def test_noop_attribute_conversion(): ava = {"urn:oid:2.5.4.4": "Roland", "urn:oid:2.5.4.42": "Hedberg"} aconv = AttributeConverterNOOP(URI_NF) res = aconv.to_(ava) print(res) assert len(res) == 2 for attr in res: assert len(attr.attribute_value) == 1 if attr.name == "urn:oid:2.5.4.42": assert attr.name_format == URI_NF assert attr.attribute_value[0].text == "Hedberg" elif attr.name == "urn:oid:2.5.4.4": assert attr.name_format == URI_NF assert attr.attribute_value[0].text == "Roland"
def test_noop_attribute_conversion(): ava = {"urn:oid:2.5.4.4": "Roland", "urn:oid:2.5.4.42": "Hedberg" } aconv = AttributeConverterNOOP(URI_NF) res = aconv.to_(ava) print res assert len(res) == 2 for attr in res: assert len(attr.attribute_value) == 1 if attr.name == "urn:oid:2.5.4.42": assert attr.name_format == URI_NF assert attr.attribute_value[0].text == "Hedberg" elif attr.name == "urn:oid:2.5.4.4": assert attr.name_format == URI_NF assert attr.attribute_value[0].text == "Roland"
def test_assertion_with_authn_instant(): ava = {} ast = Assertion(ava) policy = Policy({ "default": { "lifetime": { "minutes": 240 }, "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI }, }) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") issuer = Issuer(text="entityid", format=NAMEID_FORMAT_ENTITY) farg = add_path( {}, ['subject', 'subject_confirmation', 'method', saml.SCM_BEARER]) add_path(farg['subject']['subject_confirmation'], ['subject_confirmation_data', 'in_response_to', 'in_response_to']) add_path(farg['subject']['subject_confirmation'], ['subject_confirmation_data', 'recipient', 'consumer_url']) msg = ast.construct("sp_entity_id", [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, issuer=issuer, authn_decl=ACD, authn_auth="authn_authn", authn_instant=1234567890, name_id=name_id, farg=farg) print(msg) assert msg.authn_statement[0].authn_instant == "2009-02-13T23:31:30Z"
def test_assertion_with_noop_attribute_conv(): ava = {"urn:oid:2.5.4.4": "Roland", "urn:oid:2.5.4.42": "Hedberg" } ast = Assertion(ava) policy = Policy({ "default": { "lifetime": {"minutes": 240}, "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI }, }) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") issuer = Issuer(text="entityid", format=NAMEID_FORMAT_ENTITY) msg = ast.construct("sp_entity_id", "in_response_to", "consumer_url", name_id, [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, issuer=issuer, authn_decl=ACD , authn_auth="authn_authn") print(msg) for attr in msg.attribute_statement[0].attribute: assert attr.name_format == NAME_FORMAT_URI assert len(attr.attribute_value) == 1 if attr.name == "urn:oid:2.5.4.42": assert attr.attribute_value[0].text == "Hedberg" elif attr.name == "urn:oid:2.5.4.4": assert attr.attribute_value[0].text == "Roland"
def test_assertion_with_zero_attributes(): ava = {} ast = Assertion(ava) policy = Policy({ "default": { "lifetime": { "minutes": 240 }, "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI }, }) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") issuer = Issuer(text="entityid", format=NAMEID_FORMAT_ENTITY) msg = ast.construct("sp_entity_id", "in_response_to", "consumer_url", name_id, [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, issuer=issuer, authn_decl=ACD, authn_auth="authn_authn") print(msg) assert msg.attribute_statement == []
def post_auth(authData): for t in authData: if t[0] == 'Stripped-User-Name': userName = t[1][1:-1] elif t[0] == 'User-Password': userPassword = t[1][1:-1] identity = ldap_attributes(userName, userPassword) if identity == None: return radiusd.RLM_MODULE_FAIL indentityFiltered = { k: identity[k] for k in set(ATTRS) & set(identity.keys()) } print {k: identity[k] for k in set(ATTRS) & set(identity.keys())} policy = Policy({ 'default': { 'lifetime': { 'minutes': 60 }, 'attribute_restrictions': None, 'name_form': NAME_FORMAT_URI } }) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text='urn:mace:' + LDAP_SERVER) issuer = Issuer(text='moonshot.' + LDAP_SERVER, format=NAMEID_FORMAT_ENTITY) ast = Assertion(indentityFiltered) assertion = ast.construct('', '', '', name_id, [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, issuer=issuer) assertion = str(assertion).replace('\n', '') attr = 'SAML-AAA-Assertion' result = (tuple([(attr, x) for x in eq_len_parts('%s' % assertion)])) return radiusd.RLM_MODULE_UPDATED, result, None
def test_assertion_with_noop_attribute_conv(): ava = {"urn:oid:2.5.4.4": "Roland", "urn:oid:2.5.4.42": "Hedberg"} ast = Assertion(ava) policy = Policy({ "default": { "lifetime": { "minutes": 240 }, "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI }, }) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") issuer = Issuer(text="entityid", format=NAMEID_FORMAT_ENTITY) farg = add_path( {}, ['subject', 'subject_confirmation', 'method', saml.SCM_BEARER]) add_path(farg['subject']['subject_confirmation'], ['subject_confirmation_data', 'in_response_to', 'in_response_to']) add_path(farg['subject']['subject_confirmation'], ['subject_confirmation_data', 'recipient', 'consumer_url']) msg = ast.construct("sp_entity_id", [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, issuer=issuer, farg=farg, authn_decl=ACD, name_id=name_id, authn_auth="authn_authn") print(msg) for attr in msg.attribute_statement[0].attribute: assert attr.name_format == NAME_FORMAT_URI assert len(attr.attribute_value) == 1 if attr.name == "urn:oid:2.5.4.42": assert attr.attribute_value[0].text == "Hedberg" elif attr.name == "urn:oid:2.5.4.4": assert attr.attribute_value[0].text == "Roland"