def hash_attributes(self, config, internal_data):
for attribute in config[CONFIG_KEY_ATTRS]:
internal_data.attributes[attribute] = [
util.hash_data(
config[CONFIG_KEY_SALT],
value,
hash_alg=config[CONFIG_KEY_ALG],
)
for value in internal_data.attributes.get(attribute, [])
]
def hash_data(salt, value):
"""
Hashes a value together with a salt.
:type salt: str
:type value: str
:param salt: hash salt
:param value: value to hash together with the salt
:return: hash value (SHA512)
"""
msg = "UserIdHasher is deprecated; use satosa.util.hash_data instead."
_warnings.warn(msg, DeprecationWarning)
return util.hash_data(salt, value)
def hash_data(salt, value):
"""
Hashes a value together with a salt.
:type salt: str
:type value: str
:param salt: hash salt
:param value: value to hash together with the salt
:return: hash value (SHA512)
"""
msg = "UserIdHasher is deprecated; use satosa.util.hash_data instead."
_warnings.warn(msg, DeprecationWarning)
return util.hash_data(salt, value)
def hash_attributes(hash_attributes, internal_attributes, salt):
# Hash all attributes specified in INTERNAL_ATTRIBUTES["hash"]
for attribute in hash_attributes:
msg = ("'USER_ID_HASH_SALT' configuration option is deprecated."
" 'hash' configuration option is deprecated."
" Use the hasher microservice instead.")
_warnings.warn(msg, DeprecationWarning)
# hash all attribute values individually
if attribute in internal_attributes:
hashed_values = [
util.hash_data(salt, v) for v in internal_attributes[attribute]
]
internal_attributes[attribute] = hashed_values
def hash_attributes(hash_attributes, internal_attributes, salt):
msg = (
"'USER_ID_HASH_SALT' configuration option is deprecated."
" 'hash' configuration option is deprecated."
" Use the hasher microservice instead."
)
_warnings.warn(msg, DeprecationWarning)
# Hash all attributes specified in INTERNAL_ATTRIBUTES["hash"]
for attribute in hash_attributes:
# hash all attribute values individually
if attribute in internal_attributes:
hashed_values = [
util.hash_data(salt, v) for v in internal_attributes[attribute]
]
internal_attributes[attribute] = hashed_values
def hash_attributes(self, config, internal_data):
for attribute in config[CONFIG_KEY_ATTRS]:
for value in internal_data.attributes.get(attribute, []):
originaluserid = config["usermapping"].get(value, False)
if originaluserid:
internal_data.attributes[attribute] = [
config["usermapping"][value]
]
else:
internal_data.attributes[attribute] = [
util.hash_data(
config[CONFIG_KEY_SALT],
value,
hash_alg=config[CONFIG_KEY_ALG],
)
]
def test_auth_resp_callback_func_hashes_all_specified_attributes(self, context, satosa_config):
satosa_config["INTERNAL_ATTRIBUTES"]["hash"] = ["user_id", "mail"]
base = SATOSABase(satosa_config)
attributes = {"user_id": ["user"], "mail": ["*****@*****.**", "*****@*****.**"]}
internal_resp = InternalData(auth_info=AuthenticationInformation("", "", ""))
internal_resp.attributes = copy.copy(attributes)
internal_resp.subject_id = "test_user"
context.state[satosa.base.STATE_KEY] = {"requester": "test_requester"}
context.state[satosa.routing.STATE_KEY] = satosa_config["FRONTEND_MODULES"][0]["name"]
base._auth_resp_callback_func(context, internal_resp)
for attr in satosa_config["INTERNAL_ATTRIBUTES"]["hash"]:
assert internal_resp.attributes[attr] == [
util.hash_data(satosa_config.get("USER_ID_HASH_SALT", ""), v)
for v in attributes[attr]
]
def hash_subject_id(self, config, internal_data):
internal_data.subject_id = util.hash_data(
config[CONFIG_KEY_SALT],
internal_data.subject_id,
hash_alg=config[CONFIG_KEY_ALG],
)