def test_1(): ed = xenc.encrypted_data_from_string(data1) assert ed assert ed.mime_type == "text/xml" assert ed.cipher_data is not None cd = ed.cipher_data assert cd.cipher_value is not None assert cd.cipher_value.text == "A23B45C56"
def test_2(): ed = xenc.encrypted_data_from_string(data2) assert ed print(ed) assert ed.type == "http://www.w3.org/2001/04/xmlenc#Element" assert ed.encryption_method is not None em = ed.encryption_method assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' assert ed.key_info is not None ki = ed.key_info assert ki.key_name[0].text == "John Smith" assert ed.cipher_data is not None cd = ed.cipher_data assert cd.cipher_value is not None assert cd.cipher_value.text == "DEADBEEF"
def test_3(): ed = xenc.encrypted_data_from_string(data3) assert ed print(ed) assert ed.encryption_method != None em = ed.encryption_method assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' assert ed.key_info != None ki = ed.key_info assert ki.key_name[0].text == "Sally Doe" assert len(ki.retrieval_method) == 1 rm = ki.retrieval_method[0] assert rm.uri == "#EK" assert rm.type == "http://www.w3.org/2001/04/xmlenc#EncryptedKey" assert ed.cipher_data != None cd = ed.cipher_data assert cd.cipher_value != None assert cd.cipher_value.text == "DEADBEEF"
def construct(self, sp_entity_id, attrconvs, policy, issuer, farg, authn_class=None, authn_auth=None, authn_decl=None, encrypt=None, sec_context=None, authn_decl_ref=None, authn_instant="", subject_locality="", authn_statem=None, name_id=None, session_not_on_or_after=None): """ Construct the Assertion :param sp_entity_id: The entityid of the SP :param in_response_to: An identifier of the message, this message is a response to :param name_id: An NameID instance :param attrconvs: AttributeConverters :param policy: The policy that should be adhered to when replying :param issuer: Who is issuing the statement :param authn_class: The authentication class :param authn_auth: The authentication instance :param authn_decl: An Authentication Context declaration :param encrypt: Whether to encrypt parts or all of the Assertion :param sec_context: The security context used when encrypting :param authn_decl_ref: An Authentication Context declaration reference :param authn_instant: When the Authentication was performed :param subject_locality: Specifies the DNS domain name and IP address for the system from which the assertion subject was apparently authenticated. :param authn_statem: A AuthnStatement instance :return: An Assertion instance """ _name_format = policy.get_name_form(sp_entity_id) attr_statement = saml.AttributeStatement( attribute=from_local(attrconvs, self, _name_format)) if encrypt == "attributes": for attr in attr_statement.attribute: enc = sec_context.encrypt(text="%s" % attr) encd = xmlenc.encrypted_data_from_string(enc) encattr = saml.EncryptedAttribute(encrypted_data=encd) attr_statement.encrypted_attribute.append(encattr) attr_statement.attribute = [] # start using now and for some time conds = policy.conditions(sp_entity_id) if authn_statem: _authn_statement = authn_statem elif authn_auth or authn_class or authn_decl or authn_decl_ref: _authn_statement = authn_statement( authn_class, authn_auth, authn_decl, authn_decl_ref, authn_instant, subject_locality, session_not_on_or_after=session_not_on_or_after) else: _authn_statement = None subject = do_subject(policy.not_on_or_after(sp_entity_id), name_id, **farg['subject']) _ass = assertion_factory(issuer=issuer, conditions=conds, subject=subject) if _authn_statement: _ass.authn_statement = [_authn_statement] if not attr_statement.empty(): _ass.attribute_statement = [attr_statement] return _ass
def construct(self, sp_entity_id, attrconvs, policy, issuer, farg, authn_class=None, authn_auth=None, authn_decl=None, encrypt=None, sec_context=None, authn_decl_ref=None, authn_instant="", subject_locality="", authn_statem=None, name_id=None, session_not_on_or_after=None): """ Construct the Assertion :param sp_entity_id: The entityid of the SP :param in_response_to: An identifier of the message, this message is a response to :param name_id: An NameID instance :param attrconvs: AttributeConverters :param policy: The policy that should be adhered to when replying :param issuer: Who is issuing the statement :param authn_class: The authentication class :param authn_auth: The authentication instance :param authn_decl: An Authentication Context declaration :param encrypt: Whether to encrypt parts or all of the Assertion :param sec_context: The security context used when encrypting :param authn_decl_ref: An Authentication Context declaration reference :param authn_instant: When the Authentication was performed :param subject_locality: Specifies the DNS domain name and IP address for the system from which the assertion subject was apparently authenticated. :param authn_statem: A AuthnStatement instance :return: An Assertion instance """ if policy: _name_format = policy.get_name_form(sp_entity_id) else: _name_format = NAME_FORMAT_URI attr_statement = saml.AttributeStatement(attribute=from_local( attrconvs, self, _name_format)) if encrypt == "attributes": for attr in attr_statement.attribute: enc = sec_context.encrypt(text="%s" % attr) encd = xmlenc.encrypted_data_from_string(enc) encattr = saml.EncryptedAttribute(encrypted_data=encd) attr_statement.encrypted_attribute.append(encattr) attr_statement.attribute = [] # start using now and for some time conds = policy.conditions(sp_entity_id) if authn_statem: _authn_statement = authn_statem elif authn_auth or authn_class or authn_decl or authn_decl_ref: _authn_statement = authn_statement(authn_class, authn_auth, authn_decl, authn_decl_ref, authn_instant, subject_locality, session_not_on_or_after=session_not_on_or_after) else: _authn_statement = None subject = do_subject(policy, sp_entity_id, name_id, **farg['subject']) _ass = assertion_factory(issuer=issuer, conditions=conds, subject=subject) if _authn_statement: _ass.authn_statement = [_authn_statement] if not attr_statement.empty(): _ass.attribute_statement = [attr_statement] return _ass