示例#1
0
def test_do_idp_sso_descriptor():
    conf = IdPConfig().load(IDP)
    idpsso = metadata.do_idpsso_descriptor(conf)

    assert isinstance(idpsso, md.IDPSSODescriptor)
    assert _eq(idpsso.keyswv(), [
        'protocol_support_enumeration', 'single_sign_on_service',
        'want_authn_requests_signed', "extensions"
    ])
    exts = idpsso.extensions.extension_elements
    assert len(exts) == 2
    print(exts)
    inst = saml2.extension_element_to_element(exts[0],
                                              shibmd.ELEMENT_FROM_STRING,
                                              namespace=shibmd.NAMESPACE)
    assert isinstance(inst, shibmd.Scope)
    assert inst.text == "example.org"
    assert inst.regexp == "false"

    uiinfo = saml2.extension_element_to_element(exts[1],
                                                mdui.ELEMENT_FROM_STRING,
                                                namespace=mdui.NAMESPACE)

    assert uiinfo
    assert _eq(uiinfo.keyswv(), [
        'display_name', 'description', 'information_url',
        'privacy_statement_url', 'keywords', 'logo'
    ])

    assert len(uiinfo.privacy_statement_url) == 1
    assert uiinfo.privacy_statement_url[
        0].text == "http://example.com/saml2/privacyStatement.html"
    assert len(uiinfo.description) == 1
    assert uiinfo.description[0].text == "Exempel bolag"
    assert uiinfo.description[0].lang == "se"

    res = extension_elements_to_elements(exts, [shibmd, mdui])

    assert len(res) == 2
    # one is a shibmd.Scope instance and the other a mdui.UIInfo instance
    if isinstance(res[0], shibmd.Scope):
        assert isinstance(res[1], mdui.UIInfo)
    elif isinstance(res[1], shibmd.Scope):
        assert isinstance(res[0], mdui.UIInfo)

    found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag,
                                              mdui.NAMESPACE)
    assert len(found) == 1

    elem = idpsso.extensions.extensions_as_elements(mdui.UIInfo.c_tag, mdui)
    assert len(elem) == 1
    assert isinstance(elem[0], mdui.UIInfo)
示例#2
0
def test_do_idp_sso_descriptor():
    conf = IdPConfig().load(IDP, metadata_construction=True)
    idpsso = metadata.do_idpsso_descriptor(conf)

    assert isinstance(idpsso, md.IDPSSODescriptor)
    assert _eq(idpsso.keyswv(), ['protocol_support_enumeration', 
                                'single_sign_on_service', 
                                'want_authn_requests_signed',
                                "extensions"])
    exts = idpsso.extensions.extension_elements
    assert len(exts) == 2
    print exts
    inst = saml2.extension_element_to_element(exts[0],
                                              shibmd.ELEMENT_FROM_STRING,
                                              namespace=shibmd.NAMESPACE)
    assert isinstance(inst, shibmd.Scope)
    assert inst.text == "example.org"
    assert inst.regexp == "false"

    uiinfo = saml2.extension_element_to_element(exts[1],
                                              mdui.ELEMENT_FROM_STRING,
                                              namespace=mdui.NAMESPACE)

    assert uiinfo
    assert _eq(uiinfo.keyswv(), ['display_name', 'description',
                                 'information_url', 'privacy_statement_url',
                                 'keywords', 'logo'])

    assert len(uiinfo.privacy_statement_url) == 1
    assert uiinfo.privacy_statement_url[0].text == "http://example.com/saml2/privacyStatement.html"
    assert len(uiinfo.description) == 1
    assert uiinfo.description[0].text == "Exempel bolag"
    assert uiinfo.description[0].lang == "se"

    res = extension_elements_to_elements(exts,[shibmd, mdui])

    assert len(res) == 2
    # one is a shibmd.Scope instance and the other a mdui.UIInfo instance
    if isinstance(res[0], shibmd.Scope):
        assert isinstance(res[1], mdui.UIInfo)
    elif isinstance(res[1], shibmd.Scope):
        assert isinstance(res[0], mdui.UIInfo)

    found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag,
                                              mdui.NAMESPACE)
    assert len(found) == 1

    elem = idpsso.extensions.extensions_as_elements(mdui.UIInfo.c_tag, mdui)
    assert len(elem) == 1
    assert isinstance(elem[0], mdui.UIInfo)
示例#3
0
def test_do_sp_sso_descriptor_2():
    SP["service"]["sp"]["discovery_response"] = "http://example.com/sp/ds"
    
    conf = SPConfig().load(SP, metadata_construction=True)
    spsso = metadata.do_spsso_descriptor(conf)

    assert isinstance(spsso, md.SPSSODescriptor)
    print spsso.keyswv()
    assert _eq(spsso.keyswv(), ['authn_requests_signed',
                                'attribute_consuming_service',
                                'single_logout_service',
                                'protocol_support_enumeration',
                                'assertion_consumer_service',
                                'want_assertions_signed',
                                'extensions'])

    exts = spsso.extensions.extension_elements
    assert len(exts) == 1
    print exts
    idpd = saml2.extension_element_to_element(exts[0],
                                              idpdisc.ELEMENT_FROM_STRING,
                                              namespace=idpdisc.NAMESPACE)
    print idpd
    assert idpd.location == "http://example.com/sp/ds"
    assert idpd.index == "0"
    assert idpd.binding == "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
示例#4
0
def test_do_sp_sso_descriptor_2():
    SP["service"]["sp"]["discovery_response"] = "http://example.com/sp/ds"
    
    conf = SPConfig().load(SP, metadata_construction=True)
    spsso = metadata.do_spsso_descriptor(conf)

    assert isinstance(spsso, md.SPSSODescriptor)
    print spsso.keyswv()
    assert _eq(spsso.keyswv(), ['authn_requests_signed',
                                'attribute_consuming_service',
                                'single_logout_service',
                                'protocol_support_enumeration',
                                'assertion_consumer_service',
                                'want_assertions_signed',
                                'extensions'])

    exts = spsso.extensions.extension_elements
    assert len(exts) == 1
    print exts
    idpd = saml2.extension_element_to_element(exts[0],
                                              idpdisc.ELEMENT_FROM_STRING,
                                              namespace=idpdisc.NAMESPACE)
    print idpd
    assert idpd.location == "http://example.com/sp/ds"
    assert idpd.index == "0"
    assert idpd.binding == "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
示例#5
0
文件: response.py 项目: taizo/pysaml2
    def _encrypted_assertion(self, xmlstr):
        if xmlstr.encrypted_data:
            assertion_str = self.sec.decrypt(xmlstr.encrypted_data.to_string())
            assertion = saml.assertion_from_string(assertion_str)
        else:
            decrypt_xml = self.sec.decrypt(xmlstr)

            logger.debug("Decryption successfull")

            self.response = samlp.response_from_string(decrypt_xml)
            logger.debug("Parsed decrypted assertion successfull")

            enc = self.response.encrypted_assertion[0].extension_elements[0]
            assertion = extension_element_to_element(
                enc, saml.ELEMENT_FROM_STRING, namespace=saml.NAMESPACE)

        logger.debug("Decrypted Assertion: %s" % assertion)
        return self._assertion(assertion)
示例#6
0
    def _encrypted_assertion(self, xmlstr):
        if xmlstr.encrypted_data:
            assertion_str = self.sec.decrypt(xmlstr.encrypted_data)
            assertion = saml.assertion_from_string(assertion_str)
        else:
            decrypt_xml = self.sec.decrypt(xmlstr)

            logger.debug("Decryption successfull")

            self.response = samlp.response_from_string(decrypt_xml)
            logger.debug("Parsed decrypted assertion successfull")

            enc = self.response.encrypted_assertion[0].extension_elements[0]
            assertion = extension_element_to_element(enc,
                                                     saml.ELEMENT_FROM_STRING,
                                                     namespace=saml.NAMESPACE)

        logger.debug("Decrypted Assertion: %s" % assertion)
        return self._assertion(assertion)
示例#7
0
def test_6():
    rl = xenc.reference_list_from_string(data6)
    assert rl
    print rl
    assert len(rl.data_reference) == 1
    dr = rl.data_reference[0]
    assert dr.uri == "#invoice34"
    assert len(dr.extension_elements) == 1
    ee = dr.extension_elements[0]
    assert ee.tag == "Transforms"
    assert ee.namespace == "http://www.w3.org/2000/09/xmldsig#"
    trs = saml2.extension_element_to_element(ee, xmldsig.ELEMENT_FROM_STRING,
                                        namespace=xmldsig.NAMESPACE)
    
    assert trs
    assert len(trs.transform) == 1
    tr = trs.transform[0]
    assert tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116"
    assert len(tr.x_path) == 1
    assert tr.x_path[0].text.strip() == """self::xenc:EncryptedData[@Id="example1"]"""
示例#8
0
def test_6():
    rl = xenc.reference_list_from_string(data6)
    assert rl
    print rl
    assert len(rl.data_reference) == 1
    dr = rl.data_reference[0]
    assert dr.uri == "#invoice34"
    assert len(dr.extension_elements) == 1
    ee = dr.extension_elements[0]
    assert ee.tag == "Transforms"
    assert ee.namespace == "http://www.w3.org/2000/09/xmldsig#"
    trs = saml2.extension_element_to_element(ee,
                                             xmldsig.ELEMENT_FROM_STRING,
                                             namespace=xmldsig.NAMESPACE)

    assert trs
    assert len(trs.transform) == 1
    tr = trs.transform[0]
    assert tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116"
    assert len(tr.x_path) == 1
    assert tr.x_path[0].text.strip(
    ) == """self::xenc:EncryptedData[@Id="example1"]"""