def _bearer_confirmed(self, data): if not data: return False if data.address: if not valid_address(data.address): return False # verify that I got it from the correct sender # These two will raise exception if untrue validate_on_or_after(data.not_on_or_after, self.timeslack) validate_before(data.not_before, self.timeslack) # not_before must be < not_on_or_after if not later_than(data.not_on_or_after, data.not_before): return False if self.asynchop and self.came_from is None: if data.in_response_to: if data.in_response_to in self.outstanding_queries: self.came_from = self.outstanding_queries[data.in_response_to] # del self.outstanding_queries[data.in_response_to] elif self.allow_unsolicited: pass else: # This is where I don't allow unsolicited reponses # Either in_response_to == None or has a value I don't # recognize logger.debug("in response to: '%s'", data.in_response_to) logger.info("outstanding queries: %s", self.outstanding_queries.keys()) raise Exception("Combination of session id and requestURI I don't " "recall") return True
def _bearer_confirmed(self, data): if not data: return False if data.address: if not valid_address(data.address): return False # These two will raise exception if untrue validate_on_or_after(data.not_on_or_after, self.timeslack) validate_before(data.not_before, self.timeslack) # not_before must be < not_on_or_after if not later_than(data.not_on_or_after, data.not_before): return False if self.asynchop and not self.came_from: if data.in_response_to: if data.in_response_to in self.outstanding_queries: self.came_from = self.outstanding_queries[ data.in_response_to] del self.outstanding_queries[data.in_response_to] elif self.allow_unsolicited: pass else: # This is where I don't allow unsolicited reponses # Either in_response_to == None or has a value I don't # recognize logger.debug("in response to: '%s'" % data.in_response_to) logger.info("outstanding queries: %s" % (self.outstanding_queries.keys(), )) raise Exception( "Combination of session id and requestURI I don't recall" ) return True
def get_subject(self): """ The assertion must contain a Subject """ assert self.assertion.subject subject = self.assertion.subject subjconf = [] for subject_confirmation in subject.subject_confirmation: data = subject_confirmation.subject_confirmation_data if not data: # I don't know where this belongs so I ignore it continue if data.address: if not valid_address(data.address): # ignore this subject_confirmation continue # These two will raise exception if untrue validate_on_or_after(data.not_on_or_after, self.timeslack) validate_before(data.not_before, self.timeslack) # not_before must be < not_on_or_after if not time_util.later_than(data.not_on_or_after, data.not_before): continue if self.asynchop and not self.came_from: if data.in_response_to in self.outstanding_queries: self.came_from = self.outstanding_queries[ data.in_response_to] del self.outstanding_queries[data.in_response_to] elif self.allow_unsolicited: pass else: # This is where I don't allow unsolicited reponses # Either in_response_to == None or has a value I don't # recognize if self.debug and self.log: self.log.info( "in response to: '%s'" % data.in_response_to) self.log.info("outstanding queries: %s" % \ self.outstanding_queries.keys()) raise Exception( "Combination of session id and requestURI I don't recall") subjconf.append(subject_confirmation) if not subjconf: raise Exception("No valid subject confirmation") subject.subject_confirmation = subjconf # The subject must contain a name_id assert subject.name_id self.name_id = subject.name_id.text.strip() return self.name_id
def get_subject(self): """ The assertion must contain a Subject """ assert self.assertion.subject subject = self.assertion.subject subjconf = [] for subject_confirmation in subject.subject_confirmation: data = subject_confirmation.subject_confirmation_data if not data: # I don't know where this belongs so I ignore it continue if data.address: if not valid_address(data.address): # ignore this subject_confirmation continue # These two will raise exception if untrue validate_on_or_after(data.not_on_or_after, self.timeslack) validate_before(data.not_before, self.timeslack) # not_before must be < not_on_or_after if not time_util.later_than(data.not_on_or_after, data.not_before): continue if self.asynchop and not self.came_from: if data.in_response_to in self.outstanding_queries: self.came_from = self.outstanding_queries[ data.in_response_to] del self.outstanding_queries[data.in_response_to] elif self.allow_unsolicited: pass else: # This is where I don't allow unsolicited reponses # Either in_response_to == None or has a value I don't # recognize logger.debug("in response to: '%s'" % data.in_response_to) logger.info("outstanding queries: %s" % (self.outstanding_queries.keys(), )) raise Exception( "Combination of session id and requestURI I don't recall" ) subjconf.append(subject_confirmation) if not subjconf: raise Exception("No valid subject confirmation") subject.subject_confirmation = subjconf # The subject must contain a name_id assert subject.name_id self.name_id = subject.name_id.text.strip() return self.name_id
def test_valid_address(): assert valid_address("130.239.16.3") assert valid_address("2001:8003:5555:9999:555a:5555:c77:d5c5") assert valid_address("2001:8003:5555::555a:5555:c77:d5c5") # See https://tools.ietf.org/html/rfc4038#section-5.1 regarding # the inclusion of brackets in the ipv6 address below. assert valid_address("[2001:8003:5555:9999:555a:5555:c77:d5c5]") with raises(NotValid): assert valid_address("127.0.0.256") with raises(NotValid): assert valid_address("127.0.0.") with raises(NotValid): assert valid_address("127.0.0") with raises(NotValid): assert valid_address("2001::5555:9999::5555:c77:d5c5]") with raises(NotValid): assert valid_address("2001:8003:5555:9999:555a:5555:c77:d5c5]") with raises(NotValid): assert valid_address("[2001:8003:5555:9999:555a:5555:c77:d5c5") with raises(NotValid): assert valid_address("[[2001:8003:5555:9999:555a:5555:c77:d5c5]")