Changed method arguments

2013-01-12 15:54:43 +01:00 · 2013-01-12 15:54:43 +01:00 · 536b8373b3
commit 536b8373b3
parent 4e0e8b952f
9 changed files with 74 additions and 35 deletions
--- a/example/idp/idp.py
+++ b/example/idp/idp.py
@ -115,7 +115,7 @@ def sso(environ, start_response, user):
        _binding = req.message.protocol_binding

    try:
-        resp_args = IDP.response_args(req.message, [_binding], "spsso")
+        resp_args = IDP.response_args(req.message, [_binding])
    except Exception:
        raise

--- a/example/idp2/idp.py
+++ b/example/idp2/idp.py
@ -97,8 +97,7 @@ def _sso(environ, start_response, query, binding, user):

    # base 64 encoded request
    req_info = IDP.parse_authn_request(query["SAMLRequest"][0], binding=binding)
-    resp_args = IDP.response_args(req_info.message, [BINDING_HTTP_POST],
-                                  descr_type="spsso")
+    resp_args = IDP.response_args(req_info.message, [BINDING_HTTP_POST])
    logger.info("parsed OK")
    logger.info("%s" % req_info)

--- a/src/saml2/client_base.py
+++ b/src/saml2/client_base.py
@ -399,17 +399,17 @@ class Base(Entity):
                             sign, subject=subject, session_index=session_index,
                             requested_authn_context=authn_context)

-    def create_nameid_mapping_request(self, nameid_policy,
-                                      nameid=None, baseid=None,
-                                      encryptedid=None, destination=None,
+    def create_nameid_mapping_request(self, name_id_policy,
+                                      name_id=None, base_id=None,
+                                      encrypted_id=None, destination=None,
                                      id=0, consent=None, extensions=None,
                                      sign=False):
        """

-        :param nameid_policy:
-        :param nameid:
-        :param baseid:
-        :param encryptedid:
+        :param name_id_policy:
+        :param name_id:
+        :param base_id:
+        :param encrypted_id:
        :param destination:
        :param id: Message identifier
        :param consent: If the principal gave her consent to this request
@ -419,20 +419,20 @@ class Base(Entity):
        """

        # One of them must be present
-        assert nameid or baseid or encryptedid
+        assert name_id or base_id or encrypted_id

-        if nameid:
+        if name_id:
            return self._message(NameIDMappingRequest, destination, id, consent,
-                                 extensions, sign, nameid_policy=nameid_policy,
-                                 nameid=nameid)
-        elif baseid:
+                                 extensions, sign, name_id_policy=name_id_policy,
+                                 name_id=name_id)
+        elif base_id:
            return self._message(NameIDMappingRequest, destination, id, consent,
-                                 extensions, sign, nameid_policy=nameid_policy,
-                                 baseid=baseid)
+                                 extensions, sign, name_id_policy=name_id_policy,
+                                 base_id=base_id)
        else:
            return self._message(NameIDMappingRequest, destination, id, consent,
-                                 extensions, sign, nameid_policy=nameid_policy,
-                                 encryptedid=encryptedid)
+                                 extensions, sign, name_id_policy=name_id_policy,
+                                 encrypted_id=encrypted_id)

    def create_manage_nameid_request(self):
        pass
--- a/src/saml2/entity.py
+++ b/src/saml2/entity.py
@ -17,7 +17,7 @@ from saml2.s_utils import sid
 from saml2.s_utils import rndstr
 from saml2.s_utils import success_status_factory
 from saml2.s_utils import decode_base64_and_inflate
-from saml2.samlp import AuthnRequest, AssertionIDRequest
+from saml2.samlp import AuthnRequest, AssertionIDRequest, ManageNameIDRequest, NameIDMappingRequest
 from saml2.samlp import artifact_resolve_from_string
 from saml2.samlp import ArtifactResolve
 from saml2.samlp import ArtifactResponse
@ -156,7 +156,7 @@ class Entity(HTTPBase):

        raise Exception("Unkown entity or unsupported bindings")

-    def response_args(self, message, bindings, descr_type):
+    def response_args(self, message, bindings):
        info = {"in_response_to": message.id}
        if isinstance(message, AuthnRequest):
            rsrv = "assertion_consumer_service"
@ -166,14 +166,23 @@ class Entity(HTTPBase):
            rsrv = "single_logout_service"
        elif isinstance(message, AttributeQuery):
            rsrv = "attribute_consuming_service"
+        elif isinstance(message, ManageNameIDRequest):
+            rsrv = "manage_name_id_service"
+        # The once below are solely SOAP
        elif isinstance(message, ArtifactResolve):
            rsrv = ""
        elif isinstance(message, AssertionIDRequest):
            rsrv = ""
+        elif isinstance(message, NameIDMappingRequest):
+            rsrv = ""
        else:
            raise Exception("No support for this type of query")

        if rsrv:
+            if self.entity_type == "sp":
+                descr_type = "idpsso"
+            else:
+                descr_type = "spsso"
            binding, destination = self.pick_binding(bindings, rsrv,
                                                     descr_type=descr_type,
                                                     request=message)
@ -397,9 +406,10 @@ class Entity(HTTPBase):
        :return: HTTP args
        """

-        rinfo = self.response_args(request, bindings, descr_type="spsso")
+        rinfo = self.response_args(request, bindings)
+
        response = self._status_response(samlp.LogoutResponse, issuer, status,
-                                         sign=False, **rinfo)
+                                         sign, **rinfo)

        logger.info("Response: %s" % (response,))

@ -431,7 +441,7 @@ class Entity(HTTPBase):
        :return:
        """

-        rinfo = self.response_args(request, bindings, descr_type="spsso")
+        rinfo = self.response_args(request, bindings)
        response = self._status_response(ArtifactResponse, issuer, status,
                                         sign=False, **rinfo)

@ -442,6 +452,21 @@ class Entity(HTTPBase):

        return response

+    def create_manage_name_id_request(self):
+        pass
+
+    def create_manage_name_id_response(self, request, bindings, status=None,
+                                       sign=False, issuer=None):
+
+        rinfo = self.response_args(request, bindings)
+
+        response = self._status_response(samlp.LogoutResponse, issuer, status,
+                                         sign=False, **rinfo)
+
+        logger.info("Response: %s" % (response,))
+
+        return response
+
    # ------------------------------------------------------------------------

    def _parse_response(self, xmlstr, response_cls, service, binding, **kwargs):
--- a/src/saml2/metadata.py
+++ b/src/saml2/metadata.py
@ -252,9 +252,7 @@ ENDPOINTS = {
        "artifact_resolution_service": (md.ArtifactResolutionService, True),
        "single_logout_service": (md.SingleLogoutService, False),
        "manage_name_id_service": (md.ManageNameIDService, False),
-
        "assertion_id_request_service": (md.AssertionIDRequestService, False),
-
        "attribute_service": (md.AttributeService, False)
    },
    "pdp": {
--- a/tests/fakeIDP.py
+++ b/tests/fakeIDP.py
@ -89,7 +89,7 @@ class FakeIDP(Server):
            _binding = req.message.protocol_binding

        try:
-            resp_args = self.response_args(req.message, [_binding], "spsso")
+            resp_args = self.response_args(req.message, [_binding])
        except Exception:
            raise

--- a/tests/idp_all_conf.py
+++ b/tests/idp_all_conf.py
@ -1,4 +1,7 @@
-from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
+from saml2 import BINDING_SOAP
+from saml2 import BINDING_HTTP_REDIRECT
+from saml2 import BINDING_HTTP_POST
+from saml2 import BINDING_HTTP_ARTIFACT
 from saml2.saml import NAMEID_FORMAT_PERSISTENT
 from saml2.saml import NAME_FORMAT_URI

@ -36,11 +39,14 @@ CONFIG = {
        "idp": {
            "endpoints" : {
                "single_sign_on_service" : [
-                    ("%s/sso" % BASE, BINDING_HTTP_REDIRECT),
-                    ("%s/ssop" % BASE, BINDING_HTTP_POST)],
+                    ("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT),
+                    ("%s/sso/post" % BASE, BINDING_HTTP_POST),
+                    ("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT)
+                ],
                "single_logout_service": [
-                    ("%s/slo" % BASE, BINDING_SOAP),
-                    ("%s/slop" % BASE, BINDING_HTTP_POST)],
+                    ("%s/slo/soap" % BASE, BINDING_SOAP),
+                    ("%s/slo/post" % BASE, BINDING_HTTP_POST)
+                ],
                "artifact_resolution_service":[
                    ("%s/ars" % BASE, BINDING_SOAP)
                ],
@ -49,6 +55,18 @@ CONFIG = {
                ],
                "authn_query_service": [
                    ("%s/aqs" % BASE, BINDING_SOAP)
+                ],
+                "manage_name_id_service":[
+                    ("%s/mni/soap" % BASE, BINDING_SOAP),
+                    ("%s/mni/post" % BASE, BINDING_HTTP_POST),
+                    ("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT),
+                    ("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT)
+                ],
+                "name_id_mapping_service":[
+                    ("%s/nim/soap" % BASE, BINDING_SOAP),
+                    ("%s/nim/post" % BASE, BINDING_HTTP_POST),
+                    ("%s/nim/redirect" % BASE, BINDING_HTTP_REDIRECT),
+                    ("%s/nim/art" % BASE, BINDING_HTTP_ARTIFACT)
                ]
            },
            "policy": {
--- a/tests/test_50_server.py
+++ b/tests/test_50_server.py
@ -187,8 +187,7 @@ class TestServer1():
        req = self.server.parse_authn_request(intermed)
        # returns a dictionary
        print req
-        resp_args = self.server.response_args(req.message, [BINDING_HTTP_POST],
-                                              descr_type="spsso")
+        resp_args = self.server.response_args(req.message, [BINDING_HTTP_POST])
        assert resp_args["destination"] == "http://lingon.catalogix.se:8087/"
        assert resp_args["in_response_to"] == "id1"
        name_id_policy = resp_args["name_id_policy"]
--- a/tests/test_64_artifact.py
+++ b/tests/test_64_artifact.py
@ -123,7 +123,7 @@ def test_artifact_flow():

    name_id = idp.ident.transient_nameid(sp.config.entityid, "derek")

-    resp_args = idp.response_args(spreq, [BINDING_HTTP_POST], "spsso")
+    resp_args = idp.response_args(spreq, [BINDING_HTTP_POST])

    response = idp.create_authn_response({"eduPersonEntitlement": "Short stop",
                                          "surName": "Jeter", "givenName": "Derek",