def _verify_cas3_saml(ticket, service): """CAS3 + SAML""" try: from xml.etree import ElementTree except ImportError: from elementtree import ElementTree # We do the SAML validation headers = { 'soapaction': 'http://www.oasis-open.org/committees/security', 'cache-control': 'no-cache', 'pragma': 'no-cache', 'accept': 'text/xml', 'connection': 'keep-alive', 'content-type': 'text/xml; ', } params = [('ticket', ticket), ('service', service), ('TARGET', service)] saml_validat_url = urllib_parse.urljoin( settings.CAS_SERVER_URL, 'samlValidate', ) # teste #saml_validat_url = urllib_parse.urljoin(settings.CAS_SERVER_URL, 'proxyValidate',) url = Request( saml_validat_url + '?' + urllib_parse.urlencode(params), '', headers, ) print "#############################" print params print urllib_parse.urlencode(params) print url print "SAML" print get_saml_assertion(ticket) print "" from urllib2 import URLError try: print urlopen(url, data=get_saml_assertion(ticket)) except URLError, e: print "um erro::::" print e
def fetch_saml_validation(self, ticket): # We do the SAML validation headers = { 'soapaction': 'http://www.oasis-open.org/committees/security', 'cache-control': 'no-cache', 'pragma': 'no-cache', 'accept': 'text/xml', 'connection': 'keep-alive', 'content-type': 'text/xml; charset=utf-8', } params = [('TARGET', self.service_url)] saml_validate_url = urllib_parse.urljoin( self.server_url, 'samlValidate', ) request = Request( saml_validate_url + '?' + urllib_parse.urlencode(params), self.get_saml_assertion(ticket), headers, ) page = urlopen(request) return page
def _verify_cas2_saml(ticket, service): """Verifies CAS 3.0+ XML-based authentication ticket and returns extended attributes. @date: 2011-11-30 @author: Carlos Gonzalez Vila <*****@*****.**> Returns username and attributes on success and None,None on failure. """ try: from xml.etree import ElementTree except ImportError: from elementtree import ElementTree # We do the SAML validation headers = { 'soapaction': 'http://www.oasis-open.org/committees/security', 'cache-control': 'no-cache', 'pragma': 'no-cache', 'accept': 'text/xml', 'connection': 'keep-alive', 'content-type': 'text/xml; charset=utf-8', } params = [('TARGET', service)] saml_validat_url = urllib_parse.urljoin( settings.CAS_SERVER_URL, 'samlValidate', ) url = Request( saml_validat_url + '?' + urllib_parse.urlencode(params), '', headers, ) page = urlopen(url, data=get_saml_assertion(ticket)) try: user = None attributes = {} response = page.read() tree = ElementTree.fromstring(response) # Find the authentication status success = tree.find('.//' + SAML_1_0_PROTOCOL_NS + 'StatusCode') if success is not None and success.attrib['Value'] == 'samlp:Success': # User is validated attrs = tree.findall('.//' + SAML_1_0_ASSERTION_NS + 'Attribute') for at in attrs: if 'uid' in list(at.attrib.values()): user = at.find(SAML_1_0_ASSERTION_NS + 'AttributeValue').text attributes['uid'] = user values = at.findall(SAML_1_0_ASSERTION_NS + 'AttributeValue') if len(values) > 1: values_array = [] for v in values: values_array.append(v.text) attributes[at.attrib['AttributeName']] = values_array else: attributes[at.attrib['AttributeName']] = values[0].text return user, attributes finally: page.close()
def _verify_cas3_saml(ticket, service): """CAS3 + SAML""" try: from xml.etree import ElementTree except ImportError: from elementtree import ElementTree # We do the SAML validation headers = { 'soapaction': 'http://www.oasis-open.org/committees/security', 'cache-control': 'no-cache', 'pragma': 'no-cache', 'accept': 'text/xml', 'connection': 'keep-alive', 'content-type': 'text/xml; charset=utf-8', } params = [('ticket', ticket), ('service', service), ('TARGET', service)] saml_validat_url = urllib_parse.urljoin( settings.CAS_SERVER_URL, 'samlValidate', ) # teste #saml_validat_url = urllib_parse.urljoin(settings.CAS_SERVER_URL, 'proxyValidate',) url = Request( saml_validat_url + '?' + urllib_parse.urlencode(params), '', headers, ) page = urlopen(url, data=get_saml_assertion(ticket)) try: user = None attributes = {} response = page.read() #.replace('\n','') #response = response.encode("utf-8") tree = ElementTree.fromstring(response) #print response # Find the authentication status success = tree.find('.//' + SAML_1_0_PROTOCOL_NS + 'StatusCode') if success is not None and success.attrib['Value'] == 'saml1p:Success': # User is validated attrs = tree.findall('.//' + SAML_1_0_ASSERTION_NS + 'Attribute') for at in attrs: attributes[at.attrib['AttributeName']] = at.find( SAML_1_0_ASSERTION_NS + 'AttributeValue').text """ if 'login' in list(at.attrib.values()): user = at.find(SAML_1_0_ASSERTION_NS + 'AttributeValue').text attributes['login'] = user #user = attributes['idPessoa'] values = at.findall(SAML_1_0_ASSERTION_NS + 'AttributeValue') if len(values) > 1: values_array = [] for v in values: values_array.append(v.text) attributes[at.attrib['AttributeName']] = values_array else: attributes[at.attrib['AttributeName']] = values[0].text """ return attributes['login'], attributes finally: page.close()