openstack/deb-python-pysaml2
Code Issues Proposed changes

Made MetaData instances pickleable.

Browse Source
This commit is contained in:
Roland Hedberg
2015-12-01 12:53:35 +01:00
parent cff1391d73
commit 883b89efb0
17 changed files with 135 additions and 340 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
example/idp2/idp.py
View File

@@ -1073,11 +1073,11 @@ if __name__ == '__main__':
digest_alg = None digest_alg = None
try: try:
sign_alg = CONFIG.SIGN_ALG sign_alg = CONFIG.SIGN_ALG
except: except AttributeError:
pass pass
try: try:
digest_alg = CONFIG.DIGEST_ALG digest_alg = CONFIG.DIGEST_ALG
except: except AttributeError:
pass pass
ds.DefaultSignature(sign_alg, digest_alg) ds.DefaultSignature(sign_alg, digest_alg)

24
src/saml2/config.py
View File

@@ -26,27 +26,6 @@ from saml2.virtual_org import VirtualOrg
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
from saml2 import md
from saml2 import saml
from saml2.extension import mdui
from saml2.extension import idpdisc
from saml2.extension import dri
from saml2.extension import mdattr
from saml2.extension import ui
from saml2 import xmldsig
from saml2 import xmlenc
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
COMMON_ARGS = [ COMMON_ARGS = [
"entityid", "xmlsec_binary", "debug", "key_file", "cert_file", "entityid", "xmlsec_binary", "debug", "key_file", "cert_file",
@@ -408,8 +387,7 @@ class Config(object):
except: except:
disable_validation = False disable_validation = False
mds = MetadataStore( mds = MetadataStore(acs, self, ca_certs,
list(ONTS.values()), acs, self, ca_certs,
disable_ssl_certificate_validation=disable_validation) disable_ssl_certificate_validation=disable_validation)
mds.imp(metadata_conf) mds.imp(metadata_conf)

2
src/saml2/entity_category/edugain.py
View File

@@ -9,6 +9,6 @@ RELEASE = {
# "displayName", "schacHomeOrganization"], # "displayName", "schacHomeOrganization"],
COCO: ["eduPersonPrincipalName", "eduPersonScopedAffiliation", COCO: ["eduPersonPrincipalName", "eduPersonScopedAffiliation",
'eduPersonAffiliation', "mail", "displayName", 'cn', 'eduPersonAffiliation', "mail", "displayName", 'cn',
"schacHomeOrganization", 'schacHomeOrganizationType'] "schacHomeOrganization"]
} }

87
src/saml2/mdstore.py
View File

@@ -9,18 +9,24 @@ import json
import requests import requests
import six import six
from hashlib import sha1 from hashlib import sha1
from os.path import isfile, join from os.path import isfile
from os.path import join
from saml2 import md
from saml2 import saml
from saml2 import samlp
from saml2 import xmldsig
from saml2 import xmlenc
from saml2 import SAMLError
from saml2 import BINDING_HTTP_REDIRECT
from saml2 import BINDING_HTTP_POST
from saml2 import BINDING_SOAP
from saml2.httpbase import HTTPBase from saml2.httpbase import HTTPBase
from saml2.extension.idpdisc import BINDING_DISCO from saml2.extension.idpdisc import BINDING_DISCO
from saml2.extension.idpdisc import DiscoveryResponse from saml2.extension.idpdisc import DiscoveryResponse
from saml2.md import EntitiesDescriptor from saml2.md import EntitiesDescriptor
from saml2.mdie import to_dict from saml2.mdie import to_dict
from saml2 import md
from saml2 import samlp
from saml2 import SAMLError
from saml2 import BINDING_HTTP_REDIRECT
from saml2 import BINDING_HTTP_POST
from saml2 import BINDING_SOAP
from saml2.s_utils import UnsupportedBinding from saml2.s_utils import UnsupportedBinding
from saml2.s_utils import UnknownSystemEntity from saml2.s_utils import UnknownSystemEntity
from saml2.sigver import split_len from saml2.sigver import split_len
@@ -83,6 +89,24 @@ def load_extensions():
return ext_map return ext_map
def load_metadata_modules():
mods = {
saml.NAMESPACE: saml,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
mods.update(load_extensions())
return mods
def metadata_modules():
_res = [saml, md, xmldsig, xmlenc]
_res.extend(list(load_extensions().values()))
return _res
def destinations(srvs): def destinations(srvs):
return [s["location"] for s in srvs] return [s["location"] for s in srvs]
@@ -129,14 +153,16 @@ def repack_cert(cert):
class MetaData(object): class MetaData(object):
def __init__(self, onts, attrc, metadata='', node_name=None, def __init__(self, attrc, metadata='', node_name=None,
check_validity=True, security=None, **kwargs): check_validity=True, security=None, **kwargs):
self.onts = onts
self.attrc = attrc self.attrc = attrc
self.metadata = metadata self.metadata = metadata
self.entity = None self.entity = None
self.cert = None self.cert = None
self.to_old = [] self.to_old = []
self.node_name = node_name
self.check_validity = check_validity
self.security = security
def items(self): def items(self):
''' '''
@@ -369,9 +395,9 @@ class MetaData(object):
class InMemoryMetaData(MetaData): class InMemoryMetaData(MetaData):
def __init__(self, onts, attrc, metadata="", node_name=None, def __init__(self, attrc, metadata="", node_name=None,
check_validity=True, security=None, **kwargs): check_validity=True, security=None, **kwargs):
super(InMemoryMetaData, self).__init__(onts, attrc, metadata=metadata) super(InMemoryMetaData, self).__init__(attrc, metadata=metadata)
self.entity = {} self.entity = {}
self.security = security self.security = security
self.node_name = node_name self.node_name = node_name
@@ -424,7 +450,7 @@ class InMemoryMetaData(MetaData):
entity_descr.entity_id, file=sys.stderr) entity_descr.entity_id, file=sys.stderr)
return return
_ent = to_dict(entity_descr, self.onts) _ent = to_dict(entity_descr, metadata_modules())
flag = 0 flag = 0
# verify support for SAML2 # verify support for SAML2
for descr in ["spsso", "idpsso", "role", "authn_authority", for descr in ["spsso", "idpsso", "role", "authn_authority",
@@ -597,8 +623,8 @@ class MetaDataFile(InMemoryMetaData):
the SAML Metadata format. the SAML Metadata format.
""" """
def __init__(self, onts, attrc, filename=None, cert=None, **kwargs): def __init__(self, attrc, filename=None, cert=None, **kwargs):
super(MetaDataFile, self).__init__(onts, attrc, **kwargs) super(MetaDataFile, self).__init__(attrc, **kwargs)
if not filename: if not filename:
raise SAMLError('No file specified.') raise SAMLError('No file specified.')
self.filename = filename self.filename = filename
@@ -618,9 +644,9 @@ class MetaDataLoader(MetaDataFile):
The format of the file is the SAML Metadata format. The format of the file is the SAML Metadata format.
""" """
def __init__(self, onts, attrc, loader_callable, cert=None, def __init__(self, attrc, loader_callable, cert=None,
security=None, **kwargs): security=None, **kwargs):
super(MetaDataLoader, self).__init__(onts, attrc, **kwargs) super(MetaDataLoader, self).__init__(attrc, **kwargs)
self.metadata_provider_callable = self.get_metadata_loader( self.metadata_provider_callable = self.get_metadata_loader(
loader_callable) loader_callable)
self.cert = cert self.cert = cert
@@ -662,17 +688,16 @@ class MetaDataExtern(InMemoryMetaData):
Accessible but HTTP GET. Accessible but HTTP GET.
""" """
def __init__(self, onts, attrc, url=None, security=None, cert=None, def __init__(self, attrc, url=None, security=None, cert=None,
http=None, **kwargs): http=None, **kwargs):
""" """
:params onts:
:params attrc: :params attrc:
:params url: Location of the metadata :params url: Location of the metadata
:params security: SecurityContext() :params security: SecurityContext()
:params cert: CertificMDloaderate used to sign the metadata :params cert: CertificMDloaderate used to sign the metadata
:params http: :params http:
""" """
super(MetaDataExtern, self).__init__(onts, attrc, **kwargs) super(MetaDataExtern, self).__init__(attrc, **kwargs)
if not url: if not url:
raise SAMLError('URL not specified.') raise SAMLError('URL not specified.')
else: else:
@@ -704,8 +729,8 @@ class MetaDataMD(InMemoryMetaData):
of the Python representation of the metadata. of the Python representation of the metadata.
""" """
def __init__(self, onts, attrc, filename, **kwargs): def __init__(self, attrc, filename, **kwargs):
super(MetaDataMD, self).__init__(onts, attrc, **kwargs) super(MetaDataMD, self).__init__(attrc, **kwargs)
self.filename = filename self.filename = filename
def load(self): def load(self):
@@ -771,18 +796,16 @@ class MetaDataMDX(InMemoryMetaData):
class MetadataStore(MetaData): class MetadataStore(MetaData):
def __init__(self, onts, attrc, config, ca_certs=None, def __init__(self, attrc, config, ca_certs=None,
check_validity=True, check_validity=True,
disable_ssl_certificate_validation=False, disable_ssl_certificate_validation=False,
filter=None): filter=None):
""" """
:params onts:
:params attrc: :params attrc:
:params config: Config() :params config: Config()
:params ca_certs: :params ca_certs:
:params disable_ssl_certificate_validation: :params disable_ssl_certificate_validation:
""" """
self.onts = onts
self.attrc = attrc self.attrc = attrc
if disable_ssl_certificate_validation: if disable_ssl_certificate_validation:
@@ -810,18 +833,18 @@ class MetadataStore(MetaData):
files = [f for f in os.listdir(key) if isfile(join(key, f))] files = [f for f in os.listdir(key) if isfile(join(key, f))]
for fil in files: for fil in files:
_fil = join(key, fil) _fil = join(key, fil)
_md = MetaDataFile(self.onts, self.attrc, _fil, **_args) _md = MetaDataFile(self.attrc, _fil, **_args)
_md.load() _md.load()
self.metadata[_fil] = _md self.metadata[_fil] = _md
return return
else: else:
# else it's just a plain old file so read it # else it's just a plain old file so read it
_md = MetaDataFile(self.onts, self.attrc, key, **_args) _md = MetaDataFile(self.attrc, key, **_args)
elif typ == "inline": elif typ == "inline":
self.ii += 1 self.ii += 1
key = self.ii key = self.ii
kwargs.update(_args) kwargs.update(_args)
_md = InMemoryMetaData(self.onts, self.attrc, args[0]) _md = InMemoryMetaData(self.attrc, args[0])
elif typ == "remote": elif typ == "remote":
key = kwargs["url"] key = kwargs["url"]
for _key in ["node_name", "check_validity"]: for _key in ["node_name", "check_validity"]:
@@ -833,15 +856,15 @@ class MetadataStore(MetaData):
if "cert" not in kwargs: if "cert" not in kwargs:
kwargs["cert"] = "" kwargs["cert"] = ""
_md = MetaDataExtern(self.onts, self.attrc, _md = MetaDataExtern(self.attrc,
kwargs["url"], self.security, kwargs["url"], self.security,
kwargs["cert"], self.http, **_args) kwargs["cert"], self.http, **_args)
elif typ == "mdfile": elif typ == "mdfile":
key = args[0] key = args[0]
_md = MetaDataMD(self.onts, self.attrc, args[0], **_args) _md = MetaDataMD(self.attrc, args[0], **_args)
elif typ == "loader": elif typ == "loader":
key = args[0] key = args[0]
_md = MetaDataLoader(self.onts, self.attrc, args[0], **_args) _md = MetaDataLoader(self.attrc, args[0], **_args)
else: else:
raise SAMLError("Unknown metadata type '%s'" % typ) raise SAMLError("Unknown metadata type '%s'" % typ)
_md.load() _md.load()
@@ -891,7 +914,7 @@ class MetadataStore(MetaData):
isfile(join(key[0], f))] isfile(join(key[0], f))]
for fil in files: for fil in files:
_fil = join(key[0], fil) _fil = join(key[0], fil)
_md = MetaDataFile(self.onts, self.attrc, _fil) _md = MetaDataFile(self.attrc, _fil)
_md.load() _md.load()
self.metadata[_fil] = _md self.metadata[_fil] = _md
if _md.to_old: if _md.to_old:
@@ -901,7 +924,7 @@ class MetadataStore(MetaData):
if len(key) == 2: if len(key) == 2:
kwargs["cert"] = key[1] kwargs["cert"] = key[1]
_md = MDloader(self.onts, self.attrc, key[0], **kwargs) _md = MDloader(self.attrc, key[0], **kwargs)
_md.load() _md.load()
self.metadata[key[0]] = _md self.metadata[key[0]] = _md
if _md.to_old: if _md.to_old:

40
src/saml2/mongo_store.py
View File

@@ -7,39 +7,25 @@ import pymongo.uri_parser
import pymongo.errors import pymongo.errors
from saml2.eptid import Eptid from saml2.eptid import Eptid
from saml2.mdstore import InMemoryMetaData from saml2.mdstore import InMemoryMetaData
from saml2.mdstore import metadata_modules
from saml2.mdstore import load_metadata_modules
from saml2.s_utils import PolicyError from saml2.s_utils import PolicyError
from saml2.ident import code_binary, IdentDB, Unknown from saml2.ident import code_binary
from saml2.mdie import to_dict, from_dict from saml2.ident import IdentDB
from saml2.ident import Unknown
from saml2.mdie import to_dict
from saml2.mdie import from_dict
from saml2 import md
from saml2 import saml
from saml2.extension import mdui
from saml2.extension import idpdisc
from saml2.extension import dri
from saml2.extension import mdattr
from saml2.extension import ui
from saml2 import xmldsig
from saml2 import xmlenc
import six import six
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
__author__ = 'rolandh' __author__ = 'rolandh'
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
ONTS = load_metadata_modules()
MMODS = metadata_modules()
class CorruptDatabase(Exception): class CorruptDatabase(Exception):
pass pass
@@ -64,7 +50,7 @@ class SessionStorageMDB(object):
doc = { doc = {
"name_id_key": nkey, "name_id_key": nkey,
"assertion_id": assertion.id, "assertion_id": assertion.id,
"assertion": to_dict(assertion, ONTS.values(), True), "assertion": to_dict(assertion, MMODS, True),
"to_sign": to_sign "to_sign": to_sign
} }
@@ -151,7 +137,7 @@ class IdentMDB(IdentDB):
return _id return _id
def store(self, ident, name_id): def store(self, ident, name_id):
self.mdb.store(ident, name_id=to_dict(name_id, ONTS.values(), True)) self.mdb.store(ident, name_id=to_dict(name_id, MMODS, True))
def find_nameid(self, userid, nformat=None, sp_name_qualifier=None, def find_nameid(self, userid, nformat=None, sp_name_qualifier=None,
name_qualifier=None, sp_provided_id=None, **kwargs): name_qualifier=None, sp_provided_id=None, **kwargs):
@@ -172,13 +158,13 @@ class IdentMDB(IdentDB):
return res return res
def find_local_id(self, name_id): def find_local_id(self, name_id):
cnid = to_dict(name_id, ONTS.values(), True) cnid = to_dict(name_id, MMODS, True)
for item in self.mdb.get(name_id=cnid): for item in self.mdb.get(name_id=cnid):
return item[self.mdb.primary_key] return item[self.mdb.primary_key]
return None return None
def remove_remote(self, name_id): def remove_remote(self, name_id):
cnid = to_dict(name_id, ONTS.values(), True) cnid = to_dict(name_id, MMODS, True)
self.mdb.remove(name_id=cnid) self.mdb.remove(name_id=cnid)
def handle_name_id_mapping_request(self, name_id, name_id_policy): def handle_name_id_mapping_request(self, name_id, name_id_policy):

12
src/saml2/sdb.py
View File

@@ -15,18 +15,6 @@ from saml2 import xmldsig
from saml2 import xmlenc from saml2 import xmlenc
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
__author__ = 'rolandh' __author__ = 'rolandh'
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)

26
tests/test_22_mdie.py
View File

@@ -1,30 +1,10 @@
__author__ = 'rolandh'
from saml2 import md from saml2 import md
from saml2.mdie import from_dict from saml2.mdie import from_dict
from saml2.mdstore import load_metadata_modules
from saml2 import saml __author__ = 'rolandh'
from saml2.extension import mdui
from saml2.extension import idpdisc
from saml2.extension import dri
from saml2.extension import mdattr
from saml2.extension import ui
from saml2 import xmldsig
from saml2 import xmlenc
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
ONTS = load_metadata_modules()
def _eq(l1, l2): def _eq(l1, l2):
return set(l1) == set(l2) return set(l1) == set(l2)

41
tests/test_30_mdstore.py
View File

@@ -9,21 +9,16 @@ from saml2.mdstore import MetadataStore
from saml2.mdstore import MetaDataMDX from saml2.mdstore import MetaDataMDX
from saml2.mdstore import SAML_METADATA_CONTENT_TYPE from saml2.mdstore import SAML_METADATA_CONTENT_TYPE
from saml2.mdstore import destinations from saml2.mdstore import destinations
from saml2.mdstore import load_extensions
from saml2.mdstore import name from saml2.mdstore import name
from saml2 import md
from saml2 import sigver from saml2 import sigver
from saml2 import BINDING_SOAP from saml2 import BINDING_SOAP
from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_HTTP_REDIRECT
from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_POST
from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_HTTP_ARTIFACT
from saml2 import saml
from saml2 import config from saml2 import config
from saml2.attribute_converter import ac_factory from saml2.attribute_converter import ac_factory
from saml2.attribute_converter import d_to_local_name from saml2.attribute_converter import d_to_local_name
from saml2.s_utils import UnknownPrincipal from saml2.s_utils import UnknownPrincipal
from saml2 import xmldsig
from saml2 import xmlenc
from pathutils import full_path from pathutils import full_path
import responses import responses
@@ -86,14 +81,6 @@ TEST_METADATA_STRING = """
</EntitiesDescriptor> </EntitiesDescriptor>
""".format(cert_data=TEST_CERT) """.format(cert_data=TEST_CERT)
ONTS = {
saml.NAMESPACE: saml,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
ONTS.update(load_extensions())
ATTRCONV = ac_factory(full_path("attributemaps")) ATTRCONV = ac_factory(full_path("attributemaps"))
@@ -167,7 +154,7 @@ def _fix_valid_until(xmlstring):
def test_swami_1(): def test_swami_1():
UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php' UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php'
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["1"]) mds.imp(METADATACONF["1"])
@@ -200,7 +187,7 @@ def test_swami_1():
def test_incommon_1(): def test_incommon_1():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["2"]) mds.imp(METADATACONF["2"])
@@ -238,7 +225,7 @@ def test_incommon_1():
def test_ext_2(): def test_ext_2():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["3"]) mds.imp(METADATACONF["3"])
@@ -251,7 +238,7 @@ def test_ext_2():
def test_example(): def test_example():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["4"]) mds.imp(METADATACONF["4"])
@@ -267,7 +254,7 @@ def test_example():
def test_switch_1(): def test_switch_1():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["5"]) mds.imp(METADATACONF["5"])
@@ -296,7 +283,7 @@ def test_switch_1():
def test_metadata_file(): def test_metadata_file():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["8"]) mds.imp(METADATACONF["8"])
@@ -339,7 +326,7 @@ def test_mdx_single_sign_on_service():
# sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
# http = HTTPBase(verify=False, ca_bundle=None) # http = HTTPBase(verify=False, ca_bundle=None)
# #
# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, # mdx = MetaDataMDX(quote_plus, ATTRCONV,
# "http://pyff-test.nordu.net", # "http://pyff-test.nordu.net",
# sec_config, None, http) # sec_config, None, http)
# foo = mdx.service("https://idp.umu.se/saml2/idp/metadata.php", # foo = mdx.service("https://idp.umu.se/saml2/idp/metadata.php",
@@ -353,7 +340,7 @@ def test_mdx_single_sign_on_service():
# sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
# http = HTTPBase(verify=False, ca_bundle=None) # http = HTTPBase(verify=False, ca_bundle=None)
# #
# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, # mdx = MetaDataMDX(quote_plus, ATTRCONV,
# "http://pyff-test.nordu.net", # "http://pyff-test.nordu.net",
# sec_config, None, http) # sec_config, None, http)
# foo = mdx.certs("https://idp.umu.se/saml2/idp/metadata.php", "idpsso") # foo = mdx.certs("https://idp.umu.se/saml2/idp/metadata.php", "idpsso")
@@ -363,7 +350,7 @@ def test_mdx_single_sign_on_service():
def test_load_local_dir(): def test_load_local_dir():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["9"]) mds.imp(METADATACONF["9"])
@@ -374,7 +361,7 @@ def test_load_local_dir():
def test_load_extern_incommon(): def test_load_extern_incommon():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["10"]) mds.imp(METADATACONF["10"])
@@ -398,7 +385,7 @@ def test_load_local():
def test_load_string(): def test_load_string():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["11"]) mds.imp(METADATACONF["11"])
@@ -415,7 +402,7 @@ def test_load_string():
def test_get_certs_from_metadata(): def test_get_certs_from_metadata():
mds = MetadataStore(ONTS.values(), ATTRCONV, None) mds = MetadataStore(ATTRCONV, None)
mds.imp(METADATACONF["11"]) mds.imp(METADATACONF["11"])
certs1 = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "any") certs1 = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "any")
certs2 = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso") certs2 = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso")
@@ -424,7 +411,7 @@ def test_get_certs_from_metadata():
def test_get_certs_from_metadata_without_keydescriptor(): def test_get_certs_from_metadata_without_keydescriptor():
mds = MetadataStore(ONTS.values(), ATTRCONV, None) mds = MetadataStore(ATTRCONV, None)
mds.imp([{ mds.imp([{
"class": "saml2.mdstore.InMemoryMetaData", "class": "saml2.mdstore.InMemoryMetaData",
"metadata": [(""" "metadata": [("""
@@ -461,7 +448,7 @@ def test_get_certs_from_metadata_without_keydescriptor():
assert len(certs) == 0 assert len(certs) == 0
def test_metadata_extension_algsupport(): def test_metadata_extension_algsupport():
mds = MetadataStore(list(ONTS.values()), ATTRCONV, None) mds = MetadataStore(ATTRCONV, None)
mds.imp(METADATACONF["12"]) mds.imp(METADATACONF["12"])
mdf = mds.metadata[full_path("uu.xml")] mdf = mds.metadata[full_path("uu.xml")]
assert mds assert mds

34
tests/test_30_mdstore_old.py
View File

@@ -84,18 +84,6 @@ TEST_METADATA_STRING = """
</EntitiesDescriptor> </EntitiesDescriptor>
""" """
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
ATTRCONV = ac_factory(full_path("attributemaps")) ATTRCONV = ac_factory(full_path("attributemaps"))
METADATACONF = { METADATACONF = {
@@ -151,7 +139,7 @@ def _fix_valid_until(xmlstring):
def test_swami_1(): def test_swami_1():
UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php' UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php'
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["1"]) mds.imp(METADATACONF["1"])
@@ -184,7 +172,7 @@ def test_swami_1():
def test_incommon_1(): def test_incommon_1():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["2"]) mds.imp(METADATACONF["2"])
@@ -222,7 +210,7 @@ def test_incommon_1():
def test_ext_2(): def test_ext_2():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["3"]) mds.imp(METADATACONF["3"])
@@ -235,7 +223,7 @@ def test_ext_2():
def test_example(): def test_example():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["4"]) mds.imp(METADATACONF["4"])
@@ -251,7 +239,7 @@ def test_example():
def test_switch_1(): def test_switch_1():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["5"]) mds.imp(METADATACONF["5"])
@@ -280,7 +268,7 @@ def test_switch_1():
def test_metadata_file(): def test_metadata_file():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["8"]) mds.imp(METADATACONF["8"])
@@ -292,7 +280,7 @@ def test_metadata_file():
# sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
# http = HTTPBase(verify=False, ca_bundle=None) # http = HTTPBase(verify=False, ca_bundle=None)
# #
# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, # mdx = MetaDataMDX(quote_plus, ATTRCONV,
# "http://pyff-test.nordu.net", # "http://pyff-test.nordu.net",
# sec_config, None, http) # sec_config, None, http)
# foo = mdx.service("https://idp.umu.se/saml2/idp/metadata.php", # foo = mdx.service("https://idp.umu.se/saml2/idp/metadata.php",
@@ -306,7 +294,7 @@ def test_metadata_file():
# sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
# http = HTTPBase(verify=False, ca_bundle=None) # http = HTTPBase(verify=False, ca_bundle=None)
# #
# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, # mdx = MetaDataMDX(quote_plus, ATTRCONV,
# "http://pyff-test.nordu.net", # "http://pyff-test.nordu.net",
# sec_config, None, http) # sec_config, None, http)
# foo = mdx.certs("https://idp.umu.se/saml2/idp/metadata.php", "idpsso") # foo = mdx.certs("https://idp.umu.se/saml2/idp/metadata.php", "idpsso")
@@ -316,7 +304,7 @@ def test_metadata_file():
def test_load_local_dir(): def test_load_local_dir():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["9"]) mds.imp(METADATACONF["9"])
@@ -327,7 +315,7 @@ def test_load_local_dir():
def test_load_external(): def test_load_external():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["10"]) mds.imp(METADATACONF["10"])
@@ -338,7 +326,7 @@ def test_load_external():
def test_load_string(): def test_load_string():
sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp(METADATACONF["11"]) mds.imp(METADATACONF["11"])

19
tests/test_37_entity_categories.py
View File

@@ -15,17 +15,6 @@ from saml2.server import Server
from saml2 import xmldsig from saml2 import xmldsig
from saml2 import xmlenc from saml2 import xmlenc
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
ATTRCONV = ac_factory(full_path("attributemaps")) ATTRCONV = ac_factory(full_path("attributemaps"))
sec_config = config.Config() sec_config = config.Config()
@@ -33,7 +22,7 @@ sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"])
__author__ = 'rolandh' __author__ = 'rolandh'
MDS = MetadataStore(ONTS.values(), ATTRCONV, sec_config, MDS = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
MDS.imp([{"class": "saml2.mdstore.MetaDataMD", MDS.imp([{"class": "saml2.mdstore.MetaDataMD",
"metadata": [(full_path("swamid.md"),)]}]) "metadata": [(full_path("swamid.md"),)]}])
@@ -90,7 +79,7 @@ def test_filter_ava3():
} }
}) })
mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp([{"class": "saml2.mdstore.MetaDataFile", mds.imp([{"class": "saml2.mdstore.MetaDataFile",
"metadata": [(full_path("entity_cat_sfs_hei.xml"),)]}]) "metadata": [(full_path("entity_cat_sfs_hei.xml"),)]}])
@@ -114,7 +103,7 @@ def test_filter_ava4():
} }
}) })
mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp([{"class": "saml2.mdstore.MetaDataFile", mds.imp([{"class": "saml2.mdstore.MetaDataFile",
"metadata": [(full_path("entity_cat_re_nren.xml"),)]}]) "metadata": [(full_path("entity_cat_re_nren.xml"),)]}])
@@ -140,7 +129,7 @@ def test_filter_ava5():
} }
}) })
mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
mds.imp([{"class": "saml2.mdstore.MetaDataFile", mds.imp([{"class": "saml2.mdstore.MetaDataFile",
"metadata": [(full_path("entity_cat_re.xml"),)]}]) "metadata": [(full_path("entity_cat_re.xml"),)]}])

15
tests/test_38_metadata_filter.py
View File

@@ -19,17 +19,6 @@ __author__ = 'roland'
sec_config = config.Config() sec_config = config.Config()
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
ATTRCONV = ac_factory(full_path("attributemaps")) ATTRCONV = ac_factory(full_path("attributemaps"))
@@ -41,7 +30,7 @@ METADATACONF = {
} }
def test_swamid_sp(): def test_swamid_sp():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True, disable_ssl_certificate_validation=True,
filter=AllowDescriptor(["spsso"])) filter=AllowDescriptor(["spsso"]))
@@ -52,7 +41,7 @@ def test_swamid_sp():
assert idps == {} assert idps == {}
def test_swamid_idp(): def test_swamid_idp():
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, mds = MetadataStore(ATTRCONV, sec_config,
disable_ssl_certificate_validation=True, disable_ssl_certificate_validation=True,
filter=AllowDescriptor(["idpsso"])) filter=AllowDescriptor(["idpsso"]))

48
tests/test_76_metadata_in_mdb.py
View File

@@ -1,8 +1,5 @@
# -*- coding: utf-8 -*- # -*- coding: utf-8 -*-
from pymongo.errors import ConnectionFailure from pymongo.errors import ConnectionFailure
__author__ = 'rolandh'
from saml2.attribute_converter import d_to_local_name from saml2.attribute_converter import d_to_local_name
from saml2.attribute_converter import ac_factory from saml2.attribute_converter import ac_factory
from saml2.mongo_store import export_mdstore_to_mongo_db from saml2.mongo_store import export_mdstore_to_mongo_db
@@ -10,32 +7,11 @@ from saml2.mongo_store import MetadataMDB
from saml2.mdstore import MetadataStore from saml2.mdstore import MetadataStore
from saml2.mdstore import destinations from saml2.mdstore import destinations
from saml2.mdstore import name from saml2.mdstore import name
from saml2 import saml
from saml2 import md
from saml2 import config from saml2 import config
from saml2.extension import mdui
from saml2.extension import idpdisc
from saml2.extension import dri
from saml2.extension import mdattr
from saml2.extension import ui
from saml2 import xmldsig
from saml2 import xmlenc
from pathutils import full_path from pathutils import full_path
ONTS = { __author__ = 'rolandh'
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc
}
ATTRCONV = ac_factory(full_path("attributemaps")) ATTRCONV = ac_factory(full_path("attributemaps"))
@@ -47,13 +23,14 @@ def _eq(l1, l2):
def test_metadata(): def test_metadata():
conf = config.Config() conf = config.Config()
conf.load_file("idp_conf_mdb") conf.load_file("idp_conf_mdb")
UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php' umu_idp = 'https://idp.umu.se/saml2/idp/metadata.php'
# Set up a Metadata store # Set up a Metadata store
mds = MetadataStore(ONTS.values(), ATTRCONV, conf, mds = MetadataStore(ATTRCONV, conf,
disable_ssl_certificate_validation=True) disable_ssl_certificate_validation=True)
# Import metadata from local file. # Import metadata from local file.
mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("swamid-2.0.xml"), )]}]) mds.imp([{"class": "saml2.mdstore.MetaDataFile",
"metadata": [(full_path("swamid-2.0.xml"), )]}])
assert len(mds) == 1 # One source assert len(mds) == 1 # One source
try: try:
@@ -61,20 +38,20 @@ def test_metadata():
except ConnectionFailure: except ConnectionFailure:
pass pass
else: else:
mdmdb = MetadataMDB(ONTS, ATTRCONV, "metadata", "test") mdmdb = MetadataMDB(ATTRCONV, "metadata", "test")
# replace all metadata instances with this one # replace all metadata instances with this one
mds.metadata = {"mongo_db": mdmdb} mds.metadata = {"mongo_db": mdmdb}
idps = mds.with_descriptor("idpsso") idps = mds.with_descriptor("idpsso")
assert idps.keys() assert idps.keys()
idpsso = mds.single_sign_on_service(UMU_IDP) idpsso = mds.single_sign_on_service(umu_idp)
assert len(idpsso) == 1 assert len(idpsso) == 1
assert destinations(idpsso) == [ assert destinations(idpsso) == [
'https://idp.umu.se/saml2/idp/SSOService.php'] 'https://idp.umu.se/saml2/idp/SSOService.php']
_name = name(mds[UMU_IDP]) _name = name(mds[umu_idp])
assert _name == u'Ume\xe5 University' assert _name == u'Ume\xe5 University'
certs = mds.certs(UMU_IDP, "idpsso", "signing") certs = mds.certs(umu_idp, "idpsso", "signing")
assert len(certs) == 1 assert len(certs) == 1
sps = mds.with_descriptor("spsso") sps = mds.with_descriptor("spsso")
@@ -83,8 +60,9 @@ def test_metadata():
wants = mds.attribute_requirement('https://connect.sunet.se/shibboleth') wants = mds.attribute_requirement('https://connect.sunet.se/shibboleth')
assert wants["optional"] == [] assert wants["optional"] == []
lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["required"]] lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["required"]]
assert _eq(lnamn, ['eduPersonPrincipalName', 'mail', 'givenName', 'sn', assert _eq(lnamn,
'eduPersonScopedAffiliation', 'eduPersonAffiliation']) ['eduPersonPrincipalName', 'mail', 'givenName', 'sn',
'eduPersonScopedAffiliation', 'eduPersonAffiliation'])
wants = mds.attribute_requirement( wants = mds.attribute_requirement(
"https://gidp.geant.net/sp/module.php/saml/sp/metadata.php/default-sp") "https://gidp.geant.net/sp/module.php/saml/sp/metadata.php/default-sp")

15
tools/mdexport.py
View File

@@ -20,16 +20,6 @@ A script that imports and verifies metadata and then dumps it in a basic
dictionary format. dictionary format.
""" """
ONTS = {
saml.NAMESPACE: saml,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc,
}
ONTS.update(load_extensions())
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type') parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url') parser.add_argument('-u', dest='url')
@@ -44,14 +34,13 @@ args = parser.parse_args()
metad = None metad = None
if args.type == "local": if args.type == "local":
metad = MetaDataFile(ONTS.values(), args.item, args.item) metad = MetaDataFile(args.item, args.item)
elif args.type == "external": elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap) ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase() httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec) crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto) sc = SecurityContext(crypto)
metad = MetaDataExtern(ONTS.values(), ATTRCONV, args.url, metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc)
sc, cert=args.cert, http=httpc)
if metad is not None: if metad is not None:
metad.load() metad.load()

19
tools/mdexport_test.py
View File

@@ -22,19 +22,6 @@ dictionary format.
""" """
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc,
shibmd.NAMESPACE: shibmd
}
MDIMPORT = { MDIMPORT = {
"swamid": { "swamid": {
"url": "https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2", "url": "https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2",
@@ -58,10 +45,10 @@ def main():
metad = None metad = None
if item["type"] == "local": if item["type"] == "local":
metad = MetaDataFile(sys.argv[1], ONTS.values(), item["file"]) metad = MetaDataFile(sys.argv[1], item["file"])
elif item["type"] == "external": elif item["type"] == "external":
metad = MetaDataExtern(sys.argv[1], ONTS.values(), metad = MetaDataExtern(sys.argv[1], item["url"],
item["url"], "/opt/local/bin/xmlsec1", item["cert"]) "/opt/local/bin/xmlsec1", item["cert"])
if metad: if metad:
metad.load() metad.load()

27
tools/mdimport.py
View File

@@ -1,36 +1,13 @@
#!/usr/bin/env python #!/usr/bin/env python
import sys
import time import time
from saml2.attribute_converter import ac_factory from saml2.attribute_converter import ac_factory
from saml2.mdstore import MetaDataMD, MetaDataFile from saml2.mdstore import MetaDataMD, MetaDataFile
__author__ = 'rolandh' __author__ = 'rolandh'
from saml2 import xmldsig
from saml2 import xmlenc
from saml2 import md
from saml2 import saml
from saml2.extension import dri
from saml2.extension import idpdisc
from saml2.extension import mdattr
from saml2.extension import mdui
from saml2.extension import ui
ONTS = {
dri.NAMESPACE: dri,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
mdattr.NAMESPACE: mdattr,
mdui.NAMESPACE: mdui,
saml.NAMESPACE: saml,
ui.NAMESPACE: ui,
xmlenc.NAMESPACE: xmlenc,
xmldsig.NAMESPACE: xmldsig,
}
start = time.time() start = time.time()
for i in range(1, 10): for i in range(1, 10):
mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md") mdmd = MetaDataMD(ac_factory("../tests/attributemaps"), "swamid2.md")
mdmd.load() mdmd.load()
_ = mdmd.keys() _ = mdmd.keys()
@@ -39,7 +16,7 @@ print(time.time() - start)
start = time.time() start = time.time()
for i in range(1, 10): for i in range(1, 10):
mdf = MetaDataFile(ONTS.values(), ac_factory("../tests/attributemaps"), mdf = MetaDataFile(ac_factory("../tests/attributemaps"),
"../tests/swamid-2.0.xml") "../tests/swamid-2.0.xml")
mdf.load() mdf.load()
_ = mdf.keys() _ = mdf.keys()

37
tools/merge_metadata.py
View File

@@ -1,20 +1,7 @@
#!/usr/bin/env python #!/usr/bin/env python
from saml2.sigver import _get_xmlsec_cryptobackend, SecurityContext from saml2.sigver import _get_xmlsec_cryptobackend, SecurityContext
from saml2.httpbase import HTTPBase from saml2.httpbase import HTTPBase
from saml2 import saml
from saml2 import md
from saml2.attribute_converter import ac_factory from saml2.attribute_converter import ac_factory
from saml2.extension import dri
from saml2.extension import idpdisc
from saml2.extension import mdattr
from saml2.extension import mdrpi
from saml2.extension import mdui
from saml2.extension import shibmd
from saml2.extension import ui
from saml2 import xmldsig
from saml2 import xmlenc
import argparse import argparse
from saml2.mdstore import MetaDataFile, MetaDataExtern, MetadataStore from saml2.mdstore import MetaDataFile, MetaDataExtern, MetadataStore
@@ -25,22 +12,6 @@ __author__ = 'rolandh'
A script that imports and verifies metadata. A script that imports and verifies metadata.
""" """
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
mdrpi.NAMESPACE: mdrpi,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc,
shibmd.NAMESPACE: shibmd
}
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument('-a', dest='attrsmap') parser.add_argument('-a', dest='attrsmap')
parser.add_argument('-o', dest='output', default="local") parser.add_argument('-o', dest='output', default="local")
@@ -65,7 +36,7 @@ metad = None
ATTRCONV = ac_factory(args.attrsmap) ATTRCONV = ac_factory(args.attrsmap)
mds = MetadataStore(ONTS.values(), None, None) mds = MetadataStore(None, None)
for line in open(args.conf).readlines(): for line in open(args.conf).readlines():
line = line.strip() line = line.strip()
@@ -81,14 +52,14 @@ for line in open(args.conf).readlines():
kwargs = {} kwargs = {}
if spec[0] == "local": if spec[0] == "local":
metad = MetaDataFile(ONTS.values(), spec[1], spec[1], **kwargs) metad = MetaDataFile(spec[1], spec[1], **kwargs)
elif spec[0] == "remote": elif spec[0] == "remote":
ATTRCONV = ac_factory(args.attrsmap) ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase() httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec) crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto, key_type="", cert_type="") sc = SecurityContext(crypto, key_type="", cert_type="")
metad = MetaDataExtern(ONTS.values(), ATTRCONV, spec[1], metad = MetaDataExtern(ATTRCONV, spec[1], sc, cert=spec[2], http=httpc,
sc, cert=spec[2], http=httpc, **kwargs) **kwargs)
if metad is not None: if metad is not None:
try: try:

25
tools/verify_metadata.py
View File

@@ -30,21 +30,6 @@ A script that imports and verifies metadata.
""" """
ONTS = {
saml.NAMESPACE: saml,
mdui.NAMESPACE: mdui,
mdattr.NAMESPACE: mdattr,
mdrpi.NAMESPACE: mdrpi,
dri.NAMESPACE: dri,
ui.NAMESPACE: ui,
idpdisc.NAMESPACE: idpdisc,
md.NAMESPACE: md,
xmldsig.NAMESPACE: xmldsig,
xmlenc.NAMESPACE: xmlenc,
shibmd.NAMESPACE: shibmd
}
parser = argparse.ArgumentParser() parser = argparse.ArgumentParser()
parser.add_argument('-t', dest='type') parser.add_argument('-t', dest='type')
parser.add_argument('-u', dest='url') parser.add_argument('-u', dest='url')
@@ -68,17 +53,17 @@ if args.type == "local":
if args.cert and args.xmlsec: if args.cert and args.xmlsec:
crypto = _get_xmlsec_cryptobackend(args.xmlsec) crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto) sc = SecurityContext(crypto)
metad = MetaDataFile(ONTS.values(), args.item, args.item, metad = MetaDataFile(args.item, args.item, cert=args.cert, security=sc,
cert=args.cert, security=sc, **kwargs) **kwargs)
else: else:
metad = MetaDataFile(ONTS.values(), args.item, args.item, **kwargs) metad = MetaDataFile(args.item, args.item, **kwargs)
elif args.type == "external": elif args.type == "external":
ATTRCONV = ac_factory(args.attrsmap) ATTRCONV = ac_factory(args.attrsmap)
httpc = HTTPBase() httpc = HTTPBase()
crypto = _get_xmlsec_cryptobackend(args.xmlsec) crypto = _get_xmlsec_cryptobackend(args.xmlsec)
sc = SecurityContext(crypto) sc = SecurityContext(crypto)
metad = MetaDataExtern(ONTS.values(), ATTRCONV, args.url, metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc,
sc, cert=args.cert, http=httpc, **kwargs) **kwargs)
if metad: if metad:
try: try: