def test_do_idp_sso_descriptor():
conf = IdPConfig().load(IDP)
idpsso = metadata.do_idpsso_descriptor(conf)
assert isinstance(idpsso, md.IDPSSODescriptor)
assert _eq(idpsso.keyswv(), [
'protocol_support_enumeration', 'single_sign_on_service',
'want_authn_requests_signed', "extensions"
])
exts = idpsso.extensions.extension_elements
assert len(exts) == 2
print(exts)
inst = saml2.extension_element_to_element(exts[0],
shibmd.ELEMENT_FROM_STRING,
namespace=shibmd.NAMESPACE)
assert isinstance(inst, shibmd.Scope)
assert inst.text == "example.org"
assert inst.regexp == "false"
uiinfo = saml2.extension_element_to_element(exts[1],
mdui.ELEMENT_FROM_STRING,
namespace=mdui.NAMESPACE)
assert uiinfo
assert _eq(uiinfo.keyswv(), [
'display_name', 'description', 'information_url',
'privacy_statement_url', 'keywords', 'logo'
])
assert len(uiinfo.privacy_statement_url) == 1
assert uiinfo.privacy_statement_url[
0].text == "http://example.com/saml2/privacyStatement.html"
assert len(uiinfo.description) == 1
assert uiinfo.description[0].text == "Exempel bolag"
assert uiinfo.description[0].lang == "se"
res = extension_elements_to_elements(exts, [shibmd, mdui])
assert len(res) == 2
# one is a shibmd.Scope instance and the other a mdui.UIInfo instance
if isinstance(res[0], shibmd.Scope):
assert isinstance(res[1], mdui.UIInfo)
elif isinstance(res[1], shibmd.Scope):
assert isinstance(res[0], mdui.UIInfo)
found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag,
mdui.NAMESPACE)
assert len(found) == 1
elem = idpsso.extensions.extensions_as_elements(mdui.UIInfo.c_tag, mdui)
assert len(elem) == 1
assert isinstance(elem[0], mdui.UIInfo)
def test_do_idp_sso_descriptor():
conf = IdPConfig().load(IDP, metadata_construction=True)
idpsso = metadata.do_idpsso_descriptor(conf)
assert isinstance(idpsso, md.IDPSSODescriptor)
assert _eq(idpsso.keyswv(), ['protocol_support_enumeration',
'single_sign_on_service',
'want_authn_requests_signed',
"extensions"])
exts = idpsso.extensions.extension_elements
assert len(exts) == 2
print exts
inst = saml2.extension_element_to_element(exts[0],
shibmd.ELEMENT_FROM_STRING,
namespace=shibmd.NAMESPACE)
assert isinstance(inst, shibmd.Scope)
assert inst.text == "example.org"
assert inst.regexp == "false"
uiinfo = saml2.extension_element_to_element(exts[1],
mdui.ELEMENT_FROM_STRING,
namespace=mdui.NAMESPACE)
assert uiinfo
assert _eq(uiinfo.keyswv(), ['display_name', 'description',
'information_url', 'privacy_statement_url',
'keywords', 'logo'])
assert len(uiinfo.privacy_statement_url) == 1
assert uiinfo.privacy_statement_url[0].text == "http://example.com/saml2/privacyStatement.html"
assert len(uiinfo.description) == 1
assert uiinfo.description[0].text == "Exempel bolag"
assert uiinfo.description[0].lang == "se"
res = extension_elements_to_elements(exts,[shibmd, mdui])
assert len(res) == 2
# one is a shibmd.Scope instance and the other a mdui.UIInfo instance
if isinstance(res[0], shibmd.Scope):
assert isinstance(res[1], mdui.UIInfo)
elif isinstance(res[1], shibmd.Scope):
assert isinstance(res[0], mdui.UIInfo)
found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag,
mdui.NAMESPACE)
assert len(found) == 1
elem = idpsso.extensions.extensions_as_elements(mdui.UIInfo.c_tag, mdui)
assert len(elem) == 1
assert isinstance(elem[0], mdui.UIInfo)
def test_do_sp_sso_descriptor_2():
SP["service"]["sp"]["discovery_response"] = "http://example.com/sp/ds"
conf = SPConfig().load(SP, metadata_construction=True)
spsso = metadata.do_spsso_descriptor(conf)
assert isinstance(spsso, md.SPSSODescriptor)
print spsso.keyswv()
assert _eq(spsso.keyswv(), ['authn_requests_signed',
'attribute_consuming_service',
'single_logout_service',
'protocol_support_enumeration',
'assertion_consumer_service',
'want_assertions_signed',
'extensions'])
exts = spsso.extensions.extension_elements
assert len(exts) == 1
print exts
idpd = saml2.extension_element_to_element(exts[0],
idpdisc.ELEMENT_FROM_STRING,
namespace=idpdisc.NAMESPACE)
print idpd
assert idpd.location == "http://example.com/sp/ds"
assert idpd.index == "0"
assert idpd.binding == "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
def test_do_sp_sso_descriptor_2():
SP["service"]["sp"]["discovery_response"] = "http://example.com/sp/ds"
conf = SPConfig().load(SP, metadata_construction=True)
spsso = metadata.do_spsso_descriptor(conf)
assert isinstance(spsso, md.SPSSODescriptor)
print spsso.keyswv()
assert _eq(spsso.keyswv(), ['authn_requests_signed',
'attribute_consuming_service',
'single_logout_service',
'protocol_support_enumeration',
'assertion_consumer_service',
'want_assertions_signed',
'extensions'])
exts = spsso.extensions.extension_elements
assert len(exts) == 1
print exts
idpd = saml2.extension_element_to_element(exts[0],
idpdisc.ELEMENT_FROM_STRING,
namespace=idpdisc.NAMESPACE)
print idpd
assert idpd.location == "http://example.com/sp/ds"
assert idpd.index == "0"
assert idpd.binding == "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
def _encrypted_assertion(self, xmlstr):
if xmlstr.encrypted_data:
assertion_str = self.sec.decrypt(xmlstr.encrypted_data.to_string())
assertion = saml.assertion_from_string(assertion_str)
else:
decrypt_xml = self.sec.decrypt(xmlstr)
logger.debug("Decryption successfull")
self.response = samlp.response_from_string(decrypt_xml)
logger.debug("Parsed decrypted assertion successfull")
enc = self.response.encrypted_assertion[0].extension_elements[0]
assertion = extension_element_to_element(
enc, saml.ELEMENT_FROM_STRING, namespace=saml.NAMESPACE)
logger.debug("Decrypted Assertion: %s" % assertion)
return self._assertion(assertion)
def _encrypted_assertion(self, xmlstr):
if xmlstr.encrypted_data:
assertion_str = self.sec.decrypt(xmlstr.encrypted_data)
assertion = saml.assertion_from_string(assertion_str)
else:
decrypt_xml = self.sec.decrypt(xmlstr)
logger.debug("Decryption successfull")
self.response = samlp.response_from_string(decrypt_xml)
logger.debug("Parsed decrypted assertion successfull")
enc = self.response.encrypted_assertion[0].extension_elements[0]
assertion = extension_element_to_element(enc,
saml.ELEMENT_FROM_STRING,
namespace=saml.NAMESPACE)
logger.debug("Decrypted Assertion: %s" % assertion)
return self._assertion(assertion)
def test_6():
rl = xenc.reference_list_from_string(data6)
assert rl
print rl
assert len(rl.data_reference) == 1
dr = rl.data_reference[0]
assert dr.uri == "#invoice34"
assert len(dr.extension_elements) == 1
ee = dr.extension_elements[0]
assert ee.tag == "Transforms"
assert ee.namespace == "http://www.w3.org/2000/09/xmldsig#"
trs = saml2.extension_element_to_element(ee, xmldsig.ELEMENT_FROM_STRING,
namespace=xmldsig.NAMESPACE)
assert trs
assert len(trs.transform) == 1
tr = trs.transform[0]
assert tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116"
assert len(tr.x_path) == 1
assert tr.x_path[0].text.strip() == """self::xenc:EncryptedData[@Id="example1"]"""
def test_6():
rl = xenc.reference_list_from_string(data6)
assert rl
print rl
assert len(rl.data_reference) == 1
dr = rl.data_reference[0]
assert dr.uri == "#invoice34"
assert len(dr.extension_elements) == 1
ee = dr.extension_elements[0]
assert ee.tag == "Transforms"
assert ee.namespace == "http://www.w3.org/2000/09/xmldsig#"
trs = saml2.extension_element_to_element(ee,
xmldsig.ELEMENT_FROM_STRING,
namespace=xmldsig.NAMESPACE)
assert trs
assert len(trs.transform) == 1
tr = trs.transform[0]
assert tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116"
assert len(tr.x_path) == 1
assert tr.x_path[0].text.strip(
) == """self::xenc:EncryptedData[@Id="example1"]"""