本文整理汇总了Python中saml2.server.Server.create_authn_response方法的典型用法代码示例。如果您正苦于以下问题:Python Server.create_authn_response方法的具体用法?Python Server.create_authn_response怎么用?Python Server.create_authn_response使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.server.Server的用法示例。
在下文中一共展示了Server.create_authn_response方法的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: setup_class
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def setup_class(self):
server = Server("idp_conf")
name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12")
self._resp_ = server.create_authn_response(
IDENTITY,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/",
# consumer_url
"urn:mace:example.com:saml:roland:sp",
# sp_entity_id
name_id=name_id,
)
self._sign_resp_ = server.create_authn_response(
IDENTITY,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
sign_assertion=True,
)
self._resp_authn = server.create_authn_response(
IDENTITY,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
authn=AUTHN,
)
conf = config.SPConfig()
conf.load_file("server_conf")
self.conf = conf示例2: setup_class
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def setup_class(self):
server = Server(dotname("idp_conf"))
name_id = server.ident.transient_nameid(
"urn:mace:example.com:saml:roland:sp","id12")
self._resp_ = server.create_authn_response(
IDENTITY,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
authn=AUTHN)
self._sign_resp_ = server.create_authn_response(
IDENTITY,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id, sign_assertion=True,
authn=AUTHN)
self._resp_authn = server.create_authn_response(
IDENTITY,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
authn=AUTHN)
self.conf = config_factory("sp", dotname("server_conf"))
self.conf.only_use_keys_in_metadata = False
self.ar = authn_response(self.conf, "http://lingon.catalogix.se:8087/")示例3: test_encrypted_response_9
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def test_encrypted_response_9(self):
_server = Server("idp_conf_sp_no_encrypt")
_resp = _server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
#encrypted_advice_attributes=True,
pefim=True,
)
self.verify_assertion(_resp.assertion.advice.assertion)
_resp = _server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=False,
encrypt_assertion_self_contained=True,
#encrypted_advice_attributes=True,
pefim=True
)
self.verify_assertion(_resp.assertion.advice.assertion)
_resp = _server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
encrypted_advice_attributes=False,
)
self.verify_assertion([_resp.assertion])示例4: TestSP
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
class TestSP():
def setup_class(self):
self.sp = make_plugin("rem", saml_conf="server_conf")
# Explicitly allow unsigned responses for this test
self.sp.saml_client.want_response_signed = False
self.server = Server(config_file="idp_conf")
def teardown_class(self):
self.server.close()
def test_setup(self):
assert self.sp
def test_identify(self):
# Create a SAMLResponse
ava = {"givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["[email protected]"], "title": ["The man"]}
resp_str = "%s" % self.server.create_authn_response(
ava, "id1", "http://lingon.catalogix.se:8087/",
"urn:mace:example.com:saml:roland:sp", trans_name_policy,
"[email protected]", authn=AUTHN)
resp_str = base64.encodestring(resp_str.encode('utf-8'))
self.sp.outstanding_queries = {"id1": "http://www.example.com/service"}
session_info = self.sp._eval_authn_response(
{}, {"SAMLResponse": [resp_str]})
assert len(session_info) > 1
assert session_info["came_from"] == 'http://www.example.com/service'
assert session_info["ava"] == {'givenName': ['Derek'],
'mail': ['[email protected]'],
'sn': ['Jeter'],
'title': ['The man']}示例5: test_enc1
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def test_enc1():
server = Server("idp_conf")
name_id = server.ident.transient_nameid(
"urn:mace:example.com:saml:roland:sp", "id12")
resp_ = server.create_authn_response(
IDENTITY, "id12", "http://lingon.catalogix.se:8087/",
"urn:mace:example.com:saml:roland:sp", name_id=name_id)
statement = pre_encrypt_assertion(resp_)
tmpl = "enc_tmpl.xml"
# tmpl_file = open(tmpl, "w")
# tmpl_file.write("%s" % pre_encryption_part())
# tmpl_file.close()
data = "pre_enc.xml"
# data_file = open(data, "w")
# data_file.write("%s" % statement)
# data_file.close()
key_type = "des-192"
com_list = [xmlsec_path, "encrypt", "--pubkey-cert-pem", "pubkey.pem",
"--session-key", key_type, "--xml-data", data,
"--node-xpath", ASSERT_XPATH]
crypto = CryptoBackendXmlSec1(xmlsec_path)
(_stdout, _stderr, output) = crypto._run_xmlsec(
com_list, [tmpl], exception=EncryptError, validate_output=False)
print output
assert _stderr == ""
assert _stdout == ""示例6: TestSP
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
class TestSP():
def setup_class(self):
self.sp = make_plugin("rem", saml_conf="server_conf")
self.server = Server(config_file="idp_conf")
def test_setup(self):
assert self.sp
def test_identify(self):
# Create a SAMLResponse
ava = { "givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["[email protected]"]}
resp_str = "%s" % self.server.create_authn_response(ava, "id1",
"http://lingon.catalogix.se:8087/",
"urn:mace:example.com:saml:roland:sp",
trans_name_policy,
"[email protected]")
resp_str = base64.encodestring(resp_str)
self.sp.outstanding_queries = {"id1":"http://www.example.com/service"}
session_info = self.sp._eval_authn_response({},{"SAMLResponse":resp_str})
assert len(session_info) > 1
assert session_info["came_from"] == 'http://www.example.com/service'
assert session_info["ava"] == {'givenName': ['Derek'],
'mail': ['[email protected]'],
'surName': ['Jeter']}示例7: test_reshuffle_response
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def test_reshuffle_response():
server = Server("idp_conf")
name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12")
resp_ = server.create_authn_response(
IDENTITY, "id12", "http://lingon.catalogix.se:8087/", "urn:mace:example.com:saml:roland:sp", name_id=name_id
)
resp2 = pre_encrypt_assertion(resp_)
print resp2
assert resp2.encrypted_assertion.extension_elements示例8: test_enc2
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def test_enc2():
crypto = CryptoBackendXmlSec1(xmlsec_path)
server = Server("idp_conf")
name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12")
resp_ = server.create_authn_response(
IDENTITY, "id12", "http://lingon.catalogix.se:8087/", "urn:mace:example.com:saml:roland:sp", name_id=name_id
)
enc_resp = crypto.encrypt_assertion(resp_, full_path("pubkey.pem"), pre_encryption_part())
print enc_resp
assert enc_resp示例9: test_flow
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def test_flow():
sp = Saml2Client(config_file="servera_conf")
idp1 = Server(config_file="idp_conf_mdb")
idp2 = Server(config_file="idp_conf_mdb")
# clean out database
idp1.ident.mdb.db.drop()
# -- dummy request ---
req_id, orig_req = sp.create_authn_request(idp1.config.entityid)
# == Create an AuthnRequest response
rinfo = idp1.response_args(orig_req, [BINDING_HTTP_POST])
# name_id = idp1.ident.transient_nameid("id12", rinfo["sp_entity_id"])
resp = idp1.create_authn_response(
{
"eduPersonEntitlement": "Short stop",
"surName": "Jeter",
"givenName": "Derek",
"mail": "[email protected]",
"title": "The man",
},
userid="jeter",
authn=AUTHN,
**rinfo
)
# What's stored away is the assertion
a_info = idp2.session_db.get_assertion(resp.assertion.id)
# Make sure what I got back from MongoDB is the same as I put in
assert a_info["assertion"] == resp.assertion
# By subject
nid = resp.assertion.subject.name_id
_assertion = idp2.session_db.get_assertions_by_subject(nid)
assert len(_assertion) == 1
assert _assertion[0] == resp.assertion
nids = idp2.ident.find_nameid("jeter")
assert len(nids) == 1示例10: test_encrypted_response_6
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def test_encrypted_response_6(self):
_server = Server("idp_conf_verify_cert")
cert_str_advice, cert_key_str_advice = generate_cert()
cert_str_assertion, cert_key_str_assertion = generate_cert()
_resp = _server.create_authn_response(
self.ava,
"id12", # in_response_to
"http://lingon.catalogix.se:8087/", # consumer_url
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=self.name_id,
sign_response=False,
sign_assertion=False,
encrypt_assertion=True,
encrypt_assertion_self_contained=True,
#encrypted_advice_attributes=True,
pefim=True,
encrypt_cert_advice=cert_str_advice,
encrypt_cert_assertion=cert_str_assertion
)
sresponse = response_from_string(_resp)
assert sresponse.signature is None
_, key_file = make_temp("%s" % cert_key_str_assertion, decode=False)
decr_text_1 = _server.sec.decrypt(_resp, key_file)
_, key_file = make_temp("%s" % cert_key_str_advice, decode=False)
decr_text_2 = _server.sec.decrypt(decr_text_1, key_file)
resp = samlp.response_from_string(decr_text_2)
resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp])
self.verify_advice_assertion(resp, decr_text_2)示例11: TestServer1
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
#.........这里部分代码省略.........
assert _eq(status.keyswv(), ["status_code", "status_message"])
assert status.status_message.text == 'Not destined for me!'
status_code = status.status_code
assert _eq(status_code.keyswv(), ["status_code", "value"])
assert status_code.value == samlp.STATUS_RESPONDER
assert status_code.status_code.value == samlp.STATUS_UNKNOWN_PRINCIPAL
def test_parse_ok_request(self):
req_id, authn_request = self.client.create_authn_request(
message_id="id1", destination="http://localhost:8088/sso")
print(authn_request)
binding = BINDING_HTTP_REDIRECT
htargs = self.client.apply_binding(binding, "%s" % authn_request,
"http://www.example.com", "abcd")
_dict = parse_qs(htargs["headers"][0][1].split('?')[1])
print(_dict)
req = self.server.parse_authn_request(_dict["SAMLRequest"][0], binding)
# returns a dictionary
print(req)
resp_args = self.server.response_args(req.message, [BINDING_HTTP_POST])
assert resp_args["destination"] == "http://lingon.catalogix.se:8087/"
assert resp_args["in_response_to"] == "id1"
name_id_policy = resp_args["name_id_policy"]
assert _eq(name_id_policy.keyswv(), ["format", "allow_create"])
assert name_id_policy.format == saml.NAMEID_FORMAT_TRANSIENT
assert resp_args[
"sp_entity_id"] == "urn:mace:example.com:saml:roland:sp"
def test_sso_response_with_identity(self):
name_id = self.server.ident.transient_nameid(
"https://example.com/sp", "id12")
resp = self.server.create_authn_response(
{
"eduPersonEntitlement": "Short stop",
"sn": "Jeter",
"givenName": "Derek",
"mail": "[email protected]",
"title": "The man"
},
"id12", # in_response_to
"http://localhost:8087/", # destination
"https://example.com/sp", # sp_entity_id
name_id=name_id,
authn=AUTHN
)
print(resp.keyswv())
assert _eq(resp.keyswv(), ['status', 'destination', 'assertion',
'in_response_to', 'issue_instant',
'version', 'id', 'issuer'])
assert resp.destination == "http://localhost:8087/"
assert resp.in_response_to == "id12"
assert resp.status
assert resp.status.status_code.value == samlp.STATUS_SUCCESS
assert resp.assertion
assertion = resp.assertion
print(assertion)
assert assertion.authn_statement
assert assertion.conditions
assert assertion.attribute_statement
attribute_statement = assertion.attribute_statement
print(attribute_statement)
assert len(attribute_statement[0].attribute) == 4
# Pick out one attribute示例12: test_artifact_flow
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
def test_artifact_flow():
#SP = 'urn:mace:example.com:saml:roland:sp'
sp = Saml2Client(config_file="servera_conf")
idp = Server(config_file="idp_all_conf")
# original request
binding, destination = sp.pick_binding("single_sign_on_service",
entity_id=idp.config.entityid)
relay_state = "RS0"
req = sp.create_authn_request(destination, id="id1")
artifact = sp.use_artifact(req, 1)
binding, destination = sp.pick_binding("single_sign_on_service",
[BINDING_HTTP_ARTIFACT],
entity_id=idp.config.entityid)
hinfo = sp.apply_binding(binding, "%s" % artifact, destination, relay_state)
# ========== @IDP ============
artifact2 = get_msg(hinfo, binding)
assert artifact == artifact2
# The IDP now wants to replace the artifact with the real request
destination = idp.artifact2destination(artifact2, "spsso")
msg = idp.create_artifact_resolve(artifact2, destination, sid())
hinfo = idp.use_soap(msg, destination, None, False)
# ======== @SP ==========
msg = get_msg(hinfo, BINDING_SOAP)
ar = sp.parse_artifact_resolve(msg)
assert ar.artifact.text == artifact
# The SP picks the request out of the repository with the artifact as the key
oreq = sp.artifact[ar.artifact.text]
# Should be the same as req above
# Returns the information over the existing SOAP connection so
# no transport information needed
msg = sp.create_artifact_response(ar, ar.artifact.text)
hinfo = sp.use_soap(msg, destination)
# ========== @IDP ============
msg = get_msg(hinfo, BINDING_SOAP)
# The IDP untangles the request from the artifact resolve response
spreq = idp.parse_artifact_resolve_response(msg)
# should be the same as req above
assert spreq.id == req.id
# That was one way, the Request from the SP
# ---------------------------------------------#
# Now for the other, the response from the IDP
name_id = idp.ident.transient_nameid(sp.config.entityid, "derek")
resp_args = idp.response_args(spreq, [BINDING_HTTP_POST])
response = idp.create_authn_response({"eduPersonEntitlement": "Short stop",
"surName": "Jeter", "givenName": "Derek",
"mail": "[email protected]",
"title": "The man"},
name_id=name_id,
authn=AUTHN,
**resp_args)
print response
# with the response in hand create an artifact
artifact = idp.use_artifact(response, 1)
binding, destination = sp.pick_binding("single_sign_on_service",
[BINDING_HTTP_ARTIFACT],
entity_id=idp.config.entityid)
hinfo = sp.apply_binding(binding, "%s" % artifact, destination, relay_state,
response=True)
# ========== SP =========
artifact3 = get_msg(hinfo, binding)
assert artifact == artifact3
destination = sp.artifact2destination(artifact3, "idpsso")
#.........这里部分代码省略.........
示例13: setup_class
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
#.........这里部分代码省略.........
"http://www.example.com/sso", sign=True, message_id="id1")
if isinstance(a_req, bytes):
ar_str = a_req
else:
ar_str = a_req.to_string()
ar = samlp.authn_request_from_string(ar_str)
assert ar
assert ar.signature
assert ar.signature.signature_value
signed_info = ar.signature.signed_info
#print signed_info
assert len(signed_info.reference) == 1
assert signed_info.reference[0].uri == "#id1"
assert signed_info.reference[0].digest_value
print("------------------------------------------------")
try:
assert self.client.sec.correctly_signed_authn_request(
ar_str, self.client.config.xmlsec_binary,
self.client.config.metadata)
except Exception: # missing certificate
self.client.sec.verify_signature(ar_str, node_name=class_name(ar))
def test_response(self):
IDP = "urn:mace:example.com:saml:roland:idp"
ava = {"givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["[email protected]"], "title": ["The man"]}
nameid_policy = samlp.NameIDPolicy(allow_create="false",
format=saml.NAMEID_FORMAT_PERSISTENT)
resp = self.server.create_authn_response(
identity=ava,
in_response_to="id1",
destination="http://lingon.catalogix.se:8087/",
sp_entity_id="urn:mace:example.com:saml:roland:sp",
name_id_policy=nameid_policy,
userid="[email protected]",
authn=AUTHN)
resp_str = "%s" % resp
resp_str = base64.encodebytes(resp_str.encode("utf8"))
authn_response = self.client.parse_authn_request_response(
resp_str, BINDING_HTTP_POST,
{"id1": "http://foo.example.com/service"})
assert authn_response is not None
assert authn_response.issuer() == IDP
assert authn_response.response.assertion[0].issuer.text == IDP
session_info = authn_response.session_info()
print(session_info)
assert session_info["ava"] == {'mail': ['[email protected]'],
'givenName': ['Derek'],
'sn': ['Jeter'],
'title': ["The man"]}
assert session_info["issuer"] == IDP
assert session_info["came_from"] == "http://foo.example.com/service"
response = samlp.response_from_string(authn_response.xmlstr)
assert response.destination == "http://lingon.catalogix.se:8087/"
# One person in the cache示例14: TestServer1
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
#.........这里部分代码省略.........
print(status)
assert _eq(status.keyswv(), ["status_code", "status_message"])
assert status.status_message.text == 'Not destined for me!'
status_code = status.status_code
assert _eq(status_code.keyswv(), ["status_code", "value"])
assert status_code.value == samlp.STATUS_RESPONDER
assert status_code.status_code.value == samlp.STATUS_UNKNOWN_PRINCIPAL
def test_parse_ok_request(self):
req_id, authn_request = self.client.create_authn_request(
message_id="id1", destination="http://localhost:8088/sso")
print(authn_request)
binding = BINDING_HTTP_REDIRECT
htargs = self.client.apply_binding(binding, "%s" % authn_request,
"http://www.example.com", "abcd")
_dict = parse_qs(htargs["headers"][0][1].split('?')[1])
print(_dict)
req = self.server.parse_authn_request(_dict["SAMLRequest"][0], binding)
# returns a dictionary
print(req)
resp_args = self.server.response_args(req.message, [BINDING_HTTP_POST])
assert resp_args["destination"] == "http://lingon.catalogix.se:8087/"
assert resp_args["in_response_to"] == "id1"
name_id_policy = resp_args["name_id_policy"]
assert _eq(name_id_policy.keyswv(), ["format", "allow_create"])
assert name_id_policy.format == saml.NAMEID_FORMAT_TRANSIENT
assert resp_args["sp_entity_id"] == "urn:mace:example.com:saml:roland:sp"
def test_sso_response_with_identity(self):
name_id = self.server.ident.transient_nameid(
"urn:mace:example.com:saml:roland:sp", "id12")
resp = self.server.create_authn_response(
{
"eduPersonEntitlement": "Short stop",
"surName": "Jeter",
"givenName": "Derek",
"mail": "[email protected]",
"title": "The man"
},
"id12", # in_response_to
"http://localhost:8087/", # destination
"urn:mace:example.com:saml:roland:sp", # sp_entity_id
name_id=name_id,
authn=AUTHN
)
print((resp.keyswv()))
assert _eq(resp.keyswv(), ['status', 'destination', 'assertion',
'in_response_to', 'issue_instant',
'version', 'id', 'issuer'])
assert resp.destination == "http://localhost:8087/"
assert resp.in_response_to == "id12"
assert resp.status
assert resp.status.status_code.value == samlp.STATUS_SUCCESS
assert resp.assertion
assert resp.assertion
assertion = resp.assertion
print(assertion)
assert assertion.authn_statement
assert assertion.conditions
assert assertion.attribute_statement
attribute_statement = assertion.attribute_statement
print(attribute_statement)
assert len(attribute_statement[0].attribute) == 5示例15: SamlIDP
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import create_authn_response [as 别名]
#.........这里部分代码省略.........
val = getattr(_authn_req, key)
except AttributeError:
pass
else:
if val is not None:
req_args[key] = val
return {"resp_args": resp_args, "response": _resp,
"authn_req": _authn_req, "req_args": req_args}
def handle_authn_request(self, binding_in):
"""
Deal with an authentication request
:param binding_in: Which binding was used when receiving the query
:return: A response if an error occurred or session information in a
dictionary
"""
_request = self.unpack(binding_in)
_binding_in = service.INV_BINDING_MAP[binding_in]
try:
_dict = self.verify_request(_request["SAMLRequest"], _binding_in)
except UnknownPrincipal as excp:
logger.error("UnknownPrincipal: %s" % (excp,))
resp = ServiceError("UnknownPrincipal: %s" % (excp,))
return resp(self.environ, self.start_response)
except UnsupportedBinding as excp:
logger.error("UnsupportedBinding: %s" % (excp,))
resp = ServiceError("UnsupportedBinding: %s" % (excp,))
return resp(self.environ, self.start_response)
_binding = _dict["resp_args"]["binding"]
if _dict["response"]: # An error response.
http_args = self.idp.apply_binding(
_binding, "%s" % _dict["response"],
_dict["resp_args"]["destination"],
_request["RelayState"], response=True)
logger.debug("HTTPargs: %s" % http_args)
return self.response(_binding, http_args)
else:
return self.incoming(_dict, self.environ, self.start_response,
_request["RelayState"])
def construct_authn_response(self, identity, name_id, authn, resp_args,
relay_state, sign_response=True):
"""
:param identity:
:param name_id:
:param authn:
:param resp_args:
:param relay_state:
:param sign_response:
:return:
"""
_resp = self.idp.create_authn_response(identity, name_id=name_id,
authn=authn,
sign_response=sign_response,
**resp_args)
http_args = self.idp.apply_binding(
resp_args["binding"], "%s" % _resp, resp_args["destination"],
relay_state, response=True)
logger.debug("HTTPargs: %s" % http_args)
resp = None
if http_args["data"]:
resp = Response(http_args["data"], headers=http_args["headers"])
else:
for header in http_args["headers"]:
if header[0] == "Location":
resp = Redirect(header[1])
if not resp:
resp = ServiceError("Don't know how to return response")
return resp(self.environ, self.start_response)
def register_endpoints(self):
"""
Given the configuration, return a set of URL to function mappings.
"""
url_map = []
idp_endpoints = self.idp.config.getattr("endpoints", "idp")
for endp, binding in idp_endpoints["single_sign_on_service"]:
p = urlparse(endp)
url_map.append(("^%s/(.*)$" % p.path[1:],
("IDP", "handle_authn_request",
service.BINDING_MAP[binding])))
url_map.append(("^%s$" % p.path[1:],
("IDP", "handle_authn_request",
service.BINDING_MAP[binding])))
return url_map