diff options
author | Egor Panfilov <edpanfilov@sbcloud.ru> | 2018-11-19 18:23:17 +0300 |
---|---|---|
committer | Ivan Kanakarakis <ivan.kanak@gmail.com> | 2018-11-19 19:07:23 +0200 |
commit | 3a514b4cbebcf207f4b9dc29fee1f425572aca79 (patch) | |
tree | 8cfb2e421d285c97140ca6b34f330761b1245e19 /src | |
parent | a8c6320095a73c61353b6c10df60cf3688dfedd3 (diff) | |
download | pysaml2-3a514b4cbebcf207f4b9dc29fee1f425572aca79.tar.gz |
Various small refactor
Diffstat (limited to 'src')
-rw-r--r-- | src/saml2/client.py | 3 | ||||
-rw-r--r-- | src/saml2/client_base.py | 15 | ||||
-rw-r--r-- | src/saml2/config.py | 8 | ||||
-rw-r--r-- | src/saml2/ecp_client.py | 11 | ||||
-rw-r--r-- | src/saml2/entity.py | 4 | ||||
-rw-r--r-- | src/saml2/population.py | 3 | ||||
-rw-r--r-- | src/saml2/s2repoze/plugins/sp.py | 3 |
7 files changed, 27 insertions, 20 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py index 57d907af..91d0c90d 100644 --- a/src/saml2/client.py +++ b/src/saml2/client.py @@ -84,8 +84,7 @@ class Saml2Client(Base): nameid_format=None, scoping=None, consent=None, extensions=None, sign=None, response_binding=saml2.BINDING_HTTP_POST, **kwargs): """ Makes all necessary preparations for an authentication request - that negotiates - which binding to use for authentication. + that negotiates which binding to use for authentication. :param entityid: The entity ID of the IdP to send the request to :param relay_state: To where the user should be returned after diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py index d0a8e82c..b0d14863 100644 --- a/src/saml2/client_base.py +++ b/src/saml2/client_base.py @@ -7,6 +7,8 @@ to conclude its tasks. """ import threading import six +import time +import logging from saml2.entity import Entity @@ -25,7 +27,6 @@ from saml2.extension import sp_type from saml2.extension import requested_attributes import saml2 -import time from saml2.soap import make_soap_enveloped_saml_thingy from six.moves.urllib.parse import parse_qs @@ -94,7 +95,7 @@ class Base(Entity): """ The basic pySAML2 service provider class """ def __init__(self, config=None, identity_cache=None, state_cache=None, - virtual_organization="", config_file="", msg_cb=None): + virtual_organization="", config_file="", msg_cb=None): """ :param config: A saml2.config.Config instance :param identity_cache: Where the class should store identity information @@ -133,10 +134,12 @@ class Base(Entity): setattr(self, attr, val) - if self.entity_type == "sp" and not any([self.want_assertions_signed, - self.want_response_signed]): - logger.warning("The SAML service provider accepts unsigned SAML Responses " + - "and Assertions. This configuration is insecure.") + if (self.entity_type == "sp" + and not any([self.want_assertions_signed, + self.want_response_signed])): + logger.warning("The SAML service provider accepts unsigned SAML " + "Responses and Assertions. This configuration is " + "insecure.") self.artifact2response = {} diff --git a/src/saml2/config.py b/src/saml2/config.py index 8f90afc8..e890080a 100644 --- a/src/saml2/config.py +++ b/src/saml2/config.py @@ -381,11 +381,11 @@ class Config(object): return importlib.import_module(tail) - def load_file(self, config_file, metadata_construction=False): - if config_file.endswith(".py"): - config_file = config_file[:-3] + def load_file(self, config_filename, metadata_construction=False): + if config_filename.endswith(".py"): + config_filename = config_filename[:-3] - mod = self._load(config_file) + mod = self._load(config_filename) return self.load(copy.deepcopy(mod.CONFIG), metadata_construction) def load_metadata(self, metadata_conf): diff --git a/src/saml2/ecp_client.py b/src/saml2/ecp_client.py index 788d252d..f0183f45 100644 --- a/src/saml2/ecp_client.py +++ b/src/saml2/ecp_client.py @@ -33,6 +33,12 @@ logger = logging.getLogger(__name__) class Client(Entity): + """ECP-aware client that works on the client (application) side. + + You can use this class when you want to login user through + ECP-aware SP and IdP. + """ + def __init__(self, user, passwd, sp="", idp=None, metadata_file=None, xmlsec_binary=None, verbose=0, ca_certs="", disable_ssl_certificate_validation=True, key_file=None, @@ -221,7 +227,8 @@ class Client(Entity): return None - def add_paos_headers(self, headers=None): + @staticmethod + def add_paos_headers(headers=None): if headers: headers = set_list2dict(headers) headers["PAOS"] = PAOS_HEADER_INFO @@ -283,7 +290,7 @@ class Client(Entity): # should by now be authenticated so this should go smoothly response = self.send(url, op, **opargs) except (soap.XmlParseError, AssertionError, KeyError): - pass + raise if response.status_code >= 400: raise SAMLError("Error performing operation: %s" % ( diff --git a/src/saml2/entity.py b/src/saml2/entity.py index e53804c3..6ad42df0 100644 --- a/src/saml2/entity.py +++ b/src/saml2/entity.py @@ -63,7 +63,6 @@ from saml2.httpbase import HTTPBase from saml2.sigver import security_context from saml2.sigver import response_factory from saml2.sigver import SigverError -from saml2.sigver import CryptoBackendXmlSec1 from saml2.sigver import make_temp from saml2.sigver import pre_encryption_part from saml2.sigver import pre_signature_part @@ -554,7 +553,6 @@ class Entity(HTTPBase): _certs = [] if encrypt_cert: - _certs = [] _certs.append(encrypt_cert) elif sp_entity_id is not None: _certs = self.metadata.certs(sp_entity_id, "any", "encryption") @@ -1134,11 +1132,11 @@ class Entity(HTTPBase): raise xmlstr = self.unravel(xmlstr, binding, response_cls.msgtype) - origxml = xmlstr if not xmlstr: # Not a valid reponse return None try: + origxml = xmlstr response = response.loads(xmlstr, False, origxml=origxml) except SigverError as err: logger.error("Signature Error: %s", err) diff --git a/src/saml2/population.py b/src/saml2/population.py index 0336cef7..7b3ffd39 100644 --- a/src/saml2/population.py +++ b/src/saml2/population.py @@ -1,7 +1,8 @@ import logging + import six + from saml2.cache import Cache -from saml2.ident import code logger = logging.getLogger(__name__) diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py index 14d19c05..81d52e2d 100644 --- a/src/saml2/s2repoze/plugins/sp.py +++ b/src/saml2/s2repoze/plugins/sp.py @@ -651,8 +651,7 @@ def make_plugin(remember_name=None, # plugin for remember sid_store="", identity_cache="", discovery="", - idp_query_param="" -): + idp_query_param=""): if saml_conf is "": raise ValueError( 'must include saml_conf in configuration') |