diff --git a/src/saml2/attributemaps/adfs_v1x.py b/src/saml2/attributemaps/adfs_v1x.py index b0b8d32..0f8d01a 100644 --- a/src/saml2/attributemaps/adfs_v1x.py +++ b/src/saml2/attributemaps/adfs_v1x.py @@ -1,20 +1,18 @@ -# See http://technet.microsoft.com/en-us/library/cc733065(v=ws.10).aspx -# and http://technet.microsoft.com/en-us/library/ee913589(v=ws.10).aspx -# for information regarding the default claim types supported by -# Microsoft ADFS v1.x. +CLAIMS = 'http://schemas.xmlsoap.org/claims/' + MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified", - "fro": { - 'http://schemas.xmlsoap.org/claims/commonname': 'commonName', - 'http://schemas.xmlsoap.org/claims/emailaddress': 'emailAddress', - 'http://schemas.xmlsoap.org/claims/group': 'group', - 'http://schemas.xmlsoap.org/claims/upn': 'upn', - }, - "to": { - 'commonName': 'http://schemas.xmlsoap.org/claims/commonname', - 'emailAddress': 'http://schemas.xmlsoap.org/claims/emailaddress', - 'group': 'http://schemas.xmlsoap.org/claims/group', - 'upn': 'http://schemas.xmlsoap.org/claims/upn', + 'fro': { + CLAIMS+'commonname': 'commonName', + CLAIMS+'emailaddress': 'emailAddress', + CLAIMS+'group': 'group', + CLAIMS+'upn': 'upn', + }, + 'to': { + 'commonName': CLAIMS+'commonname', + 'emailAddress': CLAIMS+'emailaddress', + 'group': CLAIMS+'group', + 'upn': CLAIMS+'upn', } } diff --git a/src/saml2/attributemaps/adfs_v20.py b/src/saml2/attributemaps/adfs_v20.py index f1d35ef..94150d0 100644 --- a/src/saml2/attributemaps/adfs_v20.py +++ b/src/saml2/attributemaps/adfs_v20.py @@ -1,47 +1,49 @@ -# See http://technet.microsoft.com/en-us/library/ee913589(v=ws.10).aspx -# for information regarding the default claim types supported by -# Microsoft ADFS v2.0. +CLAIMS = 'http://schemas.xmlsoap.org/claims/' +COM_WS_CLAIMS = 'http://schemas.xmlsoap.com/ws/2005/05/identity/claims/' +MS_CLAIMS = 'http://schemas.microsoft.com/ws/2008/06/identity/claims/' +ORG_WS_CLAIMS = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/' + MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified", - "fro": { - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': 'emailAddress', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname': 'givenName', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name': 'name', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn': 'upn', - 'http://schemas.xmlsoap.org/claims/commonname': 'commonName', - 'http://schemas.xmlsoap.org/claims/group': 'group', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/role': 'role', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname': 'surname', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier': 'privatePersonalId', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier': 'nameId', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod': 'authenticationMethod', - 'http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid': 'denyOnlySid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid': 'denyOnlyPrimarySid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid': 'denyOnlyPrimaryGroupSid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid': 'groupSid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid': 'primaryGroupSid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid': 'primarySid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname': 'windowsAccountName', - }, - "to": { - 'emailAddress': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress', - 'givenName': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname', - 'name': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name', - 'upn': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn', - 'commonName': 'http://schemas.xmlsoap.org/claims/commonname', - 'group': 'http://schemas.xmlsoap.org/claims/group', - 'role': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/role', - 'surname': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname', - 'privatePersonalId': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier', - 'nameId': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier', - 'authenticationMethod': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod', - 'denyOnlySid': 'http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid', - 'denyOnlyPrimarySid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid', - 'denyOnlyPrimaryGroupSid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid', - 'groupSid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid', - 'primaryGroupSid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid', - 'primarySid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid', - 'windowsAccountName': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname', + 'fro': { + CLAIMS+'commonname': 'commonName', + CLAIMS+'group': 'group', + COM_WS_CLAIMS+'denyonlysid': 'denyOnlySid', + MS_CLAIMS+'authenticationmethod': 'authenticationMethod', + MS_CLAIMS+'denyonlyprimarygroupsid': 'denyOnlyPrimaryGroupSid', + MS_CLAIMS+'denyonlyprimarysid': 'denyOnlyPrimarySid', + MS_CLAIMS+'groupsid': 'groupSid', + MS_CLAIMS+'primarygroupsid': 'primaryGroupSid', + MS_CLAIMS+'primarysid': 'primarySid', + MS_CLAIMS+'role': 'role', + MS_CLAIMS+'windowsaccountname': 'windowsAccountName', + ORG_WS_CLAIMS+'emailaddress': 'emailAddress', + ORG_WS_CLAIMS+'givenname': 'givenName', + ORG_WS_CLAIMS+'name': 'name', + ORG_WS_CLAIMS+'nameidentifier': 'nameId', + ORG_WS_CLAIMS+'privatepersonalidentifier': 'privatePersonalId', + ORG_WS_CLAIMS+'surname': 'surname', + ORG_WS_CLAIMS+'upn': 'upn', + }, + 'to': { + 'authenticationMethod': MS_CLAIMS+'authenticationmethod', + 'commonName': CLAIMS+'commonname', + 'denyOnlyPrimaryGroupSid': MS_CLAIMS+'denyonlyprimarygroupsid', + 'denyOnlyPrimarySid': MS_CLAIMS+'denyonlyprimarysid', + 'denyOnlySid': COM_WS_CLAIMS+'denyonlysid', + 'emailAddress': ORG_WS_CLAIMS+'emailaddress', + 'givenName': ORG_WS_CLAIMS+'givenname', + 'group': CLAIMS+'group', + 'groupSid': MS_CLAIMS+'groupsid', + 'name': ORG_WS_CLAIMS+'name', + 'nameId': ORG_WS_CLAIMS+'nameidentifier', + 'primaryGroupSid': MS_CLAIMS+'primarygroupsid', + 'primarySid': MS_CLAIMS+'primarysid', + 'privatePersonalId': ORG_WS_CLAIMS+'privatepersonalidentifier', + 'role': MS_CLAIMS+'role', + 'surname': ORG_WS_CLAIMS+'surname', + 'upn': ORG_WS_CLAIMS+'upn', + 'windowsAccountName': MS_CLAIMS+'windowsaccountname', } } diff --git a/src/saml2/attributemaps/basic.py b/src/saml2/attributemaps/basic.py index 9311d54..dbed6ce 100644 --- a/src/saml2/attributemaps/basic.py +++ b/src/saml2/attributemaps/basic.py @@ -1,326 +1,328 @@ +DEF = 'urn:mace:dir:attribute-def:' + MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", - "fro": { - 'urn:mace:dir:attribute-def:aRecord': 'aRecord', - 'urn:mace:dir:attribute-def:aliasedEntryName': 'aliasedEntryName', - 'urn:mace:dir:attribute-def:aliasedObjectName': 'aliasedObjectName', - 'urn:mace:dir:attribute-def:associatedDomain': 'associatedDomain', - 'urn:mace:dir:attribute-def:associatedName': 'associatedName', - 'urn:mace:dir:attribute-def:audio': 'audio', - 'urn:mace:dir:attribute-def:authorityRevocationList': 'authorityRevocationList', - 'urn:mace:dir:attribute-def:buildingName': 'buildingName', - 'urn:mace:dir:attribute-def:businessCategory': 'businessCategory', - 'urn:mace:dir:attribute-def:c': 'c', - 'urn:mace:dir:attribute-def:cACertificate': 'cACertificate', - 'urn:mace:dir:attribute-def:cNAMERecord': 'cNAMERecord', - 'urn:mace:dir:attribute-def:carLicense': 'carLicense', - 'urn:mace:dir:attribute-def:certificateRevocationList': 'certificateRevocationList', - 'urn:mace:dir:attribute-def:cn': 'cn', - 'urn:mace:dir:attribute-def:co': 'co', - 'urn:mace:dir:attribute-def:commonName': 'commonName', - 'urn:mace:dir:attribute-def:countryName': 'countryName', - 'urn:mace:dir:attribute-def:crossCertificatePair': 'crossCertificatePair', - 'urn:mace:dir:attribute-def:dITRedirect': 'dITRedirect', - 'urn:mace:dir:attribute-def:dSAQuality': 'dSAQuality', - 'urn:mace:dir:attribute-def:dc': 'dc', - 'urn:mace:dir:attribute-def:deltaRevocationList': 'deltaRevocationList', - 'urn:mace:dir:attribute-def:departmentNumber': 'departmentNumber', - 'urn:mace:dir:attribute-def:description': 'description', - 'urn:mace:dir:attribute-def:destinationIndicator': 'destinationIndicator', - 'urn:mace:dir:attribute-def:displayName': 'displayName', - 'urn:mace:dir:attribute-def:distinguishedName': 'distinguishedName', - 'urn:mace:dir:attribute-def:dmdName': 'dmdName', - 'urn:mace:dir:attribute-def:dnQualifier': 'dnQualifier', - 'urn:mace:dir:attribute-def:documentAuthor': 'documentAuthor', - 'urn:mace:dir:attribute-def:documentIdentifier': 'documentIdentifier', - 'urn:mace:dir:attribute-def:documentLocation': 'documentLocation', - 'urn:mace:dir:attribute-def:documentPublisher': 'documentPublisher', - 'urn:mace:dir:attribute-def:documentTitle': 'documentTitle', - 'urn:mace:dir:attribute-def:documentVersion': 'documentVersion', - 'urn:mace:dir:attribute-def:domainComponent': 'domainComponent', - 'urn:mace:dir:attribute-def:drink': 'drink', - 'urn:mace:dir:attribute-def:eduOrgHomePageURI': 'eduOrgHomePageURI', - 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI', - 'urn:mace:dir:attribute-def:eduOrgLegalName': 'eduOrgLegalName', - 'urn:mace:dir:attribute-def:eduOrgSuperiorURI': 'eduOrgSuperiorURI', - 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI': 'eduOrgWhitePagesURI', - 'urn:mace:dir:attribute-def:eduPersonAffiliation': 'eduPersonAffiliation', - 'urn:mace:dir:attribute-def:eduPersonEntitlement': 'eduPersonEntitlement', - 'urn:mace:dir:attribute-def:eduPersonNickname': 'eduPersonNickname', - 'urn:mace:dir:attribute-def:eduPersonOrgDN': 'eduPersonOrgDN', - 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN': 'eduPersonOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation', - 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrincipalName': 'eduPersonPrincipalName', - 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation': 'eduPersonScopedAffiliation', - 'urn:mace:dir:attribute-def:eduPersonTargetedID': 'eduPersonTargetedID', - 'urn:mace:dir:attribute-def:email': 'email', - 'urn:mace:dir:attribute-def:emailAddress': 'emailAddress', - 'urn:mace:dir:attribute-def:employeeNumber': 'employeeNumber', - 'urn:mace:dir:attribute-def:employeeType': 'employeeType', - 'urn:mace:dir:attribute-def:enhancedSearchGuide': 'enhancedSearchGuide', - 'urn:mace:dir:attribute-def:facsimileTelephoneNumber': 'facsimileTelephoneNumber', - 'urn:mace:dir:attribute-def:favouriteDrink': 'favouriteDrink', - 'urn:mace:dir:attribute-def:fax': 'fax', - 'urn:mace:dir:attribute-def:federationFeideSchemaVersion': 'federationFeideSchemaVersion', - 'urn:mace:dir:attribute-def:friendlyCountryName': 'friendlyCountryName', - 'urn:mace:dir:attribute-def:generationQualifier': 'generationQualifier', - 'urn:mace:dir:attribute-def:givenName': 'givenName', - 'urn:mace:dir:attribute-def:gn': 'gn', - 'urn:mace:dir:attribute-def:homePhone': 'homePhone', - 'urn:mace:dir:attribute-def:homePostalAddress': 'homePostalAddress', - 'urn:mace:dir:attribute-def:homeTelephoneNumber': 'homeTelephoneNumber', - 'urn:mace:dir:attribute-def:host': 'host', - 'urn:mace:dir:attribute-def:houseIdentifier': 'houseIdentifier', - 'urn:mace:dir:attribute-def:info': 'info', - 'urn:mace:dir:attribute-def:initials': 'initials', - 'urn:mace:dir:attribute-def:internationaliSDNNumber': 'internationaliSDNNumber', - 'urn:mace:dir:attribute-def:janetMailbox': 'janetMailbox', - 'urn:mace:dir:attribute-def:jpegPhoto': 'jpegPhoto', - 'urn:mace:dir:attribute-def:knowledgeInformation': 'knowledgeInformation', - 'urn:mace:dir:attribute-def:l': 'l', - 'urn:mace:dir:attribute-def:labeledURI': 'labeledURI', - 'urn:mace:dir:attribute-def:localityName': 'localityName', - 'urn:mace:dir:attribute-def:mDRecord': 'mDRecord', - 'urn:mace:dir:attribute-def:mXRecord': 'mXRecord', - 'urn:mace:dir:attribute-def:mail': 'mail', - 'urn:mace:dir:attribute-def:mailPreferenceOption': 'mailPreferenceOption', - 'urn:mace:dir:attribute-def:manager': 'manager', - 'urn:mace:dir:attribute-def:member': 'member', - 'urn:mace:dir:attribute-def:mobile': 'mobile', - 'urn:mace:dir:attribute-def:mobileTelephoneNumber': 'mobileTelephoneNumber', - 'urn:mace:dir:attribute-def:nSRecord': 'nSRecord', - 'urn:mace:dir:attribute-def:name': 'name', - 'urn:mace:dir:attribute-def:norEduOrgAcronym': 'norEduOrgAcronym', - 'urn:mace:dir:attribute-def:norEduOrgNIN': 'norEduOrgNIN', - 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion': 'norEduOrgSchemaVersion', - 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber': 'norEduOrgUniqueNumber', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber', - 'urn:mace:dir:attribute-def:norEduPersonBirthDate': 'norEduPersonBirthDate', - 'urn:mace:dir:attribute-def:norEduPersonLIN': 'norEduPersonLIN', - 'urn:mace:dir:attribute-def:norEduPersonNIN': 'norEduPersonNIN', - 'urn:mace:dir:attribute-def:o': 'o', - 'urn:mace:dir:attribute-def:objectClass': 'objectClass', - 'urn:mace:dir:attribute-def:organizationName': 'organizationName', - 'urn:mace:dir:attribute-def:organizationalStatus': 'organizationalStatus', - 'urn:mace:dir:attribute-def:organizationalUnitName': 'organizationalUnitName', - 'urn:mace:dir:attribute-def:otherMailbox': 'otherMailbox', - 'urn:mace:dir:attribute-def:ou': 'ou', - 'urn:mace:dir:attribute-def:owner': 'owner', - 'urn:mace:dir:attribute-def:pager': 'pager', - 'urn:mace:dir:attribute-def:pagerTelephoneNumber': 'pagerTelephoneNumber', - 'urn:mace:dir:attribute-def:personalSignature': 'personalSignature', - 'urn:mace:dir:attribute-def:personalTitle': 'personalTitle', - 'urn:mace:dir:attribute-def:photo': 'photo', - 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName': 'physicalDeliveryOfficeName', - 'urn:mace:dir:attribute-def:pkcs9email': 'pkcs9email', - 'urn:mace:dir:attribute-def:postOfficeBox': 'postOfficeBox', - 'urn:mace:dir:attribute-def:postalAddress': 'postalAddress', - 'urn:mace:dir:attribute-def:postalCode': 'postalCode', - 'urn:mace:dir:attribute-def:preferredDeliveryMethod': 'preferredDeliveryMethod', - 'urn:mace:dir:attribute-def:preferredLanguage': 'preferredLanguage', - 'urn:mace:dir:attribute-def:presentationAddress': 'presentationAddress', - 'urn:mace:dir:attribute-def:protocolInformation': 'protocolInformation', - 'urn:mace:dir:attribute-def:pseudonym': 'pseudonym', - 'urn:mace:dir:attribute-def:registeredAddress': 'registeredAddress', - 'urn:mace:dir:attribute-def:rfc822Mailbox': 'rfc822Mailbox', - 'urn:mace:dir:attribute-def:roleOccupant': 'roleOccupant', - 'urn:mace:dir:attribute-def:roomNumber': 'roomNumber', - 'urn:mace:dir:attribute-def:sOARecord': 'sOARecord', - 'urn:mace:dir:attribute-def:searchGuide': 'searchGuide', - 'urn:mace:dir:attribute-def:secretary': 'secretary', - 'urn:mace:dir:attribute-def:seeAlso': 'seeAlso', - 'urn:mace:dir:attribute-def:serialNumber': 'serialNumber', - 'urn:mace:dir:attribute-def:singleLevelQuality': 'singleLevelQuality', - 'urn:mace:dir:attribute-def:sn': 'sn', - 'urn:mace:dir:attribute-def:st': 'st', - 'urn:mace:dir:attribute-def:stateOrProvinceName': 'stateOrProvinceName', - 'urn:mace:dir:attribute-def:street': 'street', - 'urn:mace:dir:attribute-def:streetAddress': 'streetAddress', - 'urn:mace:dir:attribute-def:subtreeMaximumQuality': 'subtreeMaximumQuality', - 'urn:mace:dir:attribute-def:subtreeMinimumQuality': 'subtreeMinimumQuality', - 'urn:mace:dir:attribute-def:supportedAlgorithms': 'supportedAlgorithms', - 'urn:mace:dir:attribute-def:supportedApplicationContext': 'supportedApplicationContext', - 'urn:mace:dir:attribute-def:surname': 'surname', - 'urn:mace:dir:attribute-def:telephoneNumber': 'telephoneNumber', - 'urn:mace:dir:attribute-def:teletexTerminalIdentifier': 'teletexTerminalIdentifier', - 'urn:mace:dir:attribute-def:telexNumber': 'telexNumber', - 'urn:mace:dir:attribute-def:textEncodedORAddress': 'textEncodedORAddress', - 'urn:mace:dir:attribute-def:title': 'title', - 'urn:mace:dir:attribute-def:uid': 'uid', - 'urn:mace:dir:attribute-def:uniqueIdentifier': 'uniqueIdentifier', - 'urn:mace:dir:attribute-def:uniqueMember': 'uniqueMember', - 'urn:mace:dir:attribute-def:userCertificate': 'userCertificate', - 'urn:mace:dir:attribute-def:userClass': 'userClass', - 'urn:mace:dir:attribute-def:userPKCS12': 'userPKCS12', - 'urn:mace:dir:attribute-def:userPassword': 'userPassword', - 'urn:mace:dir:attribute-def:userSMIMECertificate': 'userSMIMECertificate', - 'urn:mace:dir:attribute-def:userid': 'userid', - 'urn:mace:dir:attribute-def:x121Address': 'x121Address', - 'urn:mace:dir:attribute-def:x500UniqueIdentifier': 'x500UniqueIdentifier', - }, - "to": { - 'aRecord': 'urn:mace:dir:attribute-def:aRecord', - 'aliasedEntryName': 'urn:mace:dir:attribute-def:aliasedEntryName', - 'aliasedObjectName': 'urn:mace:dir:attribute-def:aliasedObjectName', - 'associatedDomain': 'urn:mace:dir:attribute-def:associatedDomain', - 'associatedName': 'urn:mace:dir:attribute-def:associatedName', - 'audio': 'urn:mace:dir:attribute-def:audio', - 'authorityRevocationList': 'urn:mace:dir:attribute-def:authorityRevocationList', - 'buildingName': 'urn:mace:dir:attribute-def:buildingName', - 'businessCategory': 'urn:mace:dir:attribute-def:businessCategory', - 'c': 'urn:mace:dir:attribute-def:c', - 'cACertificate': 'urn:mace:dir:attribute-def:cACertificate', - 'cNAMERecord': 'urn:mace:dir:attribute-def:cNAMERecord', - 'carLicense': 'urn:mace:dir:attribute-def:carLicense', - 'certificateRevocationList': 'urn:mace:dir:attribute-def:certificateRevocationList', - 'cn': 'urn:mace:dir:attribute-def:cn', - 'co': 'urn:mace:dir:attribute-def:co', - 'commonName': 'urn:mace:dir:attribute-def:commonName', - 'countryName': 'urn:mace:dir:attribute-def:countryName', - 'crossCertificatePair': 'urn:mace:dir:attribute-def:crossCertificatePair', - 'dITRedirect': 'urn:mace:dir:attribute-def:dITRedirect', - 'dSAQuality': 'urn:mace:dir:attribute-def:dSAQuality', - 'dc': 'urn:mace:dir:attribute-def:dc', - 'deltaRevocationList': 'urn:mace:dir:attribute-def:deltaRevocationList', - 'departmentNumber': 'urn:mace:dir:attribute-def:departmentNumber', - 'description': 'urn:mace:dir:attribute-def:description', - 'destinationIndicator': 'urn:mace:dir:attribute-def:destinationIndicator', - 'displayName': 'urn:mace:dir:attribute-def:displayName', - 'distinguishedName': 'urn:mace:dir:attribute-def:distinguishedName', - 'dmdName': 'urn:mace:dir:attribute-def:dmdName', - 'dnQualifier': 'urn:mace:dir:attribute-def:dnQualifier', - 'documentAuthor': 'urn:mace:dir:attribute-def:documentAuthor', - 'documentIdentifier': 'urn:mace:dir:attribute-def:documentIdentifier', - 'documentLocation': 'urn:mace:dir:attribute-def:documentLocation', - 'documentPublisher': 'urn:mace:dir:attribute-def:documentPublisher', - 'documentTitle': 'urn:mace:dir:attribute-def:documentTitle', - 'documentVersion': 'urn:mace:dir:attribute-def:documentVersion', - 'domainComponent': 'urn:mace:dir:attribute-def:domainComponent', - 'drink': 'urn:mace:dir:attribute-def:drink', - 'eduOrgHomePageURI': 'urn:mace:dir:attribute-def:eduOrgHomePageURI', - 'eduOrgIdentityAuthNPolicyURI': 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI', - 'eduOrgLegalName': 'urn:mace:dir:attribute-def:eduOrgLegalName', - 'eduOrgSuperiorURI': 'urn:mace:dir:attribute-def:eduOrgSuperiorURI', - 'eduOrgWhitePagesURI': 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI', - 'eduPersonAffiliation': 'urn:mace:dir:attribute-def:eduPersonAffiliation', - 'eduPersonEntitlement': 'urn:mace:dir:attribute-def:eduPersonEntitlement', - 'eduPersonNickname': 'urn:mace:dir:attribute-def:eduPersonNickname', - 'eduPersonOrgDN': 'urn:mace:dir:attribute-def:eduPersonOrgDN', - 'eduPersonOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN', - 'eduPersonPrimaryAffiliation': 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation', - 'eduPersonPrimaryOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN', - 'eduPersonPrincipalName': 'urn:mace:dir:attribute-def:eduPersonPrincipalName', - 'eduPersonScopedAffiliation': 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation', - 'eduPersonTargetedID': 'urn:mace:dir:attribute-def:eduPersonTargetedID', - 'email': 'urn:mace:dir:attribute-def:email', - 'emailAddress': 'urn:mace:dir:attribute-def:emailAddress', - 'employeeNumber': 'urn:mace:dir:attribute-def:employeeNumber', - 'employeeType': 'urn:mace:dir:attribute-def:employeeType', - 'enhancedSearchGuide': 'urn:mace:dir:attribute-def:enhancedSearchGuide', - 'facsimileTelephoneNumber': 'urn:mace:dir:attribute-def:facsimileTelephoneNumber', - 'favouriteDrink': 'urn:mace:dir:attribute-def:favouriteDrink', - 'fax': 'urn:mace:dir:attribute-def:fax', - 'federationFeideSchemaVersion': 'urn:mace:dir:attribute-def:federationFeideSchemaVersion', - 'friendlyCountryName': 'urn:mace:dir:attribute-def:friendlyCountryName', - 'generationQualifier': 'urn:mace:dir:attribute-def:generationQualifier', - 'givenName': 'urn:mace:dir:attribute-def:givenName', - 'gn': 'urn:mace:dir:attribute-def:gn', - 'homePhone': 'urn:mace:dir:attribute-def:homePhone', - 'homePostalAddress': 'urn:mace:dir:attribute-def:homePostalAddress', - 'homeTelephoneNumber': 'urn:mace:dir:attribute-def:homeTelephoneNumber', - 'host': 'urn:mace:dir:attribute-def:host', - 'houseIdentifier': 'urn:mace:dir:attribute-def:houseIdentifier', - 'info': 'urn:mace:dir:attribute-def:info', - 'initials': 'urn:mace:dir:attribute-def:initials', - 'internationaliSDNNumber': 'urn:mace:dir:attribute-def:internationaliSDNNumber', - 'janetMailbox': 'urn:mace:dir:attribute-def:janetMailbox', - 'jpegPhoto': 'urn:mace:dir:attribute-def:jpegPhoto', - 'knowledgeInformation': 'urn:mace:dir:attribute-def:knowledgeInformation', - 'l': 'urn:mace:dir:attribute-def:l', - 'labeledURI': 'urn:mace:dir:attribute-def:labeledURI', - 'localityName': 'urn:mace:dir:attribute-def:localityName', - 'mDRecord': 'urn:mace:dir:attribute-def:mDRecord', - 'mXRecord': 'urn:mace:dir:attribute-def:mXRecord', - 'mail': 'urn:mace:dir:attribute-def:mail', - 'mailPreferenceOption': 'urn:mace:dir:attribute-def:mailPreferenceOption', - 'manager': 'urn:mace:dir:attribute-def:manager', - 'member': 'urn:mace:dir:attribute-def:member', - 'mobile': 'urn:mace:dir:attribute-def:mobile', - 'mobileTelephoneNumber': 'urn:mace:dir:attribute-def:mobileTelephoneNumber', - 'nSRecord': 'urn:mace:dir:attribute-def:nSRecord', - 'name': 'urn:mace:dir:attribute-def:name', - 'norEduOrgAcronym': 'urn:mace:dir:attribute-def:norEduOrgAcronym', - 'norEduOrgNIN': 'urn:mace:dir:attribute-def:norEduOrgNIN', - 'norEduOrgSchemaVersion': 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion', - 'norEduOrgUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier', - 'norEduOrgUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber', - 'norEduOrgUnitUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier', - 'norEduOrgUnitUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber', - 'norEduPersonBirthDate': 'urn:mace:dir:attribute-def:norEduPersonBirthDate', - 'norEduPersonLIN': 'urn:mace:dir:attribute-def:norEduPersonLIN', - 'norEduPersonNIN': 'urn:mace:dir:attribute-def:norEduPersonNIN', - 'o': 'urn:mace:dir:attribute-def:o', - 'objectClass': 'urn:mace:dir:attribute-def:objectClass', - 'organizationName': 'urn:mace:dir:attribute-def:organizationName', - 'organizationalStatus': 'urn:mace:dir:attribute-def:organizationalStatus', - 'organizationalUnitName': 'urn:mace:dir:attribute-def:organizationalUnitName', - 'otherMailbox': 'urn:mace:dir:attribute-def:otherMailbox', - 'ou': 'urn:mace:dir:attribute-def:ou', - 'owner': 'urn:mace:dir:attribute-def:owner', - 'pager': 'urn:mace:dir:attribute-def:pager', - 'pagerTelephoneNumber': 'urn:mace:dir:attribute-def:pagerTelephoneNumber', - 'personalSignature': 'urn:mace:dir:attribute-def:personalSignature', - 'personalTitle': 'urn:mace:dir:attribute-def:personalTitle', - 'photo': 'urn:mace:dir:attribute-def:photo', - 'physicalDeliveryOfficeName': 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName', - 'pkcs9email': 'urn:mace:dir:attribute-def:pkcs9email', - 'postOfficeBox': 'urn:mace:dir:attribute-def:postOfficeBox', - 'postalAddress': 'urn:mace:dir:attribute-def:postalAddress', - 'postalCode': 'urn:mace:dir:attribute-def:postalCode', - 'preferredDeliveryMethod': 'urn:mace:dir:attribute-def:preferredDeliveryMethod', - 'preferredLanguage': 'urn:mace:dir:attribute-def:preferredLanguage', - 'presentationAddress': 'urn:mace:dir:attribute-def:presentationAddress', - 'protocolInformation': 'urn:mace:dir:attribute-def:protocolInformation', - 'pseudonym': 'urn:mace:dir:attribute-def:pseudonym', - 'registeredAddress': 'urn:mace:dir:attribute-def:registeredAddress', - 'rfc822Mailbox': 'urn:mace:dir:attribute-def:rfc822Mailbox', - 'roleOccupant': 'urn:mace:dir:attribute-def:roleOccupant', - 'roomNumber': 'urn:mace:dir:attribute-def:roomNumber', - 'sOARecord': 'urn:mace:dir:attribute-def:sOARecord', - 'searchGuide': 'urn:mace:dir:attribute-def:searchGuide', - 'secretary': 'urn:mace:dir:attribute-def:secretary', - 'seeAlso': 'urn:mace:dir:attribute-def:seeAlso', - 'serialNumber': 'urn:mace:dir:attribute-def:serialNumber', - 'singleLevelQuality': 'urn:mace:dir:attribute-def:singleLevelQuality', - 'sn': 'urn:mace:dir:attribute-def:sn', - 'st': 'urn:mace:dir:attribute-def:st', - 'stateOrProvinceName': 'urn:mace:dir:attribute-def:stateOrProvinceName', - 'street': 'urn:mace:dir:attribute-def:street', - 'streetAddress': 'urn:mace:dir:attribute-def:streetAddress', - 'subtreeMaximumQuality': 'urn:mace:dir:attribute-def:subtreeMaximumQuality', - 'subtreeMinimumQuality': 'urn:mace:dir:attribute-def:subtreeMinimumQuality', - 'supportedAlgorithms': 'urn:mace:dir:attribute-def:supportedAlgorithms', - 'supportedApplicationContext': 'urn:mace:dir:attribute-def:supportedApplicationContext', - 'surname': 'urn:mace:dir:attribute-def:surname', - 'telephoneNumber': 'urn:mace:dir:attribute-def:telephoneNumber', - 'teletexTerminalIdentifier': 'urn:mace:dir:attribute-def:teletexTerminalIdentifier', - 'telexNumber': 'urn:mace:dir:attribute-def:telexNumber', - 'textEncodedORAddress': 'urn:mace:dir:attribute-def:textEncodedORAddress', - 'title': 'urn:mace:dir:attribute-def:title', - 'uid': 'urn:mace:dir:attribute-def:uid', - 'uniqueIdentifier': 'urn:mace:dir:attribute-def:uniqueIdentifier', - 'uniqueMember': 'urn:mace:dir:attribute-def:uniqueMember', - 'userCertificate': 'urn:mace:dir:attribute-def:userCertificate', - 'userClass': 'urn:mace:dir:attribute-def:userClass', - 'userPKCS12': 'urn:mace:dir:attribute-def:userPKCS12', - 'userPassword': 'urn:mace:dir:attribute-def:userPassword', - 'userSMIMECertificate': 'urn:mace:dir:attribute-def:userSMIMECertificate', - 'userid': 'urn:mace:dir:attribute-def:userid', - 'x121Address': 'urn:mace:dir:attribute-def:x121Address', - 'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier', + 'fro': { + DEF+'aRecord': 'aRecord', + DEF+'aliasedEntryName': 'aliasedEntryName', + DEF+'aliasedObjectName': 'aliasedObjectName', + DEF+'associatedDomain': 'associatedDomain', + DEF+'associatedName': 'associatedName', + DEF+'audio': 'audio', + DEF+'authorityRevocationList': 'authorityRevocationList', + DEF+'buildingName': 'buildingName', + DEF+'businessCategory': 'businessCategory', + DEF+'c': 'c', + DEF+'cACertificate': 'cACertificate', + DEF+'cNAMERecord': 'cNAMERecord', + DEF+'carLicense': 'carLicense', + DEF+'certificateRevocationList': 'certificateRevocationList', + DEF+'cn': 'cn', + DEF+'co': 'co', + DEF+'commonName': 'commonName', + DEF+'countryName': 'countryName', + DEF+'crossCertificatePair': 'crossCertificatePair', + DEF+'dITRedirect': 'dITRedirect', + DEF+'dSAQuality': 'dSAQuality', + DEF+'dc': 'dc', + DEF+'deltaRevocationList': 'deltaRevocationList', + DEF+'departmentNumber': 'departmentNumber', + DEF+'description': 'description', + DEF+'destinationIndicator': 'destinationIndicator', + DEF+'displayName': 'displayName', + DEF+'distinguishedName': 'distinguishedName', + DEF+'dmdName': 'dmdName', + DEF+'dnQualifier': 'dnQualifier', + DEF+'documentAuthor': 'documentAuthor', + DEF+'documentIdentifier': 'documentIdentifier', + DEF+'documentLocation': 'documentLocation', + DEF+'documentPublisher': 'documentPublisher', + DEF+'documentTitle': 'documentTitle', + DEF+'documentVersion': 'documentVersion', + DEF+'domainComponent': 'domainComponent', + DEF+'drink': 'drink', + DEF+'eduOrgHomePageURI': 'eduOrgHomePageURI', + DEF+'eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI', + DEF+'eduOrgLegalName': 'eduOrgLegalName', + DEF+'eduOrgSuperiorURI': 'eduOrgSuperiorURI', + DEF+'eduOrgWhitePagesURI': 'eduOrgWhitePagesURI', + DEF+'eduPersonAffiliation': 'eduPersonAffiliation', + DEF+'eduPersonEntitlement': 'eduPersonEntitlement', + DEF+'eduPersonNickname': 'eduPersonNickname', + DEF+'eduPersonOrgDN': 'eduPersonOrgDN', + DEF+'eduPersonOrgUnitDN': 'eduPersonOrgUnitDN', + DEF+'eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation', + DEF+'eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN', + DEF+'eduPersonPrincipalName': 'eduPersonPrincipalName', + DEF+'eduPersonScopedAffiliation': 'eduPersonScopedAffiliation', + DEF+'eduPersonTargetedID': 'eduPersonTargetedID', + DEF+'email': 'email', + DEF+'emailAddress': 'emailAddress', + DEF+'employeeNumber': 'employeeNumber', + DEF+'employeeType': 'employeeType', + DEF+'enhancedSearchGuide': 'enhancedSearchGuide', + DEF+'facsimileTelephoneNumber': 'facsimileTelephoneNumber', + DEF+'favouriteDrink': 'favouriteDrink', + DEF+'fax': 'fax', + DEF+'federationFeideSchemaVersion': 'federationFeideSchemaVersion', + DEF+'friendlyCountryName': 'friendlyCountryName', + DEF+'generationQualifier': 'generationQualifier', + DEF+'givenName': 'givenName', + DEF+'gn': 'gn', + DEF+'homePhone': 'homePhone', + DEF+'homePostalAddress': 'homePostalAddress', + DEF+'homeTelephoneNumber': 'homeTelephoneNumber', + DEF+'host': 'host', + DEF+'houseIdentifier': 'houseIdentifier', + DEF+'info': 'info', + DEF+'initials': 'initials', + DEF+'internationaliSDNNumber': 'internationaliSDNNumber', + DEF+'janetMailbox': 'janetMailbox', + DEF+'jpegPhoto': 'jpegPhoto', + DEF+'knowledgeInformation': 'knowledgeInformation', + DEF+'l': 'l', + DEF+'labeledURI': 'labeledURI', + DEF+'localityName': 'localityName', + DEF+'mDRecord': 'mDRecord', + DEF+'mXRecord': 'mXRecord', + DEF+'mail': 'mail', + DEF+'mailPreferenceOption': 'mailPreferenceOption', + DEF+'manager': 'manager', + DEF+'member': 'member', + DEF+'mobile': 'mobile', + DEF+'mobileTelephoneNumber': 'mobileTelephoneNumber', + DEF+'nSRecord': 'nSRecord', + DEF+'name': 'name', + DEF+'norEduOrgAcronym': 'norEduOrgAcronym', + DEF+'norEduOrgNIN': 'norEduOrgNIN', + DEF+'norEduOrgSchemaVersion': 'norEduOrgSchemaVersion', + DEF+'norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier', + DEF+'norEduOrgUniqueNumber': 'norEduOrgUniqueNumber', + DEF+'norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier', + DEF+'norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber', + DEF+'norEduPersonBirthDate': 'norEduPersonBirthDate', + DEF+'norEduPersonLIN': 'norEduPersonLIN', + DEF+'norEduPersonNIN': 'norEduPersonNIN', + DEF+'o': 'o', + DEF+'objectClass': 'objectClass', + DEF+'organizationName': 'organizationName', + DEF+'organizationalStatus': 'organizationalStatus', + DEF+'organizationalUnitName': 'organizationalUnitName', + DEF+'otherMailbox': 'otherMailbox', + DEF+'ou': 'ou', + DEF+'owner': 'owner', + DEF+'pager': 'pager', + DEF+'pagerTelephoneNumber': 'pagerTelephoneNumber', + DEF+'personalSignature': 'personalSignature', + DEF+'personalTitle': 'personalTitle', + DEF+'photo': 'photo', + DEF+'physicalDeliveryOfficeName': 'physicalDeliveryOfficeName', + DEF+'pkcs9email': 'pkcs9email', + DEF+'postOfficeBox': 'postOfficeBox', + DEF+'postalAddress': 'postalAddress', + DEF+'postalCode': 'postalCode', + DEF+'preferredDeliveryMethod': 'preferredDeliveryMethod', + DEF+'preferredLanguage': 'preferredLanguage', + DEF+'presentationAddress': 'presentationAddress', + DEF+'protocolInformation': 'protocolInformation', + DEF+'pseudonym': 'pseudonym', + DEF+'registeredAddress': 'registeredAddress', + DEF+'rfc822Mailbox': 'rfc822Mailbox', + DEF+'roleOccupant': 'roleOccupant', + DEF+'roomNumber': 'roomNumber', + DEF+'sOARecord': 'sOARecord', + DEF+'searchGuide': 'searchGuide', + DEF+'secretary': 'secretary', + DEF+'seeAlso': 'seeAlso', + DEF+'serialNumber': 'serialNumber', + DEF+'singleLevelQuality': 'singleLevelQuality', + DEF+'sn': 'sn', + DEF+'st': 'st', + DEF+'stateOrProvinceName': 'stateOrProvinceName', + DEF+'street': 'street', + DEF+'streetAddress': 'streetAddress', + DEF+'subtreeMaximumQuality': 'subtreeMaximumQuality', + DEF+'subtreeMinimumQuality': 'subtreeMinimumQuality', + DEF+'supportedAlgorithms': 'supportedAlgorithms', + DEF+'supportedApplicationContext': 'supportedApplicationContext', + DEF+'surname': 'surname', + DEF+'telephoneNumber': 'telephoneNumber', + DEF+'teletexTerminalIdentifier': 'teletexTerminalIdentifier', + DEF+'telexNumber': 'telexNumber', + DEF+'textEncodedORAddress': 'textEncodedORAddress', + DEF+'title': 'title', + DEF+'uid': 'uid', + DEF+'uniqueIdentifier': 'uniqueIdentifier', + DEF+'uniqueMember': 'uniqueMember', + DEF+'userCertificate': 'userCertificate', + DEF+'userClass': 'userClass', + DEF+'userPKCS12': 'userPKCS12', + DEF+'userPassword': 'userPassword', + DEF+'userSMIMECertificate': 'userSMIMECertificate', + DEF+'userid': 'userid', + DEF+'x121Address': 'x121Address', + DEF+'x500UniqueIdentifier': 'x500UniqueIdentifier', + }, + 'to': { + 'aRecord': DEF+'aRecord', + 'aliasedEntryName': DEF+'aliasedEntryName', + 'aliasedObjectName': DEF+'aliasedObjectName', + 'associatedDomain': DEF+'associatedDomain', + 'associatedName': DEF+'associatedName', + 'audio': DEF+'audio', + 'authorityRevocationList': DEF+'authorityRevocationList', + 'buildingName': DEF+'buildingName', + 'businessCategory': DEF+'businessCategory', + 'c': DEF+'c', + 'cACertificate': DEF+'cACertificate', + 'cNAMERecord': DEF+'cNAMERecord', + 'carLicense': DEF+'carLicense', + 'certificateRevocationList': DEF+'certificateRevocationList', + 'cn': DEF+'cn', + 'co': DEF+'co', + 'commonName': DEF+'commonName', + 'countryName': DEF+'countryName', + 'crossCertificatePair': DEF+'crossCertificatePair', + 'dITRedirect': DEF+'dITRedirect', + 'dSAQuality': DEF+'dSAQuality', + 'dc': DEF+'dc', + 'deltaRevocationList': DEF+'deltaRevocationList', + 'departmentNumber': DEF+'departmentNumber', + 'description': DEF+'description', + 'destinationIndicator': DEF+'destinationIndicator', + 'displayName': DEF+'displayName', + 'distinguishedName': DEF+'distinguishedName', + 'dmdName': DEF+'dmdName', + 'dnQualifier': DEF+'dnQualifier', + 'documentAuthor': DEF+'documentAuthor', + 'documentIdentifier': DEF+'documentIdentifier', + 'documentLocation': DEF+'documentLocation', + 'documentPublisher': DEF+'documentPublisher', + 'documentTitle': DEF+'documentTitle', + 'documentVersion': DEF+'documentVersion', + 'domainComponent': DEF+'domainComponent', + 'drink': DEF+'drink', + 'eduOrgHomePageURI': DEF+'eduOrgHomePageURI', + 'eduOrgIdentityAuthNPolicyURI': DEF+'eduOrgIdentityAuthNPolicyURI', + 'eduOrgLegalName': DEF+'eduOrgLegalName', + 'eduOrgSuperiorURI': DEF+'eduOrgSuperiorURI', + 'eduOrgWhitePagesURI': DEF+'eduOrgWhitePagesURI', + 'eduPersonAffiliation': DEF+'eduPersonAffiliation', + 'eduPersonEntitlement': DEF+'eduPersonEntitlement', + 'eduPersonNickname': DEF+'eduPersonNickname', + 'eduPersonOrgDN': DEF+'eduPersonOrgDN', + 'eduPersonOrgUnitDN': DEF+'eduPersonOrgUnitDN', + 'eduPersonPrimaryAffiliation': DEF+'eduPersonPrimaryAffiliation', + 'eduPersonPrimaryOrgUnitDN': DEF+'eduPersonPrimaryOrgUnitDN', + 'eduPersonPrincipalName': DEF+'eduPersonPrincipalName', + 'eduPersonScopedAffiliation': DEF+'eduPersonScopedAffiliation', + 'eduPersonTargetedID': DEF+'eduPersonTargetedID', + 'email': DEF+'email', + 'emailAddress': DEF+'emailAddress', + 'employeeNumber': DEF+'employeeNumber', + 'employeeType': DEF+'employeeType', + 'enhancedSearchGuide': DEF+'enhancedSearchGuide', + 'facsimileTelephoneNumber': DEF+'facsimileTelephoneNumber', + 'favouriteDrink': DEF+'favouriteDrink', + 'fax': DEF+'fax', + 'federationFeideSchemaVersion': DEF+'federationFeideSchemaVersion', + 'friendlyCountryName': DEF+'friendlyCountryName', + 'generationQualifier': DEF+'generationQualifier', + 'givenName': DEF+'givenName', + 'gn': DEF+'gn', + 'homePhone': DEF+'homePhone', + 'homePostalAddress': DEF+'homePostalAddress', + 'homeTelephoneNumber': DEF+'homeTelephoneNumber', + 'host': DEF+'host', + 'houseIdentifier': DEF+'houseIdentifier', + 'info': DEF+'info', + 'initials': DEF+'initials', + 'internationaliSDNNumber': DEF+'internationaliSDNNumber', + 'janetMailbox': DEF+'janetMailbox', + 'jpegPhoto': DEF+'jpegPhoto', + 'knowledgeInformation': DEF+'knowledgeInformation', + 'l': DEF+'l', + 'labeledURI': DEF+'labeledURI', + 'localityName': DEF+'localityName', + 'mDRecord': DEF+'mDRecord', + 'mXRecord': DEF+'mXRecord', + 'mail': DEF+'mail', + 'mailPreferenceOption': DEF+'mailPreferenceOption', + 'manager': DEF+'manager', + 'member': DEF+'member', + 'mobile': DEF+'mobile', + 'mobileTelephoneNumber': DEF+'mobileTelephoneNumber', + 'nSRecord': DEF+'nSRecord', + 'name': DEF+'name', + 'norEduOrgAcronym': DEF+'norEduOrgAcronym', + 'norEduOrgNIN': DEF+'norEduOrgNIN', + 'norEduOrgSchemaVersion': DEF+'norEduOrgSchemaVersion', + 'norEduOrgUniqueIdentifier': DEF+'norEduOrgUniqueIdentifier', + 'norEduOrgUniqueNumber': DEF+'norEduOrgUniqueNumber', + 'norEduOrgUnitUniqueIdentifier': DEF+'norEduOrgUnitUniqueIdentifier', + 'norEduOrgUnitUniqueNumber': DEF+'norEduOrgUnitUniqueNumber', + 'norEduPersonBirthDate': DEF+'norEduPersonBirthDate', + 'norEduPersonLIN': DEF+'norEduPersonLIN', + 'norEduPersonNIN': DEF+'norEduPersonNIN', + 'o': DEF+'o', + 'objectClass': DEF+'objectClass', + 'organizationName': DEF+'organizationName', + 'organizationalStatus': DEF+'organizationalStatus', + 'organizationalUnitName': DEF+'organizationalUnitName', + 'otherMailbox': DEF+'otherMailbox', + 'ou': DEF+'ou', + 'owner': DEF+'owner', + 'pager': DEF+'pager', + 'pagerTelephoneNumber': DEF+'pagerTelephoneNumber', + 'personalSignature': DEF+'personalSignature', + 'personalTitle': DEF+'personalTitle', + 'photo': DEF+'photo', + 'physicalDeliveryOfficeName': DEF+'physicalDeliveryOfficeName', + 'pkcs9email': DEF+'pkcs9email', + 'postOfficeBox': DEF+'postOfficeBox', + 'postalAddress': DEF+'postalAddress', + 'postalCode': DEF+'postalCode', + 'preferredDeliveryMethod': DEF+'preferredDeliveryMethod', + 'preferredLanguage': DEF+'preferredLanguage', + 'presentationAddress': DEF+'presentationAddress', + 'protocolInformation': DEF+'protocolInformation', + 'pseudonym': DEF+'pseudonym', + 'registeredAddress': DEF+'registeredAddress', + 'rfc822Mailbox': DEF+'rfc822Mailbox', + 'roleOccupant': DEF+'roleOccupant', + 'roomNumber': DEF+'roomNumber', + 'sOARecord': DEF+'sOARecord', + 'searchGuide': DEF+'searchGuide', + 'secretary': DEF+'secretary', + 'seeAlso': DEF+'seeAlso', + 'serialNumber': DEF+'serialNumber', + 'singleLevelQuality': DEF+'singleLevelQuality', + 'sn': DEF+'sn', + 'st': DEF+'st', + 'stateOrProvinceName': DEF+'stateOrProvinceName', + 'street': DEF+'street', + 'streetAddress': DEF+'streetAddress', + 'subtreeMaximumQuality': DEF+'subtreeMaximumQuality', + 'subtreeMinimumQuality': DEF+'subtreeMinimumQuality', + 'supportedAlgorithms': DEF+'supportedAlgorithms', + 'supportedApplicationContext': DEF+'supportedApplicationContext', + 'surname': DEF+'surname', + 'telephoneNumber': DEF+'telephoneNumber', + 'teletexTerminalIdentifier': DEF+'teletexTerminalIdentifier', + 'telexNumber': DEF+'telexNumber', + 'textEncodedORAddress': DEF+'textEncodedORAddress', + 'title': DEF+'title', + 'uid': DEF+'uid', + 'uniqueIdentifier': DEF+'uniqueIdentifier', + 'uniqueMember': DEF+'uniqueMember', + 'userCertificate': DEF+'userCertificate', + 'userClass': DEF+'userClass', + 'userPKCS12': DEF+'userPKCS12', + 'userPassword': DEF+'userPassword', + 'userSMIMECertificate': DEF+'userSMIMECertificate', + 'userid': DEF+'userid', + 'x121Address': DEF+'x121Address', + 'x500UniqueIdentifier': DEF+'x500UniqueIdentifier', } -} \ No newline at end of file +} diff --git a/src/saml2/attributemaps/saml_uri.py b/src/saml2/attributemaps/saml_uri.py index 07439b9..4aa8451 100644 --- a/src/saml2/attributemaps/saml_uri.py +++ b/src/saml2/attributemaps/saml_uri.py @@ -1,21 +1,18 @@ -__author__ = 'rolandh' - -EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1." -EDUCOURSE_OID = "urn:oid:1.3.6.1.4.1.5923.1.6.1." -X500ATTR_OID = "urn:oid:2.5.4." -NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1." -NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1." +EDUCOURSE_OID = 'urn:oid:1.3.6.1.4.1.5923.1.6.1.' +EDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.' +NETSCAPE_LDAP = 'urn:oid:2.16.840.1.113730.3.1.' +NOREDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.2428.90.1.' +PKCS_9 = 'urn:oid:1.2.840.113549.1.9.1.' +SCHAC = 'urn:oid:1.3.6.1.4.1.25178.1.2.' +SIS = 'urn:oid:1.2.752.194.10.2.' UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.' -PKCS_9 = "urn:oid:1.2.840.113549.1.9.1." -UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." -SCHAC = "urn:oid:1.3.6.1.4.1.25178.1.2." -SIS = "urn:oid:1.2.752.194.10.2." +UMICH = 'urn:oid:1.3.6.1.4.1.250.1.57.' +X500ATTR_OID = 'urn:oid:2.5.4.' -#urn:oid:1.3.6.1.4.1.1466.115.121.1.26 MAP = { - "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - "fro": { + 'identifier': 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri', + 'fro': { EDUCOURSE_OID+'1': 'eduCourseOffering', EDUCOURSE_OID+'2': 'eduCourseMember', EDUPERSON_OID+'1': 'eduPersonAffiliation', @@ -29,6 +26,14 @@ MAP = { EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', EDUPERSON_OID+'10': 'eduPersonTargetedID', EDUPERSON_OID+'11': 'eduPersonAssurance', + NETSCAPE_LDAP+'1': 'carLicense', + NETSCAPE_LDAP+'2': 'departmentNumber', + NETSCAPE_LDAP+'3': 'employeeNumber', + NETSCAPE_LDAP+'4': 'employeeType', + NETSCAPE_LDAP+'39': 'preferredLanguage', + NETSCAPE_LDAP+'40': 'userSMIMECertificate', + NETSCAPE_LDAP+'216': 'userPKCS12', + NETSCAPE_LDAP+'241': 'displayName', NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', @@ -41,14 +46,6 @@ MAP = { NOREDUPERSON_OID+'10': 'norEduPersonLegalName', NOREDUPERSON_OID+'11': 'norEduOrgSchemaVersion', NOREDUPERSON_OID+'12': 'norEduOrgNIN', - NETSCAPE_LDAP+'1': 'carLicense', - NETSCAPE_LDAP+'2': 'departmentNumber', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'4': 'employeeType', - NETSCAPE_LDAP+'39': 'preferredLanguage', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NETSCAPE_LDAP+'216': 'userPKCS12', - NETSCAPE_LDAP+'241': 'displayName', PKCS_9+'1': 'email', SCHAC+'1': 'schacMotherTongue', SCHAC+'2': 'schacGender', @@ -128,119 +125,119 @@ MAP = { X500ATTR_OID+'53': 'deltaRevocationList', X500ATTR_OID+'54': 'dmdName', X500ATTR_OID+'65': 'pseudonym', - }, - "to": { + }, + 'to': { 'associatedDomain': UCL_DIR_PILOT+'37', - 'authorityRevocationList': X500ATTR_OID+"38", - 'businessCategory': X500ATTR_OID+"15", - 'c': X500ATTR_OID+"6", - 'cACertificate': X500ATTR_OID+"37", - 'carLicense': NETSCAPE_LDAP+"1", - 'certificateRevocationList': X500ATTR_OID+"39", - 'cn': X500ATTR_OID+"3", - 'co': UCL_DIR_PILOT+"43", - 'crossCertificatePair': X500ATTR_OID+"40", - 'dc': UCL_DIR_PILOT+"25", - 'deltaRevocationList': X500ATTR_OID+"53", - 'departmentNumber': NETSCAPE_LDAP+"2", - 'destinationIndicator': X500ATTR_OID+"27", - 'displayName': NETSCAPE_LDAP+"241", - 'dmdName': X500ATTR_OID+"54", - 'dnQualifier': X500ATTR_OID+"46", - 'eduCourseMember': EDUCOURSE_OID+"2", - 'eduCourseOffering': EDUCOURSE_OID+"1", - 'eduPersonAffiliation': EDUPERSON_OID+"1", - 'eduPersonAssurance': EDUPERSON_OID+"11", - 'eduPersonEntitlement': EDUPERSON_OID+"7", - 'eduPersonNickname': EDUPERSON_OID+"2", - 'eduPersonOrgDN': EDUPERSON_OID+"3", - 'eduPersonOrgUnitDN': EDUPERSON_OID+"4", - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+"5", - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+"8", - 'eduPersonPrincipalName': EDUPERSON_OID+"6", - 'eduPersonScopedAffiliation': EDUPERSON_OID+"9", - 'eduPersonTargetedID': EDUPERSON_OID+"10", - 'email': PKCS_9+"1", - 'employeeNumber': NETSCAPE_LDAP+"3", - 'employeeType': NETSCAPE_LDAP+"4", - 'enhancedSearchGuide': X500ATTR_OID+"47", - 'facsimileTelephoneNumber': X500ATTR_OID+"23", - 'federationFeideSchemaVersion': NOREDUPERSON_OID+"9", - 'generationQualifier': X500ATTR_OID+"44", - 'givenName': X500ATTR_OID+"42", - 'houseIdentifier': X500ATTR_OID+"51", - 'initials': X500ATTR_OID+"43", - 'internationaliSDNNumber': X500ATTR_OID+"25", - 'jpegPhoto': UCL_DIR_PILOT+"60", - 'knowledgeInformation': X500ATTR_OID+"2", - 'l': X500ATTR_OID+"7", - 'labeledURI': UMICH+"57", - 'mail': UCL_DIR_PILOT+"3", - 'member': X500ATTR_OID+"31", - 'norEduOrgAcronym': NOREDUPERSON_OID+"6", - 'norEduOrgNIN': NOREDUPERSON_OID+"12", - 'norEduOrgSchemaVersion': NOREDUPERSON_OID+"11", - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+"7", - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+"1", - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+"8", - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+"2", - 'norEduPersonBirthDate': NOREDUPERSON_OID+"3", - 'norEduPersonLIN': NOREDUPERSON_OID+"4", - 'norEduPersonLegalName': NOREDUPERSON_OID+"10", - 'norEduPersonNIN': NOREDUPERSON_OID+"5", - 'o': X500ATTR_OID+"10", - 'ou': X500ATTR_OID+"11", - 'owner': X500ATTR_OID+"32", - 'physicalDeliveryOfficeName': X500ATTR_OID+"19", - 'postOfficeBox': X500ATTR_OID+"18", - 'postalAddress': X500ATTR_OID+"16", - 'postalCode': X500ATTR_OID+"17", - 'preferredDeliveryMethod': X500ATTR_OID+"28", - 'preferredLanguage': NETSCAPE_LDAP+"39", - 'presentationAddress': X500ATTR_OID+"29", - 'protocolInformation': X500ATTR_OID+"48", - 'pseudonym': X500ATTR_OID+"65", - 'registeredAddress': X500ATTR_OID+"26", - 'roleOccupant': X500ATTR_OID+"33", - 'schacCountryOfCitizenship': SCHAC+"5", - 'schacCountryOfResidence': SCHAC+"11", - 'schacDateOfBirth': SCHAC+"3", - 'schacExpiryDate': SCHAC+"17", - 'schacGender': SCHAC+"2", - 'schacHomeOrganization': SCHAC+"9", - 'schacHomeOrganizationType': SCHAC+"10", - 'schacMotherTongue': SCHAC+"1", - 'schacPersonalPosition': SCHAC+"13", - 'schacPersonalTitle': SCHAC+"8", - 'schacPersonalUniqueCode': SCHAC+"14", - 'schacPersonalUniqueID': SCHAC+"15", - 'schacPlaceOfBirth': SCHAC+"4", - 'schacProjectMembership': SCHAC+"20", - 'schacProjectSpecificRole': SCHAC+"21", - 'schacSn1': SCHAC+"6", - 'schacSn2': SCHAC+"7", - 'schacUserPresenceID': SCHAC+"12", - 'schacUserPrivateAttribute': SCHAC+"18", - 'schacUserStatus': SCHAC+"19", - 'searchGuide': X500ATTR_OID+"14", - 'serialNumber': X500ATTR_OID+"5", - 'sisLegalGuardianFor': SIS+"1", - 'sisSchoolGrade': SIS+"2", - 'sn': X500ATTR_OID+"4", - 'st': X500ATTR_OID+"8", - 'street': X500ATTR_OID+"9", - 'supportedAlgorithms': X500ATTR_OID+"52", - 'supportedApplicationContext': X500ATTR_OID+"30", - 'telephoneNumber': X500ATTR_OID+"20", - 'teletexTerminalIdentifier': X500ATTR_OID+"22", - 'telexNumber': X500ATTR_OID+"21", - 'title': X500ATTR_OID+"12", - 'uid': UCL_DIR_PILOT+"1", - 'uniqueMember': X500ATTR_OID+"50", - 'userCertificate': X500ATTR_OID+"36", - 'userPKCS12': NETSCAPE_LDAP+"216", - 'userSMIMECertificate': NETSCAPE_LDAP+"40", - 'x121Address': X500ATTR_OID+"24", - 'x500UniqueIdentifier': X500ATTR_OID+"45", + 'authorityRevocationList': X500ATTR_OID+'38', + 'businessCategory': X500ATTR_OID+'15', + 'c': X500ATTR_OID+'6', + 'cACertificate': X500ATTR_OID+'37', + 'carLicense': NETSCAPE_LDAP+'1', + 'certificateRevocationList': X500ATTR_OID+'39', + 'cn': X500ATTR_OID+'3', + 'co': UCL_DIR_PILOT+'43', + 'crossCertificatePair': X500ATTR_OID+'40', + 'dc': UCL_DIR_PILOT+'25', + 'deltaRevocationList': X500ATTR_OID+'53', + 'departmentNumber': NETSCAPE_LDAP+'2', + 'destinationIndicator': X500ATTR_OID+'27', + 'displayName': NETSCAPE_LDAP+'241', + 'dmdName': X500ATTR_OID+'54', + 'dnQualifier': X500ATTR_OID+'46', + 'eduCourseMember': EDUCOURSE_OID+'2', + 'eduCourseOffering': EDUCOURSE_OID+'1', + 'eduPersonAffiliation': EDUPERSON_OID+'1', + 'eduPersonAssurance': EDUPERSON_OID+'11', + 'eduPersonEntitlement': EDUPERSON_OID+'7', + 'eduPersonNickname': EDUPERSON_OID+'2', + 'eduPersonOrgDN': EDUPERSON_OID+'3', + 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', + 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', + 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', + 'eduPersonPrincipalName': EDUPERSON_OID+'6', + 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', + 'eduPersonTargetedID': EDUPERSON_OID+'10', + 'email': PKCS_9+'1', + 'employeeNumber': NETSCAPE_LDAP+'3', + 'employeeType': NETSCAPE_LDAP+'4', + 'enhancedSearchGuide': X500ATTR_OID+'47', + 'facsimileTelephoneNumber': X500ATTR_OID+'23', + 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', + 'generationQualifier': X500ATTR_OID+'44', + 'givenName': X500ATTR_OID+'42', + 'houseIdentifier': X500ATTR_OID+'51', + 'initials': X500ATTR_OID+'43', + 'internationaliSDNNumber': X500ATTR_OID+'25', + 'jpegPhoto': UCL_DIR_PILOT+'60', + 'knowledgeInformation': X500ATTR_OID+'2', + 'l': X500ATTR_OID+'7', + 'labeledURI': UMICH+'57', + 'mail': UCL_DIR_PILOT+'3', + 'member': X500ATTR_OID+'31', + 'norEduOrgAcronym': NOREDUPERSON_OID+'6', + 'norEduOrgNIN': NOREDUPERSON_OID+'12', + 'norEduOrgSchemaVersion': NOREDUPERSON_OID+'11', + 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', + 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', + 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', + 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', + 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', + 'norEduPersonLIN': NOREDUPERSON_OID+'4', + 'norEduPersonLegalName': NOREDUPERSON_OID+'10', + 'norEduPersonNIN': NOREDUPERSON_OID+'5', + 'o': X500ATTR_OID+'10', + 'ou': X500ATTR_OID+'11', + 'owner': X500ATTR_OID+'32', + 'physicalDeliveryOfficeName': X500ATTR_OID+'19', + 'postOfficeBox': X500ATTR_OID+'18', + 'postalAddress': X500ATTR_OID+'16', + 'postalCode': X500ATTR_OID+'17', + 'preferredDeliveryMethod': X500ATTR_OID+'28', + 'preferredLanguage': NETSCAPE_LDAP+'39', + 'presentationAddress': X500ATTR_OID+'29', + 'protocolInformation': X500ATTR_OID+'48', + 'pseudonym': X500ATTR_OID+'65', + 'registeredAddress': X500ATTR_OID+'26', + 'roleOccupant': X500ATTR_OID+'33', + 'schacCountryOfCitizenship': SCHAC+'5', + 'schacCountryOfResidence': SCHAC+'11', + 'schacDateOfBirth': SCHAC+'3', + 'schacExpiryDate': SCHAC+'17', + 'schacGender': SCHAC+'2', + 'schacHomeOrganization': SCHAC+'9', + 'schacHomeOrganizationType': SCHAC+'10', + 'schacMotherTongue': SCHAC+'1', + 'schacPersonalPosition': SCHAC+'13', + 'schacPersonalTitle': SCHAC+'8', + 'schacPersonalUniqueCode': SCHAC+'14', + 'schacPersonalUniqueID': SCHAC+'15', + 'schacPlaceOfBirth': SCHAC+'4', + 'schacProjectMembership': SCHAC+'20', + 'schacProjectSpecificRole': SCHAC+'21', + 'schacSn1': SCHAC+'6', + 'schacSn2': SCHAC+'7', + 'schacUserPresenceID': SCHAC+'12', + 'schacUserPrivateAttribute': SCHAC+'18', + 'schacUserStatus': SCHAC+'19', + 'searchGuide': X500ATTR_OID+'14', + 'serialNumber': X500ATTR_OID+'5', + 'sisLegalGuardianFor': SIS+'1', + 'sisSchoolGrade': SIS+'2', + 'sn': X500ATTR_OID+'4', + 'st': X500ATTR_OID+'8', + 'street': X500ATTR_OID+'9', + 'supportedAlgorithms': X500ATTR_OID+'52', + 'supportedApplicationContext': X500ATTR_OID+'30', + 'telephoneNumber': X500ATTR_OID+'20', + 'teletexTerminalIdentifier': X500ATTR_OID+'22', + 'telexNumber': X500ATTR_OID+'21', + 'title': X500ATTR_OID+'12', + 'uid': UCL_DIR_PILOT+'1', + 'uniqueMember': X500ATTR_OID+'50', + 'userCertificate': X500ATTR_OID+'36', + 'userPKCS12': NETSCAPE_LDAP+'216', + 'userSMIMECertificate': NETSCAPE_LDAP+'40', + 'x121Address': X500ATTR_OID+'24', + 'x500UniqueIdentifier': X500ATTR_OID+'45', } -} \ No newline at end of file +} diff --git a/src/saml2/attributemaps/shibboleth_uri.py b/src/saml2/attributemaps/shibboleth_uri.py index d26bf00..782c3b3 100644 --- a/src/saml2/attributemaps/shibboleth_uri.py +++ b/src/saml2/attributemaps/shibboleth_uri.py @@ -1,73 +1,82 @@ -EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1." -X500ATTR = "urn:oid:2.5.4." -NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1." -NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1." -UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1." -PKCS_9 = "urn:oid:1.2.840.113549.1.9." -UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." +EDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.' +NETSCAPE_LDAP = 'urn:oid:2.16.840.1.113730.3.1.' +NOREDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.2428.90.1.' +PKCS_9 = 'urn:oid:1.2.840.113549.1.9.' +UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.' +UMICH = 'urn:oid:1.3.6.1.4.1.250.1.57.' +X500ATTR = 'urn:oid:2.5.4.' + MAP = { "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri", - "fro": { + 'fro': { + EDUPERSON_OID+'1': 'eduPersonAffiliation', EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'10': 'eduPersonTargetedID', + EDUPERSON_OID+'3': 'eduPersonOrgDN', EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', + EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', + EDUPERSON_OID+'6': 'eduPersonPrincipalName', + EDUPERSON_OID+'7': 'eduPersonEntitlement', + EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', + EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', + EDUPERSON_OID+'10': 'eduPersonTargetedID', + EDUPERSON_OID+'11': 'eduPersonAssurance', + NETSCAPE_LDAP+'1': 'carLicense', + NETSCAPE_LDAP+'2': 'departmentNumber', + NETSCAPE_LDAP+'3': 'employeeNumber', + NETSCAPE_LDAP+'4': 'employeeType', + NETSCAPE_LDAP+'39': 'preferredLanguage', + NETSCAPE_LDAP+'40': 'userSMIMECertificate', + NETSCAPE_LDAP+'216': 'userPKCS12', + NETSCAPE_LDAP+'241': 'displayName', + NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', + NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', + NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', + NOREDUPERSON_OID+'4': 'norEduPersonLIN', + NOREDUPERSON_OID+'5': 'norEduPersonNIN', NOREDUPERSON_OID+'6': 'norEduOrgAcronym', NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP+'241': 'displayName', - UCL_DIR_PILOT+'37': 'associatedDomain', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - X500ATTR+'53': 'deltaRevocationList', - X500ATTR+'52': 'supportedAlgorithms', - X500ATTR+'51': 'houseIdentifier', - X500ATTR+'50': 'uniqueMember', - X500ATTR+'19': 'physicalDeliveryOfficeName', - X500ATTR+'18': 'postOfficeBox', - X500ATTR+'17': 'postalCode', - X500ATTR+'16': 'postalAddress', - X500ATTR+'15': 'businessCategory', - X500ATTR+'14': 'searchGuide', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - X500ATTR+'12': 'title', - X500ATTR+'11': 'ou', - X500ATTR+'10': 'o', - X500ATTR+'37': 'cACertificate', - X500ATTR+'36': 'userCertificate', - X500ATTR+'31': 'member', - X500ATTR+'30': 'supportedApplicationContext', - X500ATTR+'33': 'roleOccupant', - X500ATTR+'32': 'owner', - NETSCAPE_LDAP+'1': 'carLicense', PKCS_9+'1': 'email', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'2': 'departmentNumber', - X500ATTR+'39': 'certificateRevocationList', - X500ATTR+'38': 'authorityRevocationList', - NETSCAPE_LDAP+'216': 'userPKCS12', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR+'9': 'street', - X500ATTR+'8': 'st', - NETSCAPE_LDAP+'39': 'preferredLanguage', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - X500ATTR+'2': 'knowledgeInformation', - X500ATTR+'7': 'l', - X500ATTR+'6': 'c', - X500ATTR+'5': 'serialNumber', - X500ATTR+'4': 'sn', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR+'65': 'pseudonym', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', UCL_DIR_PILOT+'3': 'mail', UCL_DIR_PILOT+'25': 'dc', + UCL_DIR_PILOT+'37': 'associatedDomain', + UCL_DIR_PILOT+'60': 'jpegPhoto', + X500ATTR+'2': 'knowledgeInformation', + X500ATTR+'4': 'sn', + X500ATTR+'5': 'serialNumber', + X500ATTR+'6': 'c', + X500ATTR+'7': 'l', + X500ATTR+'8': 'st', + X500ATTR+'9': 'street', + X500ATTR+'10': 'o', + X500ATTR+'11': 'ou', + X500ATTR+'12': 'title', + X500ATTR+'14': 'searchGuide', + X500ATTR+'15': 'businessCategory', + X500ATTR+'16': 'postalAddress', + X500ATTR+'17': 'postalCode', + X500ATTR+'18': 'postOfficeBox', + X500ATTR+'19': 'physicalDeliveryOfficeName', + X500ATTR+'20': 'telephoneNumber', + X500ATTR+'21': 'telexNumber', + X500ATTR+'22': 'teletexTerminalIdentifier', + X500ATTR+'23': 'facsimileTelephoneNumber', + X500ATTR+'24': 'x121Address', + X500ATTR+'25': 'internationaliSDNNumber', + X500ATTR+'26': 'registeredAddress', + X500ATTR+'27': 'destinationIndicator', + X500ATTR+'28': 'preferredDeliveryMethod', + X500ATTR+'29': 'presentationAddress', + X500ATTR+'30': 'supportedApplicationContext', + X500ATTR+'31': 'member', + X500ATTR+'32': 'owner', + X500ATTR+'33': 'roleOccupant', + X500ATTR+'36': 'userCertificate', + X500ATTR+'37': 'cACertificate', + X500ATTR+'38': 'authorityRevocationList', + X500ATTR+'39': 'certificateRevocationList', X500ATTR+'40': 'crossCertificatePair', X500ATTR+'42': 'givenName', X500ATTR+'43': 'initials', @@ -76,115 +85,107 @@ MAP = { X500ATTR+'46': 'dnQualifier', X500ATTR+'47': 'enhancedSearchGuide', X500ATTR+'48': 'protocolInformation', + X500ATTR+'50': 'uniqueMember', + X500ATTR+'51': 'houseIdentifier', + X500ATTR+'52': 'supportedAlgorithms', + X500ATTR+'53': 'deltaRevocationList', X500ATTR+'54': 'dmdName', - NETSCAPE_LDAP+'4': 'employeeType', - X500ATTR+'22': 'teletexTerminalIdentifier', - X500ATTR+'23': 'facsimileTelephoneNumber', - X500ATTR+'20': 'telephoneNumber', - X500ATTR+'21': 'telexNumber', - X500ATTR+'26': 'registeredAddress', - X500ATTR+'27': 'destinationIndicator', - X500ATTR+'24': 'x121Address', - X500ATTR+'25': 'internationaliSDNNumber', - X500ATTR+'28': 'preferredDeliveryMethod', - X500ATTR+'29': 'presentationAddress', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', + X500ATTR+'65': 'pseudonym', }, - "to":{ - 'roleOccupant': X500ATTR+'33', - 'gn': X500ATTR+'42', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'title': X500ATTR+'12', - 'facsimileTelephoneNumber': X500ATTR+'23', - 'mail': UCL_DIR_PILOT+'3', - 'postOfficeBox': X500ATTR+'18', - 'fax': X500ATTR+'23', - 'telephoneNumber': X500ATTR+'20', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'dc': UCL_DIR_PILOT+'25', + 'to': { + 'associatedDomain': UCL_DIR_PILOT+'37', + 'authorityRevocationList': X500ATTR+'38', + 'businessCategory': X500ATTR+'15', + 'c': X500ATTR+'6', + 'cACertificate': X500ATTR+'37', + 'carLicense': NETSCAPE_LDAP+'1', + 'certificateRevocationList': X500ATTR+'39', 'countryName': X500ATTR+'6', + 'crossCertificatePair': X500ATTR+'40', + 'dc': UCL_DIR_PILOT+'25', + 'deltaRevocationList': X500ATTR+'53', + 'departmentNumber': NETSCAPE_LDAP+'2', + 'destinationIndicator': X500ATTR+'27', + 'displayName': NETSCAPE_LDAP+'241', + 'dmdName': X500ATTR+'54', + 'dnQualifier': X500ATTR+'46', + 'domainComponent': UCL_DIR_PILOT+'25', + 'eduPersonAffiliation': EDUPERSON_OID+'1', + 'eduPersonAssurance': EDUPERSON_OID+'11', + 'eduPersonEntitlement': EDUPERSON_OID+'7', + 'eduPersonNickname': EDUPERSON_OID+'2', + 'eduPersonOrgDN': EDUPERSON_OID+'3', + 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', + 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', + 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', + 'eduPersonPrincipalName': EDUPERSON_OID+'6', + 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', + 'eduPersonTargetedID': EDUPERSON_OID+'10', + 'email': PKCS_9+'1', 'emailAddress': PKCS_9+'1', 'employeeNumber': NETSCAPE_LDAP+'3', - 'organizationName': X500ATTR+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'registeredAddress': X500ATTR+'26', - 'physicalDeliveryOfficeName': X500ATTR+'19', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'l': X500ATTR+'7', - 'stateOrProvinceName': X500ATTR+'8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'pkcs9email': PKCS_9+'1', - 'givenName': X500ATTR+'42', - 'x500UniqueIdentifier': X500ATTR+'45', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'houseIdentifier': X500ATTR+'51', - 'street': X500ATTR+'9', - 'supportedAlgorithms': X500ATTR+'52', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'postalAddress': X500ATTR+'16', - 'email': PKCS_9+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'c': X500ATTR+'6', - 'teletexTerminalIdentifier': X500ATTR+'22', - 'o': X500ATTR+'10', - 'cACertificate': X500ATTR+'37', - 'telexNumber': X500ATTR+'21', - 'ou': X500ATTR+'11', - 'initials': X500ATTR+'43', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'deltaRevocationList': X500ATTR+'53', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'supportedApplicationContext': X500ATTR+'30', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'generationQualifier': X500ATTR+'44', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'localityName': X500ATTR+'7', - 'owner': X500ATTR+'32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'searchGuide': X500ATTR+'14', - 'certificateRevocationList': X500ATTR+'39', - 'organizationalUnitName': X500ATTR+'11', - 'userCertificate': X500ATTR+'36', - 'preferredDeliveryMethod': X500ATTR+'28', - 'internationaliSDNNumber': X500ATTR+'25', - 'uniqueMember': X500ATTR+'50', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'enhancedSearchGuide': X500ATTR+'47', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'x121Address': X500ATTR+'24', - 'destinationIndicator': X500ATTR+'27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'surname': X500ATTR+'4', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'protocolInformation': X500ATTR+'48', - 'knowledgeInformation': X500ATTR+'2', 'employeeType': NETSCAPE_LDAP+'4', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', + 'enhancedSearchGuide': X500ATTR+'47', + 'facsimileTelephoneNumber': X500ATTR+'23', + 'fax': X500ATTR+'23', + 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', + 'generationQualifier': X500ATTR+'44', + 'givenName': X500ATTR+'42', + 'gn': X500ATTR+'42', + 'houseIdentifier': X500ATTR+'51', + 'initials': X500ATTR+'43', + 'internationaliSDNNumber': X500ATTR+'25', + 'jpegPhoto': UCL_DIR_PILOT+'60', + 'knowledgeInformation': X500ATTR+'2', + 'l': X500ATTR+'7', + 'localityName': X500ATTR+'7', + 'mail': UCL_DIR_PILOT+'3', 'member': X500ATTR+'31', - 'streetAddress': X500ATTR+'9', - 'dmdName': X500ATTR+'54', - 'postalCode': X500ATTR+'17', - 'pseudonym': X500ATTR+'65', - 'dnQualifier': X500ATTR+'46', - 'crossCertificatePair': X500ATTR+'40', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'authorityRevocationList': X500ATTR+'38', - 'displayName': NETSCAPE_LDAP+'241', - 'businessCategory': X500ATTR+'15', - 'serialNumber': X500ATTR+'5', + 'norEduOrgAcronym': NOREDUPERSON_OID+'6', 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'st': X500ATTR+'8', - 'carLicense': NETSCAPE_LDAP+'1', + 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', + 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', + 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', + 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', + 'norEduPersonLIN': NOREDUPERSON_OID+'4', + 'norEduPersonNIN': NOREDUPERSON_OID+'5', + 'o': X500ATTR+'10', + 'organizationName': X500ATTR+'10', + 'organizationalUnitName': X500ATTR+'11', + 'ou': X500ATTR+'11', + 'owner': X500ATTR+'32', + 'physicalDeliveryOfficeName': X500ATTR+'19', + 'pkcs9email': PKCS_9+'1', + 'postOfficeBox': X500ATTR+'18', + 'postalAddress': X500ATTR+'16', + 'postalCode': X500ATTR+'17', + 'preferredDeliveryMethod': X500ATTR+'28', + 'preferredLanguage': NETSCAPE_LDAP+'39', 'presentationAddress': X500ATTR+'29', + 'protocolInformation': X500ATTR+'48', + 'pseudonym': X500ATTR+'65', + 'registeredAddress': X500ATTR+'26', + 'rfc822Mailbox': UCL_DIR_PILOT+'3', + 'roleOccupant': X500ATTR+'33', + 'searchGuide': X500ATTR+'14', + 'serialNumber': X500ATTR+'5', 'sn': X500ATTR+'4', - 'domainComponent': UCL_DIR_PILOT+'25', + 'st': X500ATTR+'8', + 'stateOrProvinceName': X500ATTR+'8', + 'street': X500ATTR+'9', + 'streetAddress': X500ATTR+'9', + 'supportedAlgorithms': X500ATTR+'52', + 'supportedApplicationContext': X500ATTR+'30', + 'surname': X500ATTR+'4', + 'telephoneNumber': X500ATTR+'20', + 'teletexTerminalIdentifier': X500ATTR+'22', + 'telexNumber': X500ATTR+'21', + 'title': X500ATTR+'12', + 'uniqueMember': X500ATTR+'50', + 'userCertificate': X500ATTR+'36', + 'userPKCS12': NETSCAPE_LDAP+'216', + 'userSMIMECertificate': NETSCAPE_LDAP+'40', + 'x121Address': X500ATTR+'24', + 'x500UniqueIdentifier': X500ATTR+'45', } -} \ No newline at end of file +} diff --git a/tools/sync_attrmaps.py b/tools/sync_attrmaps.py new file mode 100755 index 0000000..0dc8432 --- /dev/null +++ b/tools/sync_attrmaps.py @@ -0,0 +1,140 @@ +#!/usr/bin/env python + +from importlib import import_module +import sys +import os + +__author__ = 'roland' + + +def load(head, tail): + if head == "": + if sys.path[0] != ".": + sys.path.insert(0, ".") + else: + sys.path.insert(0, head) + + if tail.endswith(".py"): + tail = tail[:-3] + + return import_module(tail) + + +def intcmp(s1, s2): + try: + _i1 = int(s1) + _i2 = int(s2) + except ValueError: + _i1 = s1 + _i2 = s2 + + if _i1 < _i2: + return -1 + if _i1 > _i2: + return 1 + else: + return 0 + + +class AMap(object): + def __init__(self, head, tail, indent=4 * " "): + self.mod = load(head, tail) + self.variable = {} + self.vars = [] + self.text = [] + self.indent = indent + for key, val in self.mod.__dict__.items(): + if key.startswith("__"): + continue + elif key == "MAP": + continue + else: + self.variable[key] = val + self.vars.append(key) + self.vars.sort() + + def sync(self): + for key, val in self.mod.MAP["fro"].items(): + try: + assert self.mod.MAP["to"][val] == key + except KeyError: # missing value + print "# Added %s=%s" % (self.mod.MAP["to"][val], key) + self.mod.MAP["to"][val] = key + except AssertionError: + raise Exception("Mismatch key:%s '%s' != '%s'" % ( + key, val, self.mod.MAP["to"][val])) + + for val in self.mod.MAP["to"].values(): + if val not in self.mod.MAP["fro"]: + print "# Missing URN '%s'" % val + + def do_fro(self): + txt = ["%s'fro': {" % self.indent] + i2 = self.indent + self.indent + _fro = self.mod.MAP["fro"] + for var in self.vars: + _v = self.variable[var] + li = [k[len(_v):] for k in _fro.keys() if k.startswith(_v)] + li.sort(intcmp) + for item in li: + txt.append("%s%s+'%s': '%s'," % (i2, var, item, + _fro[_v + item])) + txt.append('%s},' % self.indent) + return txt + + def do_to(self): + txt = ["%s'to': {" % self.indent] + i2 = self.indent + self.indent + _to = self.mod.MAP["to"] + _keys = _to.keys() + _keys.sort() + invmap = dict([(v, k) for k, v in self.variable.items()]) + + for key in _keys: + val = _to[key] + for _urn, _name in invmap.items(): + if val.startswith(_urn): + txt.append("%s'%s': %s+'%s'," % (i2, key, _name, + val[len(_urn):])) + + txt.append('%s}' % self.indent) + return txt + + def __str__(self): + self.sync() + text = [] + for key in self.vars: + text.append("%s = '%s'" % (key, self.variable[key])) + + text.extend(["", ""]) + + text.append("MAP = {") + text.append("%s'identifier': '%s'," % (self.indent, + self.mod.MAP["identifier"])) + text.extend(self.do_fro()) + text.extend(self.do_to()) + + text.append("}") + text.append("") + return "\n".join(text) + + +if __name__ == "__main__": + _name = sys.argv[1] + if os.path.isfile(_name): + directory, fname = os.path.split(_name) + amap = AMap(directory, fname, 4 * " ") + f = open(_name) + f.write("%s" % amap) + f.close() + elif os.path.isdir(_name): + for fname in os.listdir(_name): + if fname == "__init__.py": + continue + elif fname.endswith(".pyc"): + continue + print 10 * "=" + fname + 10 * "=" + amap = AMap(_name, fname, 4 * " ") + f = open(fname, "w") + f.write("%s" % amap) + f.close()