def get_sp(item):
metad = MetaDataFile(ONTS.values(), item, item)
metad.load()
sps = []
for entid, item in metad.entity.items():
if "spsso_descriptor" in item:
for sp in item["spsso_descriptor"]:
_name = ""
try:
for ee in sp["extensions"]["extension_elements"]:
if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
_name = ee["description"][0]["text"]
except KeyError:
pass
if not _name:
try:
_name = item["organization"][
"organization_display_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_url"][0]["text"]
except KeyError:
pass
sps.append((_name, entid))
return sps
def load_providers():
metadata = {}
for filename in settings.WALDUR_AUTH_SAML2['idp_metadata_local']:
mdf = MetaDataFile(ac_factory(), filename)
mdf.load()
metadata.update(mdf.items())
return metadata
def get_sp(item):
metad = MetaDataFile(list(ONTS.values()), item, item)
metad.load()
sps = []
for entid, item in list(metad.entity.items()):
if "spsso_descriptor" in item:
for sp in item["spsso_descriptor"]:
_name = ""
try:
for ee in sp["extensions"]["extension_elements"]:
if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
_name = ee["description"][0]["text"]
except KeyError:
pass
if not _name:
try:
_name = item["organization"][
"organization_display_name"][0]["text"]
except KeyError:
try:
_name = item["organization"]["organization_name"][
0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_url"][0]["text"]
except KeyError:
pass
sps.append((_name, entid))
return sps
def load_providers():
metadata = {}
for filename in settings.WALDUR_AUTH_SAML2['IDP_METADATA_LOCAL']:
mdf = MetaDataFile(ac_factory(), filename)
mdf.load()
metadata.update(mdf.items())
return metadata
def main():
item = MDIMPORT[sys.argv[1]]
metad = None
if item["type"] == "local":
metad = MetaDataFile(sys.argv[1], ONTS.values(), item["file"])
elif item["type"] == "external":
metad = MetaDataExtern(sys.argv[1], ONTS.values(),
item["url"], "/opt/local/bin/xmlsec1", item["cert"])
if metad:
metad.load()
print metad.dumps()
def test_split_frontend_metadata_to_separate_files(
self, tmpdir, cert_and_key, satosa_config_dict,
saml_mirror_frontend_config, saml_backend_config,
oidc_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_mirror_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [
oidc_backend_config, saml_backend_config
]
create_and_write_saml_metadata(satosa_config_dict,
cert_and_key[1],
cert_and_key[0],
str(tmpdir),
None,
split_frontend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
file_pattern = "{}*.xml".format(saml_mirror_frontend_config["name"])
written_metadata_files = glob.glob(
os.path.join(str(tmpdir), file_pattern))
assert len(written_metadata_files) == 2
for file in written_metadata_files:
md = MetaDataFile(None, file, security=security_ctx)
assert md.load()
def test_split_backend_metadata_to_separate_files(self, tmpdir,
cert_and_key,
satosa_config_dict,
saml_frontend_config,
saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [
saml_backend_config, saml_backend_config
]
create_and_write_saml_metadata(satosa_config_dict,
cert_and_key[1],
cert_and_key[0],
str(tmpdir),
None,
split_backend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
written_metadata_files = [
saml_backend_config["name"], saml_backend_config["name"]
]
for file in written_metadata_files:
md = MetaDataFile(None,
os.path.join(str(tmpdir),
"{}_0.xml".format(file)),
security=security_ctx)
assert md.load()
def get_sp(item, typ):
if typ == "local":
metad = MetaDataFile(ONTS.values(), item, item)
elif typ == "mdfile":
metad = MetaDataMD(ONTS.values(), item, item)
else:
raise Exception("Don't do that format yet")
metad.load()
sps = []
for entid, item in metad.entity.items():
if "spsso_descriptor" in item:
for sp in item["spsso_descriptor"]:
_name = ""
try:
for ee in sp["extensions"]["extension_elements"]:
if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
_name = ee["description"][0]["text"]
except KeyError:
pass
if not _name:
try:
_name = item["organization"][
"organization_display_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_name"][0]["text"]
except KeyError:
try:
_name = item["organization"][
"organization_url"][0]["text"]
except KeyError:
pass
if not _name:
_name = entid
sps.append((_name, entid))
sps.sort(_cmp)
return sps
def test_oidc_saml(self, tmpdir, cert_and_key, satosa_config_dict, oidc_frontend_config,
saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [oidc_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
md = MetaDataFile(None, os.path.join(str(tmpdir), "backend.xml"), security=security_ctx)
assert md.load()
assert not os.path.isfile(os.path.join(str(tmpdir), "frontend.xml"))
def test_oidc_saml(self, tmpdir, cert_and_key, satosa_config_dict,
oidc_frontend_config, saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [oidc_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1],
cert_and_key[0], str(tmpdir), None)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
md = MetaDataFile(None,
os.path.join(str(tmpdir), "backend.xml"),
security=security_ctx)
assert md.load()
assert not os.path.isfile(os.path.join(str(tmpdir), "frontend.xml"))
def test_split_backend_metadata_to_separate_files(self, tmpdir, cert_and_key, satosa_config_dict,
saml_frontend_config, saml_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config, saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None,
split_backend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
written_metadata_files = [saml_backend_config["name"], saml_backend_config["name"]]
for file in written_metadata_files:
md = MetaDataFile(None, os.path.join(str(tmpdir), "{}_0.xml".format(file)), security=security_ctx)
assert md.load()
def test_split_frontend_metadata_to_separate_files(self, tmpdir, cert_and_key, satosa_config_dict,
saml_mirror_frontend_config, saml_backend_config,
oidc_backend_config):
satosa_config_dict["FRONTEND_MODULES"] = [saml_mirror_frontend_config]
satosa_config_dict["BACKEND_MODULES"] = [oidc_backend_config, saml_backend_config]
create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None,
split_frontend_metadata=True)
conf = Config()
conf.cert_file = cert_and_key[0]
security_ctx = security_context(conf)
file_pattern = "{}*.xml".format(saml_mirror_frontend_config["name"])
written_metadata_files = glob.glob(os.path.join(str(tmpdir), file_pattern))
assert len(written_metadata_files) == 2
for file in written_metadata_files:
md = MetaDataFile(None, file, security=security_ctx)
assert md.load()
elif line[0] == "#":
continue
spec = line.split(" ")
if args.ignore_valid:
kwargs = {"check_validity": False}
else:
kwargs = {}
if spec[0] == "local":
metad = MetaDataFile(ONTS.values(), spec[1], spec[1], **kwargs)
elif spec[0] == "remote":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto, key_type="", cert_type="")
metad = MetaDataExtern(ONTS.values(), ATTRCONV, spec[1],
sc, cert=spec[2], http=httpc, **kwargs)
if metad is not None:
try:
metad.load()
except:
raise
mds.metadata[spec[1]] = metad
print(mds.dumps(args.output))
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument(dest="item")
args = parser.parse_args()
metad = None
if args.type == "local":
metad = MetaDataFile(list(ONTS.values()), args.item, args.item)
elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto)
metad = MetaDataExtern(list(ONTS.values()),
ATTRCONV,
args.url,
sc,
cert=args.cert,
http=httpc)
if metad:
try:
metad.load()
except:
raise
else:
print("OK")
ONTS = {
dri.NAMESPACE: dri,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
mdattr.NAMESPACE: mdattr,
mdui.NAMESPACE: mdui,
saml.NAMESPACE: saml,
ui.NAMESPACE: ui,
xmlenc.NAMESPACE: xmlenc,
xmldsig.NAMESPACE: xmldsig,
}
start = time.time()
for i in range(1, 10):
mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md")
mdmd.load()
_ = mdmd.keys()
print time.time() - start
start = time.time()
for i in range(1, 10):
mdf = MetaDataFile(ONTS.values(), ac_factory("../tests/attributemaps"),
"../tests/swamid-2.0.xml")
mdf.load()
_ = mdf.keys()
print time.time() - start
ONTS = {
dri.NAMESPACE: dri,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
mdattr.NAMESPACE: mdattr,
mdui.NAMESPACE: mdui,
saml.NAMESPACE: saml,
ui.NAMESPACE: ui,
xmlenc.NAMESPACE: xmlenc,
xmldsig.NAMESPACE: xmldsig,
}
start = time.time()
for i in range(1, 10):
mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md")
mdmd.load()
_ = list(mdmd.keys())
print(time.time() - start)
start = time.time()
for i in range(1, 10):
mdf = MetaDataFile(list(ONTS.values()), ac_factory("../tests/attributemaps"),
"../tests/swamid-2.0.xml")
mdf.load()
_ = list(mdf.keys())
print(time.time() - start)
