def test_filter_values_req_opt_4():
r = [
Attribute(
friendly_name="surName",
name="urn:oid:2.5.4.4",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"),
Attribute(
friendly_name="givenName",
name="urn:oid:2.5.4.42",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
o = [
Attribute(
friendly_name="title",
name="urn:oid:2.5.4.12",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")]
acs = attribute_converter.ac_factory(full_path("attributemaps"))
rava = attribute_converter.to_local(acs, r)
oava = attribute_converter.to_local(acs, o)
ava = {"sn": ["Hedberg"], "givenName": ["Roland"],
"eduPersonAffiliation": ["staff"], "uid": ["rohe0002"]}
ava = assertion.filter_on_demands(ava, rava, oava)
print ava
assert _eq(ava.keys(), ['givenName', 'sn'])
assert ava == {'givenName': ['Roland'], 'sn': ['Hedberg']}
def test_mixed_attributes_1(self):
ats = saml.attribute_statement_from_string(STATEMENT_MIXED)
ava = to_local(self.acs, ats)
assert ava == {'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'], 'sn': ['Hedberg'],
'uid': ['demouser'], 'user_id': ['bob']}
# Allow unknown
ava = to_local(self.acs, ats, True)
assert ava == {'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'], 'sn': ['Hedberg'],
'urn:oid:2.16.756.1.2.5.1.1.5': ['others'],
'uid': ['demouser'], 'urn:example:com:foo': ['Thing'],
'user_id': ['bob']}
def test_mixed_attributes_1(self):
ats = saml.attribute_statement_from_string(STATEMENT_MIXED)
ava = to_local(self.acs, ats)
assert ava == {'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'], 'sn': ['Hedberg'],
'uid': ['demouser'], 'user_id': ['bob']}
# Allow unknown
ava = to_local(self.acs, ats, True)
assert ava == {'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'], 'sn': ['Hedberg'],
'swissEduPersonHomeOrganizationType': ['others'],
'uid': ['demouser'], 'urn:example:com:foo': ['Thing'],
'user_id': ['bob']}
def read_attribute_statement(self, attr_statem):
logger.debug("Attribute Statement: %s", attr_statem)
# for aconv in self.attribute_converters:
# logger.debug("Converts name format: %s", aconv.name_format)
self.decrypt_attributes(attr_statem)
return to_local(self.attribute_converters, attr_statem, self.allow_unknown_attributes)
def read_attribute_statement(self, attr_statem):
logger.debug("Attribute Statement: %s", attr_statem)
# for aconv in self.attribute_converters:
# logger.debug("Converts name format: %s", aconv.name_format)
self.decrypt_attributes(attr_statem)
return to_local(self.attribute_converters, attr_statem,
self.allow_unknown_attributes)
def test_mixed_attributes_1(self):
ats = saml.attribute_statement_from_string(STATEMENT_MIXED)
ava = to_local(self.acs, ats)
assert ava == {
"eduPersonAffiliation": ["staff"],
"givenName": ["Roland"],
"sn": ["Hedberg"],
"uid": ["demouser"],
"user_id": ["bob"],
}
# Allow unknown
ava = to_local(self.acs, ats, True)
assert ava == {
"eduPersonAffiliation": ["staff"],
"givenName": ["Roland"],
"sn": ["Hedberg"],
"swissEduPersonHomeOrganizationType": ["others"],
"uid": ["demouser"],
"urn:example:com:foo": ["Thing"],
"user_id": ["bob"],
}
def test_to_local_name_from_unspecified(self):
_xml = """<?xml version='1.0' encoding='UTF-8'?>
<ns0:AttributeStatement xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion">
<ns0:Attribute
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="EmailAddress"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns0:AttributeValue xsi:type="xs:string">[email protected]</ns0:AttributeValue>
</ns0:Attribute></ns0:AttributeStatement>"""
attr = attribute_statement_from_string(_xml)
ava = attribute_converter.to_local(self.acs, attr)
assert _eq(list(ava.keys()), ['EmailAddress'])
def test_to_local_name_from_unspecified(self):
_xml = """<?xml version='1.0' encoding='UTF-8'?>
<ns0:AttributeStatement xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion">
<ns0:Attribute
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="EmailAddress"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns0:AttributeValue xsi:type="xs:string">[email protected]</ns0:AttributeValue>
</ns0:Attribute></ns0:AttributeStatement>"""
attr = attribute_statement_from_string(_xml)
ava = attribute_converter.to_local(self.acs, attr)
assert _eq(list(ava.keys()), ['EmailAddress'])
def get_identity(resp):
"""
XXX taken from AuthnResponse - we need this for Artifact responses as well
"""
if not resp.assertion.attribute_statement:
logger.error("Missing Attribute Statement")
ava = {}
else:
assert len(resp.assertion.attribute_statement) == 1
_attr_statem = resp.assertion.attribute_statement[0]
logger.debug("Attribute Statement: %s" % (_attr_statem, ))
for aconv in resp.attribute_converters:
logger.info("Converts name format: %s" % (aconv.name_format, ))
ava = to_local(resp.attribute_converters, _attr_statem)
return ava
def get_identity(resp):
"""
XXX taken from AuthnResponse - we need this for Artifact responses as well
"""
if not resp.assertion.attribute_statement:
logger.error("Missing Attribute Statement")
ava = {}
else:
assert len(resp.assertion.attribute_statement) == 1
_attr_statem = resp.assertion.attribute_statement[0]
logger.debug("Attribute Statement: %s" % (_attr_statem,))
for aconv in resp.attribute_converters:
logger.info("Converts name format: %s" % (aconv.name_format,))
ava = to_local(resp.attribute_converters, _attr_statem)
return ava
def get_identity(self):
""" The assertion can contain zero or one attributeStatements
"""
if not self.assertion.attribute_statement:
logger.error("Missing Attribute Statement")
ava = {}
else:
assert len(self.assertion.attribute_statement) == 1
_attr_statem = self.assertion.attribute_statement[0]
logger.debug("Attribute Statement: %s" % (_attr_statem,))
for aconv in self.attribute_converters:
logger.info("Converts name format: %s" % (aconv.name_format,))
self.decrypt_attributes(_attr_statem)
ava = to_local(self.attribute_converters, _attr_statem)
return ava
def get_identity(self):
""" The assertion can contain zero or one attributeStatements
"""
if not self.assertion.attribute_statement:
logger.error("Missing Attribute Statement")
ava = {}
else:
assert len(self.assertion.attribute_statement) == 1
_attr_statem = self.assertion.attribute_statement[0]
logger.debug("Attribute Statement: %s" % (_attr_statem, ))
for aconv in self.attribute_converters:
logger.info("Converts name format: %s" % (aconv.name_format, ))
self.decrypt_attributes(_attr_statem)
ava = to_local(self.attribute_converters, _attr_statem)
return ava
def test_unspecified_name_format(self):
ats = saml.attribute_statement_from_string(STATEMENT4)
ava = to_local(self.acs, ats)
assert ava == {"user_id": ["bob"], "NameID": ["bobsnameagain"]}
def attributes(self):
return to_local(self.attribute_converters, self.message)
def test_unspecified_name_format(self):
ats = saml.attribute_statement_from_string(STATEMENT4)
ava = to_local(self.acs, ats)
assert ava == {'user_id': ['bob'], 'NameID': ['bobsnameagain']}
def test_unspecified_name_format(self):
ats = saml.attribute_statement_from_string(STATEMENT4)
ava = to_local(self.acs, ats)
assert ava == {'user_id': ['bob'], 'NameID': ['bobsnameagain']}
def attributes(self):
return to_local(self.attribute_converters, self.message)