本文整理汇总了Python中saml2.s_utils.sid函数的典型用法代码示例。如果您正苦于以下问题:Python sid函数的具体用法?Python sid怎么用?Python sid使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了sid函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: _authn_statement
def _authn_statement(self, authn_class=None, authn_auth=None,
authn_decl=None, authn_decl_ref=None):
"""
Construct the AuthnStatement
:param authn_class: Authentication Context Class reference
:param authn_auth: Authenticating Authority
:param authn_decl: Authentication Context Declaration
:param authn_decl_ref: Authentication Context Declaration reference
:return: An AuthnContext instance
"""
if authn_class:
return factory(
saml.AuthnStatement,
authn_instant=instant(),
session_index=sid(),
authn_context=self._authn_context_class_ref(
authn_class, authn_auth))
elif authn_decl:
return factory(
saml.AuthnStatement,
authn_instant=instant(),
session_index=sid(),
authn_context=self._authn_context_decl(authn_decl, authn_auth))
elif authn_decl_ref:
return factory(
saml.AuthnStatement,
authn_instant=instant(),
session_index=sid(),
authn_context=self._authn_context_decl_ref(authn_decl_ref,
authn_auth))
else:
return factory(
saml.AuthnStatement,
authn_instant=instant(),
session_index=sid())
开发者ID:chipkellam,项目名称:pysaml2,代码行数:35,代码来源:assertion.py
示例2: authn_statement
def authn_statement(authn_class=None, authn_auth=None,
authn_decl=None, authn_decl_ref=None, authn_instant="",
subject_locality="", session_not_on_or_after=None):
"""
Construct the AuthnStatement
:param authn_class: Authentication Context Class reference
:param authn_auth: Authenticating Authority
:param authn_decl: Authentication Context Declaration
:param authn_decl_ref: Authentication Context Declaration reference
:param authn_instant: When the Authentication was performed.
Assumed to be seconds since the Epoch.
:param subject_locality: Specifies the DNS domain name and IP address
for the system from which the assertion subject was apparently
authenticated.
:return: An AuthnContext instance
"""
if authn_instant:
_instant = instant(time_stamp=authn_instant)
else:
_instant = instant()
if authn_class:
res = factory(
saml.AuthnStatement,
authn_instant=_instant,
session_index=sid(),
session_not_on_or_after=session_not_on_or_after,
authn_context=_authn_context_class_ref(
authn_class, authn_auth))
elif authn_decl:
res = factory(
saml.AuthnStatement,
authn_instant=_instant,
session_index=sid(),
session_not_on_or_after=session_not_on_or_after,
authn_context=_authn_context_decl(authn_decl, authn_auth))
elif authn_decl_ref:
res = factory(
saml.AuthnStatement,
authn_instant=_instant,
session_index=sid(),
session_not_on_or_after=session_not_on_or_after,
authn_context=_authn_context_decl_ref(authn_decl_ref,
authn_auth))
else:
res = factory(
saml.AuthnStatement,
authn_instant=_instant,
session_index=sid(),
session_not_on_or_after=session_not_on_or_after)
if subject_locality:
res.subject_locality = saml.SubjectLocality(text=subject_locality)
return res
开发者ID:cloudera,项目名称:hue,代码行数:55,代码来源:assertion.py
示例3: add_certificate_to_cache
def add_certificate_to_cache(self, certificate_str):
_sid = sid()
while _sid in self.certificate_cache():
_sid = sid()
cache = self.certificate_cache()
cache[_sid] = {
"timeout": datetime.datetime.now() + datetime.timedelta(minutes=self.sp_conf.CERT_TIMEOUT),
"cert": base64.b64encode(certificate_str)
}
self.sphandlercache[self.certificate_cache_name] = cache
return _sid
开发者ID:its-dirg,项目名称:IdProxy,代码行数:11,代码来源:handler.py
示例4: authenticate
def authenticate(self, entityid=None, relay_state="",
binding=BINDING_HTTP_REDIRECT,
log=None, vorg="", scoping=None, sign=None, **kwargs):
""" Makes an authentication request.
:param entityid: The entity ID of the IdP to send the request to
:param relay_state: To where the user should be returned after
successfull log in.
:param binding: Which binding to use for sending the request
:param log: Where to write log messages
:param vorg: The entity_id of the virtual organization I'm a member of
:param scoping: For which IdPs this query are aimed.
:param sign: Whether the request should be signed or not.
:return: AuthnRequest response
"""
destination = self._sso_location(entityid, binding=binding)
session_id = sid()
_req_str = "%s" % self.authn(destination, session_id, vorg, scoping, log,
sign, **kwargs)
logger.info("AuthNReq: %s" % _req_str)
info = self.apply_binding(binding, _req_str, destination, relay_state)
return session_id, info
开发者ID:Hackman238,项目名称:hl.pas.samlplugin,代码行数:25,代码来源:client.py
示例5: multiple_signatures
def multiple_signatures(self, statement, to_sign, key=None, key_file=None):
"""
Sign multiple parts of a statement
:param statement: The statement that should be sign, this is XML text
:param to_sign: A list of (items, id, id attribute name) tuples that
specifies what to sign
:param key: A key that should be used for doing the signing
:param key_file: A file that contains the key to be used
:return: A possibly multiple signed statement
"""
for (item, sid, id_attr) in to_sign:
if not sid:
if not item.id:
sid = item.id = sid()
else:
sid = item.id
if not item.signature:
item.signature = pre_signature_part(sid, self.cert_file)
statement = self.sign_statement(statement, class_name(item),
key=key, key_file=key_file,
node_id=sid, id_attr=id_attr)
return statement
开发者ID:gbel,项目名称:pysaml2,代码行数:25,代码来源:sigver.py
示例6: _handle_discovery_request
def _handle_discovery_request(self):
"""Handle SAML Discovery Service request. This method is called
internally by the `authenticate` method when multiple acceptable IdPs
are detected.
Returns:
Tuple containing session Id and Flask Response object to return to
user containing either HTTP_REDIRECT to configured Discovery
Service end point.
Raises:
AuthException: when unable to find discovery response end point.
"""
session_id = sid()
try:
return_url = self._config.getattr(
'endpoints', 'sp')['discovery_response'][0][0]
except KeyError:
raise AuthException(
"Multiple IdPs configured with no configured Discovery" + \
" response end point.")
return_url += "?session_id=%s" % session_id
disco_url = Saml2Client.create_discovery_service_request(
self.discovery_service_end_point,
self._config.entityid, **{'return': return_url})
LOGGER.debug("Redirect to Discovery Service %s", disco_url)
return (session_id, make_response('', 302, {'Location': disco_url}))
开发者ID:KaviCorp,项目名称:flask_pysaml2,代码行数:27,代码来源:flask_pysaml2.py
示例7: persistent
def persistent(self, entity_id, subject_id):
""" Keeps the link between a permanent identifier and a
temporary/pseudo-temporary identifier for a subject
The store supports look-up both ways: from a permanent local
identifier to a identifier used talking to a SP and from an
identifier given back by an SP to the local permanent.
:param entity_id: SP entity ID or VO entity ID
:param subject_id: The local permanent identifier of the subject
:return: An arbitrary identifier for the subject unique to the
service/group of services/VO with a given entity_id
"""
try:
return self._get_remote("persistent", entity_id, subject_id)
except KeyError:
temp_id = "xyz"
while True:
temp_id = sid()
try:
self._get_local("persistent", entity_id, temp_id)
except KeyError:
break
self._store("persistent", entity_id, subject_id, temp_id)
self.map.sync()
return temp_id
开发者ID:GSA,项目名称:pysaml2,代码行数:27,代码来源:server.py
示例8: _status_response
def _status_response(self, response_class, issuer, status, sign=False,
**kwargs):
""" Create a StatusResponse.
:param response_class: Which subclass of StatusResponse that should be
used
:param issuer: The issuer of the response message
:param status: The return status of the response operation
:param sign: Whether the response should be signed or not
:param kwargs: Extra arguments to the response class
:return: Class instance or string representation of the instance
"""
mid = sid()
for key in ["destination", "binding"]:
try:
del kwargs[key]
except KeyError:
pass
if not status:
status = success_status_factory()
response = response_class(issuer=issuer, id=mid, version=VERSION,
issue_instant=instant(),
status=status, **kwargs)
if sign:
return self.sign(response, mid)
else:
return response
开发者ID:gbel,项目名称:pysaml2,代码行数:32,代码来源:entity.py
示例9: entities_descriptor
def entities_descriptor(eds, valid_for, name, ident, sign, secc):
entities = md.EntitiesDescriptor(entity_descriptor=eds)
if valid_for:
entities.valid_until = in_a_while(hours=valid_for)
if name:
entities.name = name
if ident:
entities.id = ident
if sign:
if not ident:
ident = sid()
if not secc.key_file:
raise SAMLError("If you want to do signing you should define " +
"a key to sign with")
if not secc.my_cert:
raise SAMLError("If you want to do signing you should define " +
"where your public key are")
entities.signature = pre_signature_part(ident, secc.my_cert, 1)
entities.id = ident
xmldoc = secc.sign_statement("%s" % entities, class_name(entities))
entities = md.entities_descriptor_from_string(xmldoc)
else:
xmldoc = None
return entities, xmldoc
开发者ID:5monkeys,项目名称:pysaml2,代码行数:29,代码来源:metadata.py
示例10: authz_decision_query
def authz_decision_query(self, entityid, action,
evidence=None, resource=None, subject=None,
binding=saml2.BINDING_HTTP_REDIRECT, sign=None):
""" Creates an authz decision query.
:param entityid: The entity ID of the IdP to send the request to
:param action: The action you want to perform (has to be at least one)
:param evidence: Why you should be able to perform the action
:param resource: The resource you want to perform the action on
:param subject: Who wants to do the thing
:param binding: Which binding to use for sending the request
:param sign: Whether the request should be signed or not.
:return: AuthzDecisionQuery instance
"""
spentityid = self._issuer()
service_url = self.service_url()
my_name = self._my_name()
logger.info("spentityid: %s\nservice_url: %s\nmy_name: %s" % (
spentityid, service_url, my_name))
# authen_req = self.authn_request(session_id, location,
# service_url, spentityid, my_name, vorg,
# scoping, sign)
request = samlp.AuthzDecisionQuery(action, evidence, resource,
subject=subject,
issuer=spentityid,
id=sid(),
issue_instant=instant(),
version=VERSION,
destination=entityid)
return request
开发者ID:evansd,项目名称:pysaml2,代码行数:35,代码来源:client.py
示例11: test_create_artifact_resolve
def test_create_artifact_resolve():
b64art = create_artifact(SP, "aabbccddeeffgghhiijj", 1)
artifact = base64.b64decode(b64art)
#assert artifact[:2] == '\x00\x04'
#assert int(artifact[2:4]) == 0
#
s = sha1(SP.encode('ascii'))
assert artifact[4:24] == s.digest()
with closing(Server(config_file="idp_all_conf")) as idp:
typecode = artifact[:2]
assert typecode == ARTIFACT_TYPECODE
destination = idp.artifact2destination(b64art, "spsso")
msg_id, msg = idp.create_artifact_resolve(b64art, destination, sid())
print(msg)
args = idp.use_soap(msg, destination, None, False)
sp = Saml2Client(config_file="servera_conf")
ar = sp.parse_artifact_resolve(args["data"])
print(ar)
assert ar.artifact.text == b64art
开发者ID:Amli,项目名称:pysaml2,代码行数:29,代码来源:test_64_artifact.py
示例12: construct_logout_request
def construct_logout_request(self, subject_id, destination, issuer_entity_id, reason=None, expire=None):
""" Constructs a LogoutRequest
:param subject_id: The identifier of the subject
:param destination:
:param issuer_entity_id: The entity ID of the IdP the request is
target at.
:param reason: An indication of the reason for the logout, in the
form of a URI reference.
:param expire: The time at which the request expires,
after which the recipient may discard the message.
:return: A LogoutRequest instance
"""
session_id = sid()
# create NameID from subject_id
name_id = saml.NameID(text=self.users.get_entityid(subject_id, issuer_entity_id, False))
request = samlp.LogoutRequest(
id=session_id,
version=VERSION,
issue_instant=instant(),
destination=destination,
issuer=self.issuer(),
name_id=name_id,
)
if reason:
request.reason = reason
if expire:
request.not_on_or_after = expire
return request
开发者ID:natebeacham,项目名称:saml2,代码行数:34,代码来源:client.py
示例13: make_logout_response
def make_logout_response(self, idp_entity_id, request_id, status_code, binding=BINDING_HTTP_REDIRECT):
""" Constructs a LogoutResponse
:param idp_entity_id: The entityid of the IdP that want to do the
logout
:param request_id: The Id of the request we are replying to
:param status_code: The status code of the response
:param binding: The type of binding that will be used for the response
:return: A LogoutResponse instance
"""
destination = self.config.single_logout_services(idp_entity_id, binding)[0]
status = samlp.Status(status_code=samlp.StatusCode(value=status_code))
response = samlp.LogoutResponse(
id=sid(),
version=VERSION,
issue_instant=instant(),
destination=destination,
issuer=self.issuer(),
in_response_to=request_id,
status=status,
)
return response, destination
开发者ID:natebeacham,项目名称:saml2,代码行数:26,代码来源:client.py
示例14: sign_entity_descriptor
def sign_entity_descriptor(edesc, ident, secc):
if not ident:
ident = sid()
edesc.signature = pre_signature_part(ident, secc.my_cert, 1)
edesc.id = ident
xmldoc = secc.sign_statement_using_xmlsec("%s" % edesc, class_name(edesc))
return md.entity_descriptor_from_string(xmldoc)
开发者ID:GSA,项目名称:pysaml2,代码行数:8,代码来源:metadata.py
示例15: authentication_request
def authentication_request(cls, ecp, idp_entity_id, destination,
log=None, sign=False):
""" Does a authentication request to an Identity provider.
This function uses the SOAP binding other bindings could be used but are
not
supported right now.
:param cls: The SAML2 client instance
:param ecp: The ECP client instance
:param idp_entity_id: The identifier of the subject
:param destination: To whom the query should be sent
:param log: Function to use for logging
:param sign: Whether the request should be signed or not
:return: A Authentication Response
"""
if log is None:
log = cls.logger
session_id = sid()
acsus = cls.config.endpoint('assertion_consumer_service',
saml2.BINDING_PAOS)
if not acsus and log:
log.error("Couldn't find own PAOS endpoint")
acsu = acsus[0]
spentityid = cls.config.entityid
# create the request
request = cls.authn_request(session_id,
destination,
acsu,
spentityid,
"",
log=LOG(),
sign=sign,
binding=saml2.BINDING_PAOS,
nameid_format=saml.NAMEID_FORMAT_PERSISTENT)
try:
try:
headers = {config.USERNAME_HEADER: ecp.user}
except AttributeError:
headers = None
print >> sys.stderr, "Headers: {0:>s}".format(headers)
# send the request and receive the response
response = ecp.phase2(request, acsu, idp_entity_id, headers,
destination)
except Exception, exc:
exception_trace("soap", exc, log)
if log:
log.info("SoapClient exception: %s" % (exc,))
return None
开发者ID:janetuk,项目名称:freeradius-pysaml2,代码行数:56,代码来源:freeradius_ecp.py
示例16: transient_nameid
def transient_nameid(self, sp_entity_id, userid):
""" Returns a random one-time identifier. One-time means it is
kept around as long as the session is active.
:param sp_entity_id: A qualifier to bind the created identifier to
:param userid: The local persistent identifier for the subject.
:return: The created identifier,
"""
temp_id = sid()
while True:
try:
_ = self._get_local("transient", sp_entity_id, temp_id)
temp_id = sid()
except KeyError:
break
self._store("transient", sp_entity_id, userid, temp_id)
self.map.sync()
return saml.NameID(format=saml.NAMEID_FORMAT_TRANSIENT, sp_name_qualifier=sp_entity_id, text=temp_id)
开发者ID:howow,项目名称:pysaml2,代码行数:19,代码来源:server.py
示例17: __init__
def __init__(self, sp_logger, args):
"""
Constructor for the SpHandler.
:param sp_logger: A logger.
"""
#Metadata for the SP
self.sp_metadata = create_metadata_string(args.spconf + ".py", None, args.valid, args.cert, args.keyfile,
args.id_sp, args.name_sp, args.sign)
#Log class. (see import logging)
self.logger = sp_logger
#Configurations for the SP handler. (pyOpSamlProxy.client.sp.conf)
self.sp_conf = importlib.import_module(args.spconf) #pyOpSamlProxy.client.sp.conf
#Name of the configuration file. See above.
self.sp_conf_name = self.sp_conf.WORKING_DIR + args.spconf
#SP configuration object. (See project pysaml2; saml2.client.Saml2Client)
self.sp = Saml2Client(config_file="%s" % self.sp_conf_name)
#Extra arguments for the pyOpSamlProxy.client.sp.util.SSO object.
self.args = {}
#URL to SAML discovery server.
self.args["discosrv"] = self.sp_conf.DISCOSRV
#URL to SAML WAYF server.
self.args["wayf"] = self.sp_conf.WAYF
#URL to op server authorization when the SP have been authenticated.
#TODO have to be changed when Saml to Saml is implemented.
self.authorization_url = "%s/authorization" % self.sp_conf.ISSUER
#Handles the SAML authentication for an op server.
self.authnmethod = SPAuthnMethodHandler(None, self.sp_conf.SPVERIFYBASE, self.authorization_url)
#Handles SAML authentication for an IdP server.
# Setup performed by pyOpSamlProxy.provider.idp.handler.handler.
self.sp_authentication = None
#Handles the user info response with Saml attributes.
self.userinfo = UserInfoSpHandler(self.sp_conf.OPENID2SAMLMAP, self)
#The handler for the op server. Must be set after creation
#This must be the instance of the class pyOpSamlProxy.provider.op.handler.OpHandler.
self.ophandler = None
#Contains the user cache for the SpHandler, like collected IdP attributes.
#Dictionary where userid is key and value is an instance of the class
#pyOpSamlProxy.client.sp.handler.SpHandlerCache
self.sphandlercache = self.sp_conf.CACHE
self.certificate_cache_name = "CERTIFICATE_CACHE"
self.certificate_cookie_name = sid()
self.certificate_cookie_seed = sid()
开发者ID:its-dirg,项目名称:IdProxy,代码行数:42,代码来源:handler.py
示例18: construct_message
def construct_message(self):
session_id = sid() # Should be bound to session
sp = self.entity
url = sp.config.getattr("endpoints", "sp")["discovery_response"][0][0]
return_to = "{url}?{query}".format(url=url, query=urlencode(({"sid": session_id})))
redirect_url = sp.create_discovery_service_request(
self.req_args["discovery_service_url"], sp.config.entityid, **{"return": return_to}
)
logger.debug("Redirect to Discovery Service: %s", redirect_url)
self.conv.events.store(EV_REDIRECT_URL, redirect_url, sub="construct_message", sender=self.__class__)
return SeeOther(redirect_url)
开发者ID:identinetics,项目名称:saml2test2,代码行数:11,代码来源:wb_request.py
示例19: sign_entity_descriptor
def sign_entity_descriptor(edesc, valid_for, ident, secc):
if valid_for:
edesc.valid_until = in_a_while(hours=valid_for)
if not ident:
ident = sid()
edesc.signature = pre_signature_part(ident, secc.my_cert, 1)
edesc.id = ident
xmldoc = secc.sign_statement_using_xmlsec("%s" % edesc, class_name(edesc))
return md.entity_descriptor_from_string(xmldoc)
开发者ID:FluidReview,项目名称:saml2,代码行数:11,代码来源:metadata.py
示例20: attribute_query
def attribute_query(cls, subject_id, destination, attribute=None, name_id=None,
sp_name_qualifier=None, name_qualifier=None,
nameid_format=None, sign=False):
""" Does a attribute request to an attribute authority, this is
by default done over SOAP. Other bindings could be used but are not
supported right now.
:param subject_id: The identifier of the subject
:param destination: To whom the query should be sent
:param attribute: A dictionary of attributes and values that is asked for
:param name_id: A NameID instance that describes the entity the information
is asked for.
:param sp_name_qualifier: The unique identifier of the
service provider or affiliation of providers for whom the
identifier was generated.
:param name_qualifier: The unique identifier of the identity
provider that generated the identifier.
:param nameid_format: The format of the name ID
:param sign: Whether the request should be signed or not
:return: The Assertion
"""
global CLIENT
logger = LOG()
session_id = sid()
if not name_id:
args = {
"subject_id": subject_id,
"sp_name_qualifier": sp_name_qualifier,
"format": nameid_format,
"name_qualifier": name_qualifier
}
if not name_qualifier and not sp_name_qualifier:
args["sp_name_qualifier"] = cls.config.entityid
else:
args = {"name_id": name_id}
if sign:
args["sign_prepare"] = True
request = cls.create_attribute_query(destination,
attribute=attribute,
message_id=session_id,
**args)
try:
args = CLIENT.use_soap(request, destination, sign=sign)
response = CLIENT.send(**args)
except Exception, exc:
exception_trace("SoapClient exception", exc, logger)
return None
开发者ID:rohe,项目名称:freeradius_pysaml2,代码行数:53,代码来源:freeradius_aa.py
注:本文中的saml2.s_utils.sid函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
请发表评论