Ejemplo n.º 1
0
 def test_get_trust_mark_self_signed(self):
     # Verify the self signed trust marks
     for _jws in self.entity.server_get('context').signed_trust_marks:
         _jwt = factory(_jws)
         _payload = _jwt.jwt.payload()
         _tm = TrustMark(**_payload)
         assert _tm.verify()
Ejemplo n.º 2
0
    def test_get_trust_mark_3rd_party(self):
        # Create the Signed JWT representing the Trust Mark

        _jws = self.tmi.create_trust_mark(self.id, "https://example.com")
        _jwt = factory(_jws)
        _payload = _jwt.jwt.payload()
        _tm = TrustMark(**_payload)
        assert _tm.verify()
Ejemplo n.º 3
0
def test_create_trust_mark_self_signed():
    _entity_id = "https://example.com/op"
    _tm = TrustMark(
        id="https://openid.net/certification/op",
        sub=_entity_id,
        mark="http://openid.net/wordpress-content/uploads/2016/05/oid-l-certification-mark-l-cmyk" \
             "-150dpi-90mm.jpg",
        ref="https://openid.net/wordpress-content/uploads/2015/09/RolandHedberg-pyoidc-0.7.7"
            "-Basic-26-Sept-2015.zip"
    )

    _key_jar = build_keyjar(KEYSPEC, issuer_id=_entity_id)

    # Create the Signed JWT representing the Trust Mark
    _jwt0 = JWT(key_jar=_key_jar, iss=_entity_id, lifetime=3600)
    _jws = _jwt0.pack(_tm)

    # Unpack and verify the Trust Mark
    _jwt1 = JWT(key_jar=_key_jar,
                msg_cls=TrustMark,
                allowed_sign_algs=["RS256"])
    res_tm = _jwt1.unpack(_jws)
    res_tm.verify(entity_id=_entity_id)

    assert isinstance(res_tm, TrustMark)
    assert res_tm["id"] == "https://openid.net/certification/op"
Ejemplo n.º 4
0
def test_get_trust_mark_3rd_party():
    _iss = "https://feide.no"
    _sub = "https://op.ntnu.no"

    config = {'keys': {'key_defs': KEYSPEC}}

    federation_entity = FederationEntity(
        _iss,
        trusted_roots=ANCHOR,
        config=config,
        authority_hints=['https://ntnu.no'],
        entity_type='openid_relying_party',
        httpd=Publisher(ROOT_DIR),
        opponent_entity_type='openid_relying_party')

    federation_entity.collector = DummyCollector(httpd=Publisher(ROOT_DIR),
                                                 trusted_roots=ANCHOR,
                                                 root_dir=ROOT_DIR)

    _tm = TrustMark(
        id="https://refeds.org/wp-content/uploads/2016/01/Sirtfi-1.0.pdf",
        sub=_sub,
    )

    # Create the Signed JWT representing the Trust Mark
    _jwt0 = JWT(key_jar=federation_entity.keyjar, iss=_iss, lifetime=3600)
    _jws = _jwt0.pack(_tm)

    trust_anchor_id = list(ANCHOR.keys())[0]

    _tm = get_trust_mark(federation_entity, _jws, _sub, trust_anchor_id)

    assert isinstance(_tm, TrustMark)
Ejemplo n.º 5
0
def create_trust_mark(entity_id, key_jar, trust_mark_id, subject='', lifetime=0, trust_mark='',
                      reference=''):
    """
    Create Trust Mark.

    :param entity_id: The issuers entity_id
    :param key_jar: A KeyJar that contains useful keys
    :param trust_mark_id: The Trust Mark identifier
    :param subject: The subject's id
    :param lifetime: For how long the trust mark should be valid (0=for ever)
    :param trust_mark: A URL pointing to a graphic trust mark
    :param reference: A URL pointing to reference material for this trust mark
    :return: A signed JWT containing the provided information
    """
    _tm = TrustMark(
        id=trust_mark_id,
    )
    if trust_mark:
        _tm["mark"] = trust_mark
    if reference:
        _tm["ref"] = reference

    if subject:
        _tm['sub'] = subject
    else:
        _tm['sub'] = entity_id

    # Create the Signed JWT representing the Trust Mark
    _jwt = JWT(key_jar=key_jar, iss=entity_id, lifetime=lifetime)
    return _jwt.pack(_tm)
Ejemplo n.º 6
0
def test_get_trust_mark_self_signed():
    _entity_id = "https://op.ntnu.no"
    config = {'keys': {'key_defs': KEYSPEC}}

    federation_entity = FederationEntity(
        _entity_id,
        trusted_roots=ANCHOR,
        config=config,
        authority_hints=['https://ntnu.no'],
        entity_type='openid_relying_party',
        httpd=Publisher(ROOT_DIR),
        opponent_entity_type='openid_relying_party')

    federation_entity.collector = DummyCollector(httpd=Publisher(ROOT_DIR),
                                                 trusted_roots=ANCHOR,
                                                 root_dir=ROOT_DIR)

    _tm = TrustMark(
        id="https://openid.net/certification/op",
        sub=_entity_id,
        mark=("http://openid.net/wordpress-content/uploads/2016/05/"
              "oid-l-certification-mark-l-cmyk-150dpi-90mm.jpg"),
        ref=("https://openid.net/wordpress-content/uploads/2015/09/"
             "RolandHedberg-pyoidc-0.7.7-Basic-26-Sept-2015.zip"))

    # Create the Signed JWT representing the Trust Mark
    _jwt0 = JWT(key_jar=federation_entity.keyjar,
                iss=_entity_id,
                lifetime=3600)
    _jws = _jwt0.pack(_tm)

    trust_anchor_id = list(ANCHOR.keys())[0]

    _tm = get_trust_mark(federation_entity, _jws, _entity_id, trust_anchor_id)

    assert isinstance(_tm, TrustMark)
Ejemplo n.º 7
0
print("4.1.6_metadata.json", mp_org.verify())

# apply policy

res = apply_policy(md, comb_policy)
res_md = RegistrationResponse(**res)

print(json.dumps(res_md.to_dict(), indent=4, sort_keys=True))
print('=', md.to_dict() == res_md.to_dict())

# ============== 4.3.3 ==================
print("-" * 20, "4.3.3", "-" * 20)

for item in ['4.3.3_1.json', '4.3.3_2.json']:
    data = open(item).read()
    tm = TrustMark().from_json(data)
    print(item, tm.verify())

# ============== 5.2 ==================
print("-" * 20, "5.2", "-" * 20)

txt = open("5.2.json").read()

es = EntityStatement().from_json(txt)

now = utc_time_sans_frac()
es['iat'] = now
es['exp'] = now + 3600

print("5.2", es.verify())