diff options
| author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2016-02-11 11:08:04 +0100 |
|---|---|---|
| committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2016-02-11 11:08:04 +0100 |
| commit | 0515de9fa8b7f339baba826f87eedc8c922dfa7f (patch) | |
| tree | e60e1329e3b9786aae864da847247bea672b94c5 | |
| parent | 1220e8580ca90d6658ae67918ec405cebc5433d6 (diff) | |
| download | pysaml2-0515de9fa8b7f339baba826f87eedc8c922dfa7f.tar.gz | |
Language correction.
Deal with case where people want to JSON serialize session information.
Carry over more parameters in create_attribute_response.
| -rw-r--r-- | src/saml2/cache.py | 3 | ||||
| -rw-r--r-- | src/saml2/ident.py | 4 | ||||
| -rw-r--r-- | src/saml2/population.py | 5 | ||||
| -rw-r--r-- | src/saml2/server.py | 10 | ||||
| -rw-r--r-- | tests/test_32_cache.py | 71 | ||||
| -rw-r--r-- | tests/test_34_population.py | 5 | ||||
| -rw-r--r-- | tests/test_50_server.py | 2 |
7 files changed, 56 insertions, 44 deletions
diff --git a/src/saml2/cache.py b/src/saml2/cache.py index ae00afb8..5b72e9d1 100644 --- a/src/saml2/cache.py +++ b/src/saml2/cache.py @@ -1,6 +1,7 @@ #!/usr/bin/env python import shelve +import six from saml2.ident import code, decode from saml2 import time_util, SAMLError import logging @@ -98,6 +99,8 @@ class Cache(object): if check_not_on_or_after and time_util.after(timestamp): raise ToOld("past %s" % str(timestamp)) + if 'name_id' in info and isinstance(info['name_id'], six.string_types): + info['name_id'] = decode(info['name_id']) return info or None def set(self, name_id, entity_id, info, not_on_or_after=0): diff --git a/src/saml2/ident.py b/src/saml2/ident.py index b6af8e99..7b1667af 100644 --- a/src/saml2/ident.py +++ b/src/saml2/ident.py @@ -29,8 +29,8 @@ class Unknown(SAMLError): def code(item): """ Turn a NameID class instance into a quoted string of comma separated - attribute,value pairs. The attribute name is replaced with a digits. - Depends on knowledge on the specific order of the attributes for that + attribute,value pairs. The attribute names are replaced with digits. + Depends on knowledge on the specific order of the attributes for the class that is used. :param item: The class instance diff --git a/src/saml2/population.py b/src/saml2/population.py index 83090283..48e15587 100644 --- a/src/saml2/population.py +++ b/src/saml2/population.py @@ -1,6 +1,7 @@ import logging -from saml2.cache import Cache import six +from saml2.cache import Cache +from saml2.ident import code logger = logging.getLogger(__name__) @@ -20,6 +21,8 @@ class Population(object): this function will overwrite that information""" name_id = session_info["name_id"] + # make friendly to (JSON) serialization + session_info['name_id'] = code(name_id) issuer = session_info["issuer"] del session_info["issuer"] self.cache.set(name_id, issuer, session_info, diff --git a/src/saml2/server.py b/src/saml2/server.py index f53de4a6..fd3f7c07 100644 --- a/src/saml2/server.py +++ b/src/saml2/server.py @@ -480,7 +480,7 @@ class Server(Entity): pass to_sign = [] - args = {} + if identity: _issuer = self._issuer(issuer) ast = Assertion(identity) @@ -505,12 +505,16 @@ class Server(Entity): digest_alg=digest_alg) # Just the assertion or the response and the assertion ? to_sign = [(class_name(assertion), assertion.id)] + kwargs['sign_assertion'] = True - args["assertion"] = assertion + kwargs["assertion"] = assertion + + if sp_entity_id: + kwargs['sp_entity_id'] = sp_entity_id return self._response(in_response_to, destination, status, issuer, sign_response, to_sign, sign_alg=sign_alg, - digest_alg=digest_alg, **args) + digest_alg=digest_alg, **kwargs) # ------------------------------------------------------------------------ diff --git a/tests/test_32_cache.py b/tests/test_32_cache.py index eb68cdce..97442d87 100644 --- a/tests/test_32_cache.py +++ b/tests/test_32_cache.py @@ -7,50 +7,52 @@ from saml2.cache import Cache from saml2.time_util import in_a_while, str_to_time from saml2.ident import code -SESSION_INFO_PATTERN = {"ava":{}, "came from":"", "not_on_or_after":0, - "issuer":"", "session_id":-1} +SESSION_INFO_PATTERN = {"ava": {}, "came from": "", "not_on_or_after": 0, + "issuer": "", "session_id": -1} -def _eq(l1,l2): +def _eq(l1, l2): return set(l1) == set(l2) + def nid_eq(l1, l2): return _eq([code(c) for c in l1], [code(c) for c in l2]) + nid = [ NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="1234"), NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="9876"), NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="1000")] + class TestClass: def setup_class(self): self.cache = Cache() - - + def test_set(self): not_on_or_after = str_to_time(in_a_while(days=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"givenName":["Derek"]} + session_info["ava"] = {"givenName": ["Derek"]} self.cache.set(nid[0], "abcd", session_info, not_on_or_after) - + (ava, inactive) = self.cache.get_identity(nid[0]) assert inactive == [] assert list(ava.keys()) == ["givenName"] assert ava["givenName"] == ["Derek"] - - def test_add_ava_info(self): + + def test_add_ava_info(self): not_on_or_after = str_to_time(in_a_while(days=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"surName":["Jeter"]} + session_info["ava"] = {"surName": ["Jeter"]} self.cache.set(nid[0], "bcde", session_info, not_on_or_after) - + (ava, inactive) = self.cache.get_identity(nid[0]) assert inactive == [] - assert _eq(ava.keys(), ["givenName","surName"]) + assert _eq(ava.keys(), ["givenName", "surName"]) assert ava["givenName"] == ["Derek"] assert ava["surName"] == ["Jeter"] - def test_from_one_target_source(self): + def test_from_one_target_source(self): session_info = self.cache.get(nid[0], "bcde") ava = session_info["ava"] assert _eq(ava.keys(), ["surName"]) @@ -59,66 +61,65 @@ class TestClass: ava = session_info["ava"] assert _eq(ava.keys(), ["givenName"]) assert ava["givenName"] == ["Derek"] - + def test_entities(self): assert _eq(self.cache.entities(nid[0]), ["abcd", "bcde"]) py.test.raises(Exception, "self.cache.entities('6666')") - + def test_remove_info(self): self.cache.reset(nid[0], "bcde") assert self.cache.active(nid[0], "bcde") == False assert self.cache.active(nid[0], "abcd") - + (ava, inactive) = self.cache.get_identity(nid[0]) assert inactive == ['bcde'] assert _eq(ava.keys(), ["givenName"]) assert ava["givenName"] == ["Derek"] - + def test_active(self): assert self.cache.active(nid[0], "bcde") == False assert self.cache.active(nid[0], "abcd") - + def test_subjects(self): assert nid_eq(self.cache.subjects(), [nid[0]]) - + def test_second_subject(self): not_on_or_after = str_to_time(in_a_while(days=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"givenName":["Ichiro"], - "surName":["Suzuki"]} + session_info["ava"] = {"givenName": ["Ichiro"], + "surName": ["Suzuki"]} self.cache.set(nid[1], "abcd", session_info, - not_on_or_after) + not_on_or_after) (ava, inactive) = self.cache.get_identity(nid[1]) assert inactive == [] - assert _eq(ava.keys(), ["givenName","surName"]) + assert _eq(ava.keys(), ["givenName", "surName"]) assert ava["givenName"] == ["Ichiro"] assert ava["surName"] == ["Suzuki"] assert nid_eq(self.cache.subjects(), [nid[0], nid[1]]) - + def test_receivers(self): assert _eq(self.cache.receivers(nid[1]), ["abcd"]) - + not_on_or_after = str_to_time(in_a_while(days=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"givenName":["Ichiro"], - "surName":["Suzuki"]} + session_info["ava"] = {"givenName": ["Ichiro"], + "surName": ["Suzuki"]} self.cache.set(nid[1], "bcde", session_info, - not_on_or_after) - + not_on_or_after) + assert _eq(self.cache.receivers(nid[1]), ["abcd", "bcde"]) assert nid_eq(self.cache.subjects(), nid[0:2]) - + def test_timeout(self): not_on_or_after = str_to_time(in_a_while(seconds=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"givenName":["Alex"], - "surName":["Rodriguez"]} + session_info["ava"] = {"givenName": ["Alex"], + "surName": ["Rodriguez"]} self.cache.set(nid[2], "bcde", session_info, - not_on_or_after) - + not_on_or_after) + time.sleep(2) (ava, inactive) = self.cache.get_identity(nid[2]) assert inactive == ["bcde"] assert ava == {} - diff --git a/tests/test_34_population.py b/tests/test_34_population.py index 93472fd7..ac46ab15 100644 --- a/tests/test_34_population.py +++ b/tests/test_34_population.py @@ -10,8 +10,9 @@ IDP_OTHER = "urn:mace:example.com:saml:other:idp" nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="123456") + nida = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, - text="abcdef") + text="abcdef") cnid = code(nid) cnida = code(nida) @@ -57,7 +58,7 @@ class TestPopulationMemoryBased(): info = self.population.get_info_from(nid, IDP_ONE) assert sorted(list(info.keys())) == sorted(["not_on_or_after", "name_id", "ava"]) - assert info["name_id"] == nid + assert info["name_id"] == nid assert info["ava"] == {'mail': 'anders.andersson@example.com', 'givenName': 'Anders', 'surName': 'Andersson'} diff --git a/tests/test_50_server.py b/tests/test_50_server.py index 81cbdbc4..4aa834c5 100644 --- a/tests/test_50_server.py +++ b/tests/test_50_server.py @@ -1204,7 +1204,7 @@ class TestServer2(): print(aa_policy.__dict__) response = self.server.create_attribute_response( IDENTITY.copy(), "aaa", "http://example.com/sp/", - "urn:mace:example.com:sp:1") + "http://www.example.com/roland/sp") assert response is not None assert response.destination == "http://example.com/sp/" |