コード例 #1
0
def test_to_jwe(keytype, alg, enc):
    msg = Message(a='foo', b='bar', c='tjoho')
    _jwe = msg.to_jwe(KEYJAR.get_encrypt_key(keytype, ''), alg=alg, enc=enc)
    with pytest.raises(HeaderError):
        Message().from_jwt(_jwe, KEYJAR, encalg="RSA-OAEP", encenc=enc)
    with pytest.raises(HeaderError):
        Message().from_jwt(_jwe, KEYJAR, encenc="A256CBC-HS512", encalg=alg)
コード例 #2
0
def test_to_jwe(keytype, alg, enc):
    msg = Message(a="foo", b="bar", c="tjoho")
    _jwe = msg.to_jwe(KEYJAR.get_encrypt_key(keytype, ""), alg=alg, enc=enc)
    with pytest.raises(HeaderError):
        Message().from_jwt(_jwe, KEYJAR, encalg="RSA-OAEP", encenc=enc)
    with pytest.raises(HeaderError):
        Message().from_jwt(_jwe, KEYJAR, encenc="A256CBC-HS512", encalg=alg)
コード例 #3
0
def test_no_suitable_keys():
    keytype = 'RSA'
    alg = 'RS256'
    msg = Message(a='foo', b='bar', c='tjoho')
    _jwt = msg.to_jwt(NEW_KEYJAR.get_signing_key(keytype, '', kid=NEW_KID),
                      alg)
    with pytest.raises(NoSuitableSigningKeys):
        Message().from_jwt(_jwt, KEYJAR)
コード例 #4
0
def test_no_suitable_keys():
    keytype = "RSA"
    alg = "RS256"
    msg = Message(a="foo", b="bar", c="tjoho")
    _jwt = msg.to_jwt(NEW_KEYJAR.get_signing_key(keytype, "", kid=NEW_KID),
                      alg)
    with pytest.raises(NoSuitableSigningKeys):
        Message().from_jwt(_jwt, KEYJAR)
コード例 #5
0
    def correct_usage(self, metadata, federation_usage):
        """
        Remove MS paths that are marked to be used for another usage

        :param metadata: Metadata statement as dictionary
        :param federation_usage: In which context this is expected to used.
        :return: Filtered Metadata statement.
        """

        if 'metadata_statements' in metadata:
            _msl = {}
            for fo, ms in metadata['metadata_statements'].items():
                if not isinstance(ms, Message):
                    ms = json.loads(ms)

                if self.correct_usage(ms, federation_usage=federation_usage):
                    _msl[fo] = ms
            if _msl:
                metadata['metadata_statements'] = Message(**_msl)
                return metadata
            else:
                return None
        else:  # this is the innermost
            try:
                assert federation_usage == metadata['federation_usage']
            except KeyError:
                pass
            except AssertionError:
                return None
            return metadata
コード例 #6
0
def test_create_client_metadata_statement():
    ms = MetadataStatement()
    ORGOP.add_signing_keys(ms)
    sms = FOP.pack_metadata_statement(ms)

    cms = ClientMetadataStatement(
        metadata_statements=Message(**{FOP.iss: sms}),
        contacts=['*****@*****.**'])

    assert cms
コード例 #7
0
    def extend_with_ms(self, req, sms_dict):
        """
        Add signed metadata statements to a request

        :param req: The request 
        :param sms_dict: A dictionary with FO IDs as keys and signed metadata
            statements (sms) or uris pointing to sms as values.
        :return: The updated request
        """
        _ms_uri = {}
        _ms = {}
        for fo, sms in sms_dict.items():
            if sms.startswith('http://') or sms.startswith('https://'):
                _ms_uri[fo] = sms
            else:
                _ms[fo] = sms

        if _ms:
            req['metadata_statements'] = Message(**_ms)
        if _ms_uri:
            req['metadata_statement_uris'] = Message(**_ms_uri)
        return req
コード例 #8
0
def test_get_metadata_statement():
    jb = JWKSBundle('')
    for iss in ['https://example.org/', 'https://example.com/']:
        jb[iss] = build_keyjar(KEYDEFS)[1]

    self_signer = InternalSigningService(keyjar=jb['https://example.com/'],
                                         iss='https://example.com/')
    op = Operator(self_signer=self_signer, iss='https://example.com/')
    req = MetadataStatement(foo='bar')
    sms = op.pack_metadata_statement(req, sign_alg='RS256')
    sms_dir = {'https://example.com': sms}
    req['metadata_statements'] = Message(**sms_dir)
    ent = FederationEntity(None, fo_bundle=public_jwks_bundle(jb))
    loe = ent.get_metadata_statement(req)
    assert loe
コード例 #9
0
def test_json_type_error():
    val = '{"key":"A byte string"}'
    m = Message()
    m.from_json(val)
    assert "key" in m
コード例 #10
0
def test_to_dict_with_raw_types():
    msg = Message(c_default=[])
    content_fixture = {"c_default": []}
    _dict = msg.to_dict(lev=1)
    assert _dict == content_fixture
コード例 #11
0
def test_to_dict_with_message_obj():
    content = Message(a={"a": {"foo": {"bar": [{"bat": []}]}}})
    _dict = content.to_dict(lev=0)
    content_fixture = {"a": {"a": {"foo": {"bar": [{"bat": []}]}}}}
    assert _dict == content_fixture
コード例 #12
0
def test_to_jwe(keytype, alg, enc):
    msg = Message(a="foo", b="bar", c="tjoho")
    _jwe = msg.to_jwe(KEYJAR.get_encrypt_key(keytype, ""), alg=alg, enc=enc)
    msg1 = Message().from_jwe(_jwe, KEYJAR.get_encrypt_key(keytype, ""))
    assert msg1 == msg
コード例 #13
0
def test_to_jwt(keytype, alg):
    msg = Message(a="foo", b="bar", c="tjoho")
    _jwt = msg.to_jwt(KEYJAR.get_signing_key(keytype, ""), alg)
    msg1 = Message().from_jwt(_jwt, KEYJAR)
    assert msg1 == msg
コード例 #14
0
    def _unpack(self, ms_dict, keyjar, cls, jwt_ms=None, liss=None):
        """
        
        :param ms_dict: Metadata statement as a dictionary
        :param keyjar: A keyjar with the necessary FO keys
        :param cls: What class to map the metadata into
        :param jwt_ms: Metadata statement as a JWS 
        :param liss: List of FO issuer IDs
        :return: ParseInfo instance
        """
        if liss is None:
            liss = []

        _pr = ParseInfo()
        _pr.input = ms_dict
        ms_flag = False
        if 'metadata_statements' in ms_dict:
            ms_flag = True
            for iss, _ms in ms_dict['metadata_statements'].items():
                if liss and iss not in liss:
                    continue
                _pr = self._ums(_pr, _ms, keyjar)

        if 'metadata_statement_uris' in ms_dict:
            ms_flag = True
            if self.httpcli:
                for iss, url in ms_dict['metadata_statement_uris'].items():
                    if liss and iss not in liss:
                        continue
                    rsp = self.httpcli(method='GET', url=url,
                                       verify=self.verify_ssl)
                    if rsp.status_code == 200:
                        _pr = self._ums(_pr, rsp.text, keyjar)
                    else:
                        raise ParseError(
                            'Could not fetch jws from {}'.format(url))

        for _ms in _pr.parsed_statement:
            if _ms:  # can be None
                loaded = False
                try:
                    keyjar.import_jwks_as_json(_ms['signing_keys'],
                                               ms_dict['iss'])
                except KeyError:
                    pass
                except TypeError:
                    try:
                        keyjar.import_jwks(_ms['signing_keys'], ms_dict['iss'])
                    except Exception as err:
                        logger.error(err)
                        raise
                    else:
                        loaded = True
                else:
                    loaded = True

                if loaded:
                    logger.debug(
                        'Loaded signing keys belonging to {} into the '
                        'keyjar'.format(ms_dict['iss']))

        if ms_flag is True and not _pr.parsed_statement:
            return _pr

        if jwt_ms:
            logger.debug("verifying signed JWT: {}".format(jwt_ms))
            try:
                _pr.result = cls().from_jwt(jwt_ms, keyjar=keyjar)
            except MissingSigningKey:
                if 'signing_keys' in ms_dict:
                    try:
                        _pr.result = self.self_signed(ms_dict, jwt_ms, cls)
                    except MissingSigningKey as err:
                        logger.error('Encountered: {}'.format(err))
                        _pr.error[jwt_ms] = err
            except (JWSException, BadSignature, KeyError) as err:
                logger.error('Encountered: {}'.format(err))
                _pr.error[jwt_ms] = err
        else:
            _pr.result = ms_dict

        if _pr.result and _pr.parsed_statement:
            _prr = _pr.result

            _res = {}
            for x in _pr.parsed_statement:
                if x:
                    _res[get_fo(x)] = x

            _msg = Message(**_res)
            logger.debug('Resulting metadata statement: {}'.format(_msg))
            _pr.result['metadata_statements'] = _msg
        return _pr
コード例 #15
0
def test_to_dict_with_message_obj():
    content = Message(a={'a': {'foo': {'bar': [{'bat': []}]}}})
    _dict = content.to_dict(lev=0)
    content_fixture = {'a': {'a': {'foo': {'bar': [{'bat': []}]}}}}
    assert _dict == content_fixture
コード例 #16
0
def test_to_jwe(keytype, alg, enc):
    msg = Message(a='foo', b='bar', c='tjoho')
    _jwe = msg.to_jwe(KEYJAR.get_encrypt_key(keytype, ''), alg=alg, enc=enc)
    msg1 = Message().from_jwe(_jwe, KEYJAR.get_encrypt_key(keytype, ''))
    assert msg1 == msg
コード例 #17
0
def test_to_jwt(keytype, alg):
    msg = Message(a='foo', b='bar', c='tjoho')
    _jwt = msg.to_jwt(KEYJAR.get_signing_key(keytype, ''), alg)
    msg1 = Message().from_jwt(_jwt, KEYJAR)
    assert msg1 == msg