def test_set_user_id(): uid = "my_id" attributes = {"attr_1": "v1", "attr_2": "v2", "attr_3": "v3"} internal_response = InternalResponse(UserIdHashType.persistent) internal_response.add_attributes(attributes) internal_response.set_user_id(uid) assert uid == internal_response.get_user_id()
def _translate_response(self, response, state): """ Translates a saml authorization response to an internal response :type response: saml2.response.AuthnResponse :rtype: satosa.internal_data.InternalResponse :param response: The saml authorization response :return: A translated internal response """ _authn_info = response.authn_info()[0] timestamp = response.assertion.authn_statement[0].authn_instant issuer = response.response.issuer.text auth_class_ref = _authn_info[0] auth_info = AuthenticationInformation(auth_class_ref, timestamp, issuer) internal_resp = InternalResponse(auth_info=auth_info) internal_resp.set_user_id(response.get_subject().text) if "user_id_params" in self.config: user_id = "" for param in self.config["user_id_params"]: try: user_id += response.ava[param] except Exception as error: raise SATOSAAuthenticationError from error internal_resp.set_user_id(user_id) internal_resp.add_attributes(self.converter.to_internal(self.attribute_profile, response.ava)) satosa_logging(LOGGER, logging.DEBUG, "received attributes:\n%s" % json.dumps(response.ava, indent=4), state) return internal_resp
def _translate_response(self, response, issuer, subject_type): """ Translates oidc response to SATOSA internal response. :type response: dict[str, str] :type issuer: str :type subject_type: str :rtype: InternalResponse :param response: Dictioary with attribute name as key. :param issuer: The oidc op that gave the repsonse. :param subject_type: public or pairwise according to oidc standard. :return: A SATOSA internal response. """ oidc_clients = self.get_oidc_clients() subject_type = subject_type auth_info = AuthenticationInformation(UNSPECIFIED, str(datetime.now()), issuer) internal_resp = InternalResponse( auth_info=auth_info ) internal_resp.add_attributes(self.converter.to_internal("openid", response)) internal_resp.set_user_id(response["sub"]) if self.config.USER_ID_PARAMAS: user_id = "" for param in self.config.USER_ID_PARAMAS: try: user_id += response[param] except Exception as error: raise SATOSAAuthenticationError from error internal_resp.set_user_id(user_id) return internal_resp
def _translate_response(self, response, issuer, subject_type): """ Translates oidc response to SATOSA internal response. :type response: dict[str, str] :type issuer: str :type subject_type: str :rtype: InternalResponse :param response: Dictioary with attribute name as key. :param issuer: The oidc op that gave the repsonse. :param subject_type: public or pairwise according to oidc standard. :return: A SATOSA internal response. """ oidc_clients = self.get_oidc_clients() subject_type = subject_type auth_info = AuthenticationInformation(UNSPECIFIED, str(datetime.now()), issuer) internal_resp = InternalResponse(auth_info=auth_info) internal_resp.add_attributes( self.converter.to_internal("openid", response)) internal_resp.set_user_id(response["sub"]) if self.config.USER_ID_PARAMAS: user_id = "" for param in self.config.USER_ID_PARAMAS: try: user_id += response[param] except Exception as error: raise SATOSAAuthenticationError from error internal_resp.set_user_id(user_id) return internal_resp
def authn_response(self, context): """ Handles the authentication response from the OP. :type context: satosa.context.Context :rtype: satosa.response.Response :param context: The context in SATOSA :return: A SATOSA response. This method is only responsible to call the callback function which generates the Response object. """ state = context.state try: state_data = state.get(self.config["state_id"]) consumer = self.get_consumer() request = context.request aresp = consumer.parse_response(AuthorizationResponse, info=json.dumps(request)) self.verify_state(aresp, state_data, state) rargs = { "code": aresp["code"], "redirect_uri": self.redirect_url, "state": state_data["state"] } atresp = consumer.do_access_token_request(request_args=rargs, state=aresp["state"]) if ("verify_accesstoken_state" not in self.config or self.config["verify_accesstoken_state"]): self.verify_state(atresp, state_data, state) user_info = self.user_information(atresp["access_token"]) internal_response = InternalResponse( auth_info=self.auth_info(request)) internal_response.add_attributes( self.converter.to_internal(self.external_type, user_info)) internal_response.set_user_id(user_info[self.user_id_attr]) if "user_id_params" in self.config: user_id = "" for param in self.config["user_id_params"]: try: user_id += user_info[param] except Exception as error: raise SATOSAAuthenticationError from error internal_response.set_user_id(user_id) context.state.remove(self.config["state_id"]) return self.auth_callback_func(context, internal_response) except Exception as error: satosa_logging(LOGGER, logging.DEBUG, "Not a valid authentication", state, exc_info=True) if isinstance(error, SATOSAError): raise error if state is not None: raise SATOSAAuthenticationError( state, "Not a valid authentication") from error raise
def setup_for_authn_response(self, auth_req): context = Context() context.state = self.create_state(auth_req) auth_info = AuthenticationInformation(PASSWORD, "2015-09-30T12:21:37Z", "unittest_idp.xml") internal_response = InternalResponse(auth_info=auth_info) internal_response.add_attributes( DataConverter(INTERNAL_ATTRIBUTES).to_internal("saml", USERS["testuser1"])) internal_response.set_user_id(USERS["testuser1"]["eduPersonTargetedID"][0]) self.instance.provider.cdb = { "client1": {"response_types": ["id_token"], "redirect_uris": [(auth_req["redirect_uri"], None)], "client_salt": "salt"}} return context, internal_response
def authn_response(self, context): """ Handles the authentication response from the OP. :type context: satosa.context.Context :rtype: satosa.response.Response :param context: The context in SATOSA :return: A SATOSA response. This method is only responsible to call the callback function which generates the Response object. """ state = context.state try: state_data = state.get(self.config["state_id"]) consumer = self.get_consumer() request = context.request aresp = consumer.parse_response(AuthorizationResponse, info=json.dumps(request)) self.verify_state(aresp, state_data, state) rargs = {"code": aresp["code"], "redirect_uri": self.redirect_url, "state": state_data["state"]} atresp = consumer.do_access_token_request(request_args=rargs, state=aresp["state"]) if ("verify_accesstoken_state" not in self.config or self.config["verify_accesstoken_state"]): self.verify_state(atresp, state_data, state) user_info = self.user_information(atresp["access_token"]) internal_response = InternalResponse(auth_info=self.auth_info(request)) internal_response.add_attributes(self.converter.to_internal(self.external_type, user_info)) internal_response.set_user_id(user_info[self.user_id_attr]) if "user_id_params" in self.config: user_id = "" for param in self.config["user_id_params"]: try: user_id += user_info[param] except Exception as error: raise SATOSAAuthenticationError from error internal_response.set_user_id(user_id) context.state.remove(self.config["state_id"]) return self.auth_callback_func(context, internal_response) except Exception as error: satosa_logging(LOGGER, logging.DEBUG, "Not a valid authentication", state, exc_info=True) if isinstance(error, SATOSAError): raise error if state is not None: raise SATOSAAuthenticationError(state, "Not a valid authentication") from error raise
def _translate_response(self, response, state): """ Translates a saml authorization response to an internal response :type response: saml2.response.AuthnResponse :rtype: satosa.internal_data.InternalResponse :param response: The saml authorization response :return: A translated internal response """ _authn_info = response.authn_info()[0] timestamp = response.assertion.authn_statement[0].authn_instant issuer = response.response.issuer.text auth_class_ref = _authn_info[0] auth_info = AuthenticationInformation(auth_class_ref, timestamp, issuer) internal_resp = InternalResponse(auth_info=auth_info) internal_resp.set_user_id(response.get_subject().text) if "user_id_params" in self.config: user_id = "" for param in self.config["user_id_params"]: try: user_id += response.ava[param] except Exception as error: raise SATOSAAuthenticationError from error internal_resp.set_user_id(user_id) internal_resp.add_attributes( self.converter.to_internal(self.attribute_profile, response.ava)) satosa_logging( LOGGER, logging.DEBUG, "received attributes:\n%s" % json.dumps(response.ava, indent=4), state) return internal_resp