
     }
     url = saml_response["post_url"]
 
-    logger.debug(f"{base64.b64decode(saml_response['response'])}")
     # Log the SAML response details.
     logger.debug(f"Sending SAML response to {url}")
     # Use the HTTP client to make a POST request.
@@ -279,7 +277,6 @@ def send_saml_response(config, saml_response):
         params = {"stateToken": state_token}
         headers = {
             "accept": "text/html,application/xhtml+xml,application/xml",
-            "content-type": "application/json",
         }
         response = HTTP_client.get(
             f"{config.okta['org']}/login/token/redirect",
@@ -694,15 +691,15 @@ def idp_authenticate(config):
         logger.error("Okta auth failed: unknown type.")
         sys.exit(1)
 
-    if is_saml2_authentication(auth_properties):
-        # We may loop thru the saml2 servers until
-        # we find the authentication server.
-        saml2_authenticate(config, auth_properties)
-    elif local_authentication_enabled(auth_properties):
+    if local_authentication_enabled(auth_properties):
         session_token = local_authenticate(config)
         # authentication sends us a token
         # which we then put in our session cookies
         create_authn_cookies(config.okta["org"], session_token)
+    elif is_saml2_authentication(auth_properties):
+        # We may loop thru the saml2 servers until
+        # we find the authentication server.
+        saml2_authenticate(config, auth_properties)
     else:
         logger.error(f"{auth_properties['type']} login via IdP Discovery is not curretly supported")
         sys.exit(1)
@@ -732,8 +729,8 @@ def access_control(config):
         oauth2_config = get_oauth2_configuration(config)
         oauth2_session_data = generate_oauth2_session_data(config.okta["org"])
         create_authz_cookies(oauth2_config, oauth2_session_data)
-        # The flow says to initially call /authorize here, but that doesnt do anything...
-        # idp_authorize(oauth2_config, oauth2_session_data)
+        # The flow says to initially call /authorize here, but that doesnt do anything.
+        # We call it later, after we are authenticated.
 
     idp_authenticate(config)