diff options
-rw-r--r-- | src/saml2/discovery.py | 4 | ||||
-rw-r--r-- | src/saml2/ecp_client.py | 2 | ||||
-rw-r--r-- | src/saml2/httputil.py | 5 | ||||
-rw-r--r-- | src/saml2/pack.py | 9 | ||||
-rw-r--r-- | src/saml2/s2repoze/plugins/sp.py | 8 | ||||
-rw-r--r-- | tests/fakeIDP.py | 2 | ||||
-rw-r--r-- | tests/test_50_server.py | 15 | ||||
-rw-r--r-- | tests/test_51_client.py | 25 | ||||
-rw-r--r-- | tests/test_64_artifact.py | 4 | ||||
-rw-r--r-- | tests/test_65_authn_query.py | 2 | ||||
-rw-r--r-- | tests/test_70_redirect_signing.py | 4 |
11 files changed, 26 insertions, 54 deletions
diff --git a/src/saml2/discovery.py b/src/saml2/discovery.py index 5d89f6b7..cef8ff34 100644 --- a/src/saml2/discovery.py +++ b/src/saml2/discovery.py @@ -1,6 +1,4 @@ -from urllib import urlencode -from urlparse import parse_qs -from urlparse import urlparse +from six.moves.urllib.parse import urlencode, parse_qs, urlparse from saml2.entity import Entity from saml2.response import VerificationError diff --git a/src/saml2/ecp_client.py b/src/saml2/ecp_client.py index d3dd757d..c41a046a 100644 --- a/src/saml2/ecp_client.py +++ b/src/saml2/ecp_client.py @@ -7,7 +7,7 @@ Contains a class that can do SAML ECP Authentication for other python programs. """ -import cookielib +from six.moves import http_cookiejar as cookielib import logging from saml2 import soap diff --git a/src/saml2/httputil.py b/src/saml2/httputil.py index 88c8f391..360982d5 100644 --- a/src/saml2/httputil.py +++ b/src/saml2/httputil.py @@ -5,9 +5,8 @@ import time import cgi import six -from urllib import quote -from urlparse import parse_qs -from Cookie import SimpleCookie +from six.moves.urllib.parse import quote, parse_qs +from six.moves.http_cookies import SimpleCookie from saml2 import BINDING_HTTP_ARTIFACT, SAMLError from saml2 import BINDING_HTTP_REDIRECT diff --git a/src/saml2/pack.py b/src/saml2/pack.py index 43cfadc6..b2c9c45f 100644 --- a/src/saml2/pack.py +++ b/src/saml2/pack.py @@ -10,10 +10,9 @@ Bindings normally consists of three parts: - how to package the information - which protocol to use """ -from six.moves.urllib.parse import urlparse +from six.moves.urllib.parse import urlparse, urlencode import saml2 import base64 -import urllib from saml2.s_utils import deflate_and_base64_encode from saml2.s_utils import Unsupported import logging @@ -126,12 +125,12 @@ def http_redirect_message(message, location, relay_state="", typ="SAMLRequest", except: raise Unsupported("Signing algorithm") else: - string = "&".join([urllib.urlencode({k: args[k]}) + string = "&".join([urlencode({k: args[k]}) for k in _order if k in args]) args["Signature"] = base64.b64encode(signer.sign(string, key)) - string = urllib.urlencode(args) + string = urlencode(args) else: - string = urllib.urlencode(args) + string = urlencode(args) glue_char = "&" if urlparse(location).query else "?" login_url = glue_char.join([location, string]) diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py index 63d4f663..190caab2 100644 --- a/src/saml2/s2repoze/plugins/sp.py +++ b/src/saml2/s2repoze/plugins/sp.py @@ -13,11 +13,11 @@ import shelve import traceback import saml2 import six -from urlparse import parse_qs, urlparse +from six.moves.urllib.parse import parse_qs, urlparse from saml2.samlp import Extensions from saml2 import xmldsig as ds -from StringIO import StringIO +from six import StringIO from paste.httpexceptions import HTTPSeeOther, HTTPRedirection from paste.httpexceptions import HTTPNotImplemented @@ -27,7 +27,7 @@ from paste.request import construct_url from saml2.extension.pefim import SPCertEnc from saml2.httputil import SeeOther from saml2.client_base import ECP_SERVICE -from zope.interface import implements +from zope.interface import implementer from repoze.who.interfaces import IChallenger, IIdentifier, IAuthenticator from repoze.who.interfaces import IMetadataProvider @@ -80,8 +80,8 @@ class ECP_response(object): return [self.content] +@implementer(IChallenger, IIdentifier, IAuthenticator, IMetadataProvider) class SAML2Plugin(object): - implements(IChallenger, IIdentifier, IAuthenticator, IMetadataProvider) def __init__(self, rememberer_name, config, saml_client, wayf, cache, sid_store=None, discovery="", idp_query_param="", diff --git a/tests/fakeIDP.py b/tests/fakeIDP.py index 1df910e2..123c347a 100644 --- a/tests/fakeIDP.py +++ b/tests/fakeIDP.py @@ -1,4 +1,4 @@ -from urlparse import parse_qs +from six.moves.urllib.parse import parse_qs from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.samlp import attribute_query_from_string, logout_request_from_string from saml2 import BINDING_HTTP_REDIRECT, pack diff --git a/tests/test_50_server.py b/tests/test_50_server.py index 04a56096..072d4528 100644 --- a/tests/test_50_server.py +++ b/tests/test_50_server.py @@ -3,7 +3,7 @@ import base64 import os from contextlib import closing -from urlparse import parse_qs +from six.moves.urllib.parse import parse_qs import uuid from saml2.cert import OpenSSLWrapper @@ -540,7 +540,6 @@ class TestServer1(): encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, - #encrypted_advice_attributes=True, encrypt_cert_advice=cert_str, ) @@ -680,7 +679,6 @@ class TestServer1(): sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str, ) @@ -741,7 +739,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str_advice, ) @@ -774,7 +771,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str_advice, ) @@ -867,7 +863,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True ) @@ -900,7 +895,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str_advice, encrypt_cert_assertion=cert_str_assertion @@ -935,7 +929,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True ) @@ -965,7 +958,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", encrypt_cert_assertion="whatever" @@ -987,7 +979,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", ) @@ -1030,7 +1021,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", encrypt_cert_assertion="whatever" @@ -1052,7 +1042,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice="whatever", ) @@ -1095,7 +1084,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, ) @@ -1111,7 +1099,6 @@ class TestServer1(): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True ) diff --git a/tests/test_51_client.py b/tests/test_51_client.py index e69e337b..29f11261 100644 --- a/tests/test_51_client.py +++ b/tests/test_51_client.py @@ -5,7 +5,8 @@ import base64 import uuid import six import urllib -import urlparse +from six.moves.urllib.parse import parse_qs +from six.moves.urllib.parse import urlparse from saml2.cert import OpenSSLWrapper from saml2.xmldsig import SIG_RSA_SHA256 from saml2 import BINDING_HTTP_POST @@ -415,7 +416,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -423,7 +423,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_advice=cert_str ) @@ -453,7 +452,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -461,7 +459,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=False, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, ) @@ -490,7 +487,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -498,7 +494,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, ) @@ -535,7 +530,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -543,7 +537,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_assertion=cert_str ) @@ -589,7 +582,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -597,7 +589,6 @@ class TestClient: sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - #encrypted_advice_attributes=True, pefim=True, encrypt_cert_assertion=cert_assertion_str, encrypt_cert_advice=cert_advice_str @@ -628,7 +619,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -672,7 +662,6 @@ class TestClient: in_response_to="id1", destination="http://lingon.catalogix.se:8087/", sp_entity_id="urn:mace:example.com:saml:roland:sp", - #name_id_policy=nameid_policy, name_id=self.name_id, userid="foba0001@example.com", authn=AUTHN, @@ -1177,7 +1166,7 @@ class TestClient: relay_state="relay2", sigalg=SIG_RSA_SHA256, key=key) loc = info["headers"][0][1] - qs = urlparse.parse_qs(loc[1:]) + qs = parse_qs(loc[1:]) assert _leq(qs.keys(), ['SigAlg', 'SAMLRequest', 'RelayState', 'Signature']) @@ -1214,8 +1203,8 @@ class TestClientWithDummy(): assert http_args["headers"][0][0] == "Location" assert http_args["data"] == [] redirect_url = http_args["headers"][0][1] - _, _, _, _, qs, _ = urlparse.urlparse(redirect_url) - qs_dict = urlparse.parse_qs(qs) + _, _, _, _, qs, _ = urlparse(redirect_url) + qs_dict = parse_qs(qs) req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], binding) resp_args = self.server.response_args(req.message, [response_binding]) @@ -1234,8 +1223,8 @@ class TestClientWithDummy(): assert http_args["headers"][0][0] == "Location" assert http_args["data"] == [] redirect_url = http_args["headers"][0][1] - _, _, _, _, qs, _ = urlparse.urlparse(redirect_url) - qs_dict = urlparse.parse_qs(qs) + _, _, _, _, qs, _ = urlparse(redirect_url) + qs_dict = parse_qs(qs) req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], binding) resp_args = self.server.response_args(req.message, [response_binding]) diff --git a/tests/test_64_artifact.py b/tests/test_64_artifact.py index 1665e220..52a60960 100644 --- a/tests/test_64_artifact.py +++ b/tests/test_64_artifact.py @@ -1,8 +1,8 @@ import base64 from contextlib import closing from hashlib import sha1 -from urlparse import urlparse -from urlparse import parse_qs +from six.moves.urllib.parse import urlparse +from six.moves.urllib.parse import parse_qs from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_SOAP from saml2 import BINDING_HTTP_POST diff --git a/tests/test_65_authn_query.py b/tests/test_65_authn_query.py index 6b009e38..54d529f8 100644 --- a/tests/test_65_authn_query.py +++ b/tests/test_65_authn_query.py @@ -1,5 +1,5 @@ from contextlib import closing -from urlparse import urlparse, parse_qs +from six.moves.urllib.parse import urlparse, parse_qs from saml2 import BINDING_SOAP, BINDING_HTTP_POST __author__ = 'rolandh' diff --git a/tests/test_70_redirect_signing.py b/tests/test_70_redirect_signing.py index cb2ca0c3..58a2fdbb 100644 --- a/tests/test_70_redirect_signing.py +++ b/tests/test_70_redirect_signing.py @@ -7,7 +7,7 @@ from saml2.server import Server from saml2 import BINDING_HTTP_REDIRECT from saml2.client import Saml2Client from saml2.config import SPConfig -from urlparse import parse_qs +from six.moves.urllib.parse import parse_qs from pathutils import dotname @@ -54,4 +54,4 @@ def test(): if __name__ == "__main__": - test()
\ No newline at end of file + test() |