summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorEgor Panfilov <edpanfilov@sbcloud.ru>2018-11-19 18:23:17 +0300
committerIvan Kanakarakis <ivan.kanak@gmail.com>2018-11-19 19:07:23 +0200
commit3a514b4cbebcf207f4b9dc29fee1f425572aca79 (patch)
tree8cfb2e421d285c97140ca6b34f330761b1245e19 /src
parenta8c6320095a73c61353b6c10df60cf3688dfedd3 (diff)
downloadpysaml2-3a514b4cbebcf207f4b9dc29fee1f425572aca79.tar.gz
Various small refactor
Diffstat (limited to 'src')
-rw-r--r--src/saml2/client.py3
-rw-r--r--src/saml2/client_base.py15
-rw-r--r--src/saml2/config.py8
-rw-r--r--src/saml2/ecp_client.py11
-rw-r--r--src/saml2/entity.py4
-rw-r--r--src/saml2/population.py3
-rw-r--r--src/saml2/s2repoze/plugins/sp.py3
7 files changed, 27 insertions, 20 deletions
diff --git a/src/saml2/client.py b/src/saml2/client.py
index 57d907af..91d0c90d 100644
--- a/src/saml2/client.py
+++ b/src/saml2/client.py
@@ -84,8 +84,7 @@ class Saml2Client(Base):
nameid_format=None, scoping=None, consent=None, extensions=None,
sign=None, response_binding=saml2.BINDING_HTTP_POST, **kwargs):
""" Makes all necessary preparations for an authentication request
- that negotiates
- which binding to use for authentication.
+ that negotiates which binding to use for authentication.
:param entityid: The entity ID of the IdP to send the request to
:param relay_state: To where the user should be returned after
diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py
index d0a8e82c..b0d14863 100644
--- a/src/saml2/client_base.py
+++ b/src/saml2/client_base.py
@@ -7,6 +7,8 @@ to conclude its tasks.
"""
import threading
import six
+import time
+import logging
from saml2.entity import Entity
@@ -25,7 +27,6 @@ from saml2.extension import sp_type
from saml2.extension import requested_attributes
import saml2
-import time
from saml2.soap import make_soap_enveloped_saml_thingy
from six.moves.urllib.parse import parse_qs
@@ -94,7 +95,7 @@ class Base(Entity):
""" The basic pySAML2 service provider class """
def __init__(self, config=None, identity_cache=None, state_cache=None,
- virtual_organization="", config_file="", msg_cb=None):
+ virtual_organization="", config_file="", msg_cb=None):
"""
:param config: A saml2.config.Config instance
:param identity_cache: Where the class should store identity information
@@ -133,10 +134,12 @@ class Base(Entity):
setattr(self, attr, val)
- if self.entity_type == "sp" and not any([self.want_assertions_signed,
- self.want_response_signed]):
- logger.warning("The SAML service provider accepts unsigned SAML Responses " +
- "and Assertions. This configuration is insecure.")
+ if (self.entity_type == "sp"
+ and not any([self.want_assertions_signed,
+ self.want_response_signed])):
+ logger.warning("The SAML service provider accepts unsigned SAML "
+ "Responses and Assertions. This configuration is "
+ "insecure.")
self.artifact2response = {}
diff --git a/src/saml2/config.py b/src/saml2/config.py
index 8f90afc8..e890080a 100644
--- a/src/saml2/config.py
+++ b/src/saml2/config.py
@@ -381,11 +381,11 @@ class Config(object):
return importlib.import_module(tail)
- def load_file(self, config_file, metadata_construction=False):
- if config_file.endswith(".py"):
- config_file = config_file[:-3]
+ def load_file(self, config_filename, metadata_construction=False):
+ if config_filename.endswith(".py"):
+ config_filename = config_filename[:-3]
- mod = self._load(config_file)
+ mod = self._load(config_filename)
return self.load(copy.deepcopy(mod.CONFIG), metadata_construction)
def load_metadata(self, metadata_conf):
diff --git a/src/saml2/ecp_client.py b/src/saml2/ecp_client.py
index 788d252d..f0183f45 100644
--- a/src/saml2/ecp_client.py
+++ b/src/saml2/ecp_client.py
@@ -33,6 +33,12 @@ logger = logging.getLogger(__name__)
class Client(Entity):
+ """ECP-aware client that works on the client (application) side.
+
+ You can use this class when you want to login user through
+ ECP-aware SP and IdP.
+ """
+
def __init__(self, user, passwd, sp="", idp=None, metadata_file=None,
xmlsec_binary=None, verbose=0, ca_certs="",
disable_ssl_certificate_validation=True, key_file=None,
@@ -221,7 +227,8 @@ class Client(Entity):
return None
- def add_paos_headers(self, headers=None):
+ @staticmethod
+ def add_paos_headers(headers=None):
if headers:
headers = set_list2dict(headers)
headers["PAOS"] = PAOS_HEADER_INFO
@@ -283,7 +290,7 @@ class Client(Entity):
# should by now be authenticated so this should go smoothly
response = self.send(url, op, **opargs)
except (soap.XmlParseError, AssertionError, KeyError):
- pass
+ raise
if response.status_code >= 400:
raise SAMLError("Error performing operation: %s" % (
diff --git a/src/saml2/entity.py b/src/saml2/entity.py
index e53804c3..6ad42df0 100644
--- a/src/saml2/entity.py
+++ b/src/saml2/entity.py
@@ -63,7 +63,6 @@ from saml2.httpbase import HTTPBase
from saml2.sigver import security_context
from saml2.sigver import response_factory
from saml2.sigver import SigverError
-from saml2.sigver import CryptoBackendXmlSec1
from saml2.sigver import make_temp
from saml2.sigver import pre_encryption_part
from saml2.sigver import pre_signature_part
@@ -554,7 +553,6 @@ class Entity(HTTPBase):
_certs = []
if encrypt_cert:
- _certs = []
_certs.append(encrypt_cert)
elif sp_entity_id is not None:
_certs = self.metadata.certs(sp_entity_id, "any", "encryption")
@@ -1134,11 +1132,11 @@ class Entity(HTTPBase):
raise
xmlstr = self.unravel(xmlstr, binding, response_cls.msgtype)
- origxml = xmlstr
if not xmlstr: # Not a valid reponse
return None
try:
+ origxml = xmlstr
response = response.loads(xmlstr, False, origxml=origxml)
except SigverError as err:
logger.error("Signature Error: %s", err)
diff --git a/src/saml2/population.py b/src/saml2/population.py
index 0336cef7..7b3ffd39 100644
--- a/src/saml2/population.py
+++ b/src/saml2/population.py
@@ -1,7 +1,8 @@
import logging
+
import six
+
from saml2.cache import Cache
-from saml2.ident import code
logger = logging.getLogger(__name__)
diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py
index 14d19c05..81d52e2d 100644
--- a/src/saml2/s2repoze/plugins/sp.py
+++ b/src/saml2/s2repoze/plugins/sp.py
@@ -651,8 +651,7 @@ def make_plugin(remember_name=None, # plugin for remember
sid_store="",
identity_cache="",
discovery="",
- idp_query_param=""
-):
+ idp_query_param=""):
if saml_conf is "":
raise ValueError(
'must include saml_conf in configuration')