def sign_metadata(metadata, key, cert):
"""
Signs the metadata with the key/cert provided
:param metadata: SAML Metadata XML
:type metadata: string
:param key: x509 key
:type key: string
:param cert: x509 cert
:type cert: string
:returns: Signed Metadata
:rtype: string
"""
return OneLogin_Saml2_Utils.add_sign(metadata, key, cert)
def sign_metadata(metadata, key, cert, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1):
"""
Signs the metadata with the key/cert provided
:param metadata: SAML Metadata XML
:type metadata: string
:param key: x509 key
:type key: string
:param cert: x509 cert
:type cert: string
:param sign_algorithm: Signature algorithm method
:type sign_algorithm: string
:returns: Signed Metadata
:rtype: string
"""
return OneLogin_Saml2_Utils.add_sign(metadata, key, cert, False, sign_algorithm)
def sign_metadata(metadata, key, cert, sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1, digest_algorithm=OneLogin_Saml2_Constants.SHA1):
"""
Signs the metadata with the key/cert provided
:param metadata: SAML Metadata XML
:type metadata: string
:param key: x509 key
:type key: string
:param cert: x509 cert
:type cert: string
:param sign_algorithm: Signature algorithm method
:type sign_algorithm: string
:param digest_algorithm: Digest algorithm method
:type digest_algorithm: string
:returns: Signed Metadata
:rtype: string
"""
return OneLogin_Saml2_Utils.add_sign(metadata, key, cert, False, sign_algorithm, digest_algorithm)
def testAddSign(self):
"""
Tests the add_sign method of the OneLogin_Saml2_Utils
"""
settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
key = settings.get_sp_key()
cert = settings.get_sp_cert()
xml_authn = b64decode(
self.file_contents(
join(self.data_path, 'requests', 'authn_request.xml.base64')))
xml_authn_signed = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_authn, key, cert))
self.assertIn('<ds:SignatureValue>', xml_authn_signed)
res = parseString(xml_authn_signed)
ds_signature = res.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature.tagName)
xml_authn_dom = parseString(xml_authn)
xml_authn_signed_2 = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_authn_dom.toxml(), key, cert))
self.assertIn('<ds:SignatureValue>', xml_authn_signed_2)
res_2 = parseString(xml_authn_signed_2)
ds_signature_2 = res_2.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_2.tagName)
xml_authn_signed_3 = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_authn_dom.firstChild.toxml(),
key, cert))
self.assertIn('<ds:SignatureValue>', xml_authn_signed_3)
res_3 = parseString(xml_authn_signed_3)
ds_signature_3 = res_3.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_3.tagName)
xml_authn_etree = etree.fromstring(xml_authn)
xml_authn_signed_4 = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_authn_etree, key, cert))
self.assertIn('<ds:SignatureValue>', xml_authn_signed_4)
res_4 = parseString(xml_authn_signed_4)
ds_signature_4 = res_4.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_4.tagName)
xml_authn_signed_5 = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_authn_etree, key, cert))
self.assertIn('<ds:SignatureValue>', xml_authn_signed_5)
res_5 = parseString(xml_authn_signed_5)
ds_signature_5 = res_5.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_5.tagName)
xml_logout_req = b64decode(
self.file_contents(
join(self.data_path, 'logout_requests',
'logout_request.xml.base64')))
xml_logout_req_signed = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_logout_req, key, cert))
self.assertIn('<ds:SignatureValue>', xml_logout_req_signed)
res_6 = parseString(xml_logout_req_signed)
ds_signature_6 = res_6.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_6.tagName)
xml_logout_res = b64decode(
self.file_contents(
join(self.data_path, 'logout_responses',
'logout_response.xml.base64')))
xml_logout_res_signed = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_logout_res, key, cert))
self.assertIn('<ds:SignatureValue>', xml_logout_res_signed)
res_7 = parseString(xml_logout_res_signed)
ds_signature_7 = res_7.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_7.tagName)
xml_metadata = self.file_contents(
join(self.data_path, 'metadata', 'metadata_settings1.xml'))
xml_metadata_signed = compat.to_string(
OneLogin_Saml2_Utils.add_sign(xml_metadata, key, cert))
self.assertIn('<ds:SignatureValue>', xml_metadata_signed)
res_8 = parseString(xml_metadata_signed)
ds_signature_8 = res_8.firstChild.firstChild.nextSibling.firstChild.nextSibling
self.assertIn('ds:Signature', ds_signature_8.tagName)
def testAddSign(self):
"""
Tests the add_sign method of the OneLogin_Saml2_Utils
"""
settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
key = settings.get_sp_key()
cert = settings.get_sp_cert()
xml_authn = b64decode(self.file_contents(join(self.data_path, 'requests', 'authn_request.xml.base64')))
xml_authn_signed = OneLogin_Saml2_Utils.add_sign(xml_authn, key, cert)
self.assertIn('<ds:SignatureValue>', xml_authn_signed)
res = parseString(xml_authn_signed)
ds_signature = res.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature.tagName)
xml_authn_dom = parseString(xml_authn)
xml_authn_signed_2 = OneLogin_Saml2_Utils.add_sign(xml_authn_dom, key, cert)
self.assertIn('<ds:SignatureValue>', xml_authn_signed_2)
res_2 = parseString(xml_authn_signed_2)
ds_signature_2 = res_2.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_2.tagName)
xml_authn_signed_3 = OneLogin_Saml2_Utils.add_sign(xml_authn_dom.firstChild, key, cert)
self.assertIn('<ds:SignatureValue>', xml_authn_signed_3)
res_3 = parseString(xml_authn_signed_3)
ds_signature_3 = res_3.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_3.tagName)
xml_authn_etree = etree.fromstring(xml_authn)
xml_authn_signed_4 = OneLogin_Saml2_Utils.add_sign(xml_authn_etree, key, cert)
self.assertIn('<ds:SignatureValue>', xml_authn_signed_4)
res_4 = parseString(xml_authn_signed_4)
ds_signature_4 = res_4.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_4.tagName)
xml_authn_signed_5 = OneLogin_Saml2_Utils.add_sign(xml_authn_etree, key, cert)
self.assertIn('<ds:SignatureValue>', xml_authn_signed_5)
res_5 = parseString(xml_authn_signed_5)
ds_signature_5 = res_5.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_5.tagName)
xml_logout_req = b64decode(self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml.base64')))
xml_logout_req_signed = OneLogin_Saml2_Utils.add_sign(xml_logout_req, key, cert)
self.assertIn('<ds:SignatureValue>', xml_logout_req_signed)
res_6 = parseString(xml_logout_req_signed)
ds_signature_6 = res_6.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_6.tagName)
xml_logout_res = b64decode(self.file_contents(join(self.data_path, 'logout_responses', 'logout_response.xml.base64')))
xml_logout_res_signed = OneLogin_Saml2_Utils.add_sign(xml_logout_res, key, cert)
self.assertIn('<ds:SignatureValue>', xml_logout_res_signed)
res_7 = parseString(xml_logout_res_signed)
ds_signature_7 = res_7.firstChild.firstChild.nextSibling.nextSibling
self.assertIn('ds:Signature', ds_signature_7.tagName)
xml_metadata = self.file_contents(join(self.data_path, 'metadata', 'metadata_settings1.xml'))
xml_metadata_signed = OneLogin_Saml2_Utils.add_sign(xml_metadata, key, cert)
self.assertIn('<ds:SignatureValue>', xml_metadata_signed)
res_8 = parseString(xml_metadata_signed)
ds_signature_8 = res_8.firstChild.firstChild.nextSibling.firstChild.nextSibling
self.assertIn('ds:Signature', ds_signature_8.tagName)
try:
OneLogin_Saml2_Utils.add_sign(1, key, cert)
except Exception as e:
self.assertEqual('Error parsing xml string', e.message)
