Merge remote-tracking branch 'upstream/master'
# Conflicts: # src/saml2/xmldsig/__init__.py
This commit is contained in:
commit
51c06eecb3
|
@ -1,4 +1,5 @@
|
||||||
#!/usr/bin/env python
|
#!/usr/bin/env python
|
||||||
|
from saml2.algsupport import algorithm_support_in_metadata
|
||||||
from saml2.md import AttributeProfile
|
from saml2.md import AttributeProfile
|
||||||
from saml2.sigver import security_context
|
from saml2.sigver import security_context
|
||||||
from saml2.config import Config
|
from saml2.config import Config
|
||||||
|
@ -728,6 +729,12 @@ def entity_descriptor(confd):
|
||||||
item = mdattr.EntityAttributes(attribute=attr)
|
item = mdattr.EntityAttributes(attribute=attr)
|
||||||
entd.extensions.add_extension_element(item)
|
entd.extensions.add_extension_element(item)
|
||||||
|
|
||||||
|
if not entd.extensions:
|
||||||
|
entd.extensions = md.Extensions()
|
||||||
|
|
||||||
|
for item in algorithm_support_in_metadata(confd.xmlsec_binary):
|
||||||
|
entd.extensions.add_extension_element(item)
|
||||||
|
|
||||||
serves = confd.serves
|
serves = confd.serves
|
||||||
if not serves:
|
if not serves:
|
||||||
raise SAMLError(
|
raise SAMLError(
|
||||||
|
|
|
@ -12,7 +12,8 @@ NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'
|
||||||
ENCODING_BASE64 = 'http://www.w3.org/2000/09/xmldsig#base64'
|
ENCODING_BASE64 = 'http://www.w3.org/2000/09/xmldsig#base64'
|
||||||
|
|
||||||
# digest and signature algorithms (not implemented = commented out)
|
# digest and signature algorithms (not implemented = commented out)
|
||||||
DIGEST_MD5 = 'http://www.w3.org/2001/04/xmldsig-more#md5' # test framework only!
|
DIGEST_MD5 = 'http://www.w3.org/2001/04/xmldsig-more#md5' # test framework
|
||||||
|
# only!
|
||||||
DIGEST_SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'
|
DIGEST_SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1'
|
||||||
DIGEST_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#sha224'
|
DIGEST_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#sha224'
|
||||||
DIGEST_SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256'
|
DIGEST_SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256'
|
||||||
|
@ -28,20 +29,20 @@ DIGEST_ALLOWED_ALG = (('DIGEST_SHA1', DIGEST_SHA1),
|
||||||
('DIGEST_RIPEMD160', DIGEST_RIPEMD160))
|
('DIGEST_RIPEMD160', DIGEST_RIPEMD160))
|
||||||
DIGEST_AVAIL_ALG = DIGEST_ALLOWED_ALG + (('DIGEST_MD5', DIGEST_MD5),)
|
DIGEST_AVAIL_ALG = DIGEST_ALLOWED_ALG + (('DIGEST_MD5', DIGEST_MD5),)
|
||||||
|
|
||||||
# SIG_DSA_SHA1 = 'http,//www.w3.org/2000/09/xmldsig#dsa-sha1'
|
SIG_DSA_SHA1 = 'http,//www.w3.org/2000/09/xmldsig#dsa-sha1'
|
||||||
# SIG_DSA_SHA256 = 'http://www.w3.org/2009/xmldsig11#dsa-sha256'
|
SIG_DSA_SHA256 = 'http://www.w3.org/2009/xmldsig11#dsa-sha256'
|
||||||
# SIG_ECDSA_SHA1 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha1'
|
SIG_ECDSA_SHA1 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha1'
|
||||||
# SIG_ECDSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha224'
|
SIG_ECDSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha224'
|
||||||
# SIG_ECDSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha256'
|
SIG_ECDSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha256'
|
||||||
# SIG_ECDSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha384'
|
SIG_ECDSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha384'
|
||||||
# SIG_ECDSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha512'
|
SIG_ECDSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha512'
|
||||||
SIG_RSA_MD5 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-md5' # test framework
|
SIG_RSA_MD5 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-md5' # test framework
|
||||||
SIG_RSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'
|
SIG_RSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'
|
||||||
SIG_RSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha224'
|
SIG_RSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha224'
|
||||||
SIG_RSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
|
SIG_RSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'
|
||||||
SIG_RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'
|
SIG_RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384'
|
||||||
SIG_RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'
|
SIG_RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'
|
||||||
# SIG_RSA_RIPEMD160 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160'
|
SIG_RSA_RIPEMD160 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160'
|
||||||
sig_default = SIG_RSA_SHA1
|
sig_default = SIG_RSA_SHA1
|
||||||
SIG_ALLOWED_ALG = (('SIG_RSA_SHA1', SIG_RSA_SHA1),
|
SIG_ALLOWED_ALG = (('SIG_RSA_SHA1', SIG_RSA_SHA1),
|
||||||
('SIG_RSA_SHA224', SIG_RSA_SHA224),
|
('SIG_RSA_SHA224', SIG_RSA_SHA224),
|
||||||
|
@ -138,7 +139,8 @@ def signature_value_type__from_string(xml_string):
|
||||||
|
|
||||||
|
|
||||||
class CanonicalizationMethodType_(SamlBase):
|
class CanonicalizationMethodType_(SamlBase):
|
||||||
"""The http://www.w3.org/2000/09/xmldsig#:CanonicalizationMethodType element """
|
"""The http://www.w3.org/2000/09/xmldsig#:CanonicalizationMethodType
|
||||||
|
element """
|
||||||
|
|
||||||
c_tag = 'CanonicalizationMethodType'
|
c_tag = 'CanonicalizationMethodType'
|
||||||
c_namespace = NAMESPACE
|
c_namespace = NAMESPACE
|
||||||
|
@ -190,8 +192,8 @@ class TransformType_(SamlBase):
|
||||||
c_attributes = SamlBase.c_attributes.copy()
|
c_attributes = SamlBase.c_attributes.copy()
|
||||||
c_child_order = SamlBase.c_child_order[:]
|
c_child_order = SamlBase.c_child_order[:]
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}XPath'] = ('x_path',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}XPath'] = (
|
||||||
[TransformType_XPath])
|
'x_path', [TransformType_XPath])
|
||||||
c_cardinality['x_path'] = {"min": 0}
|
c_cardinality['x_path'] = {"min": 0}
|
||||||
c_attributes['Algorithm'] = ('algorithm', 'anyURI', True)
|
c_attributes['Algorithm'] = ('algorithm', 'anyURI', True)
|
||||||
c_child_order.extend(['x_path'])
|
c_child_order.extend(['x_path'])
|
||||||
|
@ -393,7 +395,8 @@ class PGPDataType_(SamlBase):
|
||||||
c_attributes = SamlBase.c_attributes.copy()
|
c_attributes = SamlBase.c_attributes.copy()
|
||||||
c_child_order = SamlBase.c_child_order[:]
|
c_child_order = SamlBase.c_child_order[:]
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}PGPKeyID'] = ('pgp_key_id', PGPKeyID)
|
c_children['{http://www.w3.org/2000/09/xmldsig#}PGPKeyID'] = (
|
||||||
|
'pgp_key_id', PGPKeyID)
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}PGPKeyPacket'] = (
|
c_children['{http://www.w3.org/2000/09/xmldsig#}PGPKeyPacket'] = (
|
||||||
'pgp_key_packet', PGPKeyPacket)
|
'pgp_key_packet', PGPKeyPacket)
|
||||||
c_cardinality['pgp_key_packet'] = {"min": 0, "max": 1}
|
c_cardinality['pgp_key_packet'] = {"min": 0, "max": 1}
|
||||||
|
@ -529,7 +532,8 @@ class SignaturePropertyType_(SamlBase):
|
||||||
|
|
||||||
|
|
||||||
def signature_property_type__from_string(xml_string):
|
def signature_property_type__from_string(xml_string):
|
||||||
return saml2.create_class_from_xml_string(SignaturePropertyType_, xml_string)
|
return saml2.create_class_from_xml_string(SignaturePropertyType_,
|
||||||
|
xml_string)
|
||||||
|
|
||||||
|
|
||||||
class HMACOutputLengthType_(SamlBase):
|
class HMACOutputLengthType_(SamlBase):
|
||||||
|
@ -659,8 +663,8 @@ class DSAKeyValueType_(SamlBase):
|
||||||
c_cardinality['j'] = {"min": 0, "max": 1}
|
c_cardinality['j'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}Seed'] = ('seed', Seed)
|
c_children['{http://www.w3.org/2000/09/xmldsig#}Seed'] = ('seed', Seed)
|
||||||
c_cardinality['seed'] = {"min": 0, "max": 1}
|
c_cardinality['seed'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}PgenCounter'] = ('pgen_counter',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}PgenCounter'] = (
|
||||||
PgenCounter)
|
'pgen_counter', PgenCounter)
|
||||||
c_cardinality['pgen_counter'] = {"min": 0, "max": 1}
|
c_cardinality['pgen_counter'] = {"min": 0, "max": 1}
|
||||||
c_child_order.extend(['p', 'q', 'g', 'y', 'j', 'seed', 'pgen_counter'])
|
c_child_order.extend(['p', 'q', 'g', 'y', 'j', 'seed', 'pgen_counter'])
|
||||||
|
|
||||||
|
@ -957,16 +961,19 @@ class X509DataType_(SamlBase):
|
||||||
c_attributes = SamlBase.c_attributes.copy()
|
c_attributes = SamlBase.c_attributes.copy()
|
||||||
c_child_order = SamlBase.c_child_order[:]
|
c_child_order = SamlBase.c_child_order[:]
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}X509IssuerSerial'] = ('x509_issuer_serial',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}X509IssuerSerial'] = (
|
||||||
|
'x509_issuer_serial',
|
||||||
X509IssuerSerial)
|
X509IssuerSerial)
|
||||||
c_cardinality['x509_issuer_serial'] = {"min": 0, "max": 1}
|
c_cardinality['x509_issuer_serial'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}X509SKI'] = ('x509_ski',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}X509SKI'] = ('x509_ski',
|
||||||
X509SKI)
|
X509SKI)
|
||||||
c_cardinality['x509_ski'] = {"min": 0, "max": 1}
|
c_cardinality['x509_ski'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}X509SubjectName'] = ('x509_subject_name',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}X509SubjectName'] = (
|
||||||
|
'x509_subject_name',
|
||||||
X509SubjectName)
|
X509SubjectName)
|
||||||
c_cardinality['x509_subject_name'] = {"min": 0, "max": 1}
|
c_cardinality['x509_subject_name'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}X509Certificate'] = ('x509_certificate',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}X509Certificate'] = (
|
||||||
|
'x509_certificate',
|
||||||
X509Certificate)
|
X509Certificate)
|
||||||
c_cardinality['x509_certificate'] = {"min": 0, "max": 1}
|
c_cardinality['x509_certificate'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}X509CRL'] = ('x509_crl',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}X509CRL'] = ('x509_crl',
|
||||||
|
@ -1147,11 +1154,11 @@ class KeyValueType_(SamlBase):
|
||||||
c_attributes = SamlBase.c_attributes.copy()
|
c_attributes = SamlBase.c_attributes.copy()
|
||||||
c_child_order = SamlBase.c_child_order[:]
|
c_child_order = SamlBase.c_child_order[:]
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}DSAKeyValue'] = ('dsa_key_value',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}DSAKeyValue'] = (
|
||||||
DSAKeyValue)
|
'dsa_key_value', DSAKeyValue)
|
||||||
c_cardinality['dsa_key_value'] = {"min": 0, "max": 1}
|
c_cardinality['dsa_key_value'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}RSAKeyValue'] = ('rsa_key_value',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}RSAKeyValue'] = (
|
||||||
RSAKeyValue)
|
'rsa_key_value', RSAKeyValue)
|
||||||
c_cardinality['rsa_key_value'] = {"min": 0, "max": 1}
|
c_cardinality['rsa_key_value'] = {"min": 0, "max": 1}
|
||||||
c_child_order.extend(['dsa_key_value', 'rsa_key_value'])
|
c_child_order.extend(['dsa_key_value', 'rsa_key_value'])
|
||||||
|
|
||||||
|
@ -1191,7 +1198,8 @@ def x509_data_from_string(xml_string):
|
||||||
|
|
||||||
|
|
||||||
class SignaturePropertiesType_(SamlBase):
|
class SignaturePropertiesType_(SamlBase):
|
||||||
"""The http://www.w3.org/2000/09/xmldsig#:SignaturePropertiesType element """
|
"""The http://www.w3.org/2000/09/xmldsig#:SignaturePropertiesType element
|
||||||
|
"""
|
||||||
|
|
||||||
c_tag = 'SignaturePropertiesType'
|
c_tag = 'SignaturePropertiesType'
|
||||||
c_namespace = NAMESPACE
|
c_namespace = NAMESPACE
|
||||||
|
@ -1222,7 +1230,8 @@ class SignaturePropertiesType_(SamlBase):
|
||||||
|
|
||||||
|
|
||||||
def signature_properties_type__from_string(xml_string):
|
def signature_properties_type__from_string(xml_string):
|
||||||
return saml2.create_class_from_xml_string(SignaturePropertiesType_, xml_string)
|
return saml2.create_class_from_xml_string(SignaturePropertiesType_,
|
||||||
|
xml_string)
|
||||||
|
|
||||||
|
|
||||||
class Transforms(TransformsType_):
|
class Transforms(TransformsType_):
|
||||||
|
@ -1264,8 +1273,8 @@ class RetrievalMethodType_(SamlBase):
|
||||||
c_attributes = SamlBase.c_attributes.copy()
|
c_attributes = SamlBase.c_attributes.copy()
|
||||||
c_child_order = SamlBase.c_child_order[:]
|
c_child_order = SamlBase.c_child_order[:]
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}Transforms'] = ('transforms',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}Transforms'] = (
|
||||||
Transforms)
|
'transforms', Transforms)
|
||||||
c_cardinality['transforms'] = {"min": 0, "max": 1}
|
c_cardinality['transforms'] = {"min": 0, "max": 1}
|
||||||
c_attributes['URI'] = ('uri', 'anyURI', False)
|
c_attributes['URI'] = ('uri', 'anyURI', False)
|
||||||
c_attributes['Type'] = ('type', 'anyURI', False)
|
c_attributes['Type'] = ('type', 'anyURI', False)
|
||||||
|
@ -1317,13 +1326,13 @@ class ReferenceType_(SamlBase):
|
||||||
c_attributes = SamlBase.c_attributes.copy()
|
c_attributes = SamlBase.c_attributes.copy()
|
||||||
c_child_order = SamlBase.c_child_order[:]
|
c_child_order = SamlBase.c_child_order[:]
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}Transforms'] = ('transforms',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}Transforms'] = (
|
||||||
Transforms)
|
'transforms', Transforms)
|
||||||
c_cardinality['transforms'] = {"min": 0, "max": 1}
|
c_cardinality['transforms'] = {"min": 0, "max": 1}
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}DigestMethod'] = ('digest_method',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}DigestMethod'] = (
|
||||||
DigestMethod)
|
'digest_method', DigestMethod)
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}DigestValue'] = ('digest_value',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}DigestValue'] = (
|
||||||
DigestValue)
|
'digest_value', DigestValue)
|
||||||
c_attributes['Id'] = ('id', 'ID', False)
|
c_attributes['Id'] = ('id', 'ID', False)
|
||||||
c_attributes['URI'] = ('uri', 'anyURI', False)
|
c_attributes['URI'] = ('uri', 'anyURI', False)
|
||||||
c_attributes['Type'] = ('type', 'anyURI', False)
|
c_attributes['Type'] = ('type', 'anyURI', False)
|
||||||
|
@ -1508,8 +1517,8 @@ class SignedInfoType_(SamlBase):
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}CanonicalizationMethod'] = (
|
c_children['{http://www.w3.org/2000/09/xmldsig#}CanonicalizationMethod'] = (
|
||||||
'canonicalization_method', CanonicalizationMethod)
|
'canonicalization_method', CanonicalizationMethod)
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}SignatureMethod'] = ('signature_method',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}SignatureMethod'] = (
|
||||||
SignatureMethod)
|
'signature_method', SignatureMethod)
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}Reference'] = ('reference',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}Reference'] = ('reference',
|
||||||
[Reference])
|
[Reference])
|
||||||
c_cardinality['reference'] = {"min": 1}
|
c_cardinality['reference'] = {"min": 1}
|
||||||
|
@ -1595,8 +1604,8 @@ class SignatureType_(SamlBase):
|
||||||
c_attributes = SamlBase.c_attributes.copy()
|
c_attributes = SamlBase.c_attributes.copy()
|
||||||
c_child_order = SamlBase.c_child_order[:]
|
c_child_order = SamlBase.c_child_order[:]
|
||||||
c_cardinality = SamlBase.c_cardinality.copy()
|
c_cardinality = SamlBase.c_cardinality.copy()
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}SignedInfo'] = ('signed_info',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}SignedInfo'] = (
|
||||||
SignedInfo)
|
'signed_info', SignedInfo)
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}SignatureValue'] = (
|
c_children['{http://www.w3.org/2000/09/xmldsig#}SignatureValue'] = (
|
||||||
'signature_value', SignatureValue)
|
'signature_value', SignatureValue)
|
||||||
c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ('key_info',
|
c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ('key_info',
|
||||||
|
@ -1659,7 +1668,8 @@ ELEMENT_FROM_STRING = {
|
||||||
SignedInfo.c_tag: signed_info_from_string,
|
SignedInfo.c_tag: signed_info_from_string,
|
||||||
SignedInfoType_.c_tag: signed_info_type__from_string,
|
SignedInfoType_.c_tag: signed_info_type__from_string,
|
||||||
CanonicalizationMethod.c_tag: canonicalization_method_from_string,
|
CanonicalizationMethod.c_tag: canonicalization_method_from_string,
|
||||||
CanonicalizationMethodType_.c_tag: canonicalization_method_type__from_string,
|
CanonicalizationMethodType_.c_tag:
|
||||||
|
canonicalization_method_type__from_string,
|
||||||
SignatureMethod.c_tag: signature_method_from_string,
|
SignatureMethod.c_tag: signature_method_from_string,
|
||||||
SignatureMethodType_.c_tag: signature_method_type__from_string,
|
SignatureMethodType_.c_tag: signature_method_type__from_string,
|
||||||
Reference.c_tag: reference_from_string,
|
Reference.c_tag: reference_from_string,
|
||||||
|
|
|
@ -464,7 +464,6 @@ def test_metadata_extension_algsupport():
|
||||||
mds = MetadataStore(list(ONTS.values()), ATTRCONV, None)
|
mds = MetadataStore(list(ONTS.values()), ATTRCONV, None)
|
||||||
mds.imp(METADATACONF["12"])
|
mds.imp(METADATACONF["12"])
|
||||||
mdf = mds.metadata[full_path("uu.xml")]
|
mdf = mds.metadata[full_path("uu.xml")]
|
||||||
_txt = mdf.dumps()
|
|
||||||
assert mds
|
assert mds
|
||||||
|
|
||||||
if __name__ == "__main__":
|
if __name__ == "__main__":
|
||||||
|
|
|
@ -0,0 +1,190 @@
|
||||||
|
<?xml version="1.0" encoding="UTF-8"?>
|
||||||
|
<md:EntityDescriptor
|
||||||
|
entityID="https://akka-anv.uu.se/shibboleth"
|
||||||
|
xml:base="swamid-2.0/akka-anv.uu.se-shibboleth.xml"
|
||||||
|
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
|
||||||
|
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
|
||||||
|
>
|
||||||
|
<md:Extensions xmlns:alg="urn:oasis:names:tc:SAML:metadata:algsupport">
|
||||||
|
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha512"/>
|
||||||
|
<alg:DigestMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha384"/>
|
||||||
|
<alg:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
|
||||||
|
<alg:DigestMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmldsig-more#sha224"/>
|
||||||
|
<alg:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
|
||||||
|
<alg:SigningMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"/>
|
||||||
|
<alg:SigningMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha384"/>
|
||||||
|
<alg:SigningMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
|
||||||
|
<alg:SigningMethod
|
||||||
|
Algorithm="http://www.w3.org/2009/xmldsig11#dsa-sha256"/>
|
||||||
|
<alg:SigningMethod
|
||||||
|
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
|
||||||
|
<alg:SigningMethod
|
||||||
|
Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
|
||||||
|
<mdattr:EntityAttributes
|
||||||
|
xmlns:mdattr="urn:oasis:names:tc:SAML:metadata:attribute">
|
||||||
|
<samla:Attribute xmlns:samla="urn:oasis:names:tc:SAML:2.0:assertion"
|
||||||
|
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-for
|
||||||
|
mat:uri" Name="http://macedir.org/entity-category">
|
||||||
|
<samla:AttributeValue>
|
||||||
|
http://www.swamid.se/category/research-and-education
|
||||||
|
</samla:AttributeValue>
|
||||||
|
<samla:AttributeValue>
|
||||||
|
http://refeds.org/category/research-and-scholarship
|
||||||
|
</samla:AttributeValue>
|
||||||
|
<samla:AttributeValue>
|
||||||
|
http://www.swamid.se/category/hei-service
|
||||||
|
</samla:AttributeValue>
|
||||||
|
</samla:Attribute>
|
||||||
|
</mdattr:EntityAttributes>
|
||||||
|
</md:Extensions>
|
||||||
|
<md:SPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol urn:oasis:names:tc:SAML:1.1:protocol urn
|
||||||
|
:oasis:names:tc:SAML:1.0:protocol">
|
||||||
|
<md:Extensions>
|
||||||
|
<init:RequestInitiator
|
||||||
|
xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init"
|
||||||
|
Binding="urn:oasis:names:tc:SAML:pr
|
||||||
|
ofiles:SSO:request-init"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/Login"/>
|
||||||
|
<idpdisc:DiscoveryResponse
|
||||||
|
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||||
|
Binding="urn:oasis
|
||||||
|
:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/Login"
|
||||||
|
index="1"/>
|
||||||
|
<init:RequestInitiator
|
||||||
|
xmlns:init="urn:oasis:names:tc:SAML:profiles:SSO:request-init"
|
||||||
|
Binding="urn:oasis:names:tc:SAML:pr
|
||||||
|
ofiles:SSO:request-init"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/DS/ds.swamid.se"/>
|
||||||
|
<idpdisc:DiscoveryResponse
|
||||||
|
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||||
|
Binding="urn:oasis
|
||||||
|
:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/DS/ds.swamid.se"
|
||||||
|
index="2"/>
|
||||||
|
</md:Extensions>
|
||||||
|
<md:KeyDescriptor>
|
||||||
|
<ds:KeyInfo>
|
||||||
|
<ds:KeyName>akka-anv.uu.se</ds:KeyName>
|
||||||
|
<ds:X509Data>
|
||||||
|
<ds:X509SubjectName>CN=akka-anv.uu.se</ds:X509SubjectName>
|
||||||
|
<ds:X509Certificate>
|
||||||
|
MIIC8TCCAdmgAwIBAgIJAN5oCkisOOXcMA0GCSqGSIb3DQEBBQUAMBkxFzAVBgNV
|
||||||
|
BAMTDmFra2EtYW52LnV1LnNlMB4XDTEyMTAxMjA5NTY0NloXDTIyMTAxMDA5NTY0
|
||||||
|
NlowGTEXMBUGA1UEAxMOYWtrYS1hbnYudXUuc2UwggEiMA0GCSqGSIb3DQEBAQUA
|
||||||
|
A4IBDwAwggEKAoIBAQC9RBkxotLN9wNFPDlbM+HXCTFLC2rxdOI1McjZJjJ0MwJQ
|
||||||
|
Qhju2m8CB0lrTb22nHd7ITqtzhVBKXHY0rmCm7j5tlPCDcQqzgHbk2KR7lGEv5JK
|
||||||
|
oVXF7NdFRTxl393UX2a0+5aWUVsFrWIlHLK5ve+5HBdDUccWtX3XfR2HDcAvMNJB
|
||||||
|
B2FuueVM6pwkNwsyNjDzJlrvtC3QsuLE4KdSjb2GGDg0xvIEgs+/d85JNk+yLhaa
|
||||||
|
90zyQaw0L3OA7F8fX6EesiBg9tGirQcZ6cYHRVKuM1D4sO08iwRA0EA8iXnL34+5
|
||||||
|
Caa/71lSR1Kzo1cluQKkzfob+9AzztZ3vdKxwNiLAgMBAAGjPDA6MBkGA1UdEQQS
|
||||||
|
MBCCDmFra2EtYW52LnV1LnNlMB0GA1UdDgQWBBQFsDy6A2U1Zby9p6ijIsBxv3du
|
||||||
|
AzANBgkqhkiG9w0BAQUFAAOCAQEAtOsbz5YiPiR9xoQbIRr9BV3+fIxw07MNI2tU
|
||||||
|
ouCtCW6wuFPvYARgGGCavPn/Hn2V0LWIo2VRpHizK9DbpFRU0ofvr3nJZKq+H45w
|
||||||
|
WXmJLalTYyYnu6rwW7zmkbS30mMQ7J5aBawRNK5opSgbRp0eQt0ynyTgeJgqmACK
|
||||||
|
gaUQmP5gD9lXDNdROqMjwANcMdU57NDRGWzASx01r+0LLaUX4NzTPlnOYldRPn0z
|
||||||
|
JnhHj8Wsg0csCS86vOCTNXVKXHcRIUL5FaLf+8MrSHrs8WR4CN4AHLuprwthtQyV
|
||||||
|
2nacKYU2Ke9STDjLkJSCmx/o8ZLfQPFLSCr1SjyYQzm21MOIZw==
|
||||||
|
</ds:X509Certificate>
|
||||||
|
</ds:X509Data>
|
||||||
|
</ds:KeyInfo>
|
||||||
|
<md:EncryptionMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
|
||||||
|
<md:EncryptionMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmlenc#aes192-cbc"/>
|
||||||
|
<md:EncryptionMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
|
||||||
|
<md:EncryptionMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
|
||||||
|
<md:EncryptionMethod
|
||||||
|
Algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
|
||||||
|
<md:EncryptionMethod
|
||||||
|
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
|
||||||
|
</md:KeyDescriptor>
|
||||||
|
<md:ArtifactResolutionService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/Artifact/SOAP"
|
||||||
|
index="1"/>
|
||||||
|
<md:ArtifactResolutionService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/Artifact/SOAP"
|
||||||
|
index="2"/>
|
||||||
|
<md:SingleLogoutService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SLO/SOAP"/>
|
||||||
|
<md:SingleLogoutService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SLO/Redirect"/>
|
||||||
|
<md:SingleLogoutService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SLO/POST"/>
|
||||||
|
<md:SingleLogoutService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SLO/Artifact"/>
|
||||||
|
<md:ManageNameIDService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/NIM/SOAP"/>
|
||||||
|
<md:ManageNameIDService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/NIM/Redirect"/>
|
||||||
|
<md:ManageNameIDService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/NIM/POST"/>
|
||||||
|
<md:ManageNameIDService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/NIM/Artifact"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/POST"
|
||||||
|
index="1"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/POST-SimpleSign"
|
||||||
|
index="2"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/Artifact"
|
||||||
|
index="3"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/ECP"
|
||||||
|
index="4"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML/POST"
|
||||||
|
index="5"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML/Artifact"
|
||||||
|
index="6"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/POST"
|
||||||
|
index="7"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST-SimpleSign"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/POST-SimpleSign"
|
||||||
|
index="8"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/Artifact"
|
||||||
|
index="9"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:2.0:bindings:PAOS"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML2/ECP"
|
||||||
|
index="10"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:1.0:profiles:browser-post"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML/POST"
|
||||||
|
index="11"/>
|
||||||
|
<md:AssertionConsumerService
|
||||||
|
Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01"
|
||||||
|
Location="https://akka-anv.uu.se/Shibboleth.sso/SAML/Artifact"
|
||||||
|
index="12"/>
|
||||||
|
</md:SPSSODescriptor>
|
||||||
|
</md:EntityDescriptor>
|
Loading…
Reference in New Issue