def create_metadata_string(configfile, config=None, valid=None, cert=None, keyfile=None, mid=None, name=None, sign=None): valid_for = 0 nspair = {"xs": "http://www.w3.org/2001/XMLSchema"} # paths = [".", "/opt/local/bin"] if valid: valid_for = int(valid) # Hours eds = [] if config is None: if configfile.endswith(".py"): configfile = configfile[:-3] config = Config().load_file(configfile, metadata_construction=True) eds.append(entity_descriptor(config)) conf = Config() conf.key_file = config.key_file or keyfile conf.cert_file = config.cert_file or cert conf.debug = 1 conf.xmlsec_binary = config.xmlsec_binary secc = security_context(conf) if mid: eid, xmldoc = entities_descriptor(eds, valid_for, name, mid, sign, secc) else: eid = eds[0] if sign: eid, xmldoc = sign_entity_descriptor(eid, mid, secc) else: xmldoc = None valid_instance(eid) return metadata_tostring_fix(eid, nspair, xmldoc)
def __init__(self, user, passwd, sp="", idp=None, metadata_file=None, xmlsec_binary=None, verbose=0, ca_certs="", disable_ssl_certificate_validation=True, key_file=None, cert_file=None, config=None): """ :param user: user name :param passwd: user password :param sp: The SP URL :param idp: The IdP PAOS endpoint :param metadata_file: Where the metadata file is if used :param xmlsec_binary: Where the xmlsec1 binary can be found (*) :param verbose: Chatty or not :param ca_certs: is the path of a file containing root CA certificates for SSL server certificate validation (*) :param disable_ssl_certificate_validation: If disable_ssl_certificate_validation is true, SSL cert validation will not be performed (*) :param key_file: Private key filename (*) :param cert_file: Certificate filename (*) :param config: Config() instance, overrides all the parameters marked with an asterisk (*) above """ if not config: config = Config() config.disable_ssl_certificate_validation = \ disable_ssl_certificate_validation config.key_file = key_file config.cert_file = cert_file config.ca_certs = ca_certs config.xmlsec_binary = xmlsec_binary Entity.__init__(self, "sp", config) self._idp = idp self._sp = sp self.user = user self.passwd = passwd self._verbose = verbose if metadata_file: self._metadata = MetadataStore([saml, samlp], None, config) self._metadata.load("local", metadata_file) logger.debug("Loaded metadata from '%s'" % metadata_file) else: self._metadata = None self.metadata = self._metadata self.cookie_handler = None self.done_ecp = False self.cookie_jar = cookielib.LWPCookieJar()
def __init__(self, cargs, kwargs): self.nspair = {"xs": "http://www.w3.org/2001/XMLSchema"} _cnf = kwargs['conf'] res = read_multi_conf(_cnf, True) eds = [] for key, cnf in res.items(): eds.append(entity_descriptor(cnf)) valid_for = 0 """ Setting things to None here that are now unused, but might be useful someday """ conf = Config() conf.key_file = None conf.cert_file = None conf.debug = 1 conf.xmlsec_binary = None args_name = None args_id = None args_sign = None secc = security_context(conf) desc, xmldoc = entities_descriptor(eds, valid_for, args_name, args_id, args_sign, secc) valid_instance(desc) self.desc = desc self.xmldoc = xmldoc
def __init__(self, idp_conf, logger, conf, publicKey, privateKey, metadataList): """ Constructor. Initiates the class. :param logger: Logger to be used when something needs to be logged. :param conf: idp_proxy_conf see IdpProxy/conig/idp_proxy_conf.example.py :param key: A RSA key to be used for encryption. :param metadataList: A list of metadata files. [{"local": ["swamid-1.0.xml"]}, {"local": ["sp.xml"]}] :raise: """ if (logger is None) or (conf is None) or (publicKey is None)or (privateKey is None): raise ValueError( "A new instance must include a value for logger, conf and key.") #Public key to be used for encryption. self.publicKey = publicKey self.privateKey = privateKey #Used for presentation of mako files. self.lookup = TemplateLookup( directories=[MetadataGeneration.CONST_STATIC_MAKO + 'templates', MetadataGeneration.CONST_STATIC_MAKO + 'htdocs'], module_directory='modules', input_encoding='utf-8', output_encoding='utf-8') #The logger. self.logger = logger #A list of all social services used by this IdPproxy. self.socialServiceKeyList = [] #A list of all service providers used by this sp. self.spKeyList = [] for key in conf: self.socialServiceKeyList.append(conf[key]["name"]) try: xmlsec_path = get_xmlsec_binary(["/opt/local/bin"]) except: try: xmlsec_path = get_xmlsec_binary(["/usr/local/bin"]) except: self.logger.info('Xmlsec must be installed! Tries /usr/bin/xmlsec1.') xmlsec_path = '/usr/bin/xmlsec1' self.xmlsec_path = xmlsec_path config = Config() config.disable_ssl_certificate_validation = True config.key_file = idp_conf["key_file"] config.cert_file = idp_conf["cert_file"] config.xmlsec_binary = idp_conf["xmlsec_binary"] config.debug = idp_conf["debug"] for metadata in metadataList: mds = MetadataStore(MetadataGeneration.CONST_ONTS.values(), MetadataGeneration.CONST_ATTRCONV, config) mds.imp(metadata) for entityId in mds.keys(): self.spKeyList.append(entityId)
def _make_metadata(config_dict, option): """ Creates metadata from the given idp config :type config_dict: dict[str, Any] :type option: vopaas.metadata_creation.make_vopaas_metadata.MetadataOption :rtype: str :param config_dict: config :param option: metadata creation settings :return: A xml string """ eds = [] cnf = Config() cnf.load(copy.deepcopy(config_dict), metadata_construction=True) if option.valid: cnf.valid_for = option.valid eds.append(entity_descriptor(cnf)) conf = Config() conf.key_file = option.keyfile conf.cert_file = option.cert conf.debug = 1 conf.xmlsec_binary = option.xmlsec secc = security_context(conf) if option.id: desc, xmldoc = entities_descriptor(eds, option.valid, option.name, option.id, option.sign, secc) valid_instance(desc) print(desc.to_string(NSPAIR)) else: for eid in eds: if option.sign: assert conf.key_file assert conf.cert_file eid, xmldoc = sign_entity_descriptor(eid, option.id, secc) else: xmldoc = None valid_instance(eid) xmldoc = metadata_tostring_fix(eid, NSPAIR, xmldoc).decode() return xmldoc
def create_metadata_string(configfile, config, valid, cert, keyfile, id, name, sign): valid_for = 0 nspair = {"xs": "http://www.w3.org/2001/XMLSchema"} #paths = [".", "/opt/local/bin"] if valid: valid_for = int(valid) # Hours eds = [] if config is not None: eds.append(entity_descriptor(config)) else: if configfile.endswith(".py"): configfile = configfile[:-3] config = Config().load_file(configfile, metadata_construction=True) eds.append(entity_descriptor(config)) conf = Config() conf.key_file = keyfile conf.cert_file = cert conf.debug = 1 conf.xmlsec_binary = config.xmlsec_binary secc = security_context(conf) if id: desc = entities_descriptor(eds, valid_for, name, id, sign, secc) valid_instance(desc) return metadata_tostring_fix(desc, nspair) else: for eid in eds: if sign: desc = sign_entity_descriptor(eid, id, secc) else: desc = eid valid_instance(desc) return metadata_tostring_fix(desc, nspair)
for filespec in args.config: bas, fil = os.path.split(filespec) if bas != "": sys.path.insert(0, bas) if fil.endswith(".py"): fil = fil[:-3] cnf = Config().load_file(fil, metadata_construction=True) if valid_for: cnf.valid_for = valid_for eds.append(entity_descriptor(cnf)) conf = Config() conf.key_file = args.keyfile conf.cert_file = args.cert conf.debug = 1 conf.xmlsec_binary = args.xmlsec secc = security_context(conf) if args.id: desc, xmldoc = entities_descriptor(eds, valid_for, args.name, args.id, args.sign, secc) valid_instance(desc) xmldoc = metadata_tostring_fix(desc, nspair, xmldoc) print(xmldoc.decode("utf-8")) else: for eid in eds: if args.sign: assert conf.key_file assert conf.cert_file eid, xmldoc = sign_entity_descriptor(eid, args.id, secc) else: