Example #1
0
def test_1():
    ed = xenc.encrypted_data_from_string(data1)
    assert ed
    assert ed.mime_type == "text/xml"
    assert ed.cipher_data is not None
    cd = ed.cipher_data
    assert cd.cipher_value is not None
    assert cd.cipher_value.text == "A23B45C56"
Example #2
0
def test_1():
    ed = xenc.encrypted_data_from_string(data1)
    assert ed
    assert ed.mime_type == "text/xml"
    assert ed.cipher_data is not None
    cd = ed.cipher_data
    assert cd.cipher_value is not None
    assert cd.cipher_value.text == "A23B45C56"
Example #3
0
    def construct(self, sp_entity_id, in_response_to, consumer_url,
                    name_id, attrconvs, policy, issuer, authn_class=None, 
                    authn_auth=None, authn_decl=None, encrypt=None,
                    sec_context=None):
        """ Construct the Assertion 
        
        :param sp_entity_id: The entityid of the SP
        :param in_response_to: An identifier of the message, this message is 
            a response to
        :param consumer_url: The intended consumer of the assertion
        :param name_id: An NameID instance
        :param attrconvs: AttributeConverters
        :param policy: The policy that should be adhered to when replying
        :param issuer: Who is issuing the statement
        :param authn_class: The authentication class
        :param authn_auth: The authentication instance
        :param authn_decl:
        :param encrypt: Whether to encrypt parts or all of the Assertion
        :param sec_context: The security context used when encrypting
        :return: An Assertion instance
        """
        attr_statement = saml.AttributeStatement(attribute=from_local(
                                attrconvs, self, 
                                policy.get_name_form(sp_entity_id)))

        if encrypt == "attributes":
            for attr in attr_statement.attribute:
                enc = sec_context.encrypt(text="%s" % attr)

                encd = xmlenc.encrypted_data_from_string(enc)
                encattr = saml.EncryptedAttribute(encrypted_data=encd)
                attr_statement.encrypted_attribute.append(encattr)

            attr_statement.attribute = []

        # start using now and for some time
        conds = policy.conditions(sp_entity_id)
        
        return assertion_factory(
            issuer=issuer,
            attribute_statement = attr_statement,
            authn_statement = self._authn_statement(authn_class, authn_auth, 
                                                    authn_decl),
            conditions = conds,
            subject=factory( saml.Subject,
                name_id=name_id,
                subject_confirmation=factory( saml.SubjectConfirmation,
                                method=saml.SUBJECT_CONFIRMATION_METHOD_BEARER,
                                subject_confirmation_data=factory(
                                    saml.SubjectConfirmationData,
                                    in_response_to=in_response_to,
                                    recipient=consumer_url,
                                    not_on_or_after=policy.not_on_or_after(
                                                            sp_entity_id)))),
            )
Example #4
0
    def construct(self, sp_entity_id, in_response_to, consumer_url,
                    name_id, attrconvs, policy, issuer, authn_class=None, 
                    authn_auth=None, authn_decl=None, encrypt=None,
                    sec_context=None):
        """ Construct the Assertion 
        
        :param sp_entity_id: The entityid of the SP
        :param in_response_to: An identifier of the message, this message is 
            a response to
        :param consumer_url: The intended consumer of the assertion
        :param name_id: An NameID instance
        :param attrconvs: AttributeConverters
        :param policy: The policy that should be adhered to when replying
        :param issuer: Who is issuing the statement
        :param authn_class: The authentication class
        :param authn_auth: The authentication instance
        :param authn_decl:
        :param encrypt: Whether to encrypt parts or all of the Assertion
        :param sec_context: The security context used when encrypting
        :return: An Assertion instance
        """
        attr_statement = saml.AttributeStatement(attribute=from_local(
                                attrconvs, self, 
                                policy.get_name_form(sp_entity_id)))

        if encrypt == "attributes":
            for attr in attr_statement.attribute:
                enc = sec_context.encrypt(text="%s" % attr)

                encd = xmlenc.encrypted_data_from_string(enc)
                encattr = saml.EncryptedAttribute(encrypted_data=encd)
                attr_statement.encrypted_attribute.append(encattr)

            attr_statement.attribute = []

        # start using now and for some time
        conds = policy.conditions(sp_entity_id)
        
        return assertion_factory(
            issuer=issuer,
            attribute_statement = attr_statement,
            authn_statement = self._authn_statement(authn_class, authn_auth, 
                                                    authn_decl),
            conditions = conds,
            subject=factory( saml.Subject,
                name_id=name_id,
                subject_confirmation=factory( saml.SubjectConfirmation,
                                method=saml.SUBJECT_CONFIRMATION_METHOD_BEARER,
                                subject_confirmation_data=factory(
                                    saml.SubjectConfirmationData,
                                    in_response_to=in_response_to,
                                    recipient=consumer_url,
                                    not_on_or_after=policy.not_on_or_after(
                                                            sp_entity_id)))),
            )
Example #5
0
def test_2():
    ed = xenc.encrypted_data_from_string(data2)
    assert ed
    print(ed)
    assert ed.type == "http://www.w3.org/2001/04/xmlenc#Element"
    assert ed.encryption_method is not None
    em = ed.encryption_method
    assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'
    assert ed.key_info is not None
    ki = ed.key_info
    assert ki.key_name[0].text == "John Smith"
    assert ed.cipher_data is not None
    cd = ed.cipher_data
    assert cd.cipher_value is not None
    assert cd.cipher_value.text == "DEADBEEF"
Example #6
0
def test_2():
    ed = xenc.encrypted_data_from_string(data2)
    assert ed
    print ed
    assert ed.type == "http://www.w3.org/2001/04/xmlenc#Element"
    assert ed.encryption_method is not None
    em = ed.encryption_method
    assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc'
    assert ed.key_info is not None
    ki = ed.key_info
    assert ki.key_name[0].text == "John Smith"
    assert ed.cipher_data is not None
    cd = ed.cipher_data
    assert cd.cipher_value is not None
    assert cd.cipher_value.text == "DEADBEEF"
Example #7
0
def test_3():
    ed = xenc.encrypted_data_from_string(data3)
    assert ed
    print(ed)
    assert ed.encryption_method != None
    em = ed.encryption_method
    assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'
    assert ed.key_info != None
    ki = ed.key_info
    assert ki.key_name[0].text == "Sally Doe"
    assert len(ki.retrieval_method) == 1
    rm = ki.retrieval_method[0]
    assert rm.uri == "#EK"
    assert rm.type == "http://www.w3.org/2001/04/xmlenc#EncryptedKey"
    assert ed.cipher_data != None
    cd = ed.cipher_data
    assert cd.cipher_value != None
    assert cd.cipher_value.text == "DEADBEEF"
Example #8
0
def test_3():
    ed = xenc.encrypted_data_from_string(data3)
    assert ed
    print ed
    assert ed.encryption_method != None
    em = ed.encryption_method
    assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#aes128-cbc'
    assert ed.key_info != None
    ki = ed.key_info
    assert ki.key_name[0].text == "Sally Doe"
    assert len(ki.retrieval_method) == 1
    rm = ki.retrieval_method[0]
    assert rm.uri == "#EK"
    assert rm.type == "http://www.w3.org/2001/04/xmlenc#EncryptedKey"
    assert ed.cipher_data != None
    cd = ed.cipher_data
    assert cd.cipher_value != None
    assert cd.cipher_value.text == "DEADBEEF"
Example #9
0
    def construct(self, sp_entity_id, in_response_to, consumer_url,
                  name_id, attrconvs, policy, issuer, authn_class=None,
                  authn_auth=None, authn_decl=None, encrypt=None,
                  sec_context=None, authn_decl_ref=None, authn_instant="",
                  subject_locality=""):
        """ Construct the Assertion 
        
        :param sp_entity_id: The entityid of the SP
        :param in_response_to: An identifier of the message, this message is 
            a response to
        :param consumer_url: The intended consumer of the assertion
        :param name_id: An NameID instance
        :param attrconvs: AttributeConverters
        :param policy: The policy that should be adhered to when replying
        :param issuer: Who is issuing the statement
        :param authn_class: The authentication class
        :param authn_auth: The authentication instance
        :param authn_decl: An Authentication Context declaration
        :param encrypt: Whether to encrypt parts or all of the Assertion
        :param sec_context: The security context used when encrypting
        :param authn_decl_ref: An Authentication Context declaration reference
        :param authn_instant: When the Authentication was performed
        :param subject_locality: Specifies the DNS domain name and IP address
            for the system from which the assertion subject was apparently
            authenticated.
        :return: An Assertion instance
        """

        if policy:
            _name_format = policy.get_name_form(sp_entity_id)
        else:
            _name_format = NAME_FORMAT_URI

        attr_statement = saml.AttributeStatement(attribute=from_local(
            attrconvs, self, _name_format))

        if encrypt == "attributes":
            for attr in attr_statement.attribute:
                enc = sec_context.encrypt(text="%s" % attr)

                encd = xmlenc.encrypted_data_from_string(enc)
                encattr = saml.EncryptedAttribute(encrypted_data=encd)
                attr_statement.encrypted_attribute.append(encattr)

            attr_statement.attribute = []

        # start using now and for some time
        conds = policy.conditions(sp_entity_id)

        if authn_auth or authn_class or authn_decl or authn_decl_ref:
            _authn_statement = authn_statement(authn_class, authn_auth,
                                               authn_decl, authn_decl_ref,
                                               authn_instant,
                                               subject_locality)
        else:
            _authn_statement = None


        _ass = assertion_factory(
            issuer=issuer,
            conditions=conds,
            subject=factory(
                saml.Subject,
                name_id=name_id,
                subject_confirmation=[factory(
                    saml.SubjectConfirmation,
                    method=saml.SCM_BEARER,
                    subject_confirmation_data=factory(
                        saml.SubjectConfirmationData,
                        in_response_to=in_response_to,
                        recipient=consumer_url,
                        not_on_or_after=policy.not_on_or_after(sp_entity_id)))]
            ),
        )

        if _authn_statement:
            _ass.authn_statement = [_authn_statement]

        if not attr_statement.empty():
            _ass.attribute_statement=[attr_statement]

        return _ass