diff --git a/src/saml2/discovery.py b/src/saml2/discovery.py index 5d89f6b..cef8ff3 100644 --- a/src/saml2/discovery.py +++ b/src/saml2/discovery.py @@ -1,6 +1,4 @@ -from urllib import urlencode -from urlparse import parse_qs -from urlparse import urlparse +from six.moves.urllib.parse import urlencode, parse_qs, urlparse from saml2.entity import Entity from saml2.response import VerificationError diff --git a/src/saml2/ecp_client.py b/src/saml2/ecp_client.py index d3dd757..c41a046 100644 --- a/src/saml2/ecp_client.py +++ b/src/saml2/ecp_client.py @@ -7,7 +7,7 @@ Contains a class that can do SAML ECP Authentication for other python programs. """ -import cookielib +from six.moves import http_cookiejar as cookielib import logging from saml2 import soap diff --git a/src/saml2/httputil.py b/src/saml2/httputil.py index 88c8f39..360982d 100644 --- a/src/saml2/httputil.py +++ b/src/saml2/httputil.py @@ -5,9 +5,8 @@ import time import cgi import six -from urllib import quote -from urlparse import parse_qs -from Cookie import SimpleCookie +from six.moves.urllib.parse import quote, parse_qs +from six.moves.http_cookies import SimpleCookie from saml2 import BINDING_HTTP_ARTIFACT, SAMLError from saml2 import BINDING_HTTP_REDIRECT diff --git a/src/saml2/pack.py b/src/saml2/pack.py index 43cfadc..b2c9c45 100644 --- a/src/saml2/pack.py +++ b/src/saml2/pack.py @@ -10,10 +10,9 @@ Bindings normally consists of three parts: - how to package the information - which protocol to use """ -from six.moves.urllib.parse import urlparse +from six.moves.urllib.parse import urlparse, urlencode import saml2 import base64 -import urllib from saml2.s_utils import deflate_and_base64_encode from saml2.s_utils import Unsupported import logging @@ -126,12 +125,12 @@ def http_redirect_message(message, location, relay_state="", typ="SAMLRequest", except: raise Unsupported("Signing algorithm") else: - string = "&".join([urllib.urlencode({k: args[k]}) + string = "&".join([urlencode({k: args[k]}) for k in _order if k in args]) args["Signature"] = base64.b64encode(signer.sign(string, key)) - string = urllib.urlencode(args) + string = urlencode(args) else: - string = urllib.urlencode(args) + string = urlencode(args) glue_char = "&" if urlparse(location).query else "?" login_url = glue_char.join([location, string]) diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py index 63d4f66..190caab 100644 --- a/src/saml2/s2repoze/plugins/sp.py +++ b/src/saml2/s2repoze/plugins/sp.py @@ -13,11 +13,11 @@ import shelve import traceback import saml2 import six -from urlparse import parse_qs, urlparse +from six.moves.urllib.parse import parse_qs, urlparse from saml2.samlp import Extensions from saml2 import xmldsig as ds -from StringIO import StringIO +from six import StringIO from paste.httpexceptions import HTTPSeeOther, HTTPRedirection from paste.httpexceptions import HTTPNotImplemented @@ -27,7 +27,7 @@ from paste.request import construct_url from saml2.extension.pefim import SPCertEnc from saml2.httputil import SeeOther from saml2.client_base import ECP_SERVICE -from zope.interface import implements +from zope.interface import implementer from repoze.who.interfaces import IChallenger, IIdentifier, IAuthenticator from repoze.who.interfaces import IMetadataProvider @@ -80,8 +80,8 @@ class ECP_response(object): return [self.content] +@implementer(IChallenger, IIdentifier, IAuthenticator, IMetadataProvider) class SAML2Plugin(object): - implements(IChallenger, IIdentifier, IAuthenticator, IMetadataProvider) def __init__(self, rememberer_name, config, saml_client, wayf, cache, sid_store=None, discovery="", idp_query_param="", diff --git a/tests/fakeIDP.py b/tests/fakeIDP.py index 1df910e..123c347 100644 --- a/tests/fakeIDP.py +++ b/tests/fakeIDP.py @@ -1,4 +1,4 @@ -from urlparse import parse_qs +from six.moves.urllib.parse import parse_qs from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.samlp import attribute_query_from_string, logout_request_from_string from saml2 import BINDING_HTTP_REDIRECT, pack diff --git a/tests/test_50_server.py b/tests/test_50_server.py index 04a5609..072d452 100644 --- a/tests/test_50_server.py +++ b/tests/test_50_server.py @@ -3,7 +3,7 @@ import base64 import os from contextlib import closing -from urlparse import parse_qs +from six.moves.urllib.parse import parse_qs import uuid from saml2.cert import OpenSSLWrapper @@ -540,7 +540,6 @@ class TestServer1(): encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, - #encrypted_advice_attributes=True, encrypt_cert_advice=cert_str, ) @@ -680,7 +679,6 @@ class TestServer1(): sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str, ) @@ -741,7 +739,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str_advice, ) @@ -774,7 +771,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str_advice, ) @@ -867,7 +863,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True ) @@ -900,7 +895,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str_advice, encrypt_cert_assertion=cert_str_assertion @@ -935,7 +929,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True ) @@ -965,7 +958,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", encrypt_cert_assertion="whatever" @@ -987,7 +979,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", ) @@ -1030,7 +1021,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", encrypt_cert_assertion="whatever" @@ -1052,7 +1042,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", ) @@ -1095,7 +1084,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, ) @@ -1111,7 +1099,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True ) diff --git a/tests/test_51_client.py b/tests/test_51_client.py index e69e337..29f1126 100644 --- a/tests/test_51_client.py +++ b/tests/test_51_client.py @@ -5,7 +5,8 @@ import base64 import uuid import six import urllib -import urlparse +from six.moves.urllib.parse import parse_qs +from six.moves.urllib.parse import urlparse from saml2.cert import OpenSSLWrapper from saml2.xmldsig import SIG_RSA_SHA256 from saml2 import BINDING_HTTP_POST @@ -415,7 +416,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -423,7 +423,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str ) @@ -453,7 +452,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -461,7 +459,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, ) @@ -490,7 +487,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -498,7 +494,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, ) @@ -535,7 +530,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -543,7 +537,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_assertion=cert_str ) @@ -589,7 +582,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -597,7 +589,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_assertion=cert_assertion_str, encrypt_cert_advice=cert_advice_str @@ -628,7 +619,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -672,7 +662,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -1177,7 +1166,7 @@ class TestClient: relay_state="relay2", sigalg=SIG_RSA_SHA256, key=key) loc = info["headers"][0][1] - qs = urlparse.parse_qs(loc[1:]) + qs = parse_qs(loc[1:]) assert _leq(qs.keys(), ['SigAlg', 'SAMLRequest', 'RelayState', 'Signature']) @@ -1214,8 +1203,8 @@ class TestClientWithDummy(): assert http_args["headers"][0][0] == "Location" assert http_args["data"] == [] redirect_url = http_args["headers"][0][1] - _, _, _, _, qs, _ = urlparse.urlparse(redirect_url) - qs_dict = urlparse.parse_qs(qs) + _, _, _, _, qs, _ = urlparse(redirect_url) + qs_dict = parse_qs(qs) req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], binding) resp_args = self.server.response_args(req.message, [response_binding]) @@ -1234,8 +1223,8 @@ class TestClientWithDummy(): assert http_args["headers"][0][0] == "Location" assert http_args["data"] == [] redirect_url = http_args["headers"][0][1] - _, _, _, _, qs, _ = urlparse.urlparse(redirect_url) - qs_dict = urlparse.parse_qs(qs) + _, _, _, _, qs, _ = urlparse(redirect_url) + qs_dict = parse_qs(qs) req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], binding) resp_args = self.server.response_args(req.message, [response_binding]) diff --git a/tests/test_64_artifact.py b/tests/test_64_artifact.py index 1665e22..52a6096 100644 --- a/tests/test_64_artifact.py +++ b/tests/test_64_artifact.py @@ -1,8 +1,8 @@ import base64 from contextlib import closing from hashlib import sha1 -from urlparse import urlparse -from urlparse import parse_qs +from six.moves.urllib.parse import urlparse +from six.moves.urllib.parse import parse_qs from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_SOAP from saml2 import BINDING_HTTP_POST diff --git a/tests/test_65_authn_query.py b/tests/test_65_authn_query.py index 6b009e3..54d529f 100644 --- a/tests/test_65_authn_query.py +++ b/tests/test_65_authn_query.py @@ -1,5 +1,5 @@ from contextlib import closing -from urlparse import urlparse, parse_qs +from six.moves.urllib.parse import urlparse, parse_qs from saml2 import BINDING_SOAP, BINDING_HTTP_POST __author__ = 'rolandh' diff --git a/tests/test_70_redirect_signing.py b/tests/test_70_redirect_signing.py index cb2ca0c..58a2fdb 100644 --- a/tests/test_70_redirect_signing.py +++ b/tests/test_70_redirect_signing.py @@ -7,7 +7,7 @@ from saml2.server import Server from saml2 import BINDING_HTTP_REDIRECT from saml2.client import Saml2Client from saml2.config import SPConfig -from urlparse import parse_qs +from six.moves.urllib.parse import parse_qs from pathutils import dotname @@ -54,4 +54,4 @@ def test(): if __name__ == "__main__": - test() \ No newline at end of file + test()