本文整理汇总了Python中saml2.config.SPConfig.setattr方法的典型用法代码示例。如果您正苦于以下问题:Python SPConfig.setattr方法的具体用法?Python SPConfig.setattr怎么用?Python SPConfig.setattr使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.config.SPConfig的用法示例。
在下文中一共展示了SPConfig.setattr方法的1个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: Saml
# 需要导入模块: from saml2.config import SPConfig [as 别名]
# 或者: from saml2.config.SPConfig import setattr [as 别名]
class Saml(object):
"""
SAML Wrapper around pysaml2.
Implements SAML2 Service Provider functionality for Flask.
"""
def __init__(self, config):
"""Initialize SAML Service Provider.
Args:
config (dict): Service Provider config info in dict form
"""
if config.get('metadata') is not None:
config['metadata'] = _parse_metadata_dict_to_inline(
config['metadata'])
self._config = SPConfig().load(config)
self._config.setattr('', 'allow_unknown_attributes', True)
# Set discovery end point, if configured for.
if config['service']['sp'].get('ds'):
self.discovery_service_end_point = \
config['service']['sp'].get('ds')[0]
def authenticate(self, next_url="/", binding=BINDING_HTTP_REDIRECT,
selected_idp=None):
"""Start SAML Authentication login process.
Args:
next_url (string): HTTP URL to return user to when authentication
is complete.
binding (binding): Saml2 binding method to use for request.
Defaults to BINDING_HTTP_REDIRECT (don't change til HTTP_POST
support is complete in pysaml2).
selected_idp (string): A specfic IdP that should be used to
authenticate. Defaults to `None`.
Returns:
Flask Response object to return to user containing either
HTTP_REDIRECT or HTTP_POST SAML message.
Raises:
AuthException: when unable to locate valid IdP.
BadRequest: when invalid result returned from SAML client.
"""
# Fail if signing requested but no private key configured.
if self._config.getattr('authn_requests_signed') == True:
if not self._config.key_file \
or not os.path.exists(self._config.key_file):
raise AuthException(
"Signature requested for this Saml authentication" + \
" request, but no private key file configured")
# Find configured for IdPs for requested binding method.
bindable_idps = []
all_idps = self._config.metadata.identity_providers()
# Filter IdPs to allowed IdPs, if we have some.
if self._config.getattr('idp') is not None:
all_idps = list(set(all_idps) & set(self._config.getattr('idp')))
# Filter IdPs to selected IdP, if we have one.
if selected_idp is not None:
all_idps = list(set(all_idps) & set([selected_idp]))
# From all IdPs allowed/selected, get the ones we can bind to.
for idp in all_idps:
if self._config.metadata.single_sign_on_service(idp, binding) != []:
bindable_idps.append(idp)
if not len(bindable_idps):
raise AuthException("Unable to locate valid IdP for this request")
# Retrieve cache.
outstanding_queries_cache = \
AuthDictCache(session, '_saml_outstanding_queries')
LOGGER.debug("Outstanding queries cache %s", outstanding_queries_cache)
if len(bindable_idps) > 1:
# Redirect to discovery service
(session_id, response) = self._handle_discovery_request()
else:
idp_entityid = bindable_idps[0]
LOGGER.debug("Connecting to Identity Provider %s", idp_entityid)
# Make pysaml2 call to authenticate.
client = Saml2Client(self._config)
(session_id, result) = client.prepare_for_authenticate(
entityid=idp_entityid,
relay_state=next_url,
sign=self._config.getattr('authn_requests_signed'),
binding=binding)
# The psaml2 source for this method indicates that
# BINDING_HTTP_POST should not be used right now to authenticate.
# Regardless, we'll check for it and act accordingly.
if binding == BINDING_HTTP_REDIRECT:
LOGGER.debug("Redirect to Identity Provider %s ( %s )",
idp_entityid, result)
response = make_response("", 302, dict(result['headers']))
elif binding == BINDING_HTTP_POST:
LOGGER.debug("Post to Identity Provider %s ( %s )",
idp_entityid, result)
#.........这里部分代码省略.........