diff options
author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2015-12-01 12:53:35 +0100 |
---|---|---|
committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2015-12-01 12:53:35 +0100 |
commit | 883b89efb07acf6e28eb177f9f582aad1e33ba58 (patch) | |
tree | 733e979d4790241f1874b15f98f2bae33429a90e | |
parent | cff1391d73a4e81bf53ff11017b40bd016d82010 (diff) | |
download | pysaml2-883b89efb07acf6e28eb177f9f582aad1e33ba58.tar.gz |
Made MetaData instances pickleable.
-rwxr-xr-x | example/idp2/idp.py | 4 | ||||
-rw-r--r-- | src/saml2/config.py | 24 | ||||
-rw-r--r-- | src/saml2/entity_category/edugain.py | 2 | ||||
-rw-r--r-- | src/saml2/mdstore.py | 85 | ||||
-rw-r--r-- | src/saml2/mongo_store.py | 42 | ||||
-rw-r--r-- | src/saml2/sdb.py | 12 | ||||
-rw-r--r-- | tests/test_22_mdie.py | 26 | ||||
-rw-r--r-- | tests/test_30_mdstore.py | 41 | ||||
-rw-r--r-- | tests/test_30_mdstore_old.py | 34 | ||||
-rw-r--r-- | tests/test_37_entity_categories.py | 19 | ||||
-rw-r--r-- | tests/test_38_metadata_filter.py | 15 | ||||
-rw-r--r-- | tests/test_76_metadata_in_mdb.py | 48 | ||||
-rwxr-xr-x | tools/mdexport.py | 15 | ||||
-rwxr-xr-x | tools/mdexport_test.py | 19 | ||||
-rwxr-xr-x | tools/mdimport.py | 27 | ||||
-rwxr-xr-x | tools/merge_metadata.py | 37 | ||||
-rwxr-xr-x | tools/verify_metadata.py | 25 |
17 files changed, 135 insertions, 340 deletions
diff --git a/example/idp2/idp.py b/example/idp2/idp.py index 74718563..7b079be1 100755 --- a/example/idp2/idp.py +++ b/example/idp2/idp.py @@ -1073,11 +1073,11 @@ if __name__ == '__main__': digest_alg = None try: sign_alg = CONFIG.SIGN_ALG - except: + except AttributeError: pass try: digest_alg = CONFIG.DIGEST_ALG - except: + except AttributeError: pass ds.DefaultSignature(sign_alg, digest_alg) diff --git a/src/saml2/config.py b/src/saml2/config.py index f0baa1ff..952526f9 100644 --- a/src/saml2/config.py +++ b/src/saml2/config.py @@ -26,27 +26,6 @@ from saml2.virtual_org import VirtualOrg logger = logging.getLogger(__name__) -from saml2 import md -from saml2 import saml -from saml2.extension import mdui -from saml2.extension import idpdisc -from saml2.extension import dri -from saml2.extension import mdattr -from saml2.extension import ui -from saml2 import xmldsig -from saml2 import xmlenc - -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} COMMON_ARGS = [ "entityid", "xmlsec_binary", "debug", "key_file", "cert_file", @@ -408,8 +387,7 @@ class Config(object): except: disable_validation = False - mds = MetadataStore( - list(ONTS.values()), acs, self, ca_certs, + mds = MetadataStore(acs, self, ca_certs, disable_ssl_certificate_validation=disable_validation) mds.imp(metadata_conf) diff --git a/src/saml2/entity_category/edugain.py b/src/saml2/entity_category/edugain.py index f15aaeeb..62a50941 100644 --- a/src/saml2/entity_category/edugain.py +++ b/src/saml2/entity_category/edugain.py @@ -9,6 +9,6 @@ RELEASE = { # "displayName", "schacHomeOrganization"], COCO: ["eduPersonPrincipalName", "eduPersonScopedAffiliation", 'eduPersonAffiliation', "mail", "displayName", 'cn', - "schacHomeOrganization", 'schacHomeOrganizationType'] + "schacHomeOrganization"] } diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py index 5d701428..b4caece6 100644 --- a/src/saml2/mdstore.py +++ b/src/saml2/mdstore.py @@ -9,18 +9,24 @@ import json import requests import six from hashlib import sha1 -from os.path import isfile, join -from saml2.httpbase import HTTPBase -from saml2.extension.idpdisc import BINDING_DISCO -from saml2.extension.idpdisc import DiscoveryResponse -from saml2.md import EntitiesDescriptor -from saml2.mdie import to_dict +from os.path import isfile +from os.path import join + from saml2 import md +from saml2 import saml from saml2 import samlp +from saml2 import xmldsig +from saml2 import xmlenc from saml2 import SAMLError from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_HTTP_POST from saml2 import BINDING_SOAP + +from saml2.httpbase import HTTPBase +from saml2.extension.idpdisc import BINDING_DISCO +from saml2.extension.idpdisc import DiscoveryResponse +from saml2.md import EntitiesDescriptor +from saml2.mdie import to_dict from saml2.s_utils import UnsupportedBinding from saml2.s_utils import UnknownSystemEntity from saml2.sigver import split_len @@ -83,6 +89,24 @@ def load_extensions(): return ext_map +def load_metadata_modules(): + mods = { + saml.NAMESPACE: saml, + md.NAMESPACE: md, + xmldsig.NAMESPACE: xmldsig, + xmlenc.NAMESPACE: xmlenc + } + + mods.update(load_extensions()) + return mods + + +def metadata_modules(): + _res = [saml, md, xmldsig, xmlenc] + _res.extend(list(load_extensions().values())) + return _res + + def destinations(srvs): return [s["location"] for s in srvs] @@ -129,14 +153,16 @@ def repack_cert(cert): class MetaData(object): - def __init__(self, onts, attrc, metadata='', node_name=None, + def __init__(self, attrc, metadata='', node_name=None, check_validity=True, security=None, **kwargs): - self.onts = onts self.attrc = attrc self.metadata = metadata self.entity = None self.cert = None self.to_old = [] + self.node_name = node_name + self.check_validity = check_validity + self.security = security def items(self): ''' @@ -369,9 +395,9 @@ class MetaData(object): class InMemoryMetaData(MetaData): - def __init__(self, onts, attrc, metadata="", node_name=None, + def __init__(self, attrc, metadata="", node_name=None, check_validity=True, security=None, **kwargs): - super(InMemoryMetaData, self).__init__(onts, attrc, metadata=metadata) + super(InMemoryMetaData, self).__init__(attrc, metadata=metadata) self.entity = {} self.security = security self.node_name = node_name @@ -424,7 +450,7 @@ class InMemoryMetaData(MetaData): entity_descr.entity_id, file=sys.stderr) return - _ent = to_dict(entity_descr, self.onts) + _ent = to_dict(entity_descr, metadata_modules()) flag = 0 # verify support for SAML2 for descr in ["spsso", "idpsso", "role", "authn_authority", @@ -597,8 +623,8 @@ class MetaDataFile(InMemoryMetaData): the SAML Metadata format. """ - def __init__(self, onts, attrc, filename=None, cert=None, **kwargs): - super(MetaDataFile, self).__init__(onts, attrc, **kwargs) + def __init__(self, attrc, filename=None, cert=None, **kwargs): + super(MetaDataFile, self).__init__(attrc, **kwargs) if not filename: raise SAMLError('No file specified.') self.filename = filename @@ -618,9 +644,9 @@ class MetaDataLoader(MetaDataFile): The format of the file is the SAML Metadata format. """ - def __init__(self, onts, attrc, loader_callable, cert=None, + def __init__(self, attrc, loader_callable, cert=None, security=None, **kwargs): - super(MetaDataLoader, self).__init__(onts, attrc, **kwargs) + super(MetaDataLoader, self).__init__(attrc, **kwargs) self.metadata_provider_callable = self.get_metadata_loader( loader_callable) self.cert = cert @@ -662,17 +688,16 @@ class MetaDataExtern(InMemoryMetaData): Accessible but HTTP GET. """ - def __init__(self, onts, attrc, url=None, security=None, cert=None, + def __init__(self, attrc, url=None, security=None, cert=None, http=None, **kwargs): """ - :params onts: :params attrc: :params url: Location of the metadata :params security: SecurityContext() :params cert: CertificMDloaderate used to sign the metadata :params http: """ - super(MetaDataExtern, self).__init__(onts, attrc, **kwargs) + super(MetaDataExtern, self).__init__(attrc, **kwargs) if not url: raise SAMLError('URL not specified.') else: @@ -704,8 +729,8 @@ class MetaDataMD(InMemoryMetaData): of the Python representation of the metadata. """ - def __init__(self, onts, attrc, filename, **kwargs): - super(MetaDataMD, self).__init__(onts, attrc, **kwargs) + def __init__(self, attrc, filename, **kwargs): + super(MetaDataMD, self).__init__(attrc, **kwargs) self.filename = filename def load(self): @@ -771,18 +796,16 @@ class MetaDataMDX(InMemoryMetaData): class MetadataStore(MetaData): - def __init__(self, onts, attrc, config, ca_certs=None, + def __init__(self, attrc, config, ca_certs=None, check_validity=True, disable_ssl_certificate_validation=False, filter=None): """ - :params onts: :params attrc: :params config: Config() :params ca_certs: :params disable_ssl_certificate_validation: """ - self.onts = onts self.attrc = attrc if disable_ssl_certificate_validation: @@ -810,18 +833,18 @@ class MetadataStore(MetaData): files = [f for f in os.listdir(key) if isfile(join(key, f))] for fil in files: _fil = join(key, fil) - _md = MetaDataFile(self.onts, self.attrc, _fil, **_args) + _md = MetaDataFile(self.attrc, _fil, **_args) _md.load() self.metadata[_fil] = _md return else: # else it's just a plain old file so read it - _md = MetaDataFile(self.onts, self.attrc, key, **_args) + _md = MetaDataFile(self.attrc, key, **_args) elif typ == "inline": self.ii += 1 key = self.ii kwargs.update(_args) - _md = InMemoryMetaData(self.onts, self.attrc, args[0]) + _md = InMemoryMetaData(self.attrc, args[0]) elif typ == "remote": key = kwargs["url"] for _key in ["node_name", "check_validity"]: @@ -833,15 +856,15 @@ class MetadataStore(MetaData): if "cert" not in kwargs: kwargs["cert"] = "" - _md = MetaDataExtern(self.onts, self.attrc, + _md = MetaDataExtern(self.attrc, kwargs["url"], self.security, kwargs["cert"], self.http, **_args) elif typ == "mdfile": key = args[0] - _md = MetaDataMD(self.onts, self.attrc, args[0], **_args) + _md = MetaDataMD(self.attrc, args[0], **_args) elif typ == "loader": key = args[0] - _md = MetaDataLoader(self.onts, self.attrc, args[0], **_args) + _md = MetaDataLoader(self.attrc, args[0], **_args) else: raise SAMLError("Unknown metadata type '%s'" % typ) _md.load() @@ -891,7 +914,7 @@ class MetadataStore(MetaData): isfile(join(key[0], f))] for fil in files: _fil = join(key[0], fil) - _md = MetaDataFile(self.onts, self.attrc, _fil) + _md = MetaDataFile(self.attrc, _fil) _md.load() self.metadata[_fil] = _md if _md.to_old: @@ -901,7 +924,7 @@ class MetadataStore(MetaData): if len(key) == 2: kwargs["cert"] = key[1] - _md = MDloader(self.onts, self.attrc, key[0], **kwargs) + _md = MDloader(self.attrc, key[0], **kwargs) _md.load() self.metadata[key[0]] = _md if _md.to_old: diff --git a/src/saml2/mongo_store.py b/src/saml2/mongo_store.py index 4171f707..53934d38 100644 --- a/src/saml2/mongo_store.py +++ b/src/saml2/mongo_store.py @@ -7,39 +7,25 @@ import pymongo.uri_parser import pymongo.errors from saml2.eptid import Eptid from saml2.mdstore import InMemoryMetaData +from saml2.mdstore import metadata_modules +from saml2.mdstore import load_metadata_modules from saml2.s_utils import PolicyError -from saml2.ident import code_binary, IdentDB, Unknown -from saml2.mdie import to_dict, from_dict - -from saml2 import md -from saml2 import saml -from saml2.extension import mdui -from saml2.extension import idpdisc -from saml2.extension import dri -from saml2.extension import mdattr -from saml2.extension import ui -from saml2 import xmldsig -from saml2 import xmlenc -import six +from saml2.ident import code_binary +from saml2.ident import IdentDB +from saml2.ident import Unknown +from saml2.mdie import to_dict +from saml2.mdie import from_dict +import six -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} __author__ = 'rolandh' logger = logging.getLogger(__name__) +ONTS = load_metadata_modules() +MMODS = metadata_modules() class CorruptDatabase(Exception): pass @@ -64,7 +50,7 @@ class SessionStorageMDB(object): doc = { "name_id_key": nkey, "assertion_id": assertion.id, - "assertion": to_dict(assertion, ONTS.values(), True), + "assertion": to_dict(assertion, MMODS, True), "to_sign": to_sign } @@ -151,7 +137,7 @@ class IdentMDB(IdentDB): return _id def store(self, ident, name_id): - self.mdb.store(ident, name_id=to_dict(name_id, ONTS.values(), True)) + self.mdb.store(ident, name_id=to_dict(name_id, MMODS, True)) def find_nameid(self, userid, nformat=None, sp_name_qualifier=None, name_qualifier=None, sp_provided_id=None, **kwargs): @@ -172,13 +158,13 @@ class IdentMDB(IdentDB): return res def find_local_id(self, name_id): - cnid = to_dict(name_id, ONTS.values(), True) + cnid = to_dict(name_id, MMODS, True) for item in self.mdb.get(name_id=cnid): return item[self.mdb.primary_key] return None def remove_remote(self, name_id): - cnid = to_dict(name_id, ONTS.values(), True) + cnid = to_dict(name_id, MMODS, True) self.mdb.remove(name_id=cnid) def handle_name_id_mapping_request(self, name_id, name_id_policy): diff --git a/src/saml2/sdb.py b/src/saml2/sdb.py index d4fc155a..8b0c60b4 100644 --- a/src/saml2/sdb.py +++ b/src/saml2/sdb.py @@ -15,18 +15,6 @@ from saml2 import xmldsig from saml2 import xmlenc -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} - __author__ = 'rolandh' logger = logging.getLogger(__name__) diff --git a/tests/test_22_mdie.py b/tests/test_22_mdie.py index 264e0b69..0499f6ba 100644 --- a/tests/test_22_mdie.py +++ b/tests/test_22_mdie.py @@ -1,30 +1,10 @@ -__author__ = 'rolandh' - from saml2 import md from saml2.mdie import from_dict +from saml2.mdstore import load_metadata_modules -from saml2 import saml - -from saml2.extension import mdui -from saml2.extension import idpdisc -from saml2.extension import dri -from saml2.extension import mdattr -from saml2.extension import ui -from saml2 import xmldsig -from saml2 import xmlenc - -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} +__author__ = 'rolandh' +ONTS = load_metadata_modules() def _eq(l1, l2): return set(l1) == set(l2) diff --git a/tests/test_30_mdstore.py b/tests/test_30_mdstore.py index 9d7b5899..7bc95c66 100644 --- a/tests/test_30_mdstore.py +++ b/tests/test_30_mdstore.py @@ -9,21 +9,16 @@ from saml2.mdstore import MetadataStore from saml2.mdstore import MetaDataMDX from saml2.mdstore import SAML_METADATA_CONTENT_TYPE from saml2.mdstore import destinations -from saml2.mdstore import load_extensions from saml2.mdstore import name -from saml2 import md from saml2 import sigver from saml2 import BINDING_SOAP from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_ARTIFACT -from saml2 import saml from saml2 import config from saml2.attribute_converter import ac_factory from saml2.attribute_converter import d_to_local_name from saml2.s_utils import UnknownPrincipal -from saml2 import xmldsig -from saml2 import xmlenc from pathutils import full_path import responses @@ -86,14 +81,6 @@ TEST_METADATA_STRING = """ </EntitiesDescriptor> """.format(cert_data=TEST_CERT) -ONTS = { - saml.NAMESPACE: saml, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} - -ONTS.update(load_extensions()) ATTRCONV = ac_factory(full_path("attributemaps")) @@ -167,7 +154,7 @@ def _fix_valid_until(xmlstring): def test_swami_1(): UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php' - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["1"]) @@ -200,7 +187,7 @@ def test_swami_1(): def test_incommon_1(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["2"]) @@ -238,7 +225,7 @@ def test_incommon_1(): def test_ext_2(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["3"]) @@ -251,7 +238,7 @@ def test_ext_2(): def test_example(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["4"]) @@ -267,7 +254,7 @@ def test_example(): def test_switch_1(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["5"]) @@ -296,7 +283,7 @@ def test_switch_1(): def test_metadata_file(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["8"]) @@ -339,7 +326,7 @@ def test_mdx_single_sign_on_service(): # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # http = HTTPBase(verify=False, ca_bundle=None) # -# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, +# mdx = MetaDataMDX(quote_plus, ATTRCONV, # "http://pyff-test.nordu.net", # sec_config, None, http) # foo = mdx.service("https://idp.umu.se/saml2/idp/metadata.php", @@ -353,7 +340,7 @@ def test_mdx_single_sign_on_service(): # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # http = HTTPBase(verify=False, ca_bundle=None) # -# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, +# mdx = MetaDataMDX(quote_plus, ATTRCONV, # "http://pyff-test.nordu.net", # sec_config, None, http) # foo = mdx.certs("https://idp.umu.se/saml2/idp/metadata.php", "idpsso") @@ -363,7 +350,7 @@ def test_mdx_single_sign_on_service(): def test_load_local_dir(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["9"]) @@ -374,7 +361,7 @@ def test_load_local_dir(): def test_load_extern_incommon(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["10"]) @@ -398,7 +385,7 @@ def test_load_local(): def test_load_string(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["11"]) @@ -415,7 +402,7 @@ def test_load_string(): def test_get_certs_from_metadata(): - mds = MetadataStore(ONTS.values(), ATTRCONV, None) + mds = MetadataStore(ATTRCONV, None) mds.imp(METADATACONF["11"]) certs1 = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "any") certs2 = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso") @@ -424,7 +411,7 @@ def test_get_certs_from_metadata(): def test_get_certs_from_metadata_without_keydescriptor(): - mds = MetadataStore(ONTS.values(), ATTRCONV, None) + mds = MetadataStore(ATTRCONV, None) mds.imp([{ "class": "saml2.mdstore.InMemoryMetaData", "metadata": [(""" @@ -461,7 +448,7 @@ def test_get_certs_from_metadata_without_keydescriptor(): assert len(certs) == 0 def test_metadata_extension_algsupport(): - mds = MetadataStore(list(ONTS.values()), ATTRCONV, None) + mds = MetadataStore(ATTRCONV, None) mds.imp(METADATACONF["12"]) mdf = mds.metadata[full_path("uu.xml")] assert mds diff --git a/tests/test_30_mdstore_old.py b/tests/test_30_mdstore_old.py index 941fa368..4b1440e3 100644 --- a/tests/test_30_mdstore_old.py +++ b/tests/test_30_mdstore_old.py @@ -84,18 +84,6 @@ TEST_METADATA_STRING = """ </EntitiesDescriptor> """ -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} - ATTRCONV = ac_factory(full_path("attributemaps")) METADATACONF = { @@ -151,7 +139,7 @@ def _fix_valid_until(xmlstring): def test_swami_1(): UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php' - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["1"]) @@ -184,7 +172,7 @@ def test_swami_1(): def test_incommon_1(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["2"]) @@ -222,7 +210,7 @@ def test_incommon_1(): def test_ext_2(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["3"]) @@ -235,7 +223,7 @@ def test_ext_2(): def test_example(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["4"]) @@ -251,7 +239,7 @@ def test_example(): def test_switch_1(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["5"]) @@ -280,7 +268,7 @@ def test_switch_1(): def test_metadata_file(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["8"]) @@ -292,7 +280,7 @@ def test_metadata_file(): # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # http = HTTPBase(verify=False, ca_bundle=None) # -# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, +# mdx = MetaDataMDX(quote_plus, ATTRCONV, # "http://pyff-test.nordu.net", # sec_config, None, http) # foo = mdx.service("https://idp.umu.se/saml2/idp/metadata.php", @@ -306,7 +294,7 @@ def test_metadata_file(): # sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) # http = HTTPBase(verify=False, ca_bundle=None) # -# mdx = MetaDataMDX(quote_plus, ONTS.values(), ATTRCONV, +# mdx = MetaDataMDX(quote_plus, ATTRCONV, # "http://pyff-test.nordu.net", # sec_config, None, http) # foo = mdx.certs("https://idp.umu.se/saml2/idp/metadata.php", "idpsso") @@ -316,7 +304,7 @@ def test_metadata_file(): def test_load_local_dir(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["9"]) @@ -327,7 +315,7 @@ def test_load_local_dir(): def test_load_external(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["10"]) @@ -338,7 +326,7 @@ def test_load_external(): def test_load_string(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["11"]) diff --git a/tests/test_37_entity_categories.py b/tests/test_37_entity_categories.py index f49c1036..5161df2b 100644 --- a/tests/test_37_entity_categories.py +++ b/tests/test_37_entity_categories.py @@ -15,17 +15,6 @@ from saml2.server import Server from saml2 import xmldsig from saml2 import xmlenc -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} ATTRCONV = ac_factory(full_path("attributemaps")) sec_config = config.Config() @@ -33,7 +22,7 @@ sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) __author__ = 'rolandh' -MDS = MetadataStore(ONTS.values(), ATTRCONV, sec_config, +MDS = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) MDS.imp([{"class": "saml2.mdstore.MetaDataMD", "metadata": [(full_path("swamid.md"),)]}]) @@ -90,7 +79,7 @@ def test_filter_ava3(): } }) - mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("entity_cat_sfs_hei.xml"),)]}]) @@ -114,7 +103,7 @@ def test_filter_ava4(): } }) - mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("entity_cat_re_nren.xml"),)]}]) @@ -140,7 +129,7 @@ def test_filter_ava5(): } }) - mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("entity_cat_re.xml"),)]}]) diff --git a/tests/test_38_metadata_filter.py b/tests/test_38_metadata_filter.py index f23d49c1..9464a3e7 100644 --- a/tests/test_38_metadata_filter.py +++ b/tests/test_38_metadata_filter.py @@ -19,17 +19,6 @@ __author__ = 'roland' sec_config = config.Config() -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} ATTRCONV = ac_factory(full_path("attributemaps")) @@ -41,7 +30,7 @@ METADATACONF = { } def test_swamid_sp(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True, filter=AllowDescriptor(["spsso"])) @@ -52,7 +41,7 @@ def test_swamid_sp(): assert idps == {} def test_swamid_idp(): - mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config, + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True, filter=AllowDescriptor(["idpsso"])) diff --git a/tests/test_76_metadata_in_mdb.py b/tests/test_76_metadata_in_mdb.py index 567787be..f1376b17 100644 --- a/tests/test_76_metadata_in_mdb.py +++ b/tests/test_76_metadata_in_mdb.py @@ -1,8 +1,5 @@ # -*- coding: utf-8 -*- from pymongo.errors import ConnectionFailure - -__author__ = 'rolandh' - from saml2.attribute_converter import d_to_local_name from saml2.attribute_converter import ac_factory from saml2.mongo_store import export_mdstore_to_mongo_db @@ -10,32 +7,11 @@ from saml2.mongo_store import MetadataMDB from saml2.mdstore import MetadataStore from saml2.mdstore import destinations from saml2.mdstore import name - -from saml2 import saml -from saml2 import md from saml2 import config - -from saml2.extension import mdui -from saml2.extension import idpdisc -from saml2.extension import dri -from saml2.extension import mdattr -from saml2.extension import ui -from saml2 import xmldsig -from saml2 import xmlenc - from pathutils import full_path -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc -} +__author__ = 'rolandh' + ATTRCONV = ac_factory(full_path("attributemaps")) @@ -47,13 +23,14 @@ def _eq(l1, l2): def test_metadata(): conf = config.Config() conf.load_file("idp_conf_mdb") - UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php' + umu_idp = 'https://idp.umu.se/saml2/idp/metadata.php' # Set up a Metadata store - mds = MetadataStore(ONTS.values(), ATTRCONV, conf, + mds = MetadataStore(ATTRCONV, conf, disable_ssl_certificate_validation=True) # Import metadata from local file. - mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("swamid-2.0.xml"), )]}]) + mds.imp([{"class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("swamid-2.0.xml"), )]}]) assert len(mds) == 1 # One source try: @@ -61,20 +38,20 @@ def test_metadata(): except ConnectionFailure: pass else: - mdmdb = MetadataMDB(ONTS, ATTRCONV, "metadata", "test") + mdmdb = MetadataMDB(ATTRCONV, "metadata", "test") # replace all metadata instances with this one mds.metadata = {"mongo_db": mdmdb} idps = mds.with_descriptor("idpsso") assert idps.keys() - idpsso = mds.single_sign_on_service(UMU_IDP) + idpsso = mds.single_sign_on_service(umu_idp) assert len(idpsso) == 1 assert destinations(idpsso) == [ 'https://idp.umu.se/saml2/idp/SSOService.php'] - _name = name(mds[UMU_IDP]) + _name = name(mds[umu_idp]) assert _name == u'Ume\xe5 University' - certs = mds.certs(UMU_IDP, "idpsso", "signing") + certs = mds.certs(umu_idp, "idpsso", "signing") assert len(certs) == 1 sps = mds.with_descriptor("spsso") @@ -83,8 +60,9 @@ def test_metadata(): wants = mds.attribute_requirement('https://connect.sunet.se/shibboleth') assert wants["optional"] == [] lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["required"]] - assert _eq(lnamn, ['eduPersonPrincipalName', 'mail', 'givenName', 'sn', - 'eduPersonScopedAffiliation', 'eduPersonAffiliation']) + assert _eq(lnamn, + ['eduPersonPrincipalName', 'mail', 'givenName', 'sn', + 'eduPersonScopedAffiliation', 'eduPersonAffiliation']) wants = mds.attribute_requirement( "https://gidp.geant.net/sp/module.php/saml/sp/metadata.php/default-sp") diff --git a/tools/mdexport.py b/tools/mdexport.py index d9ab521b..36becd2e 100755 --- a/tools/mdexport.py +++ b/tools/mdexport.py @@ -20,16 +20,6 @@ A script that imports and verifies metadata and then dumps it in a basic dictionary format. """ - -ONTS = { - saml.NAMESPACE: saml, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc, -} - -ONTS.update(load_extensions()) - parser = argparse.ArgumentParser() parser.add_argument('-t', dest='type') parser.add_argument('-u', dest='url') @@ -44,14 +34,13 @@ args = parser.parse_args() metad = None if args.type == "local": - metad = MetaDataFile(ONTS.values(), args.item, args.item) + metad = MetaDataFile(args.item, args.item) elif args.type == "external": ATTRCONV = ac_factory(args.attrsmap) httpc = HTTPBase() crypto = _get_xmlsec_cryptobackend(args.xmlsec) sc = SecurityContext(crypto) - metad = MetaDataExtern(ONTS.values(), ATTRCONV, args.url, - sc, cert=args.cert, http=httpc) + metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc) if metad is not None: metad.load() diff --git a/tools/mdexport_test.py b/tools/mdexport_test.py index 19ef443c..b5f4d88a 100755 --- a/tools/mdexport_test.py +++ b/tools/mdexport_test.py @@ -22,19 +22,6 @@ dictionary format. """ -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc, - shibmd.NAMESPACE: shibmd -} - MDIMPORT = { "swamid": { "url": "https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2", @@ -58,10 +45,10 @@ def main(): metad = None if item["type"] == "local": - metad = MetaDataFile(sys.argv[1], ONTS.values(), item["file"]) + metad = MetaDataFile(sys.argv[1], item["file"]) elif item["type"] == "external": - metad = MetaDataExtern(sys.argv[1], ONTS.values(), - item["url"], "/opt/local/bin/xmlsec1", item["cert"]) + metad = MetaDataExtern(sys.argv[1], item["url"], + "/opt/local/bin/xmlsec1", item["cert"]) if metad: metad.load() diff --git a/tools/mdimport.py b/tools/mdimport.py index f9d62e35..4434b4ab 100755 --- a/tools/mdimport.py +++ b/tools/mdimport.py @@ -1,36 +1,13 @@ #!/usr/bin/env python -import sys import time from saml2.attribute_converter import ac_factory from saml2.mdstore import MetaDataMD, MetaDataFile __author__ = 'rolandh' -from saml2 import xmldsig -from saml2 import xmlenc -from saml2 import md -from saml2 import saml -from saml2.extension import dri -from saml2.extension import idpdisc -from saml2.extension import mdattr -from saml2.extension import mdui -from saml2.extension import ui - -ONTS = { - dri.NAMESPACE: dri, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - mdattr.NAMESPACE: mdattr, - mdui.NAMESPACE: mdui, - saml.NAMESPACE: saml, - ui.NAMESPACE: ui, - xmlenc.NAMESPACE: xmlenc, - xmldsig.NAMESPACE: xmldsig, -} - start = time.time() for i in range(1, 10): - mdmd = MetaDataMD(ONTS, ac_factory("../tests/attributemaps"), "swamid2.md") + mdmd = MetaDataMD(ac_factory("../tests/attributemaps"), "swamid2.md") mdmd.load() _ = mdmd.keys() @@ -39,7 +16,7 @@ print(time.time() - start) start = time.time() for i in range(1, 10): - mdf = MetaDataFile(ONTS.values(), ac_factory("../tests/attributemaps"), + mdf = MetaDataFile(ac_factory("../tests/attributemaps"), "../tests/swamid-2.0.xml") mdf.load() _ = mdf.keys() diff --git a/tools/merge_metadata.py b/tools/merge_metadata.py index 46d07c90..fc8430bf 100755 --- a/tools/merge_metadata.py +++ b/tools/merge_metadata.py @@ -1,20 +1,7 @@ #!/usr/bin/env python from saml2.sigver import _get_xmlsec_cryptobackend, SecurityContext from saml2.httpbase import HTTPBase - -from saml2 import saml -from saml2 import md from saml2.attribute_converter import ac_factory -from saml2.extension import dri -from saml2.extension import idpdisc -from saml2.extension import mdattr -from saml2.extension import mdrpi -from saml2.extension import mdui -from saml2.extension import shibmd -from saml2.extension import ui -from saml2 import xmldsig -from saml2 import xmlenc - import argparse from saml2.mdstore import MetaDataFile, MetaDataExtern, MetadataStore @@ -25,22 +12,6 @@ __author__ = 'rolandh' A script that imports and verifies metadata. """ - -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - mdrpi.NAMESPACE: mdrpi, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc, - shibmd.NAMESPACE: shibmd -} - - parser = argparse.ArgumentParser() parser.add_argument('-a', dest='attrsmap') parser.add_argument('-o', dest='output', default="local") @@ -65,7 +36,7 @@ metad = None ATTRCONV = ac_factory(args.attrsmap) -mds = MetadataStore(ONTS.values(), None, None) +mds = MetadataStore(None, None) for line in open(args.conf).readlines(): line = line.strip() @@ -81,14 +52,14 @@ for line in open(args.conf).readlines(): kwargs = {} if spec[0] == "local": - metad = MetaDataFile(ONTS.values(), spec[1], spec[1], **kwargs) + metad = MetaDataFile(spec[1], spec[1], **kwargs) elif spec[0] == "remote": ATTRCONV = ac_factory(args.attrsmap) httpc = HTTPBase() crypto = _get_xmlsec_cryptobackend(args.xmlsec) sc = SecurityContext(crypto, key_type="", cert_type="") - metad = MetaDataExtern(ONTS.values(), ATTRCONV, spec[1], - sc, cert=spec[2], http=httpc, **kwargs) + metad = MetaDataExtern(ATTRCONV, spec[1], sc, cert=spec[2], http=httpc, + **kwargs) if metad is not None: try: diff --git a/tools/verify_metadata.py b/tools/verify_metadata.py index da71334c..ac211b9a 100755 --- a/tools/verify_metadata.py +++ b/tools/verify_metadata.py @@ -30,21 +30,6 @@ A script that imports and verifies metadata. """ -ONTS = { - saml.NAMESPACE: saml, - mdui.NAMESPACE: mdui, - mdattr.NAMESPACE: mdattr, - mdrpi.NAMESPACE: mdrpi, - dri.NAMESPACE: dri, - ui.NAMESPACE: ui, - idpdisc.NAMESPACE: idpdisc, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc, - shibmd.NAMESPACE: shibmd -} - - parser = argparse.ArgumentParser() parser.add_argument('-t', dest='type') parser.add_argument('-u', dest='url') @@ -68,17 +53,17 @@ if args.type == "local": if args.cert and args.xmlsec: crypto = _get_xmlsec_cryptobackend(args.xmlsec) sc = SecurityContext(crypto) - metad = MetaDataFile(ONTS.values(), args.item, args.item, - cert=args.cert, security=sc, **kwargs) + metad = MetaDataFile(args.item, args.item, cert=args.cert, security=sc, + **kwargs) else: - metad = MetaDataFile(ONTS.values(), args.item, args.item, **kwargs) + metad = MetaDataFile(args.item, args.item, **kwargs) elif args.type == "external": ATTRCONV = ac_factory(args.attrsmap) httpc = HTTPBase() crypto = _get_xmlsec_cryptobackend(args.xmlsec) sc = SecurityContext(crypto) - metad = MetaDataExtern(ONTS.values(), ATTRCONV, args.url, - sc, cert=args.cert, http=httpc, **kwargs) + metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc, + **kwargs) if metad: try: |