当前位置: 首页>>代码示例>>Python>>正文


Python authn_context.AuthnBroker类代码示例

本文整理汇总了Python中saml2.authn_context.AuthnBroker的典型用法代码示例。如果您正苦于以下问题:Python AuthnBroker类的具体用法?Python AuthnBroker怎么用?Python AuthnBroker使用的例子?那么, 这里精选的类代码示例或许可以为您提供帮助。


在下文中一共展示了AuthnBroker类的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。

示例1: test_authn_2

def test_authn_2():
    authn = AuthnBroker()
    target = "https://example.org/login"
    authn.add(AUTHNCTXT, target, 10, "https://example.org")

    result = authn.pick(REQAUTHNCTXT)
    assert len(result) == 1
    method, reference = result[0]
    assert target == method
开发者ID:Amli,项目名称:pysaml2,代码行数:9,代码来源:test_77_authn_context.py

示例2: test_authn_1

def test_authn_1():
    ac = authn_context_class_ref(PASSWORDPROTECTEDTRANSPORT)
    rac = requested_authn_context(PASSWORDPROTECTEDTRANSPORT)
    authn = AuthnBroker()
    target = "https://example.org/login"
    authn.add(ac, target, 1, "http://www.example.com")

    result = authn.pick(rac)
    assert len(result) == 1
    method, reference = result[0]
    assert target == method
开发者ID:Amli,项目名称:pysaml2,代码行数:11,代码来源:test_77_authn_context.py

示例3: main

def main():
    global IDP
    global AUTHN_BROKER
    global LOOKUP
    global args
    sys.path.insert(0, os.getcwd())
    from wsgiref.simple_server import make_server

    parser = argparse.ArgumentParser()
    parser.add_argument('-p', dest='path', help='Path to configuration file.')
    parser.add_argument('-v', dest='valid',
                        help="How long, in days, the metadata is valid from the time of creation")
    parser.add_argument('-c', dest='cert', help='certificate')
    parser.add_argument('-i', dest='id',
                        help="The ID of the entities descriptor")
    parser.add_argument('-k', dest='keyfile',
                        help="A file with a key to sign the metadata with")
    parser.add_argument('-n', dest='name')
    parser.add_argument('-s', dest='sign', action='store_true',
                        help="sign the metadata")
    parser.add_argument('-m', dest='mako_root', default="./")
    parser.add_argument(dest="config")
    args = parser.parse_args()

    AUTHN_BROKER = AuthnBroker()
    AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
                     username_password_authn, 10,
                     "http://%s" % socket.gethostname())
    AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
                     "", 0, "http://%s" % socket.gethostname())
    CONFIG = importlib.import_module(args.config)
    IDP = server.Server(args.config, cache=Cache())
    IDP.ticket = {}

    _rot = args.mako_root
    LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'],
                            module_directory=_rot + 'modules',
                            input_encoding='utf-8', output_encoding='utf-8')

    HOST = CONFIG.HOST
    PORT = CONFIG.PORT

    SRV = make_server(HOST, PORT, application)
    print "IdP listening on %s:%s" % (HOST, PORT)
    SRV.serve_forever()
开发者ID:its-dirg,项目名称:pefim_idp,代码行数:45,代码来源:server.py

示例4: test_authn_3

def test_authn_3():
    authn = AuthnBroker()
    level = 0
    for ref in [AL1, AL2, AL3, AL4]:
        level += 4
        ac = authn_context_class_ref(ref)

        authn.add(ac, REF2METHOD[ref], level,
                  "https://www.example.com/%s" % "al%d" % level)

    rac = requested_authn_context(AL1, "minimum")

    info = authn.pick(rac)
    assert len(info) == 4
    method, ref = info[0]
    assert REF2METHOD[AL1] == method

    rac = requested_authn_context(AL2, "minimum")

    info = authn.pick(rac)
    assert len(info) == 3
    method, ref = info[0]
    assert REF2METHOD[AL2] == method

    rac = requested_authn_context(AL3, "minimum")

    info = authn.pick(rac)
    assert len(info) == 2
    method, ref = info[0]
    assert REF2METHOD[AL3] == method

    rac = requested_authn_context(AL4, "minimum")

    info = authn.pick(rac)
    assert len(info) == 1
    method, ref = info[0]
    assert REF2METHOD[AL4] == method

    rac = requested_authn_context(AL1, "exact")

    info = authn.pick(rac)
    assert len(info) == 1
    method, ref = info[0]
    assert REF2METHOD[AL1] == method

    rac = requested_authn_context(AL1, "better")

    info = authn.pick(rac)
    assert len(info) == 3
开发者ID:Ratler,项目名称:pysaml2,代码行数:49,代码来源:test_77_authn_context.py

示例5: handle_authn_request

    def handle_authn_request(self, saml_request, relay_state, binding, userid):

        self.authn_req = self.idp.parse_authn_request(saml_request, binding)
        _encrypt_cert = encrypt_cert_from_item(self.authn_req.message)

        self.binding_out, self.destination = self.idp.pick_binding(
                                                                    "assertion_consumer_service",
                                                                    bindings=None,
                                                                    entity_id=self.authn_req.message.issuer.text,
                                                                    request=self.authn_req.message)
        resp_args = self.idp.response_args(self.authn_req.message)
        AUTHN_BROKER = AuthnBroker()
        AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
                         username_password_authn_dummy,
                         10,
                         "http://test.idp.se")
        AUTHN_BROKER.get_authn_by_accr(PASSWORD)
        resp_args["authn"] = AUTHN_BROKER.get_authn_by_accr(PASSWORD)
        _resp = self.idp.create_authn_response(TestIdP.USERS[userid],
                                               userid=userid,
                                               encrypt_cert=_encrypt_cert,
                                               encrypt_assertion_self_contained=True,
                                               encrypted_advice_attributes=True,
                                               **resp_args)
        kwargs = {}
        http_args = self.idp.apply_binding(BINDING_HTTP_POST,
                                           "%s" % _resp,
                                           self.destination,
                                           relay_state,
                                           response=True,
                                           **kwargs)
        action, body = get_post_action_body(http_args["data"][3])
        return action, urllib.urlencode(body)
开发者ID:rhoerbe,项目名称:pefim-proxy,代码行数:33,代码来源:TestIdP.py

示例6: outgoing

    def outgoing(self, response, org_response, instance):
        """
        An authentication response has been received and now an authentication
        response from this server should be constructed.

        :param response: The Authentication response
        :param instance: SP instance that received the authentication response
        :return: response
        """

        _idp = self.create_SamlIDP(instance.environ, instance.start_response, self.outgoing)

        _state = instance.sp.state[response.in_response_to]
        orig_authn_req, relay_state, req_args = instance.sp.state[_state]

        # The Subject NameID
        try:
            subject = response.get_subject()
        except:
            pass

        resp_args = _idp.idp.response_args(orig_authn_req)


        try:
            _authn_info = response.authn_info()[0]
            AUTHN_BROKER = AuthnBroker()
            AUTHN_BROKER.add(authn_context_class_ref(_authn_info[0]), username_password_authn_dummy, 0, self.issuer)
            _authn = AUTHN_BROKER.get_authn_by_accr(_authn_info[0])
            #_authn = {"class_ref": _authn_info[0], "authn_auth": self.issuer}
        except:
            AUTHN_BROKER = AuthnBroker()
            AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), username_password_authn_dummy, 0, self.issuer)
            _authn = AUTHN_BROKER.get_authn_by_accr(UNSPECIFIED)

        identity = response.ava

        if identity is None and response.response.encrypted_assertion is not None:
            #Add dummy value
            identity = {"uid": "dummyuser"}

        # Will signed the response by default
        resp = _idp.construct_authn_response(identity, userid="dummyuser",
                                             authn=_authn, name_id=None, resp_args=resp_args,
                                             relay_state=relay_state, sign_response=True,
                                             org_resp=response, org_xml_response=org_response)

        return resp
开发者ID:rhoerbe,项目名称:pefim-proxy,代码行数:48,代码来源:server.py

示例7: handle_auth_req

    def handle_auth_req(self, saml_request, relay_state, binding, userid,
                        response_binding=BINDING_HTTP_POST):
        """
        Handles a SAML request, validates and creates a SAML response.
        :type saml_request: str
        :type relay_state: str
        :type binding: str
        :type userid: str
        :rtype:

        :param saml_request:
        :param relay_state: RelayState is a parameter used by some SAML protocol implementations to
        identify the specific resource at the resource provider in an IDP initiated single sign on
        scenario.
        :param binding:
        :param userid: The user identification.
        :return: A tuple with
        """
        auth_req = self.parse_authn_request(saml_request, binding)
        binding_out, destination = self.pick_binding(
            'assertion_consumer_service',
            bindings=[response_binding],
            entity_id=auth_req.message.issuer.text, request=auth_req.message)

        resp_args = self.response_args(auth_req.message)
        authn_broker = AuthnBroker()
        authn_broker.add(authn_context_class_ref(PASSWORD), lambda: None, 10,
                         'unittest_idp.xml')
        authn_broker.get_authn_by_accr(PASSWORD)
        resp_args['authn'] = authn_broker.get_authn_by_accr(PASSWORD)

        _resp = self.create_authn_response(self.user_db[userid],
                                           userid=userid,
                                           **resp_args)

        if response_binding == BINDING_HTTP_POST:
            saml_response = base64.b64encode(str(_resp).encode("utf-8"))
            resp = {"SAMLResponse": saml_response, "RelayState": relay_state}
        elif response_binding == BINDING_HTTP_REDIRECT:
            http_args = self.apply_binding(response_binding, '%s' % _resp,
                                           destination, relay_state, response=True)
            resp = dict(parse_qsl(urlparse(dict(http_args["headers"])["Location"]).query))

        return destination, resp
开发者ID:its-dirg,项目名称:SATOSA,代码行数:44,代码来源:util.py

示例8: __create_authn_response

    def __create_authn_response(self, saml_request, relay_state, binding,
                                userid, response_binding=BINDING_HTTP_POST):
        """
        Handles a SAML request, validates and creates a SAML response but
        does not apply the binding to encode it.
        :type saml_request: str
        :type relay_state: str
        :type binding: str
        :type userid: str
        :rtype: tuple [string, saml2.samlp.Response]

        :param saml_request:
        :param relay_state: RelayState is a parameter used by some SAML
        protocol implementations to identify the specific resource at the
        resource provider in an IDP initiated single sign on scenario.
        :param binding:
        :param userid: The user identification.
        :return: A tuple containing the destination and instance of
        saml2.samlp.Response
        """
        auth_req = self.parse_authn_request(saml_request, binding)
        binding_out, destination = self.pick_binding(
            'assertion_consumer_service',
            bindings=[response_binding],
            entity_id=auth_req.message.issuer.text, request=auth_req.message)

        resp_args = self.response_args(auth_req.message)
        authn_broker = AuthnBroker()
        authn_broker.add(authn_context_class_ref(PASSWORD), lambda: None, 10,
                         'unittest_idp.xml')
        authn_broker.get_authn_by_accr(PASSWORD)
        resp_args['authn'] = authn_broker.get_authn_by_accr(PASSWORD)

        resp = self.create_authn_response(self.user_db[userid],
                                          userid=userid,
                                          **resp_args)

        return destination, resp
开发者ID:SUNET,项目名称:SATOSA,代码行数:38,代码来源:util.py

示例9: handle_auth_req

    def handle_auth_req(self, saml_request, relay_state, binding, userid):
        auth_req = self.parse_authn_request(saml_request, binding)
        binding_out, destination = self.pick_binding(
            'assertion_consumer_service',
            entity_id=auth_req.message.issuer.text, request=auth_req.message)

        resp_args = self.response_args(auth_req.message)
        authn_broker = AuthnBroker()
        authn_broker.add(authn_context_class_ref(PASSWORD), lambda: None, 10,
                         'unittest_idp.xml')
        authn_broker.get_authn_by_accr(PASSWORD)
        resp_args['authn'] = authn_broker.get_authn_by_accr(PASSWORD)

        _resp = self.create_authn_response(self.user_db[userid],
                                           userid=userid,
                                           **resp_args)

        http_args = self.apply_binding(BINDING_HTTP_POST, '%s' % _resp,
                                       destination, relay_state, response=True)
        url = http_args['url']
        saml_response = base64.b64encode(str(_resp).encode("utf-8"))
        resp = {'SAMLResponse': saml_response, 'RelayState': relay_state}
        return url, resp
开发者ID:ibrsp,项目名称:s2sproxy,代码行数:23,代码来源:test_util.py

示例10: type

# allow uwsgi or gunicorn mount
# by moving some initialization out of __name__ == '__main__' section.
# uwsgi -s 0.0.0.0:8088 --protocol http --callable application --module idp

args = type('Config', (object,), { })
args.config = 'idp_conf'
args.mako_root = './'
args.path = None

import socket
from idp_user import USERS
from idp_user import EXTRA
from mako.lookup import TemplateLookup

AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
                 username_password_authn, 10,
                 "http://%s" % socket.gethostname())
AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
                 "", 0, "http://%s" % socket.gethostname())

IDP = server.Server(args.config, cache=Cache())
IDP.ticket = {}

# ----------------------------------------------------------------------------

if __name__ == '__main__':
    from wsgiref.simple_server import make_server

    parser = argparse.ArgumentParser()
开发者ID:lvanderree,项目名称:pysaml2-3,代码行数:30,代码来源:idp.py

示例11: setup_authn_broker

 def setup_authn_broker(self, base_url, sphandler, authorization):
     ab = AuthnBroker()
     sphandler.sp_authentication = SpAuthentication(self, sphandler)
     cas_auth = CasAuth(self, self.cas_server, self.service_url)
     password_auth = PasswordYubikeyAuth(self, self.passwd, password=True,
                                         yubikey=False)
     yubikey_auth = PasswordYubikeyAuth(self, self.passwd, password=False,
                                        yubikey=True)
     password_yubikey_auth = PasswordYubikeyAuth(self, self.passwd, password=True,
                                                 yubikey=True)
     for authkey, value in authorization.items():
         level = str(value[IdPHandler.AUTHORIZATION_WEIGHT])
         url = value[IdPHandler.AUTHORIZATION_URL]
         acr = value[IdPHandler.AUTHORIZATION_ACR]
         user_info = value[IdPHandler.AUTHORIZATION_USER_INFO]
         if authkey == IdPHandler.AUTHORIZATION_SAML:
             sphandler.sp_authentication.user_info(user_info)
             ab.add(acr, sphandler.sp_authentication, level, url)
         elif authkey == IdPHandler.AUTHORIZATION_CAS:
             cas_auth.user_info(user_info)
             ab.add(acr, cas_auth, level, url)
         elif authkey == IdPHandler.AUTHORIZATION_PASSWORD_YUBIKEY:
             password_yubikey_auth.user_info(user_info)
             ab.add(acr, password_yubikey_auth, level, url)
         elif authkey == IdPHandler.AUTHORIZATION_PASSWORD:
             password_auth.user_info(user_info)
             ab.add(acr, password_auth, level, url)
         elif authkey == IdPHandler.AUTHORIZATION_YUBIKEY:
             yubikey_auth.user_info(user_info)
             ab.add(acr, yubikey_auth, level, url)
         elif authkey == IdPHandler.AUTHORIZATION_MULTIPLEAUTHN:
             authn_list = []
             for m_items in value[IdPHandler.AUTHENTICATION_AUTHNLIST]:
                 m_authkey = m_items[IdPHandler.AUTHORIZATION_ACR]
                 if m_authkey == IdPHandler.AUTHORIZATION_SAML:
                     authn_list.append(sphandler.sp_authentication)
                 elif m_authkey == IdPHandler.AUTHORIZATION_CAS:
                     authn_list.append(cas_auth)
                 elif m_authkey == IdPHandler.AUTHORIZATION_PASSWORD_YUBIKEY:
                     authn_list.append(password_yubikey_auth)
                 elif m_authkey == IdPHandler.AUTHORIZATION_PASSWORD:
                     authn_list.append(password_auth)
                 elif m_authkey == IdPHandler.AUTHORIZATION_YUBIKEY:
                     authn_list.append(yubikey_auth)
             ab.add(acr, MultipleAuthentication(self, authn_list, user_info), level, url)
         else:
             ab.add(authn_context_class_ref(UNSPECIFIED), UnspecifiedAuth(self), level, url)
     return ab
开发者ID:rhoerbe,项目名称:IdProxy,代码行数:48,代码来源:handler.py

示例12: AuthnBroker

                             "the time of creation")
    parser.add_argument('-c', dest='cert', help='certificate')
    parser.add_argument('-i', dest='id',
                        help="The ID of the entities descriptor")
    parser.add_argument('-k', dest='keyfile',
                        help="A file with a key to sign the metadata with")
    parser.add_argument('-n', dest='name')
    parser.add_argument('-s', dest='sign', action='store_true',
                        help="sign the metadata")
    parser.add_argument('-m', dest='mako_root', default="./")
    parser.add_argument(dest="config")
    args = parser.parse_args()

    CONFIG = importlib.import_module(args.config)

    AUTHN_BROKER = AuthnBroker()
    AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
                     username_password_authn, 10,
                     CONFIG.BASE)
    AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
                     "", 0, CONFIG.BASE)

    IDP = server.Server(args.config, cache=Cache())
    IDP.ticket = {}

    _rot = args.mako_root
    LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'],
                            module_directory=_rot + 'modules',
                            input_encoding='utf-8', output_encoding='utf-8')

    HOST = CONFIG.HOST
开发者ID:pombredanne,项目名称:pysaml2,代码行数:31,代码来源:idp.py

示例13: main

def main():
    global IDP
    global AUTHN_BROKER
    global LOOKUP
    global args
    global CONFIG
    global USERS
    global PASSWD
    global EXTRA
    sys.path.insert(0, os.getcwd())
    from wsgiref.simple_server import make_server

    parser = argparse.ArgumentParser()
    parser.add_argument('-p', dest='path', help='Path to configuration file.')
    parser.add_argument('-v', dest='valid',
                        help="How long, in days, the metadata is valid from the time of creation")
    parser.add_argument('-c', dest='cert', help='certificate')
    parser.add_argument('-i', dest='id',
                        help="The ID of the entities descriptor")
    parser.add_argument('-k', dest='keyfile',
                        help="A file with a key to sign the metadata with")
    parser.add_argument('-n', dest='name')
    parser.add_argument('-s', dest='sign', action='store_true',
                        help="sign the metadata")
    parser.add_argument('-m', dest='mako_root', default="./")
    parser.add_argument(dest="config")
    args = parser.parse_args()

    AUTHN_BROKER = AuthnBroker()
    AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
                     username_password_authn, 10,
                     "http://%s" % socket.gethostname())
    AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
                     "", 0, "http://%s" % socket.gethostname())
    CONFIG = importlib.import_module(args.config)

    USERS = CONFIG.USERS
    PASSWD = CONFIG.PASSWD
    EXTRA = CONFIG.EXTRA

    IDP = server.Server(args.config, cache=Cache())
    IDP.ticket = {}

    _rot = args.mako_root
    LOOKUP = TemplateLookup(directories=[_rot + 'htdocs', _rot + 'htdocs'],
                            module_directory=_rot + 'modules',
                            input_encoding='utf-8', output_encoding='utf-8')

    HOST = CONFIG.HOST
    PORT = CONFIG.PORT

    #SRV = make_server(HOST, PORT, application)

    SRV = wsgiserver.CherryPyWSGIServer(('0.0.0.0', PORT), application)
    make_server

    if CONFIG.HTTPS:
        SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(CONFIG.SERVER_CERT, CONFIG.SERVER_KEY,
                                                         CONFIG.CERT_CHAIN)

    print "IdP listening on %s:%s" % (HOST, PORT)
    try:
        SRV.start()
    except KeyboardInterrupt:
        SRV.stop()
开发者ID:its-dirg,项目名称:pefim_idp,代码行数:65,代码来源:server.py


注:本文中的saml2.authn_context.AuthnBroker类示例由纯净天空整理自Github/MSDocs等开源代码及文档管理平台,相关代码片段筛选自各路编程大神贡献的开源项目,源码版权归原作者所有,传播和使用请参考对应项目的License;未经允许,请勿转载。