def repack_cert(cert): part = cert.split("\n") if len(part) == 1: part = part[0].strip() return "\n".join(split_len(part, 64)) else: return "\n".join([s.strip() for s in part])
def stripRolloverKeys(self, entity): """ If the entity metadata contains keys for safe-rollover, strips the Standby key because ADFS can't handle it :param entity: Entity descriptor :return: Entity descriptor or None of no working keys remain """ _sps = [] for sp in entity["spsso_descriptor"]: toRemove = [] try: key_desc = sp["key_descriptor"] except KeyError: continue else: for kd in key_desc: try: key_name = kd["key_info"]["key_name"] except KeyError: pass else: stand_by = False for kn in key_name: if kn["text"] == "Standby": toRemove.append(kd) break if stand_by: break x509_data = kd["key_info"]["x509_data"] cert_to_remove = [] for x in x509_data: xc = x["x509_certificate"] cert = xc["text"].strip() cert = "\n".join(split_len("".join([s.strip() for s in cert.split()]), 64)) if not active_cert(cert): cert_to_remove.append(x) for c in cert_to_remove: x509_data.remove(c) if not kd["key_info"]["x509_data"]: toRemove.append(kd) for j in toRemove: sp["key_descriptor"].remove(j) print ("WARNING: removed KeyName element") if sp["key_descriptor"]: _sps.append(sp) if not _sps: return None else: entity["spsso_descriptor"] = _sps return entity