def basic_entity_configuration(self, io): q = parse_qs(io.environ.get('QUERY_STRING')) # construct profile profile = to_profile(q) _ent_conf = create_model(profile, ent_info_path=self.ent_info) state = {} if not do_discovery(profile): _ent_conf['client']['provider_info']['issuer'] = q['iss'][0] if not do_registration(profile): # need to create a redirect_uri, means I need to register a port _port = self.assigned_ports.register_port(q['iss'][0], q['tag'][0]) _ent_conf['client']['registration_response'][ 'redirect_uris'] = '{}:{}/authz_cb'.format( self.test_tool_base[:-1], _port) _ent_conf['tool']['tag'] = q['tag'][0] _ent_conf['tool']['issuer'] = q['iss'][0] _ent_conf['tool']['profile'] = profile _qiss = quote_plus(q['iss'][0]) _qtag = quote_plus(q['tag'][0]) io.rest.write(_qiss, _qtag, _ent_conf) return '{}form/update/{}/{}'.format(self.baseurl, _qiss, _qtag)
def restart_instance(self, app, part): _iss = unquote_plus(part[0]) _tag = unquote_plus(part[1]) url = app.run_test_instance(quote_plus(_iss), quote_plus(_tag)) if isinstance(url, Response): return url(self.environ, self.start_response) resp = Response(mako_template='message.mako', template_lookup=self.lookup, headers=[]) if url: args = { 'title': "Action performed", 'base': self.baseurl, 'note': 'Your test instance "{iss}:{tag}" has been ' 'restarted as <a href="{url}">{url}</a>'.format(iss=_iss, tag=_tag, url=url) } else: args = { 'title': "Action Failed", 'base': self.baseurl, 'note': 'Could not restart your test instance' } return resp(self.environ, self.start_response, **args)
def test_construct(self, client): cis = AccessTokenRequest(code="foo", redirect_uri="http://example.com") csb = ClientSecretBasic(client) http_args = csb.construct(cis) cred = '{}:{}'.format(quote_plus("A"), quote_plus("boarding pass")) assert http_args == {"headers": {"Authorization": "Basic {}".format( base64.b64encode(cred.encode("utf-8")).decode("utf-8"))}}
def test_basic_authn_authenticate_as(): pwd_database = {'Diana': 'Piano player', 'NonAscii': '€&+%#@äää'} ba = BasicAuthn(None, pwd=pwd_database) for user, passwd in pwd_database.items(): credentials = "{}:{}".format(quote_plus(user), quote_plus(passwd)) authz = base64.b64encode(credentials.encode("utf-8")).decode("utf-8") authorization_string = "Basic {}".format(authz) uid, when = ba.authenticated_as(authorization=authorization_string) assert uid == {'uid': user}
def test_construct(self, client): cis = AccessTokenRequest(code="foo", redirect_uri="http://example.com") csb = ClientSecretBasic(client) http_args = csb.construct(cis) cred = '{}:{}'.format(quote_plus("A"), quote_plus("boarding pass")) assert http_args == { "headers": { "Authorization": "Basic {}".format( base64.b64encode(cred.encode("utf-8")).decode("utf-8")) } }
def get_pid(self, parts): lp = [unquote_plus(p) for p in parts] qp = [quote_plus(p) for p in lp] try: return self.running_processes[self.key(*qp)] except KeyError: return 0
def log_path(self, **kwargs): _conv = self.session["conv"] try: iss = _conv.entity.provider_info["issuer"] except (TypeError, KeyError): return "" else: qiss = quote_plus(iss) path = with_or_without_slash(os.path.join("log", qiss)) if path is None: path = os.path.join("log", qiss) prof = ".".join(self.to_profile()) if not os.path.isdir("{}/{}".format(path, prof)): os.makedirs("{}/{}".format(path, prof)) if 'test_id' not in kwargs: _test_id = self.session["testid"] else: _test_id = kwargs['test_id'] return "{}/{}/{}".format(path, prof, _test_id)
def set_profile(self, info): try: old = from_profile(self.sh.profile) new = from_profile(to_profile(info)) for attr in ['enc', 'extra', 'none', 'return_type', 'sig', 'form_post']: old[attr] = new[attr] # Store new configuration try: rest = self.sh.extra['rest'] except KeyError: self.conv.tool_conf.update(compress_profile(old)) else: qp = [quote_plus(p) for p in [self.sh.iss, self.sh.tag]] _, _conf = rest.read_conf(*qp) _conf['tool'].update(compress_profile(old)) rest.store(qp[0], qp[1], _conf) # This will fail if no test has been run before the conf # is changed try: self.conv.tool_conf = _conf['tool'] except AttributeError: pass # reset all test flows self.flows.test_info = {} self.flows.complete = {} self.sh.reset_session(profile=old['profile']) # Back to test list return self.inut.flow_list() except Exception as err: return self.inut.err_response("profile", err)
def test_basic_authn_authenticate_as(): pwd_database = { 'Diana': 'Piano player', 'NonAscii': '€&+%#@äää' } ba = BasicAuthn(None, pwd=pwd_database) for user, passwd in pwd_database.items(): credentials = "{}:{}".format(quote_plus(user), quote_plus(passwd)) authz = base64.b64encode(credentials.encode("utf-8")).decode("utf-8") authorization_string = "Basic {}".format(authz) uid, when = ba.authenticated_as(authorization=authorization_string) assert uid == {'uid': user}
def delete_instance(self, parts, pid=0, app=None): lp = [unquote_plus(p) for p in parts] qp = [quote_plus(p) for p in lp] _key = app.assigned_ports.make_key(*lp) if pid: kill_process(pid) del app.running_processes[_key] os.unlink(os.path.join(self.entpath, *qp)) # Remove issuer if out of tags if not os.listdir(os.path.join(self.entpath, qp[0])): os.rmdir(os.path.join(self.entpath, qp[0])) del app.assigned_ports[_key] resp = Response(mako_template='message.mako', template_lookup=self.lookup, headers=[]) args = { 'title': "Action performed", 'base': self.baseurl, 'note': 'Your test tool instance <em>{} {}</em> has been ' 'removed'.format(*lp) } return resp(self.environ, self.start_response, **args)
def delete_instance(self, parts, pid=0, app=None): lp = [unquote_plus(p) for p in parts] qp = [quote_plus(p) for p in lp] _key = app.assigned_ports.make_key(*lp) if pid: kill_process(pid) del app.running_processes[_key] os.unlink(os.path.join(self.entpath, *qp)) # Remove issuer if out of tags if not os.listdir(os.path.join(self.entpath, qp[0])): os.rmdir(os.path.join(self.entpath, qp[0])) del app.assigned_ports[_key] resp = Response(mako_template='message.mako', template_lookup=self.lookup, headers=[]) args = {'title': "Action performed", 'base': self.baseurl, 'note': 'Your test tool instance <em>{} {}</em> has been ' 'removed'.format(*lp)} return resp(self.environ, self.start_response, **args)
def construct(self, cis, request_args=None, http_args=None, **kwargs): """ :param cis: Request class instance :param request_args: Request arguments :param http_args: HTTP arguments :return: dictionary of HTTP arguments """ if http_args is None: http_args = {} try: passwd = kwargs["password"] except KeyError: try: passwd = http_args["password"] except KeyError: try: passwd = cis["client_secret"] except KeyError: passwd = self.cli.client_secret try: user = kwargs["user"] except KeyError: user = self.cli.client_id if "headers" not in http_args: http_args["headers"] = {} credentials = "{}:{}".format(quote_plus(user), quote_plus(passwd)) authz = base64.b64encode(credentials.encode("utf-8")).decode("utf-8") http_args["headers"]["Authorization"] = "Basic {}".format(authz) try: del cis["client_secret"] except KeyError: pass if (("client_id" not in cis.c_param.keys()) or cis.c_param["client_id"][VREQUIRED]) is False: try: del cis["client_id"] except KeyError: pass return http_args
def populate_jwks_dir(fos): # Populate the FO jwks directory if not os.path.exists(JWKS_DIR): os.mkdir(JWKS_DIR) for op in fos: fname = os.path.join(JWKS_DIR, quote_plus(op.iss)) fp = open(fname, 'w') fp.write(json.dumps(op.keyjar.export_jwks())) fp.close()
def test_mdx_single_sign_on_service(): entity_id = "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" url = "http://mdx.example.com/entities/{}".format( quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))) responses.add(responses.GET, url, body=TEST_METADATA_STRING, status=200, content_type=SAML_METADATA_CONTENT_TYPE) mdx = MetaDataMDX("http://mdx.example.com") sso_loc = mdx.single_sign_on_service(entity_id, BINDING_HTTP_REDIRECT) assert sso_loc[0]["location"] == "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"
def populate_sms_dir(spec): # populate the signed metadata statements directory signer, sms = create_compound_metadata_statement(spec) if not os.path.exists(SMD_DIR): os.mkdir(SMD_DIR) fname = os.path.join(SMD_DIR, quote_plus(signer)) fp = open(fname, 'w') fp.write(sms) fp.close()
def update_instance(self, *parts): resp = Response(mako_template="instance.mako", template_lookup=self.lookup, headers=[]) lp = [unquote_plus(p) for p in parts] qp = [quote_plus(p) for p in lp] format, _conf = self.rest.read_conf(qp[0], qp[1]) # provider_info and registration_response dicts = {'tool': _conf['tool']} for item in tool_conf: if item not in dicts['tool']: dicts['tool'][item] = '' for typ in ['provider_info', 'registration_response']: try: dicts[typ] = _conf['client'][typ] except KeyError: try: dicts[typ] = update(typ, _conf[typ]) except KeyError: pass state = {'immutable': {}, 'required': {}} if 'registration_response' in dicts: state['registration_response'] = { 'immutable': ['redirect_uris'], 'required': ['client_id', 'client_secret'] } if 'provider_info': state['provider_info'] = { 'immutable': ['issuer'], 'required': [ 'authorization_endpoint', 'jwks_uri', 'response_types_supported', 'subject_types_supported', 'id_token_signing_alg_values_supported' ] } if return_type(_conf['tool']['profile']) not in ['I', 'IT']: state['provider_info']['required'].append('token_endpoint') arg = { 'base': '', 'iss': qp[0], 'tag': qp[1], 'dicts': dicts, 'state': state } return resp(self.environ, self.start_response, **arg)
def basic_entity_configuration(self, io): q = parse_qs(io.environ.get('QUERY_STRING')) # construct profile ppiece = [q['return_type'][0]] for p in ['webfinger', 'discovery', 'registration']: if p in q: ppiece.append('T') else: ppiece.append('F') profile = '.'.join(ppiece) _ent_conf = create_model(profile, ent_info_path=self.ent_info) _ent_conf['tool']['tag'] = q['tag'][0] _ent_conf['tool']['issuer'] = q['iss'][0] _ent_conf['tool']['profile'] = profile _qiss = quote_plus(q['iss'][0]) _qtag = quote_plus(q['tag'][0]) io.rest.write(_qiss, _qtag, _ent_conf) return '{}form/update/{}/{}'.format(self.baseurl, _qiss, _qtag)
def update_instance(self, iss, tag): resp = Response(mako_template="instance.mako", template_lookup=self.lookup, headers=[]) qiss = quote_plus(iss) qtag = quote_plus(tag) _conf = self.rest.read_conf(qiss, qtag) # provider_info and registration_response dicts = {'tool': _conf['tool']} for item in tool_conf: if item not in dicts['tool']: dicts['tool'][item] = '' for typ in ['provider_info', 'registration_response']: try: dicts[typ] = _conf['client'][typ] except KeyError: pass arg = {'base': '', 'iss': qiss, 'tag': qtag, 'dicts': dicts} return resp(self.environ, self.start_response, **arg)
def restart_instance(self, app, part): _iss = unquote_plus(part[0]) _tag = unquote_plus(part[1]) url = app.run_test_instance(quote_plus(_iss), quote_plus(_tag)) if isinstance(url, Response): return url(self.environ, self.start_response) resp = Response(mako_template='message.mako', template_lookup=self.lookup, headers=[]) if url: args = { 'title': "Action performed", 'base': self.baseurl, 'note': 'Your test instance "{iss}:{tag}" has been ' 'restarted as <a href="{url}">{url}</a>'.format( iss=_iss, tag=_tag, url=url)} else: args = { 'title': "Action Failed", 'base': self.baseurl, 'note': 'Could not restart your test instance'} return resp(self.environ, self.start_response, **args)
def list_tag(self, iss): resp = Response(mako_template="list_tag.mako", template_lookup=self.lookup, headers=[]) _iss = unquote_plus(iss) qiss = quote_plus(_iss) fils = os.listdir(os.path.join(self.entpath, qiss)) active = dict([(fil, isrunning(_iss, fil)) for fil in fils]) args = {'base': self.baseurl, 'items': fils, "qiss": qiss, "iss": _iss, 'active': active} return resp(self.environ, self.start_response, **args)
def test_mdx_single_sign_on_service(): entity_id = "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" url = "http://mdx.example.com/entities/{}".format( quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))) responses.add(responses.GET, url, body=TEST_METADATA_STRING, status=200, content_type=SAML_METADATA_CONTENT_TYPE) mdx = MetaDataMDX("http://mdx.example.com") sso_loc = mdx.single_sign_on_service(entity_id, BINDING_HTTP_REDIRECT) assert sso_loc[0][ "location"] == "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"
def update_instance(self, *parts): resp = Response(mako_template="instance.mako", template_lookup=self.lookup, headers=[]) lp = [unquote_plus(p) for p in parts] qp = [quote_plus(p) for p in lp] format, _conf = self.rest.read_conf(qp[0], qp[1]) # provider_info and registration_response dicts = {'tool': _conf['tool']} for item in tool_conf: if item not in dicts['tool']: dicts['tool'][item] = '' for typ in ['provider_info', 'registration_response']: try: dicts[typ] = _conf['client'][typ] except KeyError: try: dicts[typ] = update(typ, _conf[typ]) except KeyError: pass state = {'immutable': {}, 'required': {}} if 'registration_response' in dicts: state['registration_response'] = { 'immutable': ['redirect_uris'], 'required': ['client_id', 'client_secret']} if 'provider_info': state['provider_info'] = { 'immutable': ['issuer'], 'required': ['authorization_endpoint', 'jwks_uri', 'response_types_supported', 'subject_types_supported', 'id_token_signing_alg_values_supported'] } if return_type(_conf['tool']['profile']) not in ['I', 'IT']: state['provider_info']['required'].append('token_endpoint') arg = {'base': '', 'iss': qp[0], 'tag': qp[1], 'dicts': dicts, 'state': state} return resp(self.environ, self.start_response, **arg)
def make_bundle(tool_iss, fo_iss, sign_keyjar, keydefs, base_path=''): _operator = {} for entity in fo_iss: fname = quote_plus(os.path.join(base_path, "{}.key".format(entity))) _keydef = keydefs[:] _keydef[0]['key'] = fname _jwks, _keyjar, _kidd = build_keyjar(_keydef) _operator[entity] = _jwks jb = JWKSBundle(tool_iss, sign_keyjar) for iss, jwks in _operator.items(): jb[iss] = jwks return jb
def show_tag(self, part): resp = Response(mako_template="action.mako", template_lookup=self.lookup, headers=[]) lp = [unquote_plus(p) for p in part[1:]] if find_test_instance(*lp): active = True else: active = False qp = [quote_plus(p) for p in lp] info = open(os.path.join(self.entpath, *qp), 'r').read() args = {'base': self.baseurl, 'info': json.loads(info), "qargs": qp, "largs": lp, 'active': active} return resp(self.environ, self.start_response, **args)
def test_port(): pmin = 60000 pmax = 60004 app = Application('', None, '', '', None, path2port='path2port.csv', port_min=pmin, port_max=pmax) _port1 = app.get_port(quote_plus('https://example.com'), 'one') assert _port1 == pmin _port2 = app.get_port(quote_plus('https://example.com'), 'two') assert _port2 != _port1 assert pmin < _port2 <= pmax _port3 = app.get_port(quote_plus('https://example.com'), 'three') assert _port3 not in [_port1, _port2] assert pmin < _port3 <= pmax _port4 = app.get_port(quote_plus('https://example.com'), 'four') assert _port4 not in [_port1, _port2, _port3] assert pmin < _port4 <= pmax _port5 = app.get_port(quote_plus('https://example.com'), 'five') assert _port5 not in [_port1, _port2, _port3, _port4] assert pmin < _port4 <= pmax try: _ = app.get_port(quote_plus('https://example.com'), 'six') except OutOfRange: assert True else: assert False app.return_port(quote_plus('https://example.com'), 'three') _port6 = app.get_port(quote_plus('https://example.com'), 'six') assert _port6 not in [_port1, _port2, _port4, _port5] assert pmin < _port4 <= pmax
def list_tag(self, iss): resp = Response(mako_template="list_tag.mako", template_lookup=self.lookup, headers=[]) _iss = unquote_plus(iss) qiss = quote_plus(_iss) fils = os.listdir(os.path.join(self.entpath, qiss)) active = dict([(fil, isrunning(_iss, fil)) for fil in fils]) args = { 'base': self.baseurl, 'items': fils, "qiss": qiss, "iss": _iss, 'active': active } return resp(self.environ, self.start_response, **args)
def urlhandler_log(self, webio): if path == "log" or path == "log/": _cc = webio.conf.CLIENT try: _iss = _cc["srv_discovery_url"] except KeyError: _iss = _cc["provider_info"]["issuer"] parts = [quote_plus(_iss)] else: parts = [] while path != "log": head, tail = os.path.split(path) # tail = tail.replace(":", "%3A") # if tail.endswith("%2F"): # tail = tail[:-3] parts.insert(0, tail) path = head return webio.display_log("log", *parts)
def make_kodi_url(self): d_original = OrderedDict( sorted(self.__dict__.items(), key=lambda x: x[0])) d = d_original.copy() for key, value in d_original.items(): if not value: d.pop(key) continue if isinstance(value, str): d[key] = unicodedata.normalize('NFKD', value).encode( 'ascii', 'ignore').decode('utf-8') url = '' for key in d.keys(): if isinstance(d[key], (str, bytes)): val = quote_plus(d[key]) else: val = d[key] url += '&{0}={1}'.format(key, val) url += '&addon_version={0}'.format(utils.get_addon_version()) return url
def show_tag(self, part): resp = Response(mako_template="action.mako", template_lookup=self.lookup, headers=[]) lp = [unquote_plus(p) for p in part[1:]] if find_test_instance(*lp): active = True else: active = False qp = [quote_plus(p) for p in lp] info = open(os.path.join(self.entpath, *qp), 'r').read() args = { 'base': self.baseurl, 'info': json.loads(info), "qargs": qp, "largs": lp, 'active': active } return resp(self.environ, self.start_response, **args)
def log_path(self, test_id=None): _conv = self.session["conv"] try: iss = _conv.entity_id except (TypeError, KeyError, AttributeError): return "" else: qiss = quote_plus(iss) path = with_or_without_slash(os.path.join("log", qiss)) if path is None: path = os.path.join("log", qiss) prof = ".".join(self.to_profile()) if not os.path.isdir("{}/{}".format(path, prof)): os.makedirs("{}/{}".format(path, prof)) if test_id is None: test_id = self.session["testid"] return "{}/{}/{}".format(path, prof, test_id)
def list_dir(self, dirname, qiss): if not os.path.isdir(dirname): if qiss.endswith('%2F'): # try to remove qiss = qiss[:-3] else: # else add qiss += '%2F' dirname = self.entity_file_name(qiss, '') if not os.path.isdir(dirname): raise NoSuchFile(dirname) iss = unquote_plus(qiss) res = ['<p>'] for file in os.listdir(dirname): _url = '{}{}/{}'.format(self.base_url, qiss, quote_plus(file)) res.append('<a href="{}">{}</a><br>'.format(_url, file)) res.append('</p') _html = [ '<html><head>List of tags for "{}"</head>'.format(iss), '<body>' ] _html.extend(res) _html.append('</body></html>') return 'html', '\n'.join(_html)
def log_path(session, test_id=None): _conv = session["conv"] try: iss = _conv.entity.provider_info["issuer"] except TypeError: return "" else: qiss = quote_plus(iss) path = with_or_without_slash(os.path.join("log", qiss)) if path is None: path = os.path.join("log", qiss) prof = ".".join(to_profile(session)) if not os.path.isdir("%s/%s" % (path, prof)): os.makedirs("%s/%s" % (path, prof)) if test_id is None: test_id = session["testid"] return "%s/%s/%s" % (path, prof, test_id)
def log_path(session, test_id=None): _conv = session["conv"] try: iss = _conv.entity.provider_info["issuer"] except TypeError: return "" else: qiss = quote_plus(iss) path = with_or_without_slash(os.path.join("log", qiss)) if path is None: path = os.path.join("log", qiss) prof = ".".join(from_profile(session["profile"].split("."))) if not os.path.isdir("%s/%s" % (path, prof)): os.makedirs("%s/%s" % (path, prof)) if test_id is None: test_id = session["testid"] return "%s/%s/%s" % (path, prof, test_id)
def set_profile(self, info): try: old = from_profile(self.sh.profile) new = from_profile(to_profile(info)) for attr in [ 'enc', 'extra', 'none', 'return_type', 'sig', 'form_post' ]: old[attr] = new[attr] # Store new configuration try: rest = self.sh.extra['rest'] except KeyError: self.conv.tool_conf.update(compress_profile(old)) else: qp = [quote_plus(p) for p in [self.sh.iss, self.sh.tag]] _, _conf = rest.read_conf(*qp) _conf['tool'].update(compress_profile(old)) rest.store(qp[0], qp[1], _conf) # This will fail if no test has been run before the conf # is changed try: self.conv.tool_conf = _conf['tool'] except AttributeError: pass # reset all test flows self.flows.test_info = {} self.flows.complete = {} self.sh.reset_session(profile=old['profile']) # Back to test list return self.inut.flow_list() except Exception as err: return self.inut.err_response("profile", err)
def test_port(): pmin = 60000 pmax = 60004 # test_script, flowdir, rest, port_min, port_max, # test_tool_base, test_tool_conf, prehtml, app = AssignedPorts('assport', pmin, pmax) _port1 = app.register_port(quote_plus('https://example.com'), 'one') assert _port1 == pmin _port2 = app.register_port(quote_plus('https://example.com'), 'two') assert _port2 != _port1 assert pmin < _port2 <= pmax _port3 = app.register_port(quote_plus('https://example.com'), 'three') assert _port3 not in [_port1, _port2] assert pmin < _port3 <= pmax _port4 = app.register_port(quote_plus('https://example.com'), 'four') assert _port4 not in [_port1, _port2, _port3] assert pmin < _port4 <= pmax _port5 = app.register_port(quote_plus('https://example.com'), 'five') assert _port5 not in [_port1, _port2, _port3, _port4] assert pmin < _port4 <= pmax try: _ = app.register_port(quote_plus('https://example.com'), 'six') except OutOfRange: assert True else: assert False del app[app.make_key('https://example.com', 'three')] _port6 = app.register_port(quote_plus('https://example.com'), 'six') assert _port6 not in [_port1, _port2, _port4, _port5] assert pmin < _port4 <= pmax
KEYDEFS = [{ "type": "RSA", "key": '', "use": ["sig"] }, { "type": "EC", "crv": "P-256", "use": ["sig"] }] KEYS = {} ISSUER = {} OPERATOR = {} for entity in ['fo0', 'fo1', 'fo2', 'fo3', 'sig']: fname = quote_plus(os.path.join(BASE_PATH, "{}.key".format(entity))) _keydef = KEYDEFS[:] _keydef[0]['key'] = fname _jwks, _keyjar, _kidd = build_keyjar(_keydef) KEYS[entity] = {'jwks': _jwks, 'keyjar': _keyjar, 'kidd': _kidd} ISSUER[entity] = 'https://{}.example.org'.format(entity) OPERATOR[entity] = Operator(keyjar=_keyjar, iss=ISSUER[entity]) SignKeyJar = OPERATOR['sig'].keyjar del OPERATOR['sig'] def test_create(): jb = JWKSBundle('iss') for iss, op in OPERATOR.items():
parser.add_argument('-L', dest='claims_locales') parser.add_argument('-p', dest='profile', default='C.T.T.T') parser.add_argument('-s', dest='sig', action='store_true') parser.add_argument('-t', dest='tag') parser.add_argument('-x', dest='extra', action='store_true') parser.add_argument('-w', dest='webfinger_email') parser.add_argument('-W', dest='webfinger_url') args = parser.parse_args() ent_info_path = '{}/entity_info'.format(args.entity_root) rest = REST('', '{}/entities'.format(args.entity_root), ent_info_path) cnf = create_model(args.profile, ent_info_path) for item in ['sig', 'enc', 'extra']: if getattr(args, item): cnf['tool'][item] = True for item in [ 'acr_values', 'login_hint', 'ui_locales', 'claims_locales', 'webfinger_url', 'webfinger_email', 'issuer', 'profile', 'tag' ]: v = getattr(args, item) if v: cnf['tool'][item] = v qiss = quote_plus(cnf['tool']['issuer']) qtag = cnf['tool']['tag'] rest.write(qiss, qtag, cnf)
parser.add_argument(dest="config") args = parser.parse_args() session_opts = { 'session.type': 'memory', 'session.cookie_expires': True, 'session.auto': True, 'session.timeout': 900 } sys.path.insert(0, ".") CONF = importlib.import_module(args.config) rest = REST(None, CONF.ENT_PATH, CONF.ENT_INFO) if args.tag: qtag = quote_plus(args.tag) else: qtag = 'default' ent_conf = None try: ent_conf = rest.construct_config(quote_plus(args.issuer), qtag) except Exception as err: print('iss:{}, tag:{}'.format(quote_plus(args.issuer), qtag)) for m in traceback.format_exception(*sys.exc_info()): print(m) exit() setup_logging("%s/rp_%s.log" % (SERVER_LOG_FOLDER, args.port), logger) logger.info('construct_app_args')
def urlquote_plus(url, safe=''): """ A legacy compatibility wrapper to Python's urllib.parse.quote_plus() function. (was used for unicode handling on Python 2) """ return quote_plus(url, safe)
def application(self, environ, start_response): logger.info("Connection from: %s" % environ["REMOTE_ADDR"]) path = environ.get('PATH_INFO', '').lstrip('/') logger.info("path: %s" % path) _io = IO(rest=self.rest, environ=environ, start_response=start_response, lookup=self.lookup) if path == "robots.txt": return _io.static("static/robots.txt") elif path == "favicon.ico": return _io.static("static/favicon.ico") elif path.startswith("static/"): return _io.static(path) elif path.startswith("export/"): return _io.static(path) if path == '': return _io.get_iss() elif path.startswith('form/'): return self.form_handling(path, _io) elif path == 'create': loc = self.basic_entity_configuration(_io) resp = SeeOther(loc) return resp(_io.environ, _io.start_response) elif path.startswith('run/'): _iss, _tag = get_iss_and_tag(path) if _iss == '' or _tag == '': resp = BadRequest('Path must be of the form /run/<iss>/<tag>') return resp(environ, start_response) _qiss = quote_plus(_iss) _qtag = quote_plus(_tag) _info = parse_qs(get_post(environ)) ent_conf = expand_dict(_info) self.rest.write(_qiss, _qtag, ent_conf) resp = self.run_test_instance(_qiss, _qtag) if not isinstance(resp, Response): resp = SeeOther(resp) return resp(_io.environ, _io.start_response) elif path.startswith('model/'): p = path.split('/') prof = p[1] if verify_profile(prof): info = create_model(prof) if info: res = Response(json.dumps(info), content='applicaton/json') else: res = ServiceError() else: res = BadRequest('Syntax error in profile specification') return res(environ, start_response) else: # check if this a REST request _iss, _tag = get_iss_and_tag(path) _qiss = quote_plus(_iss) _qtag = quote_plus(_tag) _path = '/{}/{}'.format(_qiss, _qtag) _met = environ.get('REQUEST_METHOD') if _met == 'GET': resp = self.rest.read(_qiss, _qtag, _path) elif _met == 'POST': resp = self.rest.replace(_qiss, _qtag, get_post(environ), _path) elif _met == 'PUT': resp = self.rest.store(_qiss, _qtag, get_post(environ)) elif _met == 'DELETE': resp = self.rest.delete(_qiss, _qtag) else: resp = BadRequest('Unsupported request method') return resp(environ, start_response)
def application(self, environ, start_response): logger.info("Connection from: %s" % environ["REMOTE_ADDR"]) path = environ.get('PATH_INFO', '').lstrip('/') logger.info("path: %s" % path) _io = IO(rest=self.rest, environ=environ, start_response=start_response, lookup=self.lookup, baseurl=self.baseurl) if path == "robots.txt": return _io.static("static/robots.txt") elif path == "favicon.ico": return _io.static("static/favicon.ico") elif path.startswith("static/"): return _io.static(path) elif path.startswith("export/"): return _io.static(path) if path == '': return _io.main() if path == 'new': return _io.new_iss() if path == 'entity': return _io.list_iss() elif path.startswith('entity/'): p = path.split('/') while p[-1] == '': p = p[:-1] if len(p) == 2: return _io.list_tag(p[1]) elif len(p) == 3: return _io.show_tag(p) elif len(p) == 4: _com = p[-1] if _com == 'action': _qs = parse_qs(environ.get('QUERY_STRING')) try: _act = _qs['action'][0] except KeyError: resp = BadRequest('missing query parameter') return resp(environ, start_response) if _act == 'delete': return _io.delete_instance(p[1:3], pid=self.get_pid(p[1:3]), app=self) elif _act == 'restart': return _io.restart_instance(self, p[1:3]) elif _act == 'configure': return _io.update_instance(*p[1:3]) else: resp = BadRequest('Unknown action') return resp(environ, start_response) elif path.startswith('form/'): return self.form_handling(path, _io) elif path == 'create': loc = self.basic_entity_configuration(_io) resp = SeeOther(loc) return resp(_io.environ, _io.start_response) elif path.startswith('run/'): _iss, _tag = get_iss_and_tag(path) if _iss == '' or _tag == '': resp = BadRequest('Path must be of the form /run/<iss>/<tag>') return resp(environ, start_response) _qiss = quote_plus(_iss) _qtag = quote_plus(_tag) _info = parse_qs(get_post(environ)) ent_conf = expand_dict(_info) if not verify_config(ent_conf): resp = BadRequest('Incorrect configuration') else: self.rest.write(_qiss, _qtag, ent_conf) resp = self.run_test_instance(_qiss, _qtag) if not isinstance(resp, Response): resp = SeeOther(resp) return resp(_io.environ, _io.start_response) elif path.startswith('model/'): p = path.split('/') prof = p[1] if verify_profile(prof): info = create_model(prof) if info: res = Response(json.dumps(info), content='applicaton/json') else: res = ServiceError() else: res = BadRequest('Syntax error in profile specification') return res(environ, start_response) elif path.startswith('register/'): _iss, _tag = get_iss_and_tag(path) _qiss = quote_plus(_iss) _qtag = quote_plus(_tag) _met = environ.get('REQUEST_METHOD') if _met == 'GET': return self.assigned_ports.register_port(_qiss, _qtag) elif _met == 'DELETE': return self.return_port(_qiss, _qtag) else: # check if this a REST request _iss, _tag = get_iss_and_tag(path) _qiss = quote_plus(_iss) _qtag = quote_plus(_tag) _path = '/{}/{}'.format(_qiss, _qtag) _met = environ.get('REQUEST_METHOD') if _met == 'GET': resp = self.rest.read(_qiss, _qtag, _path) elif _met == 'POST': resp = self.rest.replace(_qiss, _qtag, get_post(environ), _path) elif _met == 'PUT': resp = self.rest.store(_qiss, _qtag, get_post(environ)) elif _met == 'DELETE': resp = self.rest.delete(_qiss, _qtag) else: resp = BadRequest('Unsupported request method') return resp(environ, start_response)
def application(self, environ, start_response): LOGGER.info("Connection from: %s" % environ["REMOTE_ADDR"]) session = environ['beaker.session'] path = environ.get('PATH_INFO', '').lstrip('/') LOGGER.info("path: %s" % path) try: sh = session['session_info'] except KeyError: sh = SessionHandler(**self.webenv) sh.session_init() session['session_info'] = sh webio = WebIO(session=sh, **self.webenv) webio.environ = environ webio.start_response = start_response tester = Tester(webio, sh, **self.webenv) if path == "robots.txt": return webio.static("static/robots.txt") elif path == "favicon.ico": return webio.static("static/favicon.ico") elif path.startswith('acs/site/static'): path = path[4:] return webio.static(path) elif path.startswith("site/static/") or path.startswith('static/'): return webio.static(path) elif path.startswith("export/"): return webio.static(path) if path == "" or path == "/": # list return tester.display_test_list() elif "flow_names" not in sh: sh.session_init() if path == "logs": return webio.display_log("log", issuer="", profile="", testid="") elif path.startswith("log"): if path == "log" or path == "log/": _cc = webio.conf.CLIENT try: _iss = _cc["srv_discovery_url"] except KeyError: _iss = _cc["provider_info"]["issuer"] parts = [quote_plus(_iss)] else: parts = [] while path != "log": head, tail = os.path.split(path) # tail = tail.replace(":", "%3A") # if tail.endswith("%2F"): # tail = tail[:-3] parts.insert(0, tail) path = head return webio.display_log("log", *parts) elif path.startswith("tar"): path = path.replace(":", "%3A") return webio.static(path) elif path.startswith("test_info"): p = path.split("/") try: return webio.test_info(p[1]) except KeyError: return webio.not_found() elif path == "continue": return tester.cont(environ, self.webenv) elif path == 'reset': for param in ['flow', 'flow_names', 'index', 'node', 'profile', 'sequence', 'test_info', 'test_id', 'tests']: del sh[param] return tester.display_test_list() elif path == "opresult": if tester.conv is None: return webio.sorry_response("", "No result to report") return webio.opresult(tester.conv, sh) # expected path format: /<testid>[/<endpoint>] elif path in sh["flow_names"]: resp = tester.run(path, **self.webenv) store_test_state(sh, sh['conv'].events) filename = self.webenv['profile_handler'](sh).log_path(path) if isinstance(resp, Response): res = Result(sh, self.webenv['profile_handler']) res.store_test_info() res.print_info(path, tester.fname(path)) return webio.respond(resp) else: return webio.flow_list(filename) elif path == "acs/post": qs = get_post(environ).decode('utf8') resp = dict([(k, v[0]) for k, v in parse_qs(qs).items()]) filename = self.webenv['profile_handler'](sh).log_path(tester.conv.test_id) return do_next(tester, resp, sh, webio, filename, path) elif path == "acs/redirect": qs = environ['QUERY_STRING'] resp = dict([(k, v[0]) for k, v in parse_qs(qs).items()]) filename = self.webenv['profile_handler'](sh).log_path(tester.conv.test_id) return do_next(tester, resp, sh, webio, filename, path) elif path == "acs/artifact": pass elif path == "ecp": pass elif path == "disco": pass elif path == "slo": pass else: resp = BadRequest() return resp(environ, start_response)
parser.add_argument('-i', dest='issuer') parser.add_argument('-l', dest='ui_locales') parser.add_argument('-L', dest='claims_locales') parser.add_argument('-p', dest='profile', default='C.T.T.T') parser.add_argument('-s', dest='sig', action='store_true') parser.add_argument('-t', dest='tag') parser.add_argument('-x', dest='extra', action='store_true') parser.add_argument('-w', dest='webfinger_email') parser.add_argument('-W', dest='webfinger_url') args = parser.parse_args() ent_info_path='{}/entity_info'.format(args.entity_root) rest = REST('', '{}/entities'.format(args.entity_root), ent_info_path) cnf = create_model(args.profile, ent_info_path) for item in ['sig', 'enc', 'extra']: if getattr(args, item): cnf['tool'][item] = True for item in ['acr_values', 'login_hint', 'ui_locales', 'claims_locales', 'webfinger_url', 'webfinger_email', 'issuer', 'profile', 'tag']: v = getattr(args, item) if v: cnf['tool'][item] = v qiss = quote_plus(cnf['tool']['issuer']) qtag = cnf['tool']['tag'] rest.write(qiss, qtag, cnf)