openstack/deb-python-pysaml2
Code Issues Proposed changes

Configurations using the new format

Browse Source
This commit is contained in:
Roland Hedberg
2011-03-19 12:47:02 +01:00
parent 8545925c7c
commit 78770ad6f5
12 changed files with 551 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

45
tests/aa_conf.py Normal file
View File

@@ -0,0 +1,45 @@
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, NAME_FORMAT_URI
BASE = "http://localhost:8089/"
CONFIG={
"service":{
"aa":{
"endpoints" : {
"attribute_service" : [(BASE + "as", BINDING_HTTP_REDIRECT)],
"single_logout_service": [(BASE+"slo", BINDING_SOAP)]
},
"release_policy": {
"default": {
"lifetime": {"minutes":15},
"attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI,
},
},
"subject_data": "aa.db",
}
},
"entityid" : BASE+ "aa",
"name" : "Rolands AA",
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["metadata.xml", "vo_metadata.xml"],
},
"attribute_map_dir" : "attributemaps",
"organization": {
"name": "Exempel AB",
"display_name": [("Exempel AB","se"),("Example Co.","en")],
"url":"http://www.example.com/roland",
},
"contact_person": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": ["john.smith@example.com"],
"contact_type": "technical",
},
],
}

5
tests/attributemaps/urn:oasis:names:tc:SAML:2.0:attrname-format:uri/to.py
View File

@@ -51,6 +51,7 @@
'generationQualifier': 'urn:oid:2.5.4.44',
'eduPersonAffiliation': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.1',
'eduPersonPrincipalName': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6',
'edupersonprincipalname': 'urn:oid:1.3.6.1.4.1.5923.1.1.1.6',
'localityName': 'urn:oid:2.5.4.7',
'owner': 'urn:oid:2.5.4.32',
'norEduOrgUnitUniqueNumber': 'urn:oid:1.3.6.1.4.1.2428.90.1.2',
@@ -95,6 +96,6 @@
'presentationAddress': 'urn:oid:2.5.4.29',
'sn': 'urn:oid:2.5.4.4',
'domainComponent': 'urn:oid:0.9.2342.19200300.100.1.25',
'labeledURI': 'urn:oud:1.3.6.1.4.1.250.1.57',
'uid': 'urn:oud:0.9.2342.19200300.100.1.1'
'labeledURI': 'urn:oid:1.3.6.1.4.1.250.1.57',
'uid': 'urn:oid:0.9.2342.19200300.100.1.1'
}

55
tests/idp_conf.py Normal file
View File

@@ -0,0 +1,55 @@
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:idp",
"name" : "Rolands IdP",
"service": {
"idp": {
"endpoints" : {
"single_sign_on_service" : [
("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)],
"single_logout_service": [
("http://localhost:8088/slo", BINDING_SOAP),
("http://localhost:8088/slop",BINDING_HTTP_POST)]
},
"policy": {
"default": {
"lifetime": {"minutes":15},
"attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI,
},
"urn:mace:example.com:saml:roland:sp": {
"lifetime": {"minutes": 5},
"nameid_format": NAMEID_FORMAT_PERSISTENT,
# "attribute_restrictions":{
# "givenName": None,
# "surName": None,
# }
}
},
"subject_data": "subject_data.db",
},
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["metadata.xml", "vo_metadata.xml"],
},
"attribute_map_dir" : "attributemaps",
"organization": {
"name": "Exempel AB",
"display_name": [("Exempel AB","se"),("Example Co.","en")],
"url":"http://www.example.com/roland",
},
"contact_person": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": ["john.smith@example.com"],
"contact_type": "technical",
},
],
}

50
tests/idp_slo_redirect_conf.py Normal file
View File

@@ -0,0 +1,50 @@
from saml2 import BINDING_HTTP_REDIRECT
from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:idp",
"name" : "Rolands IdP",
"service": {
"idp": {
"endpoints" : {
"single_sign_on_service" : [
("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)],
"single_logout_service": [
("http://localhost:8088/slo", BINDING_HTTP_REDIRECT)]
},
"policy": {
"default": {
"lifetime": {"minutes":15},
"attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI
},
"urn:mace:example.com:saml:roland:sp": {
"lifetime": {"minutes": 5},
"nameid_format": NAMEID_FORMAT_PERSISTENT,
}
},
"subject_data": "subject_data.db",
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["sp_slo_redirect.xml"],
},
"attribute_map_dir" : "attributemaps",
"organization": {
"name": "Exempel AB",
"display_name": [("Exempel AB","se"),("Example Co.","en")],
"url":"http://www.example.com/roland",
},
"contact_person": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": ["john.smith@example.com"],
"contact_type": "technical",
},
],
}

54
tests/idp_soap_conf.py Normal file
View File

@@ -0,0 +1,54 @@
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT
from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI
CONFIG={
"entityid" : "urn:mace:example.com:saml:roland:idp",
"name" : "Rolands IdP",
"service": {
"idp": {
"endpoints" : {
"single_sign_on_service" : [
("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)],
"single_logout_service": [
("http://localhost:8088/slo", BINDING_SOAP)]
},
"policy": {
"default": {
"lifetime": {"minutes":15},
"attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI,
},
"urn:mace:example.com:saml:roland:sp": {
"lifetime": {"minutes": 5},
"nameid_format": NAMEID_FORMAT_PERSISTENT,
# "attribute_restrictions":{
# "givenName": None,
# "surName": None,
# }
}
},
"subject_data": "subject_data.db",
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["metadata.xml", "vo_metadata.xml"],
},
"attribute_map_dir" : "attributemaps",
"organization": {
"name": "Exempel AB",
"display_name": [("Exempel AB","se"),("Example Co.","en")],
"url":"http://www.example.com/roland",
},
"contact_person": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": ["john.smith@example.com"],
"contact_type": "technical",
},
],
}

67
tests/idp_sp_conf.py Normal file
View File

@@ -0,0 +1,67 @@
__author__ = 'rolandh'
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI
BASE = "http://localhost:8088/"
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:idp",
"name" : "Rolands IdP",
"service": {
"idp": {
"endpoints" : {
"single_sign_on_service" : [
(BASE+"sso", BINDING_HTTP_REDIRECT)],
"single_logout_service": [
(BASE+"slo", BINDING_SOAP),
(BASE+"slop",BINDING_HTTP_POST)]
},
"policy": {
"default": {
"lifetime": {"minutes":15},
"attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI,
},
"urn:mace:example.com:saml:roland:sp": {
"lifetime": {"minutes": 5},
"nameid_format": NAMEID_FORMAT_PERSISTENT,
# "attribute_restrictions":{
# "givenName": None,
# "surName": None,
# }
}
},
"subject_data": "subject_data.db",
},
"sp": {
"endpoints":{
"assertion_consumer_service": [(BASE, BINDING_HTTP_REDIRECT)
],
},
"required_attributes": ["surName", "givenName", "mail"],
"optional_attributes": ["title"],
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["metadata.xml", "vo_metadata.xml"],
},
"attribute_map_dir" : "attributemaps",
"organization": {
"name": "Exempel AB",
"display_name": [("Exempel AB","se"),("Example Co.","en")],
"url":"http://www.example.com/roland",
},
"contact_person": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": ["john.smith@example.com"],
"contact_type": "technical",
},
],
}

42
tests/restrictive_idp_conf.py Normal file
View File

@@ -0,0 +1,42 @@
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT
from saml2.saml import NAME_FORMAT_URI
BASE = "http://localhost:8089/"
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:idpr",
"name" : "Rolands restrictied IdP",
"service": {
"idp": {
"endpoints" : {
"single_sign_on_service" : [
(BASE+"sso", BINDING_HTTP_REDIRECT)],
"attribute_service" : [
(BASE+"aa", BINDING_SOAP)],
},
"policy": {
"default": {
"lifetime": {"minutes":15},
"name_form": NAME_FORMAT_URI
},
"urn:mace:example.com:saml:roland:sp": {
"lifetime": {"minutes": 5},
"attribute_restrictions":{
"givenName": None,
"surName": None,
"mail": [".*@example.com"],
"eduPersonAffiliation": ["(employee|staff|faculty)"],
}
}
},
"subject_data": "subject_data.db",
}
},
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["sp_0.metadata"],
},
"attribute_map_dir" : "attributemaps",
}

46
tests/server2_conf.py Normal file
View File

@@ -0,0 +1,46 @@
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:sp",
"name" : "urn:mace:example.com:saml:roland:sp",
"description": "My own SP",
"service": {
"sp": {
"endpoints":{
"assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
},
"required_attributes": ["surName", "givenName", "mail"],
"optional_attributes": ["title"],
"idp":{
"urn:mace:example.com:saml:roland:idp":None,
},
"subject_data": "subject_data.db",
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["idp_soap.xml", "vo_metadata.xml"],
},
"virtual_organization" : {
"urn:mace:example.com:it:tek":{
"nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
"common_identifier": "umuselin",
}
},
"accepted_time_diff": 60,
"attribute_map_dir" : "attributemaps",
"organization": {
"name": ("AB Exempel", "se"),
"display_name": ("AB Exempel", "se"),
"url": "http://www.example.org",
},
"contact_person": [{
"given_name": "Roland",
"sur_name": "Hedberg",
"telephone_number": "+46 70 100 0000",
"email_address": ["tech@example.com", "tech@example.org"],
"contact_type": "technical"
},
]
}

46
tests/server3_conf.py Normal file
View File

@@ -0,0 +1,46 @@
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:sp",
"name" : "urn:mace:example.com:saml:roland:sp",
"description": "My own SP",
"service": {
"sp": {
"endpoints":{
"assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
},
"required_attributes": ["surName", "givenName", "mail"],
"optional_attributes": ["title"],
"idp":{
"urn:mace:example.com:saml:roland:idp":None,
},
"subject_data": "subject_data.db",
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["idp_aa.xml", "vo_metadata.xml"],
},
"virtual_organization" : {
"urn:mace:example.com:it:tek":{
"nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
"common_identifier": "umuselin",
}
},
"accepted_time_diff": 60,
"attribute_map_dir" : "attributemaps",
"organization": {
"name": ("AB Exempel", "se"),
"display_name": ("AB Exempel", "se"),
"url": "http://www.example.org",
},
"contact_person": [{
"given_name": "Roland",
"sur_name": "Hedberg",
"telephone_number": "+46 70 100 0000",
"email_address": ["tech@example.com", "tech@example.org"],
"contact_type": "technical"
},
]
}

44
tests/server_conf.py Normal file
View File

@@ -0,0 +1,44 @@
CONFIG={
"entityid" : "urn:mace:example.com:saml:roland:sp",
"name" : "urn:mace:example.com:saml:roland:sp",
"description": "My own SP",
"service": {
"sp": {
"endpoints":{
"assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
},
"required_attributes": ["surName", "givenName", "mail"],
"optional_attributes": ["title"],
"idp": {"urn:mace:example.com:saml:roland:idp":None},
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["idp.xml", "vo_metadata.xml"],
},
"virtual_organization" : {
"urn:mace:example.com:it:tek":{
"nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
"common_identifier": "umuselin",
}
},
"subject_data": "subject_data.db",
"accepted_time_diff": 60,
"attribute_map_dir" : "attributemaps",
"organization": {
"name": ("AB Exempel", "se"),
"display_name": ("AB Exempel", "se"),
"url": "http://www.example.org",
},
"contact_person": [{
"given_name": "Roland",
"sur_name": "Hedberg",
"telephone_number": "+46 70 100 0000",
"email_address": ["tech@eample.com", "tech@example.org"],
"contact_type": "technical"
},
]
}

45
tests/sp_1_conf.py Normal file
View File

@@ -0,0 +1,45 @@
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:sp",
"name" : "urn:mace:example.com:saml:roland:sp",
"description": "My own SP",
"service": {
"sp": {
"endpoints":{
"assertion_consumer_service": ["http://lingon.catalogix.se:8087/"],
},
"required_attributes": ["surName", "givenName", "mail"],
"optional_attributes": ["title"],
"idp": ["urn:mace:example.com:saml:roland:idp"],
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["idp.xml", "vo_metadata.xml"],
},
"virtual_organization" : {
"urn:mace:example.com:it:tek":{
"nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
"common_identifier": "umuselin",
}
},
"subject_data": "subject_data.db",
"accepted_time_diff": 60,
"attribute_map_dir" : "attributemaps",
"organization": {
"name": ("AB Exempel", "se"),
"display_name": ("AB Exempel", "se"),
"url": "http://www.example.org",
},
"contact_person": [{
"given_name": "Roland",
"sur_name": "Hedberg",
"telephone_number": "+46 70 100 0000",
"email_address": ["tech@eample.com", "tech@example.org"],
"contact_type": "technical"
},
],
"secret": "0123456789",
}

54
tests/sp_slo_redirect_conf.py Normal file
View File

@@ -0,0 +1,54 @@
from saml2 import BINDING_HTTP_REDIRECT
from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI
HOME = "http://lingon.catalogix.se:8087/"
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:sp",
"name" : "urn:mace:example.com:saml:roland:sp",
"description": "My own SP",
"service": {
"sp": {
"endpoints":{
"assertion_consumer_service": [
(HOME, BINDING_HTTP_REDIRECT)],
"single_logout_service" : [
(HOME+"slo",BINDING_HTTP_REDIRECT)],
},
"required_attributes": ["surName", "givenName", "mail"],
"optional_attributes": ["title"],
"idp":{
"urn:mace:example.com:saml:roland:idp":None,
},
"subject_data": "subject_data.db",
}
},
"debug" : 1,
"key_file" : "test.key",
"cert_file" : "test.pem",
"xmlsec_binary" : "/usr/local/bin/xmlsec1",
"metadata": {
"local": ["idp_slo_redirect.xml"],
},
"virtual_organization" : {
"urn:mace:example.com:it:tek":{
"nameid_format" : "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID",
"common_identifier": "umuselin",
}
},
"accepted_time_diff": 60,
"attribute_map_dir" : "attributemaps",
"organization": {
"name": ("AB Exempel", "se"),
"display_name": ("AB Exempel", "se"),
"url": "http://www.example.org",
},
"contact_person": [{
"given_name": "Roland",
"sur_name": "Hedberg",
"telephone_number": "+46 70 100 0000",
"email_address": ["tech@eample.com", "tech@example.org"],
"contact_type": "technical"
},
]
}