def get_sp(item):
metad = MetaDataFile(ONTS.values(), item, item)
metad.load()
sps = []
for entid, item in metad.entity.items():
if "spsso_descriptor" in item:
for sp in item["spsso_descriptor"]:
_name = ""
try:
for ee in sp["extensions"]["extension_elements"]:
if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
_name = ee["description"][0]["text"]
except KeyError:
pass
if not _name:
try:
_name = item["organization"][
"organization_display_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_url"][0]["text"]
except KeyError:
pass
sps.append((_name, entid))
return sps
def load_providers():
metadata = {}
for filename in settings.WALDUR_AUTH_SAML2['idp_metadata_local']:
mdf = MetaDataFile(ac_factory(), filename)
mdf.load()
metadata.update(mdf.items())
return metadata
def test_split_backend_metadata_to_separate_files(self, tmpdir,
cert_and_key,
satosa_config_dict,
saml_frontend_config,
saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [
saml_backend_config, saml_backend_config
]
create_and_write_saml_metadata(satosa_config_dict,
cert_and_key[1],
cert_and_key[0],
str(tmpdir),
None,
split_backend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
written_metadata_files = [
saml_backend_config["name"], saml_backend_config["name"]
]
for file in written_metadata_files:
md = MetaDataFile(None,
os.path.join(str(tmpdir),
"{}_0.xml".format(file)),
security=security_ctx)
assert md.load()
def test_split_frontend_metadata_to_separate_files(
self, tmpdir, cert_and_key, satosa_config_dict,
saml_mirror_frontend_config, saml_backend_config,
oidc_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_mirror_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [
oidc_backend_config, saml_backend_config
]
create_and_write_saml_metadata(satosa_config_dict,
cert_and_key[1],
cert_and_key[0],
str(tmpdir),
None,
split_frontend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
file_pattern = "{}*.xml".format(saml_mirror_frontend_config["name"])
written_metadata_files = glob.glob(
os.path.join(str(tmpdir), file_pattern))
assert len(written_metadata_files) == 2
for file in written_metadata_files:
md = MetaDataFile(None, file, security=security_ctx)
assert md.load()
def get_sp(item):
metad = MetaDataFile(list(ONTS.values()), item, item)
metad.load()
sps = []
for entid, item in list(metad.entity.items()):
if "spsso_descriptor" in item:
for sp in item["spsso_descriptor"]:
_name = ""
try:
for ee in sp["extensions"]["extension_elements"]:
if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
_name = ee["description"][0]["text"]
except KeyError:
pass
if not _name:
try:
_name = item["organization"][
"organization_display_name"][0]["text"]
except KeyError:
try:
_name = item["organization"]["organization_name"][
0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_url"][0]["text"]
except KeyError:
pass
sps.append((_name, entid))
return sps
def load_providers():
metadata = {}
for filename in settings.WALDUR_AUTH_SAML2['IDP_METADATA_LOCAL']:
mdf = MetaDataFile(ac_factory(), filename)
mdf.load()
metadata.update(mdf.items())
return metadata
def test_oidc_saml(self, tmpdir, cert_and_key, satosa_config_dict, oidc_frontend_config,
saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [oidc_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
md = MetaDataFile(None, os.path.join(str(tmpdir), "backend.xml"), security=security_ctx)
assert md.load()
assert not os.path.isfile(os.path.join(str(tmpdir), "frontend.xml"))
def main():
item = MDIMPORT[sys.argv[1]]
metad = None
if item["type"] == "local":
metad = MetaDataFile(sys.argv[1], item["file"])
elif item["type"] == "external":
metad = MetaDataExtern(sys.argv[1], item["url"],
"/opt/local/bin/xmlsec1", item["cert"])
if metad:
metad.load()
print(metad.dumps())
def test_split_backend_metadata_to_separate_files(self, tmpdir, cert_and_key, satosa_config_dict,
saml_frontend_config, saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config, saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None,
split_backend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
written_metadata_files = [saml_backend_config["name"], saml_backend_config["name"]]
for file in written_metadata_files:
md = MetaDataFile(None, os.path.join(str(tmpdir), "{}_0.xml".format(file)), security=security_ctx)
assert md.load()
def test_oidc_saml(self, tmpdir, cert_and_key, satosa_config_dict,
oidc_frontend_config, saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [oidc_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1],
cert_and_key[0], str(tmpdir), None)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
md = MetaDataFile(None,
os.path.join(str(tmpdir), "backend.xml"),
security=security_ctx)
assert md.load()
assert not os.path.isfile(os.path.join(str(tmpdir), "frontend.xml"))
def test_split_frontend_metadata_to_separate_files(self, tmpdir, cert_and_key, satosa_config_dict,
saml_mirror_frontend_config, saml_backend_config,
oidc_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_mirror_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [oidc_backend_config, saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None,
split_frontend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
file_pattern = "{}*.xml".format(saml_mirror_frontend_config["name"])
written_metadata_files = glob.glob(os.path.join(str(tmpdir), file_pattern))
assert len(written_metadata_files) == 2
for file in written_metadata_files:
md = MetaDataFile(None, file, security=security_ctx)
assert md.load()
def get_sp(item, typ):
if typ == "local":
metad = MetaDataFile(ONTS.values(), item, item)
elif typ == "mdfile":
metad = MetaDataMD(ONTS.values(), item, item)
else:
raise Exception("Don't do that format yet")
metad.load()
sps = []
for entid, item in metad.entity.items():
if "spsso_descriptor" in item:
for sp in item["spsso_descriptor"]:
_name = ""
try:
for ee in sp["extensions"]["extension_elements"]:
if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
_name = ee["description"][0]["text"]
except KeyError:
pass
if not _name:
try:
_name = item["organization"][
"organization_display_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_url"][0]["text"]
except KeyError:
pass
if not _name:
_name = entid
sps.append((_name, entid))
sps.sort(_cmp)
return sps
def main():
item = MDIMPORT[sys.argv[1]]
metad = None
if item["type"] == "local":
metad = MetaDataFile(sys.argv[1], ONTS.values(), item["file"])
elif item["type"] == "external":
metad = MetaDataExtern(sys.argv[1], ONTS.values(),
item["url"], "/opt/local/bin/xmlsec1", item["cert"])
if metad:
metad.load()
print metad.dumps()
ONTS = {
dri.NAMESPACE: dri,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
mdattr.NAMESPACE: mdattr,
mdui.NAMESPACE: mdui,
saml.NAMESPACE: saml,
ui.NAMESPACE: ui,
xmlenc.NAMESPACE: xmlenc,
xmldsig.NAMESPACE: xmldsig,
}
start = time.time()
for i in range(1, 10):
mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md")
mdmd.load()
_ = list(mdmd.keys())
print(time.time() - start)
start = time.time()
for i in range(1, 10):
mdf = MetaDataFile(list(ONTS.values()), ac_factory("../tests/attributemaps"),
"../tests/swamid-2.0.xml")
mdf.load()
_ = list(mdf.keys())
print(time.time() - start)
args = parser.parse_args()
metad = None
if args.ignore_valid:
kwargs = {"check_validity": False}
else:
kwargs = {}
if args.type == "local":
if args.cert and args.xmlsec:
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataFile(ONTS.values(),
args.item,
args.item,
cert=args.cert,
security=sc,
**kwargs)
else:
metad = MetaDataFile(ONTS.values(), args.item, args.item, **kwargs)
elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataExtern(ONTS.values(),
ATTRCONV,
args.url,
sc,
cert=args.cert,
http=httpc,
for line in open(args.conf).readlines():
line = line.strip()
if len(line) == 0:
continue
elif line[0] == "#":
continue
spec = line.split(" ")
if args.ignore_valid:
kwargs = {"check_validity": False}
else:
kwargs = {}
if spec[0] == "local":
metad = MetaDataFile(spec[1], spec[1], **kwargs)
elif spec[0] == "remote":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto, key_type="", cert_type="")
metad = MetaDataExtern(ATTRCONV,
spec[1],
sc,
cert=spec[2],
http=httpc,
**kwargs)
if metad is not None:
try:
metad.load()
parser = argparse.ArgumentParser()
parser.add_argument("-t", dest="type")
parser.add_argument("-u", dest="url")
parser.add_argument("-c", dest="cert")
parser.add_argument("-a", dest="attrsmap")
parser.add_argument("-o", dest="output")
parser.add_argument(dest="item")
args = parser.parse_args()
metad = None
if args.type == "local":
metad = MetaDataFile(ONTS.values(), args.item, args.item)
elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend("/opt/local/bin/xmlsec1")
sc = SecurityContext(crypto)
metad = MetaDataExtern(ONTS.values(), ATTRCONV, args.url, sc, cert=args.cert, http=httpc)
if metad:
metad.load()
txt = metad.dumps()
if args.output:
f = open(args.output, "w")
f.write(txt)
f.close()
else:
"""
parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url')
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument(dest="item")
args = parser.parse_args()
metad = None
if args.type == "local":
metad = MetaDataFile(args.item, args.item)
elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc)
if metad is not None:
metad.load()
txt = metad.dumps()
if args.output:
f = open(args.output, "w")
f.write(txt)
f.close()
else:
# local <local file name>
# external <url> <local file name for certificate use to verify signature>
for line in open(args.conf).readlines():
line = line.strip()
if line[0] == "#":
continue
spec = line.split(" ")
if args.ignore_valid:
kwargs = {"check_validity": False}
else:
kwargs = {}
if spec[0] == "local":
metad = MetaDataFile(ONTS.values(), spec[1], spec[1], **kwargs)
elif spec[0] == "remote":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto, key_type="", cert_type="")
metad = MetaDataExtern(ONTS.values(),
ATTRCONV,
spec[1],
sc,
cert=spec[2],
http=httpc,
**kwargs)
if metad:
try:
MDIMPORT = {
"swamid": {
"url":
"https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2",
"cert": "kalmar2.pem",
"type": "external"
},
"incommon": {
"file": "InCommon-metadata.xml",
"type": "local"
},
"test": {
"file": "mdtest.xml",
"type": "local"
}
}
item = MDIMPORT[sys.argv[1]]
metad = None
if item["type"] == "local":
metad = MetaDataFile(sys.argv[1], list(ONTS.values()), item["file"])
elif item["type"] == "external":
metad = MetaDataExtern(sys.argv[1], list(ONTS.values()), item["url"],
"/opt/local/bin/xmlsec1", item["cert"])
if metad:
metad.load()
print(metad.dumps())
}
parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url')
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument(dest="item")
args = parser.parse_args()
metad = None
if args.type == "local":
metad = MetaDataFile(list(ONTS.values()), args.item, args.item)
elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataExtern(list(ONTS.values()),
ATTRCONV,
args.url,
sc,
cert=args.cert,
http=httpc)
if metad:
try:
metad.load()
}
parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url')
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument(dest="item")
args = parser.parse_args()
metad = None
if args.type == "local":
metad = MetaDataFile(ONTS.values(), args.item, args.item)
elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataExtern(ONTS.values(),
ATTRCONV,
args.url,
sc,
cert=args.cert,
http=httpc)
if metad is not None:
metad.load()
txt = metad.dumps()
ONTS = {
dri.NAMESPACE: dri,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
mdattr.NAMESPACE: mdattr,
mdui.NAMESPACE: mdui,
saml.NAMESPACE: saml,
ui.NAMESPACE: ui,
xmlenc.NAMESPACE: xmlenc,
xmldsig.NAMESPACE: xmldsig,
}
start = time.time()
for i in range(1, 10):
mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md")
mdmd.load()
_ = mdmd.keys()
print time.time() - start
start = time.time()
for i in range(1, 10):
mdf = MetaDataFile(ONTS.values(), ac_factory("../tests/attributemaps"),
"../tests/swamid-2.0.xml")
mdf.load()
_ = mdf.keys()
print time.time() - start
"type": "local"
}
}
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
item = MDIMPORT[sys.argv[1]]
metad = None
if item["type"] == "local":
metad = MetaDataFile(sys.argv[1], ONTS.values(), item["file"])
elif item["type"] == "external":
metad = MetaDataExtern(sys.argv[1], ONTS.values(),
item["url"], "/opt/local/bin/xmlsec1", item["cert"])
if metad:
metad.load()
print metad.dumps()
args = parser.parse_args()
metad = None
if args.ignore_valid:
kwargs = {"check_validity": False}
else:
kwargs = {}
if args.type == "local":
if args.cert and args.xmlsec:
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataFile(args.item,
args.item,
cert=args.cert,
security=sc,
**kwargs)
else:
metad = MetaDataFile(args.item, args.item, **kwargs)
elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataExtern(ATTRCONV,
args.url,
sc,
cert=args.cert,
http=httpc,
**kwargs)
for line in open(args.conf).readlines():
line = line.strip()
if len(line) == 0:
continue
elif line[0] == "#":
continue
spec = line.split(" ")
if args.ignore_valid:
kwargs = {"check_validity": False}
else:
kwargs = {}
if spec[0] == "local":
metad = MetaDataFile(ONTS.values(), spec[1], spec[1], **kwargs)
elif spec[0] == "remote":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto, key_type="", cert_type="")
metad = MetaDataExtern(ONTS.values(), ATTRCONV, spec[1],
sc, cert=spec[2], http=httpc, **kwargs)
if metad is not None:
try:
metad.load()
except:
raise
mds.metadata[spec[1]] = metad
#!/usr/bin/env python
import time
from saml2.attribute_converter import ac_factory
from saml2.mdstore import MetaDataMD, MetaDataFile
__author__ = 'rolandh'
start = time.time()
for i in range(1, 10):
mdmd = MetaDataMD(ac_factory("../tests/attributemaps"), "swamid2.md")
mdmd.load()
_ = mdmd.keys()
print(time.time() - start)
start = time.time()
for i in range(1, 10):
mdf = MetaDataFile(ac_factory("../tests/attributemaps"),
"../tests/swamid-2.0.xml")
mdf.load()
_ = mdf.keys()
print(time.time() - start)