def repack_cert(cert):
part = cert.split("\n")
if len(part) == 1:
part = part[0].strip()
return "\n".join(split_len(part, 64))
else:
return "\n".join([s.strip() for s in part])
def repack_cert(cert):
part = cert.split("\n")
if len(part) == 1:
part = part[0].strip()
return "\n".join(split_len(part, 64))
else:
return "\n".join([s.strip() for s in part])
def stripRolloverKeys(self, entity):
"""
If the entity metadata contains keys for safe-rollover, strips the
Standby key because ADFS can't handle it
:param entity: Entity descriptor
:return: Entity descriptor or None of no working keys remain
"""
_sps = []
for sp in entity["spsso_descriptor"]:
toRemove = []
try:
key_desc = sp["key_descriptor"]
except KeyError:
continue
else:
for kd in key_desc:
try:
key_name = kd["key_info"]["key_name"]
except KeyError:
pass
else:
stand_by = False
for kn in key_name:
if kn["text"] == "Standby":
toRemove.append(kd)
break
if stand_by:
break
x509_data = kd["key_info"]["x509_data"]
cert_to_remove = []
for x in x509_data:
xc = x["x509_certificate"]
cert = xc["text"].strip()
cert = "\n".join(split_len("".join([s.strip() for s in
cert.split()]), 64))
if not active_cert(cert):
cert_to_remove.append(x)
for c in cert_to_remove:
x509_data.remove(c)
if not kd["key_info"]["x509_data"]:
toRemove.append(kd)
for j in toRemove:
sp["key_descriptor"].remove(j)
print ("WARNING: removed KeyName element")
if sp["key_descriptor"]:
_sps.append(sp)
if not _sps:
return None
else:
entity["spsso_descriptor"] = _sps
return entity
