def handleMetadataSave(self, environ, start_response, qs):
"""
Takes the input for the page metadata.mako.
Encrypts entity id and secret information for the social services.
Creates the partial xml to be added to the metadata for the service provider.
:param environ: wsgi enviroment
:param start_response: wsgi start respons
:param qs: Query parameters in a dictionary.
:return: wsgi response for the mako file metadatasave.mako.
"""
resp = Response(mako_template="metadatasave.mako",
template_lookup=self.lookup,
headers=[])
if "entityId" not in qs or "secret" not in qs:
xml = "Xml could not be generated because no entityId or secret has been sent to the service."
self.logger.warning(xml)
else:
try:
secretData = '{"entityId": ' + qs["entityId"] + ', "secret":' + qs["secret"] + '}'
secretDataEncrypted = encrypt(
secretData,
{"rsa": [self.publicKey]},
MetadataGeneration.CONST_ALG,
MetadataGeneration.CONST_ENCRYPT,
"public",
debug=False)
val = AttributeValue()
val.set_text(secretDataEncrypted)
attr = Attribute(name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
name="http://social2saml.nordu.net/customer",
attribute_value=[val])
eattr = mdattr.EntityAttributes(attribute=[attr])
nspair = {
"mdattr": "urn:oasis:names:tc:SAML:metadata:attribute",
"samla": "urn:oasis:names:tc:SAML:2.0:assertion"
}
xml = eattr.to_string(nspair)
xmlList = xml.split("\n", 1)
if len(xmlList) == 2:
xml = xmlList[1]
except Exception as exp:
self.logger.fatal('Unknown error in handleMetadataSave.',
exc_info=True)
xml = "Xml could not be generated."
argv = {
"home": MetadataGeneration.CONST_METADATA,
"action": MetadataGeneration.CONST_METADATAVERIFY,
"xml": xml
}
return resp(environ, start_response, **argv)
else:
print >> sys.stderr, "Needs encryption key"
exit()
if mode == "public" and args.mode == "private":
print >> sys.stderr, "Can't encrypt with a private key I don't have"
exit()
if not args.enc or not args.alg:
print >> sys.stderr, "There are no default encryption methods"
exit()
if args.enc not in SUPPORTED["enc"]:
print >> sys.stderr, "Encryption method %s not supported" % args.enc
print >> sys.stderr, "Methods supported: %s" % SUPPORTED["enc"]
exit()
if args.alg not in SUPPORTED["alg"]:
print >> sys.stderr, "Encryption algorithm %s not supported" % args.alg
print >> sys.stderr, "Algorithms supported: %s" % SUPPORTED["alg"]
exit()
if args.file:
message = open(args.file).read()
elif args.message == "-":
message = sys.stdin.read()
else:
message = args.message
print encrypt(message, keys, args.alg, args.enc, "public", debug=args.debug)
