def __init__(self, outgoing, internal_attributes, config):
"""
:type outgoing:
(satosa.context.Context, satosa.internal_data.InternalResponse) -> satosa.response.Response
:type internal_attributes: dict[str, dict[str, list[str] | str]]
:type config: dict[str, Any]
:param outgoing: Callback should be called by the module after
the authorization in the backend is done.
:param internal_attributes: Internal attribute map
:param config: The module config
"""
super(SamlBackend, self).__init__(outgoing, internal_attributes)
sp_config = SPConfig().load(copy.deepcopy(config["config"]), False)
self.sp = Base(sp_config)
self.idp_disco_query_param = "entityID"
self.config = config
self.attribute_profile = config.get("attribute_profile", "saml")
self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST]
self.discosrv = None
self.state_id = config["state_id"]
try:
self.discosrv = config["disco_srv"]
except KeyError:
pass
def __init__(self, outgoing, internal_attributes, config, base_url, name):
"""
:type outgoing:
(satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response
:type internal_attributes: dict[str, dict[str, list[str] | str]]
:type config: dict[str, Any]
:type base_url: str
:type name: str
:param outgoing: Callback should be called by the module after
the authorization in the backend is done.
:param internal_attributes: Internal attribute map
:param config: The module config
:param base_url: base url of the service
:param name: name of the plugin
"""
super().__init__(outgoing, internal_attributes, base_url, name)
self.config = self.init_config(config)
sp_config = SPConfig().load(
copy.deepcopy(config[SAMLBackend.KEY_SP_CONFIG]), False)
self.sp = Base(sp_config)
self.discosrv = config.get(SAMLBackend.KEY_DISCO_SRV)
self.encryption_keys = []
self.outstanding_queries = {}
self.idp_blacklist_file = config.get('idp_blacklist_file', None)
self.requested_attributes = self.config.get(
SAMLBackend.KEY_DYNAMIC_REQUESTED_ATTRIBUTES)
sp_keypairs = sp_config.getattr('encryption_keypairs', '')
sp_key_file = sp_config.getattr('key_file', '')
if sp_keypairs:
key_file_paths = [pair['key_file'] for pair in sp_keypairs]
elif sp_key_file:
key_file_paths = [sp_key_file]
else:
key_file_paths = []
for p in key_file_paths:
with open(p) as key_file:
self.encryption_keys.append(key_file.read())
def __init__(self, outgoing, internal_attributes, config, base_url, name):
"""
:type outgoing:
(satosa.context.Context, satosa.internal_data.InternalResponse) -> satosa.response.Response
:type internal_attributes: dict[str, dict[str, list[str] | str]]
:type config: dict[str, Any]
:type base_url: str
:type name: str
:param outgoing: Callback should be called by the module after
the authorization in the backend is done.
:param internal_attributes: Internal attribute map
:param config: The module config
:param base_url: base url of the service
:param name: name of the plugin
"""
super().__init__(outgoing, internal_attributes, base_url, name)
sp_config = SPConfig().load(copy.deepcopy(config["sp_config"]), False)
self.sp = Base(sp_config)
self.config = config
self.attribute_profile = config.get("attribute_profile", "saml")
self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST]
self.discosrv = config.get("disco_srv")
self.encryption_keys = []
key_file_paths = None
if 'encryption_keypairs' in self.config[
'sp_config']: # prioritize explicit encryption keypairs
key_file_paths = [
keypair['key_file']
for keypair in self.config['sp_config']['encryption_keypairs']
]
elif 'key_file' in self.config['sp_config']:
key_file_paths = [self.config['sp_config']['key_file']]
if key_file_paths:
for p in key_file_paths:
with open(p) as key_file:
self.encryption_keys.append(key_file.read())
def __init__(self,
environ,
start_response,
config,
cache=None,
outgoing=None,
discosrv=None,
bindings=None):
service.Service.__init__(self, environ, start_response)
self.sp = Base(config, state_cache=cache)
self.environ = environ
self.start_response = start_response
self.cache = cache
self.idp_query_param = "IdpQuery"
self.outgoing = outgoing
self.discosrv = discosrv
if bindings:
self.bindings = bindings
else:
self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST]
logger.debug("--- SSO ---")
