def test04ParseAttributeQuery(self): samlUtil = SAMLUtil() samlUtil.firstName = '' samlUtil.lastName = '' samlUtil.emailAddress = '' attributeQuery = samlUtil.buildAttributeQuery(SAMLTestCase.ISSUER_DN, SAMLTestCase.NAMEID_VALUE) elem = AttributeQueryElementTree.toXML(attributeQuery) xmlOutput = prettyPrint(elem) print("\n"+"_"*80) print(xmlOutput) attributeQueryStream = StringIO() attributeQueryStream.write(xmlOutput) attributeQueryStream.seek(0) tree = ElementTree.parse(attributeQueryStream) elem2 = tree.getroot() attributeQuery2 = AttributeQueryElementTree.fromXML(elem2) self.assert_(attributeQuery2.id == attributeQuery.id) self.assert_(attributeQuery2.issuer.value==attributeQuery.issuer.value) self.assert_(attributeQuery2.subject.nameID.value == \ attributeQuery.subject.nameID.value) self.assert_(attributeQuery2.attributes[1].name == \ attributeQuery.attributes[1].name) xmlOutput2 = prettyPrint(elem2) print("_"*80) print(xmlOutput2) print("_"*80)
def _makeRequest(self, attributeQuery=None, **kw): """Convenience method to construct queries for tests""" if attributeQuery is None: attributeQuery = self._createAttributeQuery(**kw) elem = AttributeQueryElementTree.toXML(attributeQuery) soapRequest = SOAPEnvelope() soapRequest.create() soapRequest.body.elem.append(elem) request = soapRequest.serialize() return request
def test03CreateAttributeQuery(self): samlUtil = SAMLUtil() samlUtil.firstName = '' samlUtil.lastName = '' samlUtil.emailAddress = '' attributeQuery = samlUtil.buildAttributeQuery(SAMLTestCase.ISSUER_DN, SAMLTestCase.NAMEID_VALUE) elem = AttributeQueryElementTree.toXML(attributeQuery) xmlOutput = prettyPrint(elem) print("\n"+"_"*80) print(xmlOutput) print("_"*80)
def __call__(self, environ, start_response): soapRequestStream = environ['wsgi.input'] soapRequest = SOAPEnvelope() soapRequest.parse(soapRequestStream) attributeQueryElem = soapRequest.body.elem[0] attributeQuery = AttributeQueryElementTree.fromXML(attributeQueryElem) print("Received request from client:\n") print soapRequest.prettyPrint() samlResponse = Response() samlResponse.issueInstant = datetime.utcnow() samlResponse.id = str(uuid4()) samlResponse.issuer = Issuer() # SAML 2.0 spec says format must be omitted #samlResponse.issuer.format = Issuer.X509_SUBJECT samlResponse.issuer.value = \ "/O=NDG/OU=BADC/CN=attributeauthority.badc.rl.ac.uk" samlResponse.inResponseTo = attributeQuery.id assertion = Assertion() assertion.version = SAMLVersion(SAMLVersion.VERSION_20) assertion.id = str(uuid4()) assertion.issueInstant = samlResponse.issueInstant assertion.conditions = Conditions() assertion.conditions.notBefore = assertion.issueInstant assertion.conditions.notOnOrAfter = assertion.conditions.notBefore + \ timedelta(seconds=60*60*8) assertion.subject = Subject() assertion.subject.nameID = NameID() assertion.subject.nameID.format = attributeQuery.subject.nameID.format assertion.subject.nameID.value = attributeQuery.subject.nameID.value assertion.attributeStatements.append(AttributeStatement()) for attribute in attributeQuery.attributes: if attribute.name == SamlSoapBindingApp.FIRSTNAME_ATTRNAME: # special case handling for 'FirstName' attribute fnAttribute = Attribute() fnAttribute.name = attribute.name fnAttribute.nameFormat = attribute.nameFormat fnAttribute.friendlyName = attribute.friendlyName firstName = XSStringAttributeValue() firstName.value = self.firstName fnAttribute.attributeValues.append(firstName) assertion.attributeStatements[0].attributes.append(fnAttribute) elif attribute.name == SamlSoapBindingApp.LASTNAME_ATTRNAME: lnAttribute = Attribute() lnAttribute.name = attribute.name lnAttribute.nameFormat = attribute.nameFormat lnAttribute.friendlyName = attribute.friendlyName lastName = XSStringAttributeValue() lastName.value = self.lastName lnAttribute.attributeValues.append(lastName) assertion.attributeStatements[0].attributes.append(lnAttribute) elif attribute.name == SamlSoapBindingApp.EMAILADDRESS_ATTRNAME: emailAddressAttribute = Attribute() emailAddressAttribute.name = attribute.name emailAddressAttribute.nameFormat = attribute.nameFormat emailAddressAttribute.friendlyName = attribute.friendlyName emailAddress = XSStringAttributeValue() emailAddress.value = self.emailAddress emailAddressAttribute.attributeValues.append(emailAddress) assertion.attributeStatements[0].attributes.append( emailAddressAttribute) samlResponse.assertions.append(assertion) samlResponse.status = Status() samlResponse.status.statusCode = StatusCode() samlResponse.status.statusCode.value = StatusCode.SUCCESS_URI # Convert to ElementTree representation to enable attachment to SOAP # response body samlResponseElem = ResponseElementTree.toXML(samlResponse) xml = ElementTree.tostring(samlResponseElem) log.debug('Sending response to query:\n%s', xml) # Create SOAP response and attach the SAML Response payload soapResponse = SOAPEnvelope() soapResponse.create() soapResponse.body.elem.append(samlResponseElem) response = soapResponse.serialize() start_response("200 OK", [('Content-length', str(len(response))), ('Content-type', 'text/xml')]) return [response]
def test01AttributeQuery(self): attributeQuery = AttributeQuery() attributeQuery.version = SAMLVersion(SAMLVersion.VERSION_20) attributeQuery.id = str(uuid4()) attributeQuery.issueInstant = datetime.utcnow() attributeQuery.issuer = Issuer() attributeQuery.issuer.format = Issuer.X509_SUBJECT attributeQuery.issuer.value = \ "/O=NDG/OU=BADC/CN=attributeauthority.badc.rl.ac.uk" attributeQuery.subject = Subject() attributeQuery.subject.nameID = NameID() attributeQuery.subject.nameID.format = SamlSoapBindingApp.NAMEID_FORMAT attributeQuery.subject.nameID.value = \ "https://openid.localhost/philip.kershaw" # special case handling for 'FirstName' attribute fnAttribute = Attribute() fnAttribute.name = SamlSoapBindingApp.FIRSTNAME_ATTRNAME fnAttribute.nameFormat = "http://www.w3.org/2001/XMLSchema#string" fnAttribute.friendlyName = "FirstName" attributeQuery.attributes.append(fnAttribute) # special case handling for 'LastName' attribute lnAttribute = Attribute() lnAttribute.name = SamlSoapBindingApp.LASTNAME_ATTRNAME lnAttribute.nameFormat = "http://www.w3.org/2001/XMLSchema#string" lnAttribute.friendlyName = "LastName" attributeQuery.attributes.append(lnAttribute) # special case handling for 'LastName' attribute emailAddressAttribute = Attribute() emailAddressAttribute.name = SamlSoapBindingApp.EMAILADDRESS_ATTRNAME emailAddressAttribute.nameFormat = XMLConstants.XSD_NS+"#"+\ XSStringAttributeValue.TYPE_LOCAL_NAME emailAddressAttribute.friendlyName = "emailAddress" attributeQuery.attributes.append(emailAddressAttribute) elem = AttributeQueryElementTree.toXML(attributeQuery) soapRequest = SOAPEnvelope() soapRequest.create() soapRequest.body.elem.append(elem) request = soapRequest.serialize() header = { 'soapAction': "http://www.oasis-open.org/committees/security", 'Content-length': str(len(request)), 'Content-type': 'text/xml' } response = self.app.post('/attributeauthority', params=request, headers=header, status=200) print("Response status=%d" % response.status) soapResponse = SOAPEnvelope() responseStream = StringIO() responseStream.write(response.body) responseStream.seek(0) soapResponse.parse(responseStream) print("Parsed response ...") print(soapResponse.serialize()) # print(prettyPrint(soapResponse.elem)) response = ResponseElementTree.fromXML(soapResponse.body.elem[0]) self.assert_(response.status.statusCode.value==StatusCode.SUCCESS_URI) self.assert_(response.inResponseTo == attributeQuery.id) self.assert_(response.assertions[0].subject.nameID.value == \ attributeQuery.subject.nameID.value)