Beispiel #1
0
 def get_response(self, deflate=True):
     """
     Returns a Logout Response object.
     :param deflate: It makes the deflate process optional
     :type: bool
     :return: Logout Response maybe deflated and base64 encoded
     :rtype: string
     """
     if deflate:
         response = OneLogin_Saml2_Utils.deflate_and_base64_encode(
             self.__logout_response)
     else:
         response = OneLogin_Saml2_Utils.b64encode(self.__logout_response)
     return response
Beispiel #2
0
 def get_request(self, deflate=True):
     """
     Returns unsigned AuthnRequest.
     :param deflate: It makes the deflate process optional
     :type: bool
     :return: AuthnRequest maybe deflated and base64 encoded
     :rtype: str object
     """
     if deflate:
         request = OneLogin_Saml2_Utils.deflate_and_base64_encode(
             self.__authn_request)
     else:
         request = OneLogin_Saml2_Utils.b64encode(self.__authn_request)
     return request
Beispiel #3
0
    def __build_signature(self,
                          data,
                          saml_type,
                          sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1):
        """
        Builds the Signature
        :param data: The Request data
        :type data: dict

        :param saml_type: The target URL the user should be redirected to
        :type saml_type: string  SAMLRequest | SAMLResponse

        :param sign_algorithm: Signature algorithm method
        :type sign_algorithm: string
        """
        assert saml_type in ('SAMLRequest', 'SAMLResponse')
        key = self.get_settings().get_sp_key()

        if not key:
            raise OneLogin_Saml2_Error(
                "Trying to sign the %s but can't load the SP private key." %
                saml_type, OneLogin_Saml2_Error.PRIVATE_KEY_NOT_FOUND)

        msg = self.__build_sign_query(data[saml_type],
                                      data.get('RelayState', None),
                                      sign_algorithm, saml_type)

        sign_algorithm_transform_map = {
            OneLogin_Saml2_Constants.DSA_SHA1: xmlsec.Transform.DSA_SHA1,
            OneLogin_Saml2_Constants.RSA_SHA1: xmlsec.Transform.RSA_SHA1,
            OneLogin_Saml2_Constants.RSA_SHA256: xmlsec.Transform.RSA_SHA256,
            OneLogin_Saml2_Constants.RSA_SHA384: xmlsec.Transform.RSA_SHA384,
            OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512
        }
        sign_algorithm_transform = sign_algorithm_transform_map.get(
            sign_algorithm, xmlsec.Transform.RSA_SHA1)

        signature = OneLogin_Saml2_Utils.sign_binary(
            msg, key, sign_algorithm_transform,
            self.__settings.is_debug_active())
        data['Signature'] = OneLogin_Saml2_Utils.b64encode(signature)
        data['SigAlg'] = sign_algorithm