openstack/deb-python-pysaml2
Code Issues Proposed changes

If SP metadata indicates "want_assertions_signed", then verify that they are signed.

Browse Source
This commit is contained in:
Andrew Wason
2013-09-17 09:29:26 -04:00
parent ecce3c5029
commit 807d59617f
2 changed files with 15 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
src/saml2/client_base.py
View File

@@ -118,15 +118,13 @@ class Base(Entity):
self.state = state_cache self.state = state_cache
for foo in ["allow_unsolicited", "authn_requests_signed", for foo in ["allow_unsolicited", "authn_requests_signed",
"logout_requests_signed"]: "logout_requests_signed", "want_assertions_signed"]:
if self.config.getattr(foo, "sp") == 'true': v = self.config.getattr(foo, "sp")
if v is True or v == 'true':
setattr(self, foo, True) setattr(self, foo, True)
else: else:
setattr(self, foo, False) setattr(self, foo, False)
# extra randomness
self.allow_unsolicited = self.config.getattr("allow_unsolicited", "sp")
self.artifact2response = {} self.artifact2response = {}
self.logout_requests_signed = False self.logout_requests_signed = False
@@ -510,6 +508,7 @@ class Base(Entity):
kwargs = { kwargs = {
"outstanding_queries": outstanding, "outstanding_queries": outstanding,
"allow_unsolicited": self.allow_unsolicited, "allow_unsolicited": self.allow_unsolicited,
"want_assertions_signed": self.want_assertions_signed,
"return_addr": self.service_url(), "return_addr": self.service_url(),
"entity_id": self.config.entityid, "entity_id": self.config.entityid,
"attribute_converters": self.config.attribute_converters, "attribute_converters": self.config.attribute_converters,

18
src/saml2/response.py
View File

@@ -221,7 +221,7 @@ def for_me(conditions, myself):
def authn_response(conf, return_addr, outstanding_queries=None, timeslack=0, def authn_response(conf, return_addr, outstanding_queries=None, timeslack=0,
asynchop=True, allow_unsolicited=False): asynchop=True, allow_unsolicited=False, want_assertions_signed=False):
sec = security_context(conf) sec = security_context(conf)
if not timeslack: if not timeslack:
try: try:
@@ -231,7 +231,8 @@ def authn_response(conf, return_addr, outstanding_queries=None, timeslack=0,
return AuthnResponse(sec, conf.attribute_converters, conf.entityid, return AuthnResponse(sec, conf.attribute_converters, conf.entityid,
return_addr, outstanding_queries, timeslack, return_addr, outstanding_queries, timeslack,
asynchop=asynchop, allow_unsolicited=allow_unsolicited) asynchop=asynchop, allow_unsolicited=allow_unsolicited,
want_assertions_signed=want_assertions_signed)
# comes in over SOAP so synchronous # comes in over SOAP so synchronous
@@ -266,6 +267,7 @@ class StatusResponse(object):
self.not_on_or_after = 0 self.not_on_or_after = 0
self.in_response_to = None self.in_response_to = None
self.signature_check = self.sec.correctly_signed_response self.signature_check = self.sec.correctly_signed_response
self.require_signature = False
self.not_signed = False self.not_signed = False
self.asynchop = asynchop self.asynchop = asynchop
@@ -316,7 +318,7 @@ class StatusResponse(object):
logger.debug("xmlstr: %s" % (self.xmlstr,)) logger.debug("xmlstr: %s" % (self.xmlstr,))
try: try:
self.response = self.signature_check(xmldata, origdoc=origxml) self.response = self.signature_check(xmldata, origdoc=origxml, must=self.require_signature)
except TypeError: except TypeError:
raise raise
except SignatureError: except SignatureError:
@@ -449,7 +451,7 @@ class AuthnResponse(StatusResponse):
def __init__(self, sec_context, attribute_converters, entity_id, def __init__(self, sec_context, attribute_converters, entity_id,
return_addr=None, outstanding_queries=None, return_addr=None, outstanding_queries=None,
timeslack=0, asynchop=True, allow_unsolicited=False, timeslack=0, asynchop=True, allow_unsolicited=False,
test=False, allow_unknown_attributes=False, test=False, allow_unknown_attributes=False, want_assertions_signed=False,
**kwargs): **kwargs):
StatusResponse.__init__(self, sec_context, return_addr, timeslack, StatusResponse.__init__(self, sec_context, return_addr, timeslack,
@@ -466,6 +468,7 @@ class AuthnResponse(StatusResponse):
self.assertion = None self.assertion = None
self.session_not_on_or_after = 0 self.session_not_on_or_after = 0
self.allow_unsolicited = allow_unsolicited self.allow_unsolicited = allow_unsolicited
self.require_signature = want_assertions_signed
self.test = test self.test = test
self.allow_unknown_attributes = allow_unknown_attributes self.allow_unknown_attributes = allow_unknown_attributes
# #
@@ -488,7 +491,7 @@ class AuthnResponse(StatusResponse):
raise UnsolicitedResponse("Unsolicited response: %s" % self.in_response_to) raise UnsolicitedResponse("Unsolicited response: %s" % self.in_response_to)
return self return self
def clear(self): def clear(self):
self._clear() self._clear()
self.came_from = "" self.came_from = ""
@@ -934,7 +937,7 @@ class ArtifactResponse(AuthnResponse):
def response_factory(xmlstr, conf, return_addr=None, outstanding_queries=None, def response_factory(xmlstr, conf, return_addr=None, outstanding_queries=None,
timeslack=0, decode=True, request_id=0, origxml=None, timeslack=0, decode=True, request_id=0, origxml=None,
asynchop=True, allow_unsolicited=False): asynchop=True, allow_unsolicited=False, want_assertions_signed=False):
sec_context = security_context(conf) sec_context = security_context(conf)
if not timeslack: if not timeslack:
try: try:
@@ -955,7 +958,8 @@ def response_factory(xmlstr, conf, return_addr=None, outstanding_queries=None,
entity_id, return_addr, entity_id, return_addr,
outstanding_queries, timeslack, asynchop, outstanding_queries, timeslack, asynchop,
allow_unsolicited, allow_unsolicited,
extension_schema=extension_schema) extension_schema=extension_schema,
want_assertions_signed=want_assertions_signed)
authnresp.update(response) authnresp.update(response)
return authnresp return authnresp
except TypeError: except TypeError: