本文整理汇总了Python中saml2.mdstore.MetadataStore.load方法的典型用法代码示例。如果您正苦于以下问题:Python MetadataStore.load方法的具体用法?Python MetadataStore.load怎么用?Python MetadataStore.load使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.mdstore.MetadataStore的用法示例。
在下文中一共展示了MetadataStore.load方法的11个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_xmlsec_err_non_ascii_ava
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def test_xmlsec_err_non_ascii_ava():
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", IDP_EXAMPLE)
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion, version="2.0", id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", sec.my_cert, 1),
attribute_statement=do_attribute_statement(
{("", "", "surName"): ("Föö", ""),
("", "", "givenName"): ("Bär", ""), })
)
with raises(XmlsecError):
sec.sign_statement(
assertion,
class_name(assertion),
key_file=INVALID_KEY,
node_id=assertion.id,
)示例2: test_xmlsec_err
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def test_xmlsec_err():
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", full_path("idp_example.xml"))
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion, version="2.0", id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", sec.my_cert, 1),
attribute_statement=do_attribute_statement(
{("", "", "surName"): ("Foo", ""),
("", "", "givenName"): ("Bar", ""), })
)
try:
sec.sign_statement(assertion, class_name(assertion),
key_file=full_path("tes.key"),
node_id=assertion.id)
except (XmlsecError, SigverError) as err: # should throw an exception
pass
else:
assert False示例3: test_xbox_non_ascii_ava
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def test_xbox_non_ascii_ava():
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", IDP_EXAMPLE)
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion, version="2.0", id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", sec.my_cert, 1),
attribute_statement=do_attribute_statement(
{
("", "", "surName"): ("Föö", ""),
("", "", "givenName"): ("Bär", ""),
}
)
)
sigass = sec.sign_statement(
assertion,
class_name(assertion),
key_file=PRIV_KEY,
node_id=assertion.id,
)
_ass0 = saml.assertion_from_string(sigass)
encrypted_assertion = EncryptedAssertion()
encrypted_assertion.add_extension_element(_ass0)
_, pre = make_temp(
str(pre_encryption_part()).encode('utf-8'), decode=False
)
enctext = sec.crypto.encrypt(
str(encrypted_assertion),
conf.cert_file,
pre,
"des-192",
'/*[local-name()="EncryptedAssertion"]/*[local-name()="Assertion"]',
)
decr_text = sec.decrypt(enctext, key_file=PRIV_KEY)
_seass = saml.encrypted_assertion_from_string(decr_text)
assertions = []
assers = extension_elements_to_elements(
_seass.extension_elements, [saml, samlp]
)
for ass in assers:
_txt = sec.verify_signature(
str(ass), PUB_KEY, node_name=class_name(assertion)
)
if _txt:
assertions.append(ass)
assert assertions
print(assertions)示例4: test_xbox
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def test_xbox():
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", full_path("idp_example.xml"))
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion,
version="2.0",
id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", sec.my_cert, 1),
attribute_statement=do_attribute_statement(
{("", "", "surName"): ("Foo", ""), ("", "", "givenName"): ("Bar", "")}
),
)
sigass = sec.sign_statement(assertion, class_name(assertion), key_file=full_path("test.key"), node_id=assertion.id)
_ass0 = saml.assertion_from_string(sigass)
encrypted_assertion = EncryptedAssertion()
encrypted_assertion.add_extension_element(_ass0)
_, pre = make_temp(str(pre_encryption_part()).encode("utf-8"), decode=False)
enctext = sec.crypto.encrypt(
str(encrypted_assertion),
conf.cert_file,
pre,
"des-192",
'/*[local-name()="EncryptedAssertion"]/*[local-name()="Assertion"]',
)
decr_text = sec.decrypt(enctext)
_seass = saml.encrypted_assertion_from_string(decr_text)
assertions = []
assers = extension_elements_to_elements(_seass.extension_elements, [saml, samlp])
sign_cert_file = full_path("test.pem")
for ass in assers:
_ass = "%s" % ass
# _ass = _ass.replace('xsi:nil="true" ', '')
# assert sigass == _ass
_txt = sec.verify_signature(_ass, sign_cert_file, node_name=class_name(assertion))
if _txt:
assertions.append(ass)
print(assertions)示例5: setup_class
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def setup_class(self):
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", full_path("metadata_cert.xml"))
conf.metadata = md
conf.only_use_keys_in_metadata = False
self.sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion, version="2.0", id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", self.sec.my_cert, 1),
attribute_statement=do_attribute_statement(
{("", "", "surName"): ("Foo", ""),
("", "", "givenName"): ("Bar", ""), })
)示例6: setup_class
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def setup_class(self):
xmlexec = get_xmlsec_binary()
md = MetadataStore([saml, samlp], None, xmlexec)
md.load("local", "metadata_cert.xml")
self.sec = sigver.SecurityContext(xmlexec, key_file=PRIV_KEY,
cert_file=PUB_KEY, debug=1, metadata=md)
self._assertion = factory( saml.Assertion,
version="2.0",
id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", self.sec.my_cert, 1),
attribute_statement=do_attribute_statement({
("","","surName"): ("Foo",""),
("","","givenName") :("Bar",""),
})
)示例7: setup_class
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def setup_class(self):
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", full_path("metadata_cert.xml"))
crypto = get_xmlsec_cryptobackend()
self.sec = sigver.SecurityContext(crypto, key_file=PRIV_KEY,
cert_file=PUB_KEY, debug=1, metadata=md)
self._assertion = factory( saml.Assertion,
version="2.0",
id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", self.sec.my_cert, 1),
attribute_statement=do_attribute_statement({
("","","surName"): ("Foo",""),
("","","givenName") :("Bar",""),
})
)示例8: test_okta
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def test_okta():
conf = config.Config()
conf.load_file("server_conf")
conf.id_attr_name = 'Id'
md = MetadataStore([saml, samlp], None, conf)
md.load("local", IDP_EXAMPLE)
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
with open(OKTA_RESPONSE) as f:
enctext = f.read()
decr_text = sec.decrypt(enctext)
_seass = saml.encrypted_assertion_from_string(decr_text)
assers = extension_elements_to_elements(_seass.extension_elements,
[saml, samlp])
with open(OKTA_ASSERTION) as f:
okta_assertion = f.read()
expected_assert = assertion_from_string(okta_assertion)
assert len(assers) == 1
assert assers[0] == expected_assert示例9: test_sha256_signing
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
def test_sha256_signing():
conf = config.SPConfig()
conf.load_file("server_conf")
md = MetadataStore([saml, samlp], None, conf)
md.load("local", full_path("idp_example.xml"))
conf.metadata = md
conf.only_use_keys_in_metadata = False
sec = sigver.security_context(conf)
assertion = factory(
saml.Assertion,
version="2.0",
id="11111",
issue_instant="2009-10-30T13:20:28Z",
signature=sigver.pre_signature_part("11111", sec.my_cert, 1, sign_alg=SIG_RSA_SHA256),
attribute_statement=do_attribute_statement(
{("", "", "surName"): ("Foo", ""), ("", "", "givenName"): ("Bar", "")}
),
)
s = sec.sign_statement(assertion, class_name(assertion), key_file=full_path("test.key"), node_id=assertion.id)
assert s示例10: Femma
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
help='path to xmlsec binary for signature verification')
_parser.add_argument(
'-c', dest='cert', nargs="?", default="",
help='certificate for signature verification')
_parser.add_argument(
'-C', dest='clear', action='store_true', help='clean up')
args = _parser.parse_args()
if args.clear:
fem = Femma(None)
fem.setup()
fem.clean_up()
else:
sec_config = config.Config()
sec_config.xmlsec_binary = args.xmlsec[0]
mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config,
disable_ssl_certificate_validation=True)
if args.url:
mds.load("remote", url=args.url, cert=args.cert)
if args.filename:
if args.cert:
mds.load("local", args.filename, cert=args.cert)
else:
mds.load("local", args.filename)
fem = Femma(mds)
fem.setup()
fem.extract()
示例11: Client
# 需要导入模块: from saml2.mdstore import MetadataStore [as 别名]
# 或者: from saml2.mdstore.MetadataStore import load [as 别名]
class Client(Entity):
def __init__(self, user, passwd, sp="", idp=None, metadata_file=None,
xmlsec_binary=None, verbose=0, ca_certs="",
disable_ssl_certificate_validation=True, key_file=None,
cert_file=None, config=None):
"""
:param user: user name
:param passwd: user password
:param sp: The SP URL
:param idp: The IdP PAOS endpoint
:param metadata_file: Where the metadata file is if used
:param xmlsec_binary: Where the xmlsec1 binary can be found (*)
:param verbose: Chatty or not
:param ca_certs: is the path of a file containing root CA certificates
for SSL server certificate validation (*)
:param disable_ssl_certificate_validation: If
disable_ssl_certificate_validation is true, SSL cert validation
will not be performed (*)
:param key_file: Private key filename (*)
:param cert_file: Certificate filename (*)
:param config: Config() instance, overrides all the parameters marked
with an asterisk (*) above
"""
if not config:
config = Config()
config.disable_ssl_certificate_validation = \
disable_ssl_certificate_validation
config.key_file = key_file
config.cert_file = cert_file
config.ca_certs = ca_certs
config.xmlsec_binary = xmlsec_binary
Entity.__init__(self, "sp", config)
self._idp = idp
self._sp = sp
self.user = user
self.passwd = passwd
self._verbose = verbose
if metadata_file:
self._metadata = MetadataStore([saml, samlp], None, config)
self._metadata.load("local", metadata_file)
logger.debug("Loaded metadata from '%s'" % metadata_file)
else:
self._metadata = None
self.metadata = self._metadata
self.cookie_handler = None
self.done_ecp = False
self.cookie_jar = cookielib.LWPCookieJar()
def phase2(self, authn_request, rc_url, idp_entity_id, headers=None,
sign=False, **kwargs):
"""
Doing the second phase of the ECP conversation, the conversation
with the IdP happens.
:param authn_request: The AuthenticationRequest
:param rc_url: The assertion consumer service url of the SP
:param idp_entity_id: The EntityID of the IdP
:param headers: Possible extra headers
:param sign: If the message should be signed
:return: The response from the IdP
"""
_, destination = self.pick_binding("single_sign_on_service",
[BINDING_SOAP], "idpsso",
entity_id=idp_entity_id)
ht_args = self.apply_binding(BINDING_SOAP, authn_request, destination,
sign=sign)
if headers:
ht_args["headers"].extend(headers)
logger.debug("[P2] Sending request: %s" % ht_args["data"])
# POST the request to the IdP
response = self.send(**ht_args)
logger.debug("[P2] Got IdP response: %s" % response)
if response.status_code != 200:
raise SAMLError(
"Request to IdP failed (%s): %s" % (response.status_code,
response.error))
# SAMLP response in a SOAP envelope body, ecp response in headers
respdict = self.parse_soap_message(response.text)
if respdict is None:
raise SAMLError("Unexpected reply from the IdP")
logger.debug("[P2] IdP response dict: %s" % respdict)
idp_response = respdict["body"]
assert idp_response.c_tag == "Response"
#.........这里部分代码省略.........