def _create_response(self, issuer, status, assertion, recipient): """Create an object that represents a SAML Response. <ns0:Response Destination="http://beta.com/Shibboleth.sso/SAML2/POST" ID="c5954543230e4e778bc5b92923a0512d" IssueInstant="2014-07-30T03:19:45Z" Version="2.0" /> <ns0:Issuer> ... </ns0:Issuer> <ns0:Assertion> ... </ns0:Assertion> <ns0:Status> ... </ns0:Status> </ns0:Response> :returns: XML <Response> object """ response = samlp.Response() response.id = uuid.uuid4().hex response.destination = recipient response.issue_instant = utils.isotime() response.version = '2.0' response.issuer = issuer response.status = status response.assertion = assertion return response
def test_sign_verify_with_cert_from_instance(self): response = factory(samlp.Response, assertion=self._assertion, id="22222", signature=sigver.pre_signature_part("22222", self.sec .my_cert)) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] s_response = sigver.signed_instance_factory(response, self.sec, to_sign) response2 = response_from_string(s_response) ci = "".join(sigver.cert_from_instance(response2)[0].split()) assert ci == self.sec.my_cert res = self.sec.verify_signature(s_response, node_name=class_name(samlp.Response())) assert res res = self.sec._check_signature(s_response, response2, class_name(response2), s_response) assert res == response2
def test_sign_verify_with_cert_from_instance(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22222", signature=sigver.pre_signature_part( "id-22222", self.sec.my_cert ), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] s_response = sigver.signed_instance_factory(response, self.sec, to_sign) response2 = response_from_string(s_response) ci = "".join(sigver.cert_from_instance(response2)[0].split()) assert ci == self.sec.my_cert res = self.sec.verify_signature(s_response, node_name=class_name(samlp.Response())) assert res res = self.sec._check_signature(s_response, response2, class_name(response2), s_response) assert res == response2
def test_sign_verify(self): response = factory( samlp.Response, issuer=saml.Issuer(text="the-isser"), status=success_status_factory(), assertion=self._assertion, version="2.0", issue_instant="2099-10-30T13:20:28Z", id="id-22233", signature=sigver.pre_signature_part( "id-22233", self.sec.my_cert ), ) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] s_response = sigver.signed_instance_factory(response, self.sec, to_sign) print(s_response) res = self.sec.verify_signature(s_response, node_name=class_name(samlp.Response())) print(res) assert res
def response_factory(sign=False, encrypt=False, **kwargs): response = samlp.Response(id=sid(), version=VERSION, issue_instant=instant()) if sign: response.signature = pre_signature_part(kwargs["id"]) if encrypt: pass for key, val in kwargs.items(): setattr(response, key, val) return response
def test_sign_verify(self): response = factory(samlp.Response, assertion=self._assertion, id="22233", signature=sigver.pre_signature_part("22233", self.sec.my_cert)) to_sign = [(class_name(self._assertion), self._assertion.id), (class_name(response), response.id)] s_response = sigver.signed_instance_factory(response, self.sec, to_sign) print s_response res = self.sec.verify_signature("%s" % s_response, node_name=class_name(samlp.Response())) print res assert res
def test_valid_instance(): attr_statem = saml.AttributeStatement() text = [ "value of test attribute", "value1 of test attribute", "value2 of test attribute", "value1 of test attribute2", "value2 of test attribute2", ] attr_statem.attribute.append(saml.Attribute()) attr_statem.attribute.append(saml.Attribute()) attr_statem.attribute[0].name = "testAttribute" attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI attr_statem.attribute[0].friendly_name = "test attribute" attr_statem.attribute[0].attribute_value.append(saml.AttributeValue()) attr_statem.attribute[0].attribute_value[0].text = text[0] attr_statem.attribute[1].name = "testAttribute2" attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED attr_statem.attribute[1].friendly_name = text[2] attr_statem.attribute[1].attribute_value.append(saml.AttributeValue()) attr_statem.attribute[1].attribute_value[0].text = text[2] assert valid_instance(attr_statem) response = samlp.Response() response.id = "response id" response.in_response_to = "request id" response.version = saml2.VERSION response.issue_instant = "2007-09-14T01:05:02Z" response.destination = "http://www.example.com/Destination" response.consent = saml.CONSENT_UNSPECIFIED response.issuer = saml.Issuer() response.status = samlp.Status() response.assertion.append(saml.Assertion()) with raises(MustValueError): valid_instance(response)
def ecp_response(self): # ---------------------------------------- # <ecp:Response # ---------------------------------------- target_url = "" ecp_response = ecp.Response(assertion_consumer_service_url=target_url) header = soapenv.Body() header.extension_elements = [element_to_extension_element(ecp_response)] # ---------------------------------------- # <samlp:Response # ---------------------------------------- response = samlp.Response() body = soapenv.Body() body.extension_elements = [element_to_extension_element(response)] soap_envelope = soapenv.Envelope(header=header, body=body) return "%s" % soap_envelope
def setup_class(self): self.response = samlp.Response()