本文整理汇总了Python中saml2.ident.IdentDB.construct_nameid方法的典型用法代码示例。如果您正苦于以下问题:Python IdentDB.construct_nameid方法的具体用法?Python IdentDB.construct_nameid怎么用?Python IdentDB.construct_nameid使用的例子?那么, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.ident.IdentDB
的用法示例。
在下文中一共展示了IdentDB.construct_nameid方法的3个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: Server
# 需要导入模块: from saml2.ident import IdentDB [as 别名]
# 或者: from saml2.ident.IdentDB import construct_nameid [as 别名]
#.........这里部分代码省略.........
**args)
# ------------------------------------------------------------------------
# noinspection PyUnusedLocal
def create_attribute_response(self, identity, in_response_to, destination,
sp_entity_id, userid="", name_id=None,
status=None, issuer=None,
sign_assertion=False, sign_response=False,
attributes=None, sign_alg=None,
digest_alg=None, **kwargs):
""" Create an attribute assertion response.
:param identity: A dictionary with attributes and values that are
expected to be the bases for the assertion in the response.
:param in_response_to: The session identifier of the request
:param destination: The URL which should receive the response
:param sp_entity_id: The entity identifier of the SP
:param userid: A identifier of the user
:param name_id: The identifier of the subject
:param status: The status of the response
:param issuer: The issuer of the response
:param sign_assertion: Whether the assertion should be signed or not
:param sign_response: Whether the whole response should be signed
:param attributes:
:param kwargs: To catch extra keyword arguments
:return: A response instance
"""
policy = self.config.getattr("policy", "aa")
if not name_id and userid:
try:
name_id = self.ident.construct_nameid(userid, policy,
sp_entity_id)
logger.warning("Unspecified NameID format")
except Exception:
pass
to_sign = []
args = {}
if identity:
_issuer = self._issuer(issuer)
ast = Assertion(identity)
if policy:
ast.apply_policy(sp_entity_id, policy, self.metadata)
else:
policy = Policy()
if attributes:
restr = restriction_from_attribute_spec(attributes)
ast = filter_attribute_value_assertions(ast)
assertion = ast.construct(sp_entity_id, in_response_to,
destination, name_id,
self.config.attribute_converters,
policy, issuer=_issuer)
if sign_assertion:
assertion.signature = pre_signature_part(assertion.id,
self.sec.my_cert, 1,
sign_alg=sign_alg,
digest_alg=digest_alg)
# Just the assertion or the response and the assertion ?
to_sign = [(class_name(assertion), assertion.id)]
示例2: TestIdentifier
# 需要导入模块: from saml2.ident import IdentDB [as 别名]
# 或者: from saml2.ident.IdentDB import construct_nameid [as 别名]
class TestIdentifier():
def setup_class(self):
self.id = IdentDB("subject.db", "example.com", "example")
def test_persistent_1(self):
policy = Policy({
"default": {
"name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
"nameid_format": NAMEID_FORMAT_PERSISTENT,
"attribute_restrictions": {
"surName": [".*berg"],
}
}
})
nameid = self.id.construct_nameid("foobar", policy,
"urn:mace:example.com:sp:1")
assert _eq(nameid.keyswv(), ['format', 'text', 'sp_name_qualifier',
'name_qualifier'])
assert nameid.sp_name_qualifier == "urn:mace:example.com:sp:1"
assert nameid.format == NAMEID_FORMAT_PERSISTENT
id = self.id.find_local_id(nameid)
assert id == "foobar"
def test_transient_1(self):
policy = Policy({
"default": {
"name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
"nameid_format": NAMEID_FORMAT_TRANSIENT,
"attribute_restrictions": {
"surName": [".*berg"],
}
}
})
nameid = self.id.construct_nameid("foobar", policy,
"urn:mace:example.com:sp:1")
assert _eq(nameid.keyswv(), ['text', 'format', 'sp_name_qualifier',
'name_qualifier'])
assert nameid.format == NAMEID_FORMAT_TRANSIENT
def test_vo_1(self):
policy = Policy({
"default": {
"name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
"nameid_format": NAMEID_FORMAT_PERSISTENT,
"attribute_restrictions": {
"surName": [".*berg"],
}
}
})
name_id_policy = samlp.name_id_policy_from_string(NAME_ID_POLICY_1)
print(name_id_policy)
nameid = self.id.construct_nameid("foobar", policy,
'http://vo.example.org/biomed',
name_id_policy)
print(nameid)
assert _eq(nameid.keyswv(), ['text', 'sp_name_qualifier', 'format',
'name_qualifier'])
assert nameid.sp_name_qualifier == 'http://vo.example.org/biomed'
assert nameid.format == NAMEID_FORMAT_PERSISTENT
assert nameid.text != "foobar"
def test_vo_2(self):
policy = Policy({
"default": {
"name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
"nameid_format": NAMEID_FORMAT_PERSISTENT,
"attribute_restrictions": {
"surName": [".*berg"],
}
}
})
name_id_policy = samlp.name_id_policy_from_string(NAME_ID_POLICY_2)
nameid = self.id.construct_nameid("foobar", policy,
'http://vo.example.org/design',
name_id_policy)
assert _eq(nameid.keyswv(), ['text', 'sp_name_qualifier', 'format',
'name_qualifier'])
assert nameid.sp_name_qualifier == 'http://vo.example.org/design'
assert nameid.format == NAMEID_FORMAT_PERSISTENT
assert nameid.text != "foobar01"
def test_persistent_nameid(self):
sp_id = "urn:mace:umu.se:sp"
nameid = self.id.persistent_nameid("abcd0001", sp_id)
remote_id = nameid.text.strip()
print(remote_id)
local = self.id.find_local_id(nameid)
assert local == "abcd0001"
#.........这里部分代码省略.........
示例3: Server
# 需要导入模块: from saml2.ident import IdentDB [as 别名]
# 或者: from saml2.ident.IdentDB import construct_nameid [as 别名]
#.........这里部分代码省略.........
sign_response, to_sign, encrypt_assertion=encrypt_assertion,
encrypt_cert=encrypt_cert, **args)
# ------------------------------------------------------------------------
#noinspection PyUnusedLocal
def create_attribute_response(self, identity, in_response_to, destination,
sp_entity_id, userid="", name_id=None,
status=None, issuer=None,
sign_assertion=False, sign_response=False,
attributes=None, **kwargs):
""" Create an attribute assertion response.
:param identity: A dictionary with attributes and values that are
expected to be the bases for the assertion in the response.
:param in_response_to: The session identifier of the request
:param destination: The URL which should receive the response
:param sp_entity_id: The entity identifier of the SP
:param userid: A identifier of the user
:param name_id: The identifier of the subject
:param status: The status of the response
:param issuer: The issuer of the response
:param sign_assertion: Whether the assertion should be signed or not
:param sign_response: Whether the whole response should be signed
:param attributes:
:param kwargs: To catch extra keyword arguments
:return: A response instance
"""
policy = self.config.getattr("policy", "aa")
if not name_id and userid:
try:
name_id = self.ident.construct_nameid(userid, policy,
sp_entity_id)
logger.warning("Unspecified NameID format")
except Exception:
pass
to_sign = []
args = {}
if identity:
_issuer = self._issuer(issuer)
ast = Assertion(identity)
if policy:
ast.apply_policy(sp_entity_id, policy, self.metadata)
else:
policy = Policy()
if attributes:
restr = restriction_from_attribute_spec(attributes)
ast = filter_attribute_value_assertions(ast)
assertion = ast.construct(sp_entity_id, in_response_to,
destination, name_id,
self.config.attribute_converters,
policy, issuer=_issuer)
if sign_assertion:
assertion.signature = pre_signature_part(assertion.id,
self.sec.my_cert, 1)
# Just the assertion or the response and the assertion ?
to_sign = [(class_name(assertion), assertion.id)]
args["assertion"] = assertion