def _createAuthzDecisionQuery(self, issuer):
"""Constructs an XACMLAuthzDecisionQuery.
"""
query = XACMLAuthzDecisionQuery()
query.version = SAMLVersion(SAMLVersion.VERSION_20)
query.id = str(uuid4())
query.issueInstant = datetime.utcnow()
query.issuer = Issuer()
query.issuer.format = Issuer.X509_SUBJECT
query.issuer.value = issuer
return query
def fromXML(cls, elem):
"""Parse ElementTree element into a SAML XACMLAuthzDecisionQuery object
@type elem: ElementTree.Element
@param elem: XML element containing the AuthzDecisionQuery
@rtype: saml.saml2.core.AuthzDecisionQuery
@return: AuthzDecisionQuery object
"""
if not ElementTree.iselement(elem):
raise TypeError("Expecting %r input type for parsing; got %r" %
(ElementTree.Element, elem))
if QName.getLocalPart(elem.tag) != cls.DEFAULT_ELEMENT_LOCAL_NAME:
raise XMLTypeParseError("No \"%s\" element found" %
cls.DEFAULT_ELEMENT_LOCAL_NAME)
# Unpack attributes from top-level element
attributeValues = []
for attributeName in (cls.VERSION_ATTRIB_NAME,
cls.ISSUE_INSTANT_ATTRIB_NAME,
cls.ID_ATTRIB_NAME):
attributeValue = elem.attrib.get(attributeName)
if attributeValue is None:
raise XMLTypeParseError('No "%s" attribute found in "%s" '
'element' %
(attributeName,
cls.DEFAULT_ELEMENT_LOCAL_NAME))
attributeValues.append(attributeValue)
authzDecisionQuery = XACMLAuthzDecisionQuery()
authzDecisionQuery.version = SAMLVersion(attributeValues[0])
if authzDecisionQuery.version != SAMLVersion.VERSION_20:
raise NotImplementedError("Parsing for %r is implemented for "
"SAML version %s only; version %s is "
"not supported" %
(cls,
SAMLVersion(SAMLVersion.VERSION_20),
SAMLVersion(authzDecisionQuery.version)))
authzDecisionQuery.issueInstant = SAMLDateTime.fromString(
attributeValues[1])
authzDecisionQuery.id = attributeValues[2]
for childElem in elem:
localName = QName.getLocalPart(childElem.tag)
if localName == Issuer.DEFAULT_ELEMENT_LOCAL_NAME:
# Parse Issuer
authzDecisionQuery.issuer = IssuerElementTree.fromXML(childElem)
elif localName == Request.ELEMENT_LOCAL_NAME:
# Create XACML context request from Request element.
authzDecisionQuery.xacmlContextRequest = \
RequestElementTree.fromXML(childElem)
else:
raise XMLTypeParseError("Unrecognised XACMLAuthzDecisionQuery child "
"element \"%s\"" % localName)
return authzDecisionQuery
def test01(self):
# Construct a ResourceContent element.
rcContentsStr = '''<wps:GetCapabilities
xmlns:ows="http://www.opengis.net/ows/1.1"
xmlns:wps="http://www.opengis.net/wps/1.0.0"
xmlns:xlink="http://www.w3.org/1999/xlink"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://schemas.opengis.net/wps/1.0.0/wpsGetCapabilities_request.xsd"
language="en-CA" service="WPS">
<wps:AcceptVersions>
<ows:Version>1.0.0</ows:Version>
</wps:AcceptVersions>
</wps:GetCapabilities>
'''
# Construct XACMLAuthzDecisionQuery including resource content XML.
rcContentsElem = ET.XML(rcContentsStr)
resourceContent = ET.Element(
"{urn:oasis:names:tc:xacml:2.0:context:schema:os}ResourceContent")
resourceContent.append(rcContentsElem)
resourceContent.set('TestAttribute', 'Test Value')
resource = Resource()
resource.resourceContent = resourceContent
request = Request()
request.subjects.append(Subject())
request.resources.append(resource)
request.action = Action()
request.environment = Environment()
query = XACMLAuthzDecisionQuery()
query.xacmlContextRequest = request
query.version = SAMLVersion(SAMLVersion.VERSION_20)
query.id = str(uuid.uuid4())
query.issueInstant = datetime.utcnow()
query.issuer = Issuer()
query.issuer.format = Issuer.X509_SUBJECT
query.issuer.value = self.ISSUER_DN
# Convert to element tree.
queryElem = XACMLAuthzDecisionQueryElementTree.toXML(query)
print(ET.tostring(queryElem))
# Check some values from query and resource content XML.
self.assertEqual(queryElem.get("Version"), "2.0")
self.assertEqual(self._getSingleElementText(queryElem,
"{urn:oasis:names:tc:SAML:2.0:assertion}Issuer"),
self.ISSUER_DN)
self.assertEqual(self._getSingleElementText(queryElem,
"{urn:oasis:names:tc:xacml:2.0:context:schema:os}Request/"
"{urn:oasis:names:tc:xacml:2.0:context:schema:os}Resource/"
"{urn:oasis:names:tc:xacml:2.0:context:schema:os}ResourceContent/"
"{http://www.opengis.net/wps/1.0.0}GetCapabilities/"
"{http://www.opengis.net/wps/1.0.0}AcceptVersions/"
"{http://www.opengis.net/ows/1.1}Version"), "1.0.0")
def _createAuthzDecisionQuery(self, issuer):
"""Constructs an XACMLAuthzDecisionQuery.
"""
query = XACMLAuthzDecisionQuery()
query.version = SAMLVersion(SAMLVersion.VERSION_20)
query.id = str(uuid4())
query.issueInstant = datetime.utcnow()
query.issuer = Issuer()
query.issuer.format = Issuer.X509_SUBJECT
query.issuer.value = issuer
return query
