From 8959883762e7518ee7fa2e5fdfe4432c67940dc1 Mon Sep 17 00:00:00 2001
From: Sixto Martin <pitbulk@gmail.com>
Date: Thu, 13 Nov 2014 20:44:15 +0100
Subject: [PATCH] Related to #31

---
 README.md                  |  1 +
 src/onelogin/saml2/auth.py | 13 +++++++++++++
 2 files changed, 14 insertions(+)

diff --git a/README.md b/README.md
index 977c1f8a..b82f6ac5 100644
--- a/README.md
+++ b/README.md
@@ -684,6 +684,7 @@ Main class of OneLogin Python Toolkit
 * ***get_nameid*** Returns the nameID.
 * ***get_session_index*** Gets the SessionIndex from the AuthnStatement.
 * ***get_errors*** Returns a list with code errors if something went wrong.
+* ***get_last_error_reason*** Return the reason of the last error
 * ***get_sso_url*** Gets the SSO url.
 * ***get_slo_url*** Gets the SLO url.
 * ***build_request_signature*** Builds the Signature of the SAML Request.
diff --git a/src/onelogin/saml2/auth.py b/src/onelogin/saml2/auth.py
index 8a5fa987..33078a6a 100644
--- a/src/onelogin/saml2/auth.py
+++ b/src/onelogin/saml2/auth.py
@@ -56,6 +56,7 @@ def __init__(self, request_data, old_settings=None, custom_base_path=None):
         self.__session_index = None
         self.__authenticated = False
         self.__errors = []
+        self.__error_reason = None
 
     def get_settings(self):
         """
@@ -98,6 +99,7 @@ def process_response(self, request_id=None):
 
             else:
                 self.__errors.append('invalid_response')
+                self.__error_reason = response.get_error()
 
         else:
             self.__errors.append('invalid_binding')
@@ -124,6 +126,7 @@ def process_slo(self, keep_local_session=False, request_id=None, delete_session_
             logout_response = OneLogin_Saml2_Logout_Response(self.__settings, self.__request_data['get_data']['SAMLResponse'])
             if not logout_response.is_valid(self.__request_data, request_id):
                 self.__errors.append('invalid_logout_response')
+                self.__error_reason = logout_response.get_error()
             elif logout_response.get_status() != OneLogin_Saml2_Constants.STATUS_SUCCESS:
                 self.__errors.append('logout_not_success')
             elif not keep_local_session:
@@ -133,6 +136,7 @@ def process_slo(self, keep_local_session=False, request_id=None, delete_session_
             logout_request = OneLogin_Saml2_Logout_Request(self.__settings, self.__request_data['get_data']['SAMLRequest'])
             if not logout_request.is_valid(self.__request_data):
                 self.__errors.append('invalid_logout_request')
+                self.__error_reason = logout_request.get_error()
             else:
                 if not keep_local_session:
                     OneLogin_Saml2_Utils.delete_local_session(delete_session_cb)
@@ -218,6 +222,15 @@ def get_errors(self):
         """
         return self.__errors
 
+    def get_last_error_reason(self):
+        """
+        Return the reason for the last error
+
+        :returns: Reason of the last error
+        :rtype: None | string
+        """
+        return self.__error_reason
+
     def get_attribute(self, name):
         """
         Returns the requested SAML attribute.