本文整理汇总了Python中saml2.samlp.response_from_string函数的典型用法代码示例。如果您正苦于以下问题:Python response_from_string函数的具体用法?Python response_from_string怎么用?Python response_from_string使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了response_from_string函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: test_encrypted_signed_response_2
def test_encrypted_signed_response_2(self):
cert_str, cert_key_str = generate_cert()
signed_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=True,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
)
sresponse = response_from_string(signed_resp)
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
decr_text = self.server.sec.decrypt(signed_resp, self.client.config.key_file)
resp = samlp.response_from_string(decr_text)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
assert resp.assertion[0].signature == None
self.verify_assertion(resp.assertion)
开发者ID:SpamapS,项目名称:pysaml2,代码行数:33,代码来源:test_50_server.py
示例2: test_encrypted_response_1
def test_encrypted_response_1(self):
cert_str_advice, cert_key_str_advice = generate_cert()
_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=False,
encrypt_assertion_self_contained=True,
pefim=True,
encrypt_cert_advice=cert_str_advice,
)
_resp = "%s" % _resp
sresponse = response_from_string(_resp)
assert sresponse.signature is None
_, key_file = make_temp(cert_key_str_advice, decode=False)
decr_text = self.server.sec.decrypt(_resp, key_file)
resp = samlp.response_from_string(decr_text)
self.verify_advice_assertion(resp, decr_text)
开发者ID:jkakavas,项目名称:pysaml2,代码行数:30,代码来源:test_50_server.py
示例3: test_encrypted_signed_response_4
def test_encrypted_signed_response_4(self):
cert_str, cert_key_str = generate_cert()
signed_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=True,
sign_assertion=True,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
pefim=True,
encrypt_cert_advice=cert_str,
)
sresponse = response_from_string(signed_resp)
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
decr_text = self.server.sec.decrypt(signed_resp, self.client.config.encryption_keypairs[1]["key_file"])
resp = samlp.response_from_string(decr_text)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
valid = self.server.sec.verify_signature(decr_text,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
node_id=resp.assertion[0].id,
id_attr="")
assert valid
_, key_file = make_temp(cert_key_str, decode=False)
decr_text = self.server.sec.decrypt(decr_text, key_file)
resp = samlp.response_from_string(decr_text)
assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
assertion = \
extension_elements_to_elements(assertion[0].advice.encrypted_assertion[0].extension_elements,[saml, samlp])
self.verify_assertion(assertion)
#PEFIM never signs assertion in advice
assert assertion[0].signature is None
#valid = self.server.sec.verify_signature(decr_text,
# self.server.config.cert_file,
# node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
# node_id=assertion[0].id,
# id_attr="")
assert valid
开发者ID:jkakavas,项目名称:pysaml2,代码行数:60,代码来源:test_50_server.py
示例4: test_encrypted_response_7
def test_encrypted_response_7(self):
_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
pefim=True
)
sresponse = response_from_string(_resp)
assert sresponse.signature is None
decr_text_1 = self.server.sec.decrypt(_resp, self.client.config.encryption_keypairs[1]["key_file"])
decr_text_2 = self.server.sec.decrypt(decr_text_1, self.client.config.encryption_keypairs[1]["key_file"])
resp = samlp.response_from_string(decr_text_2)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
self.verify_advice_assertion(resp, decr_text_2)
开发者ID:jkakavas,项目名称:pysaml2,代码行数:27,代码来源:test_50_server.py
示例5: test_encrypted_response_3
def test_encrypted_response_3(self):
cert_str_assertion, cert_key_str_assertion = generate_cert()
_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
encrypted_advice_attributes=False,
encrypt_cert_assertion=cert_str_assertion
)
sresponse = response_from_string(_resp)
assert sresponse.signature is None
_, key_file = make_temp(cert_key_str_assertion, decode=False)
decr_text = self.server.sec.decrypt(_resp, key_file)
resp = samlp.response_from_string(decr_text)
assert resp.encrypted_assertion[0].extension_elements
assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
self.verify_encrypted_assertion(assertion, decr_text)
开发者ID:jkakavas,项目名称:pysaml2,代码行数:32,代码来源:test_50_server.py
示例6: test_encrypted_response_5
def test_encrypted_response_5(self):
_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=False,
encrypt_assertion_self_contained=True,
#encrypted_advice_attributes=True,
pefim=True
)
_resp = "%s" % _resp
sresponse = response_from_string(_resp)
assert sresponse.signature is None
decr_text = self.server.sec.decrypt(_resp, self.client.config.key_file)
resp = samlp.response_from_string(decr_text)
self.verify_advice_assertion(resp, decr_text)
开发者ID:russel1237,项目名称:pysaml2,代码行数:26,代码来源:test_50_server.py
示例7: test_encrypted_signed_response_2
def test_encrypted_signed_response_2(self):
name_id = self.server.ident.transient_nameid(
"urn:mace:example.com:saml:roland:sp", "id12")
ava = {"givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["[email protected]b.com"], "title": "The man"}
cert_str, cert_key_str = generate_cert()
signed_resp = self.server.create_authn_response(
ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
sign_response=True,
sign_assertion=True,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
encrypt_cert=cert_str,
)
sresponse = response_from_string(signed_resp)
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
_, key_file = make_temp("%s" % cert_key_str, decode=False)
decr_text = self.server.sec.decrypt(signed_resp, key_file)
resp = samlp.response_from_string(decr_text)
assert resp.encrypted_assertion[0].extension_elements
assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
assert assertion
assert assertion[0].attribute_statement
ava = get_ava(assertion[0])
assert ava ==\
{'mail': ['[email protected]'], 'givenname': ['Derek'], 'surname': ['Jeter'], 'title': ['The man']}
assert 'EncryptedAssertion><encas2:Assertion xmlns:encas0="http://www.w3.org/2000/09/xmldsig#" ' \
'xmlns:encas1="http://www.w3.org/2001/XMLSchema-instance" ' \
'xmlns:encas2="urn:oasis:names:tc:SAML:2.0:assertion"' in decr_text
valid = self.server.sec.verify_signature(decr_text,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
node_id=assertion[0].id,
id_attr="")
assert valid
开发者ID:Itxaka,项目名称:pysaml2,代码行数:57,代码来源:test_50_server.py
示例8: test_signed_response_3
def test_signed_response_3(self):
signed_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=True,
)
sresponse = response_from_string(signed_resp)
assert sresponse.signature == None
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
node_id=sresponse.assertion[0].id,
id_attr="")
assert valid
self.verify_assertion(sresponse.assertion)
开发者ID:jkakavas,项目名称:pysaml2,代码行数:25,代码来源:test_50_server.py
示例9: test_signed_response
def test_signed_response(self):
name_id = self.server.ident.transient_nameid(
"urn:mace:example.com:saml:roland:sp", "id12")
ava = {"givenName": ["Derek"], "sn": ["Jeter"],
"mail": ["[email protected]"], "title": "The man"}
signed_resp = self.server.create_authn_response(
ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
sign_assertion=True
)
print(signed_resp)
assert signed_resp
sresponse = response_from_string(signed_resp)
# It's the assertions that are signed not the response per se
assert len(sresponse.assertion) == 1
assertion = sresponse.assertion[0]
# Since the reponse is created dynamically I don't know the signature
# value. Just that there should be one
assert assertion.signature.signature_value.text != ""
开发者ID:jkakavas,项目名称:pysaml2,代码行数:26,代码来源:test_50_server.py
示例10: test_signed_response_2
def test_signed_response_2(self):
signed_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=True,
sign_assertion=True,
sign_alg=ds.SIG_RSA_SHA256,
digest_alg=ds.DIGEST_SHA256
)
sresponse = response_from_string(signed_resp)
assert ds.SIG_RSA_SHA256 in str(sresponse), "Not correctly signed!"
assert ds.DIGEST_SHA256 in str(sresponse), "Not correctly signed!"
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
assert ds.SIG_RSA_SHA256 in str(sresponse.assertion[0]), "Not correctly signed!"
assert ds.DIGEST_SHA256 in str(sresponse.assertion[0]), "Not correctly signed!"
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
node_id=sresponse.assertion[0].id,
id_attr="")
assert valid
self.verify_assertion(sresponse.assertion)
开发者ID:Amli,项目名称:pysaml2,代码行数:33,代码来源:test_52_default_sign_alg.py
示例11: test_sign_response_2
def test_sign_response_2(self):
assertion2 = factory( saml.Assertion,
version= "2.0",
id= "11122",
issue_instant= "2009-10-30T13:20:28Z",
signature= sigver.pre_signature_part("11122", self.sec.my_cert),
attribute_statement=do_attribute_statement({
("","","surName"): ("Fox",""),
("","","givenName") :("Bear",""),
})
)
response = factory(samlp.Response,
assertion=assertion2,
id="22233",
signature=sigver.pre_signature_part("22233", self.sec.my_cert))
to_sign = [(class_name(assertion2), assertion2.id),
(class_name(response), response.id)]
s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
assert s_response is not None
response2 = response_from_string(s_response)
sass = response2.assertion[0]
assert _eq(sass.keyswv(), ['attribute_statement', 'issue_instant',
'version', 'signature', 'id'])
assert sass.version == "2.0"
assert sass.id == "11122"
item = self.sec.check_signature(response2, class_name(response),
s_response)
assert isinstance(item, samlp.Response)
开发者ID:FluidReview,项目名称:saml2,代码行数:34,代码来源:test_40_sigver.py
示例12: parse_assertion
def parse_assertion(self, key_file=""):
if self.context == "AuthnQuery":
# can contain one or more assertions
pass
else: # This is a saml2int limitation
try:
assert len(self.response.assertion) == 1 or len(self.response.encrypted_assertion) == 1
except AssertionError:
raise Exception("No assertion part")
if self.response.encrypted_assertion:
logger.debug("***Encrypted assertion/-s***")
decr_text = self.sec.decrypt(self.xmlstr, key_file)
resp = samlp.response_from_string(decr_text)
res = self.decrypt_assertions(resp.encrypted_assertion, key_file)
if self.response.assertion:
self.response.assertion.extend(res)
else:
self.response.assertion = res
self.response.encrypted_assertion = []
if self.response.assertion:
logger.debug("***Unencrypted assertion***")
for assertion in self.response.assertion:
if not self._assertion(assertion):
return False
else:
self.assertions.append(assertion)
self.assertion = self.assertions[0]
return True
开发者ID:justquick,项目名称:pysaml2,代码行数:31,代码来源:response.py
示例13: testAccessors
def testAccessors(self):
"""Test for Response accessors"""
self.response.id = "response id"
self.response.in_response_to = "request id"
self.response.version = saml2.VERSION
self.response.issue_instant = "2007-09-14T01:05:02Z"
self.response.destination = "http://www.example.com/Destination"
self.response.consent = saml.CONSENT_UNSPECIFIED
self.response.issuer = saml.Issuer()
self.response.signature = ds.Signature()
self.response.extensions = samlp.Extensions()
self.response.status = samlp.Status()
self.response.assertion.append(saml.Assertion())
self.response.encrypted_assertion.append(saml.EncryptedAssertion())
new_response = samlp.response_from_string(self.response.to_string())
assert new_response.id == "response id"
assert new_response.in_response_to == "request id"
assert new_response.version == saml2.VERSION
assert new_response.issue_instant == "2007-09-14T01:05:02Z"
assert new_response.destination == "http://www.example.com/Destination"
assert new_response.consent == saml.CONSENT_UNSPECIFIED
assert isinstance(new_response.issuer, saml.Issuer)
assert isinstance(new_response.signature, ds.Signature)
assert isinstance(new_response.extensions, samlp.Extensions)
assert isinstance(new_response.status, samlp.Status)
assert isinstance(new_response.assertion[0], saml.Assertion)
assert isinstance(new_response.encrypted_assertion[0],
saml.EncryptedAssertion)
开发者ID:lvanderree,项目名称:pysaml2-3,代码行数:30,代码来源:test_04_samlp.py
示例14: test_sign_verify_with_cert_from_instance
def test_sign_verify_with_cert_from_instance(self):
response = factory(samlp.Response,
assertion=self._assertion,
id="22222",
signature=sigver.pre_signature_part("22222",
self.sec
.my_cert))
to_sign = [(class_name(self._assertion), self._assertion.id),
(class_name(response), response.id)]
s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
response2 = response_from_string(s_response)
ci = "".join(sigver.cert_from_instance(response2)[0].split())
assert ci == self.sec.my_cert
res = self.sec.verify_signature(s_response,
node_name=class_name(samlp.Response()))
assert res
res = self.sec._check_signature(s_response, response2,
class_name(response2), s_response)
assert res == response2
开发者ID:geops,项目名称:pysaml2,代码行数:27,代码来源:test_40_sigver.py
示例15: correctly_signed_response
def correctly_signed_response(self, decoded_xml, must=False, origdoc=None):
""" Check if a instance is correctly signed, if we have metadata for
the IdP that sent the info use that, if not use the key that are in
the message if any.
:param decoded_xml: The SAML message as a XML string
:param must: Whether there must be a signature
:return: None if the signature can not be verified otherwise an instance
"""
response = samlp.response_from_string(decoded_xml)
if not response:
raise TypeError("Not a Response")
if response.signature:
self._check_signature(decoded_xml, response, class_name(response),
origdoc)
if response.assertion:
# Try to find the signing cert in the assertion
for assertion in response.assertion:
if not assertion.signature:
logger.debug("unsigned")
if must:
raise SignatureError("Signature missing")
continue
else:
logger.debug("signed")
try:
self._check_signature(decoded_xml, assertion,
class_name(assertion), origdoc)
except Exception, exc:
logger.error("correctly_signed_response: %s" % exc)
raise
开发者ID:GSA,项目名称:pysaml2,代码行数:35,代码来源:sigver.py
示例16: test_multiple_signatures_response
def test_multiple_signatures_response(self):
response = factory(
samlp.Response,
assertion=self._assertion,
id="22222",
signature=sigver.pre_signature_part("22222", self.sec.my_cert),
)
# order is important, we can't validate if the signatures are made
# in the reverse order
to_sign = [(self._assertion, self._assertion.id, ""), (response, response.id, "")]
s_response = self.sec.multiple_signatures("%s" % response, to_sign)
assert s_response is not None
response = response_from_string(s_response)
item = self.sec.check_signature(response, class_name(response), s_response, must=True)
assert item == response
assert item.id == "22222"
s_assertion = item.assertion[0]
assert isinstance(s_assertion, saml.Assertion)
# make sure the assertion was modified when we supposedly signed it
assert s_assertion != self._assertion
ci = "".join(sigver.cert_from_instance(s_assertion)[0].split())
assert ci == self.sec.my_cert
res = self.sec.check_signature(s_assertion, class_name(s_assertion), s_response, must=True)
assert res == s_assertion
assert s_assertion.id == "11111"
assert s_assertion.version == "2.0"
assert _eq(s_assertion.keyswv(), ["attribute_statement", "issue_instant", "version", "signature", "id"])
开发者ID:rhoerbe,项目名称:pysaml2,代码行数:33,代码来源:test_40_sigver.py
示例17: test_exception_sign_verify_with_cert_from_instance
def test_exception_sign_verify_with_cert_from_instance(self):
assertion = factory(saml.Assertion,
version="2.0",
id="11100",
issue_instant="2009-10-30T13:20:28Z",
#signature= sigver.pre_signature_part("11100",
# self.sec.my_cert),
attribute_statement=do_attribute_statement({
("", "", "surName"): ("Foo", ""),
("", "", "givenName"): ("Bar", ""),
})
)
response = factory(samlp.Response,
assertion=assertion,
id="22222",
signature=sigver.pre_signature_part("22222",
self.sec
.my_cert))
to_sign = [(class_name(response), response.id)]
s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
response2 = response_from_string(s_response)
# Change something that should make everything fail
response2.id = "23456"
raises(sigver.SignatureError, self.sec._check_signature,
s_response, response2, class_name(response2))
开发者ID:geops,项目名称:pysaml2,代码行数:29,代码来源:test_40_sigver.py
示例18: test_sign_response
def test_sign_response(self):
response = factory(samlp.Response,
assertion=self._assertion,
id="22222",
signature=sigver.pre_signature_part("22222",
self.sec
.my_cert))
to_sign = [(class_name(self._assertion), self._assertion.id),
(class_name(response), response.id)]
s_response = sigver.signed_instance_factory(response, self.sec, to_sign)
assert s_response is not None
print(s_response)
response = response_from_string(s_response)
sass = response.assertion[0]
print(sass)
assert _eq(sass.keyswv(), ['attribute_statement', 'issue_instant',
'version', 'signature', 'id'])
assert sass.version == "2.0"
assert sass.id == "11111"
item = self.sec.check_signature(response, class_name(response),
s_response)
assert isinstance(item, samlp.Response)
assert item.id == "22222"
开发者ID:geops,项目名称:pysaml2,代码行数:27,代码来源:test_40_sigver.py
示例19: test_authn_response_0
def test_authn_response_0(self):
conf = config.SPConfig()
conf.load_file("server_conf")
self.client = client.Saml2Client(conf)
ava = {"givenName": ["Derek"], "sn": ["Jeter"],
"mail": ["[email protected]"], "title": "The man"}
npolicy = samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT,
allow_create="true")
resp_str = "%s" % self.server.create_authn_response(
ava, "id1", "http://local:8087/",
"urn:mace:example.com:saml:roland:sp", npolicy,
"[email protected]", authn=AUTHN)
response = samlp.response_from_string(resp_str)
print(response.keyswv())
assert _eq(response.keyswv(), ['status', 'destination', 'assertion',
'in_response_to', 'issue_instant',
'version', 'issuer', 'id'])
print(response.assertion[0].keyswv())
assert len(response.assertion) == 1
assert _eq(response.assertion[0].keyswv(), ['attribute_statement',
'issue_instant', 'version',
'subject', 'conditions',
'id', 'issuer',
'authn_statement'])
assertion = response.assertion[0]
assert len(assertion.attribute_statement) == 1
astate = assertion.attribute_statement[0]
print(astate)
assert len(astate.attribute) == 4
开发者ID:jkakavas,项目名称:pysaml2,代码行数:32,代码来源:test_50_server.py
示例20: test_cert_from_instance_1
def test_cert_from_instance_1():
xml_response = open(SIGNED).read()
response = samlp.response_from_string(xml_response)
assertion = response.assertion[0]
certs = sigver.cert_from_instance(assertion)
assert len(certs) == 1
print(certs[0])
assert certs[0] == CERT1
开发者ID:geops,项目名称:pysaml2,代码行数:8,代码来源:test_40_sigver.py
注:本文中的saml2.samlp.response_from_string函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论