def __init__(self, outgoing, internal_attributes, config): """ :type outgoing: (satosa.context.Context, satosa.internal_data.InternalResponse) -> satosa.response.Response :type internal_attributes: dict[str, dict[str, list[str] | str]] :type config: dict[str, Any] :param outgoing: Callback should be called by the module after the authorization in the backend is done. :param internal_attributes: Internal attribute map :param config: The module config """ super(SamlBackend, self).__init__(outgoing, internal_attributes) sp_config = SPConfig().load(copy.deepcopy(config["config"]), False) self.sp = Base(sp_config) self.idp_disco_query_param = "entityID" self.config = config self.attribute_profile = config.get("attribute_profile", "saml") self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST] self.discosrv = None self.state_id = config["state_id"] try: self.discosrv = config["disco_srv"] except KeyError: pass
def __init__(self, outgoing, internal_attributes, config, base_url, name): """ :type outgoing: (satosa.context.Context, satosa.internal.InternalData) -> satosa.response.Response :type internal_attributes: dict[str, dict[str, list[str] | str]] :type config: dict[str, Any] :type base_url: str :type name: str :param outgoing: Callback should be called by the module after the authorization in the backend is done. :param internal_attributes: Internal attribute map :param config: The module config :param base_url: base url of the service :param name: name of the plugin """ super().__init__(outgoing, internal_attributes, base_url, name) self.config = self.init_config(config) sp_config = SPConfig().load( copy.deepcopy(config[SAMLBackend.KEY_SP_CONFIG]), False) self.sp = Base(sp_config) self.discosrv = config.get(SAMLBackend.KEY_DISCO_SRV) self.encryption_keys = [] self.outstanding_queries = {} self.idp_blacklist_file = config.get('idp_blacklist_file', None) self.requested_attributes = self.config.get( SAMLBackend.KEY_DYNAMIC_REQUESTED_ATTRIBUTES) sp_keypairs = sp_config.getattr('encryption_keypairs', '') sp_key_file = sp_config.getattr('key_file', '') if sp_keypairs: key_file_paths = [pair['key_file'] for pair in sp_keypairs] elif sp_key_file: key_file_paths = [sp_key_file] else: key_file_paths = [] for p in key_file_paths: with open(p) as key_file: self.encryption_keys.append(key_file.read())
def __init__(self, outgoing, internal_attributes, config, base_url, name): """ :type outgoing: (satosa.context.Context, satosa.internal_data.InternalResponse) -> satosa.response.Response :type internal_attributes: dict[str, dict[str, list[str] | str]] :type config: dict[str, Any] :type base_url: str :type name: str :param outgoing: Callback should be called by the module after the authorization in the backend is done. :param internal_attributes: Internal attribute map :param config: The module config :param base_url: base url of the service :param name: name of the plugin """ super().__init__(outgoing, internal_attributes, base_url, name) sp_config = SPConfig().load(copy.deepcopy(config["sp_config"]), False) self.sp = Base(sp_config) self.config = config self.attribute_profile = config.get("attribute_profile", "saml") self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST] self.discosrv = config.get("disco_srv") self.encryption_keys = [] key_file_paths = None if 'encryption_keypairs' in self.config[ 'sp_config']: # prioritize explicit encryption keypairs key_file_paths = [ keypair['key_file'] for keypair in self.config['sp_config']['encryption_keypairs'] ] elif 'key_file' in self.config['sp_config']: key_file_paths = [self.config['sp_config']['key_file']] if key_file_paths: for p in key_file_paths: with open(p) as key_file: self.encryption_keys.append(key_file.read())
def __init__(self, environ, start_response, config, cache=None, outgoing=None, discosrv=None, bindings=None): service.Service.__init__(self, environ, start_response) self.sp = Base(config, state_cache=cache) self.environ = environ self.start_response = start_response self.cache = cache self.idp_query_param = "IdpQuery" self.outgoing = outgoing self.discosrv = discosrv if bindings: self.bindings = bindings else: self.bindings = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST] logger.debug("--- SSO ---")