本文整理汇总了Python中saml2.extension_elements_to_elements函数的典型用法代码示例。如果您正苦于以下问题:Python extension_elements_to_elements函数的具体用法?Python extension_elements_to_elements怎么用?Python extension_elements_to_elements使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了extension_elements_to_elements函数的20个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于我们的系统推荐出更棒的Python代码示例。
示例1: test_encrypted_signed_response_4
def test_encrypted_signed_response_4(self):
cert_str, cert_key_str = generate_cert()
signed_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=True,
sign_assertion=True,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
pefim=True,
encrypt_cert_advice=cert_str,
)
sresponse = response_from_string(signed_resp)
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
decr_text = self.server.sec.decrypt(signed_resp, self.client.config.encryption_keypairs[1]["key_file"])
resp = samlp.response_from_string(decr_text)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
valid = self.server.sec.verify_signature(decr_text,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
node_id=resp.assertion[0].id,
id_attr="")
assert valid
_, key_file = make_temp(cert_key_str, decode=False)
decr_text = self.server.sec.decrypt(decr_text, key_file)
resp = samlp.response_from_string(decr_text)
assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
assertion = \
extension_elements_to_elements(assertion[0].advice.encrypted_assertion[0].extension_elements,[saml, samlp])
self.verify_assertion(assertion)
#PEFIM never signs assertion in advice
assert assertion[0].signature is None
#valid = self.server.sec.verify_signature(decr_text,
# self.server.config.cert_file,
# node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
# node_id=assertion[0].id,
# id_attr="")
assert valid
开发者ID:jkakavas,项目名称:pysaml2,代码行数:60,代码来源:test_50_server.py
示例2: decrypt_assertions
def decrypt_assertions(self, encrypted_assertions, decr_txt, issuer=None, verified=False):
""" Moves the decrypted assertion from the encrypted assertion to a
list.
:param encrypted_assertions: A list of encrypted assertions.
:param decr_txt: The string representation containing the decrypted
data. Used when verifying signatures.
:param issuer: The issuer of the response.
:param verified: If True do not verify signatures, otherwise verify
the signature if it exists.
:return: A list of decrypted assertions.
"""
res = []
for encrypted_assertion in encrypted_assertions:
if encrypted_assertion.extension_elements:
assertions = extension_elements_to_elements(encrypted_assertion.extension_elements, [saml, samlp])
for assertion in assertions:
if assertion.signature and not verified:
if not self.sec.check_signature(
assertion, origdoc=decr_txt, node_name=class_name(assertion), issuer=issuer
):
logger.error("Failed to verify signature on '%s'", assertion)
raise SignatureError()
res.append(assertion)
return res
开发者ID:blenderbox,项目名称:pysaml2,代码行数:25,代码来源:response.py
示例3: ava_from
def ava_from(self, attribute):
try:
attr = self._fro[attribute.name.strip().lower()]
except (AttributeError, KeyError):
try:
attr = attribute.friendly_name.strip().lower()
except AttributeError:
attr = attribute.name.strip().lower()
val = []
for value in attribute.attribute_value:
if value.extension_elements:
ext = extension_elements_to_elements(value.extension_elements,
[saml])
for ex in ext:
cval = {}
for key, (name, typ, mul) in ex.c_attributes.items():
exv = getattr(ex, name)
if exv:
cval[name] = exv
if ex.text:
cval["value"] = ex.text.strip()
val.append({ex.c_tag: cval})
elif not value.text:
val.append('')
else:
val.append(value.text.strip())
return attr, val
开发者ID:chipkellam,项目名称:pysaml2,代码行数:29,代码来源:attribute_converter.py
示例4: test_encrypted_signed_response_2
def test_encrypted_signed_response_2(self):
cert_str, cert_key_str = generate_cert()
signed_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=True,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
)
sresponse = response_from_string(signed_resp)
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
decr_text = self.server.sec.decrypt(signed_resp, self.client.config.key_file)
resp = samlp.response_from_string(decr_text)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
assert resp.assertion[0].signature == None
self.verify_assertion(resp.assertion)
开发者ID:SpamapS,项目名称:pysaml2,代码行数:33,代码来源:test_50_server.py
示例5: to_dict
def to_dict(_dict, onts):
"""
Convert a pysaml2 SAML2 metadata format into a basic dictionary format
The export interface.
:param _dict: The pysaml2 metadata instance
:param onts: Schemas to use for the conversion
:return: The converted information
"""
res = {}
if isinstance(_dict, SamlBase):
res["__class__"] = "%s&%s" % (_dict.c_namespace,_dict.c_tag)
for key in _dict.keyswv():
if key in IMP_SKIP:
continue
val = getattr(_dict, key)
if key == "extension_elements":
_eel = extension_elements_to_elements(val, onts)
_val = [_eval(_v, onts) for _v in _eel]
else:
_val = _eval(val, onts)
if _val:
res[key] = _val
else:
for key, val in _dict.items():
_val = _eval(val, onts)
if _val:
res[key] = _val
return res
开发者ID:GSA,项目名称:pysaml2,代码行数:30,代码来源:mdie.py
示例6: test_xbox_non_ascii_ava
def test_xbox_non_ascii_ava():
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", IDP_EXAMPLE)
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion, version="2.0", id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", sec.my_cert, 1),
attribute_statement=do_attribute_statement(
{
("", "", "surName"): ("Föö", ""),
("", "", "givenName"): ("Bär", ""),
}
)
)
sigass = sec.sign_statement(
assertion,
class_name(assertion),
key_file=PRIV_KEY,
node_id=assertion.id,
)
_ass0 = saml.assertion_from_string(sigass)
encrypted_assertion = EncryptedAssertion()
encrypted_assertion.add_extension_element(_ass0)
_, pre = make_temp(
str(pre_encryption_part()).encode('utf-8'), decode=False
)
enctext = sec.crypto.encrypt(
str(encrypted_assertion),
conf.cert_file,
pre,
"des-192",
'/*[local-name()="EncryptedAssertion"]/*[local-name()="Assertion"]',
)
decr_text = sec.decrypt(enctext, key_file=PRIV_KEY)
_seass = saml.encrypted_assertion_from_string(decr_text)
assertions = []
assers = extension_elements_to_elements(
_seass.extension_elements, [saml, samlp]
)
for ass in assers:
_txt = sec.verify_signature(
str(ass), PUB_KEY, node_name=class_name(assertion)
)
if _txt:
assertions.append(ass)
assert assertions
print(assertions)
开发者ID:SUNET,项目名称:pysaml2,代码行数:60,代码来源:test_40_sigver.py
示例7: test_encrypted_response_3
def test_encrypted_response_3(self):
cert_str_assertion, cert_key_str_assertion = generate_cert()
_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
encrypted_advice_attributes=False,
encrypt_cert_assertion=cert_str_assertion
)
sresponse = response_from_string(_resp)
assert sresponse.signature is None
_, key_file = make_temp(cert_key_str_assertion, decode=False)
decr_text = self.server.sec.decrypt(_resp, key_file)
resp = samlp.response_from_string(decr_text)
assert resp.encrypted_assertion[0].extension_elements
assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
self.verify_encrypted_assertion(assertion, decr_text)
开发者ID:jkakavas,项目名称:pysaml2,代码行数:32,代码来源:test_50_server.py
示例8: test_encrypted_response_7
def test_encrypted_response_7(self):
_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
pefim=True
)
sresponse = response_from_string(_resp)
assert sresponse.signature is None
decr_text_1 = self.server.sec.decrypt(_resp, self.client.config.encryption_keypairs[1]["key_file"])
decr_text_2 = self.server.sec.decrypt(decr_text_1, self.client.config.encryption_keypairs[1]["key_file"])
resp = samlp.response_from_string(decr_text_2)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
self.verify_advice_assertion(resp, decr_text_2)
开发者ID:jkakavas,项目名称:pysaml2,代码行数:27,代码来源:test_50_server.py
示例9: authn_context_decl_from_extension_elements
def authn_context_decl_from_extension_elements(extelems):
res = extension_elements_to_elements(extelems, [ippword, mobiletwofactor,
ppt, pword, sslcert])
try:
return res[0]
except IndexError:
return None
开发者ID:5monkeys,项目名称:pysaml2,代码行数:7,代码来源:__init__.py
示例10: ava_from
def ava_from(self, attribute):
try:
attr = self._fro[attribute.name.strip()]
except (AttributeError, KeyError):
try:
attr = attribute.friendly_name.strip()
except AttributeError:
attr = attribute.name.strip()
val = []
for value in attribute.attribute_value:
if value.extension_elements:
ext = extension_elements_to_elements(value.extension_elements, [saml])
for ex in ext:
if isinstance(ex, NameID):
cval = ''
for key, (name, type, mul) in ex.c_attributes.items():
exv = getattr(ex, name)
if exv and name in ['text', 'value']:
cval = exv
if ex.text and not cval:
cval = ex.text.strip()
val.append(cval)
elif not value.text:
val.append('')
else:
val.append(value.text.strip())
return attr, val
开发者ID:FluidReview,项目名称:saml2,代码行数:31,代码来源:attribute_converter.py
示例11: verify_advice_assertion
def verify_advice_assertion(self, resp, decr_text):
assert resp.assertion[0].signature is None
assert resp.assertion[0].advice.encrypted_assertion[0].extension_elements
assertion = extension_elements_to_elements(resp.assertion[0].advice.encrypted_assertion[0].extension_elements,
[saml, samlp])
self.verify_encrypted_assertion(assertion, decr_text)
开发者ID:jkakavas,项目名称:pysaml2,代码行数:8,代码来源:test_50_server.py
示例12: test_encrypted_signed_response_2
def test_encrypted_signed_response_2(self):
name_id = self.server.ident.transient_nameid(
"urn:mace:example.com:saml:roland:sp", "id12")
ava = {"givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["[email protected]"], "title": "The man"}
cert_str, cert_key_str = generate_cert()
signed_resp = self.server.create_authn_response(
ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
sign_response=True,
sign_assertion=True,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
encrypt_cert=cert_str,
)
sresponse = response_from_string(signed_resp)
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
_, key_file = make_temp("%s" % cert_key_str, decode=False)
decr_text = self.server.sec.decrypt(signed_resp, key_file)
resp = samlp.response_from_string(decr_text)
assert resp.encrypted_assertion[0].extension_elements
assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
assert assertion
assert assertion[0].attribute_statement
ava = get_ava(assertion[0])
assert ava ==\
{'mail': ['[email protected]'], 'givenname': ['Derek'], 'surname': ['Jeter'], 'title': ['The man']}
assert 'EncryptedAssertion><encas2:Assertion xmlns:encas0="http://www.w3.org/2000/09/xmldsig#" ' \
'xmlns:encas1="http://www.w3.org/2001/XMLSchema-instance" ' \
'xmlns:encas2="urn:oasis:names:tc:SAML:2.0:assertion"' in decr_text
valid = self.server.sec.verify_signature(decr_text,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
node_id=assertion[0].id,
id_attr="")
assert valid
开发者ID:Itxaka,项目名称:pysaml2,代码行数:57,代码来源:test_50_server.py
示例13: _holder_of_key_confirmed
def _holder_of_key_confirmed(self, data):
if not data:
return False
has_keyinfo = False
for element in extension_elements_to_elements(data, [samlp, saml, xenc, ds]):
if isinstance(element, ds.KeyInfo):
has_keyinfo = True
return has_keyinfo
开发者ID:blenderbox,项目名称:pysaml2,代码行数:10,代码来源:response.py
示例14: parse_artifact_resolve_response
def parse_artifact_resolve_response(self, xmlstr):
kwargs = {"entity_id": self.config.entityid,
"attribute_converters": self.config.attribute_converters}
resp = self._parse_response(xmlstr, response.ArtifactResponse,
"artifact_resolve", BINDING_SOAP,
**kwargs)
# should just be one
elems = extension_elements_to_elements(resp.response.extension_elements,
[samlp, saml])
return elems[0]
开发者ID:gbel,项目名称:pysaml2,代码行数:11,代码来源:entity.py
示例15: decrypt_assertions
def decrypt_assertions(self, encrypted_assertions, key_file=""):
res = []
for encrypted_assertion in encrypted_assertions:
if encrypted_assertion.extension_elements:
assertions = extension_elements_to_elements(encrypted_assertion.extension_elements, [saml, samlp])
for assertion in assertions:
if assertion.signature:
if not self.sec.verify_signature("%s" % assertion, key_file, node_name=class_name(assertion)):
logger.error("Failed to verify signature on '%s'" % assertion)
raise SignatureError()
res.append(assertion)
return res
开发者ID:justquick,项目名称:pysaml2,代码行数:12,代码来源:response.py
示例16: test_xbox
def test_xbox():
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", full_path("idp_example.xml"))
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion,
version="2.0",
id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", sec.my_cert, 1),
attribute_statement=do_attribute_statement(
{("", "", "surName"): ("Foo", ""), ("", "", "givenName"): ("Bar", "")}
),
)
sigass = sec.sign_statement(assertion, class_name(assertion), key_file=full_path("test.key"), node_id=assertion.id)
_ass0 = saml.assertion_from_string(sigass)
encrypted_assertion = EncryptedAssertion()
encrypted_assertion.add_extension_element(_ass0)
_, pre = make_temp(str(pre_encryption_part()).encode("utf-8"), decode=False)
enctext = sec.crypto.encrypt(
str(encrypted_assertion),
conf.cert_file,
pre,
"des-192",
'/*[local-name()="EncryptedAssertion"]/*[local-name()="Assertion"]',
)
decr_text = sec.decrypt(enctext)
_seass = saml.encrypted_assertion_from_string(decr_text)
assertions = []
assers = extension_elements_to_elements(_seass.extension_elements, [saml, samlp])
sign_cert_file = full_path("test.pem")
for ass in assers:
_ass = "%s" % ass
# _ass = _ass.replace('xsi:nil="true" ', '')
# assert sigass == _ass
_txt = sec.verify_signature(_ass, sign_cert_file, node_name=class_name(assertion))
if _txt:
assertions.append(ass)
print(assertions)
开发者ID:rhoerbe,项目名称:pysaml2,代码行数:53,代码来源:test_40_sigver.py
示例17: test_do_idp_sso_descriptor
def test_do_idp_sso_descriptor():
conf = IdPConfig().load(IDP, metadata_construction=True)
idpsso = metadata.do_idpsso_descriptor(conf)
assert isinstance(idpsso, md.IDPSSODescriptor)
assert _eq(idpsso.keyswv(), ['protocol_support_enumeration',
'single_sign_on_service',
'want_authn_requests_signed',
"extensions"])
exts = idpsso.extensions.extension_elements
assert len(exts) == 2
print exts
inst = saml2.extension_element_to_element(exts[0],
shibmd.ELEMENT_FROM_STRING,
namespace=shibmd.NAMESPACE)
assert isinstance(inst, shibmd.Scope)
assert inst.text == "example.org"
assert inst.regexp == "false"
uiinfo = saml2.extension_element_to_element(exts[1],
mdui.ELEMENT_FROM_STRING,
namespace=mdui.NAMESPACE)
assert uiinfo
assert _eq(uiinfo.keyswv(), ['display_name', 'description',
'information_url', 'privacy_statement_url',
'keywords', 'logo'])
assert len(uiinfo.privacy_statement_url) == 1
assert uiinfo.privacy_statement_url[0].text == "http://example.com/saml2/privacyStatement.html"
assert len(uiinfo.description) == 1
assert uiinfo.description[0].text == "Exempel bolag"
assert uiinfo.description[0].lang == "se"
res = extension_elements_to_elements(exts,[shibmd, mdui])
assert len(res) == 2
# one is a shibmd.Scope instance and the other a mdui.UIInfo instance
if isinstance(res[0], shibmd.Scope):
assert isinstance(res[1], mdui.UIInfo)
elif isinstance(res[1], shibmd.Scope):
assert isinstance(res[0], mdui.UIInfo)
found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag,
mdui.NAMESPACE)
assert len(found) == 1
elem = idpsso.extensions.extensions_as_elements(mdui.UIInfo.c_tag, mdui)
assert len(elem) == 1
assert isinstance(elem[0], mdui.UIInfo)
开发者ID:paulftw,项目名称:pysaml2,代码行数:50,代码来源:test_61_makemeta.py
示例18: test_encrypted_signed_response_3
def test_encrypted_signed_response_3(self):
cert_str, cert_key_str = generate_cert()
signed_resp = self.server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=True,
sign_assertion=True,
encrypt_assertion=True,
encrypt_assertion_self_contained=False,
encrypt_cert_assertion=cert_str,
)
sresponse = response_from_string(signed_resp)
valid = self.server.sec.verify_signature(signed_resp,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
node_id=sresponse.id,
id_attr="")
assert valid
_, key_file = make_temp(str(cert_key_str).encode('ascii'), decode=False)
decr_text = self.server.sec.decrypt(signed_resp, key_file)
resp = samlp.response_from_string(decr_text)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
valid = self.server.sec.verify_signature(decr_text,
self.server.config.cert_file,
node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
node_id=resp.assertion[0].id,
id_attr="")
assert valid
self.verify_assertion(resp.assertion)
assert 'xmlns:encas' not in decr_text
开发者ID:SpamapS,项目名称:pysaml2,代码行数:44,代码来源:test_50_server.py
示例19: to_dict
def to_dict(_dict, onts, mdb_safe=False):
"""
Convert a pysaml2 SAML2 message class instance into a basic dictionary
format.
The export interface.
:param _dict: The pysaml2 metadata instance
:param onts: List of schemas to use for the conversion
:return: The converted information
"""
res = {}
if isinstance(_dict, SamlBase):
res["__class__"] = "%s&%s" % (_dict.c_namespace, _dict.c_tag)
for key in _dict.keyswv():
if key in IMP_SKIP:
continue
val = getattr(_dict, key)
if key == "extension_elements":
_eel = extension_elements_to_elements(val, onts)
_val = [_eval(_v, onts, mdb_safe) for _v in _eel]
elif key == "extension_attributes":
if mdb_safe:
_val = dict([(k.replace(".", "__"), v) for k, v in
val.items()])
#_val = {k.replace(".", "__"): v for k, v in val.items()}
else:
_val = val
else:
_val = _eval(val, onts, mdb_safe)
if _val:
if mdb_safe:
key = key.replace(".", "__")
res[key] = _val
else:
for key, val in _dict.items():
_val = _eval(val, onts, mdb_safe)
if _val:
if mdb_safe and "." in key:
key = key.replace(".", "__")
res[key] = _val
return res
开发者ID:18600597055,项目名称:hue,代码行数:42,代码来源:mdie.py
示例20: test_okta
def test_okta():
conf = config.Config()
conf.load_file("server_conf")
conf.id_attr_name = 'Id'
md = MetadataStore([saml, samlp], None, conf)
md.load("local", IDP_EXAMPLE)
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
with open(OKTA_RESPONSE) as f:
enctext = f.read()
decr_text = sec.decrypt(enctext)
_seass = saml.encrypted_assertion_from_string(decr_text)
assers = extension_elements_to_elements(_seass.extension_elements,
[saml, samlp])
with open(OKTA_ASSERTION) as f:
okta_assertion = f.read()
expected_assert = assertion_from_string(okta_assertion)
assert len(assers) == 1
assert assers[0] == expected_assert
开发者ID:SUNET,项目名称:pysaml2,代码行数:22,代码来源:test_40_sigver.py
注:本文中的saml2.extension_elements_to_elements函数示例由纯净天空整理自Github/MSDocs等源码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。 |
客服电话
APP下载
官方微信
请发表评论