本文整理汇总了Python中saml2.authn_context.AuthnBroker.add方法的典型用法代码示例。如果您正苦于以下问题:Python AuthnBroker.add方法的具体用法?Python AuthnBroker.add怎么用?Python AuthnBroker.add使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.authn_context.AuthnBroker
的用法示例。
在下文中一共展示了AuthnBroker.add方法的13个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: handle_authn_request
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def handle_authn_request(self, saml_request, relay_state, binding, userid):
self.authn_req = self.idp.parse_authn_request(saml_request, binding)
_encrypt_cert = encrypt_cert_from_item(self.authn_req.message)
self.binding_out, self.destination = self.idp.pick_binding(
"assertion_consumer_service",
bindings=None,
entity_id=self.authn_req.message.issuer.text,
request=self.authn_req.message)
resp_args = self.idp.response_args(self.authn_req.message)
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
username_password_authn_dummy,
10,
"http://test.idp.se")
AUTHN_BROKER.get_authn_by_accr(PASSWORD)
resp_args["authn"] = AUTHN_BROKER.get_authn_by_accr(PASSWORD)
_resp = self.idp.create_authn_response(TestIdP.USERS[userid],
userid=userid,
encrypt_cert=_encrypt_cert,
encrypt_assertion_self_contained=True,
encrypted_advice_attributes=True,
**resp_args)
kwargs = {}
http_args = self.idp.apply_binding(BINDING_HTTP_POST,
"%s" % _resp,
self.destination,
relay_state,
response=True,
**kwargs)
action, body = get_post_action_body(http_args["data"][3])
return action, urllib.urlencode(body)
示例2: test_authn_2
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def test_authn_2():
authn = AuthnBroker()
target = "https://example.org/login"
authn.add(AUTHNCTXT, target, 10, "https://example.org")
result = authn.pick(REQAUTHNCTXT)
assert len(result) == 1
method, reference = result[0]
assert target == method
示例3: test_authn_1
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def test_authn_1():
ac = authn_context_class_ref(PASSWORDPROTECTEDTRANSPORT)
rac = requested_authn_context(PASSWORDPROTECTEDTRANSPORT)
authn = AuthnBroker()
target = "https://example.org/login"
authn.add(ac, target, 1, "http://www.example.com")
result = authn.pick(rac)
assert len(result) == 1
method, reference = result[0]
assert target == method
示例4: test_authn_3
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def test_authn_3():
authn = AuthnBroker()
level = 0
for ref in [AL1, AL2, AL3, AL4]:
level += 4
ac = authn_context_class_ref(ref)
authn.add(ac, REF2METHOD[ref], level,
"https://www.example.com/%s" % "al%d" % level)
rac = requested_authn_context(AL1, "minimum")
info = authn.pick(rac)
assert len(info) == 4
method, ref = info[0]
assert REF2METHOD[AL1] == method
rac = requested_authn_context(AL2, "minimum")
info = authn.pick(rac)
assert len(info) == 3
method, ref = info[0]
assert REF2METHOD[AL2] == method
rac = requested_authn_context(AL3, "minimum")
info = authn.pick(rac)
assert len(info) == 2
method, ref = info[0]
assert REF2METHOD[AL3] == method
rac = requested_authn_context(AL4, "minimum")
info = authn.pick(rac)
assert len(info) == 1
method, ref = info[0]
assert REF2METHOD[AL4] == method
rac = requested_authn_context(AL1, "exact")
info = authn.pick(rac)
assert len(info) == 1
method, ref = info[0]
assert REF2METHOD[AL1] == method
rac = requested_authn_context(AL1, "better")
info = authn.pick(rac)
assert len(info) == 3
示例5: outgoing
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def outgoing(self, response, org_response, instance):
"""
An authentication response has been received and now an authentication
response from this server should be constructed.
:param response: The Authentication response
:param instance: SP instance that received the authentication response
:return: response
"""
_idp = self.create_SamlIDP(instance.environ, instance.start_response, self.outgoing)
_state = instance.sp.state[response.in_response_to]
orig_authn_req, relay_state, req_args = instance.sp.state[_state]
# The Subject NameID
try:
subject = response.get_subject()
except:
pass
resp_args = _idp.idp.response_args(orig_authn_req)
try:
_authn_info = response.authn_info()[0]
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(_authn_info[0]), username_password_authn_dummy, 0, self.issuer)
_authn = AUTHN_BROKER.get_authn_by_accr(_authn_info[0])
#_authn = {"class_ref": _authn_info[0], "authn_auth": self.issuer}
except:
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), username_password_authn_dummy, 0, self.issuer)
_authn = AUTHN_BROKER.get_authn_by_accr(UNSPECIFIED)
identity = response.ava
if identity is None and response.response.encrypted_assertion is not None:
#Add dummy value
identity = {"uid": "dummyuser"}
# Will signed the response by default
resp = _idp.construct_authn_response(identity, userid="dummyuser",
authn=_authn, name_id=None, resp_args=resp_args,
relay_state=relay_state, sign_response=True,
org_resp=response, org_xml_response=org_response)
return resp
示例6: main
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def main():
global IDP
global AUTHN_BROKER
global LOOKUP
global args
sys.path.insert(0, os.getcwd())
from wsgiref.simple_server import make_server
parser = argparse.ArgumentParser()
parser.add_argument('-p', dest='path', help='Path to configuration file.')
parser.add_argument('-v', dest='valid',
help="How long, in days, the metadata is valid from the time of creation")
parser.add_argument('-c', dest='cert', help='certificate')
parser.add_argument('-i', dest='id',
help="The ID of the entities descriptor")
parser.add_argument('-k', dest='keyfile',
help="A file with a key to sign the metadata with")
parser.add_argument('-n', dest='name')
parser.add_argument('-s', dest='sign', action='store_true',
help="sign the metadata")
parser.add_argument('-m', dest='mako_root', default="./")
parser.add_argument(dest="config")
args = parser.parse_args()
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
username_password_authn, 10,
"http://%s" % socket.gethostname())
AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
"", 0, "http://%s" % socket.gethostname())
CONFIG = importlib.import_module(args.config)
IDP = server.Server(args.config, cache=Cache())
IDP.ticket = {}
_rot = args.mako_root
LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'],
module_directory=_rot + 'modules',
input_encoding='utf-8', output_encoding='utf-8')
HOST = CONFIG.HOST
PORT = CONFIG.PORT
SRV = make_server(HOST, PORT, application)
print "IdP listening on %s:%s" % (HOST, PORT)
SRV.serve_forever()
示例7: handle_auth_req
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def handle_auth_req(self, saml_request, relay_state, binding, userid,
response_binding=BINDING_HTTP_POST):
"""
Handles a SAML request, validates and creates a SAML response.
:type saml_request: str
:type relay_state: str
:type binding: str
:type userid: str
:rtype:
:param saml_request:
:param relay_state: RelayState is a parameter used by some SAML protocol implementations to
identify the specific resource at the resource provider in an IDP initiated single sign on
scenario.
:param binding:
:param userid: The user identification.
:return: A tuple with
"""
auth_req = self.parse_authn_request(saml_request, binding)
binding_out, destination = self.pick_binding(
'assertion_consumer_service',
bindings=[response_binding],
entity_id=auth_req.message.issuer.text, request=auth_req.message)
resp_args = self.response_args(auth_req.message)
authn_broker = AuthnBroker()
authn_broker.add(authn_context_class_ref(PASSWORD), lambda: None, 10,
'unittest_idp.xml')
authn_broker.get_authn_by_accr(PASSWORD)
resp_args['authn'] = authn_broker.get_authn_by_accr(PASSWORD)
_resp = self.create_authn_response(self.user_db[userid],
userid=userid,
**resp_args)
if response_binding == BINDING_HTTP_POST:
saml_response = base64.b64encode(str(_resp).encode("utf-8"))
resp = {"SAMLResponse": saml_response, "RelayState": relay_state}
elif response_binding == BINDING_HTTP_REDIRECT:
http_args = self.apply_binding(response_binding, '%s' % _resp,
destination, relay_state, response=True)
resp = dict(parse_qsl(urlparse(dict(http_args["headers"])["Location"]).query))
return destination, resp
示例8: __create_authn_response
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def __create_authn_response(self, saml_request, relay_state, binding,
userid, response_binding=BINDING_HTTP_POST):
"""
Handles a SAML request, validates and creates a SAML response but
does not apply the binding to encode it.
:type saml_request: str
:type relay_state: str
:type binding: str
:type userid: str
:rtype: tuple [string, saml2.samlp.Response]
:param saml_request:
:param relay_state: RelayState is a parameter used by some SAML
protocol implementations to identify the specific resource at the
resource provider in an IDP initiated single sign on scenario.
:param binding:
:param userid: The user identification.
:return: A tuple containing the destination and instance of
saml2.samlp.Response
"""
auth_req = self.parse_authn_request(saml_request, binding)
binding_out, destination = self.pick_binding(
'assertion_consumer_service',
bindings=[response_binding],
entity_id=auth_req.message.issuer.text, request=auth_req.message)
resp_args = self.response_args(auth_req.message)
authn_broker = AuthnBroker()
authn_broker.add(authn_context_class_ref(PASSWORD), lambda: None, 10,
'unittest_idp.xml')
authn_broker.get_authn_by_accr(PASSWORD)
resp_args['authn'] = authn_broker.get_authn_by_accr(PASSWORD)
resp = self.create_authn_response(self.user_db[userid],
userid=userid,
**resp_args)
return destination, resp
示例9: handle_auth_req
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def handle_auth_req(self, saml_request, relay_state, binding, userid):
auth_req = self.parse_authn_request(saml_request, binding)
binding_out, destination = self.pick_binding(
'assertion_consumer_service',
entity_id=auth_req.message.issuer.text, request=auth_req.message)
resp_args = self.response_args(auth_req.message)
authn_broker = AuthnBroker()
authn_broker.add(authn_context_class_ref(PASSWORD), lambda: None, 10,
'unittest_idp.xml')
authn_broker.get_authn_by_accr(PASSWORD)
resp_args['authn'] = authn_broker.get_authn_by_accr(PASSWORD)
_resp = self.create_authn_response(self.user_db[userid],
userid=userid,
**resp_args)
http_args = self.apply_binding(BINDING_HTTP_POST, '%s' % _resp,
destination, relay_state, response=True)
url = http_args['url']
saml_response = base64.b64encode(str(_resp).encode("utf-8"))
resp = {'SAMLResponse': saml_response, 'RelayState': relay_state}
return url, resp
示例10: type
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
# by moving some initialization out of __name__ == '__main__' section.
# uwsgi -s 0.0.0.0:8088 --protocol http --callable application --module idp
args = type('Config', (object,), { })
args.config = 'idp_conf'
args.mako_root = './'
args.path = None
import socket
from idp_user import USERS
from idp_user import EXTRA
from mako.lookup import TemplateLookup
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
username_password_authn, 10,
"http://%s" % socket.gethostname())
AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
"", 0, "http://%s" % socket.gethostname())
IDP = server.Server(args.config, cache=Cache())
IDP.ticket = {}
# ----------------------------------------------------------------------------
if __name__ == '__main__':
from wsgiref.simple_server import make_server
parser = argparse.ArgumentParser()
parser.add_argument('-p', dest='path', help='Path to configuration file.')
parser.add_argument('-v', dest='valid',
示例11: setup_authn_broker
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def setup_authn_broker(self, base_url, sphandler, authorization):
ab = AuthnBroker()
sphandler.sp_authentication = SpAuthentication(self, sphandler)
cas_auth = CasAuth(self, self.cas_server, self.service_url)
password_auth = PasswordYubikeyAuth(self, self.passwd, password=True,
yubikey=False)
yubikey_auth = PasswordYubikeyAuth(self, self.passwd, password=False,
yubikey=True)
password_yubikey_auth = PasswordYubikeyAuth(self, self.passwd, password=True,
yubikey=True)
for authkey, value in authorization.items():
level = str(value[IdPHandler.AUTHORIZATION_WEIGHT])
url = value[IdPHandler.AUTHORIZATION_URL]
acr = value[IdPHandler.AUTHORIZATION_ACR]
user_info = value[IdPHandler.AUTHORIZATION_USER_INFO]
if authkey == IdPHandler.AUTHORIZATION_SAML:
sphandler.sp_authentication.user_info(user_info)
ab.add(acr, sphandler.sp_authentication, level, url)
elif authkey == IdPHandler.AUTHORIZATION_CAS:
cas_auth.user_info(user_info)
ab.add(acr, cas_auth, level, url)
elif authkey == IdPHandler.AUTHORIZATION_PASSWORD_YUBIKEY:
password_yubikey_auth.user_info(user_info)
ab.add(acr, password_yubikey_auth, level, url)
elif authkey == IdPHandler.AUTHORIZATION_PASSWORD:
password_auth.user_info(user_info)
ab.add(acr, password_auth, level, url)
elif authkey == IdPHandler.AUTHORIZATION_YUBIKEY:
yubikey_auth.user_info(user_info)
ab.add(acr, yubikey_auth, level, url)
elif authkey == IdPHandler.AUTHORIZATION_MULTIPLEAUTHN:
authn_list = []
for m_items in value[IdPHandler.AUTHENTICATION_AUTHNLIST]:
m_authkey = m_items[IdPHandler.AUTHORIZATION_ACR]
if m_authkey == IdPHandler.AUTHORIZATION_SAML:
authn_list.append(sphandler.sp_authentication)
elif m_authkey == IdPHandler.AUTHORIZATION_CAS:
authn_list.append(cas_auth)
elif m_authkey == IdPHandler.AUTHORIZATION_PASSWORD_YUBIKEY:
authn_list.append(password_yubikey_auth)
elif m_authkey == IdPHandler.AUTHORIZATION_PASSWORD:
authn_list.append(password_auth)
elif m_authkey == IdPHandler.AUTHORIZATION_YUBIKEY:
authn_list.append(yubikey_auth)
ab.add(acr, MultipleAuthentication(self, authn_list, user_info), level, url)
else:
ab.add(authn_context_class_ref(UNSPECIFIED), UnspecifiedAuth(self), level, url)
return ab
示例12: AuthnBroker
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
parser.add_argument('-i', dest='id',
help="The ID of the entities descriptor")
parser.add_argument('-k', dest='keyfile',
help="A file with a key to sign the metadata with")
parser.add_argument('-n', dest='name')
parser.add_argument('-s', dest='sign', action='store_true',
help="sign the metadata")
parser.add_argument('-m', dest='mako_root', default="./")
parser.add_argument(dest="config")
args = parser.parse_args()
CONFIG = importlib.import_module(args.config)
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
username_password_authn, 10,
CONFIG.BASE)
AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
"", 0, CONFIG.BASE)
IDP = server.Server(args.config, cache=Cache())
IDP.ticket = {}
_rot = args.mako_root
LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'],
module_directory=_rot + 'modules',
input_encoding='utf-8', output_encoding='utf-8')
HOST = CONFIG.HOST
PORT = CONFIG.PORT
示例13: main
# 需要导入模块: from saml2.authn_context import AuthnBroker [as 别名]
# 或者: from saml2.authn_context.AuthnBroker import add [as 别名]
def main():
global IDP
global AUTHN_BROKER
global LOOKUP
global args
global CONFIG
global USERS
global PASSWD
global EXTRA
sys.path.insert(0, os.getcwd())
from wsgiref.simple_server import make_server
parser = argparse.ArgumentParser()
parser.add_argument('-p', dest='path', help='Path to configuration file.')
parser.add_argument('-v', dest='valid',
help="How long, in days, the metadata is valid from the time of creation")
parser.add_argument('-c', dest='cert', help='certificate')
parser.add_argument('-i', dest='id',
help="The ID of the entities descriptor")
parser.add_argument('-k', dest='keyfile',
help="A file with a key to sign the metadata with")
parser.add_argument('-n', dest='name')
parser.add_argument('-s', dest='sign', action='store_true',
help="sign the metadata")
parser.add_argument('-m', dest='mako_root', default="./")
parser.add_argument(dest="config")
args = parser.parse_args()
AUTHN_BROKER = AuthnBroker()
AUTHN_BROKER.add(authn_context_class_ref(PASSWORD),
username_password_authn, 10,
"http://%s" % socket.gethostname())
AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED),
"", 0, "http://%s" % socket.gethostname())
CONFIG = importlib.import_module(args.config)
USERS = CONFIG.USERS
PASSWD = CONFIG.PASSWD
EXTRA = CONFIG.EXTRA
IDP = server.Server(args.config, cache=Cache())
IDP.ticket = {}
_rot = args.mako_root
LOOKUP = TemplateLookup(directories=[_rot + 'htdocs', _rot + 'htdocs'],
module_directory=_rot + 'modules',
input_encoding='utf-8', output_encoding='utf-8')
HOST = CONFIG.HOST
PORT = CONFIG.PORT
#SRV = make_server(HOST, PORT, application)
SRV = wsgiserver.CherryPyWSGIServer(('0.0.0.0', PORT), application)
make_server
if CONFIG.HTTPS:
SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter(CONFIG.SERVER_CERT, CONFIG.SERVER_KEY,
CONFIG.CERT_CHAIN)
print "IdP listening on %s:%s" % (HOST, PORT)
try:
SRV.start()
except KeyboardInterrupt:
SRV.stop()