本文整理汇总了Python中saml2.population.Population.add_information_about_person方法的典型用法代码示例。如果您正苦于以下问题:Python Population.add_information_about_person方法的具体用法?Python Population.add_information_about_person怎么用?Python Population.add_information_about_person使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.population.Population的用法示例。
在下文中一共展示了Population.add_information_about_person方法的5个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: Base
# 需要导入模块: from saml2.population import Population [as 别名]
# 或者: from saml2.population.Population import add_information_about_person [as 别名]
#.........这里部分代码省略.........
resp = None
if xmlstr:
kwargs = {
"outstanding_queries": outstanding,
"outstanding_certs": outstanding_certs,
"allow_unsolicited": self.allow_unsolicited,
"want_assertions_signed": self.want_assertions_signed,
"want_response_signed": self.want_response_signed,
"return_addrs": self.service_urls(),
"entity_id": self.config.entityid,
"attribute_converters": self.config.attribute_converters,
"allow_unknown_attributes":
self.config.allow_unknown_attributes,
}
try:
resp = self._parse_response(xmlstr, AuthnResponse,
"assertion_consumer_service",
binding, **kwargs)
except StatusError as err:
logger.error("SAML status error: %s" % err)
raise
except UnravelError:
return None
except Exception as exc:
logger.error("%s" % exc)
raise
#logger.debug(">> %s", resp)
if resp is None:
return None
elif isinstance(resp, AuthnResponse):
self.users.add_information_about_person(resp.session_info())
logger.info("--- ADDED person info ----")
pass
else:
logger.error("Response type not supported: %s" % (
saml2.class_name(resp),))
return resp
# ------------------------------------------------------------------------
# SubjectQuery, AuthnQuery, RequestedAuthnContext, AttributeQuery,
# AuthzDecisionQuery all get Response as response
def parse_authz_decision_query_response(self, response,
binding=BINDING_SOAP):
""" Verify that the response is OK
"""
kwargs = {"entity_id": self.config.entityid,
"attribute_converters": self.config.attribute_converters}
return self._parse_response(response, AuthzResponse, "", binding,
**kwargs)
def parse_authn_query_response(self, response, binding=BINDING_SOAP):
""" Verify that the response is OK
"""
kwargs = {"entity_id": self.config.entityid,
"attribute_converters": self.config.attribute_converters}
return self._parse_response(response, AuthnQueryResponse, "", binding,
**kwargs)
def parse_assertion_id_request_response(self, response, binding):
""" Verify that the response is OK示例2: Base
# 需要导入模块: from saml2.population import Population [as 别名]
# 或者: from saml2.population.Population import add_information_about_person [as 别名]
#.........这里部分代码省略.........
:param subject:
:param destination: The IdP endpoint to send the request to
:param authn_context:
:param session_index:
:param id: Message identifier
:param consent: If the principal gave her consent to this request
:param extensions: Possible request extensions
:param sign: Whether the request should be signed or not.
:return:
"""
return self._message(AuthnQuery, destination, id, consent, extensions,
sign, subject=subject, session_index=session_index,
requested_auth_context=authn_context)
def create_nameid_mapping_request(self, nameid_policy,
nameid=None, baseid=None,
encryptedid=None, destination=None,
id=0, consent=None, extensions=None,
sign=False):
"""
:param nameid_policy:
:param nameid:
:param baseid:
:param encryptedid:
:param destination:
:param id: Message identifier
:param consent: If the principal gave her consent to this request
:param extensions: Possible request extensions
:param sign: Whether the request should be signed or not.
:return:
"""
# One of them must be present
assert nameid or baseid or encryptedid
if nameid:
return self._message(NameIDMappingRequest, destination, id, consent,
extensions, sign, nameid_policy=nameid_policy,
nameid=nameid)
elif baseid:
return self._message(NameIDMappingRequest, destination, id, consent,
extensions, sign, nameid_policy=nameid_policy,
baseid=baseid)
else:
return self._message(NameIDMappingRequest, destination, id, consent,
extensions, sign, nameid_policy=nameid_policy,
encryptedid=encryptedid)
def create_manage_nameid_request(self):
pass
# ======== response handling ===========
def _response(self, post, outstanding, decode=True, asynchop=True):
""" Deal with an AuthnResponse or LogoutResponse
:param post: The reply as a dictionary
:param outstanding: A dictionary with session IDs as keys and
the original web request from the user before redirection
as values.
:param decode: Whether the response is Base64 encoded or not
:param asynchop: Whether the response was return over a asynchronous
connection. SOAP for instance is synchronous
:return: An response.AuthnResponse or response.LogoutResponse instance
"""
# If the request contains a samlResponse, try to validate it
try:
saml_response = post['SAMLResponse']
except KeyError:
return None
try:
_ = self.config.entityid
except KeyError:
raise Exception("Missing entity_id specification")
reply_addr = self.service_url()
resp = None
if saml_response:
try:
resp = response_factory(saml_response, self.config,
reply_addr, outstanding, decode=decode,
asynchop=asynchop,
allow_unsolicited=self.allow_unsolicited)
except Exception, exc:
logger.error("%s" % exc)
return None
logger.debug(">> %s", resp)
resp = resp.verify()
if isinstance(resp, AuthnResponse):
self.users.add_information_about_person(resp.session_info())
logger.info("--- ADDED person info ----")
else:
logger.error("Response type not supported: %s" % (
saml2.class_name(resp),))
return resp示例3: Saml2Client
# 需要导入模块: from saml2.population import Population [as 别名]
# 或者: from saml2.population.Population import add_information_about_person [as 别名]
#.........这里部分代码省略.........
return "|".join(vals)
def _init_request(self, request, destination):
# request.id = sid()
request.version = VERSION
request.issue_instant = instant()
request.destination = destination
return request
# def idp_entry(self, name=None, location=None, provider_id=None):
# """ Create an IDP entry
#
# :param name: The name of the IdP
# :param location: The location of the IdP
# :param provider_id: The identifier of the provider
# :return: A IdPEntry instance
# """
# res = samlp.IDPEntry()
# if name:
# res.name = name
# if location:
# res.loc = location
# if provider_id:
# res.provider_id = provider_id
#
# return res
#
# def scoping_from_metadata(self, entityid, location=None):
# """ Set the scope of the assertion
#
# :param entityid: The EntityID of the server
# :param location: The location of the server
# :return: A samlp.Scoping instance
# """
# name = self.metadata.name(entityid)
# idp_ent = self.idp_entry(name, location)
# return samlp.Scoping(idp_list=samlp.IDPList(idp_entry=[idp_ent]))
def response(self, post, outstanding, log=None, decode=True, asynchop=True):
""" Deal with an AuthnResponse or LogoutResponse
:param post: The reply as a dictionary
:param outstanding: A dictionary with session IDs as keys and
the original web request from the user before redirection
as values.
:param log: where loggin should go.
:param decode: Whether the response is Base64 encoded or not
:param asynchop: Whether the response was return over a asynchronous
connection. SOAP for instance is synchronous
:return: An response.AuthnResponse or response.LogoutResponse instance
"""
# If the request contains a samlResponse, try to validate it
try:
saml_response = post["SAMLResponse"]
except KeyError:
return None
try:
_ = self.config.entityid
except KeyError:
raise Exception("Missing entity_id specification")
if log is None:
log = self.logger
reply_addr = self.service_url()
resp = None
if saml_response:
try:
resp = response_factory(
saml_response,
self.config,
reply_addr,
outstanding,
log,
debug=self.debug,
decode=decode,
asynchop=asynchop,
allow_unsolicited=self.allow_unsolicited,
)
except Exception, exc:
raise
if log:
log.error("%s" % exc)
return None
if self.debug:
if log:
log.info(">> %s", resp)
resp = resp.verify()
if isinstance(resp, AuthnResponse):
self.users.add_information_about_person(resp.session_info())
if log:
log.error("--- ADDED person info ----")
elif isinstance(resp, LogoutResponse):
self.handle_logout_response(resp, log)
elif log:
log.error("Other response type: %s" % saml2.class_name(resp))
return resp示例4: TestPopulationMemoryBased
# 需要导入模块: from saml2.population import Population [as 别名]
# 或者: from saml2.population.Population import add_information_about_person [as 别名]
class TestPopulationMemoryBased():
def setup_class(self):
self.population = Population()
def test_add_person(self):
session_info = {
"name_id": nid,
"issuer": IDP_ONE,
"not_on_or_after": in_a_while(minutes=15),
"ava": {
"givenName": "Anders",
"surName": "Andersson",
"mail": "[email protected]"
}
}
self.population.add_information_about_person(session_info)
issuers = self.population.issuers_of_info(nid)
assert list(issuers) == [IDP_ONE]
subjects = [code(c) for c in self.population.subjects()]
assert subjects == [cnid]
# Are any of the sources gone stale
stales = self.population.stale_sources_for_person(nid)
assert stales == []
# are any of the possible sources not used or gone stale
possible = [IDP_ONE, IDP_OTHER]
stales = self.population.stale_sources_for_person(nid, possible)
assert stales == [IDP_OTHER]
(identity, stale) = self.population.get_identity(nid)
assert stale == []
assert identity == {'mail': '[email protected]',
'givenName': 'Anders',
'surName': 'Andersson'}
info = self.population.get_info_from(nid, IDP_ONE)
assert sorted(list(info.keys())) == sorted(["not_on_or_after",
"name_id", "ava"])
assert info["name_id"] == nid
assert info["ava"] == {'mail': '[email protected]',
'givenName': 'Anders',
'surName': 'Andersson'}
def test_extend_person(self):
session_info = {
"name_id": nid,
"issuer": IDP_OTHER,
"not_on_or_after": in_a_while(minutes=15),
"ava": {
"eduPersonEntitlement": "Anka"
}
}
self.population.add_information_about_person(session_info)
issuers = self.population.issuers_of_info(nid)
assert _eq(issuers, [IDP_ONE, IDP_OTHER])
subjects = [code(c) for c in self.population.subjects()]
assert subjects == [cnid]
# Are any of the sources gone stale
stales = self.population.stale_sources_for_person(nid)
assert stales == []
# are any of the possible sources not used or gone stale
possible = [IDP_ONE, IDP_OTHER]
stales = self.population.stale_sources_for_person(nid, possible)
assert stales == []
(identity, stale) = self.population.get_identity(nid)
assert stale == []
assert identity == {'mail': '[email protected]',
'givenName': 'Anders',
'surName': 'Andersson',
"eduPersonEntitlement": "Anka"}
info = self.population.get_info_from(nid, IDP_OTHER)
assert sorted(list(info.keys())) == sorted(["not_on_or_after",
"name_id", "ava"])
assert info["name_id"] == nid
assert info["ava"] == {"eduPersonEntitlement": "Anka"}
def test_add_another_person(self):
session_info = {
"name_id": nida,
"issuer": IDP_ONE,
"not_on_or_after": in_a_while(minutes=15),
"ava": {
"givenName": "Bertil",
"surName": "Bertilsson",
"mail": "[email protected]"
}
}
self.population.add_information_about_person(session_info)
issuers = self.population.issuers_of_info(nida)
assert list(issuers) == [IDP_ONE]
subjects = [code(c) for c in self.population.subjects()]
assert _eq(subjects, [cnid, cnida])
stales = self.population.stale_sources_for_person(nida)
assert stales == []
#.........这里部分代码省略.........
示例5: Saml2Client
# 需要导入模块: from saml2.population import Population [as 别名]
# 或者: from saml2.population.Population import add_information_about_person [as 别名]
#.........这里部分代码省略.........
format=saml.NAMEID_FORMAT_ENTITY)
def _sso_location(self, entityid=None, binding=BINDING_HTTP_REDIRECT):
if entityid:
# verify that it's in the metadata
try:
return self.config.single_sign_on_services(entityid, binding)[0]
except IndexError:
if self.logger:
self.logger.info("_sso_location: %s, %s" % (entityid,
binding))
return IdpUnspecified("No IdP to send to given the premises")
# get the idp location from the configuration alternative the
# metadata. If there is more than one IdP in the configuration
# raise exception
eids = self.config.idps()
if len(eids) > 1:
raise IdpUnspecified("Too many IdPs to choose from: %s" % eids)
try:
loc = self.config.single_sign_on_services(eids.keys()[0],
binding)[0]
return loc
except IndexError:
return IdpUnspecified("No IdP to send to given the premises")
def _my_name(self):
return self.config.name
#
# Public API
#
def service_url(self, binding=BINDING_HTTP_POST):
_res = self.config.endpoint("assertion_consumer_service", binding)
if _res:
return _res[0]
else:
return None
def response(self, post, outstanding, log=None, decode=True,
asynchop=True):
""" Deal with an AuthnResponse or LogoutResponse
:param post: The reply as a dictionary
:param outstanding: A dictionary with session IDs as keys and
the original web request from the user before redirection
as values.
:param log: where loggin should go.
:param decode: Whether the response is Base64 encoded or not
:param asynchop: Whether the response was return over a asynchronous
connection. SOAP for instance is synchronous
:return: An response.AuthnResponse or response.LogoutResponse instance
"""
# If the request contains a samlResponse, try to validate it
try:
saml_response = post['SAMLResponse']
except KeyError:
return None
try:
_ = self.config.entityid
except KeyError:
raise Exception("Missing entity_id specification")
if log is None:
log = self.logger
reply_addr = self.service_url()
resp = None
if saml_response:
try:
resp = response_factory(saml_response, self.config,
reply_addr, outstanding, log,
debug=self.debug, decode=decode,
asynchop=asynchop,
allow_unsolicited=self.allow_unsolicited)
except Exception, exc:
if log:
log.error("%s" % exc)
return None
if log:
log.debug(">> %s", resp)
resp = resp.verify()
if resp is None:
log.error("Response could not be verified")
return
if isinstance(resp, AuthnResponse):
self.users.add_information_about_person(resp.session_info())
if log:
log.info("--- ADDED person info ----")
elif isinstance(resp, LogoutResponse):
self.handle_logout_response(resp, log)
elif log:
log.error("Response type not supported: %s" % saml2.class_name(resp))
return resp