Ejemplo n.º 1
0
    def setUp(self):
        super(AuthenticateviaADFSTests, self).setUp()

        self.deprecations.expect_deprecations()

        self.conf_fixture = self.useFixture(config.Config())
        conf.register_conf_options(self.conf_fixture.conf, group=self.GROUP)

        self.session = session.Session(session=requests.Session())

        self.IDENTITY_PROVIDER = 'adfs'
        self.IDENTITY_PROVIDER_URL = ('http://adfs.local/adfs/service/trust/13'
                                      '/usernamemixed')
        self.FEDERATION_AUTH_URL = '%s/%s' % (
            self.TEST_URL,
            'OS-FEDERATION/identity_providers/adfs/protocols/saml2/auth')
        self.SP_ENDPOINT = 'https://openstack4.local/Shibboleth.sso/ADFS'

        self.adfsplugin = saml2.ADFSUnscopedToken(
            self.TEST_URL, self.IDENTITY_PROVIDER, self.IDENTITY_PROVIDER_URL,
            self.SP_ENDPOINT, self.TEST_USER, self.TEST_TOKEN)

        self.ADFS_SECURITY_TOKEN_RESPONSE = _load_xml(
            'ADFS_RequestSecurityTokenResponse.xml')
        self.ADFS_FAULT = _load_xml('ADFS_fault.xml')
Ejemplo n.º 2
0
# authentication method in keystoneclient
IDENTITY_PROVIDER_URL = ("https://adfs.local/adfs/services/trust/13/"
                         "usernamemixed")

# Magic URL we are sending out assertion
SERVICE_PROVIDER_ENDPOINT = ("https://keystone.local:5000/Shibboleth.sso/ADFS")

# Place where unscoped federated token can be retrieved
SERVICE_PROVIDER_URL = ("https://keystone.local/v3/OS-FEDERATION/"
                        "identity_providers/%{IDP}s/protocols/saml2/auth")
SERVICE_PROVIDER_URL = SERVICE_PROVIDER_URL % {'IDP': IDENTITY_PROVIDER}
AUTH_URL = 'https://keystone.local:5000/v3'

saml2plugin = saml2.ADFSUnscopedToken(AUTH_URL,
                                      IDENTITY_PROVIDER,
                                      IDENTITY_PROVIDER_URL,
                                      SERVICE_PROVIDER_ENDPOINT,
                                      username='******',
                                      password='******')

s = session.Session(auth=None, verify=False, session=requests.Session())
token = saml2plugin.get_auth_ref(s)

# Scope the token

scopeTokenplugin = saml2.Saml2ScopedToken(AUTH_URL,
                                          token.auth_token,
                                          project_id=VALID_PROJECT_ID)

scoped_token = scopeTokenplugin.get_auth_ref(s)

print scoped_token