openstack/deb-python-pysaml2
Code Issues Proposed changes

Merge branch 'master' of https://github.com/rohe/pysaml2

Browse Source
This commit is contained in:
Fredrik Thulin
2013-06-10 15:31:09 +02:00
parent 7553a61b52 5ae327b1f5
commit 4363b0f23a
6 changed files with 25 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/saml2/assertion.py
View File

@@ -524,7 +524,6 @@ class Policy(object):
text=sp_entity_id))]) text=sp_entity_id))])
class EntityCategories(object): class EntityCategories(object):
pass pass

1
src/saml2/config.py
View File

@@ -191,6 +191,7 @@ class Config(object):
self.name_qualifier = "" self.name_qualifier = ""
self.entity_category = "" self.entity_category = ""
self.crypto_backend = 'xmlsec1' self.crypto_backend = 'xmlsec1'
self.scope = ""
def setattr(self, context, attr, val): def setattr(self, context, attr, val):
if context == "": if context == "":

3
src/saml2/entity_category/swamid.py
View File

@@ -3,7 +3,8 @@ __author__ = 'rolandh'
NAME = ["givenName", "initials", "displayName", "sn"] NAME = ["givenName", "initials", "displayName", "sn"]
STATIC_ORG_INFO = ["c", "o", "ou"] STATIC_ORG_INFO = ["c", "o", "ou"]
OTHER = ["eduPersonPrincipalName", "eduPersonScopedAffiliation", "email"] OTHER = ["eduPersonPrincipalName", "eduPersonScopedAffiliation", "email",
"mail"]
# These give you access to information # These give you access to information
RESEARCH_AND_EDUCATION = "http://www.swamid.se/category/research-and-education" RESEARCH_AND_EDUCATION = "http://www.swamid.se/category/research-and-education"

21
src/saml2/response.py
View File

@@ -654,9 +654,19 @@ class AuthnResponse(StatusResponse):
subject.subject_confirmation = subjconf subject.subject_confirmation = subjconf
# The subject must contain a name_id # The subject must contain a name_id
assert subject.name_id try:
# Make certain the name id format assert subject.name_id
self.name_id = subject.name_id self.name_id = subject.name_id
except AssertionError:
if subject.encrypted_id:
# decrypt encrypted ID
_name_id_str = self.sec.decrypt(
subject.encrypted_id.encrypted_data.to_string())
_name_id = saml.name_id_from_string(_name_id_str)
self.name_id = _name_id
else:
raise VerificationError("Missing NameID")
return self.name_id return self.name_id
def _assertion(self, assertion): def _assertion(self, assertion):
@@ -759,7 +769,10 @@ class AuthnResponse(StatusResponse):
for astat in self.assertion.authn_statement: for astat in self.assertion.authn_statement:
context = astat.authn_context context = astat.authn_context
if context: if context:
aclass = context.authn_context_class_ref.text try:
aclass = context.authn_context_class_ref.text
except AttributeError:
aclass = ""
try: try:
authn_auth = [a.text for a in authn_auth = [a.text for a in
context.authenticating_authority] context.authenticating_authority]

4
src/saml2/sigver.py
View File

@@ -56,6 +56,10 @@ SIG = "{%s#}%s" % (ds.NAMESPACE, "Signature")
RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1" RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
class CertificateTooOld(Exception):
pass
def signed(item): def signed(item):
if SIG in item.c_children.keys() and item.signature: if SIG in item.c_children.keys() and item.signature:
return True return True

1
tests/idp_all_conf.py
View File

@@ -80,6 +80,7 @@ CONFIG = {
} }
}, },
#"subject_data": ("mongodb", "foo"), #"subject_data": ("mongodb", "foo"),
"scope": ["example.com"]
}, },
}, },
"debug": 1, "debug": 1,