def _create_attribute_statement(self, user, roles, project): """Create an object that represents a SAML AttributeStatement. <ns0:AttributeStatement xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <ns0:Attribute Name="openstack_user"> <ns0:AttributeValue xsi:type="xs:string">test_user</ns0:AttributeValue> </ns0:Attribute> <ns0:Attribute Name="openstack_roles"> <ns0:AttributeValue xsi:type="xs:string">admin</ns0:AttributeValue> <ns0:AttributeValue xsi:type="xs:string">member</ns0:AttributeValue> </ns0:Attribute> <ns0:Attribute Name="openstack_projects"> <ns0:AttributeValue xsi:type="xs:string">development</ns0:AttributeValue> </ns0:Attribute> </ns0:AttributeStatement> :return: XML <AttributeStatement> object """ openstack_user = '******' user_attribute = saml.Attribute() user_attribute.name = openstack_user user_value = saml.AttributeValue() user_value.set_text(user) user_attribute.attribute_value = user_value openstack_roles = 'openstack_roles' roles_attribute = saml.Attribute() roles_attribute.name = openstack_roles for role in roles: role_value = saml.AttributeValue() role_value.set_text(role) roles_attribute.attribute_value.append(role_value) openstack_project = 'openstack_project' project_attribute = saml.Attribute() project_attribute.name = openstack_project project_value = saml.AttributeValue() project_value.set_text(project) project_attribute.attribute_value = project_value attribute_statement = saml.AttributeStatement() attribute_statement.attribute.append(user_attribute) attribute_statement.attribute.append(roles_attribute) attribute_statement.attribute.append(project_attribute) return attribute_statement
def _attrval(val, typ=""): if isinstance(val, list) or isinstance(val, set): attrval = [saml.AttributeValue(text=v) for v in val] elif val is None: attrval = None else: attrval = [saml.AttributeValue(text=val)] if typ: for ava in attrval: ava.set_type(typ) return attrval
def _create_attribute_statement(self, user, roles, project): """Create an object that represents a SAML AttributeStatement. <ns0:AttributeStatement> <ns0:Attribute Name="openstack_user"> <ns0:AttributeValue xsi:type="xs:string">test_user</ns0:AttributeValue> </ns0:Attribute> <ns0:Attribute Name="openstack_roles"> <ns0:AttributeValue xsi:type="xs:string">admin</ns0:AttributeValue> <ns0:AttributeValue xsi:type="xs:string">member</ns0:AttributeValue> </ns0:Attribute> <ns0:Attribute Name="openstack_project"> <ns0:AttributeValue xsi:type="xs:string">development</ns0:AttributeValue> </ns0:Attribute> </ns0:AttributeStatement> :return: XML <AttributeStatement> object """ openstack_user = '******' user_attribute = saml.Attribute() user_attribute.name = openstack_user user_value = saml.AttributeValue() user_value.set_text(user) user_attribute.attribute_value = user_value openstack_roles = 'openstack_roles' roles_attribute = saml.Attribute() roles_attribute.name = openstack_roles for role in roles: role_value = saml.AttributeValue() role_value.set_text(role) roles_attribute.attribute_value.append(role_value) openstack_project = 'openstack_project' project_attribute = saml.Attribute() project_attribute.name = openstack_project project_value = saml.AttributeValue() project_value.set_text(project) project_attribute.attribute_value = project_value attribute_statement = saml.AttributeStatement() attribute_statement.attribute.append(user_attribute) attribute_statement.attribute.append(roles_attribute) attribute_statement.attribute.append(project_attribute) return attribute_statement
def to_eptid_value(self, values): """ Create AttributeValue instances of NameID from the given values. Special handling for the "eptid" attribute Name=urn:oid:1.3.6.1.4.1.5923.1.1.1.10 FriendlyName=eduPersonTargetedID values is a list of items of type str or dict. When an item is a dictionary it has the keys: "NameQualifier", "SPNameQualifier", and "text". Returns a list of AttributeValue instances of NameID elements. """ def _create_nameid_ext_el(value): text = value["text"] if isinstance(value, dict) else value attributes = ({ "Format": NAMEID_FORMAT_PERSISTENT, "NameQualifier": value["NameQualifier"], "SPNameQualifier": value["SPNameQualifier"], } if isinstance(value, dict) else { "Format": NAMEID_FORMAT_PERSISTENT }) element = ExtensionElement("NameID", NAMESPACE, attributes=attributes, text=text) return element attribute_values = [ saml.AttributeValue(extension_elements=[_create_nameid_ext_el(v)]) for v in values ] return attribute_values
def _build_attribute(attribute_name, attribute_values): attribute = saml.Attribute() attribute.name = attribute_name for value in attribute_values: attribute_value = saml.AttributeValue() attribute_value.set_text(value) attribute.attribute_value.append(attribute_value) return attribute
def do_ava(val, typ=""): if isinstance(val, basestring): ava = saml.AttributeValue() ava.set_text(val) attrval = [ava] elif isinstance(val, list): attrval = [do_ava(v)[0] for v in val] elif val or val is False: ava = saml.AttributeValue() ava.set_text(val) attrval = [ava] elif val is None: attrval = None else: raise OtherError("strange value type on: %s" % val) if typ: for ava in attrval: ava.set_type(typ) return attrval
def test_valid_instance(): attr_statem = saml.AttributeStatement() text = [ "value of test attribute", "value1 of test attribute", "value2 of test attribute", "value1 of test attribute2", "value2 of test attribute2", ] attr_statem.attribute.append(saml.Attribute()) attr_statem.attribute.append(saml.Attribute()) attr_statem.attribute[0].name = "testAttribute" attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI attr_statem.attribute[0].friendly_name = "test attribute" attr_statem.attribute[0].attribute_value.append(saml.AttributeValue()) attr_statem.attribute[0].attribute_value[0].text = text[0] attr_statem.attribute[1].name = "testAttribute2" attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED attr_statem.attribute[1].friendly_name = text[2] attr_statem.attribute[1].attribute_value.append(saml.AttributeValue()) attr_statem.attribute[1].attribute_value[0].text = text[2] assert valid_instance(attr_statem) response = samlp.Response() response.id = "response id" response.in_response_to = "request id" response.version = saml2.VERSION response.issue_instant = "2007-09-14T01:05:02Z" response.destination = "http://www.example.com/Destination" response.consent = saml.CONSENT_UNSPECIFIED response.issuer = saml.Issuer() response.status = samlp.Status() response.assertion.append(saml.Assertion()) with raises(MustValueError): valid_instance(response)
def test_attribute(): a = utils.factory(saml.Attribute, friendly_name="eduPersonScopedAffiliation", name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9", name_format="urn:oasis:names:tc:SAML:2.0:attrname" "-format:uri") assert _eq(a.keyswv(), ["friendly_name", "name", "name_format"]) a = utils.factory( saml.Attribute, friendly_name="eduPersonScopedAffiliation", name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9", name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", attribute_value=[saml.AttributeValue(text="*****@*****.**")]) assert _eq(a.keyswv(), ["friendly_name", "name", "name_format", "attribute_value"])
def to_(self, attrvals): """ Create a list of Attribute instances. :param attrvals: A dictionary of attributes and values :return: A list of Attribute instances """ attributes = [] for key, value in attrvals.items(): name = self._to.get(key.lower()) if name: if name == "urn:oid:1.3.6.1.4.1.5923.1.1.1.10": # special case for eduPersonTargetedID attr_value = [] for v in value: extension_element = ExtensionElement( "NameID", NAMESPACE, attributes={'Format': NAMEID_FORMAT_PERSISTENT}, text=v) attrval = saml.AttributeValue( extension_elements=[extension_element]) attr_value.append(attrval) else: attr_value = do_ava(value) attributes.append( factory(saml.Attribute, name=name, name_format=self.name_format, friendly_name=key, attribute_value=attr_value)) else: attributes.append( factory(saml.Attribute, name=key, attribute_value=do_ava(value))) return attributes