コード例 #1
0
 def metadata(self):
     # TODO: generate from some custom logic
     metadata = create_metadata_string(
         __file__,
         self.server.config,
     )
     return Response(metadata, mimetype='text/xml')
コード例 #2
0
ファイル: handler.py プロジェクト: simudream/IdProxy 
 def __init__(self, args, template_lookup, sphandler, ISSUER):
     idpconfig = importlib.import_module(args.idpconfig)
     self.copy_sp_cert = idpconfig.COPYSPCERT
     self.copy_sp_key = idpconfig.COPYSPKEY
     self.passwd = idpconfig.PASSWD
     self.cas_server = idpconfig.CAS_SERVER
     self.yubikey_db = idpconfig.YUBIKEY_DB
     self.yubikey_server = idpconfig.YUBIKEY_SERVER
     self.service_url = ISSUER + "/" + self.IDP_VERIFY_URL
     self.template_lookup = template_lookup
     self.idp_server = self.setup_saml2_server(args.idpconfig, idpconfig,
                                               idpconfig.SYM_KEY)
     self.authn_broker = self.setup_authn_broker(ISSUER, sphandler,
                                                 idpconfig.AUTHORIZATION)
     self.auth_cookie = None
     self.non_authn_urls = [
         (r'%s?(.*)$' % self.IDP_VERIFY_URL, self.do_verify),
         (r'sso/ecp$', (SSO, "ecp")),
     ]
     self.sphandler = sphandler
     self.idp_metadata = create_metadata_string(args.idpconfig + ".py",
                                                self.idp_server.config,
                                                args.valid, args.cert,
                                                args.keyfile, args.id_idp,
                                                args.name_idp, args.sign)
コード例 #3
0
def metadata(r):
    acs_url = get_current_domain(r) + get_reverse([acs, 'acs', 'django_saml2_auth:acs'])

    saml_settings = _get_saml_client_settings(acs_url)
    spConfig = Saml2Config()
    spConfig.load(saml_settings)
    spConfig.allow_unknown_attributes = True
    metadata_string = create_metadata_string(None, config=spConfig, valid=settings.SAML2_AUTH.get('CERTIFICATES', {}).get('VALID_THROUGH', None)*24)
    return HttpResponse(metadata_string, content_type='text/xml')
コード例 #4
0
def test_signed_metadata_proper_str_bytes_handling():
    sp_conf_2 = sp_conf.copy()
    sp_conf_2['key_file'] = full_path("test.key")
    sp_conf_2['cert_file'] = full_path("inc-md-cert.pem")
    # requires xmlsec binaries per https://pysaml2.readthedocs.io/en/latest/examples/sp.html
    sp_conf_2['xmlsec_binary'] = sigver.get_xmlsec_binary(["/opt/local/bin"])
    cnf = SPConfig().load(sp_conf_2, metadata_construction=True)

    # This will raise TypeError if string/bytes handling is not correct
    sp_metadata = create_metadata_string('', config=cnf, sign=True)
コード例 #5
0
ファイル: saml2.py プロジェクト: borgand/SATOSA 
 def __init__(self, config):
     """
     Creates a response containing the metadata generated from the SP config.
     :type config: dict[str, Any]
     :param config: The SP config
     """
     metadata_string = create_metadata_string(None, config, 4, None, None, None, None,
                                              None).decode("utf-8")
     resp = {"content": "text/xml"}
     super(MetadataResponse, self).__init__(message=metadata_string, **resp)
コード例 #6
0
def metadata(environ, start_response, _args):
    path = _args.path
    if path is None or len(path) == 0:
        path = os.path.dirname(os.path.abspath(__file__))
    if path[-1] != "/":
        path += "/"
    metadata = create_metadata_string(path + "sp_conf.py", None, _args.valid,
                                      _args.cert, _args.keyfile, _args.id,
                                      _args.name, _args.sign)
    start_response('200 OK', [('Content-Type', "text/xml")])
    return metadata
コード例 #7
0
ファイル: saml2.py プロジェクト: borgand/SATOSA 
 def __init__(self, config):
     """
     Creates a response containing the metadata generated from the SP config.
     :type config: dict[str, Any]
     :param config: The SP config
     """
     metadata_string = create_metadata_string(None, config, 4, None, None,
                                              None, None,
                                              None).decode("utf-8")
     resp = {"content": "text/xml"}
     super(MetadataResponse, self).__init__(message=metadata_string, **resp)
コード例 #8
0
def metadata(environ, start_response, _args):
    path = _args.path
    if path is None or len(path) == 0:
        path = os.path.dirname(os.path.abspath(__file__))
    if path[-1] != "/":
        path += "/"
    metadata = create_metadata_string(path + "sp_conf.py", None,
                                      _args.valid, _args.cert,
                                      _args.keyfile,
                                      _args.id, _args.name, _args.sign)
    start_response('200 OK', [('Content-Type', "text/xml")])
    return metadata
コード例 #9
0
ファイル: saml2.py プロジェクト: huebnd/SATOSA 
    def _metadata_endpoint(self, context):
        """
        Endpoint for retrieving the backend metadata
        :type context: satosa.context.Context
        :rtype: satosa.response.Response

        :param context: The current context
        :return: response with metadata
        """
        satosa_logging(logger, logging.DEBUG, "Sending metadata response", context.state)
        metadata_string = create_metadata_string(None, self.idp.config, 4, None, None, None, None,
                                                 None).decode("utf-8")
        return Response(metadata_string, content="text/xml")
コード例 #10
0
ファイル: saml2.py プロジェクト: its-dirg/SATOSA 
    def _metadata_endpoint(self, context):
        """
        Endpoint for retrieving the backend metadata
        :type context: satosa.context.Context
        :rtype: satosa.response.Response

        :param context: The current context
        :return: response with metadata
        """
        satosa_logging(logger, logging.DEBUG, "Sending metadata response", context.state)
        metadata_string = create_metadata_string(None, self.idp.config, 4, None, None, None, None,
                                                 None).decode("utf-8")
        return Response(metadata_string, content="text/xml")
コード例 #11
0
ファイル: idp.py プロジェクト: lvanderree/pysaml2-3 
def metadata(environ, start_response):
    try:
        path = args.path
        if path is None or len(path) == 0:
            path = os.path.dirname(os.path.abspath( __file__ ))
        if path[-1] != "/":
            path += "/"
        metadata = create_metadata_string(path+args.config, IDP.config,
                                          args.valid, args.cert, args.keyfile,
                                          args.id, args.name, args.sign)
        start_response('200 OK', [('Content-Type', "text/xml")])
        return metadata
    except Exception as ex:
        logger.error("An error occured while creating metadata:" + ex.message)
        return not_found(environ, start_response)
コード例 #12
0
ファイル: saml2.py プロジェクト: vcruzcid/SATOSA 
    def _metadata_endpoint(self, context):
        """
        Endpoint for retrieving the backend metadata
        :type context: satosa.context.Context
        :rtype: satosa.response.Response

        :param context: The current context
        :return: response with metadata
        """
        msg = "Sending metadata response"
        logline = lu.LOG_FMT.format(id=lu.get_session_id(context.state), message=msg)
        logger.debug(logline)
        metadata_string = create_metadata_string(None, self.idp.config, 4, None, None, None, None,
                                                 None).decode("utf-8")
        return Response(metadata_string, content="text/xml")
コード例 #13
0
def metadata(environ, start_response):
    try:
        path = args.path
        if path is None or len(path) == 0:
            path = os.path.dirname(os.path.abspath(__file__))
        if path[-1] != "/":
            path += "/"
        metadata = create_metadata_string(path + args.config, IDP.config,
                                          args.valid, args.cert, args.keyfile,
                                          args.id, args.name, args.sign)
        start_response('200 OK', [('Content-Type', "text/xml")])
        return metadata
    except Exception as ex:
        logger.error("An error occured while creating metadata:" + ex.message)
        return not_found(environ, start_response)
コード例 #14
0
ファイル: handler.py プロジェクト: simudream/IdProxy 
 def __init__(self, sp_logger, args):
     """
     Constructor for the SpHandler.
     :param sp_logger: A logger.
     """
     #Metadata for the SP
     self.sp_metadata = create_metadata_string(args.spconf + ".py", None,
                                               args.valid, args.cert,
                                               args.keyfile, args.id_sp,
                                               args.name_sp, args.sign)
     #Log class. (see import logging)
     self.logger = sp_logger
     #Configurations for the SP handler. (pyOpSamlProxy.client.sp.conf)
     self.sp_conf = importlib.import_module(
         args.spconf)  #pyOpSamlProxy.client.sp.conf
     #Name of the configuration file. See above.
     self.sp_conf_name = self.sp_conf.WORKING_DIR + args.spconf
     #SP configuration object. (See project pysaml2; saml2.client.Saml2Client)
     self.sp = Saml2Client(config_file="%s" % self.sp_conf_name)
     #Extra arguments for the pyOpSamlProxy.client.sp.util.SSO object.
     self.args = {}
     #URL to SAML discovery server.
     self.args["discosrv"] = self.sp_conf.DISCOSRV
     #URL to SAML WAYF server.
     self.args["wayf"] = self.sp_conf.WAYF
     #URL to op server authorization when the SP have been authenticated.
     #TODO have to be changed when Saml to Saml is implemented.
     self.authorization_url = "%s/authorization" % self.sp_conf.ISSUER
     #Handles the SAML authentication for an op server.
     self.authnmethod = SPAuthnMethodHandler(None,
                                             self.sp_conf.SPVERIFYBASE,
                                             self.authorization_url)
     #Handles SAML authentication for an IdP server.
     # Setup performed by pyOpSamlProxy.provider.idp.handler.handler.
     self.sp_authentication = None
     #Handles the user info response with Saml attributes.
     self.userinfo = UserInfoSpHandler(self.sp_conf.OPENID2SAMLMAP, self)
     #The handler for the op server. Must be set after creation
     #This must be the instance of the class pyOpSamlProxy.provider.op.handler.OpHandler.
     self.ophandler = None
     #Contains the user cache for the SpHandler, like collected IdP attributes.
     #Dictionary where userid is key and value is an instance of the class
     #pyOpSamlProxy.client.sp.handler.SpHandlerCache
     self.sphandlercache = self.sp_conf.CACHE
     self.certificate_cache_name = "CERTIFICATE_CACHE"
     self.certificate_cookie_name = sid()
     self.certificate_cookie_seed = sid()
コード例 #15
0
ファイル: handler.py プロジェクト: its-dirg/IdProxy 
 def __init__(self, sp_logger, args):
     """
     Constructor for the SpHandler.
     :param sp_logger: A logger.
     """
     #Metadata for the SP
     self.sp_metadata = create_metadata_string(args.spconf + ".py", None, args.valid, args.cert, args.keyfile,
                                               args.id_sp, args.name_sp, args.sign)
     #Log class. (see import logging)
     self.logger = sp_logger
     #Configurations for the SP handler. (pyOpSamlProxy.client.sp.conf)
     self.sp_conf = importlib.import_module(args.spconf)  #pyOpSamlProxy.client.sp.conf
     #Name of the configuration file. See above.
     self.sp_conf_name = self.sp_conf.WORKING_DIR + args.spconf
     #SP configuration object. (See project pysaml2; saml2.client.Saml2Client)
     self.sp = Saml2Client(config_file="%s" % self.sp_conf_name)
     #Extra arguments for the pyOpSamlProxy.client.sp.util.SSO object.
     self.args = {}
     #URL to SAML discovery server.
     self.args["discosrv"] = self.sp_conf.DISCOSRV
     #URL to SAML WAYF server.
     self.args["wayf"] = self.sp_conf.WAYF
     #URL to op server authorization when the SP have been authenticated.
     #TODO have to be changed when Saml to Saml is implemented.
     self.authorization_url = "%s/authorization" % self.sp_conf.ISSUER
     #Handles the SAML authentication for an op server.
     self.authnmethod = SPAuthnMethodHandler(None, self.sp_conf.SPVERIFYBASE, self.authorization_url)
     #Handles SAML authentication for an IdP server.
     # Setup performed by pyOpSamlProxy.provider.idp.handler.handler.
     self.sp_authentication = None
     #Handles the user info response with Saml attributes.
     self.userinfo = UserInfoSpHandler(self.sp_conf.OPENID2SAMLMAP, self)
     #The handler for the op server. Must be set after creation
     #This must be the instance of the class pyOpSamlProxy.provider.op.handler.OpHandler.
     self.ophandler = None
     #Contains the user cache for the SpHandler, like collected IdP attributes.
     #Dictionary where userid is key and value is an instance of the class
     #pyOpSamlProxy.client.sp.handler.SpHandlerCache
     self.sphandlercache = self.sp_conf.CACHE
     self.certificate_cache_name = "CERTIFICATE_CACHE"
     self.certificate_cookie_name = sid()
     self.certificate_cookie_seed = sid()
コード例 #16
0
ファイル: handler.py プロジェクト: rhoerbe/IdProxy 
 def __init__(self, args, template_lookup, sphandler, ISSUER):
     idpconfig = importlib.import_module(args.idpconfig)
     self.copy_sp_cert = idpconfig.COPYSPCERT
     self.copy_sp_key = idpconfig.COPYSPKEY
     self.passwd = idpconfig.PASSWD
     self.cas_server = idpconfig.CAS_SERVER
     self.yubikey_db = idpconfig.YUBIKEY_DB
     self.yubikey_server = idpconfig.YUBIKEY_SERVER
     self.service_url = ISSUER + "/" + self.IDP_VERIFY_URL
     self.template_lookup = template_lookup
     self.idp_server = self.setup_saml2_server(args.idpconfig, idpconfig, idpconfig.SYM_KEY)
     self.authn_broker = self.setup_authn_broker(ISSUER, sphandler, idpconfig.AUTHORIZATION)
     self.auth_cookie = None
     self.non_authn_urls = [
         (r'%s?(.*)$' % self.IDP_VERIFY_URL, self.do_verify),
         (r'sso/ecp$', (SSO, "ecp")),
     ]
     self.sphandler = sphandler
     self.idp_metadata = create_metadata_string(args.idpconfig + ".py", self.idp_server.config, args.valid,
                                                args.cert,
                                                args.keyfile, args.id_idp, args.name_idp, args.sign)
コード例 #17
0
ファイル: sp.py プロジェクト: SUNET/pysaml2 
def metadata(environ, start_response):
    try:
        path = _args.path
        if path is None or len(path) == 0:
            path = os.path.dirname(os.path.abspath(__file__))
        if path[-1] != "/":
            path += "/"
        metadata = create_metadata_string(
            path + "sp_conf.py",
            None,
            _args.valid,
            _args.cert,
            _args.keyfile,
            _args.id,
            _args.name,
            _args.sign,
        )
        start_response("200 OK", [("Content-Type", "text/xml")])
        return [metadata]
    except Exception as ex:
        logger.error("An error occured while creating metadata: %s", ex.message)
        return not_found(environ, start_response)
コード例 #18
0
def metadata(environ, start_response):
    try:
        path = _args.path
        if path is None or len(path) == 0:
            path = os.path.dirname(os.path.abspath(__file__))
        if path[-1] != "/":
            path += "/"
        metadata = create_metadata_string(
            path + "sp_conf.py",
            None,
            _args.valid,
            _args.cert,
            _args.keyfile,
            _args.id,
            _args.name,
            _args.sign,
        )
        start_response("200 OK", [("Content-Type", "text/xml")])
        return [metadata]
    except Exception as ex:
        logger.error("An error occured while creating metadata: %s", ex.message)
        return not_found(environ, start_response)
コード例 #19
0
 def metadata(self):
     metadata = create_metadata_string(
         __file__,
         self.server.config,
     )
     return Response(metadata, mimetype='text/xml')
コード例 #20
0
	def get_metadata(self, valid='4', cert=None, keyfile=None, mid=None, name=None, sign=None):
		"""get the XML metadata of this service provider"""
		return create_metadata_string(self.configfile, None, valid='4', cert=None, keyfile=None, mid=None, name=None, sign=False)
コード例 #21
0
ファイル: sp_metadata.py プロジェクト: jaustinpage/saml_tools 
import os
import saml2

from saml2.metadata import create_metadata_string

entity_id = 'https://sp-test.rackspace.com'
path = os.path.dirname(os.path.abspath(__file__))

metadata = create_metadata_string(path + "/sp_conf.py", None, 4,
                                  path + "/pki/sp.crt", path + "/pki/sp.key",
                                  entity_id, None, True)
print metadata
コード例 #22
0
ファイル: dirg_web_server.py プロジェクト: its-dirg/dirg-web 
                        help="A file with a key to sign the metadata with")
    parser.add_argument('-n', dest='name')
    parser.add_argument('-s', dest='sign', action='store_true',
                        help="sign the metadata")
    parser.add_argument('-sp', dest='sp_conf', default='sp_conf',
                        help="sp configuration file")
    parser.add_argument(dest="config")
    args = parser.parse_args()
    global config
    config = importlib.import_module(args.config)
    sp_config = importlib.import_module(args.sp_conf)

    global logger
    logger = create_logger(config.LOG_FILE)

    metadata = create_metadata_string("sp_conf.py", None, args.valid, args.cert, args.keyfile, args.id, args.name,
                                      args.sign)

    global sphandler
    sphandler = SpHandler(logger, metadata, os.path.dirname(os.path.abspath( __file__ )), args.sp_conf+".py", sp_config)

    global srv
    srv = wsgiserver.CherryPyWSGIServer(('0.0.0.0', config.PORT), SessionMiddleware(application, config.SESSION_OPTS))
    srv.stats['Enabled'] = True

    if config.HTTPS:
        srv.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(config.SERVER_CERT, config.SERVER_KEY, config.CERT_CHAIN)
        srv.ssl_adapter.context = srv.ssl_adapter.get_context()
        srv.ssl_adapter.context.set_options(SSL.OP_NO_SSLv3)
        srv.ssl_adapter.context.set_cipher_list('EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA')

    logger.info("Server starting")
コード例 #23
0
def metadata(request):
    xmldoc = create_metadata_string(None, config=sp_config())

    return HttpResponse(xmldoc.decode("utf-8"), content_type='text/xml')