diff options
| -rw-r--r-- | setup.cfg | 1 | ||||
| -rw-r--r-- | src/saml2/assertion.py | 7 | ||||
| -rw-r--r-- | src/saml2/attribute_converter.py | 13 | ||||
| -rw-r--r-- | src/saml2/attribute_resolver.py | 8 | ||||
| -rw-r--r-- | src/saml2/authn.py | 3 | ||||
| -rw-r--r-- | src/saml2/client.py | 3 | ||||
| -rw-r--r-- | src/saml2/client_base.py | 2 | ||||
| -rw-r--r-- | src/saml2/config.py | 11 | ||||
| -rw-r--r-- | src/saml2/country_codes.py | 331 | ||||
| -rw-r--r-- | src/saml2/discovery.py | 2 | ||||
| -rw-r--r-- | src/saml2/md.py | 27 | ||||
| -rw-r--r-- | src/saml2/mdbcache.py | 1 | ||||
| -rw-r--r-- | src/saml2/mdstore.py | 14 | ||||
| -rw-r--r-- | src/saml2/population.py | 5 | ||||
| -rw-r--r-- | src/saml2/request.py | 2 | ||||
| -rw-r--r-- | src/saml2/s2repoze/plugins/sp.py | 4 | ||||
| -rw-r--r-- | src/saml2/s_utils.py | 3 | ||||
| -rw-r--r-- | src/saml2/saml.py | 6 | ||||
| -rw-r--r-- | src/saml2/server.py | 6 | ||||
| -rw-r--r-- | src/saml2/sigver.py | 2 | ||||
| -rw-r--r-- | src/saml2test/interaction.py | 5 | ||||
| -rw-r--r-- | src/saml2test/opfunc.py | 4 |
22 files changed, 306 insertions, 154 deletions
@@ -87,6 +87,7 @@ markers = [flake8] +max-line-length = 120 author-attribute = forbidden no-accept-encodings = True assertive-snakecase = True diff --git a/src/saml2/assertion.py b/src/saml2/assertion.py index 4474bf42..99308ecc 100644 --- a/src/saml2/assertion.py +++ b/src/saml2/assertion.py @@ -110,10 +110,9 @@ def filter_on_attributes(ava, required=None, optional=None, acs=None, def _apply_attr_value_restrictions(attr, res, must=False): - try: - values = [av["text"] for av in attr["attribute_value"]] - except KeyError: - values = [] + values = [ + av["text"] for av in attr.get("attribute_value", []) + ] try: res[_fn].extend(_filter_values(ava[_fn], values)) diff --git a/src/saml2/attribute_converter.py b/src/saml2/attribute_converter.py index ed616ee1..da071738 100644 --- a/src/saml2/attribute_converter.py +++ b/src/saml2/attribute_converter.py @@ -11,7 +11,7 @@ from saml2.s_utils import do_ava from saml2 import saml, ExtensionElement, NAMESPACE from saml2 import extension_elements_to_elements from saml2 import SAMLError -from saml2.saml import NAME_FORMAT_UNSPECIFIED, NAMEID_FORMAT_PERSISTENT, NameID +from saml2.saml import NAME_FORMAT_UNSPECIFIED, NAMEID_FORMAT_PERSISTENT import logging logger = logging.getLogger(__name__) @@ -136,12 +136,13 @@ def list_to_local(acs, attrlist, allow_unknown_attributes=False): try: _func = acsd[attr.name_format].ava_from except KeyError: - if attr.name_format == NAME_FORMAT_UNSPECIFIED or \ - allow_unknown_attributes: + if ( + attr.name_format == NAME_FORMAT_UNSPECIFIED + or allow_unknown_attributes + ): _func = acs[0].lcd_ava_from else: - logger.info("Unsupported attribute name format: %s", - attr.name_format) + logger.info("Unsupported attribute name format: %s", attr.name_format) continue try: @@ -384,7 +385,7 @@ class AttributeConverter(object): except KeyError: try: _attr = self._to[attr.lower()] - except: + except KeyError: _attr = '' if _attr: diff --git a/src/saml2/attribute_resolver.py b/src/saml2/attribute_resolver.py index 18a66100..7646e080 100644 --- a/src/saml2/attribute_resolver.py +++ b/src/saml2/attribute_resolver.py @@ -10,15 +10,15 @@ import logging #from saml2 import client from saml2 import BINDING_SOAP + logger = logging.getLogger(__name__) DEFAULT_BINDING = BINDING_SOAP -class AttributeResolver(object): +class AttributeResolver(object): def __init__(self, saml2client, metadata=None, config=None): self.metadata = metadata - self.saml2client = saml2client self.metadata = saml2client.config.metadata @@ -42,8 +42,8 @@ class AttributeResolver(object): continue # attribute query assumes SOAP binding session_info = self.saml2client.attribute_query( - name_id, attr_serv.location, issuer_id=issuer, -) + name_id, attr_serv.location, issuer_id=issuer + ) if session_info: result.append(session_info) return result diff --git a/src/saml2/authn.py b/src/saml2/authn.py index 11af81e5..480d8996 100644 --- a/src/saml2/authn.py +++ b/src/saml2/authn.py @@ -159,7 +159,7 @@ class UsernamePasswordMako(UserAuthnMethod): wants the user after authentication. """ - #logger.debug("verify(%s)" % request) + # logger.debug("verify(%s)" % request) if isinstance(request, six.string_types): _dict = parse_qs(request) elif isinstance(request, dict): @@ -236,6 +236,7 @@ class AuthnMethodChooser(object): try: import ldap + class LDAPAuthn(UsernamePasswordMako): def __init__(self, srv, ldapsrv, return_to, dn_pattern, mako_template, template_lookup): diff --git a/src/saml2/client.py b/src/saml2/client.py index e8642dfa..1eebf31d 100644 --- a/src/saml2/client.py +++ b/src/saml2/client.py @@ -6,7 +6,6 @@ import six """Contains classes and functions that a SAML2.0 Service Provider (SP) may use to conclude its tasks. """ -from saml2.request import LogoutRequest import saml2 from saml2 import saml, SAMLError @@ -140,7 +139,7 @@ class Saml2Client(Base): for binding in bindings_to_try: try: destination = self._sso_location(entityid, binding) - except Exception as e: + except Exception: unsupported_bindings.append(binding) else: binding_destinations.append((binding, destination)) diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py index 4546ef07..77b52ce0 100644 --- a/src/saml2/client_base.py +++ b/src/saml2/client_base.py @@ -630,7 +630,7 @@ class Base(Entity): consent=None, extensions=None, sign=None, - sign_ag=None, + sign_alg=None, digest_alg=None, nsprefix=None, ): diff --git a/src/saml2/config.py b/src/saml2/config.py index f441f337..357dc6b8 100644 --- a/src/saml2/config.py +++ b/src/saml2/config.py @@ -8,8 +8,6 @@ import sys from logging.config import dictConfig as configure_logging_by_dict from warnings import warn as _warn -import six - from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_REDIRECT @@ -375,15 +373,16 @@ class Config(object): try: ca_certs = self.ca_certs - except: + except Exception: ca_certs = None try: disable_validation = self.disable_ssl_certificate_validation - except: + except Exception: disable_validation = False - mds = MetadataStore(acs, self, ca_certs, - disable_ssl_certificate_validation=disable_validation) + mds = MetadataStore( + acs, self, ca_certs, disable_ssl_certificate_validation=disable_validation + ) mds.imp(metadata_conf) diff --git a/src/saml2/country_codes.py b/src/saml2/country_codes.py index 32f2ba0c..bf4b60a4 100644 --- a/src/saml2/country_codes.py +++ b/src/saml2/country_codes.py @@ -3,93 +3,254 @@ # ISO 3166-1 country names and codes from http://opencountrycodes.appspot.com/python COUNTRIES = ( - ("AF", "Afghanistan"),("AX", "Aland Islands"),("AL", "Albania"), - ("DZ", "Algeria"),("AS", "American Samoa"),("AD", "Andorra"), - ("AO", "Angola"),("AI", "Anguilla"),("AQ", "Antarctica"), - ("AG", "Antigua and Barbuda"),("AR", "Argentina"),("AM", "Armenia"), - ("AW", "Aruba"),("AU", "Australia"),("AT", "Austria"), - ("AZ", "Azerbaijan"),("BS", "Bahamas"),("BH", "Bahrain"), - ("BD", "Bangladesh"),("BB", "Barbados"),("BY", "Belarus"),("BE", "Belgium"), - ("BZ", "Belize"),("BJ", "Benin"),("BM", "Bermuda"),("BT", "Bhutan"), + ("AF", "Afghanistan"), + ("AX", "Aland Islands"), + ("AL", "Albania"), + ("DZ", "Algeria"), + ("AS", "American Samoa"), + ("AD", "Andorra"), + ("AO", "Angola"), + ("AI", "Anguilla"), + ("AQ", "Antarctica"), + ("AG", "Antigua and Barbuda"), + ("AR", "Argentina"), + ("AM", "Armenia"), + ("AW", "Aruba"), + ("AU", "Australia"), + ("AT", "Austria"), + ("AZ", "Azerbaijan"), + ("BS", "Bahamas"), + ("BH", "Bahrain"), + ("BD", "Bangladesh"), + ("BB", "Barbados"), + ("BY", "Belarus"), + ("BE", "Belgium"), + ("BZ", "Belize"), + ("BJ", "Benin"), + ("BM", "Bermuda"), + ("BT", "Bhutan"), ("BO", "Bolivia, Plurinational State of"), - ("BQ", "Bonaire, Sint Eustatius and Saba"),("BA", "Bosnia and Herzegovina"), - ("BW", "Botswana"),("BV", "Bouvet Island"),("BR", "Brazil"), - ("IO", "British Indian Ocean Territory"),("BN", "Brunei Darussalam"), - ("BG", "Bulgaria"),("BF", "Burkina Faso"),("BI", "Burundi"), - ("KH", "Cambodia"),("CM", "Cameroon"),("CA", "Canada"),("CV", "Cape Verde"), - ("KY", "Cayman Islands"),("CF", "Central African Republic"),("TD", "Chad"), - ("CL", "Chile"),("CN", "China"),("CX", "Christmas Island"), - ("CC", "Cocos (Keeling) Islands"),("CO", "Colombia"),("KM", "Comoros"), - ("CG", "Congo"),("CD", "Congo, The Democratic Republic of the"), - ("CK", "Cook Islands"),("CR", "Costa Rica"),("CI", "Cote D'ivoire"), - ("HR", "Croatia"),("CU", "Cuba"),("CW", "Curacao"),("CY", "Cyprus"), - ("CZ", "Czech Republic"),("DK", "Denmark"),("DJ", "Djibouti"), - ("DM", "Dominica"),("DO", "Dominican Republic"),("EC", "Ecuador"), - ("EG", "Egypt"),("SV", "El Salvador"),("GQ", "Equatorial Guinea"), - ("ER", "Eritrea"),("EE", "Estonia"),("ET", "Ethiopia"), - ("FK", "Falkland Islands (Malvinas)"),("FO", "Faroe Islands"), - ("FJ", "Fiji"),("FI", "Finland"),("FR", "France"),("GF", "French Guiana"), - ("PF", "French Polynesia"),("TF", "French Southern Territories"), - ("GA", "Gabon"),("GM", "Gambia"),("GE", "Georgia"),("DE", "Germany"), - ("GH", "Ghana"),("GI", "Gibraltar"),("GR", "Greece"),("GL", "Greenland"), - ("GD", "Grenada"),("GP", "Guadeloupe"),("GU", "Guam"),("GT", "Guatemala"), - ("GG", "Guernsey"),("GN", "Guinea"),("GW", "Guinea-Bissau"),("GY", "Guyana"), - ("HT", "Haiti"),("HM", "Heard Island and McDonald Islands"), - ("VA", "Holy See (Vatican City State)"),("HN", "Honduras"), - ("HK", "Hong Kong"),("HU", "Hungary"),("IS", "Iceland"),("IN", "India"), - ("ID", "Indonesia"),("IR", "Iran, Islamic Republic of"),("IQ", "Iraq"), - ("IE", "Ireland"),("IM", "Isle of Man"),("IL", "Israel"),("IT", "Italy"), - ("JM", "Jamaica"),("JP", "Japan"),("JE", "Jersey"),("JO", "Jordan"), - ("KZ", "Kazakhstan"),("KE", "Kenya"),("KI", "Kiribati"), + ("BQ", "Bonaire, Sint Eustatius and Saba"), + ("BA", "Bosnia and Herzegovina"), + ("BW", "Botswana"), + ("BV", "Bouvet Island"), + ("BR", "Brazil"), + ("IO", "British Indian Ocean Territory"), + ("BN", "Brunei Darussalam"), + ("BG", "Bulgaria"), + ("BF", "Burkina Faso"), + ("BI", "Burundi"), + ("KH", "Cambodia"), + ("CM", "Cameroon"), + ("CA", "Canada"), + ("CV", "Cape Verde"), + ("KY", "Cayman Islands"), + ("CF", "Central African Republic"), + ("TD", "Chad"), + ("CL", "Chile"), + ("CN", "China"), + ("CX", "Christmas Island"), + ("CC", "Cocos (Keeling) Islands"), + ("CO", "Colombia"), + ("KM", "Comoros"), + ("CG", "Congo"), + ("CD", "Congo, The Democratic Republic of the"), + ("CK", "Cook Islands"), + ("CR", "Costa Rica"), + ("CI", "Cote D'ivoire"), + ("HR", "Croatia"), + ("CU", "Cuba"), + ("CW", "Curacao"), + ("CY", "Cyprus"), + ("CZ", "Czech Republic"), + ("DK", "Denmark"), + ("DJ", "Djibouti"), + ("DM", "Dominica"), + ("DO", "Dominican Republic"), + ("EC", "Ecuador"), + ("EG", "Egypt"), + ("SV", "El Salvador"), + ("GQ", "Equatorial Guinea"), + ("ER", "Eritrea"), + ("EE", "Estonia"), + ("ET", "Ethiopia"), + ("FK", "Falkland Islands (Malvinas)"), + ("FO", "Faroe Islands"), + ("FJ", "Fiji"), + ("FI", "Finland"), + ("FR", "France"), + ("GF", "French Guiana"), + ("PF", "French Polynesia"), + ("TF", "French Southern Territories"), + ("GA", "Gabon"), + ("GM", "Gambia"), + ("GE", "Georgia"), + ("DE", "Germany"), + ("GH", "Ghana"), + ("GI", "Gibraltar"), + ("GR", "Greece"), + ("GL", "Greenland"), + ("GD", "Grenada"), + ("GP", "Guadeloupe"), + ("GU", "Guam"), + ("GT", "Guatemala"), + ("GG", "Guernsey"), + ("GN", "Guinea"), + ("GW", "Guinea-Bissau"), + ("GY", "Guyana"), + ("HT", "Haiti"), + ("HM", "Heard Island and McDonald Islands"), + ("VA", "Holy See (Vatican City State)"), + ("HN", "Honduras"), + ("HK", "Hong Kong"), + ("HU", "Hungary"), + ("IS", "Iceland"), + ("IN", "India"), + ("ID", "Indonesia"), + ("IR", "Iran, Islamic Republic of"), + ("IQ", "Iraq"), + ("IE", "Ireland"), + ("IM", "Isle of Man"), + ("IL", "Israel"), + ("IT", "Italy"), + ("JM", "Jamaica"), + ("JP", "Japan"), + ("JE", "Jersey"), + ("JO", "Jordan"), + ("KZ", "Kazakhstan"), + ("KE", "Kenya"), + ("KI", "Kiribati"), ("KP", "Korea, Democratic People's Republic of"), - ("KR", "Korea, Republic of"),("KW", "Kuwait"),("KG", "Kyrgyzstan"), - ("LA", "Lao People's Democratic Republic"),("LV", "Latvia"), - ("LB", "Lebanon"),("LS", "Lesotho"),("LR", "Liberia"), - ("LY", "Libyan Arab Jamahiriya"),("LI", "Liechtenstein"), - ("LT", "Lithuania"),("LU", "Luxembourg"),("MO", "Macao"), - ("MK", "Macedonia, The Former Yugoslav Republic of"),("MG", "Madagascar"), - ("MW", "Malawi"),("MY", "Malaysia"),("MV", "Maldives"),("ML", "Mali"), - ("MT", "Malta"),("MH", "Marshall Islands"),("MQ", "Martinique"), - ("MR", "Mauritania"),("MU", "Mauritius"),("YT", "Mayotte"),("MX", "Mexico"), - ("FM", "Micronesia, Federated States of"),("MD", "Moldova, Republic of"), - ("MC", "Monaco"),("MN", "Mongolia"),("ME", "Montenegro"), - ("MS", "Montserrat"),("MA", "Morocco"),("MZ", "Mozambique"), - ("MM", "Myanmar"),("NA", "Namibia"),("NR", "Nauru"),("NP", "Nepal"), - ("NL", "Netherlands"),("NC", "New Caledonia"),("NZ", "New Zealand"), - ("NI", "Nicaragua"),("NE", "Niger"),("NG", "Nigeria"),("NU", "Niue"), - ("NF", "Norfolk Island"),("MP", "Northern Mariana Islands"), - ("NO", "Norway"),("OM", "Oman"),("PK", "Pakistan"),("PW", "Palau"), - ("PS", "Palestinian Territory, Occupied"),("PA", "Panama"), - ("PG", "Papua New Guinea"),("PY", "Paraguay"),("PE", "Peru"), - ("PH", "Philippines"),("PN", "Pitcairn"),("PL", "Poland"), - ("PT", "Portugal"),("PR", "Puerto Rico"),("QA", "Qatar"),("RE", "Reunion"), - ("RO", "Romania"),("RU", "Russian Federation"),("RW", "Rwanda"), + ("KR", "Korea, Republic of"), + ("KW", "Kuwait"), + ("KG", "Kyrgyzstan"), + ("LA", "Lao People's Democratic Republic"), + ("LV", "Latvia"), + ("LB", "Lebanon"), + ("LS", "Lesotho"), + ("LR", "Liberia"), + ("LY", "Libyan Arab Jamahiriya"), + ("LI", "Liechtenstein"), + ("LT", "Lithuania"), + ("LU", "Luxembourg"), + ("MO", "Macao"), + ("MK", "Macedonia, The Former Yugoslav Republic of"), + ("MG", "Madagascar"), + ("MW", "Malawi"), + ("MY", "Malaysia"), + ("MV", "Maldives"), + ("ML", "Mali"), + ("MT", "Malta"), + ("MH", "Marshall Islands"), + ("MQ", "Martinique"), + ("MR", "Mauritania"), + ("MU", "Mauritius"), + ("YT", "Mayotte"), + ("MX", "Mexico"), + ("FM", "Micronesia, Federated States of"), + ("MD", "Moldova, Republic of"), + ("MC", "Monaco"), + ("MN", "Mongolia"), + ("ME", "Montenegro"), + ("MS", "Montserrat"), + ("MA", "Morocco"), + ("MZ", "Mozambique"), + ("MM", "Myanmar"), + ("NA", "Namibia"), + ("NR", "Nauru"), + ("NP", "Nepal"), + ("NL", "Netherlands"), + ("NC", "New Caledonia"), + ("NZ", "New Zealand"), + ("NI", "Nicaragua"), + ("NE", "Niger"), + ("NG", "Nigeria"), + ("NU", "Niue"), + ("NF", "Norfolk Island"), + ("MP", "Northern Mariana Islands"), + ("NO", "Norway"), + ("OM", "Oman"), + ("PK", "Pakistan"), + ("PW", "Palau"), + ("PS", "Palestinian Territory, Occupied"), + ("PA", "Panama"), + ("PG", "Papua New Guinea"), + ("PY", "Paraguay"), + ("PE", "Peru"), + ("PH", "Philippines"), + ("PN", "Pitcairn"), + ("PL", "Poland"), + ("PT", "Portugal"), + ("PR", "Puerto Rico"), + ("QA", "Qatar"), + ("RE", "Reunion"), + ("RO", "Romania"), + ("RU", "Russian Federation"), + ("RW", "Rwanda"), ("BL", "Saint Barthelemy"), ("SH", "Saint Helena, Ascension and Tristan Da Cunha"), - ("KN", "Saint Kitts and Nevis"),("LC", "Saint Lucia"), - ("MF", "Saint Martin (French Part)"),("PM", "Saint Pierre and Miquelon"), - ("VC", "Saint Vincent and the Grenadines"),("WS", "Samoa"), - ("SM", "San Marino"),("ST", "Sao Tome and Principe"),("SA", "Saudi Arabia"), - ("SN", "Senegal"),("RS", "Serbia"),("SC", "Seychelles"), - ("SL", "Sierra Leone"),("SG", "Singapore"), - ("SX", "Sint Maarten (Dutch Part)"),("SK", "Slovakia"),("SI", "Slovenia"), - ("SB", "Solomon Islands"),("SO", "Somalia"),("ZA", "South Africa"), - ("GS", "South Georgia and the South Sandwich Islands"),("ES", "Spain"), - ("LK", "Sri Lanka"),("SD", "Sudan"),("SR", "Suriname"), - ("SJ", "Svalbard and Jan Mayen"),("SZ", "Swaziland"),("SE", "Sweden"), - ("CH", "Switzerland"),("SY", "Syrian Arab Republic"), - ("TW", "Taiwan, Province of China"),("TJ", "Tajikistan"), - ("TZ", "Tanzania, United Republic of"),("TH", "Thailand"), - ("TL", "Timor-Leste"),("TG", "Togo"),("TK", "Tokelau"),("TO", "Tonga"), - ("TT", "Trinidad and Tobago"),("TN", "Tunisia"),("TR", "Turkey"), - ("TM", "Turkmenistan"),("TC", "Turks and Caicos Islands"),("TV", "Tuvalu"), - ("UG", "Uganda"),("UA", "Ukraine"),("AE", "United Arab Emirates"), - ("GB", "United Kingdom"),("US", "United States"), - ("UM", "United States Minor Outlying Islands"),("UY", "Uruguay"), - ("UZ", "Uzbekistan"),("VU", "Vanuatu"), - ("VE", "Venezuela, Bolivarian Republic of"),("VN", "Viet Nam"), - ("VG", "Virgin Islands, British"),("VI", "Virgin Islands, U.S."), - ("WF", "Wallis and Futuna"),("EH", "Western Sahara"),("YE", "Yemen"), - ("ZM", "Zambia"),("ZW", "Zimbabwe"),) + ("KN", "Saint Kitts and Nevis"), + ("LC", "Saint Lucia"), + ("MF", "Saint Martin (French Part)"), + ("PM", "Saint Pierre and Miquelon"), + ("VC", "Saint Vincent and the Grenadines"), + ("WS", "Samoa"), + ("SM", "San Marino"), + ("ST", "Sao Tome and Principe"), + ("SA", "Saudi Arabia"), + ("SN", "Senegal"), + ("RS", "Serbia"), + ("SC", "Seychelles"), + ("SL", "Sierra Leone"), + ("SG", "Singapore"), + ("SX", "Sint Maarten (Dutch Part)"), + ("SK", "Slovakia"), + ("SI", "Slovenia"), + ("SB", "Solomon Islands"), + ("SO", "Somalia"), + ("ZA", "South Africa"), + ("GS", "South Georgia and the South Sandwich Islands"), + ("ES", "Spain"), + ("LK", "Sri Lanka"), + ("SD", "Sudan"), + ("SR", "Suriname"), + ("SJ", "Svalbard and Jan Mayen"), + ("SZ", "Swaziland"), + ("SE", "Sweden"), + ("CH", "Switzerland"), + ("SY", "Syrian Arab Republic"), + ("TW", "Taiwan, Province of China"), + ("TJ", "Tajikistan"), + ("TZ", "Tanzania, United Republic of"), + ("TH", "Thailand"), + ("TL", "Timor-Leste"), + ("TG", "Togo"), + ("TK", "Tokelau"), + ("TO", "Tonga"), + ("TT", "Trinidad and Tobago"), + ("TN", "Tunisia"), + ("TR", "Turkey"), + ("TM", "Turkmenistan"), + ("TC", "Turks and Caicos Islands"), + ("TV", "Tuvalu"), + ("UG", "Uganda"), + ("UA", "Ukraine"), + ("AE", "United Arab Emirates"), + ("GB", "United Kingdom"), + ("US", "United States"), + ("UM", "United States Minor Outlying Islands"), + ("UY", "Uruguay"), + ("UZ", "Uzbekistan"), + ("VU", "Vanuatu"), + ("VE", "Venezuela, Bolivarian Republic of"), + ("VN", "Viet Nam"), + ("VG", "Virgin Islands, British"), + ("VI", "Virgin Islands, U.S."), + ("WF", "Wallis and Futuna"), + ("EH", "Western Sahara"), + ("YE", "Yemen"), + ("ZM", "Zambia"), + ("ZW", "Zimbabwe"), +) -D_COUNTRIES = dict(COUNTRIES)
\ No newline at end of file +D_COUNTRIES = dict(COUNTRIES) diff --git a/src/saml2/discovery.py b/src/saml2/discovery.py index f85ebf44..978caed4 100644 --- a/src/saml2/discovery.py +++ b/src/saml2/discovery.py @@ -64,7 +64,7 @@ class DiscoveryServer(Entity): else: dsr["isPassive"] = False - if not "returnIDParam" in dsr: + if "returnIDParam" not in dsr: dsr["returnIDParam"] = "entityID" return dsr diff --git a/src/saml2/md.py b/src/saml2/md.py index f5c779f5..b9818e26 100644 --- a/src/saml2/md.py +++ b/src/saml2/md.py @@ -740,17 +740,18 @@ class ContactType_(SamlBase): c_child_order.extend(['extensions', 'company', 'given_name', 'sur_name', 'email_address', 'telephone_number']) - def __init__(self, - extensions=None, - company=None, - given_name=None, - sur_name=None, - email_address=None, - telephone_number=None, - contact_type=None, - text=None, - extension_elements=None, - extension_attributes=None, + def __init__( + self, + extensions=None, + company=None, + given_name=None, + sur_name=None, + email_address=None, + telephone_number=None, + contact_type=None, + text=None, + extension_elements=None, + extension_attributes=None, ): SamlBase.__init__(self, text=text, @@ -1780,7 +1781,6 @@ def entity_descriptor_from_string(xml_string): return saml2.create_class_from_xml_string(EntityDescriptor, xml_string) -#.................. # ['EntitiesDescriptor', 'EntitiesDescriptorType'] class EntitiesDescriptorType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:EntitiesDescriptorType @@ -2012,6 +2012,3 @@ ELEMENT_BY_TAG = { def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - - - diff --git a/src/saml2/mdbcache.py b/src/saml2/mdbcache.py index 6b294a4f..6da1b498 100644 --- a/src/saml2/mdbcache.py +++ b/src/saml2/mdbcache.py @@ -4,7 +4,6 @@ from pymongo.mongo_client import MongoClient __author__ = 'rolandh' -#import cjson import time from datetime import datetime diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py index 40f7232e..105d8509 100644 --- a/src/saml2/mdstore.py +++ b/src/saml2/mdstore.py @@ -1379,13 +1379,15 @@ class MetadataStore(MetaData): ext = self.__getitem__(entity_id)["extensions"] except KeyError: return res + for elem in ext["extension_elements"]: - if elem["__class__"] == classnames["mdattr_entityattributes"]: - for attr in elem["attribute"]: - if attr["name"] not in res: - res[attr["name"]] = [] - res[attr["name"]] += [v["text"] for v in attr[ - "attribute_value"]] + if elem["__class__"] != classnames["mdattr_entityattributes"]: + continue + for attr in elem["attribute"]: + res[attr["name"]] = [ + *res.get(attr["name"], []), + *(v["text"] for v in attr.get("attribute_value", [])) + ] return res def supported_algorithms(self, entity_id): diff --git a/src/saml2/population.py b/src/saml2/population.py index 7b3ffd39..37b36352 100644 --- a/src/saml2/population.py +++ b/src/saml2/population.py @@ -35,8 +35,9 @@ class Population(object): :param sources: Sources for information about the subject :return: """ - if not sources: # assume that all the members has be asked - # once before, hence they are represented in the cache + if not sources: + # assume that all the members has be asked + # once before, hence they are represented in the cache sources = self.cache.entities(name_id) sources = [m for m in sources if not self.cache.active(name_id, m)] return sources diff --git a/src/saml2/request.py b/src/saml2/request.py index 787af78f..30462f26 100644 --- a/src/saml2/request.py +++ b/src/saml2/request.py @@ -9,6 +9,8 @@ from saml2.validate import valid_instance from saml2.validate import NotValid from saml2.response import IncorrectlySigned from saml2.sigver import verify_redirect_signature +from saml2.s_utils import VersionMismatch + logger = logging.getLogger(__name__) diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py index 94389ff6..c230e0f6 100644 --- a/src/saml2/s2repoze/plugins/sp.py +++ b/src/saml2/s2repoze/plugins/sp.py @@ -386,8 +386,8 @@ class SAML2Plugin(object): 1 ] == "": query = parse.parse_qs(environ["QUERY_STRING"]) - sid = query["sid"][0] - came_from = self.outstanding_queries[sid] + result_sid = query["sid"][0] + came_from = self.outstanding_queries[result_sid] except: pass # remember the request diff --git a/src/saml2/s_utils.py b/src/saml2/s_utils.py index 9ffe0001..c2e8ef71 100644 --- a/src/saml2/s_utils.py +++ b/src/saml2/s_utils.py @@ -7,7 +7,6 @@ import logging import random import string import sys -import time import traceback import zlib @@ -215,7 +214,7 @@ def identity_attribute(form, attribute, forward_map=None): # default is name return attribute.name -#---------------------------------------------------------------------------- +# ---------------------------------------------------------------------------- def error_status_factory(info): diff --git a/src/saml2/saml.py b/src/saml2/saml.py index 6ddd913e..fa3afbc5 100644 --- a/src/saml2/saml.py +++ b/src/saml2/saml.py @@ -41,7 +41,7 @@ XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' NS_SOAP_ENC = "http://schemas.xmlsoap.org/soap/encoding/" # type definitions for xmlschemas XSI_TYPE = '{%s}type' % XSI_NAMESPACE -# nil type definition for xmlschemas +# nil type definition for xmlschemas XSI_NIL = '{%s}nil' % XSI_NAMESPACE # idp and sp communicate usually about a subject(NameID) @@ -89,7 +89,7 @@ NAMEID_FORMATS_SAML2 = ( # The specification was later updated with errata, and the new version is here: # https://www.oasis-open.org/committees/download.php/56782/sstc-saml-profiles-errata-2.0-wd-07.pdf -# XML based values for SAML attributes +# XML based values for SAML attributes PROFILE_ATTRIBUTE_BASIC = ( "urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic") @@ -349,7 +349,7 @@ class AttributeValueBase(SamlBase): if type(value) is str and valid_type is not str: try: value = to_type(value) - except (TypeError, ValueError, KeyError) as e: + except (TypeError, ValueError, KeyError): # the cast failed _wrong_type_value(xsd=xsd_type, value=value) diff --git a/src/saml2/server.py b/src/saml2/server.py index 1bcf7ead..3a12211a 100644 --- a/src/saml2/server.py +++ b/src/saml2/server.py @@ -6,7 +6,6 @@ or attribute authority (AA) may use to conclude its tasks. """ import logging -import os import importlib import dbm @@ -482,9 +481,6 @@ class Server(Entity): :return: A response instance """ - if farg is None: - assertion_args = {} - # if identity: _issuer = self._issuer(issuer) @@ -622,7 +618,7 @@ class Server(Entity): if attributes: restr = restriction_from_attribute_spec(attributes) - ast = filter_attribute_value_assertions(ast) + ast = filter_attribute_value_assertions(ast, restr) assertion = ast.construct( sp_entity_id, self.config.attribute_converters, policy, diff --git a/src/saml2/sigver.py b/src/saml2/sigver.py index 8c7a3f4c..af93c42d 100644 --- a/src/saml2/sigver.py +++ b/src/saml2/sigver.py @@ -3,6 +3,8 @@ Based on the use of xmlsec1 binaries and not the python xmlsec module. """ import base64 +import datetime +import dateutil import hashlib import itertools import logging diff --git a/src/saml2test/interaction.py b/src/saml2test/interaction.py index 941399e6..119d1289 100644 --- a/src/saml2test/interaction.py +++ b/src/saml2test/interaction.py @@ -44,11 +44,6 @@ class RResponse(): self._resp = resp self.index = 0 self.text = resp.text - if isinstance(self.text, unicode): - if resp.encoding == "UTF-8": - self.text = self.text.encode("utf-8") - else: - self.text = self.text.encode("latin-1") self._len = len(self.text) self.url = str(resp.url) self.statuscode = resp.status_code diff --git a/src/saml2test/opfunc.py b/src/saml2test/opfunc.py index 014f93ba..51c86ddb 100644 --- a/src/saml2test/opfunc.py +++ b/src/saml2test/opfunc.py @@ -245,10 +245,8 @@ def select_form(client, orig_response, content, **kwargs): _url = orig_response.url except KeyError: _url = kwargs["location"] - # content is a form to be filled in and returned - if isinstance(content, unicode): - content = content.encode("utf-8") + # content is a form to be filled in and returned response = DResponse(status=orig_response.status_code, url=_url) response.write(content) |