diff options
| author | rhoerbe <rainer@hoerbe.at> | 2014-08-11 19:36:05 +0200 |
|---|---|---|
| committer | rhoerbe <rainer@hoerbe.at> | 2014-08-11 19:36:05 +0200 |
| commit | 361f862950866d53819a86a41b382d2c5d5c10ff (patch) | |
| tree | d7a653b9f08914870277cd653f09a23c03568f1d | |
| parent | 3c3f1c1a8526e8e2f694f79aff3622d8f12a7bd1 (diff) | |
| download | pysaml2-361f862950866d53819a86a41b382d2c5d5c10ff.tar.gz | |
extended API with lists for supported NameID formats, AttributeName formats, digest and sig algs
| -rw-r--r-- | src/saml2/saml.py | 15 | ||||
| -rw-r--r-- | src/xmldsig/__init__.py | 17 |
2 files changed, 28 insertions, 4 deletions
diff --git a/src/saml2/saml.py b/src/saml2/saml.py index d24a37ca..a85bfd0d 100644 --- a/src/saml2/saml.py +++ b/src/saml2/saml.py @@ -36,7 +36,14 @@ NAMEID_FORMAT_TRANSIENT = ( "urn:oasis:names:tc:SAML:2.0:nameid-format:transient") NAMEID_FORMAT_ENTITY = ( "urn:oasis:names:tc:SAML:2.0:nameid-format:entity") - +NAMEID_FORMATS_SAML2 = ( + ('NAMEID_FORMAT_EMAILADDRESS', NAMEID_FORMAT_EMAILADDRESS), + ('NAMEID_FORMAT_ENCRYPTED', NAMEID_FORMAT_ENCRYPTED), + ('NAMEID_FORMAT_ENTITY', NAMEID_FORMAT_ENTITY), + ('NAMEID_FORMAT_PERSISTENT', NAMEID_FORMAT_PERSISTENT), + ('NAMEID_FORMAT_TRANSIENT', NAMEID_FORMAT_TRANSIENT), + ('NAMEID_FORMAT_UNSPECIFIED', NAMEID_FORMAT_UNSPECIFIED), +) PROFILE_ATTRIBUTE_BASIC = ( "urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic") @@ -48,7 +55,11 @@ NAME_FORMAT_UNSPECIFIED = ( "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified") NAME_FORMAT_URI = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri" NAME_FORMAT_BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic" - +NAME_FORMATS_SAML2 = ( + ('NAME_FORMAT_BASIC', NAME_FORMAT_BASIC), + ('NAME_FORMAT_URI', NAME_FORMAT_URI), + ('NAME_FORMAT_UNSPECIFIED', NAME_FORMAT_UNSPECIFIED), +) DECISION_TYPE_PERMIT = "Permit" DECISION_TYPE_DENY = "Deny" DECISION_TYPE_INDETERMINATE = "Indeterminate" diff --git a/src/xmldsig/__init__.py b/src/xmldsig/__init__.py index b864cc3f..c21da29d 100644 --- a/src/xmldsig/__init__.py +++ b/src/xmldsig/__init__.py @@ -20,8 +20,15 @@ DIGEST_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#sha384' DIGEST_SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512' DIGEST_RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160' digest_default = DIGEST_SHA1 - -#SIG_DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1' +DIGEST_ALLOWED_ALG = (('DIGEST_SHA1', DIGEST_SHA1), + ('DIGEST_SHA224', DIGEST_SHA224), + ('DIGEST_SHA256', DIGEST_SHA256), + ('DIGEST_SHA384', DIGEST_SHA384), + ('DIGEST_SHA512', DIGEST_SHA512), + ('DIGEST_RIPEMD160', DIGEST_RIPEMD160)) +DIGEST_AVAIL_ALG = DIGEST_ALLOWED_ALG + (('DIGEST_MD5', DIGEST_MD5), ) + +#SIG_DSA_SHA1 = 'http,//www.w3.org/2000/09/xmldsig#dsa-sha1' #SIG_DSA_SHA256 = 'http://www.w3.org/2009/xmldsig11#dsa-sha256' #SIG_ECDSA_SHA1 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha1' #SIG_ECDSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha224' @@ -36,6 +43,12 @@ SIG_RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384' SIG_RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512' #SIG_RSA_RIPEMD160 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160' sig_default = SIG_RSA_SHA1 +SIG_ALLOWED_ALG = (('SIG_RSA_SHA1', SIG_RSA_SHA1), + ('SIG_RSA_SHA224', SIG_RSA_SHA224), + ('SIG_RSA_SHA256', SIG_RSA_SHA256), + ('SIG_RSA_SHA384', SIG_RSA_SHA384), + ('SIG_RSA_SHA512', SIG_RSA_SHA512)) +SIG_AVAIL_ALG = SIG_ALLOWED_ALG + (('SIG_RSA_MD5', SIG_RSA_MD5), ) MAC_SHA1 = 'http://www.w3.org/2000/09/xmldsig#hmac-sha1' |