def error_status_factory(info): if isinstance(info, Exception): try: exc_val = EXCEPTION2STATUS[info.__class__] except KeyError: exc_val = samlp.STATUS_AUTHN_FAILED try: msg = info.args[0] except IndexError: msg = "%s" % info status = samlp.Status( status_message=samlp.StatusMessage(text=msg), status_code=samlp.StatusCode( value=samlp.STATUS_RESPONDER, status_code=samlp.StatusCode( value=exc_val))) else: (errcode, text) = info status = samlp.Status( status_message=samlp.StatusMessage(text=text), status_code=samlp.StatusCode( value=samlp.STATUS_RESPONDER, status_code=samlp.StatusCode(value=errcode))) return status
def testAccessors(self): """Test for Response accessors""" self.response.id = "response id" self.response.in_response_to = "request id" self.response.version = saml2.VERSION self.response.issue_instant = "2007-09-14T01:05:02Z" self.response.destination = "http://www.example.com/Destination" self.response.consent = saml.CONSENT_UNSPECIFIED self.response.issuer = saml.Issuer() self.response.signature = ds.Signature() self.response.extensions = samlp.Extensions() self.response.status = samlp.Status() self.response.assertion.append(saml.Assertion()) self.response.encrypted_assertion.append(saml.EncryptedAssertion()) new_response = samlp.response_from_string(self.response.to_string()) assert new_response.id == "response id" assert new_response.in_response_to == "request id" assert new_response.version == saml2.VERSION assert new_response.issue_instant == "2007-09-14T01:05:02Z" assert new_response.destination == "http://www.example.com/Destination" assert new_response.consent == saml.CONSENT_UNSPECIFIED assert isinstance(new_response.issuer, saml.Issuer) assert isinstance(new_response.signature, ds.Signature) assert isinstance(new_response.extensions, samlp.Extensions) assert isinstance(new_response.status, samlp.Status) assert isinstance(new_response.assertion[0], saml.Assertion) assert isinstance(new_response.encrypted_assertion[0], saml.EncryptedAssertion)
def create_logout_response(self, idp_entity_id, request_id, status_code, binding=BINDING_HTTP_REDIRECT): """ Constructs a LogoutResponse :param idp_entity_id: The entityid of the IdP that want to do the logout :param request_id: The Id of the request we are replying to :param status_code: The status code of the response :param binding: The type of binding that will be used for the response :return: A LogoutResponse instance """ srvs = self.metadata.single_logout_services(idp_entity_id, "idpsso", binding=binding) destination = destinations(srvs)[0] status = samlp.Status(status_code=samlp.StatusCode(value=status_code)) return destination, self._message(LogoutResponse, destination, in_response_to=request_id, status=status)
def make_logout_response(self, idp_entity_id, request_id, status_code, binding=BINDING_HTTP_REDIRECT): """ Constructs a LogoutResponse :param idp_entity_id: The entityid of the IdP that want to do the logout :param request_id: The Id of the request we are replying to :param status_code: The status code of the response :param binding: The type of binding that will be used for the response :return: A LogoutResponse instance """ destination = self.config.single_logout_services( idp_entity_id, binding)[0] status = samlp.Status(status_code=samlp.StatusCode(value=status_code)) response = samlp.LogoutResponse( id=sid(), version=VERSION, issue_instant=instant(), destination=destination, issuer=self._issuer(), in_response_to=request_id, status=status, ) return response, destination
def createLogoutResponse(self, logout_request_id, status_code): now = saml2.utils.getDateAndTime(time.time()) self.response = samlp.LogoutResponse(id=saml2.utils.createID(), version=saml2.V2, issue_instant=now, in_response_to=logout_request_id) self.response.issuer = saml.Issuer(text=self.config.get('issuer_name')) self.response.status = samlp.Status() self.response.status.status_code = samlp.StatusCode(status_code) self.response.signature = self._get_signature() return self.response
def _create_status(self): """Create an object that represents a SAML Status. <ns0:Status xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"> <ns0:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /> </ns0:Status> :returns: XML <Status> object """ status = samlp.Status() status_code = samlp.StatusCode() status_code.value = samlp.STATUS_SUCCESS status_code.set_text('') status.status_code = status_code return status
def test_valid_instance(): attr_statem = saml.AttributeStatement() text = [ "value of test attribute", "value1 of test attribute", "value2 of test attribute", "value1 of test attribute2", "value2 of test attribute2", ] attr_statem.attribute.append(saml.Attribute()) attr_statem.attribute.append(saml.Attribute()) attr_statem.attribute[0].name = "testAttribute" attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI attr_statem.attribute[0].friendly_name = "test attribute" attr_statem.attribute[0].attribute_value.append(saml.AttributeValue()) attr_statem.attribute[0].attribute_value[0].text = text[0] attr_statem.attribute[1].name = "testAttribute2" attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED attr_statem.attribute[1].friendly_name = text[2] attr_statem.attribute[1].attribute_value.append(saml.AttributeValue()) attr_statem.attribute[1].attribute_value[0].text = text[2] assert valid_instance(attr_statem) response = samlp.Response() response.id = "response id" response.in_response_to = "request id" response.version = saml2.VERSION response.issue_instant = "2007-09-14T01:05:02Z" response.destination = "http://www.example.com/Destination" response.consent = saml.CONSENT_UNSPECIFIED response.issuer = saml.Issuer() response.status = samlp.Status() response.assertion.append(saml.Assertion()) with raises(MustValueError): valid_instance(response)
def make_logout_response(self, idp_entity_id, request_id, status_code, binding=BINDING_HTTP_REDIRECT): """ XXX There were issues with an explicit closing tag on StatusCode. Check wether we still need this. XXX Constructs a LogoutResponse :param idp_entity_id: The entityid of the IdP that want to do the logout :param request_id: The Id of the request we are replying to :param status_code: The status code of the response :param binding: The type of binding that will be used for the response :return: A LogoutResponse instance """ srvs = self.metadata.single_logout_service(idp_entity_id, binding, "idpsso") destination = destinations(srvs)[0] logger.info("destination to provider: %s" % destination) status = samlp.Status( status_code=samlp.StatusCode(value=status_code, text='\n'), status_message=samlp.StatusMessage(text='logout success')) response = samlp.LogoutResponse( id=sid(), version=VERSION, issue_instant=instant(), destination=destination, issuer=saml.Issuer(text=self.config.entityid, format=saml.NAMEID_FORMAT_ENTITY), in_response_to=request_id, status=status, ) return response, destination
def testAccessors(self): """Test for LogoutResponse accessors""" self.lr.id = "response id" self.lr.in_response_to = "request id" self.lr.version = saml2.VERSION self.lr.issue_instant = "2007-09-14T01:05:02Z" self.lr.destination = "http://www.example.com/Destination" self.lr.consent = saml.CONSENT_UNSPECIFIED self.lr.issuer = saml.Issuer() self.lr.signature = ds.Signature() self.lr.extensions = samlp.Extensions() self.lr.status = samlp.Status() new_lr = samlp.logout_response_from_string(self.lr.to_string()) assert new_lr.id == "response id" assert new_lr.in_response_to == "request id" assert new_lr.version == saml2.VERSION assert new_lr.issue_instant == "2007-09-14T01:05:02Z" assert new_lr.destination == "http://www.example.com/Destination" assert new_lr.consent == saml.CONSENT_UNSPECIFIED assert isinstance(new_lr.issuer, saml.Issuer) assert isinstance(new_lr.signature, ds.Signature) assert isinstance(new_lr.extensions, samlp.Extensions) assert isinstance(new_lr.status, samlp.Status)
def status_message_factory(message, code, fro=samlp.STATUS_RESPONDER): return samlp.Status(status_message=samlp.StatusMessage(text=message), status_code=samlp.StatusCode( value=fro, status_code=samlp.StatusCode(value=code)))
def success_status_factory(): return samlp.Status(status_code=samlp.StatusCode( value=samlp.STATUS_SUCCESS))
def setup_class(self): self.status = samlp.Status()