def import_metadata(self, xml_str, source):
""" Import information; organization distinguish name, location and
certificates from a metadata file.
:param xml_str: The metadata as a XML string.
:param source: A name by which this source should be known, has to be
unique within this session.
"""
# now = time.gmtime()
#print >> sys.stderr, "Loading %s" % (source,)
entities_descr = md.entities_descriptor_from_string(xml_str)
if not entities_descr:
entity_descr = md.entity_descriptor_from_string(xml_str)
if entity_descr:
self.do_entity_descriptor(entity_descr, source)
else:
try:
valid_instance(entities_descr)
except NotValid, exc:
print >> sys.stderr, exc.args[0]
return
try:
valid(entities_descr.valid_until)
except AttributeError:
pass
for entity_descr in entities_descr.entity_descriptor:
self.do_entity_descriptor(entity_descr, source,
entities_descr.valid_until)
def import_metadata(self, xml_str, source):
""" Import information; organization distinguish name, location and
certificates from a metadata file.
:param xml_str: The metadata as a XML string.
:param source: A name by which this source should be known, has to be
unique within this session.
"""
# now = time.gmtime()
#print >> sys.stderr, "Loading %s" % (source,)
entities_descr = md.entities_descriptor_from_string(xml_str)
if not entities_descr:
entity_descr = md.entity_descriptor_from_string(xml_str)
if entity_descr:
self.do_entity_descriptor(entity_descr, source)
else:
try:
valid_instance(entities_descr)
except NotValid, exc:
print >> sys.stderr, exc.args[0]
return
try:
valid(entities_descr.valid_until)
except AttributeError:
pass
for entity_descr in entities_descr.entity_descriptor:
self.do_entity_descriptor(entity_descr, source,
entities_descr.valid_until)
def test_valid():
assert valid("2000-01-12T00:00:00Z") == False
current_year = datetime.datetime.today().year
assert valid("%d-01-12T00:00:00Z" % (current_year + 1)) == True
this_instance = instant()
time.sleep(1)
assert valid(this_instance) == False # unless on a very fast machine :-)
soon = in_a_while(seconds=10)
assert valid(soon) == True
def test_valid():
assert valid("2000-01-12T00:00:00Z") == False
current_year = datetime.datetime.today().year
assert valid("%d-01-12T00:00:00Z" % (current_year + 1)) == True
this_instance = instant()
time.sleep(1)
assert valid(this_instance) == False # unless on a very fast machine :-)
soon = in_a_while(seconds=10)
assert valid(soon) == True
def parse(self, xmlstr):
self.entities_descr = md.entities_descriptor_from_string(xmlstr)
if not self.entities_descr:
self.entity_descr = md.entity_descriptor_from_string(xmlstr)
if self.entity_descr:
self.do_entity_descriptor(self.entity_descr)
else:
try:
valid_instance(self.entities_descr)
except NotValid, exc:
logger.error(exc.args[0])
return
if self.check_validity:
try:
if not valid(self.entities_descr.valid_until):
raise ToOld(
"Metadata not valid anymore, it's after %s" % (
self.entities_descr.valid_until,))
except AttributeError:
pass
for entity_descr in self.entities_descr.entity_descriptor:
self.do_entity_descriptor(entity_descr)
def parse(self, xmlstr):
self.entities_descr = md.entities_descriptor_from_string(xmlstr)
if not self.entities_descr:
self.entity_descr = md.entity_descriptor_from_string(xmlstr)
if self.entity_descr:
self.do_entity_descriptor(self.entity_descr)
else:
try:
valid_instance(self.entities_descr)
except NotValid as exc:
logger.error("Invalid XML message: %s", exc.args[0])
return
if self.check_validity:
try:
if not valid(self.entities_descr.valid_until):
raise ToOld(
"Metadata not valid anymore, it's only valid "
"until %s" % (self.entities_descr.valid_until, ))
except AttributeError:
pass
for entity_descr in self.entities_descr.entity_descriptor:
self.do_entity_descriptor(entity_descr)
def parse(self, xmlstr):
self.entities_descr = md.entities_descriptor_from_string(xmlstr)
if not self.entities_descr:
self.entity_descr = md.entity_descriptor_from_string(xmlstr)
if self.entity_descr:
self.do_entity_descriptor(self.entity_descr)
else:
try:
valid_instance(self.entities_descr)
except NotValid, exc:
logger.error(exc.args[0])
return
try:
valid(self.entities_descr.valid_until)
except AttributeError:
pass
for entity_descr in self.entities_descr.entity_descriptor:
self.do_entity_descriptor(entity_descr)
def parse(self, xmlstr):
self.entities_descr = md.entities_descriptor_from_string(xmlstr)
if not self.entities_descr:
self.entity_descr = md.entity_descriptor_from_string(xmlstr)
if self.entity_descr:
self.do_entity_descriptor(self.entity_descr)
else:
try:
valid_instance(self.entities_descr)
except NotValid, exc:
logger.error(exc.args[0])
return
try:
valid(self.entities_descr.valid_until)
except AttributeError:
pass
for entity_descr in self.entities_descr.entity_descriptor:
self.do_entity_descriptor(entity_descr)
def keep_updated(func, self=None, entity_id=None, *args, **kwargs):
#print "In keep_updated"
try:
if "valid_until" in self.entity[entity_id]:
try:
if not valid(self.entity[entity_id]["valid_until"]):
self.reload_entity(entity_id)
except KeyError:
pass
except KeyError: # Unknown entity, handle downstream
pass
return func(self, entity_id, *args, **kwargs)
def do_entity_descriptor(self, entity_descr):
if self.check_validity:
try:
if not valid(entity_descr.valid_until):
logger.error("Entity descriptor (entity id:%s) too old",
entity_descr.entity_id)
self.to_old.append(entity_descr.entity_id)
return
except AttributeError:
pass
# have I seen this entity_id before ? If so if log: ignore it
if entity_descr.entity_id in self.entity:
print("Duplicated Entity descriptor (entity id: '%s')" %
entity_descr.entity_id,
file=sys.stderr)
return
_ent = to_dict(entity_descr, metadata_modules())
flag = 0
# verify support for SAML2
for descr in [
"spsso", "idpsso", "role", "authn_authority",
"attribute_authority", "pdp", "affiliation"
]:
_res = []
try:
_items = _ent["%s_descriptor" % descr]
except KeyError:
continue
if descr == "affiliation": # Not protocol specific
flag += 1
continue
for item in _items:
for prot in item["protocol_support_enumeration"].split(" "):
if prot == samlp.NAMESPACE:
item["protocol_support_enumeration"] = prot
_res.append(item)
break
if not _res:
del _ent["%s_descriptor" % descr]
else:
flag += 1
if self.filter:
_ent = self.filter(_ent)
if not _ent:
flag = 0
if flag:
self.entity[entity_descr.entity_id] = _ent
def keep_updated(func, self=None, entity_id=None, *args, **kwargs):
#print "In keep_updated"
try:
if "valid_until" in self.entity[entity_id]:
try:
if not valid(self.entity[entity_id]["valid_until"]):
self.reload_entity(entity_id)
if self.post_load_process:
self.post_load_process()
except KeyError:
pass
except KeyError: # Unknown entity, handle downstream
pass
return func(self, entity_id, *args, **kwargs)
def do_entity_descriptor(self, entity_descr):
if self.check_validity:
try:
if not valid(entity_descr.valid_until):
logger.error("Entity descriptor (entity id:%s) to old",
entity_descr.entity_id)
self.to_old.append(entity_descr.entity_id)
return
except AttributeError:
pass
# have I seen this entity_id before ? If so if log: ignore it
if entity_descr.entity_id in self.entity:
print("Duplicated Entity descriptor (entity id: '%s')" %
entity_descr.entity_id, file=sys.stderr)
return
_ent = to_dict(entity_descr, metadata_modules())
flag = 0
# verify support for SAML2
for descr in ["spsso", "idpsso", "role", "authn_authority",
"attribute_authority", "pdp", "affiliation"]:
_res = []
try:
_items = _ent["%s_descriptor" % descr]
except KeyError:
continue
if descr == "affiliation": # Not protocol specific
flag += 1
continue
for item in _items:
for prot in item["protocol_support_enumeration"].split(" "):
if prot == samlp.NAMESPACE:
item["protocol_support_enumeration"] = prot
_res.append(item)
break
if not _res:
del _ent["%s_descriptor" % descr]
else:
flag += 1
if self.filter:
_ent = self.filter(_ent)
if not _ent:
flag = 0
if flag:
self.entity[entity_descr.entity_id] = _ent
def do_entity_descriptor(self, entity_descr, source, valid_until=0):
try:
if not valid(entity_descr.valid_until):
if self.log:
self.log.info(
"Entity descriptor (entity id:%s) to old" % \
entity_descr.entity_id)
else:
print >> sys.stderr, \
"Entity descriptor (entity id:%s) to old" % \
entity_descr.entity_id
return
except AttributeError,e:
pass
def do_entity_descriptor(self, entity_descr, source, valid_until=0):
try:
if not valid(entity_descr.valid_until):
if self.log:
self.log.info(
"Entity descriptor (entity id:%s) to old" % \
entity_descr.entity_id)
else:
print >> sys.stderr, \
"Entity descriptor (entity id:%s) to old" % \
entity_descr.entity_id
return
except AttributeError:
pass
try:
self._import[source].append(entity_descr.entity_id)
except KeyError:
self._import[source] = [entity_descr.entity_id]
# have I seen this entity_id before ? If so if log: ignore it
if entity_descr.entity_id in self.entity:
print >> sys.stderr, \
"Duplicated Entity descriptor (entity id: '%s')" % \
entity_descr.entity_id
return
entity = self.entity[entity_descr.entity_id] = {}
if valid_until:
entity["valid_until"] = valid_until
elif entity_descr.valid_until:
entity["valid_until"] = entity_descr.valid_until
self._idp_metadata(entity_descr, entity, "idp_sso")
self._sp_metadata(entity_descr, entity, "sp_sso")
self._aad_metadata(entity_descr, entity,
"attribute_authority")
self._vo_metadata(entity_descr, entity, "affiliation")
self._pdp_metadata(entity_descr, entity, "pdp")
try:
entity["organization"] = entity_descr.organization
except AttributeError:
pass
try:
entity["contact_person"] = entity_descr.contact_person
except AttributeError:
pass
def do_entity_descriptor(self, entity_descr, source, valid_until=0):
try:
if not valid(entity_descr.valid_until):
logger.info("Entity descriptor (entity id:%s) to old" %
(entity_descr.entity_id, ))
return
except AttributeError:
pass
try:
self._import[source].append(entity_descr.entity_id)
except KeyError:
self._import[source] = [entity_descr.entity_id]
# have I seen this entity_id before ? If so if log: ignore it
if entity_descr.entity_id in self.entity:
print >> sys.stderr, \
"Duplicated Entity descriptor (entity id: '%s')" % \
entity_descr.entity_id
return
entity = self.entity[entity_descr.entity_id] = {}
if valid_until:
entity["valid_until"] = valid_until
elif entity_descr.valid_until:
entity["valid_until"] = entity_descr.valid_until
self._idp_metadata(entity_descr, entity, "idp_sso")
self._sp_metadata(entity_descr, entity, "sp_sso")
self._aad_metadata(entity_descr, entity, "attribute_authority")
self._vo_metadata(entity_descr, entity, "affiliation")
self._pdp_metadata(entity_descr, entity, "pdp")
try:
entity["organization"] = entity_descr.organization
except AttributeError:
pass
try:
entity["contact_person"] = entity_descr.contact_person
except AttributeError:
pass
def test_timeout():
soon = in_a_while(seconds=1)
time.sleep(2)
assert valid(soon) == False
def test_timeout():
soon = in_a_while(seconds=1)
time.sleep(2)
assert valid(soon) == False
