openstack/deb-python-pysaml2
Code Issues Proposed changes

extended API with lists for supported NameID formats, AttributeName formats, digest and sig algs

Browse Source
This commit is contained in:
rhoerbe
2014-08-11 19:36:05 +02:00
parent 3c3f1c1a85
commit 361f862950
2 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
src/saml2/saml.py
View File

@@ -36,7 +36,14 @@ NAMEID_FORMAT_TRANSIENT = (
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient")
NAMEID_FORMAT_ENTITY = (
"urn:oasis:names:tc:SAML:2.0:nameid-format:entity")
NAMEID_FORMATS_SAML2 = (
('NAMEID_FORMAT_EMAILADDRESS', NAMEID_FORMAT_EMAILADDRESS),
('NAMEID_FORMAT_ENCRYPTED', NAMEID_FORMAT_ENCRYPTED),
('NAMEID_FORMAT_ENTITY', NAMEID_FORMAT_ENTITY),
('NAMEID_FORMAT_PERSISTENT', NAMEID_FORMAT_PERSISTENT),
('NAMEID_FORMAT_TRANSIENT', NAMEID_FORMAT_TRANSIENT),
('NAMEID_FORMAT_UNSPECIFIED', NAMEID_FORMAT_UNSPECIFIED),
)
PROFILE_ATTRIBUTE_BASIC = (
"urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic")
@@ -48,7 +55,11 @@ NAME_FORMAT_UNSPECIFIED = (
"urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")
NAME_FORMAT_URI = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
NAME_FORMAT_BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
NAME_FORMATS_SAML2 = (
('NAME_FORMAT_BASIC', NAME_FORMAT_BASIC),
('NAME_FORMAT_URI', NAME_FORMAT_URI),
('NAME_FORMAT_UNSPECIFIED', NAME_FORMAT_UNSPECIFIED),
)
DECISION_TYPE_PERMIT = "Permit"
DECISION_TYPE_DENY = "Deny"
DECISION_TYPE_INDETERMINATE = "Indeterminate"

15
src/xmldsig/__init__.py
View File

@@ -20,8 +20,15 @@ DIGEST_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#sha384'
DIGEST_SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512'
DIGEST_RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160'
digest_default = DIGEST_SHA1
DIGEST_ALLOWED_ALG = (('DIGEST_SHA1', DIGEST_SHA1),
('DIGEST_SHA224', DIGEST_SHA224),
('DIGEST_SHA256', DIGEST_SHA256),
('DIGEST_SHA384', DIGEST_SHA384),
('DIGEST_SHA512', DIGEST_SHA512),
('DIGEST_RIPEMD160', DIGEST_RIPEMD160))
DIGEST_AVAIL_ALG = DIGEST_ALLOWED_ALG + (('DIGEST_MD5', DIGEST_MD5), )
#SIG_DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'
#SIG_DSA_SHA1 = 'http,//www.w3.org/2000/09/xmldsig#dsa-sha1'
#SIG_DSA_SHA256 = 'http://www.w3.org/2009/xmldsig11#dsa-sha256'
#SIG_ECDSA_SHA1 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha1'
#SIG_ECDSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha224'
@@ -36,6 +43,12 @@ SIG_RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'
SIG_RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'
#SIG_RSA_RIPEMD160 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160'
sig_default = SIG_RSA_SHA1
SIG_ALLOWED_ALG = (('SIG_RSA_SHA1', SIG_RSA_SHA1),
('SIG_RSA_SHA224', SIG_RSA_SHA224),
('SIG_RSA_SHA256', SIG_RSA_SHA256),
('SIG_RSA_SHA384', SIG_RSA_SHA384),
('SIG_RSA_SHA512', SIG_RSA_SHA512))
SIG_AVAIL_ALG = SIG_ALLOWED_ALG + (('SIG_RSA_MD5', SIG_RSA_MD5), )
MAC_SHA1 = 'http://www.w3.org/2000/09/xmldsig#hmac-sha1'