| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
Use html.escape when available
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | | |
|
| |\ \
| | |
| | | |
Make entity category imports more flexible
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This enhancement causes an entity category import to first be tried from
the general module search path, and if that fails then to fall back to
the current default of importing saml2.entity_category.<module>. This
allows deployers to overlay their own customized versions of entity
category modules like edugain.py that contain CoCo. This is helpful
since the list of attributes to be included as part of the entity
category may not be globally the same for all deployments. Such is the
case with CoCo where the list of attributes changes from federation to
federation and deployment to deployment.
|
| |\ \ \
| | | |
| | | | |
Add timestamps for ident mongodb documents
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
Check for an existing local-persistent NameID when retrieving it
|
| | | | |
| | | |
| | | |
| | | | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
Implement MongoDB version of function to look for an existing persistent
NameId for a user.
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
http://docs.oasis-open.org/security/saml/v2.0/errata05/os/saml-v2.0-errata05-os.html#__RefHeading__8058_1983180497:
"The use of the AllowCreate attribute MUST NOT be used and SHOULD be
ignored in conjunction with requests for or assertions issued with name
identifiers with a Format of
urn:oasis:names:tc:SAML:2.0:nameid-format:transient (they preclude any
such state in and of themselves)."
|
| |/ / |
|
| |/ |
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Using lxml.etree.tostring without encoding in python3 results in a unparsable
xml document. To fix this, we always set the encoding to UTF-8 and omit the xml
declaration. We then convert the result to the native string type before
returning it.
---
Our preferred encoding (in general) is `utf-8`. `lxml` defaults to `ASCII`, or
expects us to provide an encoding. Provided an encoding, `lxml` serializes the
tree-representation of the xml document by encoding it with that encoding. If
it is directed to include an xml declaration, it embeds that encoding in the
xml declaration as the `encoding` property.
(ie, `<?xml version='1.0' encoding='iso-8859-7'?>`)
`lxml` allows for some _special_ values as an encoding.
- In python2 those are: `"unicode"` and `unicode`.
- In python3 those are: `"unicode"` and `str`.
By specifying those values, the result will be _decoded_ from bytes to unicode
("unicode" is not an actual encoding; the actual encoding will be utf-8). The
encoding is already the _type_ of the result. This is why you are not allowed
to have an xml declaration for those cases. The result is not bytes that have
to be read by some encoding rules, but decoded data that their type dictates
how they are managed.
With the latest changes, what we do is:
1. we always encode the result as UTF-8
2. we do not include an xml declaration (because of _(3)_)
3. we convert to the native string type (that is `bytes`/`str` for Python2, and
`str` for Python3 (the equivalent of `unicode` in Python2)
The consumer of the result should expect to treat the result as utf8-encoded
bytes in Python2, and utf8-decoded string in Python3.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Previously there was no reliable way to know whether decryption failed. Now,
when decryption fails an DecryptError exception is raised containing the keys
that were tried to decrypt the given ciphertext.
The same refactoring is done to SecurityContext::decrypt_keys.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When xmlsec1 fails, it returns a non-zero returncode. The returncode was
checked only for values less than zero, and not greater than zero. This results
in situations where xmlsec1 fails to run a command, but the executation
continues as nothing failed. This happens to be ok, because, the result we
depend upon is coupled to xmlsec1's output stream. When xmlsec1 fails, the
output stream is empty and the error stream will have information relevant to
the failure cause.
Now, the check expects a returncode with value zero, otherwise an XmlsecError
exception is raised, to be handled by the caller up the stack.
This could have been a major security issue, but we stood lucky.
Special thanks to @pjsg for bringing this to our attention.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
| |
All callers set it to false, but one which calls the validation method itself
after the call to _run_xmlsec (which means that validation is done twice).
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
| |
_run_xmlsec function allowed to pass the kind of exception that would be raised
in case of error. This was parameter was ignored. As such, it is not needed and
is removed completely.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The application should control whether warnings should be visible or not. By
hardcoding the simplefilter we turn on warnings' visibility for all modules
that follow. Removing this allows the application code to decide if warnings
should be shown.
To enable warnings through the command line pass -Wd to the python interpreter.
Quoting the python warnings module documentation[0]:
> You can do this from the command-line by passing -Wd to the interpreter (this
> is shorthand for -W default). This enables default handling for all warnings,
> including those that are ignored by default. To change what action is taken
> for encountered warnings you simply change what argument is passed to -W,
> e.g. -W error. See the -W flag for more details on what is possible.
[0]: https://docs.python.org/2/library/warnings.html#updating-code-for-new-versions-of-python
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |\
| |
| | |
Enable signature verification for MDQ
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| | |
Add functionality to allow configuration of signature verification for
metadata obtained using the MDQ protocol. Support is limited to checking
the signature of a response containing a single entity and not multiple
entities.
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | |
| |
| |
| |
| |
| |
| | |
The html module is only available for python3. The cgi module provides almost
identical functionality and is present for both python2 and python3.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |/ |
|
| |
|
| |
Fixes IdentityPython/pysaml2#571
|
| | |
|
| |
|
|
|
|
|
| |
Assurance-certification and entity-category should be under the same
EntityAttributes elements.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
|
| |
metadata.do_contact_person_info does not need to reimplement loading of the
data given, as this is already implemented and more complete through
SamlBase::loadd
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
| |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |
|
|
|
|
|
| |
Add the ability to configure an SP to require either a signed response
or signed assertions.
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| |\
| |
| | |
Fix return format of Response._response
|
| | |
| |
| |
| | |
Signed-off-by: Ivan Kanakarakis <ivan.kanak@gmail.com>
|
| | | |
|
