def testGetMetadata(self): """ Tests the get_metadata method of the OneLogin_Saml2_IdPMetadataParser """ with self.assertRaises(Exception): data = OneLogin_Saml2_IdPMetadataParser.get_metadata('http://google.es') data = OneLogin_Saml2_IdPMetadataParser.get_metadata('https://www.testshib.org/metadata/testshib-providers.xml') self.assertTrue(data is not None and data is not {})
def testGetMetadata(self): """ Tests the get_metadata method of the OneLogin_Saml2_IdPMetadataParser """ with self.assertRaises(Exception): data = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'http://google.es') data = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://www.testshib.org/metadata/testshib-providers.xml') self.assertTrue(data is not None and data is not {})
def testGetMetadata(self): """ Tests the get_metadata method of the OneLogin_Saml2_IdPMetadataParser """ with self.assertRaises(Exception): data = OneLogin_Saml2_IdPMetadataParser.get_metadata('http://google.es') try: data = OneLogin_Saml2_IdPMetadataParser.get_metadata('https://www.testshib.org/metadata/testshib-providers.xml') except URLError: data = self.file_contents(join(self.data_path, 'metadata', 'testshib-providers.xml')) self.assertTrue(data is not None and data is not {})
def testGetMetadata(self): """ Tests the get_metadata method of the OneLogin_Saml2_IdPMetadataParser """ with self.assertRaises(Exception): data = OneLogin_Saml2_IdPMetadataParser.get_metadata('http://google.es') try: data = OneLogin_Saml2_IdPMetadataParser.get_metadata('https://idp.testshib.org/idp/shibboleth') self.assertTrue(data is not None and data is not {}) except URLError: pass
def testGetMetadata(self): """ Tests the get_metadata method of the OneLogin_Saml2_IdPMetadataParser """ with self.assertRaises(Exception): data = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'http://google.es') try: data = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://www.testshib.org/metadata/testshib-providers.xml') except URLError: data = self.file_contents( join(self.data_path, 'metadata', 'testshib-providers.xml')) self.assertTrue(data is not None and data is not {})
def test_parse_testshib_required_binding_sso_post(self): """ Test with testshib metadata. Especially test extracting SSO with POST binding. """ expected_settings_json = """ { "sp": { "NameIDFormat": "urn:mace:shibboleth:1.0:nameIdentifier" }, "idp": { "entityId": "https://idp.testshib.org/idp/shibboleth", "x509cert": "MIIDAzCCAeugAwIBAgIVAPX0G6LuoXnKS0Muei006mVSBXbvMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAMMEGlkcC50ZXN0c2hpYi5vcmcwHhcNMTYwODIzMjEyMDU0WhcNMzYwODIzMjEyMDU0WjAbMRkwFwYDVQQDDBBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9C4J2DiRTEhJAWzPt1S3ryhm3M2P3hPpwJwvt2q948vdTUxhhvNMuc3M3S4WNh6JYBs53R+YmjqJAII4ShMGNEmlGnSVfHorex7IxikpuDPKV3SNf28mCAZbQrX+hWA+ann/uifVzqXktOjs6DdzdBnxoVhniXgC8WCJwKcx6JO/hHsH1rG/0DSDeZFpTTcZHj4S9MlLNUtt5JxRzV/MmmB3ObaX0CMqsSWUOQeE4nylSlp5RWHCnx70cs9kwz5WrflnbnzCeHU2sdbNotBEeTHot6a2cj/pXlRJIgPsrL/4VSicPZcGYMJMPoLTJ8mdy6mpR6nbCmP7dVbCIm/DQIDAQABoz4wPDAdBgNVHQ4EFgQUUfaDa2mPi24x09yWp1OFXmZ2GPswGwYDVR0RBBQwEoIQaWRwLnRlc3RzaGliLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEASKKgqTxhqBzROZ1eVy++si+eTTUQZU4+8UywSKLia2RattaAPMAcXUjO+3cYOQXLVASdlJtt+8QPdRkfp8SiJemHPXC8BES83pogJPYEGJsKo19l4XFJHPnPy+Dsn3mlJyOfAa8RyWBS80u5lrvAcr2TJXt9fXgkYs7BOCigxtZoR8flceGRlAZ4p5FPPxQR6NDYb645jtOTMVr3zgfjP6Wh2dt+2p04LG7ENJn8/gEwtXVuXCsPoSCDx9Y0QmyXTJNdV1aB0AhORkWPlFYwp+zOyOIR+3m1+pqWFpn0eT/HrxpdKa74FA3R2kq4R7dXe4G0kUgXTdqXMLRKhDgdmA==", "singleSignOnService": { "url": "https://idp.testshib.org/idp/profile/SAML2/POST/SSO", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" } } } """ try: xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://idp.testshib.org/idp/shibboleth') except URLError: xmldoc = self.file_contents( join(self.data_path, 'metadata', 'testshib-providers.xml')) # Parse, require POST binding. settings = OneLogin_Saml2_IdPMetadataParser.parse( xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST) expected_settings = json.loads(expected_settings_json) self.assertEqual(expected_settings, settings)
def test_parse_testshib_required_binding_sso_post(self): """ Test with testshib metadata. Especially test extracting SSO with POST binding. """ expected_settings_json = """ { "sp": { "NameIDFormat": "urn:mace:shibboleth:1.0:nameIdentifier" }, "idp": { "entityId": "https://idp.testshib.org/idp/shibboleth", "singleSignOnService": { "url": "https://idp.testshib.org/idp/profile/SAML2/POST/SSO", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" } } } """ try: xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://www.testshib.org/metadata/testshib-providers.xml') except URLError: xmldoc = self.file_contents(join(self.data_path, 'metadata', 'testshib-providers.xml')) # Parse, require POST binding. settings = OneLogin_Saml2_IdPMetadataParser.parse( xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST ) expected_settings = json.loads(expected_settings_json) self.assertEqual(expected_settings, settings)
def test_parse_testshib_required_binding_sso_post(self): """ Test with testshib metadata. Especially test extracting SSO with POST binding. """ expected_settings_json = """ { "sp": { "NameIDFormat": "urn:mace:shibboleth:1.0:nameIdentifier" }, "idp": { "x509cert": "MIIDAzCCAeugAwIBAgIVAPX0G6LuoXnKS0Muei006mVSBXbvMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAMMEGlkcC50ZXN0c2hpYi5vcmcwHhcNMTYwODIzMjEyMDU0WhcNMzYwODIzMjEyMDU0WjAbMRkwFwYDVQQDDBBpZHAudGVzdHNoaWIub3JnMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg9C4J2DiRTEhJAWzPt1S3ryhm3M2P3hPpwJwvt2q948vdTUxhhvNMuc3M3S4WNh6JYBs53R+YmjqJAII4ShMGNEmlGnSVfHorex7IxikpuDPKV3SNf28mCAZbQrX+hWA+ann/uifVzqXktOjs6DdzdBnxoVhniXgC8WCJwKcx6JO/hHsH1rG/0DSDeZFpTTcZHj4S9MlLNUtt5JxRzV/MmmB3ObaX0CMqsSWUOQeE4nylSlp5RWHCnx70cs9kwz5WrflnbnzCeHU2sdbNotBEeTHot6a2cj/pXlRJIgPsrL/4VSicPZcGYMJMPoLTJ8mdy6mpR6nbCmP7dVbCIm/DQIDAQABoz4wPDAdBgNVHQ4EFgQUUfaDa2mPi24x09yWp1OFXmZ2GPswGwYDVR0RBBQwEoIQaWRwLnRlc3RzaGliLm9yZzANBgkqhkiG9w0BAQsFAAOCAQEASKKgqTxhqBzROZ1eVy++si+eTTUQZU4+8UywSKLia2RattaAPMAcXUjO+3cYOQXLVASdlJtt+8QPdRkfp8SiJemHPXC8BES83pogJPYEGJsKo19l4XFJHPnPy+Dsn3mlJyOfAa8RyWBS80u5lrvAcr2TJXt9fXgkYs7BOCigxtZoR8flceGRlAZ4p5FPPxQR6NDYb645jtOTMVr3zgfjP6Wh2dt+2p04LG7ENJn8/gEwtXVuXCsPoSCDx9Y0QmyXTJNdV1aB0AhORkWPlFYwp+zOyOIR+3m1+pqWFpn0eT/HrxpdKa74FA3R2kq4R7dXe4G0kUgXTdqXMLRKhDgdmA==", "entityId": "https://idp.testshib.org/idp/shibboleth", "singleSignOnService": { "url": "https://idp.testshib.org/idp/profile/SAML2/POST/SSO", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" } } } """ try: xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://idp.testshib.org/idp/shibboleth') except URLError: xmldoc = self.file_contents(join(self.data_path, 'metadata', 'testshib-providers.xml')) # Parse, require POST binding. settings = OneLogin_Saml2_IdPMetadataParser.parse( xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST ) expected_settings = json.loads(expected_settings_json) self.assertEqual(expected_settings, settings)
def load_idp_metadata(self, url=None): """Loads IdP metadata in an XML format from the specified url (by default InCommon IdP Metadata Service) :param url: URL of a metadata service (by default InCommon IdP Metadata Service) :type url: Optional[string] :return: XML string containing InCommon Metadata :rtype: string :raise: MetadataLoadError """ url = url if url else self.IN_COMMON_METADATA_SERVICE_URL self._logger.info( 'Started loading IdP XML metadata from {0}'.format(url)) try: # TODO: Add metadata validation # Metadata validation is described in section Validate downloaded metadata # on https://spaces.at.internet2.edu/display/federation/Consume+InCommon+metadata) xml_metadata = OneLogin_Saml2_IdPMetadataParser.get_metadata(url) except Exception as exception: raise SAMLMetadataLoadingError(inner_exception=exception) self._logger.info( 'Finished loading IdP XML metadata from {0}'.format(url)) return xml_metadata
def test_parse_testshib_required_binding_sso_post(self): """ Test with testshib metadata. Especially test extracting SSO with POST binding. """ expected_settings_json = """ { "sp": { "NameIDFormat": "urn:mace:shibboleth:1.0:nameIdentifier" }, "idp": { "entityId": "https://idp.testshib.org/idp/shibboleth", "singleSignOnService": { "url": "https://idp.testshib.org/idp/profile/SAML2/POST/SSO", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" } } } """ try: xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://www.testshib.org/metadata/testshib-providers.xml') except URLError: xmldoc = self.file_contents( join(self.data_path, 'metadata', 'testshib-providers.xml')) # Parse, require POST binding. settings = OneLogin_Saml2_IdPMetadataParser.parse( xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_POST) expected_settings = json.loads(expected_settings_json) self.assertEqual(expected_settings, settings)
def _fetch_metadata(self): self._logger.info('Started fetching metadata from InCommon Metadata service') metadata = OneLogin_Saml2_IdPMetadataParser.get_metadata(self.IN_COMMON_METADATA_SERVICE_URL) self._logger.info('Finished fetching metadata from InCommon Metadata service') return metadata
def import_metadata(self): if self.metadata_url: self.metadata_xml = OneLogin_Saml2_IdPMetadataParser.get_metadata( self.metadata_url, validate_cert=self.verify_metadata_cert).decode("utf-8") self.saml_settings = json.dumps( OneLogin_Saml2_IdPMetadataParser.parse(self.metadata_xml)) self.last_import = timezone.now() self.save()
def test_parse_testshib_required_binding_sso_redirect(self): """ Test with testshib metadata. Especially test extracting SSO with REDIRECT binding. Note that the testshib metadata does not contain an SLO specification in the first <IDPSSODescriptor> tag. """ expected_settings_json = """ { "sp": { "NameIDFormat": "urn:mace:shibboleth:1.0:nameIdentifier" }, "idp": { "entityId": "https://idp.testshib.org/idp/shibboleth", "singleSignOnService": { "url": "https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" } } } """ try: xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://www.testshib.org/metadata/testshib-providers.xml') except URLError: xmldoc = self.file_contents( join(self.data_path, 'metadata', 'testshib-providers.xml')) # Parse, require SSO REDIRECT binding, implicitly. settings1 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc) # Parse, require SSO REDIRECT binding, explicitly. settings2 = OneLogin_Saml2_IdPMetadataParser.parse( xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT ) expected_settings = json.loads(expected_settings_json) self.assertEqual(expected_settings, settings1) self.assertEqual(expected_settings, settings2)
def test_parse_testshib_required_binding_sso_redirect(self): """ Test with testshib metadata. Especially test extracting SSO with REDIRECT binding. Note that the testshib metadata does not contain an SLO specification in the first <IDPSSODescriptor> tag. """ expected_settings_json = """ { "sp": { "NameIDFormat": "urn:mace:shibboleth:1.0:nameIdentifier" }, "idp": { "entityId": "https://idp.testshib.org/idp/shibboleth", "singleSignOnService": { "url": "https://idp.testshib.org/idp/profile/SAML2/Redirect/SSO", "binding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" } } } """ try: xmldoc = OneLogin_Saml2_IdPMetadataParser.get_metadata( 'https://www.testshib.org/metadata/testshib-providers.xml') except URLError: xmldoc = self.file_contents(join(self.data_path, 'metadata', 'testshib-providers.xml')) # Parse, require SSO REDIRECT binding, implicitly. settings1 = OneLogin_Saml2_IdPMetadataParser.parse(xmldoc) # Parse, require SSO REDIRECT binding, explicitly. settings2 = OneLogin_Saml2_IdPMetadataParser.parse( xmldoc, required_sso_binding=OneLogin_Saml2_Constants.BINDING_HTTP_REDIRECT ) expected_settings = json.loads(expected_settings_json) self.assertEqual(expected_settings, settings1) self.assertEqual(expected_settings, settings2)
def load_idp_metadata(self, url=None): """Load IdP metadata in an XML format from the specified url. :param url: URL of a metadata service :type url: Optional[string] :return: XML string containing InCommon Metadata :rtype: string :raise: MetadataLoadError """ self._logger.info( "Started loading IdP XML metadata from {0}".format(url)) try: xml_metadata = OneLogin_Saml2_IdPMetadataParser.get_metadata(url) except Exception as exception: raise SAMLMetadataLoadingError(inner_exception=exception) self._logger.info( "Finished loading IdP XML metadata from {0}".format(url)) return xml_metadata