Allow signature verification even on local files.
This commit is contained in:
Roland Hedberg
@@ -107,12 +107,12 @@ def repack_cert(cert):
|
|||||||
|
|
||||||
class MetaData(object):
|
class MetaData(object):
|
||||||
def __init__(self, onts, attrc, metadata="", node_name=None,
|
def __init__(self, onts, attrc, metadata="", node_name=None,
|
||||||
check_validity=True, **kwargs):
|
check_validity=True, security=None, **kwargs):
|
||||||
self.onts = onts
|
self.onts = onts
|
||||||
self.attrc = attrc
|
self.attrc = attrc
|
||||||
self.entity = {}
|
self.entity = {}
|
||||||
self.metadata = metadata
|
self.metadata = metadata
|
||||||
self.security = None
|
self.security = security
|
||||||
self.node_name = node_name
|
self.node_name = node_name
|
||||||
self.entities_descr = None
|
self.entities_descr = None
|
||||||
self.entity_descr = None
|
self.entity_descr = None
|
||||||
@@ -412,11 +412,13 @@ class MetaDataLoader(MetaDataFile):
|
|||||||
Handles Metadata file loaded by a passed in function.
|
Handles Metadata file loaded by a passed in function.
|
||||||
The format of the file is the SAML Metadata format.
|
The format of the file is the SAML Metadata format.
|
||||||
"""
|
"""
|
||||||
def __init__(self, onts, attrc, loader_callable, cert=None, **kwargs):
|
def __init__(self, onts, attrc, loader_callable, cert=None,
|
||||||
|
security=None, **kwargs):
|
||||||
MetaData.__init__(self, onts, attrc, **kwargs)
|
MetaData.__init__(self, onts, attrc, **kwargs)
|
||||||
self.metadata_provider_callable = self.get_metadata_loader(
|
self.metadata_provider_callable = self.get_metadata_loader(
|
||||||
loader_callable)
|
loader_callable)
|
||||||
self.cert = cert
|
self.cert = cert
|
||||||
|
self.security = security
|
||||||
|
|
||||||
@staticmethod
|
@staticmethod
|
||||||
def get_metadata_loader(func):
|
def get_metadata_loader(func):
|
||||||
|
|||||||
@@ -1119,11 +1119,11 @@ class CertHandler(object):
|
|||||||
self._verify_cert = verify_cert is True
|
self._verify_cert = verify_cert is True
|
||||||
self._security_context = security_context
|
self._security_context = security_context
|
||||||
self._osw = OpenSSLWrapper()
|
self._osw = OpenSSLWrapper()
|
||||||
if key_file is not None and os.path.isfile(key_file):
|
if key_file and os.path.isfile(key_file):
|
||||||
self._key_str = self._osw.read_str_from_file(key_file, key_type)
|
self._key_str = self._osw.read_str_from_file(key_file, key_type)
|
||||||
else:
|
else:
|
||||||
self._key_str = ""
|
self._key_str = ""
|
||||||
if cert_file is not None:
|
if cert_file and os.path.isfile(key_file):
|
||||||
self._cert_str = self._osw.read_str_from_file(cert_file,
|
self._cert_str = self._osw.read_str_from_file(cert_file,
|
||||||
cert_type)
|
cert_type)
|
||||||
else:
|
else:
|
||||||
|
|||||||
@@ -61,6 +61,12 @@ else:
|
|||||||
kwargs = {}
|
kwargs = {}
|
||||||
|
|
||||||
if args.type == "local":
|
if args.type == "local":
|
||||||
|
if args.cert and args.xmlsec:
|
||||||
|
crypto = _get_xmlsec_cryptobackend(args.xmlsec)
|
||||||
|
sc = SecurityContext(crypto)
|
||||||
|
metad = MetaDataFile(ONTS.values(), args.item, args.item,
|
||||||
|
cert=args.cert, security=sc, **kwargs)
|
||||||
|
else:
|
||||||
metad = MetaDataFile(ONTS.values(), args.item, args.item, **kwargs)
|
metad = MetaDataFile(ONTS.values(), args.item, args.item, **kwargs)
|
||||||
elif args.type == "external":
|
elif args.type == "external":
|
||||||
ATTRCONV = ac_factory(args.attrsmap)
|
ATTRCONV = ac_factory(args.attrsmap)
|
||||||
|
|||||||
Reference in New Issue
Block a user