Exemple #1
0
def get_sp(item):
    metad = MetaDataFile(ONTS.values(), item, item)
    metad.load()
    sps = []
    for entid, item in metad.entity.items():
        if "spsso_descriptor" in item:
            for sp in item["spsso_descriptor"]:
                _name = ""
                try:
                    for ee in sp["extensions"]["extension_elements"]:
                        if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
                            _name = ee["description"][0]["text"]
                except KeyError:
                    pass
                if not _name:
                    try:
                        _name = item["organization"][
                            "organization_display_name"][0]["text"]
                    except KeyError:
                        try:
                            _name = item["organization"][
                                "organization_name"][0]["text"]
                        except KeyError:
                            try:
                                _name = item["organization"][
                                    "organization_url"][0]["text"]
                            except KeyError:
                                pass
                sps.append((_name, entid))
    return sps
Exemple #2
0
def load_providers():
    metadata = {}
    for filename in settings.WALDUR_AUTH_SAML2['idp_metadata_local']:
        mdf = MetaDataFile(ac_factory(), filename)
        mdf.load()
        metadata.update(mdf.items())
    return metadata
    def test_split_backend_metadata_to_separate_files(self, tmpdir,
                                                      cert_and_key,
                                                      satosa_config_dict,
                                                      saml_frontend_config,
                                                      saml_backend_config):

        satosa_config_dict["FRONTEND_MODULES"] = [saml_frontend_config]
        satosa_config_dict["BACKEND_MODULES"] = [
            saml_backend_config, saml_backend_config
        ]

        create_and_write_saml_metadata(satosa_config_dict,
                                       cert_and_key[1],
                                       cert_and_key[0],
                                       str(tmpdir),
                                       None,
                                       split_backend_metadata=True)

        conf = Config()
        conf.cert_file = cert_and_key[0]
        security_ctx = security_context(conf)

        written_metadata_files = [
            saml_backend_config["name"], saml_backend_config["name"]
        ]
        for file in written_metadata_files:
            md = MetaDataFile(None,
                              os.path.join(str(tmpdir),
                                           "{}_0.xml".format(file)),
                              security=security_ctx)
            assert md.load()
    def test_split_frontend_metadata_to_separate_files(
            self, tmpdir, cert_and_key, satosa_config_dict,
            saml_mirror_frontend_config, saml_backend_config,
            oidc_backend_config):

        satosa_config_dict["FRONTEND_MODULES"] = [saml_mirror_frontend_config]
        satosa_config_dict["BACKEND_MODULES"] = [
            oidc_backend_config, saml_backend_config
        ]

        create_and_write_saml_metadata(satosa_config_dict,
                                       cert_and_key[1],
                                       cert_and_key[0],
                                       str(tmpdir),
                                       None,
                                       split_frontend_metadata=True)

        conf = Config()
        conf.cert_file = cert_and_key[0]
        security_ctx = security_context(conf)

        file_pattern = "{}*.xml".format(saml_mirror_frontend_config["name"])
        written_metadata_files = glob.glob(
            os.path.join(str(tmpdir), file_pattern))
        assert len(written_metadata_files) == 2
        for file in written_metadata_files:
            md = MetaDataFile(None, file, security=security_ctx)
            assert md.load()
Exemple #5
0
def get_sp(item):
    metad = MetaDataFile(list(ONTS.values()), item, item)
    metad.load()
    sps = []
    for entid, item in list(metad.entity.items()):
        if "spsso_descriptor" in item:
            for sp in item["spsso_descriptor"]:
                _name = ""
                try:
                    for ee in sp["extensions"]["extension_elements"]:
                        if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
                            _name = ee["description"][0]["text"]
                except KeyError:
                    pass
                if not _name:
                    try:
                        _name = item["organization"][
                            "organization_display_name"][0]["text"]
                    except KeyError:
                        try:
                            _name = item["organization"]["organization_name"][
                                0]["text"]
                        except KeyError:
                            try:
                                _name = item["organization"][
                                    "organization_url"][0]["text"]
                            except KeyError:
                                pass
                sps.append((_name, entid))
    return sps
Exemple #6
0
def load_providers():
    metadata = {}
    for filename in settings.WALDUR_AUTH_SAML2['IDP_METADATA_LOCAL']:
        mdf = MetaDataFile(ac_factory(), filename)
        mdf.load()
        metadata.update(mdf.items())
    return metadata
    def test_oidc_saml(self, tmpdir, cert_and_key, satosa_config_dict, oidc_frontend_config,
                       saml_backend_config):
        satosa_config_dict["FRONTEND_MODULES"] = [oidc_frontend_config]
        satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config]

        create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None)

        conf = Config()
        conf.cert_file = cert_and_key[0]
        security_ctx = security_context(conf)
        md = MetaDataFile(None, os.path.join(str(tmpdir), "backend.xml"), security=security_ctx)
        assert md.load()

        assert not os.path.isfile(os.path.join(str(tmpdir), "frontend.xml"))
Exemple #8
0
def main():
    item = MDIMPORT[sys.argv[1]]

    metad = None

    if item["type"] == "local":
        metad = MetaDataFile(sys.argv[1], item["file"])
    elif item["type"] == "external":
        metad = MetaDataExtern(sys.argv[1], item["url"],
                               "/opt/local/bin/xmlsec1", item["cert"])

    if metad:
        metad.load()
        print(metad.dumps())
    def test_split_backend_metadata_to_separate_files(self, tmpdir, cert_and_key, satosa_config_dict,
                                                      saml_frontend_config, saml_backend_config):

        satosa_config_dict["FRONTEND_MODULES"] = [saml_frontend_config]
        satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config, saml_backend_config]

        create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None,
                                       split_backend_metadata=True)

        conf = Config()
        conf.cert_file = cert_and_key[0]
        security_ctx = security_context(conf)

        written_metadata_files = [saml_backend_config["name"], saml_backend_config["name"]]
        for file in written_metadata_files:
            md = MetaDataFile(None, os.path.join(str(tmpdir), "{}_0.xml".format(file)), security=security_ctx)
            assert md.load()
    def test_oidc_saml(self, tmpdir, cert_and_key, satosa_config_dict,
                       oidc_frontend_config, saml_backend_config):
        satosa_config_dict["FRONTEND_MODULES"] = [oidc_frontend_config]
        satosa_config_dict["BACKEND_MODULES"] = [saml_backend_config]

        create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1],
                                       cert_and_key[0], str(tmpdir), None)

        conf = Config()
        conf.cert_file = cert_and_key[0]
        security_ctx = security_context(conf)
        md = MetaDataFile(None,
                          os.path.join(str(tmpdir), "backend.xml"),
                          security=security_ctx)
        assert md.load()

        assert not os.path.isfile(os.path.join(str(tmpdir), "frontend.xml"))
    def test_split_frontend_metadata_to_separate_files(self, tmpdir, cert_and_key, satosa_config_dict,
                                                       saml_mirror_frontend_config, saml_backend_config,
                                                       oidc_backend_config):

        satosa_config_dict["FRONTEND_MODULES"] = [saml_mirror_frontend_config]
        satosa_config_dict["BACKEND_MODULES"] = [oidc_backend_config, saml_backend_config]

        create_and_write_saml_metadata(satosa_config_dict, cert_and_key[1], cert_and_key[0], str(tmpdir), None,
                                       split_frontend_metadata=True)

        conf = Config()
        conf.cert_file = cert_and_key[0]
        security_ctx = security_context(conf)

        file_pattern = "{}*.xml".format(saml_mirror_frontend_config["name"])
        written_metadata_files = glob.glob(os.path.join(str(tmpdir), file_pattern))
        assert len(written_metadata_files) == 2
        for file in written_metadata_files:
            md = MetaDataFile(None, file, security=security_ctx)
            assert md.load()
Exemple #12
0
def get_sp(item, typ):
    if typ == "local":
        metad = MetaDataFile(ONTS.values(), item, item)
    elif typ == "mdfile":
        metad = MetaDataMD(ONTS.values(), item, item)
    else:
        raise Exception("Don't do that format yet")

    metad.load()
    sps = []
    for entid, item in metad.entity.items():
        if "spsso_descriptor" in item:
            for sp in item["spsso_descriptor"]:
                _name = ""
                try:
                    for ee in sp["extensions"]["extension_elements"]:
                        if ee["__class__"] == "%s&UIInfo" % mdui.NAMESPACE:
                            _name = ee["description"][0]["text"]
                except KeyError:
                    pass
                if not _name:
                    try:
                        _name = item["organization"][
                            "organization_display_name"][0]["text"]
                    except KeyError:
                        try:
                            _name = item["organization"][
                                "organization_name"][0]["text"]
                        except KeyError:
                            try:
                                _name = item["organization"][
                                    "organization_url"][0]["text"]
                            except KeyError:
                                pass
                if not _name:
                    _name = entid
                sps.append((_name, entid))
    sps.sort(_cmp)
    return sps
Exemple #13
0
def main():
    item = MDIMPORT[sys.argv[1]]

    metad = None

    if item["type"] == "local":
        metad = MetaDataFile(sys.argv[1], ONTS.values(), item["file"])
    elif item["type"] == "external":
        metad = MetaDataExtern(sys.argv[1], ONTS.values(),
                               item["url"], "/opt/local/bin/xmlsec1", item["cert"])

    if metad:
        metad.load()
        print metad.dumps()
Exemple #14
0
ONTS = {
    dri.NAMESPACE: dri,
    idpdisc.NAMESPACE: idpdisc,
    md.NAMESPACE: md,
    mdattr.NAMESPACE: mdattr,
    mdui.NAMESPACE: mdui,
    saml.NAMESPACE: saml,
    ui.NAMESPACE: ui,
    xmlenc.NAMESPACE: xmlenc,
    xmldsig.NAMESPACE: xmldsig,
}

start = time.time()
for i in range(1, 10):
    mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md")
    mdmd.load()

    _ = list(mdmd.keys())

print(time.time() - start)

start = time.time()
for i in range(1, 10):
    mdf = MetaDataFile(list(ONTS.values()), ac_factory("../tests/attributemaps"),
                      "../tests/swamid-2.0.xml")
    mdf.load()
    _ = list(mdf.keys())

print(time.time() - start)
Exemple #15
0
args = parser.parse_args()

metad = None

if args.ignore_valid:
    kwargs = {"check_validity": False}
else:
    kwargs = {}

if args.type == "local":
    if args.cert and args.xmlsec:
        crypto = _get_xmlsec_cryptobackend(args.xmlsec)
        sc = SecurityContext(crypto)
        metad = MetaDataFile(ONTS.values(),
                             args.item,
                             args.item,
                             cert=args.cert,
                             security=sc,
                             **kwargs)
    else:
        metad = MetaDataFile(ONTS.values(), args.item, args.item, **kwargs)
elif args.type == "external":
    ATTRCONV = ac_factory(args.attrsmap)
    httpc = HTTPBase()
    crypto = _get_xmlsec_cryptobackend(args.xmlsec)
    sc = SecurityContext(crypto)
    metad = MetaDataExtern(ONTS.values(),
                           ATTRCONV,
                           args.url,
                           sc,
                           cert=args.cert,
                           http=httpc,
for line in open(args.conf).readlines():
    line = line.strip()
    if len(line) == 0:
        continue
    elif line[0] == "#":
        continue
    spec = line.split(" ")

    if args.ignore_valid:
        kwargs = {"check_validity": False}
    else:
        kwargs = {}

    if spec[0] == "local":
        metad = MetaDataFile(spec[1], spec[1], **kwargs)
    elif spec[0] == "remote":
        ATTRCONV = ac_factory(args.attrsmap)
        httpc = HTTPBase()
        crypto = _get_xmlsec_cryptobackend(args.xmlsec)
        sc = SecurityContext(crypto, key_type="", cert_type="")
        metad = MetaDataExtern(ATTRCONV,
                               spec[1],
                               sc,
                               cert=spec[2],
                               http=httpc,
                               **kwargs)

    if metad is not None:
        try:
            metad.load()
Exemple #17
0

parser = argparse.ArgumentParser()
parser.add_argument("-t", dest="type")
parser.add_argument("-u", dest="url")
parser.add_argument("-c", dest="cert")
parser.add_argument("-a", dest="attrsmap")
parser.add_argument("-o", dest="output")
parser.add_argument(dest="item")
args = parser.parse_args()


metad = None

if args.type == "local":
    metad = MetaDataFile(ONTS.values(), args.item, args.item)
elif args.type == "external":
    ATTRCONV = ac_factory(args.attrsmap)
    httpc = HTTPBase()
    crypto = _get_xmlsec_cryptobackend("/opt/local/bin/xmlsec1")
    sc = SecurityContext(crypto)
    metad = MetaDataExtern(ONTS.values(), ATTRCONV, args.url, sc, cert=args.cert, http=httpc)

if metad:
    metad.load()
    txt = metad.dumps()
    if args.output:
        f = open(args.output, "w")
        f.write(txt)
        f.close()
    else:
Exemple #18
0
"""

parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url')
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument(dest="item")
args = parser.parse_args()

metad = None

if args.type == "local":
    metad = MetaDataFile(args.item, args.item)
elif args.type == "external":
    ATTRCONV = ac_factory(args.attrsmap)
    httpc = HTTPBase()
    crypto = _get_xmlsec_cryptobackend(args.xmlsec)
    sc = SecurityContext(crypto)
    metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc)

if metad is not None:
    metad.load()
    txt = metad.dumps()
    if args.output:
        f = open(args.output, "w")
        f.write(txt)
        f.close()
    else:
Exemple #19
0
# local <local file name>
# external <url> <local file name for certificate use to verify signature>

for line in open(args.conf).readlines():
    line = line.strip()
    if line[0] == "#":
        continue
    spec = line.split(" ")

    if args.ignore_valid:
        kwargs = {"check_validity": False}
    else:
        kwargs = {}

    if spec[0] == "local":
        metad = MetaDataFile(ONTS.values(), spec[1], spec[1], **kwargs)
    elif spec[0] == "remote":
        ATTRCONV = ac_factory(args.attrsmap)
        httpc = HTTPBase()
        crypto = _get_xmlsec_cryptobackend(args.xmlsec)
        sc = SecurityContext(crypto, key_type="", cert_type="")
        metad = MetaDataExtern(ONTS.values(),
                               ATTRCONV,
                               spec[1],
                               sc,
                               cert=spec[2],
                               http=httpc,
                               **kwargs)

    if metad:
        try:
MDIMPORT = {
    "swamid": {
        "url":
        "https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2",
        "cert": "kalmar2.pem",
        "type": "external"
    },
    "incommon": {
        "file": "InCommon-metadata.xml",
        "type": "local"
    },
    "test": {
        "file": "mdtest.xml",
        "type": "local"
    }
}

item = MDIMPORT[sys.argv[1]]

metad = None

if item["type"] == "local":
    metad = MetaDataFile(sys.argv[1], list(ONTS.values()), item["file"])
elif item["type"] == "external":
    metad = MetaDataExtern(sys.argv[1], list(ONTS.values()), item["url"],
                           "/opt/local/bin/xmlsec1", item["cert"])

if metad:
    metad.load()
    print(metad.dumps())
}

parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url')
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument(dest="item")
args = parser.parse_args()

metad = None

if args.type == "local":
    metad = MetaDataFile(list(ONTS.values()), args.item, args.item)
elif args.type == "external":
    ATTRCONV = ac_factory(args.attrsmap)
    httpc = HTTPBase()
    crypto = _get_xmlsec_cryptobackend(args.xmlsec)
    sc = SecurityContext(crypto)
    metad = MetaDataExtern(list(ONTS.values()),
                           ATTRCONV,
                           args.url,
                           sc,
                           cert=args.cert,
                           http=httpc)

if metad:
    try:
        metad.load()
Exemple #22
0
}

parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url')
parser.add_argument('-c', dest='cert')
parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output')
parser.add_argument('-x', dest='xmlsec')
parser.add_argument(dest="item")
args = parser.parse_args()

metad = None

if args.type == "local":
    metad = MetaDataFile(ONTS.values(), args.item, args.item)
elif args.type == "external":
    ATTRCONV = ac_factory(args.attrsmap)
    httpc = HTTPBase()
    crypto = _get_xmlsec_cryptobackend(args.xmlsec)
    sc = SecurityContext(crypto)
    metad = MetaDataExtern(ONTS.values(),
                           ATTRCONV,
                           args.url,
                           sc,
                           cert=args.cert,
                           http=httpc)

if metad is not None:
    metad.load()
    txt = metad.dumps()
Exemple #23
0
ONTS = {
    dri.NAMESPACE: dri,
    idpdisc.NAMESPACE: idpdisc,
    md.NAMESPACE: md,
    mdattr.NAMESPACE: mdattr,
    mdui.NAMESPACE: mdui,
    saml.NAMESPACE: saml,
    ui.NAMESPACE: ui,
    xmlenc.NAMESPACE: xmlenc,
    xmldsig.NAMESPACE: xmldsig,
}

start = time.time()
for i in range(1, 10):
    mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md")
    mdmd.load()

    _ = mdmd.keys()

print time.time() - start

start = time.time()
for i in range(1, 10):
    mdf = MetaDataFile(ONTS.values(), ac_factory("../tests/attributemaps"),
                      "../tests/swamid-2.0.xml")
    mdf.load()
    _ = mdf.keys()

print time.time() - start
Exemple #24
0
        "type": "local"
    }
}

ONTS = {
    saml.NAMESPACE: saml,
    mdui.NAMESPACE: mdui,
    mdattr.NAMESPACE: mdattr,
    dri.NAMESPACE: dri,
    ui.NAMESPACE: ui,
    idpdisc.NAMESPACE: idpdisc,
    md.NAMESPACE: md,
    xmldsig.NAMESPACE: xmldsig,
    xmlenc.NAMESPACE: xmlenc
}

item = MDIMPORT[sys.argv[1]]

metad = None

if item["type"] == "local":
    metad = MetaDataFile(sys.argv[1], ONTS.values(), item["file"])
elif item["type"] == "external":
    metad = MetaDataExtern(sys.argv[1], ONTS.values(),
                           item["url"], "/opt/local/bin/xmlsec1", item["cert"])

if metad:
    metad.load()
    print metad.dumps()

Exemple #25
0
args = parser.parse_args()

metad = None

if args.ignore_valid:
    kwargs = {"check_validity": False}
else:
    kwargs = {}

if args.type == "local":
    if args.cert and args.xmlsec:
        crypto = _get_xmlsec_cryptobackend(args.xmlsec)
        sc = SecurityContext(crypto)
        metad = MetaDataFile(args.item,
                             args.item,
                             cert=args.cert,
                             security=sc,
                             **kwargs)
    else:
        metad = MetaDataFile(args.item, args.item, **kwargs)
elif args.type == "external":
    ATTRCONV = ac_factory(args.attrsmap)
    httpc = HTTPBase()
    crypto = _get_xmlsec_cryptobackend(args.xmlsec)
    sc = SecurityContext(crypto)
    metad = MetaDataExtern(ATTRCONV,
                           args.url,
                           sc,
                           cert=args.cert,
                           http=httpc,
                           **kwargs)
Exemple #26
0
for line in open(args.conf).readlines():
    line = line.strip()
    if len(line) == 0:
        continue
    elif line[0] == "#":
        continue
    spec = line.split(" ")

    if args.ignore_valid:
        kwargs = {"check_validity": False}
    else:
        kwargs = {}

    if spec[0] == "local":
        metad = MetaDataFile(ONTS.values(), spec[1], spec[1], **kwargs)
    elif spec[0] == "remote":
        ATTRCONV = ac_factory(args.attrsmap)
        httpc = HTTPBase()
        crypto = _get_xmlsec_cryptobackend(args.xmlsec)
        sc = SecurityContext(crypto, key_type="", cert_type="")
        metad = MetaDataExtern(ONTS.values(), ATTRCONV, spec[1],
                               sc, cert=spec[2], http=httpc, **kwargs)

    if metad is not None:
        try:
            metad.load()
        except:
            raise

    mds.metadata[spec[1]] = metad
Exemple #27
0
#!/usr/bin/env python
import time
from saml2.attribute_converter import ac_factory
from saml2.mdstore import MetaDataMD, MetaDataFile

__author__ = 'rolandh'

start = time.time()
for i in range(1, 10):
    mdmd = MetaDataMD(ac_factory("../tests/attributemaps"), "swamid2.md")
    mdmd.load()

    _ = mdmd.keys()

print(time.time() - start)

start = time.time()
for i in range(1, 10):
    mdf = MetaDataFile(ac_factory("../tests/attributemaps"),
                       "../tests/swamid-2.0.xml")
    mdf.load()
    _ = mdf.keys()

print(time.time() - start)