本文整理汇总了Python中saml2.server.Server.pick_binding方法的典型用法代码示例。如果您正苦于以下问题:Python Server.pick_binding方法的具体用法?Python Server.pick_binding怎么用?Python Server.pick_binding使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类saml2.server.Server的用法示例。
在下文中一共展示了Server.pick_binding方法的9个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的Python代码示例。
示例1: test_1
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
def test_1(self):
server = Server("idp_slo_redirect_conf")
req_id, request = _logout_request("sp_slo_redirect_conf")
print(request)
bindings = [BINDING_HTTP_REDIRECT]
response = server.create_logout_response(request, bindings)
binding, destination = server.pick_binding("single_logout_service",
bindings, "spsso",
request)
http_args = server.apply_binding(binding, "%s" % response, destination,
"relay_state", response=True)
assert len(http_args) == 4
assert http_args["headers"][0][0] == "Location"
assert http_args["data"] == []示例2: test_flow
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
def test_flow():
sp = Saml2Client(config_file="servera_conf")
idp = Server(config_file="idp_all_conf")
binding, destination = sp.pick_binding("manage_name_id_service",
entity_id=idp.config.entityid)
nameid = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar")
newid = NewID(text="Barfoo")
mid, midq = sp.create_manage_name_id_request(destination, name_id=nameid,
new_id=newid)
print midq
rargs = sp.apply_binding(binding, "%s" % midq, destination, "")
# --------- @IDP --------------
_req = idp.parse_manage_name_id_request(rargs["data"], binding)
print _req.message
mnir = idp.create_manage_name_id_response(_req.message, [binding])
if binding != BINDING_SOAP:
binding, destination = idp.pick_binding("manage_name_id_service",
entity_id=sp.config.entityid)
else:
destination = ""
respargs = idp.apply_binding(binding, "%s" % mnir, destination, "")
print respargs
# ---------- @SP ---------------
_response = sp.parse_manage_name_id_request_response(respargs["data"],
binding)
print _response.response
assert _response.response.id == mnir.id示例3: test_handle_logout_soap
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
def test_handle_logout_soap():
sp = Saml2Client(config_file="servera_conf")
idp = Server(config_file="idp_all_conf")
policy = NameIDPolicy(format=NAMEID_FORMAT_TRANSIENT,
sp_name_qualifier=sp.config.entityid,
allow_create="true")
name_id = idp.ident.construct_nameid("subject", name_id_policy=policy)
binding, destination = idp.pick_binding("single_logout_service",
[BINDING_SOAP],
entity_id=sp.config.entityid)
rid, request = idp.create_logout_request(destination, idp.config.entityid,
name_id=name_id)
args = idp.apply_binding(BINDING_SOAP, "%s" % request, destination)
# register the user
session_info = {
"name_id": name_id, "issuer": idp.config.entityid,
"not_on_or_after": in_a_while(minutes=15),
"ava": {
"givenName": "Anders",
"surName": "Andersson",
"mail": "[email protected]"
}
}
sp.users.add_information_about_person(session_info)
reply_args = sp.handle_logout_request(args["data"], name_id, binding,
sign=False)
print(reply_args)
assert reply_args["method"] == "POST"
assert reply_args["headers"] == [('content-type', 'application/soap+xml')]
#if __name__ == "__main__":
# test_handle_logout_soap()示例4: test_artifact_flow
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
def test_artifact_flow():
#SP = 'urn:mace:example.com:saml:roland:sp'
sp = Saml2Client(config_file="servera_conf")
idp = Server(config_file="idp_all_conf")
# original request
binding, destination = sp.pick_binding("single_sign_on_service",
entity_id=idp.config.entityid)
relay_state = "RS0"
req = sp.create_authn_request(destination, id="id1")
artifact = sp.use_artifact(req, 1)
binding, destination = sp.pick_binding("single_sign_on_service",
[BINDING_HTTP_ARTIFACT],
entity_id=idp.config.entityid)
hinfo = sp.apply_binding(binding, "%s" % artifact, destination, relay_state)
# ========== @IDP ============
artifact2 = get_msg(hinfo, binding)
assert artifact == artifact2
# The IDP now wants to replace the artifact with the real request
destination = idp.artifact2destination(artifact2, "spsso")
msg = idp.create_artifact_resolve(artifact2, destination, sid())
hinfo = idp.use_soap(msg, destination, None, False)
# ======== @SP ==========
msg = get_msg(hinfo, BINDING_SOAP)
ar = sp.parse_artifact_resolve(msg)
assert ar.artifact.text == artifact
# The SP picks the request out of the repository with the artifact as the key
oreq = sp.artifact[ar.artifact.text]
# Should be the same as req above
# Returns the information over the existing SOAP connection so
# no transport information needed
msg = sp.create_artifact_response(ar, ar.artifact.text)
hinfo = sp.use_soap(msg, destination)
# ========== @IDP ============
msg = get_msg(hinfo, BINDING_SOAP)
# The IDP untangles the request from the artifact resolve response
spreq = idp.parse_artifact_resolve_response(msg)
# should be the same as req above
assert spreq.id == req.id
# That was one way, the Request from the SP
# ---------------------------------------------#
# Now for the other, the response from the IDP
name_id = idp.ident.transient_nameid(sp.config.entityid, "derek")
resp_args = idp.response_args(spreq, [BINDING_HTTP_POST])
response = idp.create_authn_response({"eduPersonEntitlement": "Short stop",
"surName": "Jeter", "givenName": "Derek",
"mail": "[email protected]",
"title": "The man"},
name_id=name_id,
authn=AUTHN,
**resp_args)
print response
# with the response in hand create an artifact
artifact = idp.use_artifact(response, 1)
binding, destination = sp.pick_binding("single_sign_on_service",
[BINDING_HTTP_ARTIFACT],
entity_id=idp.config.entityid)
hinfo = sp.apply_binding(binding, "%s" % artifact, destination, relay_state,
response=True)
# ========== SP =========
artifact3 = get_msg(hinfo, binding)
assert artifact == artifact3
destination = sp.artifact2destination(artifact3, "idpsso")
#.........这里部分代码省略.........
示例5: SamlIDP
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
class SamlIDP(service.Service):
def __init__(self, environ, start_response, conf, cache, incoming):
"""
Constructor for the class.
:param environ: WSGI environ
:param start_response: WSGI start response function
:param conf: The SAML configuration
:param cache: Cache with active sessions
"""
service.Service.__init__(self, environ, start_response)
self.response_bindings = None
self.idp = Server(config=conf, cache=cache)
self.incoming = incoming
def verify_request(self, query, binding):
""" Parses and verifies the SAML Authentication Request
:param query: The SAML authn request, transport encoded
:param binding: Which binding the query came in over
:returns: dictionary
"""
if not query:
logger.info("Missing QUERY")
resp = Unauthorized('Unknown user')
return {"response": resp(self.environ, self.start_response)}
req_info = self.idp.parse_authn_request(query, binding)
logger.info("parsed OK")
_authn_req = req_info.message
logger.debug("%s" % _authn_req)
# Check that I know where to send the reply to.
try:
binding_out, destination = self.idp.pick_binding(
"assertion_consumer_service",
bindings=self.response_bindings,
entity_id=_authn_req.issuer.text, request=_authn_req)
except Exception as err:
logger.error("Couldn't find receiver endpoint: %s" % err)
raise
logger.debug("Binding: %s, destination: %s" % (binding_out,
destination))
resp_args = {}
try:
resp_args = self.idp.response_args(_authn_req)
_resp = None
except UnknownPrincipal as excp:
_resp = self.idp.create_error_response(_authn_req.id,
destination, excp)
except UnsupportedBinding as excp:
_resp = self.idp.create_error_response(_authn_req.id,
destination, excp)
req_args = {}
for key in ["subject", "name_id_policy", "conditions",
"requested_authn_context", "scoping", "force_authn",
"is_passive"]:
try:
val = getattr(_authn_req, key)
except AttributeError:
pass
else:
if val is not None:
req_args[key] = val
return {"resp_args": resp_args, "response": _resp,
"authn_req": _authn_req, "req_args": req_args}
def handle_authn_request(self, binding_in):
"""
Deal with an authentication request
:param binding_in: Which binding was used when receiving the query
:return: A response if an error occurred or session information in a
dictionary
"""
_request = self.unpack(binding_in)
_binding_in = service.INV_BINDING_MAP[binding_in]
try:
_dict = self.verify_request(_request["SAMLRequest"], _binding_in)
except UnknownPrincipal as excp:
logger.error("UnknownPrincipal: %s" % (excp,))
resp = ServiceError("UnknownPrincipal: %s" % (excp,))
return resp(self.environ, self.start_response)
except UnsupportedBinding as excp:
logger.error("UnsupportedBinding: %s" % (excp,))
resp = ServiceError("UnsupportedBinding: %s" % (excp,))
return resp(self.environ, self.start_response)
_binding = _dict["resp_args"]["binding"]
if _dict["response"]: # An error response.
http_args = self.idp.apply_binding(
_binding, "%s" % _dict["response"],
_dict["resp_args"]["destination"],
#.........这里部分代码省略.........
示例6: test_complete_flow
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
def test_complete_flow():
client = ecp_client.Client("user", "password",
metadata_file=full_path("idp_all.xml"))
sp = Saml2Client(config_file=dotname("servera_conf"))
idp = Server(config_file=dotname("idp_all_conf"))
IDP_ENTITY_ID = idp.config.entityid
#SP_ENTITY_ID = sp.config.entityid
# ------------ @Client -----------------------------
headers = client.add_paos_headers([])
assert len(headers) == 2
# ------------ @SP -----------------------------
response = DummyResponse(set_list2dict(headers))
assert sp.can_handle_ecp_response(response)
sid, message = sp.create_ecp_authn_request(IDP_ENTITY_ID, relay_state="XYZ")
# ------------ @Client -----------------------------
respdict = client.parse_soap_message(message)
cargs = client.parse_sp_ecp_response(respdict)
assert isinstance(respdict["body"], AuthnRequest)
assert len(respdict["header"]) == 2
item0 = respdict["header"][0]
assert isinstance(item0, Request) or isinstance(item0, RelayState)
destination = respdict["body"].destination
ht_args = client.apply_binding(BINDING_SOAP, respdict["body"], destination)
# Time to send to the IDP
# ----------- @IDP -------------------------------
req = idp.parse_authn_request(ht_args["data"], BINDING_SOAP)
assert isinstance(req.message, AuthnRequest)
# create Response and return in the SOAP response
sp_entity_id = req.sender()
name_id = idp.ident.transient_nameid( "id12", sp.config.entityid)
binding, destination = idp.pick_binding("assertion_consumer_service",
[BINDING_PAOS],
entity_id=sp_entity_id)
resp = idp.create_ecp_authn_request_response(
destination, {"eduPersonEntitlement": "Short stop",
"surName": "Jeter",
"givenName": "Derek",
"mail": "[email protected]",
"title": "The man"
},
req.message.id, destination, sp_entity_id,
name_id=name_id, authn=AUTHN)
# ------------ @Client -----------------------------
# The client got the response from the IDP repackage and send it to the SP
respdict = client.parse_soap_message(resp)
idp_response = respdict["body"]
assert isinstance(idp_response, Response)
assert len(respdict["header"]) == 1
_ecp_response = None
for item in respdict["header"]:
if item.c_tag == "Response" and item.c_namespace == ecp_prof.NAMESPACE:
_ecp_response = item
#_acs_url = _ecp_response.assertion_consumer_service_url
# done phase2 at the client
ht_args = client.use_soap(idp_response, cargs["rc_url"],
[cargs["relay_state"]])
print ht_args
# ------------ @SP -----------------------------
respdict = sp.unpack_soap_message(ht_args["data"])
# verify the relay_state
for header in respdict["header"]:
inst = create_class_from_xml_string(RelayState, header)
if isinstance(inst, RelayState):
assert inst.text == "XYZ"
# parse the response
#.........这里部分代码省略.........
示例7: test_flow
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
def test_flow():
sp = Saml2Client(config_file="servera_conf")
idp = Server(config_file="idp_all_conf")
relay_state = "FOO"
# -- dummy request ---
orig_req = AuthnRequest(
issuer=sp._issuer(),
name_id_policy=NameIDPolicy(allow_create="true",
format=NAMEID_FORMAT_TRANSIENT))
# == Create an AuthnRequest response
name_id = idp.ident.transient_nameid(sp.config.entityid, "id12")
binding, destination = idp.pick_binding("assertion_consumer_service",
entity_id=sp.config.entityid)
resp = idp.create_authn_response({"eduPersonEntitlement": "Short stop",
"surName": "Jeter",
"givenName": "Derek",
"mail": "[email protected]",
"title": "The man"},
"id-123456789",
destination,
sp.config.entityid,
name_id=name_id,
authn=AUTHN)
hinfo = idp.apply_binding(binding, "%s" % resp, destination, relay_state)
# ------- @SP ----------
xmlstr = get_msg(hinfo, binding)
aresp = sp.parse_authn_request_response(xmlstr, binding,
{resp.in_response_to: "/"})
binding, destination = sp.pick_binding("authn_query_service",
entity_id=idp.config.entityid)
authn_context = requested_authn_context(INTERNETPROTOCOLPASSWORD)
subject = aresp.assertion.subject
aq = sp.create_authn_query(subject, destination, authn_context)
print aq
assert isinstance(aq, AuthnQuery)
binding = BINDING_SOAP
hinfo = sp.apply_binding(binding, "%s" % aq, destination, "state2")
# -------- @IDP ----------
xmlstr = get_msg(hinfo, binding)
pm = idp.parse_authn_query(xmlstr, binding)
msg = pm.message
assert msg.id == aq.id
p_res = idp.create_authn_query_response(msg.subject, msg.session_index,
msg.requested_authn_context)
print p_res
hinfo = idp.apply_binding(binding, "%s" % p_res, "", "state2",
response=True)
# ------- @SP ----------
xmlstr = get_msg(hinfo, binding)
final = sp.parse_authn_query_response(xmlstr, binding)
print final
assert final.response.id == p_res.id示例8: SamlIDP
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
class SamlIDP(service.Service):
def __init__(self, environ, start_response, conf, cache, incomming, tid1_to_tid2, tid2_to_tid1,
encmsg_to_iv, tid_handler, force_persistant_nameid, force_no_userid_subject_cacheing, idp=None):
"""
Constructor for the class.
:param environ: WSGI environ
:param start_response: WSGI start response function
:param conf: The SAML configuration
:param cache: Cache with active sessions
"""
service.Service.__init__(self, environ, start_response)
self.response_bindings = None
if idp is None:
self.idp = Server(config=conf, cache=cache)
else:
self.idp = idp
self.incomming = incomming
self.tid1_to_tid2 = tid1_to_tid2
self.tid2_to_tid1 = tid2_to_tid1
self.encmsg_to_iv = encmsg_to_iv
self.tid_handler = tid_handler
self.force_persistant_nameid = force_persistant_nameid
self.force_no_userid_subject_cacheing = force_no_userid_subject_cacheing
def verify_request(self, query, binding):
""" Parses and verifies the SAML Authentication Request
:param query: The SAML authn request, transport encoded
:param binding: Which binding the query came in over
:returns: dictionary
"""
if not query:
logger.info("Missing QUERY")
resp = Unauthorized('Unknown user')
return {"response": resp}
req_info = self.idp.parse_authn_request(query, binding)
encrypt_cert = encrypt_cert_from_item(req_info.message)
logger.info("parsed OK")
_authn_req = req_info.message
logger.debug("%s" % _authn_req)
# Check that I know where to send the reply to
try:
binding_out, destination = self.idp.pick_binding(
"assertion_consumer_service",
bindings=self.response_bindings,
entity_id=_authn_req.issuer.text, request=_authn_req)
except Exception as err:
logger.error("Couldn't find receiver endpoint: %s" % err)
raise
logger.debug("Binding: %s, destination: %s" % (binding_out,
destination))
resp_args = {}
try:
resp_args = self.idp.response_args(_authn_req)
_resp = None
except UnknownPrincipal as excp:
_resp = self.idp.create_error_response(_authn_req.id,
destination, excp)
except UnsupportedBinding as excp:
_resp = self.idp.create_error_response(_authn_req.id,
destination, excp)
req_args = {}
for key in ["subject", "name_id_policy", "conditions",
"requested_authn_context", "scoping", "force_authn",
"is_passive"]:
try:
val = getattr(_authn_req, key)
except AttributeError:
pass
else:
if val is not None:
req_args[key] = val
return {"resp_args": resp_args, "response": _resp,
"authn_req": _authn_req, "req_args": req_args, "encrypt_cert": encrypt_cert}
def handle_authn_request(self, binding_in):
"""
Deal with an authentication request
:param binding_in: Which binding was used when receiving the query
:return: A response if an error occurred or session information in a
dictionary
"""
_request = self.unpack(binding_in)
_binding_in = service.INV_BINDING_MAP[binding_in]
try:
_dict = self.verify_request(_request["SAMLRequest"], _binding_in)
except UnknownPrincipal as excp:
logger.error("UnknownPrincipal: %s" % (excp,))
resp = ServiceError("UnknownPrincipal: %s" % (excp,))
#.........这里部分代码省略.........
示例9: test_basic_flow
# 需要导入模块: from saml2.server import Server [as 别名]
# 或者: from saml2.server.Server import pick_binding [as 别名]
def test_basic_flow():
sp = Saml2Client(config_file="servera_conf")
idp = Server(config_file="idp_all_conf")
# -------- @IDP -------------
relay_state = "FOO"
# -- dummy request ---
orig_req = AuthnRequest(
issuer=sp._issuer(), name_id_policy=NameIDPolicy(
allow_create="true", format=NAMEID_FORMAT_TRANSIENT))
# == Create an AuthnRequest response
name_id = idp.ident.transient_nameid("id12", sp.config.entityid)
binding, destination = idp.pick_binding("assertion_consumer_service",
entity_id=sp.config.entityid)
resp = idp.create_authn_response({"eduPersonEntitlement": "Short stop",
"surName": "Jeter",
"givenName": "Derek",
"mail": "[email protected]",
"title": "The man"},
"id-123456789",
destination,
sp.config.entityid,
name_id=name_id,
authn=AUTHN)
hinfo = idp.apply_binding(binding, "%s" % resp, destination, relay_state)
# --------- @SP -------------
xmlstr = get_msg(hinfo, binding)
aresp = sp.parse_authn_request_response(xmlstr, binding,
{resp.in_response_to: "/"})
# == Look for assertion X
asid = aresp.assertion.id
binding, destination = sp.pick_binding("assertion_id_request_service",
entity_id=idp.config.entityid)
hinfo = sp.apply_binding(binding, asid, destination)
# ---------- @IDP ------------
aid = get_msg(hinfo, binding, response=False)
# == construct response
resp = idp.create_assertion_id_request_response(aid)
hinfo = idp.apply_binding(binding, "%s" % resp, None, "", response=True)
# ----------- @SP -------------
xmlstr = get_msg(hinfo, binding, response=True)
final = sp.parse_assertion_id_request_response(xmlstr, binding)
print((final.response))
assert isinstance(final.response, Assertion)