def test_1():
ed = xenc.encrypted_data_from_string(data1)
assert ed
assert ed.mime_type == "text/xml"
assert ed.cipher_data is not None
cd = ed.cipher_data
assert cd.cipher_value is not None
assert cd.cipher_value.text == "A23B45C56"
def test_1():
ed = xenc.encrypted_data_from_string(data1)
assert ed
assert ed.mime_type == "text/xml"
assert ed.cipher_data is not None
cd = ed.cipher_data
assert cd.cipher_value is not None
assert cd.cipher_value.text == "A23B45C56"
def test_2():
ed = xenc.encrypted_data_from_string(data2)
assert ed
print(ed)
assert ed.type == "http://www.w3.org/2001/04/xmlenc#Element"
assert ed.encryption_method is not None
em = ed.encryption_method
assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'
assert ed.key_info is not None
ki = ed.key_info
assert ki.key_name[0].text == "John Smith"
assert ed.cipher_data is not None
cd = ed.cipher_data
assert cd.cipher_value is not None
assert cd.cipher_value.text == "DEADBEEF"
def test_2():
ed = xenc.encrypted_data_from_string(data2)
assert ed
print(ed)
assert ed.type == "http://www.w3.org/2001/04/xmlenc#Element"
assert ed.encryption_method is not None
em = ed.encryption_method
assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'
assert ed.key_info is not None
ki = ed.key_info
assert ki.key_name[0].text == "John Smith"
assert ed.cipher_data is not None
cd = ed.cipher_data
assert cd.cipher_value is not None
assert cd.cipher_value.text == "DEADBEEF"
def test_3():
ed = xenc.encrypted_data_from_string(data3)
assert ed
print(ed)
assert ed.encryption_method != None
em = ed.encryption_method
assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'
assert ed.key_info != None
ki = ed.key_info
assert ki.key_name[0].text == "Sally Doe"
assert len(ki.retrieval_method) == 1
rm = ki.retrieval_method[0]
assert rm.uri == "#EK"
assert rm.type == "http://www.w3.org/2001/04/xmlenc#EncryptedKey"
assert ed.cipher_data != None
cd = ed.cipher_data
assert cd.cipher_value != None
assert cd.cipher_value.text == "DEADBEEF"
def test_3():
ed = xenc.encrypted_data_from_string(data3)
assert ed
print(ed)
assert ed.encryption_method != None
em = ed.encryption_method
assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'
assert ed.key_info != None
ki = ed.key_info
assert ki.key_name[0].text == "Sally Doe"
assert len(ki.retrieval_method) == 1
rm = ki.retrieval_method[0]
assert rm.uri == "#EK"
assert rm.type == "http://www.w3.org/2001/04/xmlenc#EncryptedKey"
assert ed.cipher_data != None
cd = ed.cipher_data
assert cd.cipher_value != None
assert cd.cipher_value.text == "DEADBEEF"
def construct(self,
sp_entity_id,
attrconvs,
policy,
issuer,
farg,
authn_class=None,
authn_auth=None,
authn_decl=None,
encrypt=None,
sec_context=None,
authn_decl_ref=None,
authn_instant="",
subject_locality="",
authn_statem=None,
name_id=None,
session_not_on_or_after=None):
""" Construct the Assertion
:param sp_entity_id: The entityid of the SP
:param in_response_to: An identifier of the message, this message is
a response to
:param name_id: An NameID instance
:param attrconvs: AttributeConverters
:param policy: The policy that should be adhered to when replying
:param issuer: Who is issuing the statement
:param authn_class: The authentication class
:param authn_auth: The authentication instance
:param authn_decl: An Authentication Context declaration
:param encrypt: Whether to encrypt parts or all of the Assertion
:param sec_context: The security context used when encrypting
:param authn_decl_ref: An Authentication Context declaration reference
:param authn_instant: When the Authentication was performed
:param subject_locality: Specifies the DNS domain name and IP address
for the system from which the assertion subject was apparently
authenticated.
:param authn_statem: A AuthnStatement instance
:return: An Assertion instance
"""
_name_format = policy.get_name_form(sp_entity_id)
attr_statement = saml.AttributeStatement(
attribute=from_local(attrconvs, self, _name_format))
if encrypt == "attributes":
for attr in attr_statement.attribute:
enc = sec_context.encrypt(text="%s" % attr)
encd = xmlenc.encrypted_data_from_string(enc)
encattr = saml.EncryptedAttribute(encrypted_data=encd)
attr_statement.encrypted_attribute.append(encattr)
attr_statement.attribute = []
# start using now and for some time
conds = policy.conditions(sp_entity_id)
if authn_statem:
_authn_statement = authn_statem
elif authn_auth or authn_class or authn_decl or authn_decl_ref:
_authn_statement = authn_statement(
authn_class,
authn_auth,
authn_decl,
authn_decl_ref,
authn_instant,
subject_locality,
session_not_on_or_after=session_not_on_or_after)
else:
_authn_statement = None
subject = do_subject(policy.not_on_or_after(sp_entity_id), name_id,
**farg['subject'])
_ass = assertion_factory(issuer=issuer,
conditions=conds,
subject=subject)
if _authn_statement:
_ass.authn_statement = [_authn_statement]
if not attr_statement.empty():
_ass.attribute_statement = [attr_statement]
return _ass
def construct(self, sp_entity_id, attrconvs, policy, issuer, farg,
authn_class=None, authn_auth=None, authn_decl=None,
encrypt=None, sec_context=None, authn_decl_ref=None,
authn_instant="", subject_locality="", authn_statem=None,
name_id=None, session_not_on_or_after=None):
""" Construct the Assertion
:param sp_entity_id: The entityid of the SP
:param in_response_to: An identifier of the message, this message is
a response to
:param name_id: An NameID instance
:param attrconvs: AttributeConverters
:param policy: The policy that should be adhered to when replying
:param issuer: Who is issuing the statement
:param authn_class: The authentication class
:param authn_auth: The authentication instance
:param authn_decl: An Authentication Context declaration
:param encrypt: Whether to encrypt parts or all of the Assertion
:param sec_context: The security context used when encrypting
:param authn_decl_ref: An Authentication Context declaration reference
:param authn_instant: When the Authentication was performed
:param subject_locality: Specifies the DNS domain name and IP address
for the system from which the assertion subject was apparently
authenticated.
:param authn_statem: A AuthnStatement instance
:return: An Assertion instance
"""
if policy:
_name_format = policy.get_name_form(sp_entity_id)
else:
_name_format = NAME_FORMAT_URI
attr_statement = saml.AttributeStatement(attribute=from_local(
attrconvs, self, _name_format))
if encrypt == "attributes":
for attr in attr_statement.attribute:
enc = sec_context.encrypt(text="%s" % attr)
encd = xmlenc.encrypted_data_from_string(enc)
encattr = saml.EncryptedAttribute(encrypted_data=encd)
attr_statement.encrypted_attribute.append(encattr)
attr_statement.attribute = []
# start using now and for some time
conds = policy.conditions(sp_entity_id)
if authn_statem:
_authn_statement = authn_statem
elif authn_auth or authn_class or authn_decl or authn_decl_ref:
_authn_statement = authn_statement(authn_class, authn_auth,
authn_decl, authn_decl_ref,
authn_instant,
subject_locality,
session_not_on_or_after=session_not_on_or_after)
else:
_authn_statement = None
subject = do_subject(policy, sp_entity_id, name_id,
**farg['subject'])
_ass = assertion_factory(issuer=issuer, conditions=conds,
subject=subject)
if _authn_statement:
_ass.authn_statement = [_authn_statement]
if not attr_statement.empty():
_ass.attribute_statement = [attr_statement]
return _ass