From b7345a5e9a62b0fe87ba6db8d54cc2e31cc5f2af Mon Sep 17 00:00:00 2001 From: Roland Hedberg Date: Sun, 21 Mar 2010 17:30:58 +0100 Subject: [PATCH] Closer to getting the remote metadata import to work --- src/saml2/config.py | 18 +++++++++++------- src/saml2/metadata.py | 8 +++++--- src/saml2/sigver.py | 9 ++++++++- 3 files changed, 24 insertions(+), 11 deletions(-) diff --git a/src/saml2/config.py b/src/saml2/config.py index 3b304a2..7421579 100644 --- a/src/saml2/config.py +++ b/src/saml2/config.py @@ -90,16 +90,19 @@ class Config(dict): if "assertions" in config: config["assertions"] = do_assertions(config["assertions"]) - def load_metadata(self, metadata_conf): + def load_metadata(self, metadata_conf, xmlsec_binary): """ Loads metadata into an internal structure """ - metad = metadata.MetaData() + metad = metadata.MetaData(xmlsec_binary) if "local" in metadata_conf: for mdfile in metadata_conf["local"]: - metad.import_metadata(open(mdfile).read(), - "local:%s" % mdfile) + metad.import_metadata(open(mdfile).read(), mdfile) if "remote" in metadata_conf: - for _, val in metadata_conf["remote"].items(): - metad.import_external_metadata(val["url"], val["cert"]) + for spec in metadata_conf["remote"]: + try: + cert = spec["cert"] + except KeyError: + cert = None + metad.import_external_metadata(spec["url"], cert) return metad def load_file(self, config_file): @@ -119,7 +122,8 @@ class Config(dict): config["key_file"] = None if "metadata" in config: - config["metadata"] = self.load_metadata(config["metadata"]) + config["metadata"] = self.load_metadata(config["metadata"], + config["xmlsec_binary"]) if "attribute_maps" in config: (forward, backward) = utils.parse_attribute_map(config[ diff --git a/src/saml2/metadata.py b/src/saml2/metadata.py index 6499281..2f1d9fc 100644 --- a/src/saml2/metadata.py +++ b/src/saml2/metadata.py @@ -196,10 +196,12 @@ class MetaData(object): for source, eids in self._import.items(): if entity_id in eids: self.clear_from_source(source) - if source.startswith("local:"): - f = open(source[6:]) + if isinstance(source, basestring): + f = open(source) self.import_metadata( f.read(), source) f.close() + else: + self.import_external_metadata(source[0],source[1]) def import_metadata(self, xml_str, source): """ Import information; organization distinguish name, location and @@ -267,7 +269,7 @@ class MetaData(object): if verify_signature(self.xmlsec_binary, content, cert, "pem", "%s:%s" % (md.EntitiesDescriptor.c_namespace, md.EntitiesDescriptor.c_tag)): - self.import_metadata(content, url) + self.import_metadata(content, (url,cert)) return True else: self.log and self.log.info("Response status: %s" % response.status) diff --git a/src/saml2/sigver.py b/src/saml2/sigver.py index 3a26bac..320ab90 100644 --- a/src/saml2/sigver.py +++ b/src/saml2/sigver.py @@ -168,7 +168,14 @@ def verify_signature(xmlsec_binary, enctext, cert_file, node_name, fil] if _TEST_: - print " ".join(com_list) + try: + print " ".join(com_list) + except TypeError: + print "cert_type", cert_type + print "cert_file", cert_file + print "node_name", node_name + print "fil", fil + raise print "%s: %s" % (cert_file, os.access(cert_file, os.F_OK)) print "%s: %s" % (fil, os.access(fil, os.F_OK))