def testToString(self):
"""
Tests the to_string method of the OneLogin_Saml2_XML
"""
xml = '<test>test1</test>'
elem = etree.fromstring(xml)
bxml = xml.encode('utf8')
self.assertIs(xml, OneLogin_Saml2_XML.to_string(xml))
self.assertIs(bxml, OneLogin_Saml2_XML.to_string(bxml))
self.assertEqual(etree.tostring(elem),
OneLogin_Saml2_XML.to_string(elem))
self.assertRaisesRegexp(ValueError, 'unsupported type',
OneLogin_Saml2_XML.to_string, 1)
def testToString(self):
"""
Tests the to_string method of the OneLogin_Saml2_XML
"""
xml = '<test>test1</test>'
elem = etree.fromstring(xml)
bxml = xml.encode('utf8')
self.assertIs(xml, OneLogin_Saml2_XML.to_string(xml))
self.assertIs(bxml, OneLogin_Saml2_XML.to_string(bxml))
self.assertEqual(etree.tostring(elem), OneLogin_Saml2_XML.to_string(elem))
self.assertRaisesRegexp(ValueError,
'unsupported type',
OneLogin_Saml2_XML.to_string, 1)
def testToString(self):
"""
Tests the to_string method of the OneLogin_Saml2_XML
"""
xml = '<test>test1</test>'
elem = etree.fromstring(xml)
bxml = xml.encode('utf8')
self.assertIs(xml, OneLogin_Saml2_XML.to_string(xml))
self.assertIs(bxml, OneLogin_Saml2_XML.to_string(bxml))
self.assertEqual(etree.tostring(elem), OneLogin_Saml2_XML.to_string(elem))
with self.assertRaises(ValueError) as context:
OneLogin_Saml2_XML.to_string(1)
exception = context.exception
self.assertIn("unsupported type", str(exception))
def testToString(self):
"""
Tests the to_string method of the OneLogin_Saml2_XML
"""
xml = '<test>test1</test>'
elem = etree.fromstring(xml)
bxml = xml.encode('utf8')
self.assertIs(xml, OneLogin_Saml2_XML.to_string(xml))
self.assertIs(bxml, OneLogin_Saml2_XML.to_string(bxml))
self.assertEqual(etree.tostring(elem), OneLogin_Saml2_XML.to_string(elem))
with self.assertRaises(ValueError) as context:
OneLogin_Saml2_XML.to_string(1)
exception = context.exception
self.assertIn("unsupported type", str(exception))
def testConstructor(self):
"""
Tests the OneLogin_Saml2_LogoutResponse Constructor.
"""
settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
message = self.file_contents(join(self.data_path, 'logout_responses', 'logout_response_deflated.xml.base64'))
response = OneLogin_Saml2_Logout_Response(settings, message)
self.assertRegex(compat.to_string(OneLogin_Saml2_XML.to_string(response.document)), '<samlp:LogoutResponse')
def testConstructor(self):
"""
Tests the OneLogin_Saml2_LogoutResponse Constructor.
"""
settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
message = self.file_contents(
join(self.data_path, 'logout_responses',
'logout_response_deflated.xml.base64'))
response = OneLogin_Saml2_Logout_Response(settings, message)
self.assertRegex(
compat.to_string(OneLogin_Saml2_XML.to_string(response.document)),
'<samlp:LogoutResponse')
def AddSign(xml,
key,
cert,
debug=False,
sign_algorithm=OneLogin_Saml2_Constants.RSA_SHA1,
digest_algorithm=OneLogin_Saml2_Constants.SHA1,
addKeyValue=False):
"""
Adds signature key and senders certificate to an element (Message or
Assertion).
:param xml: The element we should sign
:type: string | Document
:param key: The private key
:type: string
:param cert: The public
:type: string
:param debug: Activate the xmlsec debug
:type: bool
:param sign_algorithm: Signature algorithm method
:type sign_algorithm: string
:param digest_algorithm: Digest algorithm method
:type digest_algorithm: string
:returns: Signed XML
:rtype: string
"""
if xml is None or xml == '':
raise Exception('Empty string supplied as input')
elem = OneLogin_Saml2_XML.to_etree(xml)
xmlsec.enable_debug_trace(debug)
xmlsec.tree.add_ids(elem, ["ID"])
# Sign the metadata with our private key.
sign_algorithm_transform_map = {
OneLogin_Saml2_Constants.DSA_SHA1: xmlsec.Transform.DSA_SHA1,
OneLogin_Saml2_Constants.RSA_SHA1: xmlsec.Transform.RSA_SHA1,
OneLogin_Saml2_Constants.RSA_SHA256: xmlsec.Transform.RSA_SHA256,
OneLogin_Saml2_Constants.RSA_SHA384: xmlsec.Transform.RSA_SHA384,
OneLogin_Saml2_Constants.RSA_SHA512: xmlsec.Transform.RSA_SHA512
}
sign_algorithm_transform = sign_algorithm_transform_map.get(
sign_algorithm, xmlsec.Transform.RSA_SHA1)
signature = xmlsec.template.create(elem,
xmlsec.Transform.EXCL_C14N,
sign_algorithm_transform,
ns='ds')
issuer = OneLogin_Saml2_XML.query(elem, '//saml:Issuer')
if len(issuer) > 0:
issuer = issuer[0]
issuer.addnext(signature)
else:
elem.insert(0, signature)
elem_id = elem.get('ID', None)
if elem_id:
elem_id = '#' + elem_id
#else:
# elem_id = ""
digest_algorithm_transform_map = {
OneLogin_Saml2_Constants.SHA1: xmlsec.Transform.SHA1,
OneLogin_Saml2_Constants.SHA256: xmlsec.Transform.SHA256,
OneLogin_Saml2_Constants.SHA384: xmlsec.Transform.SHA384,
OneLogin_Saml2_Constants.SHA512: xmlsec.Transform.SHA512
}
digest_algorithm_transform = digest_algorithm_transform_map.get(
digest_algorithm, xmlsec.Transform.SHA1)
ref = xmlsec.template.add_reference(signature,
digest_algorithm_transform,
uri=elem_id)
xmlsec.template.add_transform(ref, xmlsec.Transform.ENVELOPED)
xmlsec.template.add_transform(ref, xmlsec.Transform.EXCL_C14N)
key_info = xmlsec.template.ensure_key_info(signature)
if addKeyValue:
xmlsec.template.add_key_value(key_info)
xmlsec.template.add_x509_data(key_info)
dsig_ctx = xmlsec.SignatureContext()
sign_key = xmlsec.Key.from_memory(key, xmlsec.KeyFormat.PEM, None)
sign_key.load_cert_from_memory(cert, xmlsec.KeyFormat.PEM)
dsig_ctx.key = sign_key
dsig_ctx.sign(signature)
return OneLogin_Saml2_XML.to_string(elem)
