openstack/deb-python-pysaml2
Code Issues Proposed changes

Working example with SP and IdP

Browse Source
This commit is contained in:
Roland Hedberg
2010-04-09 14:40:45 +02:00
parent 55b3f2b86b
commit 4128f54a7d
16 changed files with 821 additions and 126 deletions
Download Patch File Download Diff File Expand all files Collapse all files

161
example/attributemaps/urn:oasis:names:tc:SAML:2.0:attrname-format:basic/fro.py Normal file
View File

@@ -0,0 +1,161 @@
{
'urn:mace:dir:attribute-def:aRecord': 'aRecord',
'urn:mace:dir:attribute-def:aliasedEntryName': 'aliasedEntryName',
'urn:mace:dir:attribute-def:aliasedObjectName': 'aliasedObjectName',
'urn:mace:dir:attribute-def:associatedDomain': 'associatedDomain',
'urn:mace:dir:attribute-def:associatedName': 'associatedName',
'urn:mace:dir:attribute-def:audio': 'audio',
'urn:mace:dir:attribute-def:authorityRevocationList': 'authorityRevocationList',
'urn:mace:dir:attribute-def:buildingName': 'buildingName',
'urn:mace:dir:attribute-def:businessCategory': 'businessCategory',
'urn:mace:dir:attribute-def:c': 'c',
'urn:mace:dir:attribute-def:cACertificate': 'cACertificate',
'urn:mace:dir:attribute-def:cNAMERecord': 'cNAMERecord',
'urn:mace:dir:attribute-def:carLicense': 'carLicense',
'urn:mace:dir:attribute-def:certificateRevocationList': 'certificateRevocationList',
'urn:mace:dir:attribute-def:cn': 'cn',
'urn:mace:dir:attribute-def:co': 'co',
'urn:mace:dir:attribute-def:commonName': 'commonName',
'urn:mace:dir:attribute-def:countryName': 'countryName',
'urn:mace:dir:attribute-def:crossCertificatePair': 'crossCertificatePair',
'urn:mace:dir:attribute-def:dITRedirect': 'dITRedirect',
'urn:mace:dir:attribute-def:dSAQuality': 'dSAQuality',
'urn:mace:dir:attribute-def:dc': 'dc',
'urn:mace:dir:attribute-def:deltaRevocationList': 'deltaRevocationList',
'urn:mace:dir:attribute-def:departmentNumber': 'departmentNumber',
'urn:mace:dir:attribute-def:description': 'description',
'urn:mace:dir:attribute-def:destinationIndicator': 'destinationIndicator',
'urn:mace:dir:attribute-def:displayName': 'displayName',
'urn:mace:dir:attribute-def:distinguishedName': 'distinguishedName',
'urn:mace:dir:attribute-def:dmdName': 'dmdName',
'urn:mace:dir:attribute-def:dnQualifier': 'dnQualifier',
'urn:mace:dir:attribute-def:documentAuthor': 'documentAuthor',
'urn:mace:dir:attribute-def:documentIdentifier': 'documentIdentifier',
'urn:mace:dir:attribute-def:documentLocation': 'documentLocation',
'urn:mace:dir:attribute-def:documentPublisher': 'documentPublisher',
'urn:mace:dir:attribute-def:documentTitle': 'documentTitle',
'urn:mace:dir:attribute-def:documentVersion': 'documentVersion',
'urn:mace:dir:attribute-def:domainComponent': 'domainComponent',
'urn:mace:dir:attribute-def:drink': 'drink',
'urn:mace:dir:attribute-def:eduOrgHomePageURI': 'eduOrgHomePageURI',
'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI',
'urn:mace:dir:attribute-def:eduOrgLegalName': 'eduOrgLegalName',
'urn:mace:dir:attribute-def:eduOrgSuperiorURI': 'eduOrgSuperiorURI',
'urn:mace:dir:attribute-def:eduOrgWhitePagesURI': 'eduOrgWhitePagesURI',
'urn:mace:dir:attribute-def:eduPersonAffiliation': 'eduPersonAffiliation',
'urn:mace:dir:attribute-def:eduPersonEntitlement': 'eduPersonEntitlement',
'urn:mace:dir:attribute-def:eduPersonNickname': 'eduPersonNickname',
'urn:mace:dir:attribute-def:eduPersonOrgDN': 'eduPersonOrgDN',
'urn:mace:dir:attribute-def:eduPersonOrgUnitDN': 'eduPersonOrgUnitDN',
'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation',
'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN',
'urn:mace:dir:attribute-def:eduPersonPrincipalName': 'eduPersonPrincipalName',
'urn:mace:dir:attribute-def:eduPersonScopedAffiliation': 'eduPersonScopedAffiliation',
'urn:mace:dir:attribute-def:eduPersonTargetedID': 'eduPersonTargetedID',
'urn:mace:dir:attribute-def:email': 'email',
'urn:mace:dir:attribute-def:emailAddress': 'emailAddress',
'urn:mace:dir:attribute-def:employeeNumber': 'employeeNumber',
'urn:mace:dir:attribute-def:employeeType': 'employeeType',
'urn:mace:dir:attribute-def:enhancedSearchGuide': 'enhancedSearchGuide',
'urn:mace:dir:attribute-def:facsimileTelephoneNumber': 'facsimileTelephoneNumber',
'urn:mace:dir:attribute-def:favouriteDrink': 'favouriteDrink',
'urn:mace:dir:attribute-def:fax': 'fax',
'urn:mace:dir:attribute-def:federationFeideSchemaVersion': 'federationFeideSchemaVersion',
'urn:mace:dir:attribute-def:friendlyCountryName': 'friendlyCountryName',
'urn:mace:dir:attribute-def:generationQualifier': 'generationQualifier',
'urn:mace:dir:attribute-def:givenName': 'givenName',
'urn:mace:dir:attribute-def:gn': 'gn',
'urn:mace:dir:attribute-def:homePhone': 'homePhone',
'urn:mace:dir:attribute-def:homePostalAddress': 'homePostalAddress',
'urn:mace:dir:attribute-def:homeTelephoneNumber': 'homeTelephoneNumber',
'urn:mace:dir:attribute-def:host': 'host',
'urn:mace:dir:attribute-def:houseIdentifier': 'houseIdentifier',
'urn:mace:dir:attribute-def:info': 'info',
'urn:mace:dir:attribute-def:initials': 'initials',
'urn:mace:dir:attribute-def:internationaliSDNNumber': 'internationaliSDNNumber',
'urn:mace:dir:attribute-def:janetMailbox': 'janetMailbox',
'urn:mace:dir:attribute-def:jpegPhoto': 'jpegPhoto',
'urn:mace:dir:attribute-def:knowledgeInformation': 'knowledgeInformation',
'urn:mace:dir:attribute-def:l': 'l',
'urn:mace:dir:attribute-def:labeledURI': 'labeledURI',
'urn:mace:dir:attribute-def:localityName': 'localityName',
'urn:mace:dir:attribute-def:mDRecord': 'mDRecord',
'urn:mace:dir:attribute-def:mXRecord': 'mXRecord',
'urn:mace:dir:attribute-def:mail': 'mail',
'urn:mace:dir:attribute-def:mailPreferenceOption': 'mailPreferenceOption',
'urn:mace:dir:attribute-def:manager': 'manager',
'urn:mace:dir:attribute-def:member': 'member',
'urn:mace:dir:attribute-def:mobile': 'mobile',
'urn:mace:dir:attribute-def:mobileTelephoneNumber': 'mobileTelephoneNumber',
'urn:mace:dir:attribute-def:nSRecord': 'nSRecord',
'urn:mace:dir:attribute-def:name': 'name',
'urn:mace:dir:attribute-def:norEduOrgAcronym': 'norEduOrgAcronym',
'urn:mace:dir:attribute-def:norEduOrgNIN': 'norEduOrgNIN',
'urn:mace:dir:attribute-def:norEduOrgSchemaVersion': 'norEduOrgSchemaVersion',
'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier',
'urn:mace:dir:attribute-def:norEduOrgUniqueNumber': 'norEduOrgUniqueNumber',
'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier',
'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber',
'urn:mace:dir:attribute-def:norEduPersonBirthDate': 'norEduPersonBirthDate',
'urn:mace:dir:attribute-def:norEduPersonLIN': 'norEduPersonLIN',
'urn:mace:dir:attribute-def:norEduPersonNIN': 'norEduPersonNIN',
'urn:mace:dir:attribute-def:o': 'o',
'urn:mace:dir:attribute-def:objectClass': 'objectClass',
'urn:mace:dir:attribute-def:organizationName': 'organizationName',
'urn:mace:dir:attribute-def:organizationalStatus': 'organizationalStatus',
'urn:mace:dir:attribute-def:organizationalUnitName': 'organizationalUnitName',
'urn:mace:dir:attribute-def:otherMailbox': 'otherMailbox',
'urn:mace:dir:attribute-def:ou': 'ou',
'urn:mace:dir:attribute-def:owner': 'owner',
'urn:mace:dir:attribute-def:pager': 'pager',
'urn:mace:dir:attribute-def:pagerTelephoneNumber': 'pagerTelephoneNumber',
'urn:mace:dir:attribute-def:personalSignature': 'personalSignature',
'urn:mace:dir:attribute-def:personalTitle': 'personalTitle',
'urn:mace:dir:attribute-def:photo': 'photo',
'urn:mace:dir:attribute-def:physicalDeliveryOfficeName': 'physicalDeliveryOfficeName',
'urn:mace:dir:attribute-def:pkcs9email': 'pkcs9email',
'urn:mace:dir:attribute-def:postOfficeBox': 'postOfficeBox',
'urn:mace:dir:attribute-def:postalAddress': 'postalAddress',
'urn:mace:dir:attribute-def:postalCode': 'postalCode',
'urn:mace:dir:attribute-def:preferredDeliveryMethod': 'preferredDeliveryMethod',
'urn:mace:dir:attribute-def:preferredLanguage': 'preferredLanguage',
'urn:mace:dir:attribute-def:presentationAddress': 'presentationAddress',
'urn:mace:dir:attribute-def:protocolInformation': 'protocolInformation',
'urn:mace:dir:attribute-def:pseudonym': 'pseudonym',
'urn:mace:dir:attribute-def:registeredAddress': 'registeredAddress',
'urn:mace:dir:attribute-def:rfc822Mailbox': 'rfc822Mailbox',
'urn:mace:dir:attribute-def:roleOccupant': 'roleOccupant',
'urn:mace:dir:attribute-def:roomNumber': 'roomNumber',
'urn:mace:dir:attribute-def:sOARecord': 'sOARecord',
'urn:mace:dir:attribute-def:searchGuide': 'searchGuide',
'urn:mace:dir:attribute-def:secretary': 'secretary',
'urn:mace:dir:attribute-def:seeAlso': 'seeAlso',
'urn:mace:dir:attribute-def:serialNumber': 'serialNumber',
'urn:mace:dir:attribute-def:singleLevelQuality': 'singleLevelQuality',
'urn:mace:dir:attribute-def:sn': 'sn',
'urn:mace:dir:attribute-def:st': 'st',
'urn:mace:dir:attribute-def:stateOrProvinceName': 'stateOrProvinceName',
'urn:mace:dir:attribute-def:street': 'street',
'urn:mace:dir:attribute-def:streetAddress': 'streetAddress',
'urn:mace:dir:attribute-def:subtreeMaximumQuality': 'subtreeMaximumQuality',
'urn:mace:dir:attribute-def:subtreeMinimumQuality': 'subtreeMinimumQuality',
'urn:mace:dir:attribute-def:supportedAlgorithms': 'supportedAlgorithms',
'urn:mace:dir:attribute-def:supportedApplicationContext': 'supportedApplicationContext',
'urn:mace:dir:attribute-def:surname': 'surname',
'urn:mace:dir:attribute-def:telephoneNumber': 'telephoneNumber',
'urn:mace:dir:attribute-def:teletexTerminalIdentifier': 'teletexTerminalIdentifier',
'urn:mace:dir:attribute-def:telexNumber': 'telexNumber',
'urn:mace:dir:attribute-def:textEncodedORAddress': 'textEncodedORAddress',
'urn:mace:dir:attribute-def:title': 'title',
'urn:mace:dir:attribute-def:uid': 'uid',
'urn:mace:dir:attribute-def:uniqueIdentifier': 'uniqueIdentifier',
'urn:mace:dir:attribute-def:uniqueMember': 'uniqueMember',
'urn:mace:dir:attribute-def:userCertificate': 'userCertificate',
'urn:mace:dir:attribute-def:userClass': 'userClass',
'urn:mace:dir:attribute-def:userPKCS12': 'userPKCS12',
'urn:mace:dir:attribute-def:userPassword': 'userPassword',
'urn:mace:dir:attribute-def:userSMIMECertificate': 'userSMIMECertificate',
'urn:mace:dir:attribute-def:userid': 'userid',
'urn:mace:dir:attribute-def:x121Address': 'x121Address',
'urn:mace:dir:attribute-def:x500UniqueIdentifier': 'x500UniqueIdentifier',
}

161
example/attributemaps/urn:oasis:names:tc:SAML:2.0:attrname-format:basic/to.py Normal file
View File

@@ -0,0 +1,161 @@
{
'aRecord': 'urn:mace:dir:attribute-def:aRecord',
'aliasedEntryName': 'urn:mace:dir:attribute-def:aliasedEntryName',
'aliasedObjectName': 'urn:mace:dir:attribute-def:aliasedObjectName',
'associatedDomain': 'urn:mace:dir:attribute-def:associatedDomain',
'associatedName': 'urn:mace:dir:attribute-def:associatedName',
'audio': 'urn:mace:dir:attribute-def:audio',
'authorityRevocationList': 'urn:mace:dir:attribute-def:authorityRevocationList',
'buildingName': 'urn:mace:dir:attribute-def:buildingName',
'businessCategory': 'urn:mace:dir:attribute-def:businessCategory',
'c': 'urn:mace:dir:attribute-def:c',
'cACertificate': 'urn:mace:dir:attribute-def:cACertificate',
'cNAMERecord': 'urn:mace:dir:attribute-def:cNAMERecord',
'carLicense': 'urn:mace:dir:attribute-def:carLicense',
'certificateRevocationList': 'urn:mace:dir:attribute-def:certificateRevocationList',
'cn': 'urn:mace:dir:attribute-def:cn',
'co': 'urn:mace:dir:attribute-def:co',
'commonName': 'urn:mace:dir:attribute-def:commonName',
'countryName': 'urn:mace:dir:attribute-def:countryName',
'crossCertificatePair': 'urn:mace:dir:attribute-def:crossCertificatePair',
'dITRedirect': 'urn:mace:dir:attribute-def:dITRedirect',
'dSAQuality': 'urn:mace:dir:attribute-def:dSAQuality',
'dc': 'urn:mace:dir:attribute-def:dc',
'deltaRevocationList': 'urn:mace:dir:attribute-def:deltaRevocationList',
'departmentNumber': 'urn:mace:dir:attribute-def:departmentNumber',
'description': 'urn:mace:dir:attribute-def:description',
'destinationIndicator': 'urn:mace:dir:attribute-def:destinationIndicator',
'displayName': 'urn:mace:dir:attribute-def:displayName',
'distinguishedName': 'urn:mace:dir:attribute-def:distinguishedName',
'dmdName': 'urn:mace:dir:attribute-def:dmdName',
'dnQualifier': 'urn:mace:dir:attribute-def:dnQualifier',
'documentAuthor': 'urn:mace:dir:attribute-def:documentAuthor',
'documentIdentifier': 'urn:mace:dir:attribute-def:documentIdentifier',
'documentLocation': 'urn:mace:dir:attribute-def:documentLocation',
'documentPublisher': 'urn:mace:dir:attribute-def:documentPublisher',
'documentTitle': 'urn:mace:dir:attribute-def:documentTitle',
'documentVersion': 'urn:mace:dir:attribute-def:documentVersion',
'domainComponent': 'urn:mace:dir:attribute-def:domainComponent',
'drink': 'urn:mace:dir:attribute-def:drink',
'eduOrgHomePageURI': 'urn:mace:dir:attribute-def:eduOrgHomePageURI',
'eduOrgIdentityAuthNPolicyURI': 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI',
'eduOrgLegalName': 'urn:mace:dir:attribute-def:eduOrgLegalName',
'eduOrgSuperiorURI': 'urn:mace:dir:attribute-def:eduOrgSuperiorURI',
'eduOrgWhitePagesURI': 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI',
'eduPersonAffiliation': 'urn:mace:dir:attribute-def:eduPersonAffiliation',
'eduPersonEntitlement': 'urn:mace:dir:attribute-def:eduPersonEntitlement',
'eduPersonNickname': 'urn:mace:dir:attribute-def:eduPersonNickname',
'eduPersonOrgDN': 'urn:mace:dir:attribute-def:eduPersonOrgDN',
'eduPersonOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN',
'eduPersonPrimaryAffiliation': 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation',
'eduPersonPrimaryOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN',
'eduPersonPrincipalName': 'urn:mace:dir:attribute-def:eduPersonPrincipalName',
'eduPersonScopedAffiliation': 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation',
'eduPersonTargetedID': 'urn:mace:dir:attribute-def:eduPersonTargetedID',
'email': 'urn:mace:dir:attribute-def:email',
'emailAddress': 'urn:mace:dir:attribute-def:emailAddress',
'employeeNumber': 'urn:mace:dir:attribute-def:employeeNumber',
'employeeType': 'urn:mace:dir:attribute-def:employeeType',
'enhancedSearchGuide': 'urn:mace:dir:attribute-def:enhancedSearchGuide',
'facsimileTelephoneNumber': 'urn:mace:dir:attribute-def:facsimileTelephoneNumber',
'favouriteDrink': 'urn:mace:dir:attribute-def:favouriteDrink',
'fax': 'urn:mace:dir:attribute-def:fax',
'federationFeideSchemaVersion': 'urn:mace:dir:attribute-def:federationFeideSchemaVersion',
'friendlyCountryName': 'urn:mace:dir:attribute-def:friendlyCountryName',
'generationQualifier': 'urn:mace:dir:attribute-def:generationQualifier',
'givenName': 'urn:mace:dir:attribute-def:givenName',
'gn': 'urn:mace:dir:attribute-def:gn',
'homePhone': 'urn:mace:dir:attribute-def:homePhone',
'homePostalAddress': 'urn:mace:dir:attribute-def:homePostalAddress',
'homeTelephoneNumber': 'urn:mace:dir:attribute-def:homeTelephoneNumber',
'host': 'urn:mace:dir:attribute-def:host',
'houseIdentifier': 'urn:mace:dir:attribute-def:houseIdentifier',
'info': 'urn:mace:dir:attribute-def:info',
'initials': 'urn:mace:dir:attribute-def:initials',
'internationaliSDNNumber': 'urn:mace:dir:attribute-def:internationaliSDNNumber',
'janetMailbox': 'urn:mace:dir:attribute-def:janetMailbox',
'jpegPhoto': 'urn:mace:dir:attribute-def:jpegPhoto',
'knowledgeInformation': 'urn:mace:dir:attribute-def:knowledgeInformation',
'l': 'urn:mace:dir:attribute-def:l',
'labeledURI': 'urn:mace:dir:attribute-def:labeledURI',
'localityName': 'urn:mace:dir:attribute-def:localityName',
'mDRecord': 'urn:mace:dir:attribute-def:mDRecord',
'mXRecord': 'urn:mace:dir:attribute-def:mXRecord',
'mail': 'urn:mace:dir:attribute-def:mail',
'mailPreferenceOption': 'urn:mace:dir:attribute-def:mailPreferenceOption',
'manager': 'urn:mace:dir:attribute-def:manager',
'member': 'urn:mace:dir:attribute-def:member',
'mobile': 'urn:mace:dir:attribute-def:mobile',
'mobileTelephoneNumber': 'urn:mace:dir:attribute-def:mobileTelephoneNumber',
'nSRecord': 'urn:mace:dir:attribute-def:nSRecord',
'name': 'urn:mace:dir:attribute-def:name',
'norEduOrgAcronym': 'urn:mace:dir:attribute-def:norEduOrgAcronym',
'norEduOrgNIN': 'urn:mace:dir:attribute-def:norEduOrgNIN',
'norEduOrgSchemaVersion': 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion',
'norEduOrgUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier',
'norEduOrgUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber',
'norEduOrgUnitUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier',
'norEduOrgUnitUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber',
'norEduPersonBirthDate': 'urn:mace:dir:attribute-def:norEduPersonBirthDate',
'norEduPersonLIN': 'urn:mace:dir:attribute-def:norEduPersonLIN',
'norEduPersonNIN': 'urn:mace:dir:attribute-def:norEduPersonNIN',
'o': 'urn:mace:dir:attribute-def:o',
'objectClass': 'urn:mace:dir:attribute-def:objectClass',
'organizationName': 'urn:mace:dir:attribute-def:organizationName',
'organizationalStatus': 'urn:mace:dir:attribute-def:organizationalStatus',
'organizationalUnitName': 'urn:mace:dir:attribute-def:organizationalUnitName',
'otherMailbox': 'urn:mace:dir:attribute-def:otherMailbox',
'ou': 'urn:mace:dir:attribute-def:ou',
'owner': 'urn:mace:dir:attribute-def:owner',
'pager': 'urn:mace:dir:attribute-def:pager',
'pagerTelephoneNumber': 'urn:mace:dir:attribute-def:pagerTelephoneNumber',
'personalSignature': 'urn:mace:dir:attribute-def:personalSignature',
'personalTitle': 'urn:mace:dir:attribute-def:personalTitle',
'photo': 'urn:mace:dir:attribute-def:photo',
'physicalDeliveryOfficeName': 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName',
'pkcs9email': 'urn:mace:dir:attribute-def:pkcs9email',
'postOfficeBox': 'urn:mace:dir:attribute-def:postOfficeBox',
'postalAddress': 'urn:mace:dir:attribute-def:postalAddress',
'postalCode': 'urn:mace:dir:attribute-def:postalCode',
'preferredDeliveryMethod': 'urn:mace:dir:attribute-def:preferredDeliveryMethod',
'preferredLanguage': 'urn:mace:dir:attribute-def:preferredLanguage',
'presentationAddress': 'urn:mace:dir:attribute-def:presentationAddress',
'protocolInformation': 'urn:mace:dir:attribute-def:protocolInformation',
'pseudonym': 'urn:mace:dir:attribute-def:pseudonym',
'registeredAddress': 'urn:mace:dir:attribute-def:registeredAddress',
'rfc822Mailbox': 'urn:mace:dir:attribute-def:rfc822Mailbox',
'roleOccupant': 'urn:mace:dir:attribute-def:roleOccupant',
'roomNumber': 'urn:mace:dir:attribute-def:roomNumber',
'sOARecord': 'urn:mace:dir:attribute-def:sOARecord',
'searchGuide': 'urn:mace:dir:attribute-def:searchGuide',
'secretary': 'urn:mace:dir:attribute-def:secretary',
'seeAlso': 'urn:mace:dir:attribute-def:seeAlso',
'serialNumber': 'urn:mace:dir:attribute-def:serialNumber',
'singleLevelQuality': 'urn:mace:dir:attribute-def:singleLevelQuality',
'sn': 'urn:mace:dir:attribute-def:sn',
'st': 'urn:mace:dir:attribute-def:st',
'stateOrProvinceName': 'urn:mace:dir:attribute-def:stateOrProvinceName',
'street': 'urn:mace:dir:attribute-def:street',
'streetAddress': 'urn:mace:dir:attribute-def:streetAddress',
'subtreeMaximumQuality': 'urn:mace:dir:attribute-def:subtreeMaximumQuality',
'subtreeMinimumQuality': 'urn:mace:dir:attribute-def:subtreeMinimumQuality',
'supportedAlgorithms': 'urn:mace:dir:attribute-def:supportedAlgorithms',
'supportedApplicationContext': 'urn:mace:dir:attribute-def:supportedApplicationContext',
'surname': 'urn:mace:dir:attribute-def:surname',
'telephoneNumber': 'urn:mace:dir:attribute-def:telephoneNumber',
'teletexTerminalIdentifier': 'urn:mace:dir:attribute-def:teletexTerminalIdentifier',
'telexNumber': 'urn:mace:dir:attribute-def:telexNumber',
'textEncodedORAddress': 'urn:mace:dir:attribute-def:textEncodedORAddress',
'title': 'urn:mace:dir:attribute-def:title',
'uid': 'urn:mace:dir:attribute-def:uid',
'uniqueIdentifier': 'urn:mace:dir:attribute-def:uniqueIdentifier',
'uniqueMember': 'urn:mace:dir:attribute-def:uniqueMember',
'userCertificate': 'urn:mace:dir:attribute-def:userCertificate',
'userClass': 'urn:mace:dir:attribute-def:userClass',
'userPKCS12': 'urn:mace:dir:attribute-def:userPKCS12',
'userPassword': 'urn:mace:dir:attribute-def:userPassword',
'userSMIMECertificate': 'urn:mace:dir:attribute-def:userSMIMECertificate',
'userid': 'urn:mace:dir:attribute-def:userid',
'x121Address': 'urn:mace:dir:attribute-def:x121Address',
'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier',
}

154
example/attributemaps/urn:oasis:names:tc:SAML:2.0:attrname-format:uri/fro.py Normal file
View File

@@ -0,0 +1,154 @@
{
'urn:oid:1.3.6.1.4.1.5923.1.1.1.2': 'eduPersonNickname',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.9': 'eduPersonScopedAffiliation',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.11': 'eduPersonAssurance',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.10': 'eduPersonTargetedID',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.4': 'eduPersonOrgUnitDN',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.1': 'eduPersonAffiliation',
'urn:oid:2.16.840.1.113730.3.1.40': 'userSMIMECertificate',
'urn:oid:2.16.840.1.113730.3.1.241': 'displayName',
'urn:oid:0.9.2342.19200300.100.1.37': 'associatedDomain',
'urn:oid:0.9.2342.19200300.100.1.1': "uid",
'urn:oid:1.3.6.1.4.1.5923.1.1.1.6': 'eduPersonPrincipalName',
'urn:oid:2.5.4.53': 'deltaRevocationList',
'urn:oid:2.5.4.52': 'supportedAlgorithms',
'urn:oid:2.5.4.51': 'houseIdentifier',
'urn:oid:2.5.4.50': 'uniqueMember',
'urn:oid:2.5.4.19': 'physicalDeliveryOfficeName',
'urn:oid:2.5.4.18': 'postOfficeBox',
'urn:oid:2.5.4.17': 'postalCode',
'urn:oid:2.5.4.16': 'postalAddress',
'urn:oid:2.5.4.15': 'businessCategory',
'urn:oid:2.5.4.14': 'searchGuide',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.5': 'eduPersonPrimaryAffiliation',
'urn:oid:2.5.4.12': 'title',
'urn:oid:2.5.4.11': 'ou',
'urn:oid:2.5.4.10': 'o',
'urn:oid:2.5.4.37': 'cACertificate',
'urn:oid:2.5.4.36': 'userCertificate',
'urn:oid:2.5.4.31': 'member',
'urn:oid:2.5.4.30': 'supportedApplicationContext',
'urn:oid:2.5.4.33': 'roleOccupant',
'urn:oid:2.5.4.32': 'owner',
'urn:oid:2.16.840.1.113730.3.1.1': 'carLicense',
'urn:oid:1.2.840.113549.1.9.1': 'email',
'urn:oid:2.16.840.1.113730.3.1.3': 'employeeNumber',
'urn:oid:2.16.840.1.113730.3.1.2': 'departmentNumber',
'urn:oid:2.5.4.39': 'certificateRevocationList',
'urn:oid:2.5.4.38': 'authorityRevocationList',
'urn:oid:2.16.840.1.113730.3.1.216': 'userPKCS12',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.8': 'eduPersonPrimaryOrgUnitDN',
'urn:oid:2.5.4.9': 'street',
'urn:oid:2.5.4.8': 'st',
'urn:oid:2.16.840.1.113730.3.1.39': 'preferredLanguage',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.7': 'eduPersonEntitlement',
'urn:oid:2.5.4.2': 'knowledgeInformation',
'urn:oid:2.5.4.7': 'l',
'urn:oid:2.5.4.6': 'c',
'urn:oid:2.5.4.5': 'serialNumber',
'urn:oid:2.5.4.4': 'sn',
'urn:oid:0.9.2342.19200300.100.1.60': 'jpegPhoto',
'urn:oid:2.5.4.65': 'pseudonym',
'urn:oid:0.9.2342.19200300.100.1.3': 'mail',
'urn:oid:0.9.2342.19200300.100.1.25': 'dc',
'urn:oid:2.5.4.40': 'crossCertificatePair',
'urn:oid:2.5.4.42': 'givenName',
'urn:oid:2.5.4.43': 'initials',
'urn:oid:2.5.4.44': 'generationQualifier',
'urn:oid:2.5.4.45': 'x500UniqueIdentifier',
'urn:oid:2.5.4.46': 'dnQualifier',
'urn:oid:2.5.4.47': 'enhancedSearchGuide',
'urn:oid:2.5.4.48': 'protocolInformation',
'urn:oid:2.5.4.54': 'dmdName',
'urn:oid:2.16.840.1.113730.3.1.4': 'employeeType',
'urn:oid:2.5.4.22': 'teletexTerminalIdentifier',
'urn:oid:2.5.4.23': 'facsimileTelephoneNumber',
'urn:oid:2.5.4.20': 'telephoneNumber',
'urn:oid:2.5.4.21': 'telexNumber',
'urn:oid:2.5.4.26': 'registeredAddress',
'urn:oid:2.5.4.27': 'destinationIndicator',
'urn:oid:2.5.4.24': 'x121Address',
'urn:oid:2.5.4.25': 'internationaliSDNNumber',
'urn:oid:2.5.4.28': 'preferredDeliveryMethod',
'urn:oid:2.5.4.29': 'presentationAddress',
# noredu
'urn:oid:1.3.6.1.4.1.5923.1.1.1.3': 'eduPersonOrgDN',
'urn:oid:1.3.6.1.4.1.2428.90.1.8': 'norEduOrgUnitUniqueIdentifier',
'urn:oid:1.3.6.1.4.1.2428.90.1.9': 'federationFeideSchemaVersion',
'urn:oid:1.3.6.1.4.1.2428.90.1.6': 'norEduOrgAcronym',
'urn:oid:1.3.6.1.4.1.2428.90.1.7': 'norEduOrgUniqueIdentifier',
'urn:oid:1.3.6.1.4.1.2428.90.1.4': 'norEduPersonLIN',
'urn:oid:1.3.6.1.4.1.2428.90.1.5': 'norEduPersonNIN',
'urn:oid:1.3.6.1.4.1.2428.90.1.2': 'norEduOrgUnitUniqueNumber',
'urn:oid:1.3.6.1.4.1.2428.90.1.3': 'norEduPersonBirthDate',
'urn:oid:1.3.6.1.4.1.2428.90.1.1': 'norEduOrgUniqueNumber',
# schac
'urn:oid:1.3.6.1.4.1.25178.1.2.14': 'schacPersonalUniqueCode',
'urn:oid:1.3.6.1.4.1.25178.1.2.15': 'schacPersonalUniqueID',
'urn:oid:1.3.6.1.4.1.25178.1.2.16': 'schacUUID',
'urn:oid:1.3.6.1.4.1.25178.1.2.17': 'schacExpiryDate',
'urn:oid:1.3.6.1.4.1.25178.1.2.10': 'schacHomeOrganizationType',
'urn:oid:1.3.6.1.4.1.25178.1.2.12': 'schacUserPresenceID',
'urn:oid:1.3.6.1.4.1.25178.1.2.13': 'schacPersonalPosition',
'urn:oid:1.3.6.1.4.1.25178.1.2.18': 'schacUserPrivateAttribute',
'urn:oid:1.3.6.1.4.1.25178.1.2.19': 'schacUserStatus',
'urn:oid:1.3.6.1.4.1.25178.1.2.11': 'schacCountryOfResidence',
'urn:oid:1.3.6.1.4.1.25178.1.2.5': 'schacCountryOfCitizenship',
'urn:oid:1.3.6.1.4.1.25178.1.2.2': 'schacGender',
'urn:oid:1.3.6.1.4.1.25178.1.2.3': 'schacDateOfBirth',
'urn:oid:1.3.6.1.4.1.25178.1.2.1': 'schacMotherTongue',
'urn:oid:1.3.6.1.4.1.25178.1.2.6': 'schacSn1',
'urn:oid:1.3.6.1.4.1.25178.1.2.7': 'schacSn2',
'urn:oid:1.3.6.1.4.1.25178.1.2.4': 'schacPlaceOfBirth',
'urn:oid:1.3.6.1.4.1.25178.1.2.8': 'schacPersonalTitle',
'urn:oid:1.3.6.1.4.1.25178.1.2.9': 'schacHomeOrganization',
# umuse
'urn:oid:1.2.752.17.6.1.37': 'umuSeCourseDN',
'urn:oid:1.2.752.17.6.1.36': 'umuSeCourseSemester',
'urn:oid:1.2.752.17.6.1.22': 'umuSeChildLIN',
'urn:oid:1.2.752.17.6.1.23': 'umuSePersonEmploymentFrom',
'urn:oid:1.2.752.17.6.1.20': 'umuSeLIN',
'urn:oid:1.2.752.17.6.1.21': 'umuSeParentLIN',
'urn:oid:1.2.752.17.6.1.26': 'umuSeOrgUnitNumber',
'urn:oid:1.2.752.17.6.1.27': 'umuSeFormalName',
'urn:oid:1.2.752.17.6.1.24': 'umuSePersonEmploymentTo',
'urn:oid:1.2.752.17.6.1.25': 'umuSePersonEmploymentPost',
'urn:oid:1.2.752.17.6.1.28': 'umuSeID',
'urn:oid:1.2.752.17.6.1.29': 'umuSeAffiliatedToLIN',
'urn:oid:1.2.752.17.6.1.3': 'umuSePersonCardSIS',
'urn:oid:1.2.752.17.6.1.2': 'umuSePersonCardNr',
'urn:oid:1.2.752.17.6.1.1': 'umuSePersonPrivacy',
'urn:oid:1.2.752.17.6.1.7': 'umuSeSMSNumber',
'urn:oid:1.2.752.17.6.1.6': 'umuSePersonHomeMobile',
'urn:oid:1.2.752.17.6.1.5': 'umuSePersonPrimaryCampus',
'urn:oid:1.2.752.17.6.1.4': 'umuSePersonCampus',
'urn:oid:1.2.752.17.6.1.9': 'umuSePersonResearch',
'urn:oid:1.2.752.17.6.1.8': 'umuSePersonInstantMessage',
'urn:oid:1.2.752.17.6.1.45': 'umuSeCourseRegId',
'urn:oid:1.2.752.17.6.1.17': 'umuSeOrgUnitType',
'urn:oid:1.2.752.17.6.1.16': 'umuSeOrgUnitChild',
'urn:oid:1.2.752.17.6.1.33': 'umuSeMemberLIN',
'urn:oid:1.2.752.17.6.1.14': 'umuSePersonEmploymentStatusCode',
'urn:oid:1.2.752.17.6.1.13': 'umuSePersonEmploymentStatus',
'urn:oid:1.2.752.17.6.1.12': 'umuSePersonEmploymentType',
'urn:oid:1.2.752.17.6.1.11': 'umuSePersonAlternateContact',
'urn:oid:1.2.752.17.6.1.10': 'umuSePersonExpertise',
'urn:oid:1.2.752.17.6.1.39': 'umuSeCourseInstAccId',
'urn:oid:1.2.752.17.6.1.38': 'umuSeCourseOrgUnitDN',
'urn:oid:1.2.752.17.6.1.19': 'umuSePersonEmploymentExtent',
'urn:oid:1.2.752.17.6.1.18': 'umuSePersonSpokenName',
'urn:oid:1.2.752.17.6.1.44': 'passportIssuingCountry',
'urn:oid:1.2.752.17.6.1.31': 'umuSeValidTo',
'urn:oid:1.2.752.17.6.1.46': 'umuSeCareOf',
'urn:oid:1.2.752.17.6.1.47': 'umuSeAlternateTelephoneNumber',
'urn:oid:1.2.752.17.6.1.40': 'umuSeCourseInstRegId',
'urn:oid:1.2.752.17.6.1.41': 'umuSePersonnelLIN',
'urn:oid:1.2.752.17.6.1.42': 'umuSeOrgType',
'urn:oid:1.2.752.17.6.1.30': 'umuSeAccountNumber',
'urn:oid:1.2.752.17.6.1.43': 'passportNumber',
'urn:oid:1.2.752.17.6.1.48': 'umuSeLabeledDN',
'urn:oid:1.2.752.17.6.1.49': 'umuSePrimaryMail',
'urn:oid:1.2.752.17.6.1.32': 'umuSeValidFrom',
'urn:oid:1.2.752.17.6.1.35': 'umuSeCourseInstId',
'urn:oid:1.2.752.17.6.1.34': 'umuSeCourseId',
}

170
example/attributemaps/urn:oasis:names:tc:SAML:2.0:attrname-format:uri/to.py Normal file
View File

@@ -0,0 +1,170 @@
{
'roleOccupant': 'urn:oid:2.5.4.33',
'gn': 'urn:oid:2.5.4.42',
'title': 'urn:oid:2.5.4.12',
'facsimileTelephoneNumber': 'urn:oid:2.5.4.23',
'mail': 'urn:oid:0.9.2342.19200300.100.1.3',
'postOfficeBox': 'urn:oid:2.5.4.18',
'fax': 'urn:oid:2.5.4.23',
'telephoneNumber': 'urn:oid:2.5.4.20',
'rfc822Mailbox': 'urn:oid:0.9.2342.19200300.100.1.3',
'dc': 'urn:oid:0.9.2342.19200300.100.1.25',
'countryName': 'urn:oid:2.5.4.6',
'emailAddress': 'urn:oid:1.2.840.113549.1.9.1',
'employeeNumber': 'urn:oid:2.16.840.1.113730.3.1.3',
'organizationName': 'urn:oid:2.5.4.10',
'eduPersonAssurance': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.11',
'registeredAddress': 'urn:oid:2.5.4.26',
'physicalDeliveryOfficeName': 'urn:oid:2.5.4.19',
'associatedDomain': 'urn:oid:0.9.2342.19200300.100.1.37',
'l': 'urn:oid:2.5.4.7',
'stateOrProvinceName': 'urn:oid:2.5.4.8',
'pkcs9email': 'urn:oid:1.2.840.113549.1.9.1',
'givenName': 'urn:oid:2.5.4.42',
'givenname': 'urn:oid:2.5.4.42',
'x500UniqueIdentifier': 'urn:oid:2.5.4.45',
'eduPersonNickname': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.2',
'houseIdentifier': 'urn:oid:2.5.4.51',
'street': 'urn:oid:2.5.4.9',
'supportedAlgorithms': 'urn:oid:2.5.4.52',
'preferredLanguage': 'urn:oid:2.16.840.1.113730.3.1.39',
'postalAddress': 'urn:oid:2.5.4.16',
'email': 'urn:oid:1.2.840.113549.1.9.1',
'eduPersonPrimaryOrgUnitDN': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.8',
'c': 'urn:oid:2.5.4.6',
'teletexTerminalIdentifier': 'urn:oid:2.5.4.22',
'o': 'urn:oid:2.5.4.10',
'cACertificate': 'urn:oid:2.5.4.37',
'telexNumber': 'urn:oid:2.5.4.21',
'ou': 'urn:oid:2.5.4.11',
'initials': 'urn:oid:2.5.4.43',
'uid': '0.9.2342.19200300.100.1.1',
'userid': '0.9.2342.19200300.100.1.1',
'eduPersonOrgUnitDN': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.4',
'deltaRevocationList': 'urn:oid:2.5.4.53',
'supportedApplicationContext': 'urn:oid:2.5.4.30',
'eduPersonEntitlement': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.7',
'generationQualifier': 'urn:oid:2.5.4.44',
'eduPersonAffiliation': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1',
'edupersonaffiliation': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1',
'eduPersonPrincipalName': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6',
'localityName': 'urn:oid:2.5.4.7',
'owner': 'urn:oid:2.5.4.32',
'searchGuide': 'urn:oid:2.5.4.14',
'certificateRevocationList': 'urn:oid:2.5.4.39',
'organizationalUnitName': 'urn:oid:2.5.4.11',
'userCertificate': 'urn:oid:2.5.4.36',
'preferredDeliveryMethod': 'urn:oid:2.5.4.28',
'internationaliSDNNumber': 'urn:oid:2.5.4.25',
'uniqueMember': 'urn:oid:2.5.4.50',
'departmentNumber': 'urn:oid:2.16.840.1.113730.3.1.2',
'enhancedSearchGuide': 'urn:oid:2.5.4.47',
'userPKCS12': 'urn:oid:2.16.840.1.113730.3.1.216',
'eduPersonTargetedID': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10',
'x121Address': 'urn:oid:2.5.4.24',
'destinationIndicator': 'urn:oid:2.5.4.27',
'eduPersonPrimaryAffiliation': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.5',
'surname': 'urn:oid:2.5.4.4',
'jpegPhoto': 'urn:oid:0.9.2342.19200300.100.1.60',
'eduPersonScopedAffiliation': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.9',
'protocolInformation': 'urn:oid:2.5.4.48',
'knowledgeInformation': 'urn:oid:2.5.4.2',
'employeeType': 'urn:oid:2.16.840.1.113730.3.1.4',
'userSMIMECertificate': 'urn:oid:2.16.840.1.113730.3.1.40',
'member': 'urn:oid:2.5.4.31',
'streetAddress': 'urn:oid:2.5.4.9',
'dmdName': 'urn:oid:2.5.4.54',
'postalCode': 'urn:oid:2.5.4.17',
'pseudonym': 'urn:oid:2.5.4.65',
'dnQualifier': 'urn:oid:2.5.4.46',
'crossCertificatePair': 'urn:oid:2.5.4.40',
'eduPersonOrgDN': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.3',
'authorityRevocationList': 'urn:oid:2.5.4.38',
'displayName': 'urn:oid:2.16.840.1.113730.3.1.241',
'businessCategory': 'urn:oid:2.5.4.15',
'serialNumber': 'urn:oid:2.5.4.5',
'st': 'urn:oid:2.5.4.8',
'carLicense': 'urn:oid:2.16.840.1.113730.3.1.1',
'presentationAddress': 'urn:oid:2.5.4.29',
'sn': 'urn:oid:2.5.4.4',
'domainComponent': 'urn:oid:0.9.2342.19200300.100.1.25',
# noredu
'norEduOrgUniqueNumber': 'urn:oid:1.3.6.1.4.1.2428.90.1.1',
'norEduPersonBirthDate': 'urn:oid:1.3.6.1.4.1.2428.90.1.3',
'norEduPersonLIN': 'urn:oid:1.3.6.1.4.1.2428.90.1.4',
'norEduOrgUniqueIdentifier': 'urn:oid:1.3.6.1.4.1.2428.90.1.7',
'federationFeideSchemaVersion': 'urn:oid:1.3.6.1.4.1.2428.90.1.9',
'norEduOrgUnitUniqueIdentifier': 'urn:oid:1.3.6.1.4.1.2428.90.1.8',
'norEduOrgUnitUniqueNumber': 'urn:oid:1.3.6.1.4.1.2428.90.1.2',
'norEduPersonNIN': 'urn:oid:1.3.6.1.4.1.2428.90.1.5',
'norEduOrgAcronym': 'urn:oid:1.3.6.1.4.1.2428.90.1.6',
# schac
'schacPersonalUniqueID': 'urn:oid:1.3.6.1.4.1.25178.1.2.15',
'schacUUID': 'urn:oid:1.3.6.1.4.1.25178.1.2.16',
'schacCountryOfResidence': 'urn:oid:1.3.6.1.4.1.25178.1.2.11',
'schacPersonalPosition': 'urn:oid:1.3.6.1.4.1.25178.1.2.13',
'schacHomeOrganization': 'urn:oid:1.3.6.1.4.1.25178.1.2.9',
'schacExpiryDate': 'urn:oid:1.3.6.1.4.1.25178.1.2.17',
'schacCountryOfCitizenship': 'urn:oid:1.3.6.1.4.1.25178.1.2.5',
'schacPersonalUniqueCode': 'urn:oid:1.3.6.1.4.1.25178.1.2.14',
'schacUserStatus': 'urn:oid:1.3.6.1.4.1.25178.1.2.19',
'schacDateOfBirth': 'urn:oid:1.3.6.1.4.1.25178.1.2.3',
'schacSn2': 'urn:oid:1.3.6.1.4.1.25178.1.2.7',
'schacSn1': 'urn:oid:1.3.6.1.4.1.25178.1.2.6',
'schacGender': 'urn:oid:1.3.6.1.4.1.25178.1.2.2',
'schacMotherTongue': 'urn:oid:1.3.6.1.4.1.25178.1.2.1',
'schacHomeOrganizationType': 'urn:oid:1.3.6.1.4.1.25178.1.2.10',
'schacUserPresenceID': 'urn:oid:1.3.6.1.4.1.25178.1.2.12',
'schacPersonalTitle': 'urn:oid:1.3.6.1.4.1.25178.1.2.8',
'schacPlaceOfBirth': 'urn:oid:1.3.6.1.4.1.25178.1.2.4',
'schacUserPrivateAttribute': 'urn:oid:1.3.6.1.4.1.25178.1.2.18',
# umuse
'umuSePersonExpertise': 'urn:oid:1.2.752.17.6.1.10',
'umuSePersonnelLIN': 'urn:oid:1.2.752.17.6.1.41',
'umuSeFormalName': 'urn:oid:1.2.752.17.6.1.27',
'umuSeCourseInstAccId': 'urn:oid:1.2.752.17.6.1.39',
'umuSeParentLIN': 'urn:oid:1.2.752.17.6.1.21',
'umuSeCourseDN': 'urn:oid:1.2.752.17.6.1.37',
'umuSeCareOf': 'urn:oid:1.2.752.17.6.1.46',
'umuSeOrgUnitChild': 'urn:oid:1.2.752.17.6.1.16',
'umuSeCourseId': 'urn:oid:1.2.752.17.6.1.34',
'umuSePersonCardSIS': 'urn:oid:1.2.752.17.6.1.3',
'umuSeValidTo': 'urn:oid:1.2.752.17.6.1.31',
'umuSePrimaryMail': 'urn:oid:1.2.752.17.6.1.49',
'umuSePersonEmploymentFrom': 'urn:oid:1.2.752.17.6.1.23',
'umuSePersonResearch': 'urn:oid:1.2.752.17.6.1.9',
'umuSePersonCampus': 'urn:oid:1.2.752.17.6.1.4',
'umuSeCourseRegId': 'urn:oid:1.2.752.17.6.1.45',
'umuSePersonEmploymentType': 'urn:oid:1.2.752.17.6.1.12',
'umuSeAffiliatedToLIN': 'urn:oid:1.2.752.17.6.1.29',
'umuSeOrgUnitType': 'urn:oid:1.2.752.17.6.1.17',
'umuSeSMSNumber': 'urn:oid:1.2.752.17.6.1.7',
'umuSePersonEmploymentExtent': 'urn:oid:1.2.752.17.6.1.19',
'umuSeOrgUnitNumber': 'urn:oid:1.2.752.17.6.1.26',
'umuSePersonPrimaryCampus': 'urn:oid:1.2.752.17.6.1.5',
'umuSeID': 'urn:oid:1.2.752.17.6.1.28',
'umuSeCourseInstId': 'urn:oid:1.2.752.17.6.1.35',
'umuSeCourseInstRegId': 'urn:oid:1.2.752.17.6.1.40',
'umuSeMemberLIN': 'urn:oid:1.2.752.17.6.1.33',
'umuSePersonEmploymentStatusCode': 'urn:oid:1.2.752.17.6.1.14',
'umuSeCourseSemester': 'urn:oid:1.2.752.17.6.1.36',
'umuSeCourseOrgUnitDN': 'urn:oid:1.2.752.17.6.1.38',
'umuSePersonEmploymentTo': 'urn:oid:1.2.752.17.6.1.24',
'umuSeValidFrom': 'urn:oid:1.2.752.17.6.1.32',
'umuSePersonHomeMobile': 'urn:oid:1.2.752.17.6.1.6',
'umuSePersonEmploymentStatus': 'urn:oid:1.2.752.17.6.1.13',
'umuSePersonInstantMessage': 'urn:oid:1.2.752.17.6.1.8',
'umuSePersonSpokenName': 'urn:oid:1.2.752.17.6.1.18',
'umuSeOrgType': 'urn:oid:1.2.752.17.6.1.42',
'passportIssuingCountry': 'urn:oid:1.2.752.17.6.1.44',
'umuSeChildLIN': 'urn:oid:1.2.752.17.6.1.22',
'umuSeAlternateTelephoneNumber': 'urn:oid:1.2.752.17.6.1.47',
'umuSeLIN': 'urn:oid:1.2.752.17.6.1.20',
'umuSePersonEmploymentPost': 'urn:oid:1.2.752.17.6.1.25',
'passportNumber': 'urn:oid:1.2.752.17.6.1.43',
'umuSePersonAlternateContact': 'urn:oid:1.2.752.17.6.1.11',
'umuSeAccountNumber': 'urn:oid:1.2.752.17.6.1.30',
'umuSeLabeledDN': 'urn:oid:1.2.752.17.6.1.48',
'umuSePersonPrivacy': 'urn:oid:1.2.752.17.6.1.1',
'umuSePersonCardNr': 'urn:oid:1.2.752.17.6.1.2',
}

8
example/idp/README Normal file
View File

@@ -0,0 +1,8 @@
Passwords in clear text:
roland:one
ozzie:two
derek:three
ryan:four
ischiro:five

34
example/idp/idp.conf
View File

@@ -1,12 +1,34 @@
{
"entityid" : "urn:mace:example.com:saml:roland:idp",
"service": ["idp"],
"my_name" : "Rolands IdP",
"entityid" : "urn:mace:umu.se:saml:roland:idp",
"service": {
"idp": {
"name" : "Rolands IdP",
"url": "http://localhost:8088/sso",
"policy": {
"default": {
"lifetime": {"minutes":15},
"attribute_restrictions": None, # means all I have
"name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
},
"urn:mace:umu.se:saml:roland:sp": {
"lifetime": {"minutes": 5},
}
}
}
},
"debug" : 1,
"key_file" : "./mykey.pem",
"cert_file" : "./mycert.pem",
"xmlsec_binary" : "/opt/local/bin/xmlsec1",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata" : {
"local": ["metadata.xml"],
}
"local": ["../sp_metadata.xml"],
},
"organization": {
"display_name": "Rolands Identiteter",
"name": "Rolands Identiteter",
},
# This database holds the map between a subjects local identifier and
# the identifier returned to a SP
"subject_data": "./idp.subject.db",
"attribute_map_dir" : "../attributemaps",
}

93
example/idp/idp.app.py → example/idp/idp.py
View File

@@ -2,25 +2,8 @@
import re
import base64
from cgi import escape, parse_qs
import urllib
#import urlparse
from cgi import parse_qs
from saml2 import server
from saml2.utils import make_instance, sid, decode_base64_and_inflate
from saml2 import samlp, saml
from saml2.time_util import in_a_while, instant
def authn_response(identity, in_response_to, destination, spid):
global idp
resp = idp.do_response(
destination, # consumer_url
in_response_to, # in_response_to
spid, # sp_entity_id
identity # identity as dictionary
)
return ("%s" % resp).split("\n")
# -----------------------------------------------------------------------------
def dict_to_table(ava, lev=0, width=1):
@@ -35,11 +18,11 @@ def dict_to_table(ava, lev=0, width=1):
except AttributeError:
txt.append("<td>%s</td>\n" % valarr)
elif isinstance(valarr, list):
i = 0
n = len(valarr)
index = 0
num = len(valarr)
for val in valarr:
if i == 0:
txt.append("<th rowspan=%d>%s</td>\n" % (len(valarr),prop))
if index == 0:
txt.append("<th rowspan=%d>%s</td>\n" % (len(valarr), prop))
else:
txt.append("<tr>\n")
if isinstance(val, dict):
@@ -51,10 +34,10 @@ def dict_to_table(ava, lev=0, width=1):
txt.append("<td>%s</td>\n" % val.encode("utf8"))
except AttributeError:
txt.append("<td>%s</td>\n" % val)
if n > 1:
if num > 1:
txt.append("</tr>\n")
n -= 1
i += 1
num -= 1
index += 1
elif isinstance(valarr, dict):
txt.append("<th>%s</th>\n" % prop)
txt.append("<td>\n")
@@ -73,38 +56,49 @@ FORM_SPEC = """<form name="myform" method="post" action="%s">
def sso(environ, start_response, user, logger):
""" Supposted to return a POST """
#edict = dict_to_table(environ)
logger and logger.info("Environ keys: %s" % environ.keys())
#logger and logger.info("Environ keys: %s" % environ.keys())
logger.info("--- In SSO ---")
if "QUERY_STRING" in environ:
logger and logger.info("Query string: %s" % environ["QUERY_STRING"])
query = parse_qs(environ["QUERY_STRING"])
elif "s2repoze.qinfo" in environ:
query = environ["s2repoze.qinfo"]
# base 64 encoded request
(consumer, identifier, policies,
spid) = idp.parse_authn_request(query["SAMLRequest"][0])
spentityid = query["spentityid"][0]
try:
relayState = query["RelayState"][0]
except (KeyError, AttributeError):
relayState = "/"
start_response('200 OK', [('Content-Type', 'text/html')])
req_info = IDP.parse_authn_request(query["SAMLRequest"][0])
logger.info("parsed OK")
logger.info("%s" % req_info)
identity = dict(environ["repoze.who.identity"]["user"])
logger.info("Identity: %s" % (identity,))
userid = environ["repoze.who.identity"]['repoze.who.userid']
if REPOZE_ID_EQUIVALENT:
identity[REPOZE_ID_EQUIVALENT] = (
environ["repoze.who.identity"]['repoze.who.userid'])
authn_resp = authn_response(identity, identifier, consumer, spid)
identity[REPOZE_ID_EQUIVALENT] = userid
try:
authn_resp = IDP.authn_response(identity,
req_info["id"],
req_info["consumer_url"],
req_info["sp_entity_id"],
req_info["request"].name_id_policy,
userid)
except Exception, excp:
logger and logger.error("Exception: %s" % (excp,))
raise
logger and logger.info("AuthNResponse: %s" % authn_resp)
response = []
response.append("<head>")
response.append("<title>SAML 2.0 POST</title>")
response.append("</head><body>")
#login_url = location + '?spentityid=' + "lingon.catalogix.se"
response.append(FORM_SPEC % (consumer,
response.append(FORM_SPEC % (req_info["consumer_url"],
base64.b64encode("".join(authn_resp)),"/"))
response.append("""<script type="text/javascript" language="JavaScript">""")
response.append(" document.myform.submit();")
response.append("""</script>""")
response.append("</body>")
start_response('200 OK', [('Content-Type', 'text/html')])
return response
def whoami(environ, start_response, user, logger):
@@ -129,11 +123,11 @@ def not_authn(environ, start_response, logger):
logger and logger.info("query: %s" % query)
start_response('401 Unauthorized', [('Content-Type', 'text/plain')])
return ['Unknown user']
# ----------------------------------------------------------------------------
# map urls to functions
urls = [
URLS = [
(r'whoami$', whoami),
(r'whoami/(.*)$', whoami),
(r'sso$', sso),
@@ -163,7 +157,7 @@ def application(environ, start_response):
path = environ.get('PATH_INFO', '').lstrip('/')
logger = environ.get('repoze.who.logger')
logger and logger.info( "<application> PATH: %s" % path)
for regex, callback in urls:
for regex, callback in URLS:
if user:
match = re.search(regex, path)
if match is not None:
@@ -171,6 +165,7 @@ def application(environ, start_response):
environ['myapp.url_args'] = match.groups()[0]
except IndexError:
environ['myapp.url_args'] = path
logger and logger.info("callback: %s" % (callback,))
return callback(environ, start_response, user, logger)
else:
logger and logger.info("-- No USER --")
@@ -181,8 +176,8 @@ def application(environ, start_response):
from repoze.who.config import make_middleware_with_config
app_with_auth = make_middleware_with_config(application, {"here":"."},
'./who.ini', log_file="idpapp.log")
APP_WITH_AUTH = make_middleware_with_config(application, {"here":"."},
'./who.ini', log_file="who.log")
# ----------------------------------------------------------------------------
@@ -193,9 +188,9 @@ if __name__ == '__main__':
LOG_FILENAME = "./idp.log"
PORT = 8088
logging.basicConfig(filename=LOG_FILENAME,level=logging.DEBUG)
logging.basicConfig(filename=LOG_FILENAME, level=logging.DEBUG)
idp = server.Server(sys.argv[1], logging)
srv = make_server('localhost', PORT, app_with_auth)
print "listening on port: %s" % PORT
srv.serve_forever()
IDP = server.Server(sys.argv[1], log=logging, debug=1)
SRV = make_server('localhost', PORT, APP_WITH_AUTH)
print "IdP listening on port: %s" % PORT
SRV.serve_forever()

25
example/idp/idp_user.ini Normal file
View File

@@ -0,0 +1,25 @@
[roland]
surname=Hedberg
givenName=Roland
eduPersonAffiliation=staff
uid=rohe0002
[ozzie]
surname=Guillen
givenName=Ozzie
eduPersonAffiliation=affiliate
[derek]
surname=Jeter
givenName=Derek
eduPersonAffiliation=affiliate
[ichiro]
surname=Suzuki
givenName=Ischiro
eduPersonAffiliation=affiliate
[ryan]
surname=Howard
givenName=Ryan
eduPersonAffiliation=affiliate

34
example/idp/metadata.xml
View File

@@ -1,34 +0,0 @@
<?xml version='1.0' encoding='UTF-8'?>
<ns0:EntitiesDescriptor name="urn:mace:umu.se:saml:test" validUntil="2009-12-04T17:31:07Z" xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="urn:mace:umu.se:saml:roland:sp"><ns0:SPSSODescriptor AuthnRequestsSigned="False" WantAssertionsSigned="True" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIIC8jCCAlugAwIBAgIJAJHg2V5J31I8MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
BAYTAlNFMQ0wCwYDVQQHEwRVbWVhMRgwFgYDVQQKEw9VbWVhIFVuaXZlcnNpdHkx
EDAOBgNVBAsTB0lUIFVuaXQxEDAOBgNVBAMTB1Rlc3QgU1AwHhcNMDkxMDI2MTMz
MTE1WhcNMTAxMDI2MTMzMTE1WjBaMQswCQYDVQQGEwJTRTENMAsGA1UEBxMEVW1l
YTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRAwDgYDVQQLEwdJVCBVbml0MRAw
DgYDVQQDEwdUZXN0IFNQMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkJWP7
bwOxtH+E15VTaulNzVQ/0cSbM5G7abqeqSNSs0l0veHr6/ROgW96ZeQ57fzVy2MC
FiQRw2fzBs0n7leEmDJyVVtBTavYlhAVXDNa3stgvh43qCfLx+clUlOvtnsoMiiR
mo7qf0BoPKTj7c0uLKpDpEbAHQT4OF1HRYVxMwIDAQABo4G/MIG8MB0GA1UdDgQW
BBQ7RgbMJFDGRBu9o3tDQDuSoBy7JjCBjAYDVR0jBIGEMIGBgBQ7RgbMJFDGRBu9
o3tDQDuSoBy7JqFepFwwWjELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGDAW
BgNVBAoTD1VtZWEgVW5pdmVyc2l0eTEQMA4GA1UECxMHSVQgVW5pdDEQMA4GA1UE
AxMHVGVzdCBTUIIJAJHg2V5J31I8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
BQADgYEAMuRwwXRnsiyWzmRikpwinnhTmbooKm5TINPE7A7gSQ710RxioQePPhZO
zkM27NnHTrCe2rBVg0EGz7QTd1JIwLPvgoj4VTi/fSha/tXrYUaqc9AqU1kWI4WN
+vffBGQ09mo+6CffuFTZYeOhzP/2stAPwCTU4kxEoiy0KpZMANI=
</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://localhost:8087/" index="0" /></ns0:SPSSODescriptor><ns0:Organization><ns0:OrganizationURL>http://www.umu.se/</ns0:OrganizationURL><ns0:OrganizationName>Umea University</ns0:OrganizationName></ns0:Organization><ns0:ContactPerson><ns0:GivenName>Roland</ns0:GivenName><ns0:SurName>Hedberg</ns0:SurName><ns0:EmailAddress>roland.hedberg@adm.umu.se</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor><ns0:EntityDescriptor entityID="urn:mace:umu.se:saml:roland:idp"><ns0:IDPSSODescriptor WantAuthnRequestsSigned="True" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIIC8jCCAlugAwIBAgIJAJHg2V5J31I8MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
BAYTAlNFMQ0wCwYDVQQHEwRVbWVhMRgwFgYDVQQKEw9VbWVhIFVuaXZlcnNpdHkx
EDAOBgNVBAsTB0lUIFVuaXQxEDAOBgNVBAMTB1Rlc3QgU1AwHhcNMDkxMDI2MTMz
MTE1WhcNMTAxMDI2MTMzMTE1WjBaMQswCQYDVQQGEwJTRTENMAsGA1UEBxMEVW1l
YTEYMBYGA1UEChMPVW1lYSBVbml2ZXJzaXR5MRAwDgYDVQQLEwdJVCBVbml0MRAw
DgYDVQQDEwdUZXN0IFNQMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDkJWP7
bwOxtH+E15VTaulNzVQ/0cSbM5G7abqeqSNSs0l0veHr6/ROgW96ZeQ57fzVy2MC
FiQRw2fzBs0n7leEmDJyVVtBTavYlhAVXDNa3stgvh43qCfLx+clUlOvtnsoMiiR
mo7qf0BoPKTj7c0uLKpDpEbAHQT4OF1HRYVxMwIDAQABo4G/MIG8MB0GA1UdDgQW
BBQ7RgbMJFDGRBu9o3tDQDuSoBy7JjCBjAYDVR0jBIGEMIGBgBQ7RgbMJFDGRBu9
o3tDQDuSoBy7JqFepFwwWjELMAkGA1UEBhMCU0UxDTALBgNVBAcTBFVtZWExGDAW
BgNVBAoTD1VtZWEgVW5pdmVyc2l0eTEQMA4GA1UECxMHSVQgVW5pdDEQMA4GA1UE
AxMHVGVzdCBTUIIJAJHg2V5J31I8MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEF
BQADgYEAMuRwwXRnsiyWzmRikpwinnhTmbooKm5TINPE7A7gSQ710RxioQePPhZO
zkM27NnHTrCe2rBVg0EGz7QTd1JIwLPvgoj4VTi/fSha/tXrYUaqc9AqU1kWI4WN
+vffBGQ09mo+6CffuFTZYeOhzP/2stAPwCTU4kxEoiy0KpZMANI=
</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:8088/sso/" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationURL>http://www.umu.se/</ns0:OrganizationURL><ns0:OrganizationName>Umea University</ns0:OrganizationName></ns0:Organization><ns0:ContactPerson><ns0:GivenName>Roland</ns0:GivenName><ns0:SurName>Hedberg</ns0:SurName><ns0:EmailAddress>roland.hedberg@adm.umu.se</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor></ns0:EntitiesDescriptor>

5
example/idp/passwd Normal file
View File

@@ -0,0 +1,5 @@
roland:0Gwsj0fYeNAIk
ozzie:wT390u9XwBFaU
derek:efNb53YcncbRI
ryan:YlIhvZ6Rdt6fA
ischiro:wgMhJvmkQgMGs

8
example/idp/who.ini
View File

@@ -9,9 +9,11 @@ rememberer_name = auth_tkt
# identification
use = repoze.who.plugins.auth_tkt:make_plugin
secret = cassiopeja
cookie_name = kustrask
cookie_name = pysaml2idp
secure = False
include_ip = False
include_ip = True
timeout=3600
reissue_time = 3000
[plugin:basicauth]
# identification and challenge
@@ -26,7 +28,7 @@ check_fn = repoze.who.plugins.htpasswd:crypt_check
[plugin:ini]
use = s2repoze.plugins.ini:make_plugin
ini_file = %(here)s/user.ini
ini_file = %(here)s/idp_user.ini
[general]
request_classifier = repoze.who.classifiers:default_request_classifier

17
example/run.sh Executable file
View File

@@ -0,0 +1,17 @@
#!/bin/sh
# run.sh
# pysaml2
#
# Created by Roland Hedberg on 3/25/10.
# Copyright 2010 Umeå Universitet. All rights reserved.
cd sp
../../tools/make_metadata.py sp.conf > ../sp_metadata.xml
./sp.py sp.conf &
cd ../idp
./idp.py idp.conf &
cd ..

36
example/sp/sp.conf Normal file
View File

@@ -0,0 +1,36 @@
{
"entityid" : "urn:mace:umu.se:saml:roland:sp",
"service": {
"sp":{
"name" : "Rolands SP",
"url" : "http://localhost:8087/",
"required_attributes": ["surname", "givenname", "edupersonaffiliation"],
#"optional_attributes": ["title"],
"idp": {
"" : "http://localhost:8088/sso",
},
}
},
"debug" : 1,
"key_file" : "./mykey.pem",
"cert_file" : "./mycert.pem",
"xmlsec_binary" : "/user/local/bin/xmlsec1",
"attribute_map_dir" : "../attributemaps",
# -- Not really necessary since there is only one IdP --
#"metadata" : {
# "local": ["../metadata.xml"],
#},
# -- below used by make_metadata --
"organization": {
"name": "Rolands AB",
"display_name": [("Rolands AB","se"),("Rolands Co.","en")],
"url":"http://www.example.com/roland",
},
"contact": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": "john.smith@example.com",
"contact_type": "technical",
}],
"name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
}

9
example/sp/application.py → example/sp/sp.py
View File

@@ -50,7 +50,8 @@ def dict_to_table(ava, width=1):
def whoami(environ, start_response, user, logger):
start_response('200 OK', [('Content-Type', 'text/html')])
identity = environ["repoze.who.identity"]["user"]
response = dict_to_table(identity)
response = ["<h2>Your identity are supposed to be</h2>"]
response.extend(dict_to_table(identity))
return response[:]
def not_found(environ, start_response):
@@ -110,11 +111,13 @@ def application(environ, start_response):
from repoze.who.config import make_middleware_with_config
app_with_auth = make_middleware_with_config(application, {"here":"."},
'./who.ini', log_file="repo.log")
'./who.ini', log_file="who.log")
# ----------------------------------------------------------------------------
PORT = 8087
if __name__ == '__main__':
from wsgiref.simple_server import make_server
srv = make_server('localhost', 8087, app_with_auth)
srv = make_server('localhost', PORT, app_with_auth)
print "SP listening on port: %s" % PORT
srv.serve_forever()

29
example/sp/sp_conf.py
View File

@@ -1,29 +0,0 @@
{
"entityid" : "urn:mace:umu.se:saml:roland:sp",
"service": {
"sp":{
"name" : "Rolands SP",
"url" : "http://localhost:8087/",
"required_attributes": ["surName", "givenName", "mail"],
"optional_attributes": ["title"],
"idp": {
"" : "https://example.com/saml2/idp/SSOService.php",
},
}
},
"debug" : 1,
"key_file" : "./mykey.pem",
"cert_file" : "./mycert.pem",
"xmlsec_binary" : "/opt/local/bin/xmlsec1",
"organization": {
"name": "Example Co.",
"display_name": "Example Company",
"url":"http://www.example.com/",
},
"contact": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": "john.smith@example.com",
"contact_type": "technical",
}]
}

3
example/sp/who.ini
View File

@@ -13,10 +13,9 @@ reissue_time = 3000
# - rememberer_name : name of the plugin for remembering (delegate)
[plugin:saml2auth]
use = s2repoze.plugins.sp:make_plugin
saml_conf = sp_conf.py
saml_conf = sp.conf
rememberer_name = auth_tkt
debug = 1
path_logout = .*/logout.*
[general]
request_classifier = s2repoze.plugins.challenge_decider:my_request_classifier