本文整理汇总了Python中saml2.assertion.Policy类的典型用法代码示例。如果您正苦于以下问题:Python Policy类的具体用法?Python Policy怎么用?Python Policy使用的例子?那么恭喜您, 这里精选的类代码示例或许可以为您提供帮助。
在下文中一共展示了Policy类的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_ava_filter_1
def test_ava_filter_1():
conf = {
"default": {
"lifetime": {"minutes":15},
"attribute_restrictions": None # means all I have
},
"urn:mace:umu.se:saml:roland:sp": {
"lifetime": {"minutes": 5},
"attribute_restrictions":{
"givenName": None,
"surName": None,
"mail": [".*@.*\.umu\.se"],
}
}}
r = Policy(conf)
ava = {"givenName":"Derek",
"surName": "Jeter",
"mail":"[email protected]"}
ava = r.filter(ava,"urn:mace:umu.se:saml:roland:sp",None,None)
assert _eq(ava.keys(), ["givenName","surName"])
ava = {"givenName":"Derek",
"mail":"[email protected]"}
assert _eq(ava.keys(), ["givenName","mail"])示例2: test_ava_filter_dont_fail
def test_ava_filter_dont_fail():
conf = {
"default": {
"lifetime": {"minutes": 15},
"attribute_restrictions": None, # means all I have
"fail_on_missing_requested": False,
},
"urn:mace:umu.se:saml:roland:sp": {
"lifetime": {"minutes": 5},
"attribute_restrictions": {"givenName": None, "surName": None, "mail": [".*@.*\.umu\.se"]},
"fail_on_missing_requested": False,
},
}
policy = Policy(conf)
ava = {"givenName": "Derek", "surName": "Jeter", "mail": "[email protected]"}
# mail removed because it doesn't match the regular expression
# So it should fail if the 'fail_on_ ...' flag wasn't set
_ava = policy.filter(ava, "urn:mace:umu.se:saml:roland:sp", None, [mail], [gn, sn])
assert _ava
ava = {"givenName": "Derek", "surName": "Jeter"}
# it wasn't there to begin with
_ava = policy.filter(ava, "urn:mace:umu.se:saml:roland:sp", None, [gn, sn, mail])
assert _ava示例3: test_assertion_2
def test_assertion_2():
AVA = {'mail': u'[email protected]',
'eduPersonTargetedID': 'http://lingon.ladok.umu.se:8090/idp!http://lingon.ladok.umu.se:8088/sp!95e9ae91dbe62d35198fbbd5e1fb0976',
'displayName': u'Roland Hedberg',
'uid': 'http://roland.hedberg.myopenid.com/'}
ava = Assertion(AVA)
policy = Policy( {
"default": {
"lifetime": {"minutes": 240},
"attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI
},
})
ava = ava.apply_policy( "", policy )
acs = ac_factory("attributemaps")
attribute=from_local(acs, ava, policy.get_name_form(""))
assert len(attribute) == 4
names = [attr.name for attr in attribute]
assert _eq(names, ['urn:oid:0.9.2342.19200300.100.1.3',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.10',
'urn:oid:2.16.840.1.113730.3.1.241',
'urn:oid:0.9.2342.19200300.100.1.1'])示例4: test_filter_attribute_value_assertions_2
def test_filter_attribute_value_assertions_2(AVA):
p = Policy({
"default": {
"attribute_restrictions": {
"givenName": ["^R.*"],
}
}
})
ava = filter_attribute_value_assertions(AVA[0].copy(),
p.get_attribute_restriction(""))
print ava
assert _eq(ava.keys(), [])
ava = filter_attribute_value_assertions(AVA[1].copy(),
p.get_attribute_restriction(""))
print ava
assert _eq(ava.keys(), ["givenName"])
assert ava["givenName"] == ["Ryan"]
ava = filter_attribute_value_assertions(AVA[3].copy(),
p.get_attribute_restriction(""))
print ava
assert _eq(ava.keys(), ["givenName"])
assert ava["givenName"] == ["Roland"]示例5: test_req_opt
def test_req_opt():
req = [md.RequestedAttribute(friendly_name="surname", name="urn:oid:2.5.4.4",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="true"),
md.RequestedAttribute(friendly_name="givenname",
name="urn:oid:2.5.4.42",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="true"),
md.RequestedAttribute(friendly_name="edupersonaffiliation",
name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="true")]
opt = [md.RequestedAttribute(friendly_name="title",
name="urn:oid:2.5.4.12",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="false")]
policy = Policy()
ava = {'givenname': 'Roland', 'surname': 'Hedberg',
'uid': 'rohe0002', 'edupersonaffiliation': 'staff'}
sp_entity_id = "urn:mace:example.com:saml:curt:sp"
fava = policy.filter(ava, sp_entity_id, req, opt)
assert fava示例6: test_ava_filter_2
def test_ava_filter_2():
conf = {
"default": {
"lifetime": {"minutes": 15},
"attribute_restrictions": None # means all I have
},
"urn:mace:umu.se:saml:roland:sp": {
"lifetime": {"minutes": 5},
"attribute_restrictions": {
"givenName": None,
"sn": None,
"mail": [".*@.*\.umu\.se"],
}
}}
policy = Policy(conf)
ava = {"givenName": "Derek", "sn": "Jeter", "mail": "[email protected]"}
# mail removed because it doesn't match the regular expression
_ava = policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', None, [mail],
[gn, sn])
assert _eq(sorted(list(_ava.keys())), ["givenName", 'sn'])
ava = {"givenName": "Derek", "sn": "Jeter"}
# it wasn't there to begin with
try:
policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', None,
[gn, sn, mail])
except MissingValue:
pass示例7: test_filter_attribute_value_assertions_0
def test_filter_attribute_value_assertions_0(AVA):
p = Policy({"default": {"attribute_restrictions": {"surName": [".*berg"]}}})
ava = filter_attribute_value_assertions(AVA[3].copy(), p.get_attribute_restrictions(""))
print ava
assert ava.keys() == ["surName"]
assert ava["surName"] == ["Hedberg"]示例8: test_lifetime_2
def test_lifetime_2():
conf = {
"default": {"attribute_restrictions": None}, # means all I have
"urn:mace:umu.se:saml:roland:sp": {
"lifetime": {"minutes": 5},
"attribute_restrictions": {"givenName": None, "surName": None, "mail": [".*@.*\.umu\.se"]},
},
}
r = Policy(conf)
assert r is not None
assert r.get_lifetime("urn:mace:umu.se:saml:roland:sp") == {"minutes": 5}
assert r.get_lifetime("urn:mace:example.se:saml:sp") == {"hours": 1}示例9: test_req_opt
def test_req_opt():
req = [
to_dict(
md.RequestedAttribute(
friendly_name="surname",
name="urn:oid:2.5.4.4",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="true",
),
ONTS,
),
to_dict(
md.RequestedAttribute(
friendly_name="givenname",
name="urn:oid:2.5.4.42",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="true",
),
ONTS,
),
to_dict(
md.RequestedAttribute(
friendly_name="edupersonaffiliation",
name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="true",
),
ONTS,
),
]
opt = [
to_dict(
md.RequestedAttribute(
friendly_name="title",
name="urn:oid:2.5.4.12",
name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
is_required="false",
),
ONTS,
)
]
policy = Policy()
ava = {"givenname": "Roland", "surname": "Hedberg", "uid": "rohe0002", "edupersonaffiliation": "staff"}
sp_entity_id = "urn:mace:example.com:saml:curt:sp"
fava = policy.filter(ava, sp_entity_id, None, req, opt)
assert fava示例10: test_filter_attribute_value_assertions_1
def test_filter_attribute_value_assertions_1(AVA):
p = Policy({"default": {"attribute_restrictions": {"surName": None, "givenName": [".*er.*"]}}})
ava = filter_attribute_value_assertions(AVA[0].copy(), p.get_attribute_restrictions(""))
print ava
assert _eq(ava.keys(), ["givenName", "surName"])
assert ava["surName"] == ["Jeter"]
assert ava["givenName"] == ["Derek"]
ava = filter_attribute_value_assertions(AVA[1].copy(), p.get_attribute_restrictions(""))
print ava
assert _eq(ava.keys(), ["surName"])
assert ava["surName"] == ["Howard"]示例11: test_filter_ava
def test_filter_ava():
policy = Policy({
"default": {
"lifetime": {"minutes": 15},
#"attribute_restrictions": None # means all I have
"entity_categories": ["swamid"]
}
})
ava = {"givenName": ["Derek"], "sn": ["Jeter"],
"mail": ["[email protected]", "[email protected]"], "c": ["USA"]}
ava = policy.filter(ava, "https://connect.sunet.se/shibboleth", MDS)
assert _eq(list(ava.keys()), ['mail', 'givenName', 'sn', 'c'])
assert _eq(ava["mail"], ["[email protected]", "[email protected]"])示例12: test_filter_ava_0
def test_filter_ava_0():
policy = Policy(
{
"default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have
"urn:mace:example.com:saml:roland:sp": {"lifetime": {"minutes": 5}},
}
)
ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["[email protected]"]}
# No restrictions apply
ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp", [], [])
assert _eq(ava.keys(), ["givenName", "surName", "mail"])
assert ava["givenName"] == ["Derek"]
assert ava["surName"] == ["Jeter"]
assert ava["mail"] == ["[email protected]"]示例13: test_filter_ava_5
def test_filter_ava_5():
policy = Policy({
"default": {
"lifetime": {"minutes": 15},
#"attribute_restrictions": None # means all I have
"entity_categories": ["swamid", "edugain"]
}
})
ava = {"givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["[email protected]", "[email protected]"]}
ava = policy.filter(ava, "urn:mace:example.com:saml:curt:sp", None, [], [])
# using entity_categories means there *always* are restrictions
# in this case the only allowed attribute is eduPersonTargetedID
# which isn't available in the ava hence zip is returned.
assert ava == {}示例14: test_filter_ava2
def test_filter_ava2():
policy = Policy({
"default": {
"lifetime": {"minutes": 15},
#"attribute_restrictions": None # means all I have
"entity_categories": ["refeds", "edugain"]
}
})
ava = {"givenName": ["Derek"], "sn": ["Jeter"],
"mail": ["[email protected]"], "c": ["USA"],
"eduPersonTargetedID": "foo!bar!xyz"}
ava = policy.filter(ava, "https://connect.sunet.se/shibboleth", MDS)
# Mismatch, policy deals with eduGAIN, metadata says SWAMID
# So only minimum should come out
assert _eq(list(ava.keys()), ['eduPersonTargetedID'])示例15: test_filter_ava_4
def test_filter_ava_4():
""" Return everything as default policy is used """
policy = Policy(
{
"default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have
"urn:mace:example.com:saml:roland:sp": {
"lifetime": {"minutes": 5},
"attribute_restrictions": {"mail": [".*@example\.com$"]},
},
}
)
ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["[email protected]", "[email protected]"]}
# No restrictions apply
ava = policy.filter(ava, "urn:mace:example.com:saml:curt:sp", [], [])
assert _eq(ava.keys(), ["mail", "givenName", "surName"])
assert _eq(ava["mail"], ["[email protected]", "[email protected]"])