diff --git a/.editorconfig b/.editorconfig index a1e1486a1..b738a9ea8 100644 --- a/.editorconfig +++ b/.editorconfig @@ -8,17 +8,8 @@ tab_width = 4 end_of_line = lf insert_final_newline = true trim_trailing_whitespace = true -max_line_length = 88 +max_line_length = 120 -[*.y{a,}ml] +[{*.y{a,}ml,*.html,*.xhtml,*.xml,*.xsd}] indent_size = 2 tab_width = 2 - -[*.html] -indent_style = tab - -[*.js] -indent_style = tab - -[*.css] -indent_style = tab diff --git a/.github/issue_template.md b/.github/issue_template.md index 58967f57a..b76ed50a8 100644 --- a/.github/issue_template.md +++ b/.github/issue_template.md @@ -1,20 +1,22 @@ - + -## Code Version +### Code Version -## Expected Behavior - +### Expected Behavior + -## Current Behavior - +### Current Behavior + -## Possible Solution - +### Possible Solution + + +### Steps to Reproduce + + + -## Steps to Reproduce - - 1. 2. 3. diff --git a/.github/pull_request_template.md b/.github/pull_request_template.md index 94be46df7..4172386c2 100644 --- a/.github/pull_request_template.md +++ b/.github/pull_request_template.md @@ -1,11 +1,20 @@ -### All Submissions: +### Description -* [ ] Have you checked to ensure there aren't other open [Pull Requests](../../pulls) for the same update/change? -* [ ] Have you added an explanation of what problem you are trying to solve with this PR? -* [ ] Have you added information on what your changes do and why you chose this as your solution? -* [ ] Have you written new tests for your changes? -* [ ] Does your submission pass tests? -* [ ] This project follows PEP8 style guide. Have you run your code against the 'flake8' linter? +##### The feature or problem addressed by this PR + + + +##### What your changes do and why you chose this solution + + + + +### Checklist + +* [ ] Checked that no other issues or pull requests exist for the same issue/change +* [ ] Added tests covering the new functionality +* [ ] Updated documentation OR the change is too minor to be documented +* [ ] Updated CHANGELOG.md OR changes are insignificant diff --git a/CHANGELOG.md b/CHANGELOG.md index bf6a0dcb5..9ef7fed65 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,139 @@ # Changelog +## v7.5.4 (2025-10-07) + +- Minor refactor to handle `shelve.open` and `dbm` errors +- Remove import of deprecated `cgi` module +- Replace deprecated `datetime.utcnow()` by `datetime.now(timezone.utc)` +- deps: Remove the `importlib_metadata` dependency +- deps: Remove the `importlib_resources` dependency +- deps: Update dependency versions and lockfile +- build: Update pyproject and lockfile to be compatible with PEP 621 +- docs: Correct spelling mistakes +- docs: Fix interal references/links +- docs: Clarify units for accepted_time_diff config param +- docs: Correct documentation for contact_person + + +## 7.5.3 (2025-10-04) + +- #973 Fix prepare_for_negotiated_authenticate to avoid double signing redirect requests + + +## 7.5.2 (2025-02-10) + +- Include the XSD of the XML Encryption Syntax and Processing Version 1.1 to the schema validator + + +## 7.5.1 (2025-02-10) + +- deps: restrict pyOpenSSL up to v24.2.1 until it is replaced +- deps: update dependencies for the lockfile and examples + + +## 7.5.0 (2024-01-30) + +- Fix missing requested attributes from the ACS +- Add support for errorURL to be exposed in metadata for IdP +- Update logged message when the signature validation on the assertion fails +- Replace imp with importlib +- deps: restrict xmlschema version +- deps: remove utility from packaging +- examples: update code and README to align with latest code +- docs: update readme with info about xmlsec1 compatibility + + +## 7.4.2 (2023-06-11) + +- Add support for xmlsec1 1.3.x +- Use the set crypto_backend when creating the entity metadata + + +## 7.4.1 (2023-02-24) + +- Fix subject-id requirements processing + + +## 7.4.0 (2023-02-14) + +- Ensure the ID of each Signature element is unique when signing an encrypted assertion +- Bump Python to 3.9 +- dev: Add mypy configuration and type stubs +- tests: move tox.ini config into pyproject.toml +- docs: Update release instructions + + +## 7.3.0 (2023-02-14) + +- During metadata generation, render extensions both for EntityDescriptor and IdPSSODescriptor +- Fix compatibility with certain SAML implementation that inflate messages on the POST binding +- Update the SWAMID entity category requirements +- Fix check for NameID when it originates from an encrypted assertion +- Add support for pymongo `>=3.5` and `<5` +- Update README with supported specifications +- Remove dependency on the six package +- Cleanup unused imports and pythonisms for Python versions older than 3.6 +- Convert README to markdown +- Introduce flake8 to check for issues +- Use black and isort to manage formatting and imports +- Use poetry to manage the project dependencies, packaging and versions +- Fix whitespace typos on the eIDAS schemas +- Try different logout bindings on the saml2.client level +- Add the mailLocalAddress attribute as part of the saml and shib uri name format bundles +- Add the isMemberOf attribute as part of the basic attribute format bundle + + +## 7.2.1 (2022-08-23) + +- Accept and forward sign and digest alg information when creating a metadata string +- Fix tests to comply with latest xmlschema + + +## 7.2.0 (2022-08-10) + +- Add schemas for eIDAS extensions, elements and attributes +- Add the voPerson v2 attributes mappings; see [reference](https://github.com/voperson/voperson/tree/2.0.0) +- Add the `registration_info_typ` method on `saml2.mdstore.MetadataStore` to get the registration information from an `EntityDescriptor` services +- Allow exceptions to convey the SAML `StatusCode` in an error response +- Fix typo on method name under `saml2.mdstore.MetadataStore`; from `sbibmd_scopes` to `shibmd_scopes` +- Add partial support for `xs:date` `AttributeValue` type +- Fallback to `xs:string` as the type of the `AttributeValue` text node +- Fallback to the authn context class declaration to set the authn context class reference +- Αdd configuration option `http_client_timeout` to set a timeout on the HTTP calls by the httpbase module +- Load certificates using cryptography and support certificate chains +- Remove deprecated cryptography backend param +- Fix assertion policy filter: Fallback to match a known attribute or return its name +- examples: Allow multiple attributes to be returned by the idp +- tests: Minor cleanups +- docs: Reference python2 compatible fork +- misc: add pepy badges on the README file + + +## 7.1.2 (2022-03-04) + +- fix assertion policy filter to try to resolve the local_name using the friendly name if it failed with the name_format +- reload metadata in-place to avoid memory leak +- tests: Restrict pymongo to v3 +- docs: highlight installation command + + +## 7.1.1 (2022-02-22) + +- Process and verify the metadata signature for EntitiesDescriptor and EntityDescriptor +- Fix client to be able to retry creating an AuthnRequest with a different binding +- Allow requested_authn_context to be an object +- AttributeValues are optional; allow Attributes to not have values +- Update SWAMID entity category to support https://myacademicid.org/entity-categories/esi +- Fix signing for requests with the SOAP binding +- tests: new test case for signed SOAP LogoutRequests +- docs: document the metadata node_name option for the remote source +- examples: align with latest updates +- deps: declare setuptools as a requirement for processing the package version +- build: add python 3.9 and 3.10 to classifiers +- misc: linter fixes + + ## 7.1.0 (2021-11-16) - Fix signature verification for the redirect binding for AuthnRequest and @@ -19,7 +152,7 @@ - Refactor AuthnResponse::authn_info to consider DeclRef equivalent to ClassRef. - Ensure creation of multiple ePTIDs is handled correctly. - Improve signature checks by ensuring the Object element is absent, enforcing allowed - transform aglorithms, enforcing allowed canonicalization methods and requiring the + transform algorithms, enforcing allowed canonicalization methods and requiring the enveloped-signature transform to be present. - mdstore: Make unknown metadata extensions available through the internal metadata. - mdstore: Fix the exception handler of the InMemoryMetaData object. @@ -116,7 +249,7 @@ part of its metadata. - CI/CD: Use Ubuntu bionic as the host to run the CI/CD process. - CI/CD: Pre-releases are now available on [test.pypi.org][pypi.test.pysaml2]. Each - commit/merge on the master branch autotically creates a new pre-release. To install a + commit/merge on the master branch automatically creates a new pre-release. To install a prelease, run: ```sh @@ -137,7 +270,7 @@ - Fix wrong identifiers for ecdsa algos - Fix automatic inversion of attribute map files - Factor out common codepaths in attribute_converter -- Remove uneeded exception logging +- Remove unneeded exception logging - Docs: Update configuration options documentation - Examples: Support both str and bytes in SAML requests on the example idp - Examples: Update to key generation to 2048 bits diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md new file mode 100644 index 000000000..86fc875f7 --- /dev/null +++ b/CONTRIBUTING.md @@ -0,0 +1,149 @@ +# Contributing guidelines + + +## Questions or Problems + +Please, do not open issues for general support questions as we want to keep GitHub +issues for bug reports and feature requests. Instead, we recommend using our [mailing +list](https://lists.sunet.se/postorius/lists/idpy-discuss.lists.sunet.se/) or asking +support-related questions on the [Slack workspace](https://identity-python.slack.com/) +([invitation](https://join.slack.com/t/identity-python/shared_invite/enQtNzEyNjU1NDI1MjUyLTM2MWI5ZGNhMTk1ZThiOTIxNWY2OTY1ODVmMWNjMzUzMTYxNTY5MzE5N2RlYjExZTIyM2MwYjBjZGE4MGVlMTM)). + +To save your and our time, we will systematically close all issues that are requests for +general support and redirect people to the channels above. + + +## Issues and Bugs + +If you find a bug in the source code, you can help us by submitting an issue to our +GitHub Repository. Even better, you can submit a Pull Request with a fix. + + +## Feature Requests + +You can request a new feature by submitting an issue to our GitHub Repository. If you +would like to implement a new feature, please consider the size of the change in order +to determine the right steps to proceed: + +- For a Major Feature, first open an issue and outline your proposal so that it can be + discussed. This process allows us to better coordinate our efforts, prevent + duplication of work, and help you to craft the change so that it is successfully + accepted into the project. + +- Small Features can be crafted and directly submitted as a Pull Request. + + +## Improving Documentation + +Should you have a suggestion for the documentation, you can open an issue and outline +the problem or improvement you have - however, creating the doc fix yourself is much +better! + +If you want to help improve the docs, it's a good idea to let others know what you're +working on to minimize duplication of effort. Create a new issue (or comment on a +related existing one) to let others know what you're working on. + +If you're making a small change (typo, phrasing) don't worry about filing an issue +first. Fork the repository in-place and make a quick change on the fly. + +For large fixes, please build and test the documentation before submitting the PR to be +sure you haven't accidentally introduced any layout or formatting issues. + + +## Submission Guidelines + + +### Submitting an Issue + +Before you submit an issue, please search the issue tracker. +An issue for your problem might already exist +and the discussion might inform you of workarounds readily available. + +We want to fix all the issues as soon as possible, but before fixing a bug, we need to +reproduce and confirm it. In order to reproduce bugs, we require that you provide a +minimal reproduction. Having a minimal reproducible scenario gives us a wealth of +important information without going back and forth to you with additional questions. + +A minimal reproduction allows us to quickly confirm a bug (or point out a coding problem) +as well as confirm that we are fixing the right problem. + +We require a minimal reproduction to save maintainers' time and ultimately be able to +fix more bugs. Often, developers find coding problems themselves while preparing a +minimal reproduction. We understand that sometimes it might be hard to extract +essential bits of code from a larger codebase, but we really need to isolate the problem +before we can fix it. + +Unfortunately, we are not able to investigate / fix bugs without a minimal reproduction, +so if we don't hear back from you, we are going to close an issue that doesn't have +enough information to be reproduced. + + +### Submitting a Pull Request (PR) + +Before you submit your Pull Request (PR) consider the following guidelines: + +1. Search [GitHub](../pulls) for an open or closed PR + that relates to your submission. You don't want to duplicate existing efforts. + +2. Be sure that an issue describes the problem you're fixing, or documents the design + for the feature you'd like to add. Discussing the design upfront helps to ensure that + we're ready to accept your work. + +3. [Fork](https://docs.github.com/en/github/getting-started-with-github/fork-a-repo) the repo. + +4. In your forked repository, make your changes in a new git branch: + + ```shell + $ git checkout -b my-fix-branch main + ``` + +5. Create your patch, **including appropriate test cases**. + Remember to follow the [Coding Rules](#coding-rules). + +6. Run the full test suite, as described in the [DEVELOPERS.md](DEVELOPERS.md), + and ensure that all tests pass. + +7. Commit your changes using a descriptive commit message. + + ```shell + $ git commit --all + ``` + Note: the optional commit `-a` command line option will automatically "add" and "rm" edited files. + +8. Push your branch to GitHub: + + ```shell + $ git push origin my-fix-branch + ``` + +9. In GitHub, create a new pull request. + + +#### Addressing review feedback + +If we ask for changes via code reviews then: + +1. Make the required updates to the code. +2. Re-run the test suite to ensure tests are still passing. +3. Create a fixup commit and push to your GitHub repository. Update your Pull Request: + + ```shell + $ git commit --all --fixup HEAD + $ git push + ``` + + For more info on working with fixup commits see [here](docs/FIXUP_COMMITS.md). + +That's it! Thank you for your contribution! + + +## Coding Rules + +To ensure consistency throughout the source code, +keep these rules in mind as you are working: + +* All features or bug fixes **must be tested** by one or more specs (unit-tests). +* All public API methods **must be documented**. +* We follow [Black's style guide](https://black.readthedocs.io/en/stable/the_black_code_style/current_style.html), + and wrap all code at **120 characters**. + Pre-configured tools to automatically lint and format code are available, see [DEVELOPERS.md](DEVELOPERS.md). diff --git a/DEVELOPERS.md b/DEVELOPERS.md new file mode 100644 index 000000000..ae2e5a4a1 --- /dev/null +++ b/DEVELOPERS.md @@ -0,0 +1,102 @@ +# Developing guidelines + +If you already cloned the repository and you know that you need to deep dive in the code, +here are some guidelines to set up your environment. + + +## Development environment setup + +### Python versions + +To manage multiple Python versions on my system, I use [`pyenv`]. +See the `pyenv` documentation on how to install and configure the tool. + +Install the supported python versions and enable them for this project: + +```shell +$ for v in 3.6 3.7 3.8 3.9 3.10; do pyenv install "${v}:latest"; done +$ pyenv versions --bare | xargs pyenv local +``` + + +### Dependencies + +This project uses [`poetry`] to manage dependencies and virtual environments. +See `poetry`'s [installation instructions] on how to install `poetry` on your system. + +I have opted to use [`pipx`] to install and manage `poetry` itself. +I also use `pipx` to manage other python executables that I want readily available on my system. + +Once `poetry` is available on your system, install the development dependencies: + +```shell +$ poetry install --with dev,test,coverage,docs --sync +``` + +A virtual environment will be created automatically by `poetry`. +To enter a shell with the virtual environment loaded use the `shell` command: + +```shell +$ poetry shell +``` + +Note that `poetry` doesn't need you to load the virtual environment. +It will automatically load the virtual environment as you interact with the `poetry` commands. + + +## Running Tests + +The tests are written with the [`pytest`] test framework. +To run the tests invoke `pytest` through `poetry`: + +```shell +$ poetry run pytest +``` + +However, the above will only run the tests for the latest python version. +To test all python versions invoke the test runner [`tox`]: + +```shell +$ poetry run tox +``` + +This works because different python versions were made available through `pyenv`. + + +## Coding Rules + +Coding style is encoded through the configurations of [`black`] and [`isort`]. +To enforce the rules run: + +```shell +$ poetry run black src/ tests/ example/ +$ poetry run isort src/ tests/ example/ +``` + +Additional rules and suggestions are generated by [`flake8`]. +Check your code with: + +```shell +$ poetry run flake8 src/ +``` + + +## Commit Message Guidelines + +(TODO) + + +## Writing Documentation + +(TODO) + + + [`poetry`]: https://python-poetry.org/ + [installation instructions]: https://python-poetry.org/docs/#installation + [`pipx`]: https://pypa.github.io/pipx/ + [`pyenv`]: https://github.com/pyenv/pyenv + [`pytest`]: https://docs.pytest.org/ + [`tox`]: https://tox.wiki/ + [`black`]: https://black.readthedocs.io/ + [`isort`]: https://pycqa.github.io/isort/ + [`flake8`]: https://flake8.pycqa.org/ diff --git a/INSTALL b/INSTALL deleted file mode 100644 index c846abffd..000000000 --- a/INSTALL +++ /dev/null @@ -1,31 +0,0 @@ -You need repoze.who to get the examples working, can be gotten through -easy_install - - easy_install "repoze.who=1.0.16" - -!! 2.0 or newer are missing the form plugin which is used in some instances - -Or from the PyPI site if you prefer to do it that way. -Likewise for pyasn1. - -You should get the latest version, which is right now 1.0.18 . - -You also need xmlsec, which you can find here: - - http://www.aleksey.com/xmlsec/ - -On Ubuntu and Debian: - - sudo apt install xmlsec1 - -You may also need: - - mako - memcached - python-memcache - -Apart from that a normal - - python setup.py install - -will install the package. diff --git a/MANIFEST.in b/MANIFEST.in deleted file mode 100644 index 2092bb0a5..000000000 --- a/MANIFEST.in +++ /dev/null @@ -1,18 +0,0 @@ -include VERSION -include LICENSE -include README.rst -include CHANGELOG.md - -include src/saml2/data/templates/*.xml -include src/saml2/data/schemas/*.xsd - -graft docs -prune docs/build - -prune tests -prune example -prune .github - -global-exclude *.py[cod] -global-exclude __pycache__ -global-exclude *.egg-info diff --git a/README.md b/README.md new file mode 100644 index 000000000..16c3bf69e --- /dev/null +++ b/README.md @@ -0,0 +1,137 @@ +# PySAML2 - SAML2 for Python + +[![Version](https://img.shields.io/pypi/v/pysaml2)](https://pypi.org/project/pysaml2/) +[![Supported Python versions](https://img.shields.io/pypi/pyversions/pysaml2)](https://pypi.org/project/pysaml2/) +[![Total downloads](https://pepy.tech/badge/pysaml2)](https://pepy.tech/project/pysaml2) +[![Weekly downloads](https://pepy.tech/badge/pysaml2/week)](https://pepy.tech/project/pysaml2) +[![License](https://img.shields.io/github/license/IdentityPython/pysaml2)](https://github.com/IdentityPython/pysaml2/blob/master/LICENSE) + +PySAML2 is a pure python implementation of SAML Version 2 Standard. +It contains all necessary pieces for building a SAML2 service provider +or an identity provider. The distribution contains examples of both. +Originally written to work in a WSGI environment +there are extensions that allow you to use it with other frameworks. + +**Website**: https://idpy.org/ + +**Documentation**: https://pysaml2.readthedocs.io/ + +**Contribution guidelines**: [CONTRIBUTING.md][contributing] + +**Security policies**: [SECURITY.md][sec] + +**Source code**: https://github.com/IdentityPython/pysaml2/ + +**Developer guidelines**: [DEVELOPERS.md][dev] + +**PyPI project**: https://pypi.org/project/pysaml2/ + +**License**: [LICENSE][license] + + +## Specifications + +Retrieved from https://wiki.oasis-open.org/security/FrontPage + +#### SAML V2.0 Standard + +- SAML2 Core (aka Assertions and Protocols): http://www.oasis-open.org/committees/download.php/56776/sstc-saml-core-errata-2.0-wd-07.pdf + - Assertion schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-assertion-2.0.xsd + - Protocols schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-protocol-2.0.xsd +- Bindings: http://www.oasis-open.org/committees/download.php/56779/sstc-saml-bindings-errata-2.0-wd-06.pdf +- Profiles: http://www.oasis-open.org/committees/download.php/56782/sstc-saml-profiles-errata-2.0-wd-07.pdf +- Metadata: http://www.oasis-open.org/committees/download.php/56785/sstc-saml-metadata-errata-2.0-wd-05.pdf + - Metadata schema: http://docs.oasis-open.org/security/saml/v2.0/saml-schema-metadata-2.0.xsd +- Authentication Context: http://docs.oasis-open.org/security/saml/v2.0/saml-authn-context-2.0-os.pdf +- Conformance Requirements: https://docs.oasis-open.org/security/saml/v2.0/saml-conformance-2.0-os.pdf +- Security and Privacy Considerations: http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2.0-os.pdf +- Glossary: http://docs.oasis-open.org/security/saml/v2.0/saml-glossary-2.0-os.pdf + +#### Profiles and extensions + +- Metadata Extension for SAML V2.0 and V1.x Query Requesters: http://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ext-query-os.pdf +- SAML V2.0 Metadata Interoperability Profile: https://docs.oasis-open.org/security/saml/Post2.0/sstc-metadata-iop-os.pdf +- SAML V2.0 Metadata Extensions for Login and Discovery User Interface Version 1.0: https://docs.oasis-open.org/security/saml/Post2.0/sstc-saml-metadata-ui/v1.0/os/sstc-saml-metadata-ui-v1.0-os.pdf +- SAML V2.0 LDAP/X.500 Attribute Profile: http://www.oasis-open.org/committees/download.php/28042/sstc-saml-attribute-x500-cs-01.pdf +- SAML V2.0 Enhanced Client or Proxy Profile Version 2.0: https://docs.oasis-open.org/security/saml/Post2.0/saml-ecp/v2.0/cs01/saml-ecp-v2.0-cs01.pdf + +#### Committee Specifications + +- SAML V2.0 Subject Identifier Attributes Profile Version 1.0: https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml-subject-id-attr-v1.0-cs01.pdf + + +## Installation + +You can install PySAML2 through pip: + +```shell +pip install pysaml2 +``` + +### External dependencies + +PySAML2 works with the [`xmlsec`][xmlsec] binary. +Notice that support for xmlsec `1 1.3` was added with `v7.4.2`. + +`xmlsec` should be readily available in most Linux distributions: + +```shell +$ apt-get install xmlsec1 +$ dnf install xmlsec1-openssl +$ yum install xmlsec1-openssl +$ pacman -S xmlsec +... +``` + +and on MacOS through [`homebrew`][brew] + +```shell +$ brew install libxmlsec1 +``` + + +## Changelog + +See the [CHANGELOG][clog] to learn about the latest developments. + + +## Contributing + +We've set up a separate document for our [contribution guidelines][contributing]. + + +## Community + +[IdentityPython][idpy] is a community around +a collection of libraries and tools to manage identity related concepts with Python code. +You can interact with the community though the [mailing list](https://lists.sunet.se/postorius/lists/idpy-discuss.lists.sunet.se/) +or on the [Slack workspace](https://identity-python.slack.com/) ([invitation](https://join.slack.com/t/identity-python/shared_invite/enQtNzEyNjU1NDI1MjUyLTM2MWI5ZGNhMTk1ZThiOTIxNWY2OTY1ODVmMWNjMzUzMTYxNTY5MzE5N2RlYjExZTIyM2MwYjBjZGE4MGVlMTM)). + + +## Development + +We've set up a separate document for [developers][dev]. + + +### Releasing + +We've set up a separate document for our [release process][rel]. + + +### Pre-commit + +(TODO) + + + [idpy]: https://idpy.org/ + [docs]: https://pysaml2.readthedocs.io/ + [contributing]: https://github.com/IdentityPython/pysaml2/blob/master/CONTRIBUTING.md + [sec]: https://github.com/IdentityPython/pysaml2/blob/master/SECURITY.md + [repo]: https://github.com/IdentityPython/pysaml2/ + [dev]: https://github.com/IdentityPython/pysaml2/blob/master/DEVELOPERS.md + [pypi]: https://pypi.org/project/pysaml2/ + [license]: https://github.com/IdentityPython/pysaml2/blob/master/LICENSE + [clog]: https://github.com/IdentityPython/pysaml2/blob/master/CHANGELOG.md + [rel]: https://github.com/IdentityPython/pysaml2/blob/master/RELEASE.md + [xmlsec]: http://www.aleksey.com/xmlsec/ + [brew]: https://brew.sh/ diff --git a/README.rst b/README.rst deleted file mode 100644 index 4aea93d3c..000000000 --- a/README.rst +++ /dev/null @@ -1,58 +0,0 @@ -************************* -PySAML2 - SAML2 in Python -************************* - -:Version: see VERSION_ -:Documentation: https://pysaml2.readthedocs.io/ - -.. image:: https://api.travis-ci.com/IdentityPython/pysaml2.png?branch=master - :target: https://travis-ci.com/IdentityPython/pysaml2 - -.. image:: https://img.shields.io/pypi/pyversions/pysaml2.svg - :target: https://pypi.org/project/pysaml2/ - -.. image:: https://img.shields.io/pypi/v/pysaml2.svg - :target: https://pypi.org/project/pysaml2/ - - -PySAML2 is a pure python implementation of SAML Version 2 Standard. It contains -all necessary pieces for building a SAML2 service provider or an identity -provider. The distribution contains examples of both. Originally written to -work in a WSGI environment there are extensions that allow you to use it with -other frameworks. - -Install -======= -You can install with `pip install pysaml2` - -Testing -======= - -PySAML2 uses the pytest_ framework for testing. To run the tests on your -system's version of python: - -1. Create and activate a virtualenv_ -2. Inside the virtualenv_, install the dependencies needed for testing - :code:`pip install -r tests/test-requirements.txt` -3. Run the tests :code:`py.test tests` - -To run tests in multiple python environments, you can use pyenv_ with tox_. - - -Please contribute! -================== - -To help out, you could: - -1. Test and report any bugs or other difficulties. -2. Implement missing features. -3. Write more unit tests. - -**If you have the time and inclination I'm looking for Collaborators** - - -.. _VERSION: VERSION -.. _pytest: https://docs.pytest.org/en/latest/ -.. _virtualenv: https://virtualenv.pypa.io/en/stable/ -.. _pyenv: https://github.com/yyuu/pyenv -.. _tox: https://tox.readthedocs.io/en/latest/ diff --git a/RELEASE.md b/RELEASE.md new file mode 100644 index 000000000..d2dd6b93b --- /dev/null +++ b/RELEASE.md @@ -0,0 +1,57 @@ +## Release instructions + +When releasing a new version, the following steps should be taken: + +1. Make sure the package metadata in `pyproject.toml` is up-to-date. + + ``` + poetry check + ``` + +2. Make sure all automated tests pass: + + ``` + poetry run pytest + ``` + +3. Bump the version of the package + + ``` + poetry version -- X.Y.Z + ``` + +4. Update the [CHANGELOG.md] + +5. Commit and sign the changes: + + ``` + git add -u # CHANGELOG.md pyproject.toml + git commit -v -s -m "Release version X.Y.Z" + ``` + +6. Create a signed release [tag]: + + ``` + git tag -a -s vX.Y.Z -m "Version X.Y.Z" + ``` + +7. Push the changes and the release to Github: + + ``` + git push --follow-tags + ``` + +8. Publish the release on PyPI: + + ``` + poetry publish --build + ``` + +9. Send an email to the pysaml2 list announcing this release + + + [VERSION]: https://github.com/IdentityPython/pysaml2/blob/master/VERSION + [CHANGELOG.md]: https://github.com/IdentityPython/pysaml2/blob/master/CHANGELOG.md + [docutils]: http://docutils.sourceforge.net/ + [branch]: https://git-scm.com/book/en/v2/Git-Branching-Branches-in-a-Nutshell + [tag]: https://git-scm.com/book/en/v2/Git-Basics-Tagging#_annotated_tags diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 000000000..bb7c88d87 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,40 @@ +# Security Policy + +You can find more information on security incidents +on the [IdPy security webpage](https://idpy.org/security/). + +You read on the [incident response policy](https://github.com/IdentityPython/Governance/blob/master/idpy-incidentresponse.md) +under the [governance documentation](https://github.com/IdentityPython/Governance). + + +## Incident report / Reporting a Vulnerability + +Anyone can submit a potential security vulnerability to `incident-response@idpy.org`. +The incident-response team will verify the issue and contact you on how this will be +handled. + + +## Public Discussions + +When a new vulnerability is reported and verified, a new security advisory is created on +GitHub and the issue is assigned a CVE identifier. Progress on the mitigation is tracked +on a private fork, where the incident-response team and developers communicate to fix +the issue. + +When the fix is ready, a release plan is prepared and all communication channels are +used to notify the community of the presence of a new issue and the expected release +plan. This allows the community time to prepare for a security upgrade. (Notice that +security fixes are not backported at the moment.) + +When the advisory is published, GitHub automatically notifies all associated projects of +the published advisory. Projects that use IdPy projects as dependencies should +automatically get Pull Requests by dependabot. Additionally, all communication channels +are used again, to notify the community of the release of a new version of the affected +software that contains the relevant fixes that mitigate the reported issue. + + +## Supported versions + +Notice, that security fixes are not backported at the moment to older releases than the +latest. The team does not have the capacity to guarantee that these backports will exist. +You are advised to be prepared to upgrade to the latest version once the fix is out. diff --git a/VERSION b/VERSION deleted file mode 100644 index a3fcc7121..000000000 --- a/VERSION +++ /dev/null @@ -1 +0,0 @@ -7.1.0 diff --git a/docs/FIXUP_COMMITS.md b/docs/FIXUP_COMMITS.md new file mode 100644 index 000000000..5d7b50a9e --- /dev/null +++ b/docs/FIXUP_COMMITS.md @@ -0,0 +1,115 @@ +# Working with fixup commits + +This document provides information and guidelines for working with fixup commits: +- [What are fixup commits](#about-fixup-commits) +- [Why use fixup commits](#why-fixup-commits) +- [Creating fixup commits](#create-fixup-commits) +- [Squashing fixup commits](#squash-fixup-commits) + +[This blog post](https://thoughtbot.com/blog/autosquashing-git-commits) is also a good resource on the subject. + + +## What are fixup commits + +At their core, fixup commits are just regular commits with a special commit message: +The first line of their commit message starts with "fixup! " (notice the space +after "!") followed by the first line of the commit message of an earlier +commit (it doesn't have to be the immediately preceding one). + +The purpose of a fixup commit is to modify an earlier commit. +I.e. it allows adding more changes in a new commit, but "marking" them as +belonging to an earlier commit. +`Git` provides tools to make it easy to squash fixup commits into the original +commit at a later time (see [below](#squash-fixup-commits) for details). + +For example, let's assume you have added the following commits to your branch: + +``` +feat: first commit +fix: second commit +``` + +If you want to add more changes to the first commit, you can create a new +commit with the commit message: `fixup! feat: first commit`: + +``` +feat: first commit +fix: second commit +fixup! feat: first commit +``` + + +## Why use fixup commits + +So, when are fixup commits useful? + +During the life of a Pull Request, a reviewer might request changes. +The Pull Request author can make the requested changes and submit them for another review. +Normally, these changes should be part of one of the original commits of the Pull Request. +However, amending an existing commit with the changes makes it difficult for +the reviewer to know exactly what has changed since the last time they reviewed +the Pull Request. + +Here is where fixup commits come in handy. +By addressing review feedback in fixup commits, you make it very straight +forward for the reviewer to see what are the new changes that need to be +reviewed and verify that their earlier feedback has been addressed. +This can save a lot of effort, especially on larger Pull Requests (where having +to re-review _all_ the changes is pretty wasteful). + +When the time comes to merge the Pull Request into the repository, the merge +script knows how to automatically squash fixup commits with the corresponding +regular commits. + + +## Creating fixup commits + +As mentioned [above](#about-fixup-commits), the only thing that differentiates +a fixup commit from a regular commit is the commit message. +You can create a fixup commit by specifying an appropriate commit message (i.e. +`fixup! `). + +In addition, the `git` command-line tool provides an easy way to create a fixup +commit via [git commit --fixup](https://git-scm.com/docs/git-commit#Documentation/git-commit.txt---fixupltcommitgt): + +```sh +# Create a fixup commit to fix up the last commit on the branch: +git commit --fixup HEAD ... + +# Create a fixup commit to fix up commit with SHA : +git commit --fixup ... +``` + + +## Squashing fixup commits + +As mentioned above, the merge script will automatically squash fixup commits. +However, sometimes you might want to manually squash a fixup commit. + + +### Rebasing to squash fixup commits + +The easiest way to re-order and squash any commit is via [rebasing interactively](https://git-scm.com/docs/git-rebase#_interactive_mode). +You move a commit right after the one you want to squash it into in the rebase +TODO list and change the corresponding action from `pick` to `fixup`. + +`Git` can do all these automatically for you if you pass the `--autosquash` +option to `git rebase`. See the [`git` docs](https://git-scm.com/docs/git-rebase#Documentation/git-rebase.txt---autosquash) +for more details. + + +### Additional options + +You may like to consider some optional configurations: + + +#### Configuring `git` to auto-squash by default + +By default, `git` will not automatically squash fixup commits when +interactively rebasing. If you prefer to not have to pass the `--autosquash` +option every time, you can change the default behavior by setting the +`rebase.autoSquash` `git` config option to true. +See the [`git` docs](https://git-scm.com/docs/git-rebase#Documentation/git-rebase.txt-rebaseautoSquash) for more details. + +If you have `rebase.autoSquash` set to true, you can pass the `--no-autosquash` +option to `git rebase` to override and disable this setting. diff --git a/docs/conf.py b/docs/conf.py index 71e81bbac..111986e36 100644 --- a/docs/conf.py +++ b/docs/conf.py @@ -1,4 +1,3 @@ -# -*- coding: utf-8 -*- # # pysaml2 documentation build configuration file, created by # sphinx-quickstart on Mon Aug 24 08:13:41 2009. @@ -11,7 +10,6 @@ # All configuration values have a default; values that are commented out # serve to show the default. -from __future__ import unicode_literals import os @@ -19,33 +17,34 @@ import saml2.version + # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the # documentation root, use os.path.abspath to make it absolute, like shown here. -#sys.path.append(os.path.abspath('.')) +# sys.path.append(os.path.abspath('.')) # -- General configuration ----------------------------------------------------- # Add any Sphinx extension module names here, as strings. They can be extensions # coming with Sphinx (named 'sphinx.ext.*') or your custom ones. -extensions = ['sphinx.ext.autodoc', 'sphinx.ext.doctest', 'sphinx.ext.coverage'] +extensions = ["sphinx.ext.autodoc", "sphinx.ext.doctest", "sphinx.ext.coverage"] # Add any paths that contain templates here, relative to this directory. -templates_path = ['_templates'] +templates_path = ["_templates"] # The suffix of source filenames. -source_suffix = '.rst' +source_suffix = ".rst" # The encoding of source files. -#source_encoding = 'utf-8' +# source_encoding = 'utf-8' # The master toctree document. -master_doc = 'index' +master_doc = "index" # General information about the project. -project = 'pysaml2' -copyright = '2010-2011, Roland Hedberg' +project = "pysaml2" +copyright = "2010-2011, Roland Hedberg" # The version info for the project you're documenting, acts as replacement for # |version| and |release|, also used in various other places throughout the @@ -54,44 +53,44 @@ # The short X.Y version. version = str(saml2.version.version) # The full version, including alpha/beta/rc tags. -release = '' +release = "" # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. -#language = None +# language = None # There are two options for replacing |today|: either, you set today to some # non-false value, then it is used: -#today = '' +# today = '' # Else, today_fmt is used as the format for a strftime call. -#today_fmt = '%B %d, %Y' +# today_fmt = '%B %d, %Y' # List of documents that shouldn't be included in the build. -#unused_docs = [] +# unused_docs = [] # List of directories, relative to source directory, that shouldn't be searched # for source files. -exclude_trees = ['_build'] +exclude_trees = ["_build"] # The reST default role (used for this markup: `text`) to use for all documents. -#default_role = None +# default_role = None # If true, '()' will be appended to :func: etc. cross-reference text. -#add_function_parentheses = True +# add_function_parentheses = True # If true, the current module name will be prepended to all description # unit titles (such as .. function::). -#add_module_names = True +# add_module_names = True # If true, sectionauthor and moduleauthor directives will be shown in the # output. They are ignored by default. -#show_authors = False +# show_authors = False # The name of the Pygments (syntax highlighting) style to use. -pygments_style = 'sphinx' +pygments_style = "sphinx" # A list of ignored prefixes for module index sorting. -#modindex_common_prefix = [] +# modindex_common_prefix = [] # -- Options for HTML output --------------------------------------------------- @@ -99,114 +98,114 @@ # The theme to use for HTML and HTML Help pages. Major themes that come with # Sphinx are currently 'default' and 'sphinxdoc'. html_theme_path = [alabaster.get_path()] -html_theme = 'alabaster' -on_rtd = os.environ.get('READTHEDOCS', None) == 'True' +html_theme = "alabaster" +on_rtd = os.environ.get("READTHEDOCS", None) == "True" if on_rtd: # only import and set the theme if we're building docs locally - html_theme = 'sphinx_rtd_theme' + html_theme = "sphinx_rtd_theme" # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the # documentation. -#html_theme_options = {} +# html_theme_options = {} # Add any paths that contain custom themes here, relative to this directory. -#html_theme_path = [] +# html_theme_path = [] # The name for this set of Sphinx documents. If None, it defaults to # " v documentation". -#html_title = None +# html_title = None # A shorter title for the navigation bar. Default is the same as html_title. -#html_short_title = None +# html_short_title = None # The name of an image file (relative to this directory) to place at the top # of the sidebar. -#html_logo = None +# html_logo = None # The name of an image file (within the static path) to use as favicon of the # docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32 # pixels large. -#html_favicon = None +# html_favicon = None # Add any paths that contain custom static files (such as style sheets) here, # relative to this directory. They are copied after the builtin static files, # so a file named "default.css" will overwrite the builtin "default.css". -html_static_path = ['_static'] +html_static_path = ["_static"] # If not '', a 'Last updated on:' timestamp is inserted at every page bottom, # using the given strftime format. -#html_last_updated_fmt = '%b %d, %Y' +# html_last_updated_fmt = '%b %d, %Y' # If true, SmartyPants will be used to convert quotes and dashes to # typographically correct entities. -#html_use_smartypants = True +# html_use_smartypants = True # Custom sidebar templates, maps document names to template names. -#html_sidebars = {} +# html_sidebars = {} # Additional templates that should be rendered to pages, maps page names to # template names. -#html_additional_pages = {} +# html_additional_pages = {} # If false, no module index is generated. -#html_use_modindex = True +# html_use_modindex = True # If false, no index is generated. -#html_use_index = True +# html_use_index = True # If true, the index is split into individual pages for each letter. -#html_split_index = False +# html_split_index = False # If true, links to the reST sources are added to the pages. -#html_show_sourcelink = True +# html_show_sourcelink = True # If true, an OpenSearch description file will be output, and all pages will # contain a tag referring to it. The value of this option must be the # base URL from which the finished HTML is served. -#html_use_opensearch = '' +# html_use_opensearch = '' # If nonempty, this is the file name suffix for HTML files (e.g. ".xhtml"). -#html_file_suffix = '' +# html_file_suffix = '' # Output file base name for HTML help builder. -htmlhelp_basename = 'pysaml2doc' +htmlhelp_basename = "pysaml2doc" # -- Options for LaTeX output -------------------------------------------------- # The paper size ('letter' or 'a4'). -#latex_paper_size = 'letter' +# latex_paper_size = 'letter' # The font size ('10pt', '11pt' or '12pt'). -#latex_font_size = '10pt' +# latex_font_size = '10pt' # Grouping the document tree into LaTeX files. List of tuples # (source start file, target name, title, author, documentclass [howto/manual]). latex_documents = [ ( - 'index', - 'pysaml2.tex', - 'pysaml2 Documentation', - 'Roland Hedberg', - 'manual', + "index", + "pysaml2.tex", + "pysaml2 Documentation", + "Roland Hedberg", + "manual", ), ] # The name of an image file (relative to this directory) to place at the top of # the title page. -#latex_logo = None +# latex_logo = None # For "manual" documents, if this is true, then toplevel headings are parts, # not chapters. -#latex_use_parts = False +# latex_use_parts = False # Additional stuff for the LaTeX preamble. -#latex_preamble = '' +# latex_preamble = '' # Documents to append as an appendix to all manuals. -#latex_appendices = [] +# latex_appendices = [] # If false, no module index is generated. -#latex_use_modindex = True +# latex_use_modindex = True diff --git a/docs/examples/idp.rst b/docs/examples/idp.rst index 01b787053..3a3cb175c 100644 --- a/docs/examples/idp.rst +++ b/docs/examples/idp.rst @@ -1,6 +1,6 @@ .. _example_idp: -An extremly simple example of a SAML2 identity provider. +An extremely simple example of a SAML2 identity provider. ======================================================== There are 2 example IDPs in the project's example directory: diff --git a/docs/howto/config.rst b/docs/howto/config.rst index e2e4bc41b..adde98f9c 100644 --- a/docs/howto/config.rst +++ b/docs/howto/config.rst @@ -113,6 +113,15 @@ Example:: Whether debug information should be sent to the log file. +http_client_timeout +^^^^^^^^^^^^^^^^^^^ + +Example:: + + http_client_timeout: 10 + +The timeout of HTTP requests, in seconds. Defaults to None. + additional_cert_files ^^^^^^^^^^^^^^^^^^^^^ @@ -212,26 +221,30 @@ contact_person ^^^^^^^^^^^^^^ This is only used by *make_metadata.py* when it constructs the metadata for -the service described by the configuration file. -This is where you describe who can be contacted if questions arise -about the service or if support is needed. The possible types are according to -the standard **technical**, **support**, **administrative**, **billing** -and **other**.:: +the service described by the configuration file. This is where you describe +who can be contacted if questions arise about the service or if support is +needed. + +Note that `contact_type` is required for a valid schema. The possible types +are according to the standard **technical**, **support**, **administrative**, +**billing** and **other**:: contact_person: [ { - "givenname": "Derek", - "surname": "Jeter", + "given_name": "Derek", + "sur_name": "Jeter", "company": "Example Co.", - "mail": ["jeter@example.com"], - "type": "technical", + "email_address": ["jeter@example.com"], + "telephone_number": ["123-456-789", "+1 234 567 89"] + "contact_type": "technical", }, { - "givenname": "Joe", - "surname": "Girardi", + "given_name": "Joe", + "sur_name": "Girardi", "company": "Example Co.", - "mail": "girardi@example.com", - "type": "administrative", + "email_address": ["girardi@example.com", "admin@example.com"] + "telephone_number": ["987-654-321"] + "contact_type": "administrative", }, ] @@ -283,8 +296,8 @@ Example:: key_file: "key.pem" *key_file* is the name of a PEM formatted file that contains the private key -of the service. This is currently used both to encrypt/sign assertions and as -the client key in an HTTPS session. +of the service. This is currently used both to sign assertions and as +the client key in an HTTPS (mutual TLS) session. cert_file ^^^^^^^^^ @@ -315,7 +328,14 @@ Example:: encryption_keypairs ^^^^^^^^^^^^^^^^^^^ -Indicates which certificates will be used for encryption capabilities:: +A list of dictionaries, each containing paths to the private and public keys +used for encryption. The *key_file* refers to the PEM-formatted file that +contains the private key for the service, while the *cert_file* refers to the +corresponding public key (certificate) from the service's key pair. Both files +must be in PEM format, and the *cert_file* should contain only a single +certificate. + +Example:: # Encryption 'encryption_keypairs': [ @@ -395,7 +415,7 @@ file system. When the parameter *check_validity* is set to False metadata that have expired will be accepted as valid. -When the paramenter *disable_ssl_certificate_validation* is set to True the +When the parameter *disable_ssl_certificate_validation* is set to True the validity of ssl certificate will be skipped. When using a remote metadata source, the `node_name` option can be set to @@ -513,7 +533,7 @@ accepted_time_diff If your computer and another computer that you are communicating with are not in sync regarding the computer clock, then here you can state how big a -difference you are prepared to accept. +difference in seconds you are prepared to accept. .. note:: This will indiscriminately affect all time comparisons. Hence your server may accept a statement that in fact is too old. @@ -1311,6 +1331,19 @@ Example:: }, }, +error_url +""""""""" + +The URL to which the user's browser may be redirected in the event of a failure. + +Example:: + + "service": + "idp": { + "error_url": "http://localhost:8088/error_page", + }, + } + only_use_keys_in_metadata """"""""""""""""""""""""" @@ -1459,11 +1492,11 @@ We start with a simple but fairly complete Service provider configuration:: } "contact_person": [ { - "givenname": "Roland", - "surname": "Hedberg", - "phone": "+46 90510", - "mail": "roland@example.com", - "type": "technical", + "given_name": "Roland", + "sur_name": "Hedberg", + "telephone_number": ["+46 90510"], + "email_address": ["roland@example.com"], + "contact_type": "technical", }, ] } @@ -1517,11 +1550,11 @@ A slightly more complex configuration:: } "contact_person": [ { - "givenname": "Roland", - "surname": "Hedberg", - "phone": "+46 90510", - "mail": "roland@example.com", - "type": "technical", + "given_name": "Roland", + "sur_name": "Hedberg", + "telephone_number": ["+46 90510"], + "email_address": ["roland@example.com"], + "contact_type": "technical", }, ] } diff --git a/docs/index.rst b/docs/index.rst index e2c245417..3e09f1e3b 100644 --- a/docs/index.rst +++ b/docs/index.rst @@ -45,6 +45,14 @@ So you will find descriptions of both cases here. The configuration is the same disregarding whether you are using PySAML2 in a WSGI or non-WSGI environment. + +Python compatibility +^^^^^^^^^^^^^^^^^^^^ + +PySAML2 has transitioned to Python3. Master Apps is maintaining a fork with Python2 +compatibility on [GitHub](https://github.com/masterapps-au/pysaml2). + + Table of contents ================== diff --git a/example/README b/example/README index 9be30b5a2..7b697d081 100644 --- a/example/README +++ b/example/README @@ -21,7 +21,8 @@ defined.) The username:password pairs in PASSWD: -haho0032:qwerty +daev0001:qwerty +testuser:qwerty roland:dianakra babs:howes upper:crust diff --git a/example/all.sh b/example/all.sh index 06e09b8ba..616f1acca 100755 --- a/example/all.sh +++ b/example/all.sh @@ -8,13 +8,13 @@ startme() { if [ ! -f service_conf.py ] ; then cp service_conf.py.example service_conf.py fi - ../../tools/make_metadata.py sp_conf > sp.xml + ../../src/saml2/tools/make_metadata.py sp_conf > sp.xml cd ../idp2 if [ ! -f idp_conf.py ] ; then cp idp_conf.py.example idp_conf.py fi - ../../tools/make_metadata.py idp_conf > idp.xml + ../../src/saml2/tools/make_metadata.py idp_conf > idp.xml cd ../sp-wsgi ./sp.py sp_conf & diff --git a/example/attributemaps/adfs_v1x.py b/example/attributemaps/adfs_v1x.py index b0b8d3275..79c48fdb6 100644 --- a/example/attributemaps/adfs_v1x.py +++ b/example/attributemaps/adfs_v1x.py @@ -6,15 +6,15 @@ MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified", "fro": { - 'http://schemas.xmlsoap.org/claims/commonname': 'commonName', - 'http://schemas.xmlsoap.org/claims/emailaddress': 'emailAddress', - 'http://schemas.xmlsoap.org/claims/group': 'group', - 'http://schemas.xmlsoap.org/claims/upn': 'upn', - }, + "http://schemas.xmlsoap.org/claims/commonname": "commonName", + "http://schemas.xmlsoap.org/claims/emailaddress": "emailAddress", + "http://schemas.xmlsoap.org/claims/group": "group", + "http://schemas.xmlsoap.org/claims/upn": "upn", + }, "to": { - 'commonName': 'http://schemas.xmlsoap.org/claims/commonname', - 'emailAddress': 'http://schemas.xmlsoap.org/claims/emailaddress', - 'group': 'http://schemas.xmlsoap.org/claims/group', - 'upn': 'http://schemas.xmlsoap.org/claims/upn', - } + "commonName": "http://schemas.xmlsoap.org/claims/commonname", + "emailAddress": "http://schemas.xmlsoap.org/claims/emailaddress", + "group": "http://schemas.xmlsoap.org/claims/group", + "upn": "http://schemas.xmlsoap.org/claims/upn", + }, } diff --git a/example/attributemaps/adfs_v20.py b/example/attributemaps/adfs_v20.py index f1d35efac..c32f83820 100644 --- a/example/attributemaps/adfs_v20.py +++ b/example/attributemaps/adfs_v20.py @@ -5,43 +5,43 @@ MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified", "fro": { - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress': 'emailAddress', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname': 'givenName', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name': 'name', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn': 'upn', - 'http://schemas.xmlsoap.org/claims/commonname': 'commonName', - 'http://schemas.xmlsoap.org/claims/group': 'group', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/role': 'role', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname': 'surname', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier': 'privatePersonalId', - 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier': 'nameId', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod': 'authenticationMethod', - 'http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid': 'denyOnlySid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid': 'denyOnlyPrimarySid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid': 'denyOnlyPrimaryGroupSid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid': 'groupSid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid': 'primaryGroupSid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid': 'primarySid', - 'http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname': 'windowsAccountName', - }, + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress": "emailAddress", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname": "givenName", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name": "name", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn": "upn", + "http://schemas.xmlsoap.org/claims/commonname": "commonName", + "http://schemas.xmlsoap.org/claims/group": "group", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/role": "role", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname": "surname", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier": "privatePersonalId", + "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier": "nameId", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod": "authenticationMethod", + "http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid": "denyOnlySid", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid": "denyOnlyPrimarySid", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid": "denyOnlyPrimaryGroupSid", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid": "groupSid", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid": "primaryGroupSid", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid": "primarySid", + "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname": "windowsAccountName", + }, "to": { - 'emailAddress': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress', - 'givenName': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname', - 'name': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name', - 'upn': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn', - 'commonName': 'http://schemas.xmlsoap.org/claims/commonname', - 'group': 'http://schemas.xmlsoap.org/claims/group', - 'role': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/role', - 'surname': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname', - 'privatePersonalId': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier', - 'nameId': 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier', - 'authenticationMethod': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod', - 'denyOnlySid': 'http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid', - 'denyOnlyPrimarySid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid', - 'denyOnlyPrimaryGroupSid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid', - 'groupSid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid', - 'primaryGroupSid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid', - 'primarySid': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid', - 'windowsAccountName': 'http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname', - } + "emailAddress": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress", + "givenName": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname", + "name": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name", + "upn": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/upn", + "commonName": "http://schemas.xmlsoap.org/claims/commonname", + "group": "http://schemas.xmlsoap.org/claims/group", + "role": "http://schemas.microsoft.com/ws/2008/06/identity/claims/role", + "surname": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname", + "privatePersonalId": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier", + "nameId": "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", + "authenticationMethod": "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod", + "denyOnlySid": "http://schemas.xmlsoap.com/ws/2005/05/identity/claims/denyonlysid", + "denyOnlyPrimarySid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarysid", + "denyOnlyPrimaryGroupSid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/denyonlyprimarygroupsid", + "groupSid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", + "primaryGroupSid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarygroupsid", + "primarySid": "http://schemas.microsoft.com/ws/2008/06/identity/claims/primarysid", + "windowsAccountName": "http://schemas.microsoft.com/ws/2008/06/identity/claims/windowsaccountname", + }, } diff --git a/example/attributemaps/basic.py b/example/attributemaps/basic.py index 9311d5471..a6a65743d 100644 --- a/example/attributemaps/basic.py +++ b/example/attributemaps/basic.py @@ -1,326 +1,325 @@ - MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", "fro": { - 'urn:mace:dir:attribute-def:aRecord': 'aRecord', - 'urn:mace:dir:attribute-def:aliasedEntryName': 'aliasedEntryName', - 'urn:mace:dir:attribute-def:aliasedObjectName': 'aliasedObjectName', - 'urn:mace:dir:attribute-def:associatedDomain': 'associatedDomain', - 'urn:mace:dir:attribute-def:associatedName': 'associatedName', - 'urn:mace:dir:attribute-def:audio': 'audio', - 'urn:mace:dir:attribute-def:authorityRevocationList': 'authorityRevocationList', - 'urn:mace:dir:attribute-def:buildingName': 'buildingName', - 'urn:mace:dir:attribute-def:businessCategory': 'businessCategory', - 'urn:mace:dir:attribute-def:c': 'c', - 'urn:mace:dir:attribute-def:cACertificate': 'cACertificate', - 'urn:mace:dir:attribute-def:cNAMERecord': 'cNAMERecord', - 'urn:mace:dir:attribute-def:carLicense': 'carLicense', - 'urn:mace:dir:attribute-def:certificateRevocationList': 'certificateRevocationList', - 'urn:mace:dir:attribute-def:cn': 'cn', - 'urn:mace:dir:attribute-def:co': 'co', - 'urn:mace:dir:attribute-def:commonName': 'commonName', - 'urn:mace:dir:attribute-def:countryName': 'countryName', - 'urn:mace:dir:attribute-def:crossCertificatePair': 'crossCertificatePair', - 'urn:mace:dir:attribute-def:dITRedirect': 'dITRedirect', - 'urn:mace:dir:attribute-def:dSAQuality': 'dSAQuality', - 'urn:mace:dir:attribute-def:dc': 'dc', - 'urn:mace:dir:attribute-def:deltaRevocationList': 'deltaRevocationList', - 'urn:mace:dir:attribute-def:departmentNumber': 'departmentNumber', - 'urn:mace:dir:attribute-def:description': 'description', - 'urn:mace:dir:attribute-def:destinationIndicator': 'destinationIndicator', - 'urn:mace:dir:attribute-def:displayName': 'displayName', - 'urn:mace:dir:attribute-def:distinguishedName': 'distinguishedName', - 'urn:mace:dir:attribute-def:dmdName': 'dmdName', - 'urn:mace:dir:attribute-def:dnQualifier': 'dnQualifier', - 'urn:mace:dir:attribute-def:documentAuthor': 'documentAuthor', - 'urn:mace:dir:attribute-def:documentIdentifier': 'documentIdentifier', - 'urn:mace:dir:attribute-def:documentLocation': 'documentLocation', - 'urn:mace:dir:attribute-def:documentPublisher': 'documentPublisher', - 'urn:mace:dir:attribute-def:documentTitle': 'documentTitle', - 'urn:mace:dir:attribute-def:documentVersion': 'documentVersion', - 'urn:mace:dir:attribute-def:domainComponent': 'domainComponent', - 'urn:mace:dir:attribute-def:drink': 'drink', - 'urn:mace:dir:attribute-def:eduOrgHomePageURI': 'eduOrgHomePageURI', - 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI', - 'urn:mace:dir:attribute-def:eduOrgLegalName': 'eduOrgLegalName', - 'urn:mace:dir:attribute-def:eduOrgSuperiorURI': 'eduOrgSuperiorURI', - 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI': 'eduOrgWhitePagesURI', - 'urn:mace:dir:attribute-def:eduPersonAffiliation': 'eduPersonAffiliation', - 'urn:mace:dir:attribute-def:eduPersonEntitlement': 'eduPersonEntitlement', - 'urn:mace:dir:attribute-def:eduPersonNickname': 'eduPersonNickname', - 'urn:mace:dir:attribute-def:eduPersonOrgDN': 'eduPersonOrgDN', - 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN': 'eduPersonOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation', - 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrincipalName': 'eduPersonPrincipalName', - 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation': 'eduPersonScopedAffiliation', - 'urn:mace:dir:attribute-def:eduPersonTargetedID': 'eduPersonTargetedID', - 'urn:mace:dir:attribute-def:email': 'email', - 'urn:mace:dir:attribute-def:emailAddress': 'emailAddress', - 'urn:mace:dir:attribute-def:employeeNumber': 'employeeNumber', - 'urn:mace:dir:attribute-def:employeeType': 'employeeType', - 'urn:mace:dir:attribute-def:enhancedSearchGuide': 'enhancedSearchGuide', - 'urn:mace:dir:attribute-def:facsimileTelephoneNumber': 'facsimileTelephoneNumber', - 'urn:mace:dir:attribute-def:favouriteDrink': 'favouriteDrink', - 'urn:mace:dir:attribute-def:fax': 'fax', - 'urn:mace:dir:attribute-def:federationFeideSchemaVersion': 'federationFeideSchemaVersion', - 'urn:mace:dir:attribute-def:friendlyCountryName': 'friendlyCountryName', - 'urn:mace:dir:attribute-def:generationQualifier': 'generationQualifier', - 'urn:mace:dir:attribute-def:givenName': 'givenName', - 'urn:mace:dir:attribute-def:gn': 'gn', - 'urn:mace:dir:attribute-def:homePhone': 'homePhone', - 'urn:mace:dir:attribute-def:homePostalAddress': 'homePostalAddress', - 'urn:mace:dir:attribute-def:homeTelephoneNumber': 'homeTelephoneNumber', - 'urn:mace:dir:attribute-def:host': 'host', - 'urn:mace:dir:attribute-def:houseIdentifier': 'houseIdentifier', - 'urn:mace:dir:attribute-def:info': 'info', - 'urn:mace:dir:attribute-def:initials': 'initials', - 'urn:mace:dir:attribute-def:internationaliSDNNumber': 'internationaliSDNNumber', - 'urn:mace:dir:attribute-def:janetMailbox': 'janetMailbox', - 'urn:mace:dir:attribute-def:jpegPhoto': 'jpegPhoto', - 'urn:mace:dir:attribute-def:knowledgeInformation': 'knowledgeInformation', - 'urn:mace:dir:attribute-def:l': 'l', - 'urn:mace:dir:attribute-def:labeledURI': 'labeledURI', - 'urn:mace:dir:attribute-def:localityName': 'localityName', - 'urn:mace:dir:attribute-def:mDRecord': 'mDRecord', - 'urn:mace:dir:attribute-def:mXRecord': 'mXRecord', - 'urn:mace:dir:attribute-def:mail': 'mail', - 'urn:mace:dir:attribute-def:mailPreferenceOption': 'mailPreferenceOption', - 'urn:mace:dir:attribute-def:manager': 'manager', - 'urn:mace:dir:attribute-def:member': 'member', - 'urn:mace:dir:attribute-def:mobile': 'mobile', - 'urn:mace:dir:attribute-def:mobileTelephoneNumber': 'mobileTelephoneNumber', - 'urn:mace:dir:attribute-def:nSRecord': 'nSRecord', - 'urn:mace:dir:attribute-def:name': 'name', - 'urn:mace:dir:attribute-def:norEduOrgAcronym': 'norEduOrgAcronym', - 'urn:mace:dir:attribute-def:norEduOrgNIN': 'norEduOrgNIN', - 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion': 'norEduOrgSchemaVersion', - 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber': 'norEduOrgUniqueNumber', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber', - 'urn:mace:dir:attribute-def:norEduPersonBirthDate': 'norEduPersonBirthDate', - 'urn:mace:dir:attribute-def:norEduPersonLIN': 'norEduPersonLIN', - 'urn:mace:dir:attribute-def:norEduPersonNIN': 'norEduPersonNIN', - 'urn:mace:dir:attribute-def:o': 'o', - 'urn:mace:dir:attribute-def:objectClass': 'objectClass', - 'urn:mace:dir:attribute-def:organizationName': 'organizationName', - 'urn:mace:dir:attribute-def:organizationalStatus': 'organizationalStatus', - 'urn:mace:dir:attribute-def:organizationalUnitName': 'organizationalUnitName', - 'urn:mace:dir:attribute-def:otherMailbox': 'otherMailbox', - 'urn:mace:dir:attribute-def:ou': 'ou', - 'urn:mace:dir:attribute-def:owner': 'owner', - 'urn:mace:dir:attribute-def:pager': 'pager', - 'urn:mace:dir:attribute-def:pagerTelephoneNumber': 'pagerTelephoneNumber', - 'urn:mace:dir:attribute-def:personalSignature': 'personalSignature', - 'urn:mace:dir:attribute-def:personalTitle': 'personalTitle', - 'urn:mace:dir:attribute-def:photo': 'photo', - 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName': 'physicalDeliveryOfficeName', - 'urn:mace:dir:attribute-def:pkcs9email': 'pkcs9email', - 'urn:mace:dir:attribute-def:postOfficeBox': 'postOfficeBox', - 'urn:mace:dir:attribute-def:postalAddress': 'postalAddress', - 'urn:mace:dir:attribute-def:postalCode': 'postalCode', - 'urn:mace:dir:attribute-def:preferredDeliveryMethod': 'preferredDeliveryMethod', - 'urn:mace:dir:attribute-def:preferredLanguage': 'preferredLanguage', - 'urn:mace:dir:attribute-def:presentationAddress': 'presentationAddress', - 'urn:mace:dir:attribute-def:protocolInformation': 'protocolInformation', - 'urn:mace:dir:attribute-def:pseudonym': 'pseudonym', - 'urn:mace:dir:attribute-def:registeredAddress': 'registeredAddress', - 'urn:mace:dir:attribute-def:rfc822Mailbox': 'rfc822Mailbox', - 'urn:mace:dir:attribute-def:roleOccupant': 'roleOccupant', - 'urn:mace:dir:attribute-def:roomNumber': 'roomNumber', - 'urn:mace:dir:attribute-def:sOARecord': 'sOARecord', - 'urn:mace:dir:attribute-def:searchGuide': 'searchGuide', - 'urn:mace:dir:attribute-def:secretary': 'secretary', - 'urn:mace:dir:attribute-def:seeAlso': 'seeAlso', - 'urn:mace:dir:attribute-def:serialNumber': 'serialNumber', - 'urn:mace:dir:attribute-def:singleLevelQuality': 'singleLevelQuality', - 'urn:mace:dir:attribute-def:sn': 'sn', - 'urn:mace:dir:attribute-def:st': 'st', - 'urn:mace:dir:attribute-def:stateOrProvinceName': 'stateOrProvinceName', - 'urn:mace:dir:attribute-def:street': 'street', - 'urn:mace:dir:attribute-def:streetAddress': 'streetAddress', - 'urn:mace:dir:attribute-def:subtreeMaximumQuality': 'subtreeMaximumQuality', - 'urn:mace:dir:attribute-def:subtreeMinimumQuality': 'subtreeMinimumQuality', - 'urn:mace:dir:attribute-def:supportedAlgorithms': 'supportedAlgorithms', - 'urn:mace:dir:attribute-def:supportedApplicationContext': 'supportedApplicationContext', - 'urn:mace:dir:attribute-def:surname': 'surname', - 'urn:mace:dir:attribute-def:telephoneNumber': 'telephoneNumber', - 'urn:mace:dir:attribute-def:teletexTerminalIdentifier': 'teletexTerminalIdentifier', - 'urn:mace:dir:attribute-def:telexNumber': 'telexNumber', - 'urn:mace:dir:attribute-def:textEncodedORAddress': 'textEncodedORAddress', - 'urn:mace:dir:attribute-def:title': 'title', - 'urn:mace:dir:attribute-def:uid': 'uid', - 'urn:mace:dir:attribute-def:uniqueIdentifier': 'uniqueIdentifier', - 'urn:mace:dir:attribute-def:uniqueMember': 'uniqueMember', - 'urn:mace:dir:attribute-def:userCertificate': 'userCertificate', - 'urn:mace:dir:attribute-def:userClass': 'userClass', - 'urn:mace:dir:attribute-def:userPKCS12': 'userPKCS12', - 'urn:mace:dir:attribute-def:userPassword': 'userPassword', - 'urn:mace:dir:attribute-def:userSMIMECertificate': 'userSMIMECertificate', - 'urn:mace:dir:attribute-def:userid': 'userid', - 'urn:mace:dir:attribute-def:x121Address': 'x121Address', - 'urn:mace:dir:attribute-def:x500UniqueIdentifier': 'x500UniqueIdentifier', - }, + "urn:mace:dir:attribute-def:aRecord": "aRecord", + "urn:mace:dir:attribute-def:aliasedEntryName": "aliasedEntryName", + "urn:mace:dir:attribute-def:aliasedObjectName": "aliasedObjectName", + "urn:mace:dir:attribute-def:associatedDomain": "associatedDomain", + "urn:mace:dir:attribute-def:associatedName": "associatedName", + "urn:mace:dir:attribute-def:audio": "audio", + "urn:mace:dir:attribute-def:authorityRevocationList": "authorityRevocationList", + "urn:mace:dir:attribute-def:buildingName": "buildingName", + "urn:mace:dir:attribute-def:businessCategory": "businessCategory", + "urn:mace:dir:attribute-def:c": "c", + "urn:mace:dir:attribute-def:cACertificate": "cACertificate", + "urn:mace:dir:attribute-def:cNAMERecord": "cNAMERecord", + "urn:mace:dir:attribute-def:carLicense": "carLicense", + "urn:mace:dir:attribute-def:certificateRevocationList": "certificateRevocationList", + "urn:mace:dir:attribute-def:cn": "cn", + "urn:mace:dir:attribute-def:co": "co", + "urn:mace:dir:attribute-def:commonName": "commonName", + "urn:mace:dir:attribute-def:countryName": "countryName", + "urn:mace:dir:attribute-def:crossCertificatePair": "crossCertificatePair", + "urn:mace:dir:attribute-def:dITRedirect": "dITRedirect", + "urn:mace:dir:attribute-def:dSAQuality": "dSAQuality", + "urn:mace:dir:attribute-def:dc": "dc", + "urn:mace:dir:attribute-def:deltaRevocationList": "deltaRevocationList", + "urn:mace:dir:attribute-def:departmentNumber": "departmentNumber", + "urn:mace:dir:attribute-def:description": "description", + "urn:mace:dir:attribute-def:destinationIndicator": "destinationIndicator", + "urn:mace:dir:attribute-def:displayName": "displayName", + "urn:mace:dir:attribute-def:distinguishedName": "distinguishedName", + "urn:mace:dir:attribute-def:dmdName": "dmdName", + "urn:mace:dir:attribute-def:dnQualifier": "dnQualifier", + "urn:mace:dir:attribute-def:documentAuthor": "documentAuthor", + "urn:mace:dir:attribute-def:documentIdentifier": "documentIdentifier", + "urn:mace:dir:attribute-def:documentLocation": "documentLocation", + "urn:mace:dir:attribute-def:documentPublisher": "documentPublisher", + "urn:mace:dir:attribute-def:documentTitle": "documentTitle", + "urn:mace:dir:attribute-def:documentVersion": "documentVersion", + "urn:mace:dir:attribute-def:domainComponent": "domainComponent", + "urn:mace:dir:attribute-def:drink": "drink", + "urn:mace:dir:attribute-def:eduOrgHomePageURI": "eduOrgHomePageURI", + "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI": "eduOrgIdentityAuthNPolicyURI", + "urn:mace:dir:attribute-def:eduOrgLegalName": "eduOrgLegalName", + "urn:mace:dir:attribute-def:eduOrgSuperiorURI": "eduOrgSuperiorURI", + "urn:mace:dir:attribute-def:eduOrgWhitePagesURI": "eduOrgWhitePagesURI", + "urn:mace:dir:attribute-def:eduPersonAffiliation": "eduPersonAffiliation", + "urn:mace:dir:attribute-def:eduPersonEntitlement": "eduPersonEntitlement", + "urn:mace:dir:attribute-def:eduPersonNickname": "eduPersonNickname", + "urn:mace:dir:attribute-def:eduPersonOrgDN": "eduPersonOrgDN", + "urn:mace:dir:attribute-def:eduPersonOrgUnitDN": "eduPersonOrgUnitDN", + "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation": "eduPersonPrimaryAffiliation", + "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN": "eduPersonPrimaryOrgUnitDN", + "urn:mace:dir:attribute-def:eduPersonPrincipalName": "eduPersonPrincipalName", + "urn:mace:dir:attribute-def:eduPersonScopedAffiliation": "eduPersonScopedAffiliation", + "urn:mace:dir:attribute-def:eduPersonTargetedID": "eduPersonTargetedID", + "urn:mace:dir:attribute-def:email": "email", + "urn:mace:dir:attribute-def:emailAddress": "emailAddress", + "urn:mace:dir:attribute-def:employeeNumber": "employeeNumber", + "urn:mace:dir:attribute-def:employeeType": "employeeType", + "urn:mace:dir:attribute-def:enhancedSearchGuide": "enhancedSearchGuide", + "urn:mace:dir:attribute-def:facsimileTelephoneNumber": "facsimileTelephoneNumber", + "urn:mace:dir:attribute-def:favouriteDrink": "favouriteDrink", + "urn:mace:dir:attribute-def:fax": "fax", + "urn:mace:dir:attribute-def:federationFeideSchemaVersion": "federationFeideSchemaVersion", + "urn:mace:dir:attribute-def:friendlyCountryName": "friendlyCountryName", + "urn:mace:dir:attribute-def:generationQualifier": "generationQualifier", + "urn:mace:dir:attribute-def:givenName": "givenName", + "urn:mace:dir:attribute-def:gn": "gn", + "urn:mace:dir:attribute-def:homePhone": "homePhone", + "urn:mace:dir:attribute-def:homePostalAddress": "homePostalAddress", + "urn:mace:dir:attribute-def:homeTelephoneNumber": "homeTelephoneNumber", + "urn:mace:dir:attribute-def:host": "host", + "urn:mace:dir:attribute-def:houseIdentifier": "houseIdentifier", + "urn:mace:dir:attribute-def:info": "info", + "urn:mace:dir:attribute-def:initials": "initials", + "urn:mace:dir:attribute-def:internationaliSDNNumber": "internationaliSDNNumber", + "urn:mace:dir:attribute-def:janetMailbox": "janetMailbox", + "urn:mace:dir:attribute-def:jpegPhoto": "jpegPhoto", + "urn:mace:dir:attribute-def:knowledgeInformation": "knowledgeInformation", + "urn:mace:dir:attribute-def:l": "l", + "urn:mace:dir:attribute-def:labeledURI": "labeledURI", + "urn:mace:dir:attribute-def:localityName": "localityName", + "urn:mace:dir:attribute-def:mDRecord": "mDRecord", + "urn:mace:dir:attribute-def:mXRecord": "mXRecord", + "urn:mace:dir:attribute-def:mail": "mail", + "urn:mace:dir:attribute-def:mailPreferenceOption": "mailPreferenceOption", + "urn:mace:dir:attribute-def:manager": "manager", + "urn:mace:dir:attribute-def:member": "member", + "urn:mace:dir:attribute-def:mobile": "mobile", + "urn:mace:dir:attribute-def:mobileTelephoneNumber": "mobileTelephoneNumber", + "urn:mace:dir:attribute-def:nSRecord": "nSRecord", + "urn:mace:dir:attribute-def:name": "name", + "urn:mace:dir:attribute-def:norEduOrgAcronym": "norEduOrgAcronym", + "urn:mace:dir:attribute-def:norEduOrgNIN": "norEduOrgNIN", + "urn:mace:dir:attribute-def:norEduOrgSchemaVersion": "norEduOrgSchemaVersion", + "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier": "norEduOrgUniqueIdentifier", + "urn:mace:dir:attribute-def:norEduOrgUniqueNumber": "norEduOrgUniqueNumber", + "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier": "norEduOrgUnitUniqueIdentifier", + "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber": "norEduOrgUnitUniqueNumber", + "urn:mace:dir:attribute-def:norEduPersonBirthDate": "norEduPersonBirthDate", + "urn:mace:dir:attribute-def:norEduPersonLIN": "norEduPersonLIN", + "urn:mace:dir:attribute-def:norEduPersonNIN": "norEduPersonNIN", + "urn:mace:dir:attribute-def:o": "o", + "urn:mace:dir:attribute-def:objectClass": "objectClass", + "urn:mace:dir:attribute-def:organizationName": "organizationName", + "urn:mace:dir:attribute-def:organizationalStatus": "organizationalStatus", + "urn:mace:dir:attribute-def:organizationalUnitName": "organizationalUnitName", + "urn:mace:dir:attribute-def:otherMailbox": "otherMailbox", + "urn:mace:dir:attribute-def:ou": "ou", + "urn:mace:dir:attribute-def:owner": "owner", + "urn:mace:dir:attribute-def:pager": "pager", + "urn:mace:dir:attribute-def:pagerTelephoneNumber": "pagerTelephoneNumber", + "urn:mace:dir:attribute-def:personalSignature": "personalSignature", + "urn:mace:dir:attribute-def:personalTitle": "personalTitle", + "urn:mace:dir:attribute-def:photo": "photo", + "urn:mace:dir:attribute-def:physicalDeliveryOfficeName": "physicalDeliveryOfficeName", + "urn:mace:dir:attribute-def:pkcs9email": "pkcs9email", + "urn:mace:dir:attribute-def:postOfficeBox": "postOfficeBox", + "urn:mace:dir:attribute-def:postalAddress": "postalAddress", + "urn:mace:dir:attribute-def:postalCode": "postalCode", + "urn:mace:dir:attribute-def:preferredDeliveryMethod": "preferredDeliveryMethod", + "urn:mace:dir:attribute-def:preferredLanguage": "preferredLanguage", + "urn:mace:dir:attribute-def:presentationAddress": "presentationAddress", + "urn:mace:dir:attribute-def:protocolInformation": "protocolInformation", + "urn:mace:dir:attribute-def:pseudonym": "pseudonym", + "urn:mace:dir:attribute-def:registeredAddress": "registeredAddress", + "urn:mace:dir:attribute-def:rfc822Mailbox": "rfc822Mailbox", + "urn:mace:dir:attribute-def:roleOccupant": "roleOccupant", + "urn:mace:dir:attribute-def:roomNumber": "roomNumber", + "urn:mace:dir:attribute-def:sOARecord": "sOARecord", + "urn:mace:dir:attribute-def:searchGuide": "searchGuide", + "urn:mace:dir:attribute-def:secretary": "secretary", + "urn:mace:dir:attribute-def:seeAlso": "seeAlso", + "urn:mace:dir:attribute-def:serialNumber": "serialNumber", + "urn:mace:dir:attribute-def:singleLevelQuality": "singleLevelQuality", + "urn:mace:dir:attribute-def:sn": "sn", + "urn:mace:dir:attribute-def:st": "st", + "urn:mace:dir:attribute-def:stateOrProvinceName": "stateOrProvinceName", + "urn:mace:dir:attribute-def:street": "street", + "urn:mace:dir:attribute-def:streetAddress": "streetAddress", + "urn:mace:dir:attribute-def:subtreeMaximumQuality": "subtreeMaximumQuality", + "urn:mace:dir:attribute-def:subtreeMinimumQuality": "subtreeMinimumQuality", + "urn:mace:dir:attribute-def:supportedAlgorithms": "supportedAlgorithms", + "urn:mace:dir:attribute-def:supportedApplicationContext": "supportedApplicationContext", + "urn:mace:dir:attribute-def:surname": "surname", + "urn:mace:dir:attribute-def:telephoneNumber": "telephoneNumber", + "urn:mace:dir:attribute-def:teletexTerminalIdentifier": "teletexTerminalIdentifier", + "urn:mace:dir:attribute-def:telexNumber": "telexNumber", + "urn:mace:dir:attribute-def:textEncodedORAddress": "textEncodedORAddress", + "urn:mace:dir:attribute-def:title": "title", + "urn:mace:dir:attribute-def:uid": "uid", + "urn:mace:dir:attribute-def:uniqueIdentifier": "uniqueIdentifier", + "urn:mace:dir:attribute-def:uniqueMember": "uniqueMember", + "urn:mace:dir:attribute-def:userCertificate": "userCertificate", + "urn:mace:dir:attribute-def:userClass": "userClass", + "urn:mace:dir:attribute-def:userPKCS12": "userPKCS12", + "urn:mace:dir:attribute-def:userPassword": "userPassword", + "urn:mace:dir:attribute-def:userSMIMECertificate": "userSMIMECertificate", + "urn:mace:dir:attribute-def:userid": "userid", + "urn:mace:dir:attribute-def:x121Address": "x121Address", + "urn:mace:dir:attribute-def:x500UniqueIdentifier": "x500UniqueIdentifier", + }, "to": { - 'aRecord': 'urn:mace:dir:attribute-def:aRecord', - 'aliasedEntryName': 'urn:mace:dir:attribute-def:aliasedEntryName', - 'aliasedObjectName': 'urn:mace:dir:attribute-def:aliasedObjectName', - 'associatedDomain': 'urn:mace:dir:attribute-def:associatedDomain', - 'associatedName': 'urn:mace:dir:attribute-def:associatedName', - 'audio': 'urn:mace:dir:attribute-def:audio', - 'authorityRevocationList': 'urn:mace:dir:attribute-def:authorityRevocationList', - 'buildingName': 'urn:mace:dir:attribute-def:buildingName', - 'businessCategory': 'urn:mace:dir:attribute-def:businessCategory', - 'c': 'urn:mace:dir:attribute-def:c', - 'cACertificate': 'urn:mace:dir:attribute-def:cACertificate', - 'cNAMERecord': 'urn:mace:dir:attribute-def:cNAMERecord', - 'carLicense': 'urn:mace:dir:attribute-def:carLicense', - 'certificateRevocationList': 'urn:mace:dir:attribute-def:certificateRevocationList', - 'cn': 'urn:mace:dir:attribute-def:cn', - 'co': 'urn:mace:dir:attribute-def:co', - 'commonName': 'urn:mace:dir:attribute-def:commonName', - 'countryName': 'urn:mace:dir:attribute-def:countryName', - 'crossCertificatePair': 'urn:mace:dir:attribute-def:crossCertificatePair', - 'dITRedirect': 'urn:mace:dir:attribute-def:dITRedirect', - 'dSAQuality': 'urn:mace:dir:attribute-def:dSAQuality', - 'dc': 'urn:mace:dir:attribute-def:dc', - 'deltaRevocationList': 'urn:mace:dir:attribute-def:deltaRevocationList', - 'departmentNumber': 'urn:mace:dir:attribute-def:departmentNumber', - 'description': 'urn:mace:dir:attribute-def:description', - 'destinationIndicator': 'urn:mace:dir:attribute-def:destinationIndicator', - 'displayName': 'urn:mace:dir:attribute-def:displayName', - 'distinguishedName': 'urn:mace:dir:attribute-def:distinguishedName', - 'dmdName': 'urn:mace:dir:attribute-def:dmdName', - 'dnQualifier': 'urn:mace:dir:attribute-def:dnQualifier', - 'documentAuthor': 'urn:mace:dir:attribute-def:documentAuthor', - 'documentIdentifier': 'urn:mace:dir:attribute-def:documentIdentifier', - 'documentLocation': 'urn:mace:dir:attribute-def:documentLocation', - 'documentPublisher': 'urn:mace:dir:attribute-def:documentPublisher', - 'documentTitle': 'urn:mace:dir:attribute-def:documentTitle', - 'documentVersion': 'urn:mace:dir:attribute-def:documentVersion', - 'domainComponent': 'urn:mace:dir:attribute-def:domainComponent', - 'drink': 'urn:mace:dir:attribute-def:drink', - 'eduOrgHomePageURI': 'urn:mace:dir:attribute-def:eduOrgHomePageURI', - 'eduOrgIdentityAuthNPolicyURI': 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI', - 'eduOrgLegalName': 'urn:mace:dir:attribute-def:eduOrgLegalName', - 'eduOrgSuperiorURI': 'urn:mace:dir:attribute-def:eduOrgSuperiorURI', - 'eduOrgWhitePagesURI': 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI', - 'eduPersonAffiliation': 'urn:mace:dir:attribute-def:eduPersonAffiliation', - 'eduPersonEntitlement': 'urn:mace:dir:attribute-def:eduPersonEntitlement', - 'eduPersonNickname': 'urn:mace:dir:attribute-def:eduPersonNickname', - 'eduPersonOrgDN': 'urn:mace:dir:attribute-def:eduPersonOrgDN', - 'eduPersonOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN', - 'eduPersonPrimaryAffiliation': 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation', - 'eduPersonPrimaryOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN', - 'eduPersonPrincipalName': 'urn:mace:dir:attribute-def:eduPersonPrincipalName', - 'eduPersonScopedAffiliation': 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation', - 'eduPersonTargetedID': 'urn:mace:dir:attribute-def:eduPersonTargetedID', - 'email': 'urn:mace:dir:attribute-def:email', - 'emailAddress': 'urn:mace:dir:attribute-def:emailAddress', - 'employeeNumber': 'urn:mace:dir:attribute-def:employeeNumber', - 'employeeType': 'urn:mace:dir:attribute-def:employeeType', - 'enhancedSearchGuide': 'urn:mace:dir:attribute-def:enhancedSearchGuide', - 'facsimileTelephoneNumber': 'urn:mace:dir:attribute-def:facsimileTelephoneNumber', - 'favouriteDrink': 'urn:mace:dir:attribute-def:favouriteDrink', - 'fax': 'urn:mace:dir:attribute-def:fax', - 'federationFeideSchemaVersion': 'urn:mace:dir:attribute-def:federationFeideSchemaVersion', - 'friendlyCountryName': 'urn:mace:dir:attribute-def:friendlyCountryName', - 'generationQualifier': 'urn:mace:dir:attribute-def:generationQualifier', - 'givenName': 'urn:mace:dir:attribute-def:givenName', - 'gn': 'urn:mace:dir:attribute-def:gn', - 'homePhone': 'urn:mace:dir:attribute-def:homePhone', - 'homePostalAddress': 'urn:mace:dir:attribute-def:homePostalAddress', - 'homeTelephoneNumber': 'urn:mace:dir:attribute-def:homeTelephoneNumber', - 'host': 'urn:mace:dir:attribute-def:host', - 'houseIdentifier': 'urn:mace:dir:attribute-def:houseIdentifier', - 'info': 'urn:mace:dir:attribute-def:info', - 'initials': 'urn:mace:dir:attribute-def:initials', - 'internationaliSDNNumber': 'urn:mace:dir:attribute-def:internationaliSDNNumber', - 'janetMailbox': 'urn:mace:dir:attribute-def:janetMailbox', - 'jpegPhoto': 'urn:mace:dir:attribute-def:jpegPhoto', - 'knowledgeInformation': 'urn:mace:dir:attribute-def:knowledgeInformation', - 'l': 'urn:mace:dir:attribute-def:l', - 'labeledURI': 'urn:mace:dir:attribute-def:labeledURI', - 'localityName': 'urn:mace:dir:attribute-def:localityName', - 'mDRecord': 'urn:mace:dir:attribute-def:mDRecord', - 'mXRecord': 'urn:mace:dir:attribute-def:mXRecord', - 'mail': 'urn:mace:dir:attribute-def:mail', - 'mailPreferenceOption': 'urn:mace:dir:attribute-def:mailPreferenceOption', - 'manager': 'urn:mace:dir:attribute-def:manager', - 'member': 'urn:mace:dir:attribute-def:member', - 'mobile': 'urn:mace:dir:attribute-def:mobile', - 'mobileTelephoneNumber': 'urn:mace:dir:attribute-def:mobileTelephoneNumber', - 'nSRecord': 'urn:mace:dir:attribute-def:nSRecord', - 'name': 'urn:mace:dir:attribute-def:name', - 'norEduOrgAcronym': 'urn:mace:dir:attribute-def:norEduOrgAcronym', - 'norEduOrgNIN': 'urn:mace:dir:attribute-def:norEduOrgNIN', - 'norEduOrgSchemaVersion': 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion', - 'norEduOrgUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier', - 'norEduOrgUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber', - 'norEduOrgUnitUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier', - 'norEduOrgUnitUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber', - 'norEduPersonBirthDate': 'urn:mace:dir:attribute-def:norEduPersonBirthDate', - 'norEduPersonLIN': 'urn:mace:dir:attribute-def:norEduPersonLIN', - 'norEduPersonNIN': 'urn:mace:dir:attribute-def:norEduPersonNIN', - 'o': 'urn:mace:dir:attribute-def:o', - 'objectClass': 'urn:mace:dir:attribute-def:objectClass', - 'organizationName': 'urn:mace:dir:attribute-def:organizationName', - 'organizationalStatus': 'urn:mace:dir:attribute-def:organizationalStatus', - 'organizationalUnitName': 'urn:mace:dir:attribute-def:organizationalUnitName', - 'otherMailbox': 'urn:mace:dir:attribute-def:otherMailbox', - 'ou': 'urn:mace:dir:attribute-def:ou', - 'owner': 'urn:mace:dir:attribute-def:owner', - 'pager': 'urn:mace:dir:attribute-def:pager', - 'pagerTelephoneNumber': 'urn:mace:dir:attribute-def:pagerTelephoneNumber', - 'personalSignature': 'urn:mace:dir:attribute-def:personalSignature', - 'personalTitle': 'urn:mace:dir:attribute-def:personalTitle', - 'photo': 'urn:mace:dir:attribute-def:photo', - 'physicalDeliveryOfficeName': 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName', - 'pkcs9email': 'urn:mace:dir:attribute-def:pkcs9email', - 'postOfficeBox': 'urn:mace:dir:attribute-def:postOfficeBox', - 'postalAddress': 'urn:mace:dir:attribute-def:postalAddress', - 'postalCode': 'urn:mace:dir:attribute-def:postalCode', - 'preferredDeliveryMethod': 'urn:mace:dir:attribute-def:preferredDeliveryMethod', - 'preferredLanguage': 'urn:mace:dir:attribute-def:preferredLanguage', - 'presentationAddress': 'urn:mace:dir:attribute-def:presentationAddress', - 'protocolInformation': 'urn:mace:dir:attribute-def:protocolInformation', - 'pseudonym': 'urn:mace:dir:attribute-def:pseudonym', - 'registeredAddress': 'urn:mace:dir:attribute-def:registeredAddress', - 'rfc822Mailbox': 'urn:mace:dir:attribute-def:rfc822Mailbox', - 'roleOccupant': 'urn:mace:dir:attribute-def:roleOccupant', - 'roomNumber': 'urn:mace:dir:attribute-def:roomNumber', - 'sOARecord': 'urn:mace:dir:attribute-def:sOARecord', - 'searchGuide': 'urn:mace:dir:attribute-def:searchGuide', - 'secretary': 'urn:mace:dir:attribute-def:secretary', - 'seeAlso': 'urn:mace:dir:attribute-def:seeAlso', - 'serialNumber': 'urn:mace:dir:attribute-def:serialNumber', - 'singleLevelQuality': 'urn:mace:dir:attribute-def:singleLevelQuality', - 'sn': 'urn:mace:dir:attribute-def:sn', - 'st': 'urn:mace:dir:attribute-def:st', - 'stateOrProvinceName': 'urn:mace:dir:attribute-def:stateOrProvinceName', - 'street': 'urn:mace:dir:attribute-def:street', - 'streetAddress': 'urn:mace:dir:attribute-def:streetAddress', - 'subtreeMaximumQuality': 'urn:mace:dir:attribute-def:subtreeMaximumQuality', - 'subtreeMinimumQuality': 'urn:mace:dir:attribute-def:subtreeMinimumQuality', - 'supportedAlgorithms': 'urn:mace:dir:attribute-def:supportedAlgorithms', - 'supportedApplicationContext': 'urn:mace:dir:attribute-def:supportedApplicationContext', - 'surname': 'urn:mace:dir:attribute-def:surname', - 'telephoneNumber': 'urn:mace:dir:attribute-def:telephoneNumber', - 'teletexTerminalIdentifier': 'urn:mace:dir:attribute-def:teletexTerminalIdentifier', - 'telexNumber': 'urn:mace:dir:attribute-def:telexNumber', - 'textEncodedORAddress': 'urn:mace:dir:attribute-def:textEncodedORAddress', - 'title': 'urn:mace:dir:attribute-def:title', - 'uid': 'urn:mace:dir:attribute-def:uid', - 'uniqueIdentifier': 'urn:mace:dir:attribute-def:uniqueIdentifier', - 'uniqueMember': 'urn:mace:dir:attribute-def:uniqueMember', - 'userCertificate': 'urn:mace:dir:attribute-def:userCertificate', - 'userClass': 'urn:mace:dir:attribute-def:userClass', - 'userPKCS12': 'urn:mace:dir:attribute-def:userPKCS12', - 'userPassword': 'urn:mace:dir:attribute-def:userPassword', - 'userSMIMECertificate': 'urn:mace:dir:attribute-def:userSMIMECertificate', - 'userid': 'urn:mace:dir:attribute-def:userid', - 'x121Address': 'urn:mace:dir:attribute-def:x121Address', - 'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier', - } -} \ No newline at end of file + "aRecord": "urn:mace:dir:attribute-def:aRecord", + "aliasedEntryName": "urn:mace:dir:attribute-def:aliasedEntryName", + "aliasedObjectName": "urn:mace:dir:attribute-def:aliasedObjectName", + "associatedDomain": "urn:mace:dir:attribute-def:associatedDomain", + "associatedName": "urn:mace:dir:attribute-def:associatedName", + "audio": "urn:mace:dir:attribute-def:audio", + "authorityRevocationList": "urn:mace:dir:attribute-def:authorityRevocationList", + "buildingName": "urn:mace:dir:attribute-def:buildingName", + "businessCategory": "urn:mace:dir:attribute-def:businessCategory", + "c": "urn:mace:dir:attribute-def:c", + "cACertificate": "urn:mace:dir:attribute-def:cACertificate", + "cNAMERecord": "urn:mace:dir:attribute-def:cNAMERecord", + "carLicense": "urn:mace:dir:attribute-def:carLicense", + "certificateRevocationList": "urn:mace:dir:attribute-def:certificateRevocationList", + "cn": "urn:mace:dir:attribute-def:cn", + "co": "urn:mace:dir:attribute-def:co", + "commonName": "urn:mace:dir:attribute-def:commonName", + "countryName": "urn:mace:dir:attribute-def:countryName", + "crossCertificatePair": "urn:mace:dir:attribute-def:crossCertificatePair", + "dITRedirect": "urn:mace:dir:attribute-def:dITRedirect", + "dSAQuality": "urn:mace:dir:attribute-def:dSAQuality", + "dc": "urn:mace:dir:attribute-def:dc", + "deltaRevocationList": "urn:mace:dir:attribute-def:deltaRevocationList", + "departmentNumber": "urn:mace:dir:attribute-def:departmentNumber", + "description": "urn:mace:dir:attribute-def:description", + "destinationIndicator": "urn:mace:dir:attribute-def:destinationIndicator", + "displayName": "urn:mace:dir:attribute-def:displayName", + "distinguishedName": "urn:mace:dir:attribute-def:distinguishedName", + "dmdName": "urn:mace:dir:attribute-def:dmdName", + "dnQualifier": "urn:mace:dir:attribute-def:dnQualifier", + "documentAuthor": "urn:mace:dir:attribute-def:documentAuthor", + "documentIdentifier": "urn:mace:dir:attribute-def:documentIdentifier", + "documentLocation": "urn:mace:dir:attribute-def:documentLocation", + "documentPublisher": "urn:mace:dir:attribute-def:documentPublisher", + "documentTitle": "urn:mace:dir:attribute-def:documentTitle", + "documentVersion": "urn:mace:dir:attribute-def:documentVersion", + "domainComponent": "urn:mace:dir:attribute-def:domainComponent", + "drink": "urn:mace:dir:attribute-def:drink", + "eduOrgHomePageURI": "urn:mace:dir:attribute-def:eduOrgHomePageURI", + "eduOrgIdentityAuthNPolicyURI": "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI", + "eduOrgLegalName": "urn:mace:dir:attribute-def:eduOrgLegalName", + "eduOrgSuperiorURI": "urn:mace:dir:attribute-def:eduOrgSuperiorURI", + "eduOrgWhitePagesURI": "urn:mace:dir:attribute-def:eduOrgWhitePagesURI", + "eduPersonAffiliation": "urn:mace:dir:attribute-def:eduPersonAffiliation", + "eduPersonEntitlement": "urn:mace:dir:attribute-def:eduPersonEntitlement", + "eduPersonNickname": "urn:mace:dir:attribute-def:eduPersonNickname", + "eduPersonOrgDN": "urn:mace:dir:attribute-def:eduPersonOrgDN", + "eduPersonOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonOrgUnitDN", + "eduPersonPrimaryAffiliation": "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation", + "eduPersonPrimaryOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN", + "eduPersonPrincipalName": "urn:mace:dir:attribute-def:eduPersonPrincipalName", + "eduPersonScopedAffiliation": "urn:mace:dir:attribute-def:eduPersonScopedAffiliation", + "eduPersonTargetedID": "urn:mace:dir:attribute-def:eduPersonTargetedID", + "email": "urn:mace:dir:attribute-def:email", + "emailAddress": "urn:mace:dir:attribute-def:emailAddress", + "employeeNumber": "urn:mace:dir:attribute-def:employeeNumber", + "employeeType": "urn:mace:dir:attribute-def:employeeType", + "enhancedSearchGuide": "urn:mace:dir:attribute-def:enhancedSearchGuide", + "facsimileTelephoneNumber": "urn:mace:dir:attribute-def:facsimileTelephoneNumber", + "favouriteDrink": "urn:mace:dir:attribute-def:favouriteDrink", + "fax": "urn:mace:dir:attribute-def:fax", + "federationFeideSchemaVersion": "urn:mace:dir:attribute-def:federationFeideSchemaVersion", + "friendlyCountryName": "urn:mace:dir:attribute-def:friendlyCountryName", + "generationQualifier": "urn:mace:dir:attribute-def:generationQualifier", + "givenName": "urn:mace:dir:attribute-def:givenName", + "gn": "urn:mace:dir:attribute-def:gn", + "homePhone": "urn:mace:dir:attribute-def:homePhone", + "homePostalAddress": "urn:mace:dir:attribute-def:homePostalAddress", + "homeTelephoneNumber": "urn:mace:dir:attribute-def:homeTelephoneNumber", + "host": "urn:mace:dir:attribute-def:host", + "houseIdentifier": "urn:mace:dir:attribute-def:houseIdentifier", + "info": "urn:mace:dir:attribute-def:info", + "initials": "urn:mace:dir:attribute-def:initials", + "internationaliSDNNumber": "urn:mace:dir:attribute-def:internationaliSDNNumber", + "janetMailbox": "urn:mace:dir:attribute-def:janetMailbox", + "jpegPhoto": "urn:mace:dir:attribute-def:jpegPhoto", + "knowledgeInformation": "urn:mace:dir:attribute-def:knowledgeInformation", + "l": "urn:mace:dir:attribute-def:l", + "labeledURI": "urn:mace:dir:attribute-def:labeledURI", + "localityName": "urn:mace:dir:attribute-def:localityName", + "mDRecord": "urn:mace:dir:attribute-def:mDRecord", + "mXRecord": "urn:mace:dir:attribute-def:mXRecord", + "mail": "urn:mace:dir:attribute-def:mail", + "mailPreferenceOption": "urn:mace:dir:attribute-def:mailPreferenceOption", + "manager": "urn:mace:dir:attribute-def:manager", + "member": "urn:mace:dir:attribute-def:member", + "mobile": "urn:mace:dir:attribute-def:mobile", + "mobileTelephoneNumber": "urn:mace:dir:attribute-def:mobileTelephoneNumber", + "nSRecord": "urn:mace:dir:attribute-def:nSRecord", + "name": "urn:mace:dir:attribute-def:name", + "norEduOrgAcronym": "urn:mace:dir:attribute-def:norEduOrgAcronym", + "norEduOrgNIN": "urn:mace:dir:attribute-def:norEduOrgNIN", + "norEduOrgSchemaVersion": "urn:mace:dir:attribute-def:norEduOrgSchemaVersion", + "norEduOrgUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier", + "norEduOrgUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUniqueNumber", + "norEduOrgUnitUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier", + "norEduOrgUnitUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber", + "norEduPersonBirthDate": "urn:mace:dir:attribute-def:norEduPersonBirthDate", + "norEduPersonLIN": "urn:mace:dir:attribute-def:norEduPersonLIN", + "norEduPersonNIN": "urn:mace:dir:attribute-def:norEduPersonNIN", + "o": "urn:mace:dir:attribute-def:o", + "objectClass": "urn:mace:dir:attribute-def:objectClass", + "organizationName": "urn:mace:dir:attribute-def:organizationName", + "organizationalStatus": "urn:mace:dir:attribute-def:organizationalStatus", + "organizationalUnitName": "urn:mace:dir:attribute-def:organizationalUnitName", + "otherMailbox": "urn:mace:dir:attribute-def:otherMailbox", + "ou": "urn:mace:dir:attribute-def:ou", + "owner": "urn:mace:dir:attribute-def:owner", + "pager": "urn:mace:dir:attribute-def:pager", + "pagerTelephoneNumber": "urn:mace:dir:attribute-def:pagerTelephoneNumber", + "personalSignature": "urn:mace:dir:attribute-def:personalSignature", + "personalTitle": "urn:mace:dir:attribute-def:personalTitle", + "photo": "urn:mace:dir:attribute-def:photo", + "physicalDeliveryOfficeName": "urn:mace:dir:attribute-def:physicalDeliveryOfficeName", + "pkcs9email": "urn:mace:dir:attribute-def:pkcs9email", + "postOfficeBox": "urn:mace:dir:attribute-def:postOfficeBox", + "postalAddress": "urn:mace:dir:attribute-def:postalAddress", + "postalCode": "urn:mace:dir:attribute-def:postalCode", + "preferredDeliveryMethod": "urn:mace:dir:attribute-def:preferredDeliveryMethod", + "preferredLanguage": "urn:mace:dir:attribute-def:preferredLanguage", + "presentationAddress": "urn:mace:dir:attribute-def:presentationAddress", + "protocolInformation": "urn:mace:dir:attribute-def:protocolInformation", + "pseudonym": "urn:mace:dir:attribute-def:pseudonym", + "registeredAddress": "urn:mace:dir:attribute-def:registeredAddress", + "rfc822Mailbox": "urn:mace:dir:attribute-def:rfc822Mailbox", + "roleOccupant": "urn:mace:dir:attribute-def:roleOccupant", + "roomNumber": "urn:mace:dir:attribute-def:roomNumber", + "sOARecord": "urn:mace:dir:attribute-def:sOARecord", + "searchGuide": "urn:mace:dir:attribute-def:searchGuide", + "secretary": "urn:mace:dir:attribute-def:secretary", + "seeAlso": "urn:mace:dir:attribute-def:seeAlso", + "serialNumber": "urn:mace:dir:attribute-def:serialNumber", + "singleLevelQuality": "urn:mace:dir:attribute-def:singleLevelQuality", + "sn": "urn:mace:dir:attribute-def:sn", + "st": "urn:mace:dir:attribute-def:st", + "stateOrProvinceName": "urn:mace:dir:attribute-def:stateOrProvinceName", + "street": "urn:mace:dir:attribute-def:street", + "streetAddress": "urn:mace:dir:attribute-def:streetAddress", + "subtreeMaximumQuality": "urn:mace:dir:attribute-def:subtreeMaximumQuality", + "subtreeMinimumQuality": "urn:mace:dir:attribute-def:subtreeMinimumQuality", + "supportedAlgorithms": "urn:mace:dir:attribute-def:supportedAlgorithms", + "supportedApplicationContext": "urn:mace:dir:attribute-def:supportedApplicationContext", + "surname": "urn:mace:dir:attribute-def:surname", + "telephoneNumber": "urn:mace:dir:attribute-def:telephoneNumber", + "teletexTerminalIdentifier": "urn:mace:dir:attribute-def:teletexTerminalIdentifier", + "telexNumber": "urn:mace:dir:attribute-def:telexNumber", + "textEncodedORAddress": "urn:mace:dir:attribute-def:textEncodedORAddress", + "title": "urn:mace:dir:attribute-def:title", + "uid": "urn:mace:dir:attribute-def:uid", + "uniqueIdentifier": "urn:mace:dir:attribute-def:uniqueIdentifier", + "uniqueMember": "urn:mace:dir:attribute-def:uniqueMember", + "userCertificate": "urn:mace:dir:attribute-def:userCertificate", + "userClass": "urn:mace:dir:attribute-def:userClass", + "userPKCS12": "urn:mace:dir:attribute-def:userPKCS12", + "userPassword": "urn:mace:dir:attribute-def:userPassword", + "userSMIMECertificate": "urn:mace:dir:attribute-def:userSMIMECertificate", + "userid": "urn:mace:dir:attribute-def:userid", + "x121Address": "urn:mace:dir:attribute-def:x121Address", + "x500UniqueIdentifier": "urn:mace:dir:attribute-def:x500UniqueIdentifier", + }, +} diff --git a/example/attributemaps/saml_uri.py b/example/attributemaps/saml_uri.py index c4a169620..5f5d91456 100644 --- a/example/attributemaps/saml_uri.py +++ b/example/attributemaps/saml_uri.py @@ -1,199 +1,199 @@ -__author__ = 'rolandh' +__author__ = "rolandh" EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1." X500ATTR_OID = "urn:oid:2.5.4." NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1." NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1." -UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.' +UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1." PKCS_9 = "urn:oid:1.2.840.113549.1.9." UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "fro": { - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP+'241': 'displayName', - UCL_DIR_PILOT+'37': 'associatedDomain', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - X500ATTR_OID+'53': 'deltaRevocationList', - X500ATTR_OID+'52': 'supportedAlgorithms', - X500ATTR_OID+'51': 'houseIdentifier', - X500ATTR_OID+'50': 'uniqueMember', - X500ATTR_OID+'19': 'physicalDeliveryOfficeName', - X500ATTR_OID+'18': 'postOfficeBox', - X500ATTR_OID+'17': 'postalCode', - X500ATTR_OID+'16': 'postalAddress', - X500ATTR_OID+'15': 'businessCategory', - X500ATTR_OID+'14': 'searchGuide', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - X500ATTR_OID+'12': 'title', - X500ATTR_OID+'11': 'ou', - X500ATTR_OID+'10': 'o', - X500ATTR_OID+'37': 'cACertificate', - X500ATTR_OID+'36': 'userCertificate', - X500ATTR_OID+'31': 'member', - X500ATTR_OID+'30': 'supportedApplicationContext', - X500ATTR_OID+'33': 'roleOccupant', - X500ATTR_OID+'32': 'owner', - NETSCAPE_LDAP+'1': 'carLicense', - PKCS_9+'1': 'email', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'2': 'departmentNumber', - X500ATTR_OID+'39': 'certificateRevocationList', - X500ATTR_OID+'38': 'authorityRevocationList', - NETSCAPE_LDAP+'216': 'userPKCS12', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR_OID+'9': 'street', - X500ATTR_OID+'8': 'st', - NETSCAPE_LDAP+'39': 'preferredLanguage', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - X500ATTR_OID+'2': 'knowledgeInformation', - X500ATTR_OID+'7': 'l', - X500ATTR_OID+'6': 'c', - X500ATTR_OID+'5': 'serialNumber', - X500ATTR_OID+'4': 'sn', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR_OID+'65': 'pseudonym', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - X500ATTR_OID+'40': 'crossCertificatePair', - X500ATTR_OID+'42': 'givenName', - X500ATTR_OID+'43': 'initials', - X500ATTR_OID+'44': 'generationQualifier', - X500ATTR_OID+'45': 'x500UniqueIdentifier', - X500ATTR_OID+'46': 'dnQualifier', - X500ATTR_OID+'47': 'enhancedSearchGuide', - X500ATTR_OID+'48': 'protocolInformation', - X500ATTR_OID+'54': 'dmdName', - NETSCAPE_LDAP+'4': 'employeeType', - X500ATTR_OID+'22': 'teletexTerminalIdentifier', - X500ATTR_OID+'23': 'facsimileTelephoneNumber', - X500ATTR_OID+'20': 'telephoneNumber', - X500ATTR_OID+'21': 'telexNumber', - X500ATTR_OID+'26': 'registeredAddress', - X500ATTR_OID+'27': 'destinationIndicator', - X500ATTR_OID+'24': 'x121Address', - X500ATTR_OID+'25': 'internationaliSDNNumber', - X500ATTR_OID+'28': 'preferredDeliveryMethod', - X500ATTR_OID+'29': 'presentationAddress', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', - UMICH+'57': 'labeledURI', - UCL_DIR_PILOT+'1': 'uid', + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NETSCAPE_LDAP}241": "displayName", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{X500ATTR_OID}53": "deltaRevocationList", + f"{X500ATTR_OID}52": "supportedAlgorithms", + f"{X500ATTR_OID}51": "houseIdentifier", + f"{X500ATTR_OID}50": "uniqueMember", + f"{X500ATTR_OID}19": "physicalDeliveryOfficeName", + f"{X500ATTR_OID}18": "postOfficeBox", + f"{X500ATTR_OID}17": "postalCode", + f"{X500ATTR_OID}16": "postalAddress", + f"{X500ATTR_OID}15": "businessCategory", + f"{X500ATTR_OID}14": "searchGuide", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{X500ATTR_OID}12": "title", + f"{X500ATTR_OID}11": "ou", + f"{X500ATTR_OID}10": "o", + f"{X500ATTR_OID}37": "cACertificate", + f"{X500ATTR_OID}36": "userCertificate", + f"{X500ATTR_OID}31": "member", + f"{X500ATTR_OID}30": "supportedApplicationContext", + f"{X500ATTR_OID}33": "roleOccupant", + f"{X500ATTR_OID}32": "owner", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{PKCS_9}1": "email", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{X500ATTR_OID}39": "certificateRevocationList", + f"{X500ATTR_OID}38": "authorityRevocationList", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{X500ATTR_OID}9": "street", + f"{X500ATTR_OID}8": "st", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{X500ATTR_OID}2": "knowledgeInformation", + f"{X500ATTR_OID}7": "l", + f"{X500ATTR_OID}6": "c", + f"{X500ATTR_OID}5": "serialNumber", + f"{X500ATTR_OID}4": "sn", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{X500ATTR_OID}65": "pseudonym", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{X500ATTR_OID}40": "crossCertificatePair", + f"{X500ATTR_OID}42": "givenName", + f"{X500ATTR_OID}43": "initials", + f"{X500ATTR_OID}44": "generationQualifier", + f"{X500ATTR_OID}45": "x500UniqueIdentifier", + f"{X500ATTR_OID}46": "dnQualifier", + f"{X500ATTR_OID}47": "enhancedSearchGuide", + f"{X500ATTR_OID}48": "protocolInformation", + f"{X500ATTR_OID}54": "dmdName", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{X500ATTR_OID}22": "teletexTerminalIdentifier", + f"{X500ATTR_OID}23": "facsimileTelephoneNumber", + f"{X500ATTR_OID}20": "telephoneNumber", + f"{X500ATTR_OID}21": "telexNumber", + f"{X500ATTR_OID}26": "registeredAddress", + f"{X500ATTR_OID}27": "destinationIndicator", + f"{X500ATTR_OID}24": "x121Address", + f"{X500ATTR_OID}25": "internationaliSDNNumber", + f"{X500ATTR_OID}28": "preferredDeliveryMethod", + f"{X500ATTR_OID}29": "presentationAddress", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", + f"{UMICH}57": "labeledURI", + f"{UCL_DIR_PILOT}1": "uid", }, "to": { - 'roleOccupant': X500ATTR_OID+'33', - 'gn': X500ATTR_OID+'42', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'title': X500ATTR_OID+'12', - 'facsimileTelephoneNumber': X500ATTR_OID+'23', - 'mail': UCL_DIR_PILOT+'3', - 'postOfficeBox': X500ATTR_OID+'18', - 'fax': X500ATTR_OID+'23', - 'telephoneNumber': X500ATTR_OID+'20', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'dc': UCL_DIR_PILOT+'25', - 'countryName': X500ATTR_OID+'6', - 'emailAddress': PKCS_9+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'organizationName': X500ATTR_OID+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'registeredAddress': X500ATTR_OID+'26', - 'physicalDeliveryOfficeName': X500ATTR_OID+'19', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'l': X500ATTR_OID+'7', - 'stateOrProvinceName': X500ATTR_OID+'8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'pkcs9email': PKCS_9+'1', - 'givenName': X500ATTR_OID+'42', - 'givenname': X500ATTR_OID+'42', - 'x500UniqueIdentifier': X500ATTR_OID+'45', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'houseIdentifier': X500ATTR_OID+'51', - 'street': X500ATTR_OID+'9', - 'supportedAlgorithms': X500ATTR_OID+'52', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'postalAddress': X500ATTR_OID+'16', - 'email': PKCS_9+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'c': X500ATTR_OID+'6', - 'teletexTerminalIdentifier': X500ATTR_OID+'22', - 'o': X500ATTR_OID+'10', - 'cACertificate': X500ATTR_OID+'37', - 'telexNumber': X500ATTR_OID+'21', - 'ou': X500ATTR_OID+'11', - 'initials': X500ATTR_OID+'43', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'deltaRevocationList': X500ATTR_OID+'53', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'supportedApplicationContext': X500ATTR_OID+'30', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'generationQualifier': X500ATTR_OID+'44', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'edupersonprincipalname': EDUPERSON_OID+'6', - 'localityName': X500ATTR_OID+'7', - 'owner': X500ATTR_OID+'32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'searchGuide': X500ATTR_OID+'14', - 'certificateRevocationList': X500ATTR_OID+'39', - 'organizationalUnitName': X500ATTR_OID+'11', - 'userCertificate': X500ATTR_OID+'36', - 'preferredDeliveryMethod': X500ATTR_OID+'28', - 'internationaliSDNNumber': X500ATTR_OID+'25', - 'uniqueMember': X500ATTR_OID+'50', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'enhancedSearchGuide': X500ATTR_OID+'47', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'x121Address': X500ATTR_OID+'24', - 'destinationIndicator': X500ATTR_OID+'27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'surname': X500ATTR_OID+'4', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'edupersonscopedaffiliation': EDUPERSON_OID+'9', - 'protocolInformation': X500ATTR_OID+'48', - 'knowledgeInformation': X500ATTR_OID+'2', - 'employeeType': NETSCAPE_LDAP+'4', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'member': X500ATTR_OID+'31', - 'streetAddress': X500ATTR_OID+'9', - 'dmdName': X500ATTR_OID+'54', - 'postalCode': X500ATTR_OID+'17', - 'pseudonym': X500ATTR_OID+'65', - 'dnQualifier': X500ATTR_OID+'46', - 'crossCertificatePair': X500ATTR_OID+'40', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'authorityRevocationList': X500ATTR_OID+'38', - 'displayName': NETSCAPE_LDAP+'241', - 'businessCategory': X500ATTR_OID+'15', - 'serialNumber': X500ATTR_OID+'5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'st': X500ATTR_OID+'8', - 'carLicense': NETSCAPE_LDAP+'1', - 'presentationAddress': X500ATTR_OID+'29', - 'sn': X500ATTR_OID+'4', - 'domainComponent': UCL_DIR_PILOT+'25', - 'labeledURI': UMICH+'57', - 'uid': UCL_DIR_PILOT+'1' - } -} + "roleOccupant": f"{X500ATTR_OID}33", + "gn": f"{X500ATTR_OID}42", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "title": f"{X500ATTR_OID}12", + "facsimileTelephoneNumber": f"{X500ATTR_OID}23", + "mail": f"{UCL_DIR_PILOT}3", + "postOfficeBox": f"{X500ATTR_OID}18", + "fax": f"{X500ATTR_OID}23", + "telephoneNumber": f"{X500ATTR_OID}20", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "rfc822Mailbox": f"{UCL_DIR_PILOT}3", + "dc": f"{UCL_DIR_PILOT}25", + "countryName": f"{X500ATTR_OID}6", + "emailAddress": f"{PKCS_9}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "organizationName": f"{X500ATTR_OID}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "registeredAddress": f"{X500ATTR_OID}26", + "physicalDeliveryOfficeName": f"{X500ATTR_OID}19", + "associatedDomain": f"{UCL_DIR_PILOT}37", + "l": f"{X500ATTR_OID}7", + "stateOrProvinceName": f"{X500ATTR_OID}8", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "pkcs9email": f"{PKCS_9}1", + "givenName": f"{X500ATTR_OID}42", + "givenname": f"{X500ATTR_OID}42", + "x500UniqueIdentifier": f"{X500ATTR_OID}45", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "houseIdentifier": f"{X500ATTR_OID}51", + "street": f"{X500ATTR_OID}9", + "supportedAlgorithms": f"{X500ATTR_OID}52", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "postalAddress": f"{X500ATTR_OID}16", + "email": f"{PKCS_9}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "c": f"{X500ATTR_OID}6", + "teletexTerminalIdentifier": f"{X500ATTR_OID}22", + "o": f"{X500ATTR_OID}10", + "cACertificate": f"{X500ATTR_OID}37", + "telexNumber": f"{X500ATTR_OID}21", + "ou": f"{X500ATTR_OID}11", + "initials": f"{X500ATTR_OID}43", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "deltaRevocationList": f"{X500ATTR_OID}53", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "supportedApplicationContext": f"{X500ATTR_OID}30", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "generationQualifier": f"{X500ATTR_OID}44", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "edupersonprincipalname": f"{EDUPERSON_OID}6", + "localityName": f"{X500ATTR_OID}7", + "owner": f"{X500ATTR_OID}32", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "searchGuide": f"{X500ATTR_OID}14", + "certificateRevocationList": f"{X500ATTR_OID}39", + "organizationalUnitName": f"{X500ATTR_OID}11", + "userCertificate": f"{X500ATTR_OID}36", + "preferredDeliveryMethod": f"{X500ATTR_OID}28", + "internationaliSDNNumber": f"{X500ATTR_OID}25", + "uniqueMember": f"{X500ATTR_OID}50", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "enhancedSearchGuide": f"{X500ATTR_OID}47", + "userPKCS12": f"{NETSCAPE_LDAP}216", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "x121Address": f"{X500ATTR_OID}24", + "destinationIndicator": f"{X500ATTR_OID}27", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "surname": f"{X500ATTR_OID}4", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "edupersonscopedaffiliation": f"{EDUPERSON_OID}9", + "protocolInformation": f"{X500ATTR_OID}48", + "knowledgeInformation": f"{X500ATTR_OID}2", + "employeeType": f"{NETSCAPE_LDAP}4", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "member": f"{X500ATTR_OID}31", + "streetAddress": f"{X500ATTR_OID}9", + "dmdName": f"{X500ATTR_OID}54", + "postalCode": f"{X500ATTR_OID}17", + "pseudonym": f"{X500ATTR_OID}65", + "dnQualifier": f"{X500ATTR_OID}46", + "crossCertificatePair": f"{X500ATTR_OID}40", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "authorityRevocationList": f"{X500ATTR_OID}38", + "displayName": f"{NETSCAPE_LDAP}241", + "businessCategory": f"{X500ATTR_OID}15", + "serialNumber": f"{X500ATTR_OID}5", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "st": f"{X500ATTR_OID}8", + "carLicense": f"{NETSCAPE_LDAP}1", + "presentationAddress": f"{X500ATTR_OID}29", + "sn": f"{X500ATTR_OID}4", + "domainComponent": f"{UCL_DIR_PILOT}25", + "labeledURI": f"{UMICH}57", + "uid": f"{UCL_DIR_PILOT}1", + }, +} diff --git a/example/attributemaps/shibboleth_uri.py b/example/attributemaps/shibboleth_uri.py index d26bf0061..992a2219e 100644 --- a/example/attributemaps/shibboleth_uri.py +++ b/example/attributemaps/shibboleth_uri.py @@ -9,182 +9,182 @@ MAP = { "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri", "fro": { - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP+'241': 'displayName', - UCL_DIR_PILOT+'37': 'associatedDomain', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - X500ATTR+'53': 'deltaRevocationList', - X500ATTR+'52': 'supportedAlgorithms', - X500ATTR+'51': 'houseIdentifier', - X500ATTR+'50': 'uniqueMember', - X500ATTR+'19': 'physicalDeliveryOfficeName', - X500ATTR+'18': 'postOfficeBox', - X500ATTR+'17': 'postalCode', - X500ATTR+'16': 'postalAddress', - X500ATTR+'15': 'businessCategory', - X500ATTR+'14': 'searchGuide', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - X500ATTR+'12': 'title', - X500ATTR+'11': 'ou', - X500ATTR+'10': 'o', - X500ATTR+'37': 'cACertificate', - X500ATTR+'36': 'userCertificate', - X500ATTR+'31': 'member', - X500ATTR+'30': 'supportedApplicationContext', - X500ATTR+'33': 'roleOccupant', - X500ATTR+'32': 'owner', - NETSCAPE_LDAP+'1': 'carLicense', - PKCS_9+'1': 'email', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'2': 'departmentNumber', - X500ATTR+'39': 'certificateRevocationList', - X500ATTR+'38': 'authorityRevocationList', - NETSCAPE_LDAP+'216': 'userPKCS12', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR+'9': 'street', - X500ATTR+'8': 'st', - NETSCAPE_LDAP+'39': 'preferredLanguage', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - X500ATTR+'2': 'knowledgeInformation', - X500ATTR+'7': 'l', - X500ATTR+'6': 'c', - X500ATTR+'5': 'serialNumber', - X500ATTR+'4': 'sn', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR+'65': 'pseudonym', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - X500ATTR+'40': 'crossCertificatePair', - X500ATTR+'42': 'givenName', - X500ATTR+'43': 'initials', - X500ATTR+'44': 'generationQualifier', - X500ATTR+'45': 'x500UniqueIdentifier', - X500ATTR+'46': 'dnQualifier', - X500ATTR+'47': 'enhancedSearchGuide', - X500ATTR+'48': 'protocolInformation', - X500ATTR+'54': 'dmdName', - NETSCAPE_LDAP+'4': 'employeeType', - X500ATTR+'22': 'teletexTerminalIdentifier', - X500ATTR+'23': 'facsimileTelephoneNumber', - X500ATTR+'20': 'telephoneNumber', - X500ATTR+'21': 'telexNumber', - X500ATTR+'26': 'registeredAddress', - X500ATTR+'27': 'destinationIndicator', - X500ATTR+'24': 'x121Address', - X500ATTR+'25': 'internationaliSDNNumber', - X500ATTR+'28': 'preferredDeliveryMethod', - X500ATTR+'29': 'presentationAddress', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NETSCAPE_LDAP}241": "displayName", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{X500ATTR}53": "deltaRevocationList", + f"{X500ATTR}52": "supportedAlgorithms", + f"{X500ATTR}51": "houseIdentifier", + f"{X500ATTR}50": "uniqueMember", + f"{X500ATTR}19": "physicalDeliveryOfficeName", + f"{X500ATTR}18": "postOfficeBox", + f"{X500ATTR}17": "postalCode", + f"{X500ATTR}16": "postalAddress", + f"{X500ATTR}15": "businessCategory", + f"{X500ATTR}14": "searchGuide", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{X500ATTR}12": "title", + f"{X500ATTR}11": "ou", + f"{X500ATTR}10": "o", + f"{X500ATTR}37": "cACertificate", + f"{X500ATTR}36": "userCertificate", + f"{X500ATTR}31": "member", + f"{X500ATTR}30": "supportedApplicationContext", + f"{X500ATTR}33": "roleOccupant", + f"{X500ATTR}32": "owner", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{PKCS_9}1": "email", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{X500ATTR}39": "certificateRevocationList", + f"{X500ATTR}38": "authorityRevocationList", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{X500ATTR}9": "street", + f"{X500ATTR}8": "st", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{X500ATTR}2": "knowledgeInformation", + f"{X500ATTR}7": "l", + f"{X500ATTR}6": "c", + f"{X500ATTR}5": "serialNumber", + f"{X500ATTR}4": "sn", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{X500ATTR}65": "pseudonym", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{X500ATTR}40": "crossCertificatePair", + f"{X500ATTR}42": "givenName", + f"{X500ATTR}43": "initials", + f"{X500ATTR}44": "generationQualifier", + f"{X500ATTR}45": "x500UniqueIdentifier", + f"{X500ATTR}46": "dnQualifier", + f"{X500ATTR}47": "enhancedSearchGuide", + f"{X500ATTR}48": "protocolInformation", + f"{X500ATTR}54": "dmdName", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{X500ATTR}22": "teletexTerminalIdentifier", + f"{X500ATTR}23": "facsimileTelephoneNumber", + f"{X500ATTR}20": "telephoneNumber", + f"{X500ATTR}21": "telexNumber", + f"{X500ATTR}26": "registeredAddress", + f"{X500ATTR}27": "destinationIndicator", + f"{X500ATTR}24": "x121Address", + f"{X500ATTR}25": "internationaliSDNNumber", + f"{X500ATTR}28": "preferredDeliveryMethod", + f"{X500ATTR}29": "presentationAddress", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", }, - "to":{ - 'roleOccupant': X500ATTR+'33', - 'gn': X500ATTR+'42', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'title': X500ATTR+'12', - 'facsimileTelephoneNumber': X500ATTR+'23', - 'mail': UCL_DIR_PILOT+'3', - 'postOfficeBox': X500ATTR+'18', - 'fax': X500ATTR+'23', - 'telephoneNumber': X500ATTR+'20', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'dc': UCL_DIR_PILOT+'25', - 'countryName': X500ATTR+'6', - 'emailAddress': PKCS_9+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'organizationName': X500ATTR+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'registeredAddress': X500ATTR+'26', - 'physicalDeliveryOfficeName': X500ATTR+'19', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'l': X500ATTR+'7', - 'stateOrProvinceName': X500ATTR+'8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'pkcs9email': PKCS_9+'1', - 'givenName': X500ATTR+'42', - 'x500UniqueIdentifier': X500ATTR+'45', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'houseIdentifier': X500ATTR+'51', - 'street': X500ATTR+'9', - 'supportedAlgorithms': X500ATTR+'52', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'postalAddress': X500ATTR+'16', - 'email': PKCS_9+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'c': X500ATTR+'6', - 'teletexTerminalIdentifier': X500ATTR+'22', - 'o': X500ATTR+'10', - 'cACertificate': X500ATTR+'37', - 'telexNumber': X500ATTR+'21', - 'ou': X500ATTR+'11', - 'initials': X500ATTR+'43', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'deltaRevocationList': X500ATTR+'53', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'supportedApplicationContext': X500ATTR+'30', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'generationQualifier': X500ATTR+'44', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'localityName': X500ATTR+'7', - 'owner': X500ATTR+'32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'searchGuide': X500ATTR+'14', - 'certificateRevocationList': X500ATTR+'39', - 'organizationalUnitName': X500ATTR+'11', - 'userCertificate': X500ATTR+'36', - 'preferredDeliveryMethod': X500ATTR+'28', - 'internationaliSDNNumber': X500ATTR+'25', - 'uniqueMember': X500ATTR+'50', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'enhancedSearchGuide': X500ATTR+'47', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'x121Address': X500ATTR+'24', - 'destinationIndicator': X500ATTR+'27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'surname': X500ATTR+'4', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'protocolInformation': X500ATTR+'48', - 'knowledgeInformation': X500ATTR+'2', - 'employeeType': NETSCAPE_LDAP+'4', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'member': X500ATTR+'31', - 'streetAddress': X500ATTR+'9', - 'dmdName': X500ATTR+'54', - 'postalCode': X500ATTR+'17', - 'pseudonym': X500ATTR+'65', - 'dnQualifier': X500ATTR+'46', - 'crossCertificatePair': X500ATTR+'40', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'authorityRevocationList': X500ATTR+'38', - 'displayName': NETSCAPE_LDAP+'241', - 'businessCategory': X500ATTR+'15', - 'serialNumber': X500ATTR+'5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'st': X500ATTR+'8', - 'carLicense': NETSCAPE_LDAP+'1', - 'presentationAddress': X500ATTR+'29', - 'sn': X500ATTR+'4', - 'domainComponent': UCL_DIR_PILOT+'25', - } -} \ No newline at end of file + "to": { + "roleOccupant": f"{X500ATTR}33", + "gn": f"{X500ATTR}42", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "title": f"{X500ATTR}12", + "facsimileTelephoneNumber": f"{X500ATTR}23", + "mail": f"{UCL_DIR_PILOT}3", + "postOfficeBox": f"{X500ATTR}18", + "fax": f"{X500ATTR}23", + "telephoneNumber": f"{X500ATTR}20", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "rfc822Mailbox": f"{UCL_DIR_PILOT}3", + "dc": f"{UCL_DIR_PILOT}25", + "countryName": f"{X500ATTR}6", + "emailAddress": f"{PKCS_9}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "organizationName": f"{X500ATTR}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "registeredAddress": f"{X500ATTR}26", + "physicalDeliveryOfficeName": f"{X500ATTR}19", + "associatedDomain": f"{UCL_DIR_PILOT}37", + "l": f"{X500ATTR}7", + "stateOrProvinceName": f"{X500ATTR}8", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "pkcs9email": f"{PKCS_9}1", + "givenName": f"{X500ATTR}42", + "x500UniqueIdentifier": f"{X500ATTR}45", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "houseIdentifier": f"{X500ATTR}51", + "street": f"{X500ATTR}9", + "supportedAlgorithms": f"{X500ATTR}52", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "postalAddress": f"{X500ATTR}16", + "email": f"{PKCS_9}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "c": f"{X500ATTR}6", + "teletexTerminalIdentifier": f"{X500ATTR}22", + "o": f"{X500ATTR}10", + "cACertificate": f"{X500ATTR}37", + "telexNumber": f"{X500ATTR}21", + "ou": f"{X500ATTR}11", + "initials": f"{X500ATTR}43", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "deltaRevocationList": f"{X500ATTR}53", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "supportedApplicationContext": f"{X500ATTR}30", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "generationQualifier": f"{X500ATTR}44", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "localityName": f"{X500ATTR}7", + "owner": f"{X500ATTR}32", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "searchGuide": f"{X500ATTR}14", + "certificateRevocationList": f"{X500ATTR}39", + "organizationalUnitName": f"{X500ATTR}11", + "userCertificate": f"{X500ATTR}36", + "preferredDeliveryMethod": f"{X500ATTR}28", + "internationaliSDNNumber": f"{X500ATTR}25", + "uniqueMember": f"{X500ATTR}50", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "enhancedSearchGuide": f"{X500ATTR}47", + "userPKCS12": f"{NETSCAPE_LDAP}216", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "x121Address": f"{X500ATTR}24", + "destinationIndicator": f"{X500ATTR}27", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "surname": f"{X500ATTR}4", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "protocolInformation": f"{X500ATTR}48", + "knowledgeInformation": f"{X500ATTR}2", + "employeeType": f"{NETSCAPE_LDAP}4", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "member": f"{X500ATTR}31", + "streetAddress": f"{X500ATTR}9", + "dmdName": f"{X500ATTR}54", + "postalCode": f"{X500ATTR}17", + "pseudonym": f"{X500ATTR}65", + "dnQualifier": f"{X500ATTR}46", + "crossCertificatePair": f"{X500ATTR}40", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "authorityRevocationList": f"{X500ATTR}38", + "displayName": f"{NETSCAPE_LDAP}241", + "businessCategory": f"{X500ATTR}15", + "serialNumber": f"{X500ATTR}5", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "st": f"{X500ATTR}8", + "carLicense": f"{NETSCAPE_LDAP}1", + "presentationAddress": f"{X500ATTR}29", + "sn": f"{X500ATTR}4", + "domainComponent": f"{UCL_DIR_PILOT}25", + }, +} diff --git a/example/idp2/idp.py b/example/idp2/idp.py index 15d72c907..170136462 100755 --- a/example/idp2/idp.py +++ b/example/idp2/idp.py @@ -1,20 +1,19 @@ #!/usr/bin/env python import argparse import base64 +from hashlib import sha1 +from http.cookies import SimpleCookie import importlib import logging import os import re import time -from hashlib import sha1 +from urllib.parse import parse_qs +from idp_user import EXTRA +from idp_user import USERS from mako.lookup import TemplateLookup -import six -from six.moves.http_cookies import SimpleCookie -from six.moves.urllib.parse import parse_qs - -import saml2.xmldsig as ds from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_REDIRECT @@ -24,9 +23,9 @@ from saml2 import server from saml2 import time_util from saml2.authn import is_equal -from saml2.authn_context import AuthnBroker from saml2.authn_context import PASSWORD from saml2.authn_context import UNSPECIFIED +from saml2.authn_context import AuthnBroker from saml2.authn_context import authn_context_class_ref from saml2.httputil import BadRequest from saml2.httputil import NotFound @@ -46,13 +45,12 @@ from saml2.s_utils import rndstr from saml2.sigver import encrypt_cert_from_item from saml2.sigver import verify_redirect_signature +import saml2.xmldsig as ds -from idp_user import EXTRA -from idp_user import USERS try: - from cheroot.wsgi import Server as WSGIServer from cheroot.ssl.builtin import BuiltinSSLAdapter + from cheroot.wsgi import Server as WSGIServer except ImportError: from cherrypy.wsgiserver import CherryPyWSGIServer as WSGIServer from cherrypy.wsgiserver.ssl_builtin import BuiltinSSLAdapter @@ -62,7 +60,7 @@ logger.setLevel(logging.WARNING) -class Cache(object): +class Cache: def __init__(self): self.user2uid = {} self.uid2user = {} @@ -94,7 +92,7 @@ def dict2list_of_tuples(d): # ----------------------------------------------------------------------------- -class Service(object): +class Service: def __init__(self, environ, start_response, user=None): self.environ = environ logger.debug("ENVIRON: %s", environ) @@ -104,20 +102,16 @@ def __init__(self, environ, start_response, user=None): def unpack_redirect(self): if "QUERY_STRING" in self.environ: _qs = self.environ["QUERY_STRING"] - return dict([(k, v[0]) for k, v in parse_qs(_qs).items()]) + return {k: v[0] for k, v in parse_qs(_qs).items()} else: return None def unpack_post(self): post_data = get_post(self.environ) - _dict = parse_qs( - post_data - if isinstance(post_data, str) - else post_data.decode('utf-8') - ) + _dict = parse_qs(post_data if isinstance(post_data, str) else post_data.decode("utf-8")) logger.debug("unpack_post:: %s", _dict) try: - return dict([(k, v[0]) for k, v in _dict.items()]) + return {k: v[0] for k, v in _dict.items()} except Exception: return None @@ -158,9 +152,7 @@ def operation(self, saml_msg, binding): kwargs = {} try: - kwargs["encrypt_cert"] = encrypt_cert_from_item( - saml_msg["req_info"].message - ) + kwargs["encrypt_cert"] = encrypt_cert_from_item(saml_msg["req_info"].message) except KeyError: pass @@ -203,13 +195,13 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): pass def redirect(self): - """ Expects a HTTP-redirect request """ + """Expects a HTTP-redirect request""" _dict = self.unpack_redirect() return self.operation(_dict, BINDING_HTTP_REDIRECT) def post(self): - """ Expects a HTTP-POST request """ + """Expects a HTTP-POST request""" _dict = self.unpack_post() return self.operation(_dict, BINDING_HTTP_POST) @@ -330,11 +322,11 @@ def do(self, query, binding_in, relay_state="", encrypt_cert=None, **kwargs): resp_args, _resp = self.verify_request(query, binding_in) except UnknownPrincipal as excp: logger.error("UnknownPrincipal: %s", excp) - resp = ServiceError("UnknownPrincipal: %s" % (excp,)) + resp = ServiceError(f"UnknownPrincipal: {excp}") return resp(self.environ, self.start_response) except UnsupportedBinding as excp: logger.error("UnsupportedBinding: %s", excp) - resp = ServiceError("UnsupportedBinding: %s" % (excp,)) + resp = ServiceError(f"UnsupportedBinding: {excp}") return resp(self.environ, self.start_response) if not _resp: @@ -353,33 +345,21 @@ def do(self, query, binding_in, relay_state="", encrypt_cert=None, **kwargs): resp_args["authn"] = metod _resp = IDP.create_authn_response( - identity, - userid=self.user, - encrypt_cert_assertion=encrypt_cert, - **resp_args + identity, userid=self.user, encrypt_cert_assertion=encrypt_cert, **resp_args ) except Exception as excp: logging.error(exception_trace(excp)) - resp = ServiceError("Exception: %s" % (excp,)) + resp = ServiceError(f"Exception: {excp}") return resp(self.environ, self.start_response) logger.info("AuthNResponse: %s", _resp) if self.op_type == "ecp": - kwargs = { - "soap_headers": [ - ecp.Response(assertion_consumer_service_url=self.destination) - ] - } + kwargs = {"soap_headers": [ecp.Response(assertion_consumer_service_url=self.destination)]} else: kwargs = {} http_args = IDP.apply_binding( - self.binding_out, - "%s" % _resp, - self.destination, - relay_state, - response=True, - **kwargs + self.binding_out, f"{_resp}", self.destination, relay_state, response=True, **kwargs ) logger.debug("HTTPargs: %s", http_args) @@ -394,7 +374,7 @@ def _store_request(saml_msg): return key def redirect(self): - """ This is the HTTP-redirect endpoint """ + """This is the HTTP-redirect endpoint""" logger.info("--- In SSO Redirect ---") saml_msg = self.unpack_redirect() @@ -406,9 +386,7 @@ def redirect(self): del IDP.ticket[_key] except KeyError: try: - self.req_info = IDP.parse_authn_request( - saml_msg["SAMLRequest"], BINDING_HTTP_REDIRECT - ) + self.req_info = IDP.parse_authn_request(saml_msg["SAMLRequest"], BINDING_HTTP_REDIRECT) except KeyError: resp = BadRequest("Message signature verification failure") return resp(self.environ, self.start_response) @@ -459,9 +437,7 @@ def post(self): self.req_info = saml_msg["req_info"] del IDP.ticket[_key] except KeyError: - self.req_info = IDP.parse_authn_request( - saml_msg["SAMLRequest"], BINDING_HTTP_POST - ) + self.req_info = IDP.parse_authn_request(saml_msg["SAMLRequest"], BINDING_HTTP_POST) _req = self.req_info.message if self.user: if _req.force_authn is not None and _req.force_authn.lower() == "true": @@ -502,9 +478,7 @@ def ecp(self): if is_equal(PASSWD[user], passwd): resp = Unauthorized() self.user = user - self.environ["idp.authn"] = AUTHN_BROKER.get_authn_by_accr( - PASSWORD - ) + self.environ["idp.authn"] = AUTHN_BROKER.get_authn_by_accr(PASSWORD) except ValueError: resp = Unauthorized() else: @@ -527,9 +501,7 @@ def ecp(self): # ----------------------------------------------------------------------------- -def do_authentication( - environ, start_response, authn_context, key, redirect_uri, headers=None -): +def do_authentication(environ, start_response, authn_context, key, redirect_uri, headers=None): """ Display the login form """ @@ -557,9 +529,7 @@ def do_authentication( } -def username_password_authn( - environ, start_response, reference, key, redirect_uri, headers=None -): +def username_password_authn(environ, start_response, reference, key, redirect_uri, headers=None): """ Display the login form """ @@ -595,7 +565,7 @@ def verify_username_and_password(dic): def do_verify(environ, start_response, _): query_str = get_post(environ) - if not isinstance(query_str, six.string_types): + if not isinstance(query_str, str): query_str = query_str.decode("ascii") query = parse_qs(query_str) @@ -617,7 +587,7 @@ def do_verify(environ, start_response, _): kaka = set_cookie("idpauthn", "/", uid, query["authn_reference"][0]) - lox = "%s?id=%s&key=%s" % (query["redirect_uri"][0], uid, query["key"][0]) + lox = f"{query['redirect_uri'][0]}?id={uid}&key={query['key'][0]}" logger.debug("Redirect => %s", lox) resp = Redirect(lox, headers=[kaka], content="text/html") @@ -652,7 +622,7 @@ def do(self, request, binding, relay_state="", encrypt_cert=None, **kwargs): req_info = IDP.parse_logout_request(request, binding) except Exception as exc: logger.error("Bad request: %s", exc) - resp = BadRequest("%s" % exc) + resp = BadRequest(f"{exc}") return resp(self.environ, self.start_response) msg = req_info.message @@ -678,18 +648,14 @@ def do(self, request, binding, relay_state="", encrypt_cert=None, **kwargs): destination = "" response = False else: - binding, destination = IDP.pick_binding( - "single_logout_service", [binding], "spsso", req_info - ) + binding, destination = IDP.pick_binding("single_logout_service", [binding], "spsso", req_info) response = True try: - hinfo = IDP.apply_binding( - binding, "%s" % resp, destination, relay_state, response=response - ) + hinfo = IDP.apply_binding(binding, f"{resp}", destination, relay_state, response=response) except Exception as exc: logger.error("ServiceError: %s", exc) - resp = ServiceError("%s" % exc) + resp = ServiceError(f"{exc}") return resp(self.environ, self.start_response) # _tlh = dict2list_of_tuples(hinfo["headers"]) @@ -732,9 +698,7 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): _resp = IDP.create_manage_name_id_response(request) # It's using SOAP binding - hinfo = IDP.apply_binding( - BINDING_SOAP, "%s" % _resp, "", relay_state, response=True - ) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{_resp}", "", relay_state, response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -756,7 +720,7 @@ def do(self, aid, binding, relay_state="", encrypt_cert=None): resp = NotFound(aid) return resp(self.environ, self.start_response) - hinfo = IDP.apply_binding(BINDING_URI, "%s" % assertion, response=True) + hinfo = IDP.apply_binding(BINDING_URI, f"{assertion}", response=True) logger.debug("HINFO: %s", hinfo) resp = Response(hinfo["data"], headers=hinfo["headers"]) @@ -782,7 +746,7 @@ def do(self, request, binding, relay_state="", encrypt_cert=None): msg = IDP.create_artifact_response(_req, _req.artifact.text) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -800,12 +764,10 @@ def do(self, request, binding, relay_state="", encrypt_cert=None): _req = IDP.parse_authn_query(request, binding) _query = _req.message - msg = IDP.create_authn_query_response( - _query.subject, _query.requested_authn_context, _query.session_index - ) + msg = IDP.create_authn_query_response(_query.subject, _query.requested_authn_context, _query.session_index) logger.debug("response: %s", msg) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -834,7 +796,7 @@ def do(self, request, binding, relay_state="", encrypt_cert=None): msg = IDP.create_attribute_response(identity, name_id=name_id, **args) logger.debug("response: %s", msg) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -855,9 +817,7 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): request = req.message # Do the necessary stuff try: - name_id = IDP.ident.handle_name_id_mapping_request( - request.name_id, request.name_id_policy - ) + name_id = IDP.ident.handle_name_id_mapping_request(request.name_id, request.name_id_policy) except Unknown: resp = BadRequest("Unknown entity") return resp(self.environ, self.start_response) @@ -869,7 +829,7 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): _resp = IDP.create_name_id_mapping_response(name_id, **info) # Only SOAP - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % _resp, "", "", response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{_resp}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -888,7 +848,7 @@ def info_from_cookie(kaka): if morsel: try: data = base64.b64decode(morsel.value) - if not isinstance(data, six.string_types): + if not isinstance(data, str): data = data.decode("ascii") key, ref = data.split(":", 1) return IDP.cache.uid2user[key], ref @@ -918,11 +878,11 @@ def set_cookie(name, _, *args): cookie = SimpleCookie() data = ":".join(args) - if not isinstance(data, six.binary_type): + if not isinstance(data, bytes): data = data.encode("ascii") data64 = base64.b64encode(data) - if not isinstance(data64, six.string_types): + if not isinstance(data64, str): data64 = data64.decode("ascii") cookie[name] = data64 @@ -1018,7 +978,7 @@ def staticfile(environ, start_response): resp = Unauthorized() return resp(environ, start_response) start_response("200 OK", [("Content-Type", "text/xml")]) - return open(path, "r").read() + return open(path).read() except Exception as ex: logger.error("An error occured while creating metadata: %s", ex.message) return not_found(environ, start_response) @@ -1092,9 +1052,7 @@ def application(environ, start_response): if __name__ == "__main__": parser = argparse.ArgumentParser() - parser.add_argument( - "-p", dest="path", help="Path to configuration file.", default="./idp_conf.py" - ) + parser.add_argument("-p", dest="path", help="Path to configuration file.", default="./idp_conf.py") parser.add_argument( "-v", dest="valid", @@ -1102,13 +1060,9 @@ def application(environ, start_response): ) parser.add_argument("-c", dest="cert", help="certificate") parser.add_argument("-i", dest="id", help="The ID of the entities descriptor") - parser.add_argument( - "-k", dest="keyfile", help="A file with a key to sign the metadata with" - ) + parser.add_argument("-k", dest="keyfile", help="A file with a key to sign the metadata with") parser.add_argument("-n", dest="name") - parser.add_argument( - "-s", dest="sign", action="store_true", help="sign the metadata" - ) + parser.add_argument("-s", dest="sign", action="store_true", help="sign the metadata") parser.add_argument("-m", dest="mako_root", default="./") parser.add_argument(dest="config") args = parser.parse_args() @@ -1116,9 +1070,7 @@ def application(environ, start_response): CONFIG = importlib.import_module(args.config) AUTHN_BROKER = AuthnBroker() - AUTHN_BROKER.add( - authn_context_class_ref(PASSWORD), username_password_authn, 10, CONFIG.BASE - ) + AUTHN_BROKER.add(authn_context_class_ref(PASSWORD), username_password_authn, 10, CONFIG.BASE) AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), "", 0, CONFIG.BASE) IDP = server.Server(args.config, cache=Cache()) @@ -1126,8 +1078,8 @@ def application(environ, start_response): _rot = args.mako_root LOOKUP = TemplateLookup( - directories=[_rot + "templates", _rot + "htdocs"], - module_directory=_rot + "modules", + directories=[f"{_rot}templates", f"{_rot}htdocs"], + module_directory=f"{_rot}modules", input_encoding="utf-8", output_encoding="utf-8", ) @@ -1154,12 +1106,10 @@ def application(environ, start_response): https = "using HTTPS" # SRV.ssl_adapter = ssl_pyopenssl.pyOpenSSLAdapter( # config.SERVER_CERT, config.SERVER_KEY, config.CERT_CHAIN) - SRV.ssl_adapter = BuiltinSSLAdapter( - CONFIG.SERVER_CERT, CONFIG.SERVER_KEY, CONFIG.CERT_CHAIN - ) + SRV.ssl_adapter = BuiltinSSLAdapter(CONFIG.SERVER_CERT, CONFIG.SERVER_KEY, CONFIG.CERT_CHAIN) logger.info("Server starting") - print("IDP listening on %s:%s%s" % (HOST, PORT, _https)) + print(f"IDP listening on {HOST}:{PORT}{_https}") try: SRV.start() except KeyboardInterrupt: diff --git a/example/idp2/idp_conf.py.example b/example/idp2/idp_conf.py.example index 501a3936d..d77dbee7f 100644 --- a/example/idp2/idp_conf.py.example +++ b/example/idp2/idp_conf.py.example @@ -2,13 +2,15 @@ # -*- coding: utf-8 -*- import os.path -from saml2 import BINDING_HTTP_REDIRECT, BINDING_URI from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP +from saml2 import BINDING_URI from saml2.saml import NAME_FORMAT_URI -from saml2.saml import NAMEID_FORMAT_TRANSIENT from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2.saml import NAMEID_FORMAT_TRANSIENT + try: from saml2.sigver import get_xmlsec_binary @@ -102,7 +104,7 @@ CONFIG = { "lifetime": {"minutes": 15}, "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI, - "entity_categories": ["swamid", "edugain"] + #"entity_categories": ["swamid", "edugain"] }, }, "subject_data": "./idp.subject", diff --git a/example/idp2/idp_user.py b/example/idp2/idp_user.py index 82b91673b..5071a4113 100644 --- a/example/idp2/idp_user.py +++ b/example/idp2/idp_user.py @@ -56,7 +56,7 @@ "labeledURL": "http://www.example.com/test My homepage", "norEduPersonNIN": "SE199012315555", "postaladdress": "postaladdress", - "cn": "cn" + "cn": "cn", }, "roland": { "sn": "Hedberg", @@ -73,24 +73,16 @@ "mail": "roland@example.com", "displayName": "P. Roland Hedberg", "labeledURL": "http://www.example.com/rohe My homepage", - "norEduPersonNIN": "SE197001012222" - }, - "babs": { - "surname": "Babs", - "givenName": "Ozzie", - "eduPersonAffiliation": "affiliate" - }, - "upper": { - "surname": "Jeter", - "givenName": "Derek", - "eduPersonAffiliation": "affiliate" + "norEduPersonNIN": "SE197001012222", }, + "babs": {"surname": "Babs", "givenName": "Ozzie", "eduPersonAffiliation": "affiliate"}, + "upper": {"surname": "Jeter", "givenName": "Derek", "eduPersonAffiliation": "affiliate"}, } EXTRA = { "roland": { "eduPersonEntitlement": "urn:mace:swamid.se:foo:bar", "schacGender": "male", - "schacUserPresenceID": "skype:pepe.perez" + "schacUserPresenceID": "skype:pepe.perez", } } diff --git a/example/idp2/idp_uwsgi.py b/example/idp2/idp_uwsgi.py index 088134992..af559d518 100755 --- a/example/idp2/idp_uwsgi.py +++ b/example/idp2/idp_uwsgi.py @@ -1,53 +1,53 @@ #!/usr/bin/env python -import importlib import argparse import base64 -import re +from hashlib import sha1 +import importlib import logging +import os +import re import time -from hashlib import sha1 -from urlparse import parse_qs from Cookie import SimpleCookie -import os -from saml2.authn import is_equal -from saml2.profile import ecp +from urlparse import parse_qs -from saml2 import server from saml2 import BINDING_HTTP_ARTIFACT -from saml2 import BINDING_URI +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_PAOS from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_URI +from saml2 import server from saml2 import time_util - -from saml2.authn_context import AuthnBroker +from saml2.authn import is_equal from saml2.authn_context import PASSWORD from saml2.authn_context import UNSPECIFIED +from saml2.authn_context import AuthnBroker from saml2.authn_context import authn_context_class_ref -from saml2.httputil import Response +from saml2.httputil import BadRequest from saml2.httputil import NotFound -from saml2.httputil import geturl -from saml2.httputil import get_post from saml2.httputil import Redirect -from saml2.httputil import Unauthorized -from saml2.httputil import BadRequest +from saml2.httputil import Response from saml2.httputil import ServiceError +from saml2.httputil import Unauthorized +from saml2.httputil import get_post +from saml2.httputil import geturl from saml2.ident import Unknown from saml2.metadata import create_metadata_string -from saml2.s_utils import rndstr -from saml2.s_utils import exception_trace +from saml2.profile import ecp +from saml2.s_utils import PolicyError from saml2.s_utils import UnknownPrincipal from saml2.s_utils import UnsupportedBinding -from saml2.s_utils import PolicyError -from saml2.sigver import verify_redirect_signature +from saml2.s_utils import exception_trace +from saml2.s_utils import rndstr from saml2.sigver import encrypt_cert_from_item +from saml2.sigver import verify_redirect_signature + logger = logging.getLogger("saml2.idp") -class Cache(object): +class Cache: def __init__(self): self.user2uid = {} self.uid2user = {} @@ -70,9 +70,7 @@ def _expiration(timeout, tformat="%a, %d-%b-%Y %H:%M:%S GMT"): def get_eptid(idp, req_info, session): - return idp.eptid.get(idp.config.entityid, - req_info.sender(), session["permanent_id"], - session["authn_auth"]) + return idp.eptid.get(idp.config.entityid, req_info.sender(), session["permanent_id"], session["authn_auth"]) # ----------------------------------------------------------------------------- @@ -85,7 +83,7 @@ def dict2list_of_tuples(d): # ----------------------------------------------------------------------------- -class Service(object): +class Service: def __init__(self, environ, start_response, user=None): self.environ = environ logger.debug("ENVIRON: %s", environ) @@ -95,7 +93,7 @@ def __init__(self, environ, start_response, user=None): def unpack_redirect(self): if "QUERY_STRING" in self.environ: _qs = self.environ["QUERY_STRING"] - return dict([(k, v[0]) for k, v in parse_qs(_qs).items()]) + return {k: v[0] for k, v in parse_qs(_qs).items()} else: return None @@ -103,7 +101,7 @@ def unpack_post(self): _dict = parse_qs(get_post(self.environ)) logger.debug("unpack_post:: %s", _dict) try: - return dict([(k, v[0]) for k, v in _dict.items()]) + return {k: v[0] for k, v in _dict.items()} except Exception: return None @@ -126,16 +124,13 @@ def unpack_either(self): def operation(self, saml_msg, binding): logger.debug("_operation: %s", saml_msg) - if not saml_msg or not 'SAMLRequest' in saml_msg: - resp = BadRequest('Error parsing request or no request') + if not saml_msg or not "SAMLRequest" in saml_msg: + resp = BadRequest("Error parsing request or no request") return resp(self.environ, self.start_response) else: try: - _encrypt_cert = encrypt_cert_from_item( - saml_msg["req_info"].message) - return self.do(saml_msg["SAMLRequest"], binding, - saml_msg["RelayState"], - encrypt_cert=_encrypt_cert) + _encrypt_cert = encrypt_cert_from_item(saml_msg["req_info"].message) + return self.do(saml_msg["SAMLRequest"], binding, saml_msg["RelayState"], encrypt_cert=_encrypt_cert) except KeyError: # Can live with no relay state return self.do(saml_msg["SAMLRequest"], binding) @@ -148,8 +143,7 @@ def artifact_operation(self, saml_msg): # exchange artifact for request request = IDP.artifact2message(saml_msg["SAMLart"], "spsso") try: - return self.do(request, BINDING_HTTP_ARTIFACT, - saml_msg["RelayState"]) + return self.do(request, BINDING_HTTP_ARTIFACT, saml_msg["RelayState"]) except KeyError: return self.do(request, BINDING_HTTP_ARTIFACT) @@ -164,13 +158,13 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): pass def redirect(self): - """ Expects a HTTP-redirect request """ + """Expects a HTTP-redirect request""" _dict = self.unpack_redirect() return self.operation(_dict, BINDING_HTTP_REDIRECT) def post(self): - """ Expects a HTTP-POST request """ + """Expects a HTTP-POST request""" _dict = self.unpack_post() return self.operation(_dict, BINDING_HTTP_POST) @@ -195,9 +189,9 @@ def uri(self): def not_authn(self, key, requested_authn_context): ruri = geturl(self.environ, query=False) - return do_authentication(self.environ, self.start_response, - authn_context=requested_authn_context, - key=key, redirect_uri=ruri) + return do_authentication( + self.environ, self.start_response, authn_context=requested_authn_context, key=key, redirect_uri=ruri + ) # ----------------------------------------------------------------------------- @@ -238,7 +232,7 @@ def verify_request(self, query, binding): resp_args = {} if not query: logger.info("Missing QUERY") - resp = Unauthorized('Unknown user') + resp = Unauthorized("Unknown user") return resp_args, resp(self.environ, self.start_response) if not self.req_info: @@ -250,26 +244,22 @@ def verify_request(self, query, binding): try: self.binding_out, self.destination = IDP.pick_binding( - "assertion_consumer_service", - bindings=self.response_bindings, - entity_id=_authn_req.issuer.text) + "assertion_consumer_service", bindings=self.response_bindings, entity_id=_authn_req.issuer.text + ) except Exception as err: logger.error("Couldn't find receiver endpoint: %s", err) raise - logger.debug("Binding: %s, destination: %s", self.binding_out, - self.destination) + logger.debug("Binding: %s, destination: %s", self.binding_out, self.destination) resp_args = {} try: resp_args = IDP.response_args(_authn_req) _resp = None except UnknownPrincipal as excp: - _resp = IDP.create_error_response(_authn_req.id, - self.destination, excp) + _resp = IDP.create_error_response(_authn_req.id, self.destination, excp) except UnsupportedBinding as excp: - _resp = IDP.create_error_response(_authn_req.id, - self.destination, excp) + _resp = IDP.create_error_response(_authn_req.id, self.destination, excp) return resp_args, _resp @@ -286,11 +276,11 @@ def do(self, query, binding_in, relay_state="", encrypt_cert=None): resp_args, _resp = self.verify_request(query, binding_in) except UnknownPrincipal as excp: logger.error("UnknownPrincipal: %s", excp) - resp = ServiceError("UnknownPrincipal: %s" % (excp,)) + resp = ServiceError(f"UnknownPrincipal: {excp}") return resp(self.environ, self.start_response) except UnsupportedBinding as excp: logger.error("UnsupportedBinding: %s", excp) - resp = ServiceError("UnsupportedBinding: %s" % (excp,)) + resp = ServiceError(f"UnsupportedBinding: {excp}") return resp(self.environ, self.start_response) if not _resp: @@ -308,26 +298,21 @@ def do(self, query, binding_in, relay_state="", encrypt_cert=None): else: resp_args["authn"] = metod - _resp = IDP.create_authn_response( - identity, userid=self.user, - encrypt_cert=encrypt_cert, - **resp_args) + _resp = IDP.create_authn_response(identity, userid=self.user, encrypt_cert=encrypt_cert, **resp_args) except Exception as excp: logging.error(exception_trace(excp)) - resp = ServiceError("Exception: %s" % (excp,)) + resp = ServiceError(f"Exception: {excp}") return resp(self.environ, self.start_response) logger.info("AuthNResponse: %s", _resp) if self.op_type == "ecp": - kwargs = {"soap_headers": [ - ecp.Response( - assertion_consumer_service_url=self.destination)]} + kwargs = {"soap_headers": [ecp.Response(assertion_consumer_service_url=self.destination)]} else: kwargs = {} - http_args = IDP.apply_binding(self.binding_out, - "%s" % _resp, self.destination, - relay_state, response=True, **kwargs) + http_args = IDP.apply_binding( + self.binding_out, f"{_resp}", self.destination, relay_state, response=True, **kwargs + ) logger.debug("HTTPargs: %s", http_args) return self.response(self.binding_out, http_args) @@ -340,7 +325,7 @@ def _store_request(self, saml_msg): return key def redirect(self): - """ This is the HTTP-redirect endpoint """ + """This is the HTTP-redirect endpoint""" logger.info("--- In SSO Redirect ---") saml_msg = self.unpack_redirect() @@ -352,8 +337,7 @@ def redirect(self): del IDP.ticket[_key] except KeyError: try: - self.req_info = IDP.parse_authn_request(saml_msg["SAMLRequest"], - BINDING_HTTP_REDIRECT) + self.req_info = IDP.parse_authn_request(saml_msg["SAMLRequest"], BINDING_HTTP_REDIRECT) except KeyError: resp = BadRequest("Message signature verification failure") return resp(self.environ, self.start_response) @@ -361,13 +345,12 @@ def redirect(self): _req = self.req_info.message if "SigAlg" in saml_msg and "Signature" in saml_msg: # Signed - # request + # request issuer = _req.issuer.text _certs = IDP.metadata.certs(issuer, "any", "signing") verified_ok = False for cert in _certs: - if verify_redirect_signature(saml_msg, IDP.sec.sec_backend, - cert): + if verify_redirect_signature(saml_msg, IDP.sec.sec_backend, cert): verified_ok = True break if not verified_ok: @@ -394,8 +377,7 @@ def post(self): """ logger.info("--- In SSO POST ---") saml_msg = self.unpack_either() - self.req_info = IDP.parse_authn_request( - saml_msg["SAMLRequest"], BINDING_HTTP_POST) + self.req_info = IDP.parse_authn_request(saml_msg["SAMLRequest"], BINDING_HTTP_POST) _req = self.req_info.message if self.user: if _req.force_authn: @@ -434,9 +416,7 @@ def ecp(self): if is_equal(PASSWD[user], passwd): resp = Unauthorized() self.user = user - self.environ[ - "idp.authn"] = AUTHN_BROKER.get_authn_by_accr( - PASSWORD) + self.environ["idp.authn"] = AUTHN_BROKER.get_authn_by_accr(PASSWORD) except ValueError: resp = Unauthorized() else: @@ -459,8 +439,7 @@ def ecp(self): # ----------------------------------------------------------------------------- -def do_authentication(environ, start_response, authn_context, key, - redirect_uri): +def do_authentication(environ, start_response, authn_context, key, redirect_uri): """ Display the login form """ @@ -478,24 +457,17 @@ def do_authentication(environ, start_response, authn_context, key, # ----------------------------------------------------------------------------- -PASSWD = { - "daev0001": "qwerty", - "haho0032": "qwerty", - "roland": "dianakra", - "babs": "howes", - "upper": "crust"} +PASSWD = {"daev0001": "qwerty", "haho0032": "qwerty", "roland": "dianakra", "babs": "howes", "upper": "crust"} -def username_password_authn(environ, start_response, reference, key, - redirect_uri): +def username_password_authn(environ, start_response, reference, key, redirect_uri): """ Display the login form """ logger.info("The login page") headers = [] - resp = Response(mako_template="login.mako", template_lookup=LOOKUP, - headers=headers) + resp = Response(mako_template="login.mako", template_lookup=LOOKUP, headers=headers) argv = { "action": "/verify", @@ -503,7 +475,7 @@ def username_password_authn(environ, start_response, reference, key, "password": "", "key": key, "authn_reference": reference, - "redirect_uri": redirect_uri + "redirect_uri": redirect_uri, } logger.info("do_authentication argv: %s", argv) return resp(environ, start_response, **argv) @@ -539,8 +511,7 @@ def do_verify(environ, start_response, _): kaka = set_cookie("idpauthn", "/", uid, query["authn_reference"][0]) - lox = "%s?id=%s&key=%s" % (query["redirect_uri"][0], uid, - query["key"][0]) + lox = f"{query['redirect_uri'][0]}?id={uid}&key={query['key'][0]}" logger.debug("Redirect => %s", lox) resp = Redirect(lox, headers=[kaka], content="text/html") @@ -564,6 +535,7 @@ def not_found(environ, start_response): # sp_entity_id = req_info.message.issuer.text.strip() # return subject, sp_entity_id + class SLO(Service): def do(self, request, binding, relay_state="", encrypt_cert=None): logger.info("--- Single Log Out Service ---") @@ -573,7 +545,7 @@ def do(self, request, binding, relay_state="", encrypt_cert=None): req_info = IDP.parse_logout_request(body, binding) except Exception as exc: logger.error("Bad request: %s", exc) - resp = BadRequest("%s" % exc) + resp = BadRequest(f"{exc}") return resp(self.environ, self.start_response) msg = req_info.message @@ -590,19 +562,19 @@ def do(self, request, binding, relay_state="", encrypt_cert=None): IDP.session_db.remove_authn_statements(msg.name_id) except KeyError as exc: logger.error("ServiceError: %s", exc) - resp = ServiceError("%s" % exc) + resp = ServiceError(f"{exc}") return resp(self.environ, self.start_response) resp = IDP.create_logout_response(msg, [binding]) try: - hinfo = IDP.apply_binding(binding, "%s" % resp, "", relay_state) + hinfo = IDP.apply_binding(binding, f"{resp}", "", relay_state) except Exception as exc: logger.error("ServiceError: %s", exc) - resp = ServiceError("%s" % exc) + resp = ServiceError(f"{exc}") return resp(self.environ, self.start_response) - #_tlh = dict2list_of_tuples(hinfo["headers"]) + # _tlh = dict2list_of_tuples(hinfo["headers"]) delco = delete_cookie(self.environ, "idpauthn") if delco: hinfo["headers"].append(delco) @@ -624,16 +596,15 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): # Do the necessary stuff name_id = IDP.ident.handle_manage_name_id_request( - request.name_id, request.new_id, request.new_encrypted_id, - request.terminate) + request.name_id, request.new_id, request.new_encrypted_id, request.terminate + ) logger.debug("New NameID: %s", name_id) _resp = IDP.create_manage_name_id_response(request) # It's using SOAP binding - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % _resp, "", - relay_state, response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{_resp}", "", relay_state, response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -655,7 +626,7 @@ def do(self, aid, binding, relay_state="", encrypt_cert=None): resp = NotFound(aid) return resp(self.environ, self.start_response) - hinfo = IDP.apply_binding(BINDING_URI, "%s" % assertion, response=True) + hinfo = IDP.apply_binding(BINDING_URI, f"{assertion}", response=True) logger.debug("HINFO: %s", hinfo) resp = Response(hinfo["data"], headers=hinfo["headers"]) @@ -664,7 +635,7 @@ def do(self, aid, binding, relay_state="", encrypt_cert=None): def operation(self, _dict, binding, **kwargs): logger.debug("_operation: %s", _dict) if not _dict or "ID" not in _dict: - resp = BadRequest('Error parsing request or no request') + resp = BadRequest("Error parsing request or no request") return resp(self.environ, self.start_response) return self.do(_dict["ID"], binding, **kwargs) @@ -674,14 +645,14 @@ def operation(self, _dict, binding, **kwargs): # === Artifact resolve service === # ---------------------------------------------------------------------------- + class ARS(Service): def do(self, request, binding, relay_state="", encrypt_cert=None): _req = IDP.parse_artifact_resolve(request, binding) msg = IDP.create_artifact_response(_req, _req.artifact.text) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -699,13 +670,10 @@ def do(self, request, binding, relay_state="", encrypt_cert=None): _req = IDP.parse_authn_query(request, binding) _query = _req.message - msg = IDP.create_authn_query_response(_query.subject, - _query.requested_authn_context, - _query.session_index) + msg = IDP.create_authn_query_response(_query.subject, _query.requested_authn_context, _query.session_index) logger.debug("response: %s", msg) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -731,12 +699,10 @@ def do(self, request, binding, relay_state="", encrypt_cert=None): # Comes in over SOAP so only need to construct the response args = IDP.response_args(_query, [BINDING_SOAP]) - msg = IDP.create_attribute_response(identity, - name_id=name_id, **args) + msg = IDP.create_attribute_response(identity, name_id=name_id, **args) logger.debug("response: %s", msg) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -757,8 +723,7 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): request = req.message # Do the necessary stuff try: - name_id = IDP.ident.handle_name_id_mapping_request( - request.name_id, request.name_id_policy) + name_id = IDP.ident.handle_name_id_mapping_request(request.name_id, request.name_id_policy) except Unknown: resp = BadRequest("Unknown entity") return resp(self.environ, self.start_response) @@ -770,8 +735,7 @@ def do(self, query, binding, relay_state="", encrypt_cert=None): _resp = IDP.create_name_id_mapping_response(name_id, **info) # Only SOAP - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % _resp, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{_resp}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -797,14 +761,14 @@ def info_from_cookie(kaka): def delete_cookie(environ, name): - kaka = environ.get("HTTP_COOKIE", '') + kaka = environ.get("HTTP_COOKIE", "") logger.debug("delete KAKA: %s", kaka) if kaka: cookie_obj = SimpleCookie(kaka) morsel = cookie_obj.get(name, None) cookie = SimpleCookie() cookie[name] = "" - cookie[name]['path'] = "/" + cookie[name]["path"] = "/" logger.debug("Expire: %s", morsel) cookie[name]["expires"] = _expiration("dawn") return tuple(cookie.output().split(": ", 1)) @@ -814,53 +778,54 @@ def delete_cookie(environ, name): def set_cookie(name, _, *args): cookie = SimpleCookie() cookie[name] = base64.b64encode(":".join(args)) - cookie[name]['path'] = "/" + cookie[name]["path"] = "/" cookie[name]["expires"] = _expiration(5) # 5 minutes from now logger.debug("Cookie expires: %s", cookie[name]["expires"]) return tuple(cookie.output().split(": ", 1)) + # ---------------------------------------------------------------------------- # map urls to functions AUTHN_URLS = [ # sso - (r'sso/post$', (SSO, "post")), - (r'sso/post/(.*)$', (SSO, "post")), - (r'sso/redirect$', (SSO, "redirect")), - (r'sso/redirect/(.*)$', (SSO, "redirect")), - (r'sso/art$', (SSO, "artifact")), - (r'sso/art/(.*)$', (SSO, "artifact")), + (r"sso/post$", (SSO, "post")), + (r"sso/post/(.*)$", (SSO, "post")), + (r"sso/redirect$", (SSO, "redirect")), + (r"sso/redirect/(.*)$", (SSO, "redirect")), + (r"sso/art$", (SSO, "artifact")), + (r"sso/art/(.*)$", (SSO, "artifact")), # slo - (r'slo/redirect$', (SLO, "redirect")), - (r'slo/redirect/(.*)$', (SLO, "redirect")), - (r'slo/post$', (SLO, "post")), - (r'slo/post/(.*)$', (SLO, "post")), - (r'slo/soap$', (SLO, "soap")), - (r'slo/soap/(.*)$', (SLO, "soap")), + (r"slo/redirect$", (SLO, "redirect")), + (r"slo/redirect/(.*)$", (SLO, "redirect")), + (r"slo/post$", (SLO, "post")), + (r"slo/post/(.*)$", (SLO, "post")), + (r"slo/soap$", (SLO, "soap")), + (r"slo/soap/(.*)$", (SLO, "soap")), # - (r'airs$', (AIDR, "uri")), - (r'ars$', (ARS, "soap")), + (r"airs$", (AIDR, "uri")), + (r"ars$", (ARS, "soap")), # mni - (r'mni/post$', (NMI, "post")), - (r'mni/post/(.*)$', (NMI, "post")), - (r'mni/redirect$', (NMI, "redirect")), - (r'mni/redirect/(.*)$', (NMI, "redirect")), - (r'mni/art$', (NMI, "artifact")), - (r'mni/art/(.*)$', (NMI, "artifact")), - (r'mni/soap$', (NMI, "soap")), - (r'mni/soap/(.*)$', (NMI, "soap")), + (r"mni/post$", (NMI, "post")), + (r"mni/post/(.*)$", (NMI, "post")), + (r"mni/redirect$", (NMI, "redirect")), + (r"mni/redirect/(.*)$", (NMI, "redirect")), + (r"mni/art$", (NMI, "artifact")), + (r"mni/art/(.*)$", (NMI, "artifact")), + (r"mni/soap$", (NMI, "soap")), + (r"mni/soap/(.*)$", (NMI, "soap")), # nim - (r'nim$', (NIM, "soap")), - (r'nim/(.*)$', (NIM, "soap")), + (r"nim$", (NIM, "soap")), + (r"nim/(.*)$", (NIM, "soap")), # - (r'aqs$', (AQS, "soap")), - (r'attr$', (ATTR, "soap")) + (r"aqs$", (AQS, "soap")), + (r"attr$", (ATTR, "soap")), ] NON_AUTHN_URLS = [ - #(r'login?(.*)$', do_authentication), - (r'verify?(.*)$', do_verify), - (r'sso/ecp$', (SSO, "ecp")), + # (r'login?(.*)$', do_authentication), + (r"verify?(.*)$", do_verify), + (r"sso/ecp$", (SSO, "ecp")), ] # ---------------------------------------------------------------------------- @@ -873,10 +838,10 @@ def metadata(environ, start_response): path = os.path.dirname(os.path.abspath(__file__)) if path[-1] != "/": path += "/" - metadata = create_metadata_string(path + args.config, IDP.config, - args.valid, args.cert, args.keyfile, - args.id, args.name, args.sign) - start_response('200 OK', [('Content-Type', "text/xml")]) + metadata = create_metadata_string( + path + args.config, IDP.config, args.valid, args.cert, args.keyfile, args.id, args.name, args.sign + ) + start_response("200 OK", [("Content-Type", "text/xml")]) return metadata except Exception as ex: logger.error("An error occured while creating metadata:", ex.message) @@ -890,13 +855,13 @@ def staticfile(environ, start_response): path = os.path.dirname(os.path.abspath(__file__)) if path[-1] != "/": path += "/" - path += environ.get('PATH_INFO', '').lstrip('/') + path += environ.get("PATH_INFO", "").lstrip("/") path = os.path.realpath(path) if not path.startswith(args.path): resp = Unauthorized() return resp(environ, start_response) - start_response('200 OK', [('Content-Type', "text/xml")]) - return open(path, 'r').read() + start_response("200 OK", [("Content-Type", "text/xml")]) + return open(path).read() except Exception as ex: logger.error("An error occured while creating metadata:", ex.message) return not_found(environ, start_response) @@ -917,7 +882,7 @@ def application(environ, start_response): :return: The response as a list of lines """ - path = environ.get('PATH_INFO', '').lstrip('/') + path = environ.get("PATH_INFO", "").lstrip("/") if path == "metadata": return metadata(environ, start_response) @@ -948,9 +913,9 @@ def application(environ, start_response): match = re.search(regex, path) if match is not None: try: - environ['myapp.url_args'] = match.groups()[0] + environ["myapp.url_args"] = match.groups()[0] except IndexError: - environ['myapp.url_args'] = path + environ["myapp.url_args"] = path logger.debug("Callback: %s", callback) if isinstance(callback, tuple): @@ -959,71 +924,74 @@ def application(environ, start_response): return func() return callback(environ, start_response, user) - if re.search(r'static/.*', path) is not None: + if re.search(r"static/.*", path) is not None: return staticfile(environ, start_response) return not_found(environ, start_response) + # ---------------------------------------------------------------------------- # allow uwsgi or gunicorn mount # by moving some initialization out of __name__ == '__main__' section. # uwsgi -s 0.0.0.0:8088 --protocol http --callable application --module idp -args = type('Config', (object,), {}) -args.config = 'idp_conf' -args.mako_root = './' +args = type("Config", (object,), {}) +args.config = "idp_conf" +args.mako_root = "./" args.path = None import socket -from idp_user import USERS + from idp_user import EXTRA +from idp_user import USERS from mako.lookup import TemplateLookup + AUTHN_BROKER = AuthnBroker() -AUTHN_BROKER.add(authn_context_class_ref(PASSWORD), - username_password_authn, 10, - "http://%s" % socket.gethostname()) -AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), - "", 0, "http://%s" % socket.gethostname()) +AUTHN_BROKER.add(authn_context_class_ref(PASSWORD), username_password_authn, 10, f"http://{socket.gethostname()}") +AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), "", 0, f"http://{socket.gethostname()}") CONFIG = importlib.import_module(args.config) IDP = server.Server(args.config, cache=Cache()) IDP.ticket = {} # ---------------------------------------------------------------------------- -if __name__ == '__main__': +if __name__ == "__main__": from wsgiref.simple_server import make_server parser = argparse.ArgumentParser() - parser.add_argument('-p', dest='path', help='Path to configuration file.') - parser.add_argument('-v', dest='valid', - help="How long, in days, the metadata is valid from " - "the time of creation") - parser.add_argument('-c', dest='cert', help='certificate') - parser.add_argument('-i', dest='id', - help="The ID of the entities descriptor") - parser.add_argument('-k', dest='keyfile', - help="A file with a key to sign the metadata with") - parser.add_argument('-n', dest='name') - parser.add_argument('-s', dest='sign', action='store_true', - help="sign the metadata") - parser.add_argument('-m', dest='mako_root', default="./") + parser.add_argument("-p", dest="path", help="Path to configuration file.") + parser.add_argument( + "-v", dest="valid", help="How long, in days, the metadata is valid from " "the time of creation" + ) + parser.add_argument("-c", dest="cert", help="certificate") + parser.add_argument("-i", dest="id", help="The ID of the entities descriptor") + parser.add_argument("-k", dest="keyfile", help="A file with a key to sign the metadata with") + parser.add_argument("-n", dest="name") + parser.add_argument("-s", dest="sign", action="store_true", help="sign the metadata") + parser.add_argument("-m", dest="mako_root", default="./") parser.add_argument(dest="config") args = parser.parse_args() _rot = args.mako_root - LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'], - module_directory=_rot + 'modules', - input_encoding='utf-8', output_encoding='utf-8') + LOOKUP = TemplateLookup( + directories=[f"{_rot}templates", f"{_rot}htdocs"], + module_directory=f"{_rot}modules", + input_encoding="utf-8", + output_encoding="utf-8", + ) HOST = CONFIG.HOST PORT = CONFIG.PORT SRV = make_server(HOST, PORT, application) - print("IdP listening on %s:%s" % (HOST, PORT)) + print(f"IdP listening on {HOST}:{PORT}") SRV.serve_forever() else: _rot = args.mako_root - LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'], - module_directory=_rot + 'modules', - input_encoding='utf-8', output_encoding='utf-8') + LOOKUP = TemplateLookup( + directories=[f"{_rot}templates", f"{_rot}htdocs"], + module_directory=f"{_rot}modules", + input_encoding="utf-8", + output_encoding="utf-8", + ) diff --git a/example/idp2_repoze/idp.py b/example/idp2_repoze/idp.py index 3674eae83..cc36e9ec2 100755 --- a/example/idp2_repoze/idp.py +++ b/example/idp2_repoze/idp.py @@ -1,50 +1,50 @@ #!/usr/bin/env python import argparse import base64 - -import re +from hashlib import sha1 import logging +import os +import re import time -from hashlib import sha1 -from urlparse import parse_qs from Cookie import SimpleCookie -import os +from urlparse import parse_qs -from saml2 import server from saml2 import BINDING_HTTP_ARTIFACT -from saml2 import BINDING_URI +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_PAOS from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_URI +from saml2 import server from saml2 import time_util from saml2.authn import is_equal - -from saml2.authn_context import AuthnBroker from saml2.authn_context import PASSWORD from saml2.authn_context import UNSPECIFIED +from saml2.authn_context import AuthnBroker from saml2.authn_context import authn_context_class_ref -from saml2.httputil import Response +from saml2.httputil import BadRequest from saml2.httputil import NotFound -from saml2.httputil import geturl -from saml2.httputil import get_post from saml2.httputil import Redirect -from saml2.httputil import Unauthorized -from saml2.httputil import BadRequest +from saml2.httputil import Response from saml2.httputil import ServiceError +from saml2.httputil import Unauthorized +from saml2.httputil import get_post +from saml2.httputil import geturl from saml2.ident import Unknown from saml2.metadata import create_metadata_string -from saml2.s_utils import rndstr, exception_trace +from saml2.s_utils import PolicyError from saml2.s_utils import UnknownPrincipal from saml2.s_utils import UnsupportedBinding -from saml2.s_utils import PolicyError +from saml2.s_utils import exception_trace +from saml2.s_utils import rndstr from saml2.sigver import verify_redirect_signature + logger = logging.getLogger("saml2.idp") -class Cache(object): +class Cache: def __init__(self): self.user2uid = {} self.uid2user = {} @@ -67,9 +67,8 @@ def _expiration(timeout, tformat="%a, %d-%b-%Y %H:%M:%S GMT"): def get_eptid(idp, req_info, session): - return idp.eptid.get(idp.config.entityid, - req_info.sender(), session["permanent_id"], - session["authn_auth"]) + return idp.eptid.get(idp.config.entityid, req_info.sender(), session["permanent_id"], session["authn_auth"]) + # ----------------------------------------------------------------------------- @@ -77,10 +76,11 @@ def get_eptid(idp, req_info, session): def dict2list_of_tuples(d): return [(k, v) for k, v in d.items()] + # ----------------------------------------------------------------------------- -class Service(object): +class Service: def __init__(self, environ, start_response, user=None): self.environ = environ logger.debug("ENVIRON: %s", environ) @@ -90,7 +90,7 @@ def __init__(self, environ, start_response, user=None): def unpack_redirect(self): if "QUERY_STRING" in self.environ: _qs = self.environ["QUERY_STRING"] - return dict([(k, v[0]) for k, v in parse_qs(_qs).items()]) + return {k: v[0] for k, v in parse_qs(_qs).items()} else: return None @@ -98,7 +98,7 @@ def unpack_post(self): _dict = parse_qs(get_post(self.environ)) logger.debug("unpack_post:: %s", _dict) try: - return dict([(k, v[0]) for k, v in _dict.items()]) + return {k: v[0] for k, v in _dict.items()} except Exception: return None @@ -121,13 +121,12 @@ def unpack_either(self): def operation(self, _dict, binding): logger.debug("_operation: %s", _dict) - if not _dict or not 'SAMLRequest' in _dict: - resp = BadRequest('Error parsing request or no request') + if not _dict or not "SAMLRequest" in _dict: + resp = BadRequest("Error parsing request or no request") return resp(self.environ, self.start_response) else: try: - return self.do(_dict["SAMLRequest"], binding, - _dict["RelayState"]) + return self.do(_dict["SAMLRequest"], binding, _dict["RelayState"]) except KeyError: # Can live with no relay state return self.do(_dict["SAMLRequest"], binding) @@ -140,8 +139,7 @@ def artifact_operation(self, _dict): # exchange artifact for request request = IDP.artifact2message(_dict["SAMLart"], "spsso") try: - return self.do(request, BINDING_HTTP_ARTIFACT, - _dict["RelayState"]) + return self.do(request, BINDING_HTTP_ARTIFACT, _dict["RelayState"]) except KeyError: return self.do(request, BINDING_HTTP_ARTIFACT) @@ -156,13 +154,13 @@ def do(self, query, binding, relay_state=""): pass def redirect(self): - """ Expects a HTTP-redirect request """ + """Expects a HTTP-redirect request""" _dict = self.unpack_redirect() return self.operation(_dict, BINDING_HTTP_REDIRECT) def post(self): - """ Expects a HTTP-POST request """ + """Expects a HTTP-POST request""" _dict = self.unpack_post() return self.operation(_dict, BINDING_HTTP_POST) @@ -205,9 +203,9 @@ def uri(self): def not_authn(self, key, requested_authn_context): ruri = geturl(self.environ, query=False) - return do_authentication(self.environ, self.start_response, - authn_context=requested_authn_context, - key=key, redirect_uri=ruri) + return do_authentication( + self.environ, self.start_response, authn_context=requested_authn_context, key=key, redirect_uri=ruri + ) # ----------------------------------------------------------------------------- @@ -247,7 +245,7 @@ def verify_request(self, query, binding): resp_args = {} if not query: logger.info("Missing QUERY") - resp = Unauthorized('Unknown user') + resp = Unauthorized("Unknown user") return resp_args, resp(self.environ, self.start_response) if not self.req_info: @@ -258,23 +256,19 @@ def verify_request(self, query, binding): logger.debug("%s", _authn_req) self.binding_out, self.destination = IDP.pick_binding( - "assertion_consumer_service", - bindings=self.response_bindings, - entity_id=_authn_req.issuer.text) + "assertion_consumer_service", bindings=self.response_bindings, entity_id=_authn_req.issuer.text + ) - logger.debug("Binding: %s, destination: %s", self.binding_out, - self.destination) + logger.debug("Binding: %s, destination: %s", self.binding_out, self.destination) resp_args = {} try: resp_args = IDP.response_args(_authn_req) _resp = None except UnknownPrincipal as excp: - _resp = IDP.create_error_response(_authn_req.id, - self.destination, excp) + _resp = IDP.create_error_response(_authn_req.id, self.destination, excp) except UnsupportedBinding as excp: - _resp = IDP.create_error_response(_authn_req.id, - self.destination, excp) + _resp = IDP.create_error_response(_authn_req.id, self.destination, excp) return resp_args, _resp @@ -283,16 +277,16 @@ def do(self, query, binding_in, relay_state=""): resp_args, _resp = self.verify_request(query, binding_in) except UnknownPrincipal as excp: logger.error("UnknownPrincipal: %s", excp) - resp = ServiceError("UnknownPrincipal: %s" % (excp,)) + resp = ServiceError(f"UnknownPrincipal: {excp}") return resp(self.environ, self.start_response) except UnsupportedBinding as excp: logger.error("UnsupportedBinding: %s", excp) - resp = ServiceError("UnsupportedBinding: %s" % (excp,)) + resp = ServiceError(f"UnsupportedBinding: {excp}") return resp(self.environ, self.start_response) if not _resp: identity = USERS[self.user].copy() - #identity["eduPersonTargetedID"] = get_eptid(IDP, query, session) + # identity["eduPersonTargetedID"] = get_eptid(IDP, query, session) logger.info("Identity: %s", identity) if REPOZE_ID_EQUIVALENT: @@ -302,18 +296,20 @@ def do(self, query, binding_in, relay_state=""): if sign_assertion is None: sign_assertion = False _resp = IDP.create_authn_response( - identity, userid=self.user, - authn=AUTHN_BROKER[self.environ["idp.authn_ref"]], sign_assertion=sign_assertion, - sign_response=False, **resp_args) + identity, + userid=self.user, + authn=AUTHN_BROKER[self.environ["idp.authn_ref"]], + sign_assertion=sign_assertion, + sign_response=False, + **resp_args, + ) except Exception as excp: logging.error(exception_trace(excp)) - resp = ServiceError("Exception: %s" % (excp,)) + resp = ServiceError(f"Exception: {excp}") return resp(self.environ, self.start_response) logger.info("AuthNResponse: %s", _resp) - http_args = IDP.apply_binding(self.binding_out, - "%s" % _resp, self.destination, - relay_state, response=True) + http_args = IDP.apply_binding(self.binding_out, f"{_resp}", self.destination, relay_state, response=True) logger.debug("HTTPargs: %s", http_args) return self.response(self.binding_out, http_args) @@ -325,7 +321,7 @@ def _store_request(self, _dict): return key def redirect(self): - """ This is the HTTP-redirect endpoint """ + """This is the HTTP-redirect endpoint""" logger.info("--- In SSO Redirect ---") _info = self.unpack_redirect() @@ -337,8 +333,7 @@ def redirect(self): del IDP.ticket[_key] except KeyError: try: - self.req_info = IDP.parse_authn_request(_info["SAMLRequest"], - BINDING_HTTP_REDIRECT) + self.req_info = IDP.parse_authn_request(_info["SAMLRequest"], BINDING_HTTP_REDIRECT) except KeyError: resp = BadRequest("Message signature verification failure") return resp(self.environ, self.start_response) @@ -350,8 +345,7 @@ def redirect(self): _certs = IDP.metadata.certs(issuer, "any", "signing") verified_ok = False for cert in _certs: - if verify_redirect_signature(_info, IDP.sec.sec_backend, - cert): + if verify_redirect_signature(_info, IDP.sec.sec_backend, cert): verified_ok = True break if not verified_ok: @@ -378,8 +372,7 @@ def post(self): """ logger.info("--- In SSO POST ---") _info = self.unpack_either() - self.req_info = IDP.parse_authn_request( - _info["SAMLRequest"], BINDING_HTTP_POST) + self.req_info = IDP.parse_authn_request(_info["SAMLRequest"], BINDING_HTTP_POST) _req = self.req_info.message if self.user: if _req.force_authn: @@ -434,13 +427,13 @@ def ecp(self): # Basic auth ?! return self.operation(_dict, BINDING_SOAP) + # ----------------------------------------------------------------------------- # === Authentication ==== # ----------------------------------------------------------------------------- -def do_authentication(environ, start_response, authn_context, key, - redirect_uri): +def do_authentication(environ, start_response, authn_context, key, redirect_uri): """ Display the login form """ @@ -458,22 +451,17 @@ def do_authentication(environ, start_response, authn_context, key, # ----------------------------------------------------------------------------- -PASSWD = {"haho0032": "qwerty", - "roland": "dianakra", - "babs": "howes", - "upper": "crust"} +PASSWD = {"haho0032": "qwerty", "roland": "dianakra", "babs": "howes", "upper": "crust"} -def username_password_authn(environ, start_response, reference, key, - redirect_uri): +def username_password_authn(environ, start_response, reference, key, redirect_uri): """ Display the login form """ logger.info("The login page") headers = [] - resp = Response(mako_template="login.mako", template_lookup=LOOKUP, - headers=headers) + resp = Response(mako_template="login.mako", template_lookup=LOOKUP, headers=headers) argv = { "action": "/verify", @@ -481,7 +469,7 @@ def username_password_authn(environ, start_response, reference, key, "password": "", "key": key, "authn_reference": reference, - "redirect_uri": redirect_uri + "redirect_uri": redirect_uri, } logger.info("do_authentication argv: %s", argv) return resp(environ, start_response, **argv) @@ -517,8 +505,7 @@ def do_verify(environ, start_response, _): kaka = set_cookie("idpauthn", "/", uid, query["authn_reference"][0]) - lox = "%s?id=%s&key=%s" % (query["redirect_uri"][0], uid, - query["key"][0]) + lox = f"{query['redirect_uri'][0]}?id={uid}&key={query['key'][0]}" logger.debug("Redirect => %s", lox) resp = Redirect(lox, headers=[kaka], content="text/html") @@ -535,13 +522,14 @@ def not_found(environ, start_response): # === Single log out === # ----------------------------------------------------------------------------- -#def _subject_sp_info(req_info): +# def _subject_sp_info(req_info): # # look for the subject # subject = req_info.subject_id() # subject = subject.text.strip() # sp_entity_id = req_info.message.issuer.text.strip() # return subject, sp_entity_id + class SLO(Service): def do(self, request, binding, relay_state=""): logger.info("--- Single Log Out Service ---") @@ -551,7 +539,7 @@ def do(self, request, binding, relay_state=""): req_info = IDP.parse_logout_request(body, binding) except Exception as exc: logger.error("Bad request: %s", exc) - resp = BadRequest("%s" % exc) + resp = BadRequest(f"{exc}") return resp(self.environ, self.start_response) msg = req_info.message @@ -568,19 +556,19 @@ def do(self, request, binding, relay_state=""): IDP.session_db.remove_authn_statements(msg.name_id) except KeyError as exc: logger.error("ServiceError: %s", exc) - resp = ServiceError("%s" % exc) + resp = ServiceError(f"{exc}") return resp(self.environ, self.start_response) resp = IDP.create_logout_response(msg, [binding]) try: - hinfo = IDP.apply_binding(binding, "%s" % resp, "", relay_state) + hinfo = IDP.apply_binding(binding, f"{resp}", "", relay_state) except Exception as exc: logger.error("ServiceError: %s", exc) - resp = ServiceError("%s" % exc) + resp = ServiceError(f"{exc}") return resp(self.environ, self.start_response) - #_tlh = dict2list_of_tuples(hinfo["headers"]) + # _tlh = dict2list_of_tuples(hinfo["headers"]) delco = delete_cookie(self.environ, "idpauthn") if delco: hinfo["headers"].append(delco) @@ -588,13 +576,13 @@ def do(self, request, binding, relay_state=""): resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) + # ---------------------------------------------------------------------------- # Manage Name ID service # ---------------------------------------------------------------------------- class NMI(Service): - def do(self, query, binding, relay_state=""): logger.info("--- Manage Name ID Service ---") req = IDP.parse_manage_name_id_request(query, binding) @@ -602,20 +590,20 @@ def do(self, query, binding, relay_state=""): # Do the necessary stuff name_id = IDP.ident.handle_manage_name_id_request( - request.name_id, request.new_id, request.new_encrypted_id, - request.terminate) + request.name_id, request.new_id, request.new_encrypted_id, request.terminate + ) logger.debug("New NameID: %s", name_id) _resp = IDP.create_manage_name_id_response(request) # It's using SOAP binding - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % _resp, "", - relay_state, response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{_resp}", "", relay_state, response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) + # ---------------------------------------------------------------------------- # === Assertion ID request === # ---------------------------------------------------------------------------- @@ -632,7 +620,7 @@ def do(self, aid, binding, relay_state=""): resp = NotFound(aid) return resp(self.environ, self.start_response) - hinfo = IDP.apply_binding(BINDING_URI, "%s" % assertion, response=True) + hinfo = IDP.apply_binding(BINDING_URI, f"{assertion}", response=True) logger.debug("HINFO: %s", hinfo) resp = Response(hinfo["data"], headers=hinfo["headers"]) @@ -641,7 +629,7 @@ def do(self, aid, binding, relay_state=""): def operation(self, _dict, binding, **kwargs): logger.debug("_operation: %s", _dict) if not _dict or "ID" not in _dict: - resp = BadRequest('Error parsing request or no request') + resp = BadRequest("Error parsing request or no request") return resp(self.environ, self.start_response) return self.do(_dict["ID"], binding, **kwargs) @@ -651,18 +639,19 @@ def operation(self, _dict, binding, **kwargs): # === Artifact resolve service === # ---------------------------------------------------------------------------- + class ARS(Service): def do(self, request, binding, relay_state=""): _req = IDP.parse_artifact_resolve(request, binding) msg = IDP.create_artifact_response(_req, _req.artifact.text) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) + # ---------------------------------------------------------------------------- # === Authn query service === # ---------------------------------------------------------------------------- @@ -675,13 +664,10 @@ def do(self, request, binding, relay_state=""): _req = IDP.parse_authn_query(request, binding) _query = _req.message - msg = IDP.create_authn_query_response(_query.subject, - _query.requested_authn_context, - _query.session_index) + msg = IDP.create_authn_query_response(_query.subject, _query.requested_authn_context, _query.session_index) logger.debug("response: %s", msg) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -707,16 +693,15 @@ def do(self, request, binding, relay_state=""): # Comes in over SOAP so only need to construct the response args = IDP.response_args(_query, [BINDING_SOAP]) - msg = IDP.create_attribute_response(identity, - name_id=name_id, **args) + msg = IDP.create_attribute_response(identity, name_id=name_id, **args) logger.debug("response: %s", msg) - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % msg, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{msg}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) + # ---------------------------------------------------------------------------- # Name ID Mapping service # When an entity that shares an identifier for a principal with an identity @@ -732,8 +717,7 @@ def do(self, query, binding, relay_state=""): request = req.message # Do the necessary stuff try: - name_id = IDP.ident.handle_name_id_mapping_request( - request.name_id, request.name_id_policy) + name_id = IDP.ident.handle_name_id_mapping_request(request.name_id, request.name_id_policy) except Unknown: resp = BadRequest("Unknown entity") return resp(self.environ, self.start_response) @@ -745,8 +729,7 @@ def do(self, query, binding, relay_state=""): _resp = IDP.create_name_id_mapping_response(name_id, **info) # Only SOAP - hinfo = IDP.apply_binding(BINDING_SOAP, "%s" % _resp, "", "", - response=True) + hinfo = IDP.apply_binding(BINDING_SOAP, f"{_resp}", "", "", response=True) resp = Response(hinfo["data"], headers=hinfo["headers"]) return resp(self.environ, self.start_response) @@ -772,14 +755,14 @@ def info_from_cookie(kaka): def delete_cookie(environ, name): - kaka = environ.get("HTTP_COOKIE", '') + kaka = environ.get("HTTP_COOKIE", "") logger.debug("delete KAKA: %s", kaka) if kaka: cookie_obj = SimpleCookie(kaka) morsel = cookie_obj.get(name, None) cookie = SimpleCookie() cookie[name] = "" - cookie[name]['path'] = "/" + cookie[name]["path"] = "/" logger.debug("Expire: %s", morsel) cookie[name]["expires"] = _expiration("dawn") return tuple(cookie.output().split(": ", 1)) @@ -789,53 +772,54 @@ def delete_cookie(environ, name): def set_cookie(name, _, *args): cookie = SimpleCookie() cookie[name] = base64.b64encode(":".join(args)) - cookie[name]['path'] = "/" + cookie[name]["path"] = "/" cookie[name]["expires"] = _expiration(5) # 5 minutes from now logger.debug("Cookie expires: %s", cookie[name]["expires"]) return tuple(cookie.output().split(": ", 1)) + # ---------------------------------------------------------------------------- # map urls to functions AUTHN_URLS = [ # sso - (r'sso/post$', (SSO, "post")), - (r'sso/post/(.*)$', (SSO, "post")), - (r'sso/redirect$', (SSO, "redirect")), - (r'sso/redirect/(.*)$', (SSO, "redirect")), - (r'sso/art$', (SSO, "artifact")), - (r'sso/art/(.*)$', (SSO, "artifact")), + (r"sso/post$", (SSO, "post")), + (r"sso/post/(.*)$", (SSO, "post")), + (r"sso/redirect$", (SSO, "redirect")), + (r"sso/redirect/(.*)$", (SSO, "redirect")), + (r"sso/art$", (SSO, "artifact")), + (r"sso/art/(.*)$", (SSO, "artifact")), # slo - (r'slo/redirect$', (SLO, "redirect")), - (r'slo/redirect/(.*)$', (SLO, "redirect")), - (r'slo/post$', (SLO, "post")), - (r'slo/post/(.*)$', (SLO, "post")), - (r'slo/soap$', (SLO, "soap")), - (r'slo/soap/(.*)$', (SLO, "soap")), + (r"slo/redirect$", (SLO, "redirect")), + (r"slo/redirect/(.*)$", (SLO, "redirect")), + (r"slo/post$", (SLO, "post")), + (r"slo/post/(.*)$", (SLO, "post")), + (r"slo/soap$", (SLO, "soap")), + (r"slo/soap/(.*)$", (SLO, "soap")), # - (r'airs$', (AIDR, "uri")), - (r'ars$', (ARS, "soap")), + (r"airs$", (AIDR, "uri")), + (r"ars$", (ARS, "soap")), # mni - (r'mni/post$', (NMI, "post")), - (r'mni/post/(.*)$', (NMI, "post")), - (r'mni/redirect$', (NMI, "redirect")), - (r'mni/redirect/(.*)$', (NMI, "redirect")), - (r'mni/art$', (NMI, "artifact")), - (r'mni/art/(.*)$', (NMI, "artifact")), - (r'mni/soap$', (NMI, "soap")), - (r'mni/soap/(.*)$', (NMI, "soap")), + (r"mni/post$", (NMI, "post")), + (r"mni/post/(.*)$", (NMI, "post")), + (r"mni/redirect$", (NMI, "redirect")), + (r"mni/redirect/(.*)$", (NMI, "redirect")), + (r"mni/art$", (NMI, "artifact")), + (r"mni/art/(.*)$", (NMI, "artifact")), + (r"mni/soap$", (NMI, "soap")), + (r"mni/soap/(.*)$", (NMI, "soap")), # nim - (r'nim$', (NIM, "soap")), - (r'nim/(.*)$', (NIM, "soap")), + (r"nim$", (NIM, "soap")), + (r"nim/(.*)$", (NIM, "soap")), # - (r'aqs$', (AQS, "soap")), - (r'attr$', (ATTR, "soap")) + (r"aqs$", (AQS, "soap")), + (r"attr$", (ATTR, "soap")), ] NON_AUTHN_URLS = [ - #(r'login?(.*)$', do_authentication), - (r'verify?(.*)$', do_verify), - (r'sso/ecp$', (SSO, "ecp")), + # (r'login?(.*)$', do_authentication), + (r"verify?(.*)$", do_verify), + (r"sso/ecp$", (SSO, "ecp")), ] # ---------------------------------------------------------------------------- @@ -845,18 +829,19 @@ def metadata(environ, start_response): try: path = args.path if path is None or len(path) == 0: - path = os.path.dirname(os.path.abspath( __file__ )) + path = os.path.dirname(os.path.abspath(__file__)) if path[-1] != "/": path += "/" - metadata = create_metadata_string(path+args.config, IDP.config, - args.valid, args.cert, args.keyfile, - args.id, args.name, args.sign) - start_response('200 OK', [('Content-Type', "text/xml")]) + metadata = create_metadata_string( + path + args.config, IDP.config, args.valid, args.cert, args.keyfile, args.id, args.name, args.sign + ) + start_response("200 OK", [("Content-Type", "text/xml")]) return metadata except Exception as ex: logger.error("An error occured while creating metadata: %s", ex.message) return not_found(environ, start_response) + def staticfile(environ, start_response): try: path = args.path @@ -864,13 +849,14 @@ def staticfile(environ, start_response): path = os.path.dirname(os.path.abspath(__file__)) if path[-1] != "/": path += "/" - path += environ.get('PATH_INFO', '').lstrip('/') - start_response('200 OK', [('Content-Type', "text/xml")]) - return open(path, 'r').read() + path += environ.get("PATH_INFO", "").lstrip("/") + start_response("200 OK", [("Content-Type", "text/xml")]) + return open(path).read() except Exception as ex: logger.error("An error occured while creating metadata: %s", ex.message) return not_found(environ, start_response) + def application(environ, start_response): """ The main WSGI application. Dispatch the current request to @@ -886,7 +872,7 @@ def application(environ, start_response): :return: The response as a list of lines """ - path = environ.get('PATH_INFO', '').lstrip('/') + path = environ.get("PATH_INFO", "").lstrip("/") if path == "metadata": return metadata(environ, start_response) @@ -916,9 +902,9 @@ def application(environ, start_response): match = re.search(regex, path) if match is not None: try: - environ['myapp.url_args'] = match.groups()[0] + environ["myapp.url_args"] = match.groups()[0] except IndexError: - environ['myapp.url_args'] = path + environ["myapp.url_args"] = path logger.debug("Callback: %s", (callback,)) if isinstance(callback, tuple): @@ -927,70 +913,72 @@ def application(environ, start_response): return func() return callback(environ, start_response, user) - if re.search(r'static/.*', path) is not None: + if re.search(r"static/.*", path) is not None: return staticfile(environ, start_response) return not_found(environ, start_response) + # ---------------------------------------------------------------------------- # allow uwsgi or gunicorn mount # by moving some initialization out of __name__ == '__main__' section. # uwsgi -s 0.0.0.0:8088 --protocol http --callable application --module idp -args = type('Config', (object,), { }) -args.config = 'idp_conf' -args.mako_root = './' +args = type("Config", (object,), {}) +args.config = "idp_conf" +args.mako_root = "./" args.path = None import socket -from idp_user import USERS + from idp_user import EXTRA +from idp_user import USERS from mako.lookup import TemplateLookup + AUTHN_BROKER = AuthnBroker() -AUTHN_BROKER.add(authn_context_class_ref(PASSWORD), - username_password_authn, 10, - "http://%s" % socket.gethostname()) -AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), - "", 0, "http://%s" % socket.gethostname()) +AUTHN_BROKER.add(authn_context_class_ref(PASSWORD), username_password_authn, 10, f"http://{socket.gethostname()}") +AUTHN_BROKER.add(authn_context_class_ref(UNSPECIFIED), "", 0, f"http://{socket.gethostname()}") IDP = server.Server(args.config, cache=Cache()) IDP.ticket = {} # ---------------------------------------------------------------------------- -if __name__ == '__main__': +if __name__ == "__main__": from wsgiref.simple_server import make_server parser = argparse.ArgumentParser() - parser.add_argument('-p', dest='path', help='Path to configuration file.') - parser.add_argument('-v', dest='valid', - help="How long, in days, the metadata is valid from the time of creation") - parser.add_argument('-c', dest='cert', help='certificate') - parser.add_argument('-i', dest='id', - help="The ID of the entities descriptor") - parser.add_argument('-k', dest='keyfile', - help="A file with a key to sign the metadata with") - parser.add_argument('-n', dest='name') - parser.add_argument('-s', dest='sign', action='store_true', - help="sign the metadata") - parser.add_argument('-m', dest='mako_root', default="./") + parser.add_argument("-p", dest="path", help="Path to configuration file.") + parser.add_argument("-v", dest="valid", help="How long, in days, the metadata is valid from the time of creation") + parser.add_argument("-c", dest="cert", help="certificate") + parser.add_argument("-i", dest="id", help="The ID of the entities descriptor") + parser.add_argument("-k", dest="keyfile", help="A file with a key to sign the metadata with") + parser.add_argument("-n", dest="name") + parser.add_argument("-s", dest="sign", action="store_true", help="sign the metadata") + parser.add_argument("-m", dest="mako_root", default="./") parser.add_argument(dest="config") args = parser.parse_args() _rot = args.mako_root - LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'], - module_directory=_rot + 'modules', - input_encoding='utf-8', output_encoding='utf-8') - - HOST = '127.0.0.1' + LOOKUP = TemplateLookup( + directories=[f"{_rot}templates", f"{_rot}htdocs"], + module_directory=f"{_rot}modules", + input_encoding="utf-8", + output_encoding="utf-8", + ) + + HOST = "127.0.0.1" PORT = 8088 SRV = make_server(HOST, PORT, application) - print("IdP listening on %s:%s" % (HOST, PORT)) + print(f"IdP listening on {HOST}:{PORT}") SRV.serve_forever() else: _rot = args.mako_root - LOOKUP = TemplateLookup(directories=[_rot + 'templates', _rot + 'htdocs'], - module_directory=_rot + 'modules', - input_encoding='utf-8', output_encoding='utf-8') + LOOKUP = TemplateLookup( + directories=[f"{_rot}templates", f"{_rot}htdocs"], + module_directory=f"{_rot}modules", + input_encoding="utf-8", + output_encoding="utf-8", + ) diff --git a/example/idp2_repoze/idp_conf.py.example b/example/idp2_repoze/idp_conf.py.example index 6fd871486..074d65c77 100644 --- a/example/idp2_repoze/idp_conf.py.example +++ b/example/idp2_repoze/idp_conf.py.example @@ -1,13 +1,16 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- -from saml2 import BINDING_HTTP_REDIRECT, BINDING_URI +import os.path + from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP +from saml2 import BINDING_URI from saml2.saml import NAME_FORMAT_URI -from saml2.saml import NAMEID_FORMAT_TRANSIENT from saml2.saml import NAMEID_FORMAT_PERSISTENT -import os.path +from saml2.saml import NAMEID_FORMAT_TRANSIENT + try: from saml2.sigver import get_xmlsec_binary diff --git a/example/idp2_repoze/idp_user.py b/example/idp2_repoze/idp_user.py index aa60c7da2..3ce618649 100644 --- a/example/idp2_repoze/idp_user.py +++ b/example/idp2_repoze/idp_user.py @@ -14,7 +14,7 @@ "email": "hans@example.com", "displayName": "Hans Hoerberg", "labeledURL": "http://www.example.com/haho My homepage", - "norEduPersonNIN": "SE199012315555" + "norEduPersonNIN": "SE199012315555", }, "roland": { "sn": "Hedberg", @@ -27,28 +27,20 @@ "o": "Example Co.", "ou": "IT", "initials": "P", - #"schacHomeOrganization": "example.com", + # "schacHomeOrganization": "example.com", "email": "roland@example.com", "displayName": "P. Roland Hedberg", "labeledURL": "http://www.example.com/rohe My homepage", - "norEduPersonNIN": "SE197001012222" - }, - "babs": { - "surname": "Babs", - "givenName": "Ozzie", - "eduPersonAffiliation": "affiliate" - }, - "upper": { - "surname": "Jeter", - "givenName": "Derek", - "eduPersonAffiliation": "affiliate" + "norEduPersonNIN": "SE197001012222", }, + "babs": {"surname": "Babs", "givenName": "Ozzie", "eduPersonAffiliation": "affiliate"}, + "upper": {"surname": "Jeter", "givenName": "Derek", "eduPersonAffiliation": "affiliate"}, } EXTRA = { "roland": { "eduPersonEntitlement": "urn:mace:swamid.se:foo:bar", "schacGender": "male", - "schacUserPresenceID": "skype:pepe.perez" + "schacUserPresenceID": "skype:pepe.perez", } -} \ No newline at end of file +} diff --git a/example/idp2_repoze/modules/login.mako.py b/example/idp2_repoze/modules/login.mako.py index 599ef0641..211fa37f1 100644 --- a/example/idp2_repoze/modules/login.mako.py +++ b/example/idp2_repoze/modules/login.mako.py @@ -1,14 +1,14 @@ -# -*- encoding:utf-8 -*- -from mako import runtime, filters, cache +from mako import cache, runtime + UNDEFINED = runtime.UNDEFINED __M_dict_builtin = dict __M_locals_builtin = locals _magic_number = 6 _modified_time = 1367126126.936375 -_template_filename='htdocs/login.mako' -_template_uri='login.mako' -_template_cache=cache.Cache(__name__, _modified_time) -_source_encoding='utf-8' +_template_filename = "htdocs/login.mako" +_template_uri = "login.mako" +_template_cache = cache.Cache(__name__, _modified_time) +_source_encoding = "utf-8" _exports = [] @@ -18,44 +18,56 @@ def _mako_get_namespace(context, name): except KeyError: _mako_generate_namespaces(context) return context.namespaces[(__name__, name)] + + def _mako_generate_namespaces(context): pass + + def _mako_inherit(template, context): _mako_generate_namespaces(context) - return runtime._inherit_from(context, u'root.mako', _template_uri) -def render_body(context,**pageargs): + return runtime._inherit_from(context, "root.mako", _template_uri) + + +def render_body(context, **pageargs): context.caller_stack._push_frame() try: __M_locals = __M_dict_builtin(pageargs=pageargs) - redirect_uri = context.get('redirect_uri', UNDEFINED) - key = context.get('key', UNDEFINED) - action = context.get('action', UNDEFINED) - authn_reference = context.get('authn_reference', UNDEFINED) - login = context.get('login', UNDEFINED) - password = context.get('password', UNDEFINED) + redirect_uri = context.get("redirect_uri", UNDEFINED) + key = context.get("key", UNDEFINED) + action = context.get("action", UNDEFINED) + authn_reference = context.get("authn_reference", UNDEFINED) + login = context.get("login", UNDEFINED) + password = context.get("password", UNDEFINED) __M_writer = context.writer() # SOURCE LINE 1 - __M_writer(u'\n\n

Please log in

\n

\n To register it\'s quite simple: enter a login and a password\n

\n\n
\n To register it\'s quite simple: enter a login and a password\n

\n\n\n \n \n \n \n \n \n\n
\n \n
\n
\n \n\n
\n \n
\n
\n
\n
\n\n
\n \n
\n
\n
\n
\n\n
\n \n
\n
\n \n
\n\n \n\n') - return '' + __M_writer( + '"/>\n
\n\n \n\n' + ) + return "" finally: context.caller_stack._pop_frame() - - diff --git a/example/idp2_repoze/modules/root.mako.py b/example/idp2_repoze/modules/root.mako.py index edf72bad1..411992323 100644 --- a/example/idp2_repoze/modules/root.mako.py +++ b/example/idp2_repoze/modules/root.mako.py @@ -1,87 +1,90 @@ -# -*- encoding:utf-8 -*- from mako import runtime, filters, cache + UNDEFINED = runtime.UNDEFINED __M_dict_builtin = dict __M_locals_builtin = locals _magic_number = 6 _modified_time = 1357242050.211483 -_template_filename=u'templates/root.mako' -_template_uri=u'root.mako' -_template_cache=cache.Cache(__name__, _modified_time) -_source_encoding='utf-8' -_exports = ['css_link', 'pre', 'post', 'css'] +_template_filename = "templates/root.mako" +_template_uri = "root.mako" +_template_cache = cache.Cache(__name__, _modified_time) +_source_encoding = "utf-8" +_exports = ["css_link", "pre", "post", "css"] -def render_body(context,**pageargs): +def render_body(context, **pageargs): context.caller_stack._push_frame() try: __M_locals = __M_dict_builtin(pageargs=pageargs) + def pre(): return render_pre(context.locals_(__M_locals)) - self = context.get('self', UNDEFINED) - set = context.get('set', UNDEFINED) + + self = context.get("self", UNDEFINED) + set = context.get("set", UNDEFINED) + def post(): return render_post(context.locals_(__M_locals)) - next = context.get('next', UNDEFINED) + + next = context.get("next", UNDEFINED) __M_writer = context.writer() # SOURCE LINE 1 - self.seen_css = set() - - __M_writer(u'\n') + self.seen_css = set() + + __M_writer("\n") # SOURCE LINE 7 - __M_writer(u'\n') + __M_writer("\n") # SOURCE LINE 10 - __M_writer(u'\n') + __M_writer("\n") # SOURCE LINE 15 - __M_writer(u'\n') + __M_writer("\n") # SOURCE LINE 22 - __M_writer(u'\n') + __M_writer("\n") # SOURCE LINE 25 - __M_writer(u'\nIDP test login\n ') + __M_writer("\nIDP test login\n ") # SOURCE LINE 27 __M_writer(unicode(self.css())) - __M_writer(u'\n \n\n\n ') + __M_writer('\n \n\n\n ') # SOURCE LINE 31 __M_writer(unicode(pre())) - __M_writer(u'\n') + __M_writer("\n") # SOURCE LINE 34 __M_writer(unicode(next.body())) - __M_writer(u'\n') + __M_writer("\n") # SOURCE LINE 35 __M_writer(unicode(post())) - __M_writer(u'\n\n\n') - return '' + __M_writer("\n\n\n") + return "" finally: context.caller_stack._pop_frame() -def render_css_link(context,path,media=''): +def render_css_link(context, path, media=""): context.caller_stack._push_frame() try: context._push_buffer() - self = context.get('self', UNDEFINED) + self = context.get("self", UNDEFINED) __M_writer = context.writer() # SOURCE LINE 2 - __M_writer(u'\n') + __M_writer("\n") # SOURCE LINE 3 if path not in self.seen_css: # SOURCE LINE 4 - __M_writer(u' \n') - pass + __M_writer('">\n') # SOURCE LINE 6 - __M_writer(u' ') - self.seen_css.add(path) - - __M_writer(u'\n') + __M_writer(" ") + self.seen_css.add(path) + + __M_writer("\n") finally: __M_buf, __M_writer = context._pop_buffer_and_writer() context.caller_stack._pop_frame() __M_writer(filters.trim(__M_buf.getvalue())) - return '' + return "" def render_pre(context): @@ -90,12 +93,12 @@ def render_pre(context): context._push_buffer() __M_writer = context.writer() # SOURCE LINE 11 - __M_writer(u'\n
\n

Login

\n
\n') + __M_writer('\n
\n

Login

\n
\n') finally: __M_buf, __M_writer = context._pop_buffer_and_writer() context.caller_stack._pop_frame() __M_writer(filters.trim(__M_buf.getvalue())) - return '' + return "" def render_post(context): @@ -104,30 +107,32 @@ def render_post(context): context._push_buffer() __M_writer = context.writer() # SOURCE LINE 16 - __M_writer(u'\n
\n
\n

© Copyright 2011 Umeå Universitet  

\n
\n
\n') + __M_writer( + '\n
\n
\n

© Copyright 2011 Umeå Universitet  

\n
\n
\n' + ) finally: __M_buf, __M_writer = context._pop_buffer_and_writer() context.caller_stack._pop_frame() __M_writer(filters.trim(__M_buf.getvalue())) - return '' + return "" def render_css(context): context.caller_stack._push_frame() try: context._push_buffer() - def css_link(path,media=''): - return render_css_link(context,path,media) + + def css_link(path, media=""): + return render_css_link(context, path, media) + __M_writer = context.writer() # SOURCE LINE 8 - __M_writer(u'\n ') + __M_writer("\n ") # SOURCE LINE 9 - __M_writer(unicode(css_link('/css/main.css', 'screen'))) - __M_writer(u'\n') + __M_writer(unicode(css_link("/css/main.css", "screen"))) + __M_writer("\n") finally: __M_buf, __M_writer = context._pop_buffer_and_writer() context.caller_stack._pop_frame() __M_writer(filters.trim(__M_buf.getvalue())) - return '' - - + return "" diff --git a/example/sp-repoze/attributemaps/basic.py b/example/sp-repoze/attributemaps/basic.py index 9311d5471..a6a65743d 100644 --- a/example/sp-repoze/attributemaps/basic.py +++ b/example/sp-repoze/attributemaps/basic.py @@ -1,326 +1,325 @@ - MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", "fro": { - 'urn:mace:dir:attribute-def:aRecord': 'aRecord', - 'urn:mace:dir:attribute-def:aliasedEntryName': 'aliasedEntryName', - 'urn:mace:dir:attribute-def:aliasedObjectName': 'aliasedObjectName', - 'urn:mace:dir:attribute-def:associatedDomain': 'associatedDomain', - 'urn:mace:dir:attribute-def:associatedName': 'associatedName', - 'urn:mace:dir:attribute-def:audio': 'audio', - 'urn:mace:dir:attribute-def:authorityRevocationList': 'authorityRevocationList', - 'urn:mace:dir:attribute-def:buildingName': 'buildingName', - 'urn:mace:dir:attribute-def:businessCategory': 'businessCategory', - 'urn:mace:dir:attribute-def:c': 'c', - 'urn:mace:dir:attribute-def:cACertificate': 'cACertificate', - 'urn:mace:dir:attribute-def:cNAMERecord': 'cNAMERecord', - 'urn:mace:dir:attribute-def:carLicense': 'carLicense', - 'urn:mace:dir:attribute-def:certificateRevocationList': 'certificateRevocationList', - 'urn:mace:dir:attribute-def:cn': 'cn', - 'urn:mace:dir:attribute-def:co': 'co', - 'urn:mace:dir:attribute-def:commonName': 'commonName', - 'urn:mace:dir:attribute-def:countryName': 'countryName', - 'urn:mace:dir:attribute-def:crossCertificatePair': 'crossCertificatePair', - 'urn:mace:dir:attribute-def:dITRedirect': 'dITRedirect', - 'urn:mace:dir:attribute-def:dSAQuality': 'dSAQuality', - 'urn:mace:dir:attribute-def:dc': 'dc', - 'urn:mace:dir:attribute-def:deltaRevocationList': 'deltaRevocationList', - 'urn:mace:dir:attribute-def:departmentNumber': 'departmentNumber', - 'urn:mace:dir:attribute-def:description': 'description', - 'urn:mace:dir:attribute-def:destinationIndicator': 'destinationIndicator', - 'urn:mace:dir:attribute-def:displayName': 'displayName', - 'urn:mace:dir:attribute-def:distinguishedName': 'distinguishedName', - 'urn:mace:dir:attribute-def:dmdName': 'dmdName', - 'urn:mace:dir:attribute-def:dnQualifier': 'dnQualifier', - 'urn:mace:dir:attribute-def:documentAuthor': 'documentAuthor', - 'urn:mace:dir:attribute-def:documentIdentifier': 'documentIdentifier', - 'urn:mace:dir:attribute-def:documentLocation': 'documentLocation', - 'urn:mace:dir:attribute-def:documentPublisher': 'documentPublisher', - 'urn:mace:dir:attribute-def:documentTitle': 'documentTitle', - 'urn:mace:dir:attribute-def:documentVersion': 'documentVersion', - 'urn:mace:dir:attribute-def:domainComponent': 'domainComponent', - 'urn:mace:dir:attribute-def:drink': 'drink', - 'urn:mace:dir:attribute-def:eduOrgHomePageURI': 'eduOrgHomePageURI', - 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI', - 'urn:mace:dir:attribute-def:eduOrgLegalName': 'eduOrgLegalName', - 'urn:mace:dir:attribute-def:eduOrgSuperiorURI': 'eduOrgSuperiorURI', - 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI': 'eduOrgWhitePagesURI', - 'urn:mace:dir:attribute-def:eduPersonAffiliation': 'eduPersonAffiliation', - 'urn:mace:dir:attribute-def:eduPersonEntitlement': 'eduPersonEntitlement', - 'urn:mace:dir:attribute-def:eduPersonNickname': 'eduPersonNickname', - 'urn:mace:dir:attribute-def:eduPersonOrgDN': 'eduPersonOrgDN', - 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN': 'eduPersonOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation', - 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrincipalName': 'eduPersonPrincipalName', - 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation': 'eduPersonScopedAffiliation', - 'urn:mace:dir:attribute-def:eduPersonTargetedID': 'eduPersonTargetedID', - 'urn:mace:dir:attribute-def:email': 'email', - 'urn:mace:dir:attribute-def:emailAddress': 'emailAddress', - 'urn:mace:dir:attribute-def:employeeNumber': 'employeeNumber', - 'urn:mace:dir:attribute-def:employeeType': 'employeeType', - 'urn:mace:dir:attribute-def:enhancedSearchGuide': 'enhancedSearchGuide', - 'urn:mace:dir:attribute-def:facsimileTelephoneNumber': 'facsimileTelephoneNumber', - 'urn:mace:dir:attribute-def:favouriteDrink': 'favouriteDrink', - 'urn:mace:dir:attribute-def:fax': 'fax', - 'urn:mace:dir:attribute-def:federationFeideSchemaVersion': 'federationFeideSchemaVersion', - 'urn:mace:dir:attribute-def:friendlyCountryName': 'friendlyCountryName', - 'urn:mace:dir:attribute-def:generationQualifier': 'generationQualifier', - 'urn:mace:dir:attribute-def:givenName': 'givenName', - 'urn:mace:dir:attribute-def:gn': 'gn', - 'urn:mace:dir:attribute-def:homePhone': 'homePhone', - 'urn:mace:dir:attribute-def:homePostalAddress': 'homePostalAddress', - 'urn:mace:dir:attribute-def:homeTelephoneNumber': 'homeTelephoneNumber', - 'urn:mace:dir:attribute-def:host': 'host', - 'urn:mace:dir:attribute-def:houseIdentifier': 'houseIdentifier', - 'urn:mace:dir:attribute-def:info': 'info', - 'urn:mace:dir:attribute-def:initials': 'initials', - 'urn:mace:dir:attribute-def:internationaliSDNNumber': 'internationaliSDNNumber', - 'urn:mace:dir:attribute-def:janetMailbox': 'janetMailbox', - 'urn:mace:dir:attribute-def:jpegPhoto': 'jpegPhoto', - 'urn:mace:dir:attribute-def:knowledgeInformation': 'knowledgeInformation', - 'urn:mace:dir:attribute-def:l': 'l', - 'urn:mace:dir:attribute-def:labeledURI': 'labeledURI', - 'urn:mace:dir:attribute-def:localityName': 'localityName', - 'urn:mace:dir:attribute-def:mDRecord': 'mDRecord', - 'urn:mace:dir:attribute-def:mXRecord': 'mXRecord', - 'urn:mace:dir:attribute-def:mail': 'mail', - 'urn:mace:dir:attribute-def:mailPreferenceOption': 'mailPreferenceOption', - 'urn:mace:dir:attribute-def:manager': 'manager', - 'urn:mace:dir:attribute-def:member': 'member', - 'urn:mace:dir:attribute-def:mobile': 'mobile', - 'urn:mace:dir:attribute-def:mobileTelephoneNumber': 'mobileTelephoneNumber', - 'urn:mace:dir:attribute-def:nSRecord': 'nSRecord', - 'urn:mace:dir:attribute-def:name': 'name', - 'urn:mace:dir:attribute-def:norEduOrgAcronym': 'norEduOrgAcronym', - 'urn:mace:dir:attribute-def:norEduOrgNIN': 'norEduOrgNIN', - 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion': 'norEduOrgSchemaVersion', - 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber': 'norEduOrgUniqueNumber', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber', - 'urn:mace:dir:attribute-def:norEduPersonBirthDate': 'norEduPersonBirthDate', - 'urn:mace:dir:attribute-def:norEduPersonLIN': 'norEduPersonLIN', - 'urn:mace:dir:attribute-def:norEduPersonNIN': 'norEduPersonNIN', - 'urn:mace:dir:attribute-def:o': 'o', - 'urn:mace:dir:attribute-def:objectClass': 'objectClass', - 'urn:mace:dir:attribute-def:organizationName': 'organizationName', - 'urn:mace:dir:attribute-def:organizationalStatus': 'organizationalStatus', - 'urn:mace:dir:attribute-def:organizationalUnitName': 'organizationalUnitName', - 'urn:mace:dir:attribute-def:otherMailbox': 'otherMailbox', - 'urn:mace:dir:attribute-def:ou': 'ou', - 'urn:mace:dir:attribute-def:owner': 'owner', - 'urn:mace:dir:attribute-def:pager': 'pager', - 'urn:mace:dir:attribute-def:pagerTelephoneNumber': 'pagerTelephoneNumber', - 'urn:mace:dir:attribute-def:personalSignature': 'personalSignature', - 'urn:mace:dir:attribute-def:personalTitle': 'personalTitle', - 'urn:mace:dir:attribute-def:photo': 'photo', - 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName': 'physicalDeliveryOfficeName', - 'urn:mace:dir:attribute-def:pkcs9email': 'pkcs9email', - 'urn:mace:dir:attribute-def:postOfficeBox': 'postOfficeBox', - 'urn:mace:dir:attribute-def:postalAddress': 'postalAddress', - 'urn:mace:dir:attribute-def:postalCode': 'postalCode', - 'urn:mace:dir:attribute-def:preferredDeliveryMethod': 'preferredDeliveryMethod', - 'urn:mace:dir:attribute-def:preferredLanguage': 'preferredLanguage', - 'urn:mace:dir:attribute-def:presentationAddress': 'presentationAddress', - 'urn:mace:dir:attribute-def:protocolInformation': 'protocolInformation', - 'urn:mace:dir:attribute-def:pseudonym': 'pseudonym', - 'urn:mace:dir:attribute-def:registeredAddress': 'registeredAddress', - 'urn:mace:dir:attribute-def:rfc822Mailbox': 'rfc822Mailbox', - 'urn:mace:dir:attribute-def:roleOccupant': 'roleOccupant', - 'urn:mace:dir:attribute-def:roomNumber': 'roomNumber', - 'urn:mace:dir:attribute-def:sOARecord': 'sOARecord', - 'urn:mace:dir:attribute-def:searchGuide': 'searchGuide', - 'urn:mace:dir:attribute-def:secretary': 'secretary', - 'urn:mace:dir:attribute-def:seeAlso': 'seeAlso', - 'urn:mace:dir:attribute-def:serialNumber': 'serialNumber', - 'urn:mace:dir:attribute-def:singleLevelQuality': 'singleLevelQuality', - 'urn:mace:dir:attribute-def:sn': 'sn', - 'urn:mace:dir:attribute-def:st': 'st', - 'urn:mace:dir:attribute-def:stateOrProvinceName': 'stateOrProvinceName', - 'urn:mace:dir:attribute-def:street': 'street', - 'urn:mace:dir:attribute-def:streetAddress': 'streetAddress', - 'urn:mace:dir:attribute-def:subtreeMaximumQuality': 'subtreeMaximumQuality', - 'urn:mace:dir:attribute-def:subtreeMinimumQuality': 'subtreeMinimumQuality', - 'urn:mace:dir:attribute-def:supportedAlgorithms': 'supportedAlgorithms', - 'urn:mace:dir:attribute-def:supportedApplicationContext': 'supportedApplicationContext', - 'urn:mace:dir:attribute-def:surname': 'surname', - 'urn:mace:dir:attribute-def:telephoneNumber': 'telephoneNumber', - 'urn:mace:dir:attribute-def:teletexTerminalIdentifier': 'teletexTerminalIdentifier', - 'urn:mace:dir:attribute-def:telexNumber': 'telexNumber', - 'urn:mace:dir:attribute-def:textEncodedORAddress': 'textEncodedORAddress', - 'urn:mace:dir:attribute-def:title': 'title', - 'urn:mace:dir:attribute-def:uid': 'uid', - 'urn:mace:dir:attribute-def:uniqueIdentifier': 'uniqueIdentifier', - 'urn:mace:dir:attribute-def:uniqueMember': 'uniqueMember', - 'urn:mace:dir:attribute-def:userCertificate': 'userCertificate', - 'urn:mace:dir:attribute-def:userClass': 'userClass', - 'urn:mace:dir:attribute-def:userPKCS12': 'userPKCS12', - 'urn:mace:dir:attribute-def:userPassword': 'userPassword', - 'urn:mace:dir:attribute-def:userSMIMECertificate': 'userSMIMECertificate', - 'urn:mace:dir:attribute-def:userid': 'userid', - 'urn:mace:dir:attribute-def:x121Address': 'x121Address', - 'urn:mace:dir:attribute-def:x500UniqueIdentifier': 'x500UniqueIdentifier', - }, + "urn:mace:dir:attribute-def:aRecord": "aRecord", + "urn:mace:dir:attribute-def:aliasedEntryName": "aliasedEntryName", + "urn:mace:dir:attribute-def:aliasedObjectName": "aliasedObjectName", + "urn:mace:dir:attribute-def:associatedDomain": "associatedDomain", + "urn:mace:dir:attribute-def:associatedName": "associatedName", + "urn:mace:dir:attribute-def:audio": "audio", + "urn:mace:dir:attribute-def:authorityRevocationList": "authorityRevocationList", + "urn:mace:dir:attribute-def:buildingName": "buildingName", + "urn:mace:dir:attribute-def:businessCategory": "businessCategory", + "urn:mace:dir:attribute-def:c": "c", + "urn:mace:dir:attribute-def:cACertificate": "cACertificate", + "urn:mace:dir:attribute-def:cNAMERecord": "cNAMERecord", + "urn:mace:dir:attribute-def:carLicense": "carLicense", + "urn:mace:dir:attribute-def:certificateRevocationList": "certificateRevocationList", + "urn:mace:dir:attribute-def:cn": "cn", + "urn:mace:dir:attribute-def:co": "co", + "urn:mace:dir:attribute-def:commonName": "commonName", + "urn:mace:dir:attribute-def:countryName": "countryName", + "urn:mace:dir:attribute-def:crossCertificatePair": "crossCertificatePair", + "urn:mace:dir:attribute-def:dITRedirect": "dITRedirect", + "urn:mace:dir:attribute-def:dSAQuality": "dSAQuality", + "urn:mace:dir:attribute-def:dc": "dc", + "urn:mace:dir:attribute-def:deltaRevocationList": "deltaRevocationList", + "urn:mace:dir:attribute-def:departmentNumber": "departmentNumber", + "urn:mace:dir:attribute-def:description": "description", + "urn:mace:dir:attribute-def:destinationIndicator": "destinationIndicator", + "urn:mace:dir:attribute-def:displayName": "displayName", + "urn:mace:dir:attribute-def:distinguishedName": "distinguishedName", + "urn:mace:dir:attribute-def:dmdName": "dmdName", + "urn:mace:dir:attribute-def:dnQualifier": "dnQualifier", + "urn:mace:dir:attribute-def:documentAuthor": "documentAuthor", + "urn:mace:dir:attribute-def:documentIdentifier": "documentIdentifier", + "urn:mace:dir:attribute-def:documentLocation": "documentLocation", + "urn:mace:dir:attribute-def:documentPublisher": "documentPublisher", + "urn:mace:dir:attribute-def:documentTitle": "documentTitle", + "urn:mace:dir:attribute-def:documentVersion": "documentVersion", + "urn:mace:dir:attribute-def:domainComponent": "domainComponent", + "urn:mace:dir:attribute-def:drink": "drink", + "urn:mace:dir:attribute-def:eduOrgHomePageURI": "eduOrgHomePageURI", + "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI": "eduOrgIdentityAuthNPolicyURI", + "urn:mace:dir:attribute-def:eduOrgLegalName": "eduOrgLegalName", + "urn:mace:dir:attribute-def:eduOrgSuperiorURI": "eduOrgSuperiorURI", + "urn:mace:dir:attribute-def:eduOrgWhitePagesURI": "eduOrgWhitePagesURI", + "urn:mace:dir:attribute-def:eduPersonAffiliation": "eduPersonAffiliation", + "urn:mace:dir:attribute-def:eduPersonEntitlement": "eduPersonEntitlement", + "urn:mace:dir:attribute-def:eduPersonNickname": "eduPersonNickname", + "urn:mace:dir:attribute-def:eduPersonOrgDN": "eduPersonOrgDN", + "urn:mace:dir:attribute-def:eduPersonOrgUnitDN": "eduPersonOrgUnitDN", + "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation": "eduPersonPrimaryAffiliation", + "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN": "eduPersonPrimaryOrgUnitDN", + "urn:mace:dir:attribute-def:eduPersonPrincipalName": "eduPersonPrincipalName", + "urn:mace:dir:attribute-def:eduPersonScopedAffiliation": "eduPersonScopedAffiliation", + "urn:mace:dir:attribute-def:eduPersonTargetedID": "eduPersonTargetedID", + "urn:mace:dir:attribute-def:email": "email", + "urn:mace:dir:attribute-def:emailAddress": "emailAddress", + "urn:mace:dir:attribute-def:employeeNumber": "employeeNumber", + "urn:mace:dir:attribute-def:employeeType": "employeeType", + "urn:mace:dir:attribute-def:enhancedSearchGuide": "enhancedSearchGuide", + "urn:mace:dir:attribute-def:facsimileTelephoneNumber": "facsimileTelephoneNumber", + "urn:mace:dir:attribute-def:favouriteDrink": "favouriteDrink", + "urn:mace:dir:attribute-def:fax": "fax", + "urn:mace:dir:attribute-def:federationFeideSchemaVersion": "federationFeideSchemaVersion", + "urn:mace:dir:attribute-def:friendlyCountryName": "friendlyCountryName", + "urn:mace:dir:attribute-def:generationQualifier": "generationQualifier", + "urn:mace:dir:attribute-def:givenName": "givenName", + "urn:mace:dir:attribute-def:gn": "gn", + "urn:mace:dir:attribute-def:homePhone": "homePhone", + "urn:mace:dir:attribute-def:homePostalAddress": "homePostalAddress", + "urn:mace:dir:attribute-def:homeTelephoneNumber": "homeTelephoneNumber", + "urn:mace:dir:attribute-def:host": "host", + "urn:mace:dir:attribute-def:houseIdentifier": "houseIdentifier", + "urn:mace:dir:attribute-def:info": "info", + "urn:mace:dir:attribute-def:initials": "initials", + "urn:mace:dir:attribute-def:internationaliSDNNumber": "internationaliSDNNumber", + "urn:mace:dir:attribute-def:janetMailbox": "janetMailbox", + "urn:mace:dir:attribute-def:jpegPhoto": "jpegPhoto", + "urn:mace:dir:attribute-def:knowledgeInformation": "knowledgeInformation", + "urn:mace:dir:attribute-def:l": "l", + "urn:mace:dir:attribute-def:labeledURI": "labeledURI", + "urn:mace:dir:attribute-def:localityName": "localityName", + "urn:mace:dir:attribute-def:mDRecord": "mDRecord", + "urn:mace:dir:attribute-def:mXRecord": "mXRecord", + "urn:mace:dir:attribute-def:mail": "mail", + "urn:mace:dir:attribute-def:mailPreferenceOption": "mailPreferenceOption", + "urn:mace:dir:attribute-def:manager": "manager", + "urn:mace:dir:attribute-def:member": "member", + "urn:mace:dir:attribute-def:mobile": "mobile", + "urn:mace:dir:attribute-def:mobileTelephoneNumber": "mobileTelephoneNumber", + "urn:mace:dir:attribute-def:nSRecord": "nSRecord", + "urn:mace:dir:attribute-def:name": "name", + "urn:mace:dir:attribute-def:norEduOrgAcronym": "norEduOrgAcronym", + "urn:mace:dir:attribute-def:norEduOrgNIN": "norEduOrgNIN", + "urn:mace:dir:attribute-def:norEduOrgSchemaVersion": "norEduOrgSchemaVersion", + "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier": "norEduOrgUniqueIdentifier", + "urn:mace:dir:attribute-def:norEduOrgUniqueNumber": "norEduOrgUniqueNumber", + "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier": "norEduOrgUnitUniqueIdentifier", + "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber": "norEduOrgUnitUniqueNumber", + "urn:mace:dir:attribute-def:norEduPersonBirthDate": "norEduPersonBirthDate", + "urn:mace:dir:attribute-def:norEduPersonLIN": "norEduPersonLIN", + "urn:mace:dir:attribute-def:norEduPersonNIN": "norEduPersonNIN", + "urn:mace:dir:attribute-def:o": "o", + "urn:mace:dir:attribute-def:objectClass": "objectClass", + "urn:mace:dir:attribute-def:organizationName": "organizationName", + "urn:mace:dir:attribute-def:organizationalStatus": "organizationalStatus", + "urn:mace:dir:attribute-def:organizationalUnitName": "organizationalUnitName", + "urn:mace:dir:attribute-def:otherMailbox": "otherMailbox", + "urn:mace:dir:attribute-def:ou": "ou", + "urn:mace:dir:attribute-def:owner": "owner", + "urn:mace:dir:attribute-def:pager": "pager", + "urn:mace:dir:attribute-def:pagerTelephoneNumber": "pagerTelephoneNumber", + "urn:mace:dir:attribute-def:personalSignature": "personalSignature", + "urn:mace:dir:attribute-def:personalTitle": "personalTitle", + "urn:mace:dir:attribute-def:photo": "photo", + "urn:mace:dir:attribute-def:physicalDeliveryOfficeName": "physicalDeliveryOfficeName", + "urn:mace:dir:attribute-def:pkcs9email": "pkcs9email", + "urn:mace:dir:attribute-def:postOfficeBox": "postOfficeBox", + "urn:mace:dir:attribute-def:postalAddress": "postalAddress", + "urn:mace:dir:attribute-def:postalCode": "postalCode", + "urn:mace:dir:attribute-def:preferredDeliveryMethod": "preferredDeliveryMethod", + "urn:mace:dir:attribute-def:preferredLanguage": "preferredLanguage", + "urn:mace:dir:attribute-def:presentationAddress": "presentationAddress", + "urn:mace:dir:attribute-def:protocolInformation": "protocolInformation", + "urn:mace:dir:attribute-def:pseudonym": "pseudonym", + "urn:mace:dir:attribute-def:registeredAddress": "registeredAddress", + "urn:mace:dir:attribute-def:rfc822Mailbox": "rfc822Mailbox", + "urn:mace:dir:attribute-def:roleOccupant": "roleOccupant", + "urn:mace:dir:attribute-def:roomNumber": "roomNumber", + "urn:mace:dir:attribute-def:sOARecord": "sOARecord", + "urn:mace:dir:attribute-def:searchGuide": "searchGuide", + "urn:mace:dir:attribute-def:secretary": "secretary", + "urn:mace:dir:attribute-def:seeAlso": "seeAlso", + "urn:mace:dir:attribute-def:serialNumber": "serialNumber", + "urn:mace:dir:attribute-def:singleLevelQuality": "singleLevelQuality", + "urn:mace:dir:attribute-def:sn": "sn", + "urn:mace:dir:attribute-def:st": "st", + "urn:mace:dir:attribute-def:stateOrProvinceName": "stateOrProvinceName", + "urn:mace:dir:attribute-def:street": "street", + "urn:mace:dir:attribute-def:streetAddress": "streetAddress", + "urn:mace:dir:attribute-def:subtreeMaximumQuality": "subtreeMaximumQuality", + "urn:mace:dir:attribute-def:subtreeMinimumQuality": "subtreeMinimumQuality", + "urn:mace:dir:attribute-def:supportedAlgorithms": "supportedAlgorithms", + "urn:mace:dir:attribute-def:supportedApplicationContext": "supportedApplicationContext", + "urn:mace:dir:attribute-def:surname": "surname", + "urn:mace:dir:attribute-def:telephoneNumber": "telephoneNumber", + "urn:mace:dir:attribute-def:teletexTerminalIdentifier": "teletexTerminalIdentifier", + "urn:mace:dir:attribute-def:telexNumber": "telexNumber", + "urn:mace:dir:attribute-def:textEncodedORAddress": "textEncodedORAddress", + "urn:mace:dir:attribute-def:title": "title", + "urn:mace:dir:attribute-def:uid": "uid", + "urn:mace:dir:attribute-def:uniqueIdentifier": "uniqueIdentifier", + "urn:mace:dir:attribute-def:uniqueMember": "uniqueMember", + "urn:mace:dir:attribute-def:userCertificate": "userCertificate", + "urn:mace:dir:attribute-def:userClass": "userClass", + "urn:mace:dir:attribute-def:userPKCS12": "userPKCS12", + "urn:mace:dir:attribute-def:userPassword": "userPassword", + "urn:mace:dir:attribute-def:userSMIMECertificate": "userSMIMECertificate", + "urn:mace:dir:attribute-def:userid": "userid", + "urn:mace:dir:attribute-def:x121Address": "x121Address", + "urn:mace:dir:attribute-def:x500UniqueIdentifier": "x500UniqueIdentifier", + }, "to": { - 'aRecord': 'urn:mace:dir:attribute-def:aRecord', - 'aliasedEntryName': 'urn:mace:dir:attribute-def:aliasedEntryName', - 'aliasedObjectName': 'urn:mace:dir:attribute-def:aliasedObjectName', - 'associatedDomain': 'urn:mace:dir:attribute-def:associatedDomain', - 'associatedName': 'urn:mace:dir:attribute-def:associatedName', - 'audio': 'urn:mace:dir:attribute-def:audio', - 'authorityRevocationList': 'urn:mace:dir:attribute-def:authorityRevocationList', - 'buildingName': 'urn:mace:dir:attribute-def:buildingName', - 'businessCategory': 'urn:mace:dir:attribute-def:businessCategory', - 'c': 'urn:mace:dir:attribute-def:c', - 'cACertificate': 'urn:mace:dir:attribute-def:cACertificate', - 'cNAMERecord': 'urn:mace:dir:attribute-def:cNAMERecord', - 'carLicense': 'urn:mace:dir:attribute-def:carLicense', - 'certificateRevocationList': 'urn:mace:dir:attribute-def:certificateRevocationList', - 'cn': 'urn:mace:dir:attribute-def:cn', - 'co': 'urn:mace:dir:attribute-def:co', - 'commonName': 'urn:mace:dir:attribute-def:commonName', - 'countryName': 'urn:mace:dir:attribute-def:countryName', - 'crossCertificatePair': 'urn:mace:dir:attribute-def:crossCertificatePair', - 'dITRedirect': 'urn:mace:dir:attribute-def:dITRedirect', - 'dSAQuality': 'urn:mace:dir:attribute-def:dSAQuality', - 'dc': 'urn:mace:dir:attribute-def:dc', - 'deltaRevocationList': 'urn:mace:dir:attribute-def:deltaRevocationList', - 'departmentNumber': 'urn:mace:dir:attribute-def:departmentNumber', - 'description': 'urn:mace:dir:attribute-def:description', - 'destinationIndicator': 'urn:mace:dir:attribute-def:destinationIndicator', - 'displayName': 'urn:mace:dir:attribute-def:displayName', - 'distinguishedName': 'urn:mace:dir:attribute-def:distinguishedName', - 'dmdName': 'urn:mace:dir:attribute-def:dmdName', - 'dnQualifier': 'urn:mace:dir:attribute-def:dnQualifier', - 'documentAuthor': 'urn:mace:dir:attribute-def:documentAuthor', - 'documentIdentifier': 'urn:mace:dir:attribute-def:documentIdentifier', - 'documentLocation': 'urn:mace:dir:attribute-def:documentLocation', - 'documentPublisher': 'urn:mace:dir:attribute-def:documentPublisher', - 'documentTitle': 'urn:mace:dir:attribute-def:documentTitle', - 'documentVersion': 'urn:mace:dir:attribute-def:documentVersion', - 'domainComponent': 'urn:mace:dir:attribute-def:domainComponent', - 'drink': 'urn:mace:dir:attribute-def:drink', - 'eduOrgHomePageURI': 'urn:mace:dir:attribute-def:eduOrgHomePageURI', - 'eduOrgIdentityAuthNPolicyURI': 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI', - 'eduOrgLegalName': 'urn:mace:dir:attribute-def:eduOrgLegalName', - 'eduOrgSuperiorURI': 'urn:mace:dir:attribute-def:eduOrgSuperiorURI', - 'eduOrgWhitePagesURI': 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI', - 'eduPersonAffiliation': 'urn:mace:dir:attribute-def:eduPersonAffiliation', - 'eduPersonEntitlement': 'urn:mace:dir:attribute-def:eduPersonEntitlement', - 'eduPersonNickname': 'urn:mace:dir:attribute-def:eduPersonNickname', - 'eduPersonOrgDN': 'urn:mace:dir:attribute-def:eduPersonOrgDN', - 'eduPersonOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN', - 'eduPersonPrimaryAffiliation': 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation', - 'eduPersonPrimaryOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN', - 'eduPersonPrincipalName': 'urn:mace:dir:attribute-def:eduPersonPrincipalName', - 'eduPersonScopedAffiliation': 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation', - 'eduPersonTargetedID': 'urn:mace:dir:attribute-def:eduPersonTargetedID', - 'email': 'urn:mace:dir:attribute-def:email', - 'emailAddress': 'urn:mace:dir:attribute-def:emailAddress', - 'employeeNumber': 'urn:mace:dir:attribute-def:employeeNumber', - 'employeeType': 'urn:mace:dir:attribute-def:employeeType', - 'enhancedSearchGuide': 'urn:mace:dir:attribute-def:enhancedSearchGuide', - 'facsimileTelephoneNumber': 'urn:mace:dir:attribute-def:facsimileTelephoneNumber', - 'favouriteDrink': 'urn:mace:dir:attribute-def:favouriteDrink', - 'fax': 'urn:mace:dir:attribute-def:fax', - 'federationFeideSchemaVersion': 'urn:mace:dir:attribute-def:federationFeideSchemaVersion', - 'friendlyCountryName': 'urn:mace:dir:attribute-def:friendlyCountryName', - 'generationQualifier': 'urn:mace:dir:attribute-def:generationQualifier', - 'givenName': 'urn:mace:dir:attribute-def:givenName', - 'gn': 'urn:mace:dir:attribute-def:gn', - 'homePhone': 'urn:mace:dir:attribute-def:homePhone', - 'homePostalAddress': 'urn:mace:dir:attribute-def:homePostalAddress', - 'homeTelephoneNumber': 'urn:mace:dir:attribute-def:homeTelephoneNumber', - 'host': 'urn:mace:dir:attribute-def:host', - 'houseIdentifier': 'urn:mace:dir:attribute-def:houseIdentifier', - 'info': 'urn:mace:dir:attribute-def:info', - 'initials': 'urn:mace:dir:attribute-def:initials', - 'internationaliSDNNumber': 'urn:mace:dir:attribute-def:internationaliSDNNumber', - 'janetMailbox': 'urn:mace:dir:attribute-def:janetMailbox', - 'jpegPhoto': 'urn:mace:dir:attribute-def:jpegPhoto', - 'knowledgeInformation': 'urn:mace:dir:attribute-def:knowledgeInformation', - 'l': 'urn:mace:dir:attribute-def:l', - 'labeledURI': 'urn:mace:dir:attribute-def:labeledURI', - 'localityName': 'urn:mace:dir:attribute-def:localityName', - 'mDRecord': 'urn:mace:dir:attribute-def:mDRecord', - 'mXRecord': 'urn:mace:dir:attribute-def:mXRecord', - 'mail': 'urn:mace:dir:attribute-def:mail', - 'mailPreferenceOption': 'urn:mace:dir:attribute-def:mailPreferenceOption', - 'manager': 'urn:mace:dir:attribute-def:manager', - 'member': 'urn:mace:dir:attribute-def:member', - 'mobile': 'urn:mace:dir:attribute-def:mobile', - 'mobileTelephoneNumber': 'urn:mace:dir:attribute-def:mobileTelephoneNumber', - 'nSRecord': 'urn:mace:dir:attribute-def:nSRecord', - 'name': 'urn:mace:dir:attribute-def:name', - 'norEduOrgAcronym': 'urn:mace:dir:attribute-def:norEduOrgAcronym', - 'norEduOrgNIN': 'urn:mace:dir:attribute-def:norEduOrgNIN', - 'norEduOrgSchemaVersion': 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion', - 'norEduOrgUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier', - 'norEduOrgUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber', - 'norEduOrgUnitUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier', - 'norEduOrgUnitUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber', - 'norEduPersonBirthDate': 'urn:mace:dir:attribute-def:norEduPersonBirthDate', - 'norEduPersonLIN': 'urn:mace:dir:attribute-def:norEduPersonLIN', - 'norEduPersonNIN': 'urn:mace:dir:attribute-def:norEduPersonNIN', - 'o': 'urn:mace:dir:attribute-def:o', - 'objectClass': 'urn:mace:dir:attribute-def:objectClass', - 'organizationName': 'urn:mace:dir:attribute-def:organizationName', - 'organizationalStatus': 'urn:mace:dir:attribute-def:organizationalStatus', - 'organizationalUnitName': 'urn:mace:dir:attribute-def:organizationalUnitName', - 'otherMailbox': 'urn:mace:dir:attribute-def:otherMailbox', - 'ou': 'urn:mace:dir:attribute-def:ou', - 'owner': 'urn:mace:dir:attribute-def:owner', - 'pager': 'urn:mace:dir:attribute-def:pager', - 'pagerTelephoneNumber': 'urn:mace:dir:attribute-def:pagerTelephoneNumber', - 'personalSignature': 'urn:mace:dir:attribute-def:personalSignature', - 'personalTitle': 'urn:mace:dir:attribute-def:personalTitle', - 'photo': 'urn:mace:dir:attribute-def:photo', - 'physicalDeliveryOfficeName': 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName', - 'pkcs9email': 'urn:mace:dir:attribute-def:pkcs9email', - 'postOfficeBox': 'urn:mace:dir:attribute-def:postOfficeBox', - 'postalAddress': 'urn:mace:dir:attribute-def:postalAddress', - 'postalCode': 'urn:mace:dir:attribute-def:postalCode', - 'preferredDeliveryMethod': 'urn:mace:dir:attribute-def:preferredDeliveryMethod', - 'preferredLanguage': 'urn:mace:dir:attribute-def:preferredLanguage', - 'presentationAddress': 'urn:mace:dir:attribute-def:presentationAddress', - 'protocolInformation': 'urn:mace:dir:attribute-def:protocolInformation', - 'pseudonym': 'urn:mace:dir:attribute-def:pseudonym', - 'registeredAddress': 'urn:mace:dir:attribute-def:registeredAddress', - 'rfc822Mailbox': 'urn:mace:dir:attribute-def:rfc822Mailbox', - 'roleOccupant': 'urn:mace:dir:attribute-def:roleOccupant', - 'roomNumber': 'urn:mace:dir:attribute-def:roomNumber', - 'sOARecord': 'urn:mace:dir:attribute-def:sOARecord', - 'searchGuide': 'urn:mace:dir:attribute-def:searchGuide', - 'secretary': 'urn:mace:dir:attribute-def:secretary', - 'seeAlso': 'urn:mace:dir:attribute-def:seeAlso', - 'serialNumber': 'urn:mace:dir:attribute-def:serialNumber', - 'singleLevelQuality': 'urn:mace:dir:attribute-def:singleLevelQuality', - 'sn': 'urn:mace:dir:attribute-def:sn', - 'st': 'urn:mace:dir:attribute-def:st', - 'stateOrProvinceName': 'urn:mace:dir:attribute-def:stateOrProvinceName', - 'street': 'urn:mace:dir:attribute-def:street', - 'streetAddress': 'urn:mace:dir:attribute-def:streetAddress', - 'subtreeMaximumQuality': 'urn:mace:dir:attribute-def:subtreeMaximumQuality', - 'subtreeMinimumQuality': 'urn:mace:dir:attribute-def:subtreeMinimumQuality', - 'supportedAlgorithms': 'urn:mace:dir:attribute-def:supportedAlgorithms', - 'supportedApplicationContext': 'urn:mace:dir:attribute-def:supportedApplicationContext', - 'surname': 'urn:mace:dir:attribute-def:surname', - 'telephoneNumber': 'urn:mace:dir:attribute-def:telephoneNumber', - 'teletexTerminalIdentifier': 'urn:mace:dir:attribute-def:teletexTerminalIdentifier', - 'telexNumber': 'urn:mace:dir:attribute-def:telexNumber', - 'textEncodedORAddress': 'urn:mace:dir:attribute-def:textEncodedORAddress', - 'title': 'urn:mace:dir:attribute-def:title', - 'uid': 'urn:mace:dir:attribute-def:uid', - 'uniqueIdentifier': 'urn:mace:dir:attribute-def:uniqueIdentifier', - 'uniqueMember': 'urn:mace:dir:attribute-def:uniqueMember', - 'userCertificate': 'urn:mace:dir:attribute-def:userCertificate', - 'userClass': 'urn:mace:dir:attribute-def:userClass', - 'userPKCS12': 'urn:mace:dir:attribute-def:userPKCS12', - 'userPassword': 'urn:mace:dir:attribute-def:userPassword', - 'userSMIMECertificate': 'urn:mace:dir:attribute-def:userSMIMECertificate', - 'userid': 'urn:mace:dir:attribute-def:userid', - 'x121Address': 'urn:mace:dir:attribute-def:x121Address', - 'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier', - } -} \ No newline at end of file + "aRecord": "urn:mace:dir:attribute-def:aRecord", + "aliasedEntryName": "urn:mace:dir:attribute-def:aliasedEntryName", + "aliasedObjectName": "urn:mace:dir:attribute-def:aliasedObjectName", + "associatedDomain": "urn:mace:dir:attribute-def:associatedDomain", + "associatedName": "urn:mace:dir:attribute-def:associatedName", + "audio": "urn:mace:dir:attribute-def:audio", + "authorityRevocationList": "urn:mace:dir:attribute-def:authorityRevocationList", + "buildingName": "urn:mace:dir:attribute-def:buildingName", + "businessCategory": "urn:mace:dir:attribute-def:businessCategory", + "c": "urn:mace:dir:attribute-def:c", + "cACertificate": "urn:mace:dir:attribute-def:cACertificate", + "cNAMERecord": "urn:mace:dir:attribute-def:cNAMERecord", + "carLicense": "urn:mace:dir:attribute-def:carLicense", + "certificateRevocationList": "urn:mace:dir:attribute-def:certificateRevocationList", + "cn": "urn:mace:dir:attribute-def:cn", + "co": "urn:mace:dir:attribute-def:co", + "commonName": "urn:mace:dir:attribute-def:commonName", + "countryName": "urn:mace:dir:attribute-def:countryName", + "crossCertificatePair": "urn:mace:dir:attribute-def:crossCertificatePair", + "dITRedirect": "urn:mace:dir:attribute-def:dITRedirect", + "dSAQuality": "urn:mace:dir:attribute-def:dSAQuality", + "dc": "urn:mace:dir:attribute-def:dc", + "deltaRevocationList": "urn:mace:dir:attribute-def:deltaRevocationList", + "departmentNumber": "urn:mace:dir:attribute-def:departmentNumber", + "description": "urn:mace:dir:attribute-def:description", + "destinationIndicator": "urn:mace:dir:attribute-def:destinationIndicator", + "displayName": "urn:mace:dir:attribute-def:displayName", + "distinguishedName": "urn:mace:dir:attribute-def:distinguishedName", + "dmdName": "urn:mace:dir:attribute-def:dmdName", + "dnQualifier": "urn:mace:dir:attribute-def:dnQualifier", + "documentAuthor": "urn:mace:dir:attribute-def:documentAuthor", + "documentIdentifier": "urn:mace:dir:attribute-def:documentIdentifier", + "documentLocation": "urn:mace:dir:attribute-def:documentLocation", + "documentPublisher": "urn:mace:dir:attribute-def:documentPublisher", + "documentTitle": "urn:mace:dir:attribute-def:documentTitle", + "documentVersion": "urn:mace:dir:attribute-def:documentVersion", + "domainComponent": "urn:mace:dir:attribute-def:domainComponent", + "drink": "urn:mace:dir:attribute-def:drink", + "eduOrgHomePageURI": "urn:mace:dir:attribute-def:eduOrgHomePageURI", + "eduOrgIdentityAuthNPolicyURI": "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI", + "eduOrgLegalName": "urn:mace:dir:attribute-def:eduOrgLegalName", + "eduOrgSuperiorURI": "urn:mace:dir:attribute-def:eduOrgSuperiorURI", + "eduOrgWhitePagesURI": "urn:mace:dir:attribute-def:eduOrgWhitePagesURI", + "eduPersonAffiliation": "urn:mace:dir:attribute-def:eduPersonAffiliation", + "eduPersonEntitlement": "urn:mace:dir:attribute-def:eduPersonEntitlement", + "eduPersonNickname": "urn:mace:dir:attribute-def:eduPersonNickname", + "eduPersonOrgDN": "urn:mace:dir:attribute-def:eduPersonOrgDN", + "eduPersonOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonOrgUnitDN", + "eduPersonPrimaryAffiliation": "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation", + "eduPersonPrimaryOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN", + "eduPersonPrincipalName": "urn:mace:dir:attribute-def:eduPersonPrincipalName", + "eduPersonScopedAffiliation": "urn:mace:dir:attribute-def:eduPersonScopedAffiliation", + "eduPersonTargetedID": "urn:mace:dir:attribute-def:eduPersonTargetedID", + "email": "urn:mace:dir:attribute-def:email", + "emailAddress": "urn:mace:dir:attribute-def:emailAddress", + "employeeNumber": "urn:mace:dir:attribute-def:employeeNumber", + "employeeType": "urn:mace:dir:attribute-def:employeeType", + "enhancedSearchGuide": "urn:mace:dir:attribute-def:enhancedSearchGuide", + "facsimileTelephoneNumber": "urn:mace:dir:attribute-def:facsimileTelephoneNumber", + "favouriteDrink": "urn:mace:dir:attribute-def:favouriteDrink", + "fax": "urn:mace:dir:attribute-def:fax", + "federationFeideSchemaVersion": "urn:mace:dir:attribute-def:federationFeideSchemaVersion", + "friendlyCountryName": "urn:mace:dir:attribute-def:friendlyCountryName", + "generationQualifier": "urn:mace:dir:attribute-def:generationQualifier", + "givenName": "urn:mace:dir:attribute-def:givenName", + "gn": "urn:mace:dir:attribute-def:gn", + "homePhone": "urn:mace:dir:attribute-def:homePhone", + "homePostalAddress": "urn:mace:dir:attribute-def:homePostalAddress", + "homeTelephoneNumber": "urn:mace:dir:attribute-def:homeTelephoneNumber", + "host": "urn:mace:dir:attribute-def:host", + "houseIdentifier": "urn:mace:dir:attribute-def:houseIdentifier", + "info": "urn:mace:dir:attribute-def:info", + "initials": "urn:mace:dir:attribute-def:initials", + "internationaliSDNNumber": "urn:mace:dir:attribute-def:internationaliSDNNumber", + "janetMailbox": "urn:mace:dir:attribute-def:janetMailbox", + "jpegPhoto": "urn:mace:dir:attribute-def:jpegPhoto", + "knowledgeInformation": "urn:mace:dir:attribute-def:knowledgeInformation", + "l": "urn:mace:dir:attribute-def:l", + "labeledURI": "urn:mace:dir:attribute-def:labeledURI", + "localityName": "urn:mace:dir:attribute-def:localityName", + "mDRecord": "urn:mace:dir:attribute-def:mDRecord", + "mXRecord": "urn:mace:dir:attribute-def:mXRecord", + "mail": "urn:mace:dir:attribute-def:mail", + "mailPreferenceOption": "urn:mace:dir:attribute-def:mailPreferenceOption", + "manager": "urn:mace:dir:attribute-def:manager", + "member": "urn:mace:dir:attribute-def:member", + "mobile": "urn:mace:dir:attribute-def:mobile", + "mobileTelephoneNumber": "urn:mace:dir:attribute-def:mobileTelephoneNumber", + "nSRecord": "urn:mace:dir:attribute-def:nSRecord", + "name": "urn:mace:dir:attribute-def:name", + "norEduOrgAcronym": "urn:mace:dir:attribute-def:norEduOrgAcronym", + "norEduOrgNIN": "urn:mace:dir:attribute-def:norEduOrgNIN", + "norEduOrgSchemaVersion": "urn:mace:dir:attribute-def:norEduOrgSchemaVersion", + "norEduOrgUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier", + "norEduOrgUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUniqueNumber", + "norEduOrgUnitUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier", + "norEduOrgUnitUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber", + "norEduPersonBirthDate": "urn:mace:dir:attribute-def:norEduPersonBirthDate", + "norEduPersonLIN": "urn:mace:dir:attribute-def:norEduPersonLIN", + "norEduPersonNIN": "urn:mace:dir:attribute-def:norEduPersonNIN", + "o": "urn:mace:dir:attribute-def:o", + "objectClass": "urn:mace:dir:attribute-def:objectClass", + "organizationName": "urn:mace:dir:attribute-def:organizationName", + "organizationalStatus": "urn:mace:dir:attribute-def:organizationalStatus", + "organizationalUnitName": "urn:mace:dir:attribute-def:organizationalUnitName", + "otherMailbox": "urn:mace:dir:attribute-def:otherMailbox", + "ou": "urn:mace:dir:attribute-def:ou", + "owner": "urn:mace:dir:attribute-def:owner", + "pager": "urn:mace:dir:attribute-def:pager", + "pagerTelephoneNumber": "urn:mace:dir:attribute-def:pagerTelephoneNumber", + "personalSignature": "urn:mace:dir:attribute-def:personalSignature", + "personalTitle": "urn:mace:dir:attribute-def:personalTitle", + "photo": "urn:mace:dir:attribute-def:photo", + "physicalDeliveryOfficeName": "urn:mace:dir:attribute-def:physicalDeliveryOfficeName", + "pkcs9email": "urn:mace:dir:attribute-def:pkcs9email", + "postOfficeBox": "urn:mace:dir:attribute-def:postOfficeBox", + "postalAddress": "urn:mace:dir:attribute-def:postalAddress", + "postalCode": "urn:mace:dir:attribute-def:postalCode", + "preferredDeliveryMethod": "urn:mace:dir:attribute-def:preferredDeliveryMethod", + "preferredLanguage": "urn:mace:dir:attribute-def:preferredLanguage", + "presentationAddress": "urn:mace:dir:attribute-def:presentationAddress", + "protocolInformation": "urn:mace:dir:attribute-def:protocolInformation", + "pseudonym": "urn:mace:dir:attribute-def:pseudonym", + "registeredAddress": "urn:mace:dir:attribute-def:registeredAddress", + "rfc822Mailbox": "urn:mace:dir:attribute-def:rfc822Mailbox", + "roleOccupant": "urn:mace:dir:attribute-def:roleOccupant", + "roomNumber": "urn:mace:dir:attribute-def:roomNumber", + "sOARecord": "urn:mace:dir:attribute-def:sOARecord", + "searchGuide": "urn:mace:dir:attribute-def:searchGuide", + "secretary": "urn:mace:dir:attribute-def:secretary", + "seeAlso": "urn:mace:dir:attribute-def:seeAlso", + "serialNumber": "urn:mace:dir:attribute-def:serialNumber", + "singleLevelQuality": "urn:mace:dir:attribute-def:singleLevelQuality", + "sn": "urn:mace:dir:attribute-def:sn", + "st": "urn:mace:dir:attribute-def:st", + "stateOrProvinceName": "urn:mace:dir:attribute-def:stateOrProvinceName", + "street": "urn:mace:dir:attribute-def:street", + "streetAddress": "urn:mace:dir:attribute-def:streetAddress", + "subtreeMaximumQuality": "urn:mace:dir:attribute-def:subtreeMaximumQuality", + "subtreeMinimumQuality": "urn:mace:dir:attribute-def:subtreeMinimumQuality", + "supportedAlgorithms": "urn:mace:dir:attribute-def:supportedAlgorithms", + "supportedApplicationContext": "urn:mace:dir:attribute-def:supportedApplicationContext", + "surname": "urn:mace:dir:attribute-def:surname", + "telephoneNumber": "urn:mace:dir:attribute-def:telephoneNumber", + "teletexTerminalIdentifier": "urn:mace:dir:attribute-def:teletexTerminalIdentifier", + "telexNumber": "urn:mace:dir:attribute-def:telexNumber", + "textEncodedORAddress": "urn:mace:dir:attribute-def:textEncodedORAddress", + "title": "urn:mace:dir:attribute-def:title", + "uid": "urn:mace:dir:attribute-def:uid", + "uniqueIdentifier": "urn:mace:dir:attribute-def:uniqueIdentifier", + "uniqueMember": "urn:mace:dir:attribute-def:uniqueMember", + "userCertificate": "urn:mace:dir:attribute-def:userCertificate", + "userClass": "urn:mace:dir:attribute-def:userClass", + "userPKCS12": "urn:mace:dir:attribute-def:userPKCS12", + "userPassword": "urn:mace:dir:attribute-def:userPassword", + "userSMIMECertificate": "urn:mace:dir:attribute-def:userSMIMECertificate", + "userid": "urn:mace:dir:attribute-def:userid", + "x121Address": "urn:mace:dir:attribute-def:x121Address", + "x500UniqueIdentifier": "urn:mace:dir:attribute-def:x500UniqueIdentifier", + }, +} diff --git a/example/sp-repoze/attributemaps/saml_uri.py b/example/sp-repoze/attributemaps/saml_uri.py index 1c9d37304..a66725590 100644 --- a/example/sp-repoze/attributemaps/saml_uri.py +++ b/example/sp-repoze/attributemaps/saml_uri.py @@ -1,199 +1,199 @@ -__author__ = 'rolandh' +__author__ = "rolandh" EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1." X500ATTR_OID = "urn:oid:2.5.4." NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1." NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1." -UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.' +UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1." PKCS_9 = "urn:oid:1.2.840.113549.1.9.1." UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "fro": { - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP+'241': 'displayName', - UCL_DIR_PILOT+'37': 'associatedDomain', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - X500ATTR_OID+'53': 'deltaRevocationList', - X500ATTR_OID+'52': 'supportedAlgorithms', - X500ATTR_OID+'51': 'houseIdentifier', - X500ATTR_OID+'50': 'uniqueMember', - X500ATTR_OID+'19': 'physicalDeliveryOfficeName', - X500ATTR_OID+'18': 'postOfficeBox', - X500ATTR_OID+'17': 'postalCode', - X500ATTR_OID+'16': 'postalAddress', - X500ATTR_OID+'15': 'businessCategory', - X500ATTR_OID+'14': 'searchGuide', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - X500ATTR_OID+'12': 'title', - X500ATTR_OID+'11': 'ou', - X500ATTR_OID+'10': 'o', - X500ATTR_OID+'37': 'cACertificate', - X500ATTR_OID+'36': 'userCertificate', - X500ATTR_OID+'31': 'member', - X500ATTR_OID+'30': 'supportedApplicationContext', - X500ATTR_OID+'33': 'roleOccupant', - X500ATTR_OID+'32': 'owner', - NETSCAPE_LDAP+'1': 'carLicense', - PKCS_9+'1': 'email', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'2': 'departmentNumber', - X500ATTR_OID+'39': 'certificateRevocationList', - X500ATTR_OID+'38': 'authorityRevocationList', - NETSCAPE_LDAP+'216': 'userPKCS12', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR_OID+'9': 'street', - X500ATTR_OID+'8': 'st', - NETSCAPE_LDAP+'39': 'preferredLanguage', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - X500ATTR_OID+'2': 'knowledgeInformation', - X500ATTR_OID+'7': 'l', - X500ATTR_OID+'6': 'c', - X500ATTR_OID+'5': 'serialNumber', - X500ATTR_OID+'4': 'sn', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR_OID+'65': 'pseudonym', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - X500ATTR_OID+'40': 'crossCertificatePair', - X500ATTR_OID+'42': 'givenName', - X500ATTR_OID+'43': 'initials', - X500ATTR_OID+'44': 'generationQualifier', - X500ATTR_OID+'45': 'x500UniqueIdentifier', - X500ATTR_OID+'46': 'dnQualifier', - X500ATTR_OID+'47': 'enhancedSearchGuide', - X500ATTR_OID+'48': 'protocolInformation', - X500ATTR_OID+'54': 'dmdName', - NETSCAPE_LDAP+'4': 'employeeType', - X500ATTR_OID+'22': 'teletexTerminalIdentifier', - X500ATTR_OID+'23': 'facsimileTelephoneNumber', - X500ATTR_OID+'20': 'telephoneNumber', - X500ATTR_OID+'21': 'telexNumber', - X500ATTR_OID+'26': 'registeredAddress', - X500ATTR_OID+'27': 'destinationIndicator', - X500ATTR_OID+'24': 'x121Address', - X500ATTR_OID+'25': 'internationaliSDNNumber', - X500ATTR_OID+'28': 'preferredDeliveryMethod', - X500ATTR_OID+'29': 'presentationAddress', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', - UMICH+'57': 'labeledURI', - UCL_DIR_PILOT+'1': 'uid', + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NETSCAPE_LDAP}241": "displayName", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{X500ATTR_OID}53": "deltaRevocationList", + f"{X500ATTR_OID}52": "supportedAlgorithms", + f"{X500ATTR_OID}51": "houseIdentifier", + f"{X500ATTR_OID}50": "uniqueMember", + f"{X500ATTR_OID}19": "physicalDeliveryOfficeName", + f"{X500ATTR_OID}18": "postOfficeBox", + f"{X500ATTR_OID}17": "postalCode", + f"{X500ATTR_OID}16": "postalAddress", + f"{X500ATTR_OID}15": "businessCategory", + f"{X500ATTR_OID}14": "searchGuide", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{X500ATTR_OID}12": "title", + f"{X500ATTR_OID}11": "ou", + f"{X500ATTR_OID}10": "o", + f"{X500ATTR_OID}37": "cACertificate", + f"{X500ATTR_OID}36": "userCertificate", + f"{X500ATTR_OID}31": "member", + f"{X500ATTR_OID}30": "supportedApplicationContext", + f"{X500ATTR_OID}33": "roleOccupant", + f"{X500ATTR_OID}32": "owner", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{PKCS_9}1": "email", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{X500ATTR_OID}39": "certificateRevocationList", + f"{X500ATTR_OID}38": "authorityRevocationList", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{X500ATTR_OID}9": "street", + f"{X500ATTR_OID}8": "st", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{X500ATTR_OID}2": "knowledgeInformation", + f"{X500ATTR_OID}7": "l", + f"{X500ATTR_OID}6": "c", + f"{X500ATTR_OID}5": "serialNumber", + f"{X500ATTR_OID}4": "sn", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{X500ATTR_OID}65": "pseudonym", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{X500ATTR_OID}40": "crossCertificatePair", + f"{X500ATTR_OID}42": "givenName", + f"{X500ATTR_OID}43": "initials", + f"{X500ATTR_OID}44": "generationQualifier", + f"{X500ATTR_OID}45": "x500UniqueIdentifier", + f"{X500ATTR_OID}46": "dnQualifier", + f"{X500ATTR_OID}47": "enhancedSearchGuide", + f"{X500ATTR_OID}48": "protocolInformation", + f"{X500ATTR_OID}54": "dmdName", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{X500ATTR_OID}22": "teletexTerminalIdentifier", + f"{X500ATTR_OID}23": "facsimileTelephoneNumber", + f"{X500ATTR_OID}20": "telephoneNumber", + f"{X500ATTR_OID}21": "telexNumber", + f"{X500ATTR_OID}26": "registeredAddress", + f"{X500ATTR_OID}27": "destinationIndicator", + f"{X500ATTR_OID}24": "x121Address", + f"{X500ATTR_OID}25": "internationaliSDNNumber", + f"{X500ATTR_OID}28": "preferredDeliveryMethod", + f"{X500ATTR_OID}29": "presentationAddress", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", + f"{UMICH}57": "labeledURI", + f"{UCL_DIR_PILOT}1": "uid", }, "to": { - 'roleOccupant': X500ATTR_OID+'33', - 'gn': X500ATTR_OID+'42', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'title': X500ATTR_OID+'12', - 'facsimileTelephoneNumber': X500ATTR_OID+'23', - 'mail': UCL_DIR_PILOT+'3', - 'postOfficeBox': X500ATTR_OID+'18', - 'fax': X500ATTR_OID+'23', - 'telephoneNumber': X500ATTR_OID+'20', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'dc': UCL_DIR_PILOT+'25', - 'countryName': X500ATTR_OID+'6', - 'emailAddress': PKCS_9+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'organizationName': X500ATTR_OID+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'registeredAddress': X500ATTR_OID+'26', - 'physicalDeliveryOfficeName': X500ATTR_OID+'19', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'l': X500ATTR_OID+'7', - 'stateOrProvinceName': X500ATTR_OID+'8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'pkcs9email': PKCS_9+'1', - 'givenName': X500ATTR_OID+'42', - 'givenname': X500ATTR_OID+'42', - 'x500UniqueIdentifier': X500ATTR_OID+'45', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'houseIdentifier': X500ATTR_OID+'51', - 'street': X500ATTR_OID+'9', - 'supportedAlgorithms': X500ATTR_OID+'52', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'postalAddress': X500ATTR_OID+'16', - 'email': PKCS_9+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'c': X500ATTR_OID+'6', - 'teletexTerminalIdentifier': X500ATTR_OID+'22', - 'o': X500ATTR_OID+'10', - 'cACertificate': X500ATTR_OID+'37', - 'telexNumber': X500ATTR_OID+'21', - 'ou': X500ATTR_OID+'11', - 'initials': X500ATTR_OID+'43', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'deltaRevocationList': X500ATTR_OID+'53', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'supportedApplicationContext': X500ATTR_OID+'30', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'generationQualifier': X500ATTR_OID+'44', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'edupersonprincipalname': EDUPERSON_OID+'6', - 'localityName': X500ATTR_OID+'7', - 'owner': X500ATTR_OID+'32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'searchGuide': X500ATTR_OID+'14', - 'certificateRevocationList': X500ATTR_OID+'39', - 'organizationalUnitName': X500ATTR_OID+'11', - 'userCertificate': X500ATTR_OID+'36', - 'preferredDeliveryMethod': X500ATTR_OID+'28', - 'internationaliSDNNumber': X500ATTR_OID+'25', - 'uniqueMember': X500ATTR_OID+'50', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'enhancedSearchGuide': X500ATTR_OID+'47', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'x121Address': X500ATTR_OID+'24', - 'destinationIndicator': X500ATTR_OID+'27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'surname': X500ATTR_OID+'4', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'edupersonscopedaffiliation': EDUPERSON_OID+'9', - 'protocolInformation': X500ATTR_OID+'48', - 'knowledgeInformation': X500ATTR_OID+'2', - 'employeeType': NETSCAPE_LDAP+'4', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'member': X500ATTR_OID+'31', - 'streetAddress': X500ATTR_OID+'9', - 'dmdName': X500ATTR_OID+'54', - 'postalCode': X500ATTR_OID+'17', - 'pseudonym': X500ATTR_OID+'65', - 'dnQualifier': X500ATTR_OID+'46', - 'crossCertificatePair': X500ATTR_OID+'40', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'authorityRevocationList': X500ATTR_OID+'38', - 'displayName': NETSCAPE_LDAP+'241', - 'businessCategory': X500ATTR_OID+'15', - 'serialNumber': X500ATTR_OID+'5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'st': X500ATTR_OID+'8', - 'carLicense': NETSCAPE_LDAP+'1', - 'presentationAddress': X500ATTR_OID+'29', - 'sn': X500ATTR_OID+'4', - 'domainComponent': UCL_DIR_PILOT+'25', - 'labeledURI': UMICH+'57', - 'uid': UCL_DIR_PILOT+'1' - } -} \ No newline at end of file + "roleOccupant": f"{X500ATTR_OID}33", + "gn": f"{X500ATTR_OID}42", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "title": f"{X500ATTR_OID}12", + "facsimileTelephoneNumber": f"{X500ATTR_OID}23", + "mail": f"{UCL_DIR_PILOT}3", + "postOfficeBox": f"{X500ATTR_OID}18", + "fax": f"{X500ATTR_OID}23", + "telephoneNumber": f"{X500ATTR_OID}20", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "rfc822Mailbox": f"{UCL_DIR_PILOT}3", + "dc": f"{UCL_DIR_PILOT}25", + "countryName": f"{X500ATTR_OID}6", + "emailAddress": f"{PKCS_9}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "organizationName": f"{X500ATTR_OID}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "registeredAddress": f"{X500ATTR_OID}26", + "physicalDeliveryOfficeName": f"{X500ATTR_OID}19", + "associatedDomain": f"{UCL_DIR_PILOT}37", + "l": f"{X500ATTR_OID}7", + "stateOrProvinceName": f"{X500ATTR_OID}8", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "pkcs9email": f"{PKCS_9}1", + "givenName": f"{X500ATTR_OID}42", + "givenname": f"{X500ATTR_OID}42", + "x500UniqueIdentifier": f"{X500ATTR_OID}45", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "houseIdentifier": f"{X500ATTR_OID}51", + "street": f"{X500ATTR_OID}9", + "supportedAlgorithms": f"{X500ATTR_OID}52", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "postalAddress": f"{X500ATTR_OID}16", + "email": f"{PKCS_9}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "c": f"{X500ATTR_OID}6", + "teletexTerminalIdentifier": f"{X500ATTR_OID}22", + "o": f"{X500ATTR_OID}10", + "cACertificate": f"{X500ATTR_OID}37", + "telexNumber": f"{X500ATTR_OID}21", + "ou": f"{X500ATTR_OID}11", + "initials": f"{X500ATTR_OID}43", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "deltaRevocationList": f"{X500ATTR_OID}53", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "supportedApplicationContext": f"{X500ATTR_OID}30", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "generationQualifier": f"{X500ATTR_OID}44", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "edupersonprincipalname": f"{EDUPERSON_OID}6", + "localityName": f"{X500ATTR_OID}7", + "owner": f"{X500ATTR_OID}32", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "searchGuide": f"{X500ATTR_OID}14", + "certificateRevocationList": f"{X500ATTR_OID}39", + "organizationalUnitName": f"{X500ATTR_OID}11", + "userCertificate": f"{X500ATTR_OID}36", + "preferredDeliveryMethod": f"{X500ATTR_OID}28", + "internationaliSDNNumber": f"{X500ATTR_OID}25", + "uniqueMember": f"{X500ATTR_OID}50", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "enhancedSearchGuide": f"{X500ATTR_OID}47", + "userPKCS12": f"{NETSCAPE_LDAP}216", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "x121Address": f"{X500ATTR_OID}24", + "destinationIndicator": f"{X500ATTR_OID}27", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "surname": f"{X500ATTR_OID}4", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "edupersonscopedaffiliation": f"{EDUPERSON_OID}9", + "protocolInformation": f"{X500ATTR_OID}48", + "knowledgeInformation": f"{X500ATTR_OID}2", + "employeeType": f"{NETSCAPE_LDAP}4", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "member": f"{X500ATTR_OID}31", + "streetAddress": f"{X500ATTR_OID}9", + "dmdName": f"{X500ATTR_OID}54", + "postalCode": f"{X500ATTR_OID}17", + "pseudonym": f"{X500ATTR_OID}65", + "dnQualifier": f"{X500ATTR_OID}46", + "crossCertificatePair": f"{X500ATTR_OID}40", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "authorityRevocationList": f"{X500ATTR_OID}38", + "displayName": f"{NETSCAPE_LDAP}241", + "businessCategory": f"{X500ATTR_OID}15", + "serialNumber": f"{X500ATTR_OID}5", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "st": f"{X500ATTR_OID}8", + "carLicense": f"{NETSCAPE_LDAP}1", + "presentationAddress": f"{X500ATTR_OID}29", + "sn": f"{X500ATTR_OID}4", + "domainComponent": f"{UCL_DIR_PILOT}25", + "labeledURI": f"{UMICH}57", + "uid": f"{UCL_DIR_PILOT}1", + }, +} diff --git a/example/sp-repoze/attributemaps/shibboleth_uri.py b/example/sp-repoze/attributemaps/shibboleth_uri.py index d26bf0061..992a2219e 100644 --- a/example/sp-repoze/attributemaps/shibboleth_uri.py +++ b/example/sp-repoze/attributemaps/shibboleth_uri.py @@ -9,182 +9,182 @@ MAP = { "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri", "fro": { - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP+'241': 'displayName', - UCL_DIR_PILOT+'37': 'associatedDomain', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - X500ATTR+'53': 'deltaRevocationList', - X500ATTR+'52': 'supportedAlgorithms', - X500ATTR+'51': 'houseIdentifier', - X500ATTR+'50': 'uniqueMember', - X500ATTR+'19': 'physicalDeliveryOfficeName', - X500ATTR+'18': 'postOfficeBox', - X500ATTR+'17': 'postalCode', - X500ATTR+'16': 'postalAddress', - X500ATTR+'15': 'businessCategory', - X500ATTR+'14': 'searchGuide', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - X500ATTR+'12': 'title', - X500ATTR+'11': 'ou', - X500ATTR+'10': 'o', - X500ATTR+'37': 'cACertificate', - X500ATTR+'36': 'userCertificate', - X500ATTR+'31': 'member', - X500ATTR+'30': 'supportedApplicationContext', - X500ATTR+'33': 'roleOccupant', - X500ATTR+'32': 'owner', - NETSCAPE_LDAP+'1': 'carLicense', - PKCS_9+'1': 'email', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'2': 'departmentNumber', - X500ATTR+'39': 'certificateRevocationList', - X500ATTR+'38': 'authorityRevocationList', - NETSCAPE_LDAP+'216': 'userPKCS12', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR+'9': 'street', - X500ATTR+'8': 'st', - NETSCAPE_LDAP+'39': 'preferredLanguage', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - X500ATTR+'2': 'knowledgeInformation', - X500ATTR+'7': 'l', - X500ATTR+'6': 'c', - X500ATTR+'5': 'serialNumber', - X500ATTR+'4': 'sn', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR+'65': 'pseudonym', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - X500ATTR+'40': 'crossCertificatePair', - X500ATTR+'42': 'givenName', - X500ATTR+'43': 'initials', - X500ATTR+'44': 'generationQualifier', - X500ATTR+'45': 'x500UniqueIdentifier', - X500ATTR+'46': 'dnQualifier', - X500ATTR+'47': 'enhancedSearchGuide', - X500ATTR+'48': 'protocolInformation', - X500ATTR+'54': 'dmdName', - NETSCAPE_LDAP+'4': 'employeeType', - X500ATTR+'22': 'teletexTerminalIdentifier', - X500ATTR+'23': 'facsimileTelephoneNumber', - X500ATTR+'20': 'telephoneNumber', - X500ATTR+'21': 'telexNumber', - X500ATTR+'26': 'registeredAddress', - X500ATTR+'27': 'destinationIndicator', - X500ATTR+'24': 'x121Address', - X500ATTR+'25': 'internationaliSDNNumber', - X500ATTR+'28': 'preferredDeliveryMethod', - X500ATTR+'29': 'presentationAddress', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NETSCAPE_LDAP}241": "displayName", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{X500ATTR}53": "deltaRevocationList", + f"{X500ATTR}52": "supportedAlgorithms", + f"{X500ATTR}51": "houseIdentifier", + f"{X500ATTR}50": "uniqueMember", + f"{X500ATTR}19": "physicalDeliveryOfficeName", + f"{X500ATTR}18": "postOfficeBox", + f"{X500ATTR}17": "postalCode", + f"{X500ATTR}16": "postalAddress", + f"{X500ATTR}15": "businessCategory", + f"{X500ATTR}14": "searchGuide", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{X500ATTR}12": "title", + f"{X500ATTR}11": "ou", + f"{X500ATTR}10": "o", + f"{X500ATTR}37": "cACertificate", + f"{X500ATTR}36": "userCertificate", + f"{X500ATTR}31": "member", + f"{X500ATTR}30": "supportedApplicationContext", + f"{X500ATTR}33": "roleOccupant", + f"{X500ATTR}32": "owner", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{PKCS_9}1": "email", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{X500ATTR}39": "certificateRevocationList", + f"{X500ATTR}38": "authorityRevocationList", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{X500ATTR}9": "street", + f"{X500ATTR}8": "st", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{X500ATTR}2": "knowledgeInformation", + f"{X500ATTR}7": "l", + f"{X500ATTR}6": "c", + f"{X500ATTR}5": "serialNumber", + f"{X500ATTR}4": "sn", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{X500ATTR}65": "pseudonym", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{X500ATTR}40": "crossCertificatePair", + f"{X500ATTR}42": "givenName", + f"{X500ATTR}43": "initials", + f"{X500ATTR}44": "generationQualifier", + f"{X500ATTR}45": "x500UniqueIdentifier", + f"{X500ATTR}46": "dnQualifier", + f"{X500ATTR}47": "enhancedSearchGuide", + f"{X500ATTR}48": "protocolInformation", + f"{X500ATTR}54": "dmdName", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{X500ATTR}22": "teletexTerminalIdentifier", + f"{X500ATTR}23": "facsimileTelephoneNumber", + f"{X500ATTR}20": "telephoneNumber", + f"{X500ATTR}21": "telexNumber", + f"{X500ATTR}26": "registeredAddress", + f"{X500ATTR}27": "destinationIndicator", + f"{X500ATTR}24": "x121Address", + f"{X500ATTR}25": "internationaliSDNNumber", + f"{X500ATTR}28": "preferredDeliveryMethod", + f"{X500ATTR}29": "presentationAddress", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", }, - "to":{ - 'roleOccupant': X500ATTR+'33', - 'gn': X500ATTR+'42', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'title': X500ATTR+'12', - 'facsimileTelephoneNumber': X500ATTR+'23', - 'mail': UCL_DIR_PILOT+'3', - 'postOfficeBox': X500ATTR+'18', - 'fax': X500ATTR+'23', - 'telephoneNumber': X500ATTR+'20', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'dc': UCL_DIR_PILOT+'25', - 'countryName': X500ATTR+'6', - 'emailAddress': PKCS_9+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'organizationName': X500ATTR+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'registeredAddress': X500ATTR+'26', - 'physicalDeliveryOfficeName': X500ATTR+'19', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'l': X500ATTR+'7', - 'stateOrProvinceName': X500ATTR+'8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'pkcs9email': PKCS_9+'1', - 'givenName': X500ATTR+'42', - 'x500UniqueIdentifier': X500ATTR+'45', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'houseIdentifier': X500ATTR+'51', - 'street': X500ATTR+'9', - 'supportedAlgorithms': X500ATTR+'52', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'postalAddress': X500ATTR+'16', - 'email': PKCS_9+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'c': X500ATTR+'6', - 'teletexTerminalIdentifier': X500ATTR+'22', - 'o': X500ATTR+'10', - 'cACertificate': X500ATTR+'37', - 'telexNumber': X500ATTR+'21', - 'ou': X500ATTR+'11', - 'initials': X500ATTR+'43', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'deltaRevocationList': X500ATTR+'53', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'supportedApplicationContext': X500ATTR+'30', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'generationQualifier': X500ATTR+'44', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'localityName': X500ATTR+'7', - 'owner': X500ATTR+'32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'searchGuide': X500ATTR+'14', - 'certificateRevocationList': X500ATTR+'39', - 'organizationalUnitName': X500ATTR+'11', - 'userCertificate': X500ATTR+'36', - 'preferredDeliveryMethod': X500ATTR+'28', - 'internationaliSDNNumber': X500ATTR+'25', - 'uniqueMember': X500ATTR+'50', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'enhancedSearchGuide': X500ATTR+'47', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'x121Address': X500ATTR+'24', - 'destinationIndicator': X500ATTR+'27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'surname': X500ATTR+'4', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'protocolInformation': X500ATTR+'48', - 'knowledgeInformation': X500ATTR+'2', - 'employeeType': NETSCAPE_LDAP+'4', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'member': X500ATTR+'31', - 'streetAddress': X500ATTR+'9', - 'dmdName': X500ATTR+'54', - 'postalCode': X500ATTR+'17', - 'pseudonym': X500ATTR+'65', - 'dnQualifier': X500ATTR+'46', - 'crossCertificatePair': X500ATTR+'40', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'authorityRevocationList': X500ATTR+'38', - 'displayName': NETSCAPE_LDAP+'241', - 'businessCategory': X500ATTR+'15', - 'serialNumber': X500ATTR+'5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'st': X500ATTR+'8', - 'carLicense': NETSCAPE_LDAP+'1', - 'presentationAddress': X500ATTR+'29', - 'sn': X500ATTR+'4', - 'domainComponent': UCL_DIR_PILOT+'25', - } -} \ No newline at end of file + "to": { + "roleOccupant": f"{X500ATTR}33", + "gn": f"{X500ATTR}42", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "title": f"{X500ATTR}12", + "facsimileTelephoneNumber": f"{X500ATTR}23", + "mail": f"{UCL_DIR_PILOT}3", + "postOfficeBox": f"{X500ATTR}18", + "fax": f"{X500ATTR}23", + "telephoneNumber": f"{X500ATTR}20", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "rfc822Mailbox": f"{UCL_DIR_PILOT}3", + "dc": f"{UCL_DIR_PILOT}25", + "countryName": f"{X500ATTR}6", + "emailAddress": f"{PKCS_9}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "organizationName": f"{X500ATTR}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "registeredAddress": f"{X500ATTR}26", + "physicalDeliveryOfficeName": f"{X500ATTR}19", + "associatedDomain": f"{UCL_DIR_PILOT}37", + "l": f"{X500ATTR}7", + "stateOrProvinceName": f"{X500ATTR}8", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "pkcs9email": f"{PKCS_9}1", + "givenName": f"{X500ATTR}42", + "x500UniqueIdentifier": f"{X500ATTR}45", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "houseIdentifier": f"{X500ATTR}51", + "street": f"{X500ATTR}9", + "supportedAlgorithms": f"{X500ATTR}52", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "postalAddress": f"{X500ATTR}16", + "email": f"{PKCS_9}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "c": f"{X500ATTR}6", + "teletexTerminalIdentifier": f"{X500ATTR}22", + "o": f"{X500ATTR}10", + "cACertificate": f"{X500ATTR}37", + "telexNumber": f"{X500ATTR}21", + "ou": f"{X500ATTR}11", + "initials": f"{X500ATTR}43", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "deltaRevocationList": f"{X500ATTR}53", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "supportedApplicationContext": f"{X500ATTR}30", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "generationQualifier": f"{X500ATTR}44", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "localityName": f"{X500ATTR}7", + "owner": f"{X500ATTR}32", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "searchGuide": f"{X500ATTR}14", + "certificateRevocationList": f"{X500ATTR}39", + "organizationalUnitName": f"{X500ATTR}11", + "userCertificate": f"{X500ATTR}36", + "preferredDeliveryMethod": f"{X500ATTR}28", + "internationaliSDNNumber": f"{X500ATTR}25", + "uniqueMember": f"{X500ATTR}50", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "enhancedSearchGuide": f"{X500ATTR}47", + "userPKCS12": f"{NETSCAPE_LDAP}216", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "x121Address": f"{X500ATTR}24", + "destinationIndicator": f"{X500ATTR}27", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "surname": f"{X500ATTR}4", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "protocolInformation": f"{X500ATTR}48", + "knowledgeInformation": f"{X500ATTR}2", + "employeeType": f"{NETSCAPE_LDAP}4", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "member": f"{X500ATTR}31", + "streetAddress": f"{X500ATTR}9", + "dmdName": f"{X500ATTR}54", + "postalCode": f"{X500ATTR}17", + "pseudonym": f"{X500ATTR}65", + "dnQualifier": f"{X500ATTR}46", + "crossCertificatePair": f"{X500ATTR}40", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "authorityRevocationList": f"{X500ATTR}38", + "displayName": f"{NETSCAPE_LDAP}241", + "businessCategory": f"{X500ATTR}15", + "serialNumber": f"{X500ATTR}5", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "st": f"{X500ATTR}8", + "carLicense": f"{NETSCAPE_LDAP}1", + "presentationAddress": f"{X500ATTR}29", + "sn": f"{X500ATTR}4", + "domainComponent": f"{UCL_DIR_PILOT}25", + }, +} diff --git a/example/sp-repoze/pki/certgeneration.py b/example/sp-repoze/pki/certgeneration.py index bcdd110cb..84061c387 100644 --- a/example/sp-repoze/pki/certgeneration.py +++ b/example/sp-repoze/pki/certgeneration.py @@ -1,8 +1,8 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- from saml2.cert import OpenSSLWrapper -__author__ = 'haho0032' + +__author__ = "haho0032" cert_info_ca = { @@ -11,10 +11,9 @@ "state": "ac", "city": "umea", "organization": "ITS Umea University", - "organization_unit": "DIRG" + "organization_unit": "DIRG", } osw = OpenSSLWrapper() -ca_cert, ca_key = osw.create_certificate(cert_info_ca, request=False, write_to_file=True, - cert_dir="./") \ No newline at end of file +ca_cert, ca_key = osw.create_certificate(cert_info_ca, request=False, write_to_file=True, cert_dir="./") diff --git a/example/sp-repoze/sp.py b/example/sp-repoze/sp.py index b6539e03e..1c837962c 100755 --- a/example/sp-repoze/sp.py +++ b/example/sp-repoze/sp.py @@ -1,23 +1,23 @@ #!/usr/bin/env python -from Cookie import SimpleCookie +import argparse import logging import os -import sp_conf -from sp_conf import CONFIG import re -import subprocess + +from Cookie import SimpleCookie +import sp_conf from urlparse import parse_qs -import argparse -from saml2 import BINDING_HTTP_REDIRECT, time_util -from saml2.httputil import Response -from saml2.httputil import Unauthorized + +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import time_util from saml2.httputil import NotFound from saml2.httputil import Redirect -#from saml2.httputil import ServiceError +from saml2.httputil import Response +from saml2.httputil import Unauthorized + +# from saml2.httputil import ServiceError from saml2.metadata import create_metadata_string -from saml2.metadata import entities_descriptor -from saml2.config import Config -from saml2.sigver import security_context + logger = logging.getLogger("saml2.SP") @@ -26,21 +26,21 @@ def dict_to_table(ava, lev=0, width=1): - txt = ['\n' % width] + txt = [f'
\n'] for prop, valarr in ava.items(): txt.append("\n") if isinstance(valarr, basestring): - txt.append("\n" % str(prop)) + txt.append(f"\n") try: - txt.append("\n" % valarr.encode("utf8")) + txt.append(f"\n") except AttributeError: - txt.append("\n" % valarr) + txt.append(f"\n") elif isinstance(valarr, list): i = 0 n = len(valarr) for val in valarr: if not i: - txt.append("\n") if isinstance(val, dict): @@ -49,20 +49,20 @@ def dict_to_table(ava, lev=0, width=1): txt.append("\n") else: try: - txt.append("\n" % val.encode("utf8")) + txt.append(f"\n") except AttributeError: - txt.append("\n" % val) + txt.append(f"\n") if n > 1: txt.append("\n") n -= 1 i += 1 elif isinstance(valarr, dict): - txt.append("\n" % prop) + txt.append(f"\n") txt.append("\n") txt.append("\n") - txt.append('
%s{str(prop)}%s{valarr.encode('utf8')}%s{valarr}%s\n" % (len(valarr), prop)) + txt.append(f"{prop}\n") else: txt.append("
%s{val.encode('utf8')}%s{val}
%s{prop}\n") txt.extend(dict_to_table(valarr, lev + 1, width - 1)) txt.append("
\n') + txt.append("\n") return txt @@ -75,21 +75,21 @@ def _expiration(timeout, tformat=None): def delete_cookie(environ, name): - kaka = environ.get("HTTP_COOKIE", '') + kaka = environ.get("HTTP_COOKIE", "") if kaka: cookie_obj = SimpleCookie(kaka) morsel = cookie_obj.get(name, None) cookie = SimpleCookie() cookie[name] = morsel - cookie[name]["expires"] = _expiration("now", - "%a, %d-%b-%Y %H:%M:%S CET") + cookie[name]["expires"] = _expiration("now", "%a, %d-%b-%Y %H:%M:%S CET") return tuple(cookie.output().split(": ", 1)) return None + # ---------------------------------------------------------------------------- -#noinspection PyUnusedLocal +# noinspection PyUnusedLocal def whoami(environ, start_response, user): nameid = environ["repoze.who.identity"]["login"] ava = environ["repoze.who.identity"]["user"] @@ -99,39 +99,37 @@ def whoami(environ, start_response, user): response = ["

Your identity is supposed to be

"] response.extend(dict_to_table(ava)) else: - response = [ - "

The system did not return any information about you

"] + response = ["

The system did not return any information about you

"] response.extend("Logout") resp = Response(response) return resp(environ, start_response) -#noinspection PyUnusedLocal +# noinspection PyUnusedLocal def not_found(environ, start_response): """Called if no URL matches.""" - resp = NotFound('Not Found') + resp = NotFound("Not Found") return resp(environ, start_response) -#noinspection PyUnusedLocal +# noinspection PyUnusedLocal def not_authn(environ, start_response): - resp = Unauthorized('Unknown user') + resp = Unauthorized("Unknown user") return resp(environ, start_response) -#noinspection PyUnusedLocal +# noinspection PyUnusedLocal def slo(environ, start_response, user): # so here I might get either a LogoutResponse or a LogoutRequest - client = environ['repoze.who.plugins']["saml2auth"] + client = environ["repoze.who.plugins"]["saml2auth"] sc = client.saml_client if "QUERY_STRING" in environ: query = parse_qs(environ["QUERY_STRING"]) logger.info("query: %s", query) try: - response = sc.parse_logout_request_response( - query["SAMLResponse"][0], binding=BINDING_HTTP_REDIRECT) + response = sc.parse_logout_request_response(query["SAMLResponse"][0], binding=BINDING_HTTP_REDIRECT) if response: logger.info("LOGOUT response parsed OK") except KeyError: @@ -149,18 +147,18 @@ def slo(environ, start_response, user): return resp(environ, start_response) -#noinspection PyUnusedLocal +# noinspection PyUnusedLocal def logout(environ, start_response, user): # This is where it starts when a user wants to log out - client = environ['repoze.who.plugins']["saml2auth"] - subject_id = environ["repoze.who.identity"]['repoze.who.userid'] + client = environ["repoze.who.plugins"]["saml2auth"] + subject_id = environ["repoze.who.identity"]["repoze.who.userid"] logger.info("[logout] subject_id: '%s'", subject_id) target = "/done" # What if more than one _dict = client.saml_client.global_logout(subject_id) logger.info("[logout] global_logout > %s", _dict) - rem = environ['repoze.who.plugins'][client.rememberer_name] + rem = environ["repoze.who.plugins"][client.rememberer_name] rem.forget(environ, subject_id) for key, item in _dict.items(): @@ -177,47 +175,49 @@ def logout(environ, start_response, user): # return [] -#noinspection PyUnusedLocal +# noinspection PyUnusedLocal def done(environ, start_response, user): # remove cookie and stored info logger.info("[done] environ: %s", environ) - subject_id = environ["repoze.who.identity"]['repoze.who.userid'] - client = environ['repoze.who.plugins']["saml2auth"] - logger.info("[logout done] remaining subjects: %s", - client.saml_client.users.subjects()) + subject_id = environ["repoze.who.identity"]["repoze.who.userid"] + client = environ["repoze.who.plugins"]["saml2auth"] + logger.info("[logout done] remaining subjects: %s", client.saml_client.users.subjects()) - start_response('200 OK', [('Content-Type', 'text/html')]) + start_response("200 OK", [("Content-Type", "text/html")]) return ["

You are now logged out from this service

"] + # ---------------------------------------------------------------------------- # map urls to functions urls = [ - (r'whoami$', whoami), - (r'logout$', logout), - (r'done$', done), - (r'slo$', slo), - (r'^$', whoami), + (r"whoami$", whoami), + (r"logout$", logout), + (r"done$", done), + (r"slo$", slo), + (r"^$", whoami), ] # ---------------------------------------------------------------------------- + def metadata(environ, start_response): try: path = args.path if path is None or len(path) == 0: - path = os.path.dirname(os.path.abspath( __file__ )) + path = os.path.dirname(os.path.abspath(__file__)) if path[-1] != "/": path += "/" - metadata = create_metadata_string(path+"sp_conf.py", None, - args.valid, args.cert, args.keyfile, - args.id, args.name, args.sign) - start_response('200 OK', [('Content-Type', "text/xml")]) + metadata = create_metadata_string( + f"{path}sp_conf.py", None, args.valid, args.cert, args.keyfile, args.id, args.name, args.sign + ) + start_response("200 OK", [("Content-Type", "text/xml")]) return metadata except Exception as ex: logger.error("An error occured while creating metadata: %s", ex.message) return not_found(environ, start_response) + def application(environ, start_response): """ The main WSGI application. Dispatch the current request to @@ -232,7 +232,7 @@ def application(environ, start_response): request is done :return: The response as a list of lines """ - path = environ.get('PATH_INFO', '').lstrip('/') + path = environ.get("PATH_INFO", "").lstrip("/") logger.info(" PATH: %s", path) if path == "metadata": @@ -244,28 +244,28 @@ def application(environ, start_response): logger.info("repoze.who.identity: '%s'", user) else: logger.info("REMOTE_USER: '%s'", user) - #logger.info(logging.Logger.manager.loggerDict) + # logger.info(logging.Logger.manager.loggerDict) for regex, callback in urls: if user: match = re.search(regex, path) if match is not None: try: - environ['myapp.url_args'] = match.groups()[0] + environ["myapp.url_args"] = match.groups()[0] except IndexError: - environ['myapp.url_args'] = path + environ["myapp.url_args"] = path return callback(environ, start_response, user) else: return not_authn(environ, start_response) return not_found(environ, start_response) + # ---------------------------------------------------------------------------- from repoze.who.config import make_middleware_with_config -app_with_auth = make_middleware_with_config(application, {"here": "."}, - './who.ini', - log_file="repoze_who.log") + +app_with_auth = make_middleware_with_config(application, {"here": "."}, "./who.ini", log_file="repoze_who.log") # ---------------------------------------------------------------------------- HOST = sp_conf.HOST @@ -275,23 +275,22 @@ def application(environ, start_response): # by moving some initialization out of __name__ == '__main__' section. # uwsgi -s 0.0.0.0:8087 --protocol http --callable app_with_auth --module idp -if __name__ == '__main__': - #make_metadata arguments +if __name__ == "__main__": + # make_metadata arguments parser = argparse.ArgumentParser() - parser.add_argument('-p', dest='path', help='Path to configuration file.') - parser.add_argument('-v', dest='valid', default="4", - help="How long, in days, the metadata is valid from the time of creation") - parser.add_argument('-c', dest='cert', help='certificate') - parser.add_argument('-i', dest='id', - help="The ID of the entities descriptor in the metadata") - parser.add_argument('-k', dest='keyfile', - help="A file with a key to sign the metadata with") - parser.add_argument('-n', dest='name') - parser.add_argument('-s', dest='sign', action='store_true', - help="sign the metadata") + parser.add_argument("-p", dest="path", help="Path to configuration file.") + parser.add_argument( + "-v", dest="valid", default="4", help="How long, in days, the metadata is valid from the time of creation" + ) + parser.add_argument("-c", dest="cert", help="certificate") + parser.add_argument("-i", dest="id", help="The ID of the entities descriptor in the metadata") + parser.add_argument("-k", dest="keyfile", help="A file with a key to sign the metadata with") + parser.add_argument("-n", dest="name") + parser.add_argument("-s", dest="sign", action="store_true", help="sign the metadata") args = parser.parse_args() from wsgiref.simple_server import make_server + srv = make_server(HOST, PORT, app_with_auth) - print("SP listening on %s:%s" % (HOST, PORT)) + print(f"SP listening on {HOST}:{PORT}") srv.serve_forever() diff --git a/example/sp-wsgi/sp.py b/example/sp-wsgi/sp.py index bd8a9578c..926ea0360 100755 --- a/example/sp-wsgi/sp.py +++ b/example/sp-wsgi/sp.py @@ -1,33 +1,31 @@ #!/usr/bin/env python -from __future__ import print_function import argparse + + try: import html except: import cgi as html + +from http.cookies import SimpleCookie import importlib import logging import os import re import sys +from urllib.parse import parse_qs import xml.dom.minidom -from saml2.client_base import MIME_PAOS -from saml2.sigver import SignatureError - -import six -from six.moves.http_cookies import SimpleCookie -from six.moves.urllib.parse import parse_qs - -import saml2.xmldsig as ds from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_HTTP_REDIRECT, element_to_extension_element +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP from saml2 import ecp +from saml2 import element_to_extension_element from saml2 import time_util from saml2.client import Saml2Client +from saml2.client_base import MIME_PAOS from saml2.ecp_client import PAOS_HEADER_INFO from saml2.extension.pefim import SPCertEnc from saml2.httputil import BadRequest @@ -39,7 +37,9 @@ from saml2.httputil import ServiceError from saml2.httputil import Unauthorized from saml2.httputil import get_post -from saml2.httputil import geturl, make_cookie, parse_cookie +from saml2.httputil import geturl +from saml2.httputil import make_cookie +from saml2.httputil import parse_cookie from saml2.metadata import create_metadata_string from saml2.response import StatusError from saml2.response import VerificationError @@ -50,10 +50,14 @@ from saml2.s_utils import sid from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.samlp import Extensions +from saml2.sigver import SignatureError +import saml2.xmldsig as ds + def _html_escape(payload): return html.escape(payload, quote=True) + logger = logging.getLogger("") hdlr = logging.FileHandler("spx.log") base_formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s") @@ -68,18 +72,18 @@ def _html_escape(payload): def dict_to_table(ava, lev=0, width=1): - txt = ['\n' % width] + txt = [f'
\n'] for prop, valarr in ava.items(): txt.append("\n") - if isinstance(valarr, six.string_types): - txt.append("\n" % str(prop)) - txt.append("\n" % valarr) + if isinstance(valarr, str): + txt.append(f"\n") + txt.append(f"\n") elif isinstance(valarr, list): i = 0 n = len(valarr) for val in valarr: if not i: - txt.append("\n") if isinstance(val, dict): @@ -87,13 +91,13 @@ def dict_to_table(ava, lev=0, width=1): txt.extend(dict_to_table(val, lev + 1, width - 1)) txt.append("\n") else: - txt.append("\n" % val) + txt.append(f"\n") if n > 1: txt.append("\n") n -= 1 i += 1 elif isinstance(valarr, dict): - txt.append("\n" % prop) + txt.append(f"\n") txt.append("\n") @@ -128,12 +132,12 @@ def handle_static(environ, start_response, path): resp = Response(data, headers=[("Content-Type", "image/png")]) else: resp = Response(data) - except IOError: + except OSError: resp = NotFound() return resp(environ, start_response) -class ECPResponse(object): +class ECPResponse: code = 200 title = "OK" @@ -142,9 +146,7 @@ def __init__(self, content): # noinspection PyUnusedLocal def __call__(self, environ, start_response): - start_response( - "%s %s" % (self.code, self.title), [("Content-Type", "text/xml")] - ) + start_response(f"{self.code} {self.title}", [("Content-Type", "text/xml")]) return [self.content] @@ -160,7 +162,7 @@ def _expiration(timeout, tformat=None): return time_util.in_a_while(minutes=timeout, format=tformat) -class Cache(object): +class Cache: def __init__(self): self.uid2user = {} self.cookie_name = "spauthn" @@ -217,7 +219,7 @@ def set_cookie(self, user): # ----------------------------------------------------------------------------- -class Service(object): +class Service: def __init__(self, environ, start_response, user=None): self.environ = environ logger.debug("ENVIRON: %s", environ) @@ -228,14 +230,14 @@ def __init__(self, environ, start_response, user=None): def unpack_redirect(self): if "QUERY_STRING" in self.environ: _qs = self.environ["QUERY_STRING"] - return dict([(k, v[0]) for k, v in parse_qs(_qs).items()]) + return {k: v[0] for k, v in parse_qs(_qs).items()} else: return None def unpack_post(self): _dict = parse_qs(get_post(self.environ).decode("utf8")) logger.debug("unpack_post:: %s", _dict) - return dict([(k, v[0]) for k, v in _dict.items()]) + return {k: v[0] for k, v in _dict.items()} def unpack_soap(self): try: @@ -265,13 +267,9 @@ def operation(self, _dict, binding): except KeyError: _relay_state = "" if "SAMLResponse" in _dict: - return self.do( - _dict["SAMLResponse"], binding, _relay_state, mtype="response" - ) + return self.do(_dict["SAMLResponse"], binding, _relay_state, mtype="response") elif "SAMLRequest" in _dict: - return self.do( - _dict["SAMLRequest"], binding, _relay_state, mtype="request" - ) + return self.do(_dict["SAMLRequest"], binding, _relay_state, mtype="request") def artifact_operation(self, _dict): if not _dict: @@ -293,13 +291,13 @@ def do(self, query, binding, relay_state="", mtype="response"): pass def redirect(self): - """ Expects a HTTP-redirect response """ + """Expects a HTTP-redirect response""" _dict = self.unpack_redirect() return self.operation(_dict, BINDING_HTTP_REDIRECT) def post(self): - """ Expects a HTTP-POST response """ + """Expects a HTTP-POST response""" _dict = self.unpack_post() return self.operation(_dict, BINDING_HTTP_POST) @@ -332,7 +330,7 @@ def not_authn(self): # ----------------------------------------------------------------------------- -class User(object): +class User: def __init__(self, name_id, data, saml_response): self.name_id = name_id self.data = data @@ -340,9 +338,7 @@ def __init__(self, name_id, data, saml_response): @property def authn_statement(self): - xml_doc = xml.dom.minidom.parseString( - str(self.response.assertion.authn_statement[0]) - ) + xml_doc = xml.dom.minidom.parseString(str(self.response.assertion.authn_statement[0])) return xml_doc.toprettyxml() @@ -383,20 +379,20 @@ def do(self, response, binding, relay_state="", mtype="response"): ) except UnknownPrincipal as excp: logger.error("UnknownPrincipal: %s", excp) - resp = ServiceError("UnknownPrincipal: %s" % (excp,)) + resp = ServiceError(f"UnknownPrincipal: {excp}") return resp(self.environ, self.start_response) except UnsupportedBinding as excp: logger.error("UnsupportedBinding: %s", excp) - resp = ServiceError("UnsupportedBinding: %s" % (excp,)) + resp = ServiceError(f"UnsupportedBinding: {excp}") return resp(self.environ, self.start_response) except VerificationError as err: - resp = ServiceError("Verification error: %s" % (err,)) + resp = ServiceError(f"Verification error: {err}") return resp(self.environ, self.start_response) except SignatureError as err: - resp = ServiceError("Signature error: %s" % (err,)) + resp = ServiceError(f"Signature error: {err}") return resp(self.environ, self.start_response) except Exception as err: - resp = ServiceError("Other error: %s" % (err,)) + resp = ServiceError(f"Other error: {err}") return resp(self.environ, self.start_response) logger.info("AVA: %s", self.response.ava) @@ -432,7 +428,7 @@ def verify_attributes(self, ava): # ----------------------------------------------------------------------------- -class SSO(object): +class SSO: def __init__( self, sp, @@ -482,7 +478,7 @@ def _wayf_redirect(self, came_from): sid_ = sid() self.cache.outstanding_queries[sid_] = came_from logger.debug("Redirect to WAYF function: %s", self.wayf) - return -1, SeeOther(headers=[("Location", "%s?%s" % (self.wayf, sid_))]) + return -1, SeeOther(headers=[("Location", f"{self.wayf}?{sid_}")]) def _pick_idp(self, came_from): """ @@ -538,7 +534,6 @@ def _pick_idp(self, came_from): idp_entity_id = _idp_entity_id except KeyError: logger.debug("No IdP entity ID in query: %s", query) - pass if not idp_entity_id: @@ -553,21 +548,15 @@ def _pick_idp(self, came_from): return self._wayf_redirect(came_from) elif self.discosrv: if query: - idp_entity_id = _cli.parse_discovery_service_response( - query=self.environ.get("QUERY_STRING") - ) + idp_entity_id = _cli.parse_discovery_service_response(query=self.environ.get("QUERY_STRING")) if not idp_entity_id: sid_ = sid() self.cache.outstanding_queries[sid_] = came_from logger.debug("Redirect to Discovery Service function") eid = _cli.config.entityid - ret = _cli.config.getattr("endpoints", "sp")["discovery_response"][ - 0 - ][0] - ret += "?sid=%s" % sid_ - loc = _cli.create_discovery_service_request( - self.discosrv, eid, **{"return": ret} - ) + ret = _cli.config.getattr("endpoints", "sp")["discovery_response"][0][0] + ret += f"?sid={sid_}" + loc = _cli.create_discovery_service_request(self.discosrv, eid, **{"return": ret}) return -1, SeeOther(loc) elif len(idps) == 1: # idps is a dictionary @@ -598,14 +587,8 @@ def redirect_to_auth(self, _cli, entity_id, came_from, sigalg=""): if _cli.config.generate_cert_func is not None: cert_str, req_key_str = _cli.config.generate_cert_func() cert = {"cert": cert_str, "key": req_key_str} - spcertenc = SPCertEnc( - x509_data=ds.X509Data( - x509_certificate=ds.X509Certificate(text=cert_str) - ) - ) - extensions = Extensions( - extension_elements=[element_to_extension_element(spcertenc)] - ) + spcertenc = SPCertEnc(x509_data=ds.X509Data(x509_certificate=ds.X509Certificate(text=cert_str))) + extensions = Extensions(extension_elements=[element_to_extension_element(spcertenc)]) req_id, req = _cli.create_authn_request( destination, @@ -615,9 +598,7 @@ def redirect_to_auth(self, _cli, entity_id, came_from, sigalg=""): ) _rstate = rndstr() self.cache.relay_state[_rstate] = came_from - ht_args = _cli.apply_binding( - _binding, "%s" % req, destination, relay_state=_rstate, sigalg=sigalg - ) + ht_args = _cli.apply_binding(_binding, f"{req}", destination, relay_state=_rstate, sigalg=sigalg) _sid = req_id if cert is not None: @@ -625,7 +606,7 @@ def redirect_to_auth(self, _cli, entity_id, came_from, sigalg=""): except Exception as exc: logger.exception(exc) - resp = ServiceError("Failed to construct the AuthnRequest: %s" % exc) + resp = ServiceError(f"Failed to construct the AuthnRequest: {exc}") return resp # remember the request @@ -703,11 +684,7 @@ def main(environ, start_response, sp): return sso.do() body = dict_to_table(user.data) - body.append( - "
{authn_stmt}
".format( - authn_stmt=_html_escape(user.authn_statement) - ) - ) + body.append(f"
{_html_escape(user.authn_statement)}
") body.append("
logout") resp = Response(body) @@ -796,17 +773,17 @@ def finish_logout(environ, start_response): def add_urls(): base = "acs" - urls.append(("%s/post$" % base, (ACS, "post", SP))) - urls.append(("%s/post/(.*)$" % base, (ACS, "post", SP))) - urls.append(("%s/redirect$" % base, (ACS, "redirect", SP))) - urls.append(("%s/redirect/(.*)$" % base, (ACS, "redirect", SP))) + urls.append((f"{base}/post$", (ACS, "post", SP))) + urls.append((f"{base}/post/(.*)$", (ACS, "post", SP))) + urls.append((f"{base}/redirect$", (ACS, "redirect", SP))) + urls.append((f"{base}/redirect/(.*)$", (ACS, "redirect", SP))) base = "slo" - urls.append(("%s/post$" % base, (SLO, "post", SP))) - urls.append(("%s/post/(.*)$" % base, (SLO, "post", SP))) - urls.append(("%s/redirect$" % base, (SLO, "redirect", SP))) - urls.append(("%s/redirect/(.*)$" % base, (SLO, "redirect", SP))) + urls.append((f"{base}/post$", (SLO, "post", SP))) + urls.append((f"{base}/post/(.*)$", (SLO, "post", SP))) + urls.append((f"{base}/redirect$", (SLO, "redirect", SP))) + urls.append((f"{base}/redirect/(.*)$", (SLO, "redirect", SP))) # ---------------------------------------------------------------------------- @@ -820,7 +797,7 @@ def metadata(environ, start_response): if path[-1] != "/": path += "/" metadata = create_metadata_string( - path + "sp_conf.py", + f"{path}sp_conf.py", None, _args.valid, _args.cert, @@ -870,18 +847,18 @@ def application(environ, start_response): return handle_static(environ, start_response, path) return not_found(environ, start_response) except StatusError as err: - logging.error("StatusError: %s" % err) - resp = BadRequest("%s" % err) + logging.error(f"StatusError: {err}") + resp = BadRequest(f"{err}") return resp(environ, start_response) except Exception as err: # _err = exception_trace("RUN", err) # logging.error(exception_trace("RUN", _err)) print(err, file=sys.stderr) - resp = ServiceError("%s" % err) + resp = ServiceError(f"{err}") return resp(environ, start_response) -class ToBytesMiddleware(object): +class ToBytesMiddleware: """Converts a message to bytes to be sent by WSGI server.""" def __init__(self, app): @@ -891,12 +868,7 @@ def __call__(self, environ, start_response): data = self.app(environ, start_response) if isinstance(data, list): - return ( - d - if isinstance(d, bytes) - else d.encode("utf-8") - for d in data - ) + return (d if isinstance(d, bytes) else d.encode("utf-8") for d in data) elif isinstance(data, str): return data.encode("utf-8") @@ -905,21 +877,17 @@ def __call__(self, environ, start_response): if __name__ == "__main__": try: - from cheroot.wsgi import Server as WSGIServer from cheroot.ssl import pyopenssl + from cheroot.wsgi import Server as WSGIServer except ImportError: from cherrypy.wsgiserver import CherryPyWSGIServer as WSGIServer from cherrypy.wsgiserver import ssl_pyopenssl as pyopenssl _parser = argparse.ArgumentParser() - _parser.add_argument( - "-d", dest="debug", action="store_true", help="Print debug information" - ) + _parser.add_argument("-d", dest="debug", action="store_true", help="Print debug information") _parser.add_argument("-D", dest="discosrv", help="Which disco server to use") _parser.add_argument("-s", dest="seed", help="Cookie seed") - _parser.add_argument( - "-W", dest="wayf", action="store_true", help="Which WAYF url to use" - ) + _parser.add_argument("-W", dest="wayf", action="store_true", help="Which WAYF url to use") _parser.add_argument("config", help="SAML client config") _parser.add_argument("-p", dest="path", help="Path to configuration file.") _parser.add_argument( @@ -929,16 +897,10 @@ def __call__(self, environ, start_response): help="How long, in days, the metadata is valid from " "the time of creation", ) _parser.add_argument("-c", dest="cert", help="certificate") - _parser.add_argument( - "-i", dest="id", help="The ID of the entities descriptor in the " "metadata" - ) - _parser.add_argument( - "-k", dest="keyfile", help="A file with a key to sign the metadata with" - ) + _parser.add_argument("-i", dest="id", help="The ID of the entities descriptor in the " "metadata") + _parser.add_argument("-k", dest="keyfile", help="A file with a key to sign the metadata with") _parser.add_argument("-n", dest="name") - _parser.add_argument( - "-S", dest="sign", action="store_true", help="sign the metadata" - ) + _parser.add_argument("-S", dest="sign", action="store_true", help="sign the metadata") _parser.add_argument("-C", dest="service_conf_module", help="service config module") ARGS = {} @@ -970,7 +932,7 @@ def __call__(self, environ, start_response): # your cert and all the way up to the top CERT_CHAIN = service_conf.CERT_CHAIN - SP = Saml2Client(config_file="%s" % CNFBASE) + SP = Saml2Client(config_file=f"{CNFBASE}") POLICY = service_conf.POLICY @@ -991,12 +953,10 @@ def __call__(self, environ, start_response): _https = "" if service_conf.HTTPS: - SRV.ssl_adapter = pyopenssl.pyOpenSSLAdapter( - SERVER_CERT, SERVER_KEY, CERT_CHAIN - ) + SRV.ssl_adapter = pyopenssl.pyOpenSSLAdapter(SERVER_CERT, SERVER_KEY, CERT_CHAIN) _https = " using SSL/TLS" logger.info("Server starting") - print("SP listening on %s:%s%s" % (HOST, PORT, _https)) + print(f"SP listening on {HOST}:{PORT}{_https}") try: SRV.start() except KeyboardInterrupt: diff --git a/poetry.lock b/poetry.lock new file mode 100644 index 000000000..fdae3665a --- /dev/null +++ b/poetry.lock @@ -0,0 +1,2076 @@ +# This file is automatically @generated by Poetry 2.2.1 and should not be changed by hand. + +[[package]] +name = "alabaster" +version = "0.7.16" +description = "A light, configurable Sphinx theme" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "alabaster-0.7.16-py3-none-any.whl", hash = "sha256:b46733c07dce03ae4e150330b975c75737fa60f0a7c591b6c8bf4928a28e2c92"}, + {file = "alabaster-0.7.16.tar.gz", hash = "sha256:75a8b99c28a5dad50dd7f8ccdd447a121ddb3892da9e53d1ca5cca3106d58d65"}, +] + +[[package]] +name = "asttokens" +version = "3.0.0" +description = "Annotate AST trees with source code positions" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "asttokens-3.0.0-py3-none-any.whl", hash = "sha256:e3078351a059199dd5138cb1c706e6430c05eff2ff136af5eb4790f9d28932e2"}, + {file = "asttokens-3.0.0.tar.gz", hash = "sha256:0dcd8baa8d62b0c1d118b399b2ddba3c4aff271d0d7a9e0d4c1681c79035bbc7"}, +] + +[package.extras] +astroid = ["astroid (>=2,<4)"] +test = ["astroid (>=2,<4)", "pytest", "pytest-cov", "pytest-xdist"] + +[[package]] +name = "attrs" +version = "25.1.0" +description = "Classes Without Boilerplate" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "attrs-25.1.0-py3-none-any.whl", hash = "sha256:c75a69e28a550a7e93789579c22aa26b0f5b83b75dc4e08fe092980051e1090a"}, + {file = "attrs-25.1.0.tar.gz", hash = "sha256:1c97078a80c814273a76b2a298a932eb681c87415c11dee0a6921de7f1b02c3e"}, +] + +[package.extras] +benchmark = ["cloudpickle ; platform_python_implementation == \"CPython\"", "hypothesis", "mypy (>=1.11.1) ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pympler", "pytest (>=4.3.0)", "pytest-codspeed", "pytest-mypy-plugins ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pytest-xdist[psutil]"] +cov = ["cloudpickle ; platform_python_implementation == \"CPython\"", "coverage[toml] (>=5.3)", "hypothesis", "mypy (>=1.11.1) ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pytest-xdist[psutil]"] +dev = ["cloudpickle ; platform_python_implementation == \"CPython\"", "hypothesis", "mypy (>=1.11.1) ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pre-commit-uv", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pytest-xdist[psutil]"] +docs = ["cogapp", "furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-towncrier", "towncrier (<24.7)"] +tests = ["cloudpickle ; platform_python_implementation == \"CPython\"", "hypothesis", "mypy (>=1.11.1) ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pytest-xdist[psutil]"] +tests-mypy = ["mypy (>=1.11.1) ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\"", "pytest-mypy-plugins ; platform_python_implementation == \"CPython\" and python_version >= \"3.10\""] + +[[package]] +name = "babel" +version = "2.17.0" +description = "Internationalization utilities" +optional = false +python-versions = ">=3.8" +groups = ["docs"] +files = [ + {file = "babel-2.17.0-py3-none-any.whl", hash = "sha256:4d0b53093fdfb4b21c92b5213dba5a1b23885afa8383709427046b21c366e5f2"}, + {file = "babel-2.17.0.tar.gz", hash = "sha256:0c54cffb19f690cdcc52a3b50bcbf71e07a808d1c80d549f2459b9d2cf0afb9d"}, +] + +[package.extras] +dev = ["backports.zoneinfo ; python_version < \"3.9\"", "freezegun (>=1.0,<2.0)", "jinja2 (>=3.0)", "pytest (>=6.0)", "pytest-cov", "pytz", "setuptools", "tzdata ; sys_platform == \"win32\""] + +[[package]] +name = "black" +version = "25.1.0" +description = "The uncompromising code formatter." +optional = false +python-versions = ">=3.9" +groups = ["dev"] +files = [ + {file = "black-25.1.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:759e7ec1e050a15f89b770cefbf91ebee8917aac5c20483bc2d80a6c3a04df32"}, + {file = "black-25.1.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:0e519ecf93120f34243e6b0054db49c00a35f84f195d5bce7e9f5cfc578fc2da"}, + {file = "black-25.1.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:055e59b198df7ac0b7efca5ad7ff2516bca343276c466be72eb04a3bcc1f82d7"}, + {file = "black-25.1.0-cp310-cp310-win_amd64.whl", hash = "sha256:db8ea9917d6f8fc62abd90d944920d95e73c83a5ee3383493e35d271aca872e9"}, + {file = "black-25.1.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:a39337598244de4bae26475f77dda852ea00a93bd4c728e09eacd827ec929df0"}, + {file = "black-25.1.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:96c1c7cd856bba8e20094e36e0f948718dc688dba4a9d78c3adde52b9e6c2299"}, + {file = "black-25.1.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:bce2e264d59c91e52d8000d507eb20a9aca4a778731a08cfff7e5ac4a4bb7096"}, + {file = "black-25.1.0-cp311-cp311-win_amd64.whl", hash = "sha256:172b1dbff09f86ce6f4eb8edf9dede08b1fce58ba194c87d7a4f1a5aa2f5b3c2"}, + {file = "black-25.1.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:4b60580e829091e6f9238c848ea6750efed72140b91b048770b64e74fe04908b"}, + {file = "black-25.1.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:1e2978f6df243b155ef5fa7e558a43037c3079093ed5d10fd84c43900f2d8ecc"}, + {file = "black-25.1.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:3b48735872ec535027d979e8dcb20bf4f70b5ac75a8ea99f127c106a7d7aba9f"}, + {file = "black-25.1.0-cp312-cp312-win_amd64.whl", hash = "sha256:ea0213189960bda9cf99be5b8c8ce66bb054af5e9e861249cd23471bd7b0b3ba"}, + {file = "black-25.1.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:8f0b18a02996a836cc9c9c78e5babec10930862827b1b724ddfe98ccf2f2fe4f"}, + {file = "black-25.1.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:afebb7098bfbc70037a053b91ae8437c3857482d3a690fefc03e9ff7aa9a5fd3"}, + {file = "black-25.1.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:030b9759066a4ee5e5aca28c3c77f9c64789cdd4de8ac1df642c40b708be6171"}, + {file = "black-25.1.0-cp313-cp313-win_amd64.whl", hash = "sha256:a22f402b410566e2d1c950708c77ebf5ebd5d0d88a6a2e87c86d9fb48afa0d18"}, + {file = "black-25.1.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:a1ee0a0c330f7b5130ce0caed9936a904793576ef4d2b98c40835d6a65afa6a0"}, + {file = "black-25.1.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:f3df5f1bf91d36002b0a75389ca8663510cf0531cca8aa5c1ef695b46d98655f"}, + {file = "black-25.1.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:d9e6827d563a2c820772b32ce8a42828dc6790f095f441beef18f96aa6f8294e"}, + {file = "black-25.1.0-cp39-cp39-win_amd64.whl", hash = "sha256:bacabb307dca5ebaf9c118d2d2f6903da0d62c9faa82bd21a33eecc319559355"}, + {file = "black-25.1.0-py3-none-any.whl", hash = "sha256:95e8176dae143ba9097f351d174fdaf0ccd29efb414b362ae3fd72bf0f710717"}, + {file = "black-25.1.0.tar.gz", hash = "sha256:33496d5cd1222ad73391352b4ae8da15253c5de89b93a80b3e2c8d9a19ec2666"}, +] + +[package.dependencies] +click = ">=8.0.0" +mypy-extensions = ">=0.4.3" +packaging = ">=22.0" +pathspec = ">=0.9.0" +platformdirs = ">=2" +tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""} +typing-extensions = {version = ">=4.0.1", markers = "python_version < \"3.11\""} + +[package.extras] +colorama = ["colorama (>=0.4.3)"] +d = ["aiohttp (>=3.10)"] +jupyter = ["ipython (>=7.8.0)", "tokenize-rt (>=3.2.0)"] +uvloop = ["uvloop (>=0.15.2)"] + +[[package]] +name = "certifi" +version = "2025.1.31" +description = "Python package for providing Mozilla's CA Bundle." +optional = false +python-versions = ">=3.6" +groups = ["main", "docs", "test"] +files = [ + {file = "certifi-2025.1.31-py3-none-any.whl", hash = "sha256:ca78db4565a652026a4db2bcdf68f2fb589ea80d0be70e03929ed730746b84fe"}, + {file = "certifi-2025.1.31.tar.gz", hash = "sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651"}, +] + +[[package]] +name = "cffi" +version = "2.0.0" +description = "Foreign Function Interface for Python calling C code." +optional = false +python-versions = ">=3.9" +groups = ["main", "dev"] +markers = "platform_python_implementation != \"PyPy\"" +files = [ + {file = "cffi-2.0.0-cp310-cp310-macosx_10_13_x86_64.whl", hash = "sha256:0cf2d91ecc3fcc0625c2c530fe004f82c110405f101548512cce44322fa8ac44"}, + {file = "cffi-2.0.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:f73b96c41e3b2adedc34a7356e64c8eb96e03a3782b535e043a986276ce12a49"}, + {file = "cffi-2.0.0-cp310-cp310-manylinux1_i686.manylinux2014_i686.manylinux_2_17_i686.manylinux_2_5_i686.whl", hash = "sha256:53f77cbe57044e88bbd5ed26ac1d0514d2acf0591dd6bb02a3ae37f76811b80c"}, + {file = "cffi-2.0.0-cp310-cp310-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:3e837e369566884707ddaf85fc1744b47575005c0a229de3327f8f9a20f4efeb"}, + {file = "cffi-2.0.0-cp310-cp310-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:5eda85d6d1879e692d546a078b44251cdd08dd1cfb98dfb77b670c97cee49ea0"}, + {file = "cffi-2.0.0-cp310-cp310-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:9332088d75dc3241c702d852d4671613136d90fa6881da7d770a483fd05248b4"}, + {file = "cffi-2.0.0-cp310-cp310-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:fc7de24befaeae77ba923797c7c87834c73648a05a4bde34b3b7e5588973a453"}, + {file = "cffi-2.0.0-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:cf364028c016c03078a23b503f02058f1814320a56ad535686f90565636a9495"}, + {file = "cffi-2.0.0-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:e11e82b744887154b182fd3e7e8512418446501191994dbf9c9fc1f32cc8efd5"}, + {file = "cffi-2.0.0-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:8ea985900c5c95ce9db1745f7933eeef5d314f0565b27625d9a10ec9881e1bfb"}, + {file = "cffi-2.0.0-cp310-cp310-win32.whl", hash = "sha256:1f72fb8906754ac8a2cc3f9f5aaa298070652a0ffae577e0ea9bd480dc3c931a"}, + {file = "cffi-2.0.0-cp310-cp310-win_amd64.whl", hash = "sha256:b18a3ed7d5b3bd8d9ef7a8cb226502c6bf8308df1525e1cc676c3680e7176739"}, + {file = "cffi-2.0.0-cp311-cp311-macosx_10_13_x86_64.whl", hash = "sha256:b4c854ef3adc177950a8dfc81a86f5115d2abd545751a304c5bcf2c2c7283cfe"}, + {file = "cffi-2.0.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:2de9a304e27f7596cd03d16f1b7c72219bd944e99cc52b84d0145aefb07cbd3c"}, + {file = "cffi-2.0.0-cp311-cp311-manylinux1_i686.manylinux2014_i686.manylinux_2_17_i686.manylinux_2_5_i686.whl", hash = "sha256:baf5215e0ab74c16e2dd324e8ec067ef59e41125d3eade2b863d294fd5035c92"}, + {file = "cffi-2.0.0-cp311-cp311-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:730cacb21e1bdff3ce90babf007d0a0917cc3e6492f336c2f0134101e0944f93"}, + {file = "cffi-2.0.0-cp311-cp311-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:6824f87845e3396029f3820c206e459ccc91760e8fa24422f8b0c3d1731cbec5"}, + {file = "cffi-2.0.0-cp311-cp311-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:9de40a7b0323d889cf8d23d1ef214f565ab154443c42737dfe52ff82cf857664"}, + {file = "cffi-2.0.0-cp311-cp311-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:8941aaadaf67246224cee8c3803777eed332a19d909b47e29c9842ef1e79ac26"}, + {file = "cffi-2.0.0-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:a05d0c237b3349096d3981b727493e22147f934b20f6f125a3eba8f994bec4a9"}, + {file = "cffi-2.0.0-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:94698a9c5f91f9d138526b48fe26a199609544591f859c870d477351dc7b2414"}, + {file = "cffi-2.0.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:5fed36fccc0612a53f1d4d9a816b50a36702c28a2aa880cb8a122b3466638743"}, + {file = "cffi-2.0.0-cp311-cp311-win32.whl", hash = "sha256:c649e3a33450ec82378822b3dad03cc228b8f5963c0c12fc3b1e0ab940f768a5"}, + {file = "cffi-2.0.0-cp311-cp311-win_amd64.whl", hash = "sha256:66f011380d0e49ed280c789fbd08ff0d40968ee7b665575489afa95c98196ab5"}, + {file = "cffi-2.0.0-cp311-cp311-win_arm64.whl", hash = "sha256:c6638687455baf640e37344fe26d37c404db8b80d037c3d29f58fe8d1c3b194d"}, + {file = "cffi-2.0.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:6d02d6655b0e54f54c4ef0b94eb6be0607b70853c45ce98bd278dc7de718be5d"}, + {file = "cffi-2.0.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8eca2a813c1cb7ad4fb74d368c2ffbbb4789d377ee5bb8df98373c2cc0dee76c"}, + {file = "cffi-2.0.0-cp312-cp312-manylinux1_i686.manylinux2014_i686.manylinux_2_17_i686.manylinux_2_5_i686.whl", hash = "sha256:21d1152871b019407d8ac3985f6775c079416c282e431a4da6afe7aefd2bccbe"}, + {file = "cffi-2.0.0-cp312-cp312-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:b21e08af67b8a103c71a250401c78d5e0893beff75e28c53c98f4de42f774062"}, + {file = "cffi-2.0.0-cp312-cp312-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:1e3a615586f05fc4065a8b22b8152f0c1b00cdbc60596d187c2a74f9e3036e4e"}, + {file = "cffi-2.0.0-cp312-cp312-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:81afed14892743bbe14dacb9e36d9e0e504cd204e0b165062c488942b9718037"}, + {file = "cffi-2.0.0-cp312-cp312-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:3e17ed538242334bf70832644a32a7aae3d83b57567f9fd60a26257e992b79ba"}, + {file = "cffi-2.0.0-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:3925dd22fa2b7699ed2617149842d2e6adde22b262fcbfada50e3d195e4b3a94"}, + {file = "cffi-2.0.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:2c8f814d84194c9ea681642fd164267891702542f028a15fc97d4674b6206187"}, + {file = "cffi-2.0.0-cp312-cp312-win32.whl", hash = "sha256:da902562c3e9c550df360bfa53c035b2f241fed6d9aef119048073680ace4a18"}, + {file = "cffi-2.0.0-cp312-cp312-win_amd64.whl", hash = "sha256:da68248800ad6320861f129cd9c1bf96ca849a2771a59e0344e88681905916f5"}, + {file = "cffi-2.0.0-cp312-cp312-win_arm64.whl", hash = "sha256:4671d9dd5ec934cb9a73e7ee9676f9362aba54f7f34910956b84d727b0d73fb6"}, + {file = "cffi-2.0.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:00bdf7acc5f795150faa6957054fbbca2439db2f775ce831222b66f192f03beb"}, + {file = "cffi-2.0.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:45d5e886156860dc35862657e1494b9bae8dfa63bf56796f2fb56e1679fc0bca"}, + {file = "cffi-2.0.0-cp313-cp313-manylinux1_i686.manylinux2014_i686.manylinux_2_17_i686.manylinux_2_5_i686.whl", hash = "sha256:07b271772c100085dd28b74fa0cd81c8fb1a3ba18b21e03d7c27f3436a10606b"}, + {file = "cffi-2.0.0-cp313-cp313-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:d48a880098c96020b02d5a1f7d9251308510ce8858940e6fa99ece33f610838b"}, + {file = "cffi-2.0.0-cp313-cp313-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:f93fd8e5c8c0a4aa1f424d6173f14a892044054871c771f8566e4008eaa359d2"}, + {file = "cffi-2.0.0-cp313-cp313-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:dd4f05f54a52fb558f1ba9f528228066954fee3ebe629fc1660d874d040ae5a3"}, + {file = "cffi-2.0.0-cp313-cp313-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:c8d3b5532fc71b7a77c09192b4a5a200ea992702734a2e9279a37f2478236f26"}, + {file = "cffi-2.0.0-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:d9b29c1f0ae438d5ee9acb31cadee00a58c46cc9c0b2f9038c6b0b3470877a8c"}, + {file = "cffi-2.0.0-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:6d50360be4546678fc1b79ffe7a66265e28667840010348dd69a314145807a1b"}, + {file = "cffi-2.0.0-cp313-cp313-win32.whl", hash = "sha256:74a03b9698e198d47562765773b4a8309919089150a0bb17d829ad7b44b60d27"}, + {file = "cffi-2.0.0-cp313-cp313-win_amd64.whl", hash = "sha256:19f705ada2530c1167abacb171925dd886168931e0a7b78f5bffcae5c6b5be75"}, + {file = "cffi-2.0.0-cp313-cp313-win_arm64.whl", hash = "sha256:256f80b80ca3853f90c21b23ee78cd008713787b1b1e93eae9f3d6a7134abd91"}, + {file = "cffi-2.0.0-cp314-cp314-macosx_10_13_x86_64.whl", hash = "sha256:fc33c5141b55ed366cfaad382df24fe7dcbc686de5be719b207bb248e3053dc5"}, + {file = "cffi-2.0.0-cp314-cp314-macosx_11_0_arm64.whl", hash = "sha256:c654de545946e0db659b3400168c9ad31b5d29593291482c43e3564effbcee13"}, + {file = "cffi-2.0.0-cp314-cp314-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:24b6f81f1983e6df8db3adc38562c83f7d4a0c36162885ec7f7b77c7dcbec97b"}, + {file = "cffi-2.0.0-cp314-cp314-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:12873ca6cb9b0f0d3a0da705d6086fe911591737a59f28b7936bdfed27c0d47c"}, + {file = "cffi-2.0.0-cp314-cp314-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:d9b97165e8aed9272a6bb17c01e3cc5871a594a446ebedc996e2397a1c1ea8ef"}, + {file = "cffi-2.0.0-cp314-cp314-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:afb8db5439b81cf9c9d0c80404b60c3cc9c3add93e114dcae767f1477cb53775"}, + {file = "cffi-2.0.0-cp314-cp314-musllinux_1_2_aarch64.whl", hash = "sha256:737fe7d37e1a1bffe70bd5754ea763a62a066dc5913ca57e957824b72a85e205"}, + {file = "cffi-2.0.0-cp314-cp314-musllinux_1_2_x86_64.whl", hash = "sha256:38100abb9d1b1435bc4cc340bb4489635dc2f0da7456590877030c9b3d40b0c1"}, + {file = "cffi-2.0.0-cp314-cp314-win32.whl", hash = "sha256:087067fa8953339c723661eda6b54bc98c5625757ea62e95eb4898ad5e776e9f"}, + {file = "cffi-2.0.0-cp314-cp314-win_amd64.whl", hash = "sha256:203a48d1fb583fc7d78a4c6655692963b860a417c0528492a6bc21f1aaefab25"}, + {file = "cffi-2.0.0-cp314-cp314-win_arm64.whl", hash = "sha256:dbd5c7a25a7cb98f5ca55d258b103a2054f859a46ae11aaf23134f9cc0d356ad"}, + {file = "cffi-2.0.0-cp314-cp314t-macosx_10_13_x86_64.whl", hash = "sha256:9a67fc9e8eb39039280526379fb3a70023d77caec1852002b4da7e8b270c4dd9"}, + {file = "cffi-2.0.0-cp314-cp314t-macosx_11_0_arm64.whl", hash = "sha256:7a66c7204d8869299919db4d5069a82f1561581af12b11b3c9f48c584eb8743d"}, + {file = "cffi-2.0.0-cp314-cp314t-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:7cc09976e8b56f8cebd752f7113ad07752461f48a58cbba644139015ac24954c"}, + {file = "cffi-2.0.0-cp314-cp314t-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:92b68146a71df78564e4ef48af17551a5ddd142e5190cdf2c5624d0c3ff5b2e8"}, + {file = "cffi-2.0.0-cp314-cp314t-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:b1e74d11748e7e98e2f426ab176d4ed720a64412b6a15054378afdb71e0f37dc"}, + {file = "cffi-2.0.0-cp314-cp314t-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:28a3a209b96630bca57cce802da70c266eb08c6e97e5afd61a75611ee6c64592"}, + {file = "cffi-2.0.0-cp314-cp314t-musllinux_1_2_aarch64.whl", hash = "sha256:7553fb2090d71822f02c629afe6042c299edf91ba1bf94951165613553984512"}, + {file = "cffi-2.0.0-cp314-cp314t-musllinux_1_2_x86_64.whl", hash = "sha256:6c6c373cfc5c83a975506110d17457138c8c63016b563cc9ed6e056a82f13ce4"}, + {file = "cffi-2.0.0-cp314-cp314t-win32.whl", hash = "sha256:1fc9ea04857caf665289b7a75923f2c6ed559b8298a1b8c49e59f7dd95c8481e"}, + {file = "cffi-2.0.0-cp314-cp314t-win_amd64.whl", hash = "sha256:d68b6cef7827e8641e8ef16f4494edda8b36104d79773a334beaa1e3521430f6"}, + {file = "cffi-2.0.0-cp314-cp314t-win_arm64.whl", hash = "sha256:0a1527a803f0a659de1af2e1fd700213caba79377e27e4693648c2923da066f9"}, + {file = "cffi-2.0.0-cp39-cp39-macosx_10_13_x86_64.whl", hash = "sha256:fe562eb1a64e67dd297ccc4f5addea2501664954f2692b69a76449ec7913ecbf"}, + {file = "cffi-2.0.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:de8dad4425a6ca6e4e5e297b27b5c824ecc7581910bf9aee86cb6835e6812aa7"}, + {file = "cffi-2.0.0-cp39-cp39-manylinux1_i686.manylinux2014_i686.manylinux_2_17_i686.manylinux_2_5_i686.whl", hash = "sha256:4647afc2f90d1ddd33441e5b0e85b16b12ddec4fca55f0d9671fef036ecca27c"}, + {file = "cffi-2.0.0-cp39-cp39-manylinux2014_aarch64.manylinux_2_17_aarch64.whl", hash = "sha256:3f4d46d8b35698056ec29bca21546e1551a205058ae1a181d871e278b0b28165"}, + {file = "cffi-2.0.0-cp39-cp39-manylinux2014_ppc64le.manylinux_2_17_ppc64le.whl", hash = "sha256:e6e73b9e02893c764e7e8d5bb5ce277f1a009cd5243f8228f75f842bf937c534"}, + {file = "cffi-2.0.0-cp39-cp39-manylinux2014_s390x.manylinux_2_17_s390x.whl", hash = "sha256:cb527a79772e5ef98fb1d700678fe031e353e765d1ca2d409c92263c6d43e09f"}, + {file = "cffi-2.0.0-cp39-cp39-manylinux2014_x86_64.manylinux_2_17_x86_64.whl", hash = "sha256:61d028e90346df14fedc3d1e5441df818d095f3b87d286825dfcbd6459b7ef63"}, + {file = "cffi-2.0.0-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:0f6084a0ea23d05d20c3edcda20c3d006f9b6f3fefeac38f59262e10cef47ee2"}, + {file = "cffi-2.0.0-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:1cd13c99ce269b3ed80b417dcd591415d3372bcac067009b6e0f59c7d4015e65"}, + {file = "cffi-2.0.0-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:89472c9762729b5ae1ad974b777416bfda4ac5642423fa93bd57a09204712322"}, + {file = "cffi-2.0.0-cp39-cp39-win32.whl", hash = "sha256:2081580ebb843f759b9f617314a24ed5738c51d2aee65d31e02f6f7a2b97707a"}, + {file = "cffi-2.0.0-cp39-cp39-win_amd64.whl", hash = "sha256:b882b3df248017dba09d6b16defe9b5c407fe32fc7c65a9c69798e6175601be9"}, + {file = "cffi-2.0.0.tar.gz", hash = "sha256:44d1b5909021139fe36001ae048dbdde8214afa20200eda0f64c068cac5d5529"}, +] + +[package.dependencies] +pycparser = {version = "*", markers = "implementation_name != \"PyPy\""} + +[[package]] +name = "charset-normalizer" +version = "3.4.1" +description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." +optional = false +python-versions = ">=3.7" +groups = ["main", "docs", "test"] +files = [ + {file = "charset_normalizer-3.4.1-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:91b36a978b5ae0ee86c394f5a54d6ef44db1de0815eb43de826d41d21e4af3de"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7461baadb4dc00fd9e0acbe254e3d7d2112e7f92ced2adc96e54ef6501c5f176"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:e218488cd232553829be0664c2292d3af2eeeb94b32bea483cf79ac6a694e037"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:80ed5e856eb7f30115aaf94e4a08114ccc8813e6ed1b5efa74f9f82e8509858f"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b010a7a4fd316c3c484d482922d13044979e78d1861f0e0650423144c616a46a"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4532bff1b8421fd0a320463030c7520f56a79c9024a4e88f01c537316019005a"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:d973f03c0cb71c5ed99037b870f2be986c3c05e63622c017ea9816881d2dd247"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:3a3bd0dcd373514dcec91c411ddb9632c0d7d92aed7093b8c3bbb6d69ca74408"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_ppc64le.whl", hash = "sha256:d9c3cdf5390dcd29aa8056d13e8e99526cda0305acc038b96b30352aff5ff2bb"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_s390x.whl", hash = "sha256:2bdfe3ac2e1bbe5b59a1a63721eb3b95fc9b6817ae4a46debbb4e11f6232428d"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:eab677309cdb30d047996b36d34caeda1dc91149e4fdca0b1a039b3f79d9a807"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-win32.whl", hash = "sha256:c0429126cf75e16c4f0ad00ee0eae4242dc652290f940152ca8c75c3a4b6ee8f"}, + {file = "charset_normalizer-3.4.1-cp310-cp310-win_amd64.whl", hash = "sha256:9f0b8b1c6d84c8034a44893aba5e767bf9c7a211e313a9605d9c617d7083829f"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:8bfa33f4f2672964266e940dd22a195989ba31669bd84629f05fab3ef4e2d125"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:28bf57629c75e810b6ae989f03c0828d64d6b26a5e205535585f96093e405ed1"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:f08ff5e948271dc7e18a35641d2f11a4cd8dfd5634f55228b691e62b37125eb3"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:234ac59ea147c59ee4da87a0c0f098e9c8d169f4dc2a159ef720f1a61bbe27cd"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fd4ec41f914fa74ad1b8304bbc634b3de73d2a0889bd32076342a573e0779e00"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:eea6ee1db730b3483adf394ea72f808b6e18cf3cb6454b4d86e04fa8c4327a12"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:c96836c97b1238e9c9e3fe90844c947d5afbf4f4c92762679acfe19927d81d77"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:4d86f7aff21ee58f26dcf5ae81a9addbd914115cdebcbb2217e4f0ed8982e146"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_ppc64le.whl", hash = "sha256:09b5e6733cbd160dcc09589227187e242a30a49ca5cefa5a7edd3f9d19ed53fd"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_s390x.whl", hash = "sha256:5777ee0881f9499ed0f71cc82cf873d9a0ca8af166dfa0af8ec4e675b7df48e6"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:237bdbe6159cff53b4f24f397d43c6336c6b0b42affbe857970cefbb620911c8"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-win32.whl", hash = "sha256:8417cb1f36cc0bc7eaba8ccb0e04d55f0ee52df06df3ad55259b9a323555fc8b"}, + {file = "charset_normalizer-3.4.1-cp311-cp311-win_amd64.whl", hash = "sha256:d7f50a1f8c450f3925cb367d011448c39239bb3eb4117c36a6d354794de4ce76"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:73d94b58ec7fecbc7366247d3b0b10a21681004153238750bb67bd9012414545"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:dad3e487649f498dd991eeb901125411559b22e8d7ab25d3aeb1af367df5efd7"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c30197aa96e8eed02200a83fba2657b4c3acd0f0aa4bdc9f6c1af8e8962e0757"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2369eea1ee4a7610a860d88f268eb39b95cb588acd7235e02fd5a5601773d4fa"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bc2722592d8998c870fa4e290c2eec2c1569b87fe58618e67d38b4665dfa680d"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:ffc9202a29ab3920fa812879e95a9e78b2465fd10be7fcbd042899695d75e616"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:804a4d582ba6e5b747c625bf1255e6b1507465494a40a2130978bda7b932c90b"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:0f55e69f030f7163dffe9fd0752b32f070566451afe180f99dbeeb81f511ad8d"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_ppc64le.whl", hash = "sha256:c4c3e6da02df6fa1410a7680bd3f63d4f710232d3139089536310d027950696a"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_s390x.whl", hash = "sha256:5df196eb874dae23dcfb968c83d4f8fdccb333330fe1fc278ac5ceeb101003a9"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:e358e64305fe12299a08e08978f51fc21fac060dcfcddd95453eabe5b93ed0e1"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-win32.whl", hash = "sha256:9b23ca7ef998bc739bf6ffc077c2116917eabcc901f88da1b9856b210ef63f35"}, + {file = "charset_normalizer-3.4.1-cp312-cp312-win_amd64.whl", hash = "sha256:6ff8a4a60c227ad87030d76e99cd1698345d4491638dfa6673027c48b3cd395f"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:aabfa34badd18f1da5ec1bc2715cadc8dca465868a4e73a0173466b688f29dda"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:22e14b5d70560b8dd51ec22863f370d1e595ac3d024cb8ad7d308b4cd95f8313"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:8436c508b408b82d87dc5f62496973a1805cd46727c34440b0d29d8a2f50a6c9"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:2d074908e1aecee37a7635990b2c6d504cd4766c7bc9fc86d63f9c09af3fa11b"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:955f8851919303c92343d2f66165294848d57e9bba6cf6e3625485a70a038d11"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:44ecbf16649486d4aebafeaa7ec4c9fed8b88101f4dd612dcaf65d5e815f837f"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:0924e81d3d5e70f8126529951dac65c1010cdf117bb75eb02dd12339b57749dd"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:2967f74ad52c3b98de4c3b32e1a44e32975e008a9cd2a8cc8966d6a5218c5cb2"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_ppc64le.whl", hash = "sha256:c75cb2a3e389853835e84a2d8fb2b81a10645b503eca9bcb98df6b5a43eb8886"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_s390x.whl", hash = "sha256:09b26ae6b1abf0d27570633b2b078a2a20419c99d66fb2823173d73f188ce601"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:fa88b843d6e211393a37219e6a1c1df99d35e8fd90446f1118f4216e307e48cd"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-win32.whl", hash = "sha256:eb8178fe3dba6450a3e024e95ac49ed3400e506fd4e9e5c32d30adda88cbd407"}, + {file = "charset_normalizer-3.4.1-cp313-cp313-win_amd64.whl", hash = "sha256:b1ac5992a838106edb89654e0aebfc24f5848ae2547d22c2c3f66454daa11971"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f30bf9fd9be89ecb2360c7d94a711f00c09b976258846efe40db3d05828e8089"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:97f68b8d6831127e4787ad15e6757232e14e12060bec17091b85eb1486b91d8d"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7974a0b5ecd505609e3b19742b60cee7aa2aa2fb3151bc917e6e2646d7667dcf"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fc54db6c8593ef7d4b2a331b58653356cf04f67c960f584edb7c3d8c97e8f39e"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:311f30128d7d333eebd7896965bfcfbd0065f1716ec92bd5638d7748eb6f936a"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_aarch64.whl", hash = "sha256:7d053096f67cd1241601111b698f5cad775f97ab25d81567d3f59219b5f1adbd"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_i686.whl", hash = "sha256:807f52c1f798eef6cf26beb819eeb8819b1622ddfeef9d0977a8502d4db6d534"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_ppc64le.whl", hash = "sha256:dccbe65bd2f7f7ec22c4ff99ed56faa1e9f785482b9bbd7c717e26fd723a1d1e"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_s390x.whl", hash = "sha256:2fb9bd477fdea8684f78791a6de97a953c51831ee2981f8e4f583ff3b9d9687e"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-musllinux_1_2_x86_64.whl", hash = "sha256:01732659ba9b5b873fc117534143e4feefecf3b2078b0a6a2e925271bb6f4cfa"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-win32.whl", hash = "sha256:7a4f97a081603d2050bfaffdefa5b02a9ec823f8348a572e39032caa8404a487"}, + {file = "charset_normalizer-3.4.1-cp37-cp37m-win_amd64.whl", hash = "sha256:7b1bef6280950ee6c177b326508f86cad7ad4dff12454483b51d8b7d673a2c5d"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-macosx_10_9_universal2.whl", hash = "sha256:ecddf25bee22fe4fe3737a399d0d177d72bc22be6913acfab364b40bce1ba83c"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8c60ca7339acd497a55b0ea5d506b2a2612afb2826560416f6894e8b5770d4a9"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b7b2d86dd06bfc2ade3312a83a5c364c7ec2e3498f8734282c6c3d4b07b346b8"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:dd78cfcda14a1ef52584dbb008f7ac81c1328c0f58184bf9a84c49c605002da6"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6e27f48bcd0957c6d4cb9d6fa6b61d192d0b13d5ef563e5f2ae35feafc0d179c"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:01ad647cdd609225c5350561d084b42ddf732f4eeefe6e678765636791e78b9a"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:619a609aa74ae43d90ed2e89bdd784765de0a25ca761b93e196d938b8fd1dbbd"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:89149166622f4db9b4b6a449256291dc87a99ee53151c74cbd82a53c8c2f6ccd"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_ppc64le.whl", hash = "sha256:7709f51f5f7c853f0fb938bcd3bc59cdfdc5203635ffd18bf354f6967ea0f824"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_s390x.whl", hash = "sha256:345b0426edd4e18138d6528aed636de7a9ed169b4aaf9d61a8c19e39d26838ca"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:0907f11d019260cdc3f94fbdb23ff9125f6b5d1039b76003b5b0ac9d6a6c9d5b"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-win32.whl", hash = "sha256:ea0d8d539afa5eb2728aa1932a988a9a7af94f18582ffae4bc10b3fbdad0626e"}, + {file = "charset_normalizer-3.4.1-cp38-cp38-win_amd64.whl", hash = "sha256:329ce159e82018d646c7ac45b01a430369d526569ec08516081727a20e9e4af4"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:b97e690a2118911e39b4042088092771b4ae3fc3aa86518f84b8cf6888dbdb41"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:78baa6d91634dfb69ec52a463534bc0df05dbd546209b79a3880a34487f4b84f"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:1a2bc9f351a75ef49d664206d51f8e5ede9da246602dc2d2726837620ea034b2"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:75832c08354f595c760a804588b9357d34ec00ba1c940c15e31e96d902093770"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0af291f4fe114be0280cdd29d533696a77b5b49cfde5467176ecab32353395c4"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0167ddc8ab6508fe81860a57dd472b2ef4060e8d378f0cc555707126830f2537"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:2a75d49014d118e4198bcee5ee0a6f25856b29b12dbf7cd012791f8a6cc5c496"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:363e2f92b0f0174b2f8238240a1a30142e3db7b957a5dd5689b0e75fb717cc78"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_ppc64le.whl", hash = "sha256:ab36c8eb7e454e34e60eb55ca5d241a5d18b2c6244f6827a30e451c42410b5f7"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_s390x.whl", hash = "sha256:4c0907b1928a36d5a998d72d64d8eaa7244989f7aaaf947500d3a800c83a3fd6"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:04432ad9479fa40ec0f387795ddad4437a2b50417c69fa275e212933519ff294"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-win32.whl", hash = "sha256:3bed14e9c89dcb10e8f3a29f9ccac4955aebe93c71ae803af79265c9ca5644c5"}, + {file = "charset_normalizer-3.4.1-cp39-cp39-win_amd64.whl", hash = "sha256:49402233c892a461407c512a19435d1ce275543138294f7ef013f0b63d5d3765"}, + {file = "charset_normalizer-3.4.1-py3-none-any.whl", hash = "sha256:d98b1668f06378c6dbefec3b92299716b931cd4e6061f3c875a71ced1780ab85"}, + {file = "charset_normalizer-3.4.1.tar.gz", hash = "sha256:44251f18cd68a75b56585dd00dae26183e102cd5e0f9f1466e6df5da2ed64ea3"}, +] + +[[package]] +name = "click" +version = "8.1.8" +description = "Composable command line interface toolkit" +optional = false +python-versions = ">=3.7" +groups = ["dev"] +files = [ + {file = "click-8.1.8-py3-none-any.whl", hash = "sha256:63c132bbbed01578a06712a2d1f497bb62d9c1c0d329b7903a866228027263b2"}, + {file = "click-8.1.8.tar.gz", hash = "sha256:ed53c9d8990d83c2a27deae68e4ee337473f6330c040a31d4225c9574d16096a"}, +] + +[package.dependencies] +colorama = {version = "*", markers = "platform_system == \"Windows\""} + +[[package]] +name = "colorama" +version = "0.4.6" +description = "Cross-platform colored terminal text." +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7" +groups = ["coverage", "dev", "docs", "test"] +files = [ + {file = "colorama-0.4.6-py2.py3-none-any.whl", hash = "sha256:4f1d9991f5acc0ca119f9d443620b77f9d6b33703e51011c16baf57afb285fc6"}, + {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, +] +markers = {coverage = "sys_platform == \"win32\"", dev = "sys_platform == \"win32\" or platform_system == \"Windows\"", docs = "sys_platform == \"win32\"", test = "sys_platform == \"win32\""} + +[[package]] +name = "coverage" +version = "7.6.11" +description = "Code coverage measurement for Python" +optional = false +python-versions = ">=3.9" +groups = ["coverage"] +files = [ + {file = "coverage-7.6.11-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:eafea49da254a8289bed3fab960f808b322eda5577cb17a3733014928bbfbebd"}, + {file = "coverage-7.6.11-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:5a3f7cbbcb4ad95067a6525f83a6fc78d9cbc1e70f8abaeeaeaa72ef34f48fc3"}, + {file = "coverage-7.6.11-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:de6b079b39246a7da9a40cfa62d5766bd52b4b7a88cf5a82ec4c45bf6e152306"}, + {file = "coverage-7.6.11-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:60d4ad09dfc8c36c4910685faafcb8044c84e4dae302e86c585b3e2e7778726c"}, + {file = "coverage-7.6.11-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8e433b6e3a834a43dae2889adc125f3fa4c66668df420d8e49bc4ee817dd7a70"}, + {file = "coverage-7.6.11-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:ac5d92e2cc121a13270697e4cb37e1eb4511ac01d23fe1b6c097facc3b46489e"}, + {file = "coverage-7.6.11-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:5128f3ba694c0a1bde55fc480090392c336236c3e1a10dad40dc1ab17c7675ff"}, + {file = "coverage-7.6.11-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:397489c611b76302dfa1d9ea079e138dddc4af80fc6819d5f5119ec8ca6c0e47"}, + {file = "coverage-7.6.11-cp310-cp310-win32.whl", hash = "sha256:c7719a5e1dc93883a6b319bc0374ecd46fb6091ed659f3fbe281ab991634b9b0"}, + {file = "coverage-7.6.11-cp310-cp310-win_amd64.whl", hash = "sha256:c27df03730059118b8a923cfc8b84b7e9976742560af528242f201880879c1da"}, + {file = "coverage-7.6.11-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:532fe139691af134aa8b54ed60dd3c806aa81312d93693bd2883c7b61592c840"}, + {file = "coverage-7.6.11-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:e0b0f272901a5172090c0802053fbc503cdc3fa2612720d2669a98a7384a7bec"}, + {file = "coverage-7.6.11-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:4bda710139ea646890d1c000feb533caff86904a0e0638f85e967c28cb8eec50"}, + {file = "coverage-7.6.11-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a165b09e7d5f685bf659063334a9a7b1a2d57b531753d3e04bd442b3cfe5845b"}, + {file = "coverage-7.6.11-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:ff136607689c1c87f43d24203b6d2055b42030f352d5176f9c8b204d4235ef27"}, + {file = "coverage-7.6.11-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:050172741de03525290e67f0161ae5f7f387c88fca50d47fceb4724ceaa591d2"}, + {file = "coverage-7.6.11-cp311-cp311-win32.whl", hash = "sha256:27700d859be68e4fb2e7bf774cf49933dcac6f81a9bc4c13bd41735b8d26a53b"}, + {file = "coverage-7.6.11-cp311-cp311-win_amd64.whl", hash = "sha256:cd4839813b09ab1dd1be1bbc74f9a7787615f931f83952b6a9af1b2d3f708bf7"}, + {file = "coverage-7.6.11-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:dbb1a822fd858d9853333a7c95d4e70dde9a79e65893138ce32c2ec6457d7a36"}, + {file = "coverage-7.6.11-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:61c834cbb80946d6ebfddd9b393a4c46bec92fcc0fa069321fcb8049117f76ea"}, + {file = "coverage-7.6.11-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a46d56e99a31d858d6912d31ffa4ede6a325c86af13139539beefca10a1234ce"}, + {file = "coverage-7.6.11-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5b48db06f53d1864fea6dbd855e6d51d41c0f06c212c3004511c0bdc6847b297"}, + {file = "coverage-7.6.11-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:b6ff5be3b1853e0862da9d349fe87f869f68e63a25f7c37ce1130b321140f963"}, + {file = "coverage-7.6.11-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:be05bde21d5e6eefbc3a6de6b9bee2b47894b8945342e8663192809c4d1f08ce"}, + {file = "coverage-7.6.11-cp312-cp312-win32.whl", hash = "sha256:e3b746fa0ffc5b6b8856529de487da8b9aeb4fb394bb58de6502ef45f3434f12"}, + {file = "coverage-7.6.11-cp312-cp312-win_amd64.whl", hash = "sha256:ac476e6d0128fb7919b3fae726de72b28b5c9644cb4b579e4a523d693187c551"}, + {file = "coverage-7.6.11-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:c86f4c7a6d1a54a24d804d9684d96e36a62d3ef7c0d7745ae2ea39e3e0293251"}, + {file = "coverage-7.6.11-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:7eb0504bb307401fd08bc5163a351df301438b3beb88a4fa044681295bbefc67"}, + {file = "coverage-7.6.11-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ca95d40900cf614e07f00cee8c2fad0371df03ca4d7a80161d84be2ec132b7a4"}, + {file = "coverage-7.6.11-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:db4b1a69976b1b02acda15937538a1d3fe10b185f9d99920b17a740a0a102e06"}, + {file = "coverage-7.6.11-cp313-cp313-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4cf96beb05d004e4c51cd846fcdf9eee9eb2681518524b66b2e7610507944c2f"}, + {file = "coverage-7.6.11-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:08e5fb93576a6b054d3d326242af5ef93daaac9bb52bc25f12ccbc3fa94227cd"}, + {file = "coverage-7.6.11-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:25575cd5a7d2acc46b42711e8aff826027c0e4f80fb38028a74f31ac22aae69d"}, + {file = "coverage-7.6.11-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:8fa4fffd90ee92f62ff7404b4801b59e8ea8502e19c9bf2d3241ce745b52926c"}, + {file = "coverage-7.6.11-cp313-cp313-win32.whl", hash = "sha256:0d03c9452d9d1ccfe5d3a5df0427705022a49b356ac212d529762eaea5ef97b4"}, + {file = "coverage-7.6.11-cp313-cp313-win_amd64.whl", hash = "sha256:fd2fffc8ce8692ce540103dff26279d2af22d424516ddebe2d7e4d6dbb3816b2"}, + {file = "coverage-7.6.11-cp313-cp313t-macosx_10_13_x86_64.whl", hash = "sha256:5e7ac966ab110bd94ee844f2643f196d78fde1cd2450399116d3efdd706e19f5"}, + {file = "coverage-7.6.11-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:6ba27a0375c5ef4d2a7712f829265102decd5ff78b96d342ac2fa555742c4f4f"}, + {file = "coverage-7.6.11-cp313-cp313t-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e2778be4f574b39ec9dcd9e5e13644f770351ee0990a0ecd27e364aba95af89b"}, + {file = "coverage-7.6.11-cp313-cp313t-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:5edc16712187139ab635a2e644cc41fc239bc6d245b16124045743130455c652"}, + {file = "coverage-7.6.11-cp313-cp313t-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:df6ff122a0a10a30121d9f0cb3fbd03a6fe05861e4ec47adb9f25e9245aabc19"}, + {file = "coverage-7.6.11-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:ff562952f15eff27247a4c4b03e45ce8a82e3fb197de6a7c54080f9d4ba07845"}, + {file = "coverage-7.6.11-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:4f21e3617f48d683f30cf2a6c8b739c838e600cb1454fe6b2eb486ac2bce8fbd"}, + {file = "coverage-7.6.11-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:6d60577673ba48d8ae8e362e61fd4ad1a640293ffe8991d11c86f195479100b7"}, + {file = "coverage-7.6.11-cp313-cp313t-win32.whl", hash = "sha256:13100f98497086b359bf56fc035a762c674de8ef526daa389ac8932cb9bff1e0"}, + {file = "coverage-7.6.11-cp313-cp313t-win_amd64.whl", hash = "sha256:2c81e53782043b323bd34c7de711ed9b4673414eb517eaf35af92185b873839c"}, + {file = "coverage-7.6.11-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:ff52b4e2ac0080c96e506819586c4b16cdbf46724bda90d308a7330a73cc8521"}, + {file = "coverage-7.6.11-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:f4679fcc9eb9004fdd1b00231ef1ec7167168071bebc4d66327e28c1979b4449"}, + {file = "coverage-7.6.11-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:90de4e9ca4489e823138bd13098af9ac8028cc029f33f60098b5c08c675c7bda"}, + {file = "coverage-7.6.11-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6c96a142057d83ee993eaf71629ca3fb952cda8afa9a70af4132950c2bd3deb9"}, + {file = "coverage-7.6.11-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:476f29a258b9cd153f2be5bf5f119d670d2806363595263917bddc167d6e5cce"}, + {file = "coverage-7.6.11-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:09d03f48d9025b8a6a116cddcb6c7b8ce80e4fb4c31dd2e124a7c377036ad58e"}, + {file = "coverage-7.6.11-cp39-cp39-win32.whl", hash = "sha256:bb35ae9f134fbd9cf7302a9654d5a1e597c974202678082dcc569eb39a8cde03"}, + {file = "coverage-7.6.11-cp39-cp39-win_amd64.whl", hash = "sha256:f382004fa4c93c01016d9226b9d696a08c53f6818b7ad59b4e96cb67e863353a"}, + {file = "coverage-7.6.11-pp39.pp310-none-any.whl", hash = "sha256:adc2d941c0381edfcf3897f94b9f41b1e504902fab78a04b1677f2f72afead4b"}, + {file = "coverage-7.6.11-py3-none-any.whl", hash = "sha256:f0f334ae844675420164175bf32b04e18a81fe57ad8eb7e0cfd4689d681ffed7"}, + {file = "coverage-7.6.11.tar.gz", hash = "sha256:e642e6a46a04e992ebfdabed79e46f478ec60e2c528e1e1a074d63800eda4286"}, +] + +[package.dependencies] +tomli = {version = "*", optional = true, markers = "python_full_version <= \"3.11.0a6\" and extra == \"toml\""} + +[package.extras] +toml = ["tomli ; python_full_version <= \"3.11.0a6\""] + +[[package]] +name = "cryptography" +version = "43.0.3" +description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." +optional = false +python-versions = ">=3.7" +groups = ["main", "dev"] +files = [ + {file = "cryptography-43.0.3-cp37-abi3-macosx_10_9_universal2.whl", hash = "sha256:bf7a1932ac4176486eab36a19ed4c0492da5d97123f1406cf15e41b05e787d2e"}, + {file = "cryptography-43.0.3-cp37-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:63efa177ff54aec6e1c0aefaa1a241232dcd37413835a9b674b6e3f0ae2bfd3e"}, + {file = "cryptography-43.0.3-cp37-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7e1ce50266f4f70bf41a2c6dc4358afadae90e2a1e5342d3c08883df1675374f"}, + {file = "cryptography-43.0.3-cp37-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:443c4a81bb10daed9a8f334365fe52542771f25aedaf889fd323a853ce7377d6"}, + {file = "cryptography-43.0.3-cp37-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:74f57f24754fe349223792466a709f8e0c093205ff0dca557af51072ff47ab18"}, + {file = "cryptography-43.0.3-cp37-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:9762ea51a8fc2a88b70cf2995e5675b38d93bf36bd67d91721c309df184f49bd"}, + {file = "cryptography-43.0.3-cp37-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:81ef806b1fef6b06dcebad789f988d3b37ccaee225695cf3e07648eee0fc6b73"}, + {file = "cryptography-43.0.3-cp37-abi3-win32.whl", hash = "sha256:cbeb489927bd7af4aa98d4b261af9a5bc025bd87f0e3547e11584be9e9427be2"}, + {file = "cryptography-43.0.3-cp37-abi3-win_amd64.whl", hash = "sha256:f46304d6f0c6ab8e52770addfa2fc41e6629495548862279641972b6215451cd"}, + {file = "cryptography-43.0.3-cp39-abi3-macosx_10_9_universal2.whl", hash = "sha256:8ac43ae87929a5982f5948ceda07001ee5e83227fd69cf55b109144938d96984"}, + {file = "cryptography-43.0.3-cp39-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:846da004a5804145a5f441b8530b4bf35afbf7da70f82409f151695b127213d5"}, + {file = "cryptography-43.0.3-cp39-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0f996e7268af62598f2fc1204afa98a3b5712313a55c4c9d434aef49cadc91d4"}, + {file = "cryptography-43.0.3-cp39-abi3-manylinux_2_28_aarch64.whl", hash = "sha256:f7b178f11ed3664fd0e995a47ed2b5ff0a12d893e41dd0494f406d1cf555cab7"}, + {file = "cryptography-43.0.3-cp39-abi3-manylinux_2_28_x86_64.whl", hash = "sha256:c2e6fc39c4ab499049df3bdf567f768a723a5e8464816e8f009f121a5a9f4405"}, + {file = "cryptography-43.0.3-cp39-abi3-musllinux_1_2_aarch64.whl", hash = "sha256:e1be4655c7ef6e1bbe6b5d0403526601323420bcf414598955968c9ef3eb7d16"}, + {file = "cryptography-43.0.3-cp39-abi3-musllinux_1_2_x86_64.whl", hash = "sha256:df6b6c6d742395dd77a23ea3728ab62f98379eff8fb61be2744d4679ab678f73"}, + {file = "cryptography-43.0.3-cp39-abi3-win32.whl", hash = "sha256:d56e96520b1020449bbace2b78b603442e7e378a9b3bd68de65c782db1507995"}, + {file = "cryptography-43.0.3-cp39-abi3-win_amd64.whl", hash = "sha256:0c580952eef9bf68c4747774cde7ec1d85a6e61de97281f2dba83c7d2c806362"}, + {file = "cryptography-43.0.3-pp310-pypy310_pp73-macosx_10_9_x86_64.whl", hash = "sha256:d03b5621a135bffecad2c73e9f4deb1a0f977b9a8ffe6f8e002bf6c9d07b918c"}, + {file = "cryptography-43.0.3-pp310-pypy310_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:a2a431ee15799d6db9fe80c82b055bae5a752bef645bba795e8e52687c69efe3"}, + {file = "cryptography-43.0.3-pp310-pypy310_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:281c945d0e28c92ca5e5930664c1cefd85efe80e5c0d2bc58dd63383fda29f83"}, + {file = "cryptography-43.0.3-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:f18c716be16bc1fea8e95def49edf46b82fccaa88587a45f8dc0ff6ab5d8e0a7"}, + {file = "cryptography-43.0.3-pp39-pypy39_pp73-macosx_10_9_x86_64.whl", hash = "sha256:4a02ded6cd4f0a5562a8887df8b3bd14e822a90f97ac5e544c162899bc467664"}, + {file = "cryptography-43.0.3-pp39-pypy39_pp73-manylinux_2_28_aarch64.whl", hash = "sha256:53a583b6637ab4c4e3591a15bc9db855b8d9dee9a669b550f311480acab6eb08"}, + {file = "cryptography-43.0.3-pp39-pypy39_pp73-manylinux_2_28_x86_64.whl", hash = "sha256:1ec0bcf7e17c0c5669d881b1cd38c4972fade441b27bda1051665faaa89bdcaa"}, + {file = "cryptography-43.0.3-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:2ce6fae5bdad59577b44e4dfed356944fbf1d925269114c28be377692643b4ff"}, + {file = "cryptography-43.0.3.tar.gz", hash = "sha256:315b9001266a492a6ff443b61238f956b214dbec9910a081ba5b6646a055a805"}, +] + +[package.dependencies] +cffi = {version = ">=1.12", markers = "platform_python_implementation != \"PyPy\""} + +[package.extras] +docs = ["sphinx (>=5.3.0)", "sphinx-rtd-theme (>=1.1.1)"] +docstest = ["pyenchant (>=1.6.11)", "readme-renderer", "sphinxcontrib-spelling (>=4.0.1)"] +nox = ["nox"] +pep8test = ["check-sdist", "click", "mypy", "ruff"] +sdist = ["build"] +ssh = ["bcrypt (>=3.1.5)"] +test = ["certifi", "cryptography-vectors (==43.0.3)", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist"] +test-randomorder = ["pytest-randomly"] + +[[package]] +name = "decorator" +version = "5.1.1" +description = "Decorators for Humans" +optional = false +python-versions = ">=3.5" +groups = ["dev"] +files = [ + {file = "decorator-5.1.1-py3-none-any.whl", hash = "sha256:b8c3f85900b9dc423225913c5aace94729fe1fa9763b38939a95226f02d37186"}, + {file = "decorator-5.1.1.tar.gz", hash = "sha256:637996211036b6385ef91435e4fae22989472f9d571faba8927ba8253acbc330"}, +] + +[[package]] +name = "defusedxml" +version = "0.7.1" +description = "XML bomb protection for Python stdlib modules" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" +groups = ["main"] +files = [ + {file = "defusedxml-0.7.1-py2.py3-none-any.whl", hash = "sha256:a352e7e428770286cc899e2542b6cdaedb2b4953ff269a210103ec58f6198a61"}, + {file = "defusedxml-0.7.1.tar.gz", hash = "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69"}, +] + +[[package]] +name = "distlib" +version = "0.3.9" +description = "Distribution utilities" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "distlib-0.3.9-py2.py3-none-any.whl", hash = "sha256:47f8c22fd27c27e25a65601af709b38e4f0a45ea4fc2e710f65755fa8caaaf87"}, + {file = "distlib-0.3.9.tar.gz", hash = "sha256:a60f20dea646b8a33f3e7772f74dc0b2d0772d2837ee1342a00645c81edf9403"}, +] + +[[package]] +name = "dnspython" +version = "2.7.0" +description = "DNS toolkit" +optional = false +python-versions = ">=3.9" +groups = ["test"] +files = [ + {file = "dnspython-2.7.0-py3-none-any.whl", hash = "sha256:b4c34b7d10b51bcc3a5071e7b8dee77939f1e878477eeecc965e9835f63c6c86"}, + {file = "dnspython-2.7.0.tar.gz", hash = "sha256:ce9c432eda0dc91cf618a5cedf1a4e142651196bbcd2c80e89ed5a907e5cfaf1"}, +] + +[package.extras] +dev = ["black (>=23.1.0)", "coverage (>=7.0)", "flake8 (>=7)", "hypercorn (>=0.16.0)", "mypy (>=1.8)", "pylint (>=3)", "pytest (>=7.4)", "pytest-cov (>=4.1.0)", "quart-trio (>=0.11.0)", "sphinx (>=7.2.0)", "sphinx-rtd-theme (>=2.0.0)", "twine (>=4.0.0)", "wheel (>=0.42.0)"] +dnssec = ["cryptography (>=43)"] +doh = ["h2 (>=4.1.0)", "httpcore (>=1.0.0)", "httpx (>=0.26.0)"] +doq = ["aioquic (>=1.0.0)"] +idna = ["idna (>=3.7)"] +trio = ["trio (>=0.23)"] +wmi = ["wmi (>=1.5.1)"] + +[[package]] +name = "docutils" +version = "0.21.2" +description = "Docutils -- Python Documentation Utilities" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "docutils-0.21.2-py3-none-any.whl", hash = "sha256:dafca5b9e384f0e419294eb4d2ff9fa826435bf15f15b7bd45723e8ad76811b2"}, + {file = "docutils-0.21.2.tar.gz", hash = "sha256:3a6b18732edf182daa3cd12775bbb338cf5691468f91eeeb109deff6ebfa986f"}, +] + +[[package]] +name = "elementpath" +version = "4.7.0" +description = "XPath 1.0/2.0/3.0/3.1 parsers and selectors for ElementTree and lxml" +optional = false +python-versions = ">=3.8" +groups = ["main"] +files = [ + {file = "elementpath-4.7.0-py3-none-any.whl", hash = "sha256:607804a1b4250ac448c1e2bfaec4ee1c980b0a07cfdb0d9057b57102038ed480"}, + {file = "elementpath-4.7.0.tar.gz", hash = "sha256:a2029dc8752fcfec49663d1ed1b412c6daf278c0c91938f50f63c4fe9ed1848e"}, +] + +[package.extras] +dev = ["Sphinx", "coverage", "flake8", "lxml", "lxml-stubs", "memory-profiler", "memray", "mypy", "tox", "xmlschema (>=3.3.2)"] + +[[package]] +name = "exceptiongroup" +version = "1.2.2" +description = "Backport of PEP 654 (exception groups)" +optional = false +python-versions = ">=3.7" +groups = ["coverage", "dev", "test"] +markers = "python_version < \"3.11\"" +files = [ + {file = "exceptiongroup-1.2.2-py3-none-any.whl", hash = "sha256:3111b9d131c238bec2f8f516e123e14ba243563fb135d3fe885990585aa7795b"}, + {file = "exceptiongroup-1.2.2.tar.gz", hash = "sha256:47c2edf7c6738fafb49fd34290706d1a1a2f4d1c6df275526b62cbb4aa5393cc"}, +] + +[package.extras] +test = ["pytest (>=6)"] + +[[package]] +name = "executing" +version = "2.2.0" +description = "Get the currently executing AST node of a frame, and other information" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "executing-2.2.0-py2.py3-none-any.whl", hash = "sha256:11387150cad388d62750327a53d3339fad4888b39a6fe233c3afbb54ecffd3aa"}, + {file = "executing-2.2.0.tar.gz", hash = "sha256:5d108c028108fe2551d1a7b2e8b713341e2cb4fc0aa7dcf966fa4327a5226755"}, +] + +[package.extras] +tests = ["asttokens (>=2.1.0)", "coverage", "coverage-enable-subprocess", "ipython", "littleutils", "pytest", "rich ; python_version >= \"3.11\""] + +[[package]] +name = "filelock" +version = "3.17.0" +description = "A platform independent file lock." +optional = false +python-versions = ">=3.9" +groups = ["dev"] +files = [ + {file = "filelock-3.17.0-py3-none-any.whl", hash = "sha256:533dc2f7ba78dc2f0f531fc6c4940addf7b70a481e269a5a3b93be94ffbe8338"}, + {file = "filelock-3.17.0.tar.gz", hash = "sha256:ee4e77401ef576ebb38cd7f13b9b28893194acc20a8e68e18730ba9c0e54660e"}, +] + +[package.extras] +docs = ["furo (>=2024.8.6)", "sphinx (>=8.1.3)", "sphinx-autodoc-typehints (>=3)"] +testing = ["covdefaults (>=2.3)", "coverage (>=7.6.10)", "diff-cover (>=9.2.1)", "pytest (>=8.3.4)", "pytest-asyncio (>=0.25.2)", "pytest-cov (>=6)", "pytest-mock (>=3.14)", "pytest-timeout (>=2.3.1)", "virtualenv (>=20.28.1)"] +typing = ["typing-extensions (>=4.12.2) ; python_version < \"3.11\""] + +[[package]] +name = "flake8" +version = "7.1.1" +description = "the modular source code checker: pep8 pyflakes and co" +optional = false +python-versions = ">=3.8.1" +groups = ["dev"] +files = [ + {file = "flake8-7.1.1-py2.py3-none-any.whl", hash = "sha256:597477df7860daa5aa0fdd84bf5208a043ab96b8e96ab708770ae0364dd03213"}, + {file = "flake8-7.1.1.tar.gz", hash = "sha256:049d058491e228e03e67b390f311bbf88fce2dbaa8fa673e7aea87b7198b8d38"}, +] + +[package.dependencies] +mccabe = ">=0.7.0,<0.8.0" +pycodestyle = ">=2.12.0,<2.13.0" +pyflakes = ">=3.2.0,<3.3.0" + +[[package]] +name = "flake8-bugbear" +version = "22.12.6" +description = "A plugin for flake8 finding likely bugs and design problems in your program. Contains warnings that don't belong in pyflakes and pycodestyle." +optional = false +python-versions = ">=3.7" +groups = ["dev"] +files = [ + {file = "flake8-bugbear-22.12.6.tar.gz", hash = "sha256:4cdb2c06e229971104443ae293e75e64c6107798229202fbe4f4091427a30ac0"}, + {file = "flake8_bugbear-22.12.6-py3-none-any.whl", hash = "sha256:b69a510634f8a9c298dfda2b18a8036455e6b19ecac4fe582e4d7a0abfa50a30"}, +] + +[package.dependencies] +attrs = ">=19.2.0" +flake8 = ">=3.0.0" + +[package.extras] +dev = ["coverage", "hypothesis", "hypothesmith (>=0.2)", "pre-commit", "tox"] + +[[package]] +name = "flake8-logging-format" +version = "0.7.5" +description = "" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "flake8-logging-format-0.7.5.tar.gz", hash = "sha256:54f7e349c934ce5c594f251885bc2240e99f6b48752a672a8fc7e3d1388352bb"}, +] + +[package.extras] +lint = ["flake8"] +test = ["PyHamcrest", "pytest", "pytest-cov"] + +[[package]] +name = "flake8-pyproject" +version = "1.2.3" +description = "Flake8 plug-in loading the configuration from pyproject.toml" +optional = false +python-versions = ">= 3.6" +groups = ["dev"] +files = [ + {file = "flake8_pyproject-1.2.3-py3-none-any.whl", hash = "sha256:6249fe53545205af5e76837644dc80b4c10037e73a0e5db87ff562d75fb5bd4a"}, +] + +[package.dependencies] +Flake8 = ">=5" +TOMLi = {version = "*", markers = "python_version < \"3.11\""} + +[package.extras] +dev = ["pyTest", "pyTest-cov"] + +[[package]] +name = "idna" +version = "3.10" +description = "Internationalized Domain Names in Applications (IDNA)" +optional = false +python-versions = ">=3.6" +groups = ["main", "docs", "test"] +files = [ + {file = "idna-3.10-py3-none-any.whl", hash = "sha256:946d195a0d259cbba61165e88e65941f16e9b36ea6ddb97f00452bae8b1287d3"}, + {file = "idna-3.10.tar.gz", hash = "sha256:12f65c9b470abda6dc35cf8e63cc574b1c52b11df2c86030af0ac09b01b13ea9"}, +] + +[package.extras] +all = ["flake8 (>=7.1.1)", "mypy (>=1.11.2)", "pytest (>=8.3.2)", "ruff (>=0.6.2)"] + +[[package]] +name = "imagesize" +version = "1.4.1" +description = "Getting image size from png/jpeg/jpeg2000/gif file" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" +groups = ["docs"] +files = [ + {file = "imagesize-1.4.1-py2.py3-none-any.whl", hash = "sha256:0d8d18d08f840c19d0ee7ca1fd82490fdc3729b7ac93f49870406ddde8ef8d8b"}, + {file = "imagesize-1.4.1.tar.gz", hash = "sha256:69150444affb9cb0d5cc5a92b3676f0b2fb7cd9ae39e947a5e11a36b4497cd4a"}, +] + +[[package]] +name = "importlib-metadata" +version = "8.7.0" +description = "Read metadata from Python packages" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +markers = "python_version == \"3.9\"" +files = [ + {file = "importlib_metadata-8.7.0-py3-none-any.whl", hash = "sha256:e5dd1551894c77868a30651cef00984d50e1002d06942a7101d34870c5f02afd"}, + {file = "importlib_metadata-8.7.0.tar.gz", hash = "sha256:d13b81ad223b890aa16c5471f2ac3056cf76c5f10f82d6f9292f0b415f389000"}, +] + +[package.dependencies] +zipp = ">=3.20" + +[package.extras] +check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1) ; sys_platform != \"cygwin\""] +cover = ["pytest-cov"] +doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"] +enabler = ["pytest-enabler (>=2.2)"] +perf = ["ipython"] +test = ["flufl.flake8", "importlib_resources (>=1.3) ; python_version < \"3.9\"", "jaraco.test (>=5.4)", "packaging", "pyfakefs", "pytest (>=6,!=8.1.*)", "pytest-perf (>=0.9.2)"] +type = ["pytest-mypy"] + +[[package]] +name = "iniconfig" +version = "2.0.0" +description = "brain-dead simple config-ini parsing" +optional = false +python-versions = ">=3.7" +groups = ["coverage", "test"] +files = [ + {file = "iniconfig-2.0.0-py3-none-any.whl", hash = "sha256:b6a85871a79d2e3b22d2d1b94ac2824226a63c6b741c88f7ae975f18b6778374"}, + {file = "iniconfig-2.0.0.tar.gz", hash = "sha256:2d91e135bf72d31a410b17c16da610a82cb55f6b0477d1a902134b24a455b8b3"}, +] + +[[package]] +name = "ipdb" +version = "0.13.13" +description = "IPython-enabled pdb" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" +groups = ["dev"] +files = [ + {file = "ipdb-0.13.13-py3-none-any.whl", hash = "sha256:45529994741c4ab6d2388bfa5d7b725c2cf7fe9deffabdb8a6113aa5ed449ed4"}, + {file = "ipdb-0.13.13.tar.gz", hash = "sha256:e3ac6018ef05126d442af680aad863006ec19d02290561ac88b8b1c0b0cfc726"}, +] + +[package.dependencies] +decorator = {version = "*", markers = "python_version > \"3.6\""} +ipython = {version = ">=7.31.1", markers = "python_version > \"3.6\""} +tomli = {version = "*", markers = "python_version > \"3.6\" and python_version < \"3.11\""} + +[[package]] +name = "ipython" +version = "8.18.1" +description = "IPython: Productive Interactive Computing" +optional = false +python-versions = ">=3.9" +groups = ["dev"] +files = [ + {file = "ipython-8.18.1-py3-none-any.whl", hash = "sha256:e8267419d72d81955ec1177f8a29aaa90ac80ad647499201119e2f05e99aa397"}, + {file = "ipython-8.18.1.tar.gz", hash = "sha256:ca6f079bb33457c66e233e4580ebfc4128855b4cf6370dddd73842a9563e8a27"}, +] + +[package.dependencies] +colorama = {version = "*", markers = "sys_platform == \"win32\""} +decorator = "*" +exceptiongroup = {version = "*", markers = "python_version < \"3.11\""} +jedi = ">=0.16" +matplotlib-inline = "*" +pexpect = {version = ">4.3", markers = "sys_platform != \"win32\""} +prompt-toolkit = ">=3.0.41,<3.1.0" +pygments = ">=2.4.0" +stack-data = "*" +traitlets = ">=5" +typing-extensions = {version = "*", markers = "python_version < \"3.10\""} + +[package.extras] +all = ["black", "curio", "docrepr", "exceptiongroup", "ipykernel", "ipyparallel", "ipywidgets", "matplotlib", "matplotlib (!=3.2.0)", "nbconvert", "nbformat", "notebook", "numpy (>=1.22)", "pandas", "pickleshare", "pytest (<7)", "pytest (<7.1)", "pytest-asyncio (<0.22)", "qtconsole", "setuptools (>=18.5)", "sphinx (>=1.3)", "sphinx-rtd-theme", "stack-data", "testpath", "trio", "typing-extensions"] +black = ["black"] +doc = ["docrepr", "exceptiongroup", "ipykernel", "matplotlib", "pickleshare", "pytest (<7)", "pytest (<7.1)", "pytest-asyncio (<0.22)", "setuptools (>=18.5)", "sphinx (>=1.3)", "sphinx-rtd-theme", "stack-data", "testpath", "typing-extensions"] +kernel = ["ipykernel"] +nbconvert = ["nbconvert"] +nbformat = ["nbformat"] +notebook = ["ipywidgets", "notebook"] +parallel = ["ipyparallel"] +qtconsole = ["qtconsole"] +test = ["pickleshare", "pytest (<7.1)", "pytest-asyncio (<0.22)", "testpath"] +test-extra = ["curio", "matplotlib (!=3.2.0)", "nbformat", "numpy (>=1.22)", "pandas", "pickleshare", "pytest (<7.1)", "pytest-asyncio (<0.22)", "testpath", "trio"] + +[[package]] +name = "isort" +version = "5.13.2" +description = "A Python utility / library to sort Python imports." +optional = false +python-versions = ">=3.8.0" +groups = ["dev"] +files = [ + {file = "isort-5.13.2-py3-none-any.whl", hash = "sha256:8ca5e72a8d85860d5a3fa69b8745237f2939afe12dbf656afbcb47fe72d947a6"}, + {file = "isort-5.13.2.tar.gz", hash = "sha256:48fdfcb9face5d58a4f6dde2e72a1fb8dcaf8ab26f95ab49fab84c2ddefb0109"}, +] + +[package.extras] +colors = ["colorama (>=0.4.6)"] + +[[package]] +name = "jedi" +version = "0.19.2" +description = "An autocompletion tool for Python that can be used for text editors." +optional = false +python-versions = ">=3.6" +groups = ["dev"] +files = [ + {file = "jedi-0.19.2-py2.py3-none-any.whl", hash = "sha256:a8ef22bde8490f57fe5c7681a3c83cb58874daf72b4784de3cce5b6ef6edb5b9"}, + {file = "jedi-0.19.2.tar.gz", hash = "sha256:4770dc3de41bde3966b02eb84fbcf557fb33cce26ad23da12c742fb50ecb11f0"}, +] + +[package.dependencies] +parso = ">=0.8.4,<0.9.0" + +[package.extras] +docs = ["Jinja2 (==2.11.3)", "MarkupSafe (==1.1.1)", "Pygments (==2.8.1)", "alabaster (==0.7.12)", "babel (==2.9.1)", "chardet (==4.0.0)", "commonmark (==0.8.1)", "docutils (==0.17.1)", "future (==0.18.2)", "idna (==2.10)", "imagesize (==1.2.0)", "mock (==1.0.1)", "packaging (==20.9)", "pyparsing (==2.4.7)", "pytz (==2021.1)", "readthedocs-sphinx-ext (==2.1.4)", "recommonmark (==0.5.0)", "requests (==2.25.1)", "six (==1.15.0)", "snowballstemmer (==2.1.0)", "sphinx (==1.8.5)", "sphinx-rtd-theme (==0.4.3)", "sphinxcontrib-serializinghtml (==1.1.4)", "sphinxcontrib-websupport (==1.2.4)", "urllib3 (==1.26.4)"] +qa = ["flake8 (==5.0.4)", "mypy (==0.971)", "types-setuptools (==67.2.0.1)"] +testing = ["Django", "attrs", "colorama", "docopt", "pytest (<9.0.0)"] + +[[package]] +name = "jinja2" +version = "3.1.6" +description = "A very fast and expressive template engine." +optional = false +python-versions = ">=3.7" +groups = ["docs"] +files = [ + {file = "jinja2-3.1.6-py3-none-any.whl", hash = "sha256:85ece4451f492d0c13c5dd7c13a64681a86afae63a5f347908daf103ce6d2f67"}, + {file = "jinja2-3.1.6.tar.gz", hash = "sha256:0137fb05990d35f1275a587e9aee6d56da821fc83491a0fb838183be43f66d6d"}, +] + +[package.dependencies] +MarkupSafe = ">=2.0" + +[package.extras] +i18n = ["Babel (>=2.7)"] + +[[package]] +name = "legacy-cgi" +version = "2.6.2" +description = "Fork of the standard library cgi and cgitb modules, being deprecated in PEP-594" +optional = true +python-versions = ">=3.10" +groups = ["main"] +markers = "extra == \"s2repoze\" and python_version >= \"3.13\"" +files = [ + {file = "legacy_cgi-2.6.2-py3-none-any.whl", hash = "sha256:a7b83afb1baf6ebeb56522537c5943ef9813cf933f6715e88a803f7edbce0bff"}, + {file = "legacy_cgi-2.6.2.tar.gz", hash = "sha256:9952471ceb304043b104c22d00b4f333cac27a6abe446d8a528fc437cf13c85f"}, +] + +[[package]] +name = "markupsafe" +version = "3.0.2" +description = "Safely add untrusted strings to HTML/XML markup." +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "MarkupSafe-3.0.2-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:7e94c425039cde14257288fd61dcfb01963e658efbc0ff54f5306b06054700f8"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:9e2d922824181480953426608b81967de705c3cef4d1af983af849d7bd619158"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:38a9ef736c01fccdd6600705b09dc574584b89bea478200c5fbf112a6b0d5579"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bbcb445fa71794da8f178f0f6d66789a28d7319071af7a496d4d507ed566270d"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:57cb5a3cf367aeb1d316576250f65edec5bb3be939e9247ae594b4bcbc317dfb"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:3809ede931876f5b2ec92eef964286840ed3540dadf803dd570c3b7e13141a3b"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:e07c3764494e3776c602c1e78e298937c3315ccc9043ead7e685b7f2b8d47b3c"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:b424c77b206d63d500bcb69fa55ed8d0e6a3774056bdc4839fc9298a7edca171"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-win32.whl", hash = "sha256:fcabf5ff6eea076f859677f5f0b6b5c1a51e70a376b0579e0eadef8db48c6b50"}, + {file = "MarkupSafe-3.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:6af100e168aa82a50e186c82875a5893c5597a0c1ccdb0d8b40240b1f28b969a"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:9025b4018f3a1314059769c7bf15441064b2207cb3f065e6ea1e7359cb46db9d"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:93335ca3812df2f366e80509ae119189886b0f3c2b81325d39efdb84a1e2ae93"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2cb8438c3cbb25e220c2ab33bb226559e7afb3baec11c4f218ffa7308603c832"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a123e330ef0853c6e822384873bef7507557d8e4a082961e1defa947aa59ba84"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1e084f686b92e5b83186b07e8a17fc09e38fff551f3602b249881fec658d3eca"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:d8213e09c917a951de9d09ecee036d5c7d36cb6cb7dbaece4c71a60d79fb9798"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:5b02fb34468b6aaa40dfc198d813a641e3a63b98c2b05a16b9f80b7ec314185e"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:0bff5e0ae4ef2e1ae4fdf2dfd5b76c75e5c2fa4132d05fc1b0dabcd20c7e28c4"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-win32.whl", hash = "sha256:6c89876f41da747c8d3677a2b540fb32ef5715f97b66eeb0c6b66f5e3ef6f59d"}, + {file = "MarkupSafe-3.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:70a87b411535ccad5ef2f1df5136506a10775d267e197e4cf531ced10537bd6b"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-macosx_10_13_universal2.whl", hash = "sha256:9778bd8ab0a994ebf6f84c2b949e65736d5575320a17ae8984a77fab08db94cf"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:846ade7b71e3536c4e56b386c2a47adf5741d2d8b94ec9dc3e92e5e1ee1e2225"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1c99d261bd2d5f6b59325c92c73df481e05e57f19837bdca8413b9eac4bd8028"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e17c96c14e19278594aa4841ec148115f9c7615a47382ecb6b82bd8fea3ab0c8"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:88416bd1e65dcea10bc7569faacb2c20ce071dd1f87539ca2ab364bf6231393c"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:2181e67807fc2fa785d0592dc2d6206c019b9502410671cc905d132a92866557"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:52305740fe773d09cffb16f8ed0427942901f00adedac82ec8b67752f58a1b22"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:ad10d3ded218f1039f11a75f8091880239651b52e9bb592ca27de44eed242a48"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-win32.whl", hash = "sha256:0f4ca02bea9a23221c0182836703cbf8930c5e9454bacce27e767509fa286a30"}, + {file = "MarkupSafe-3.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:8e06879fc22a25ca47312fbe7c8264eb0b662f6db27cb2d3bbbc74b1df4b9b87"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-macosx_10_13_universal2.whl", hash = "sha256:ba9527cdd4c926ed0760bc301f6728ef34d841f405abf9d4f959c478421e4efd"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:f8b3d067f2e40fe93e1ccdd6b2e1d16c43140e76f02fb1319a05cf2b79d99430"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:569511d3b58c8791ab4c2e1285575265991e6d8f8700c7be0e88f86cb0672094"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:15ab75ef81add55874e7ab7055e9c397312385bd9ced94920f2802310c930396"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f3818cb119498c0678015754eba762e0d61e5b52d34c8b13d770f0719f7b1d79"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:cdb82a876c47801bb54a690c5ae105a46b392ac6099881cdfb9f6e95e4014c6a"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:cabc348d87e913db6ab4aa100f01b08f481097838bdddf7c7a84b7575b7309ca"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:444dcda765c8a838eaae23112db52f1efaf750daddb2d9ca300bcae1039adc5c"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-win32.whl", hash = "sha256:bcf3e58998965654fdaff38e58584d8937aa3096ab5354d493c77d1fdd66d7a1"}, + {file = "MarkupSafe-3.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:e6a2a455bd412959b57a172ce6328d2dd1f01cb2135efda2e4576e8a23fa3b0f"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-macosx_10_13_universal2.whl", hash = "sha256:b5a6b3ada725cea8a5e634536b1b01c30bcdcd7f9c6fff4151548d5bf6b3a36c"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:a904af0a6162c73e3edcb969eeeb53a63ceeb5d8cf642fade7d39e7963a22ddb"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4aa4e5faecf353ed117801a068ebab7b7e09ffb6e1d5e412dc852e0da018126c"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c0ef13eaeee5b615fb07c9a7dadb38eac06a0608b41570d8ade51c56539e509d"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:d16a81a06776313e817c951135cf7340a3e91e8c1ff2fac444cfd75fffa04afe"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-musllinux_1_2_aarch64.whl", hash = "sha256:6381026f158fdb7c72a168278597a5e3a5222e83ea18f543112b2662a9b699c5"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-musllinux_1_2_i686.whl", hash = "sha256:3d79d162e7be8f996986c064d1c7c817f6df3a77fe3d6859f6f9e7be4b8c213a"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-musllinux_1_2_x86_64.whl", hash = "sha256:131a3c7689c85f5ad20f9f6fb1b866f402c445b220c19fe4308c0b147ccd2ad9"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-win32.whl", hash = "sha256:ba8062ed2cf21c07a9e295d5b8a2a5ce678b913b45fdf68c32d95d6c1291e0b6"}, + {file = "MarkupSafe-3.0.2-cp313-cp313t-win_amd64.whl", hash = "sha256:e444a31f8db13eb18ada366ab3cf45fd4b31e4db1236a4448f68778c1d1a5a2f"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-macosx_10_9_universal2.whl", hash = "sha256:eaa0a10b7f72326f1372a713e73c3f739b524b3af41feb43e4921cb529f5929a"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:48032821bbdf20f5799ff537c7ac3d1fba0ba032cfc06194faffa8cda8b560ff"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1a9d3f5f0901fdec14d8d2f66ef7d035f2157240a433441719ac9a3fba440b13"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:88b49a3b9ff31e19998750c38e030fc7bb937398b1f78cfa599aaef92d693144"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:cfad01eed2c2e0c01fd0ecd2ef42c492f7f93902e39a42fc9ee1692961443a29"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:1225beacc926f536dc82e45f8a4d68502949dc67eea90eab715dea3a21c1b5f0"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:3169b1eefae027567d1ce6ee7cae382c57fe26e82775f460f0b2778beaad66c0"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:eb7972a85c54febfb25b5c4b4f3af4dcc731994c7da0d8a0b4a6eb0640e1d178"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-win32.whl", hash = "sha256:8c4e8c3ce11e1f92f6536ff07154f9d49677ebaaafc32db9db4620bc11ed480f"}, + {file = "MarkupSafe-3.0.2-cp39-cp39-win_amd64.whl", hash = "sha256:6e296a513ca3d94054c2c881cc913116e90fd030ad1c656b3869762b754f5f8a"}, + {file = "markupsafe-3.0.2.tar.gz", hash = "sha256:ee55d3edf80167e48ea11a923c7386f4669df67d7994554387f84e7d8b0a2bf0"}, +] + +[[package]] +name = "matplotlib-inline" +version = "0.1.7" +description = "Inline Matplotlib backend for Jupyter" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "matplotlib_inline-0.1.7-py3-none-any.whl", hash = "sha256:df192d39a4ff8f21b1895d72e6a13f5fcc5099f00fa84384e0ea28c2cc0653ca"}, + {file = "matplotlib_inline-0.1.7.tar.gz", hash = "sha256:8423b23ec666be3d16e16b60bdd8ac4e86e840ebd1dd11a30b9f117f2fa0ab90"}, +] + +[package.dependencies] +traitlets = "*" + +[[package]] +name = "mccabe" +version = "0.7.0" +description = "McCabe checker, plugin for flake8" +optional = false +python-versions = ">=3.6" +groups = ["dev"] +files = [ + {file = "mccabe-0.7.0-py2.py3-none-any.whl", hash = "sha256:6c2d30ab6be0e4a46919781807b4f0d834ebdd6c6e3dca0bda5a15f863427b6e"}, + {file = "mccabe-0.7.0.tar.gz", hash = "sha256:348e0240c33b60bbdf4e523192ef919f28cb2c3d7d5c7794f74009290f236325"}, +] + +[[package]] +name = "mypy" +version = "1.15.0" +description = "Optional static typing for Python" +optional = false +python-versions = ">=3.9" +groups = ["dev"] +files = [ + {file = "mypy-1.15.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:979e4e1a006511dacf628e36fadfecbcc0160a8af6ca7dad2f5025529e082c13"}, + {file = "mypy-1.15.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:c4bb0e1bd29f7d34efcccd71cf733580191e9a264a2202b0239da95984c5b559"}, + {file = "mypy-1.15.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:be68172e9fd9ad8fb876c6389f16d1c1b5f100ffa779f77b1fb2176fcc9ab95b"}, + {file = "mypy-1.15.0-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:c7be1e46525adfa0d97681432ee9fcd61a3964c2446795714699a998d193f1a3"}, + {file = "mypy-1.15.0-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:2e2c2e6d3593f6451b18588848e66260ff62ccca522dd231cd4dd59b0160668b"}, + {file = "mypy-1.15.0-cp310-cp310-win_amd64.whl", hash = "sha256:6983aae8b2f653e098edb77f893f7b6aca69f6cffb19b2cc7443f23cce5f4828"}, + {file = "mypy-1.15.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:2922d42e16d6de288022e5ca321cd0618b238cfc5570e0263e5ba0a77dbef56f"}, + {file = "mypy-1.15.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:2ee2d57e01a7c35de00f4634ba1bbf015185b219e4dc5909e281016df43f5ee5"}, + {file = "mypy-1.15.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:973500e0774b85d9689715feeffcc980193086551110fd678ebe1f4342fb7c5e"}, + {file = "mypy-1.15.0-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:5a95fb17c13e29d2d5195869262f8125dfdb5c134dc8d9a9d0aecf7525b10c2c"}, + {file = "mypy-1.15.0-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:1905f494bfd7d85a23a88c5d97840888a7bd516545fc5aaedff0267e0bb54e2f"}, + {file = "mypy-1.15.0-cp311-cp311-win_amd64.whl", hash = "sha256:c9817fa23833ff189db061e6d2eff49b2f3b6ed9856b4a0a73046e41932d744f"}, + {file = "mypy-1.15.0-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:aea39e0583d05124836ea645f412e88a5c7d0fd77a6d694b60d9b6b2d9f184fd"}, + {file = "mypy-1.15.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:2f2147ab812b75e5b5499b01ade1f4a81489a147c01585cda36019102538615f"}, + {file = "mypy-1.15.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:ce436f4c6d218a070048ed6a44c0bbb10cd2cc5e272b29e7845f6a2f57ee4464"}, + {file = "mypy-1.15.0-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:8023ff13985661b50a5928fc7a5ca15f3d1affb41e5f0a9952cb68ef090b31ee"}, + {file = "mypy-1.15.0-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:1124a18bc11a6a62887e3e137f37f53fbae476dc36c185d549d4f837a2a6a14e"}, + {file = "mypy-1.15.0-cp312-cp312-win_amd64.whl", hash = "sha256:171a9ca9a40cd1843abeca0e405bc1940cd9b305eaeea2dda769ba096932bb22"}, + {file = "mypy-1.15.0-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:93faf3fdb04768d44bf28693293f3904bbb555d076b781ad2530214ee53e3445"}, + {file = "mypy-1.15.0-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:811aeccadfb730024c5d3e326b2fbe9249bb7413553f15499a4050f7c30e801d"}, + {file = "mypy-1.15.0-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:98b7b9b9aedb65fe628c62a6dc57f6d5088ef2dfca37903a7d9ee374d03acca5"}, + {file = "mypy-1.15.0-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:c43a7682e24b4f576d93072216bf56eeff70d9140241f9edec0c104d0c515036"}, + {file = "mypy-1.15.0-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:baefc32840a9f00babd83251560e0ae1573e2f9d1b067719479bfb0e987c6357"}, + {file = "mypy-1.15.0-cp313-cp313-win_amd64.whl", hash = "sha256:b9378e2c00146c44793c98b8d5a61039a048e31f429fb0eb546d93f4b000bedf"}, + {file = "mypy-1.15.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:e601a7fa172c2131bff456bb3ee08a88360760d0d2f8cbd7a75a65497e2df078"}, + {file = "mypy-1.15.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:712e962a6357634fef20412699a3655c610110e01cdaa6180acec7fc9f8513ba"}, + {file = "mypy-1.15.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:f95579473af29ab73a10bada2f9722856792a36ec5af5399b653aa28360290a5"}, + {file = "mypy-1.15.0-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_28_x86_64.whl", hash = "sha256:8f8722560a14cde92fdb1e31597760dc35f9f5524cce17836c0d22841830fd5b"}, + {file = "mypy-1.15.0-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:1fbb8da62dc352133d7d7ca90ed2fb0e9d42bb1a32724c287d3c76c58cbaa9c2"}, + {file = "mypy-1.15.0-cp39-cp39-win_amd64.whl", hash = "sha256:d10d994b41fb3497719bbf866f227b3489048ea4bbbb5015357db306249f7980"}, + {file = "mypy-1.15.0-py3-none-any.whl", hash = "sha256:5469affef548bd1895d86d3bf10ce2b44e33d86923c29e4d675b3e323437ea3e"}, + {file = "mypy-1.15.0.tar.gz", hash = "sha256:404534629d51d3efea5c800ee7c42b72a6554d6c400e6a79eafe15d11341fd43"}, +] + +[package.dependencies] +mypy_extensions = ">=1.0.0" +tomli = {version = ">=1.1.0", markers = "python_version < \"3.11\""} +typing_extensions = ">=4.6.0" + +[package.extras] +dmypy = ["psutil (>=4.0)"] +faster-cache = ["orjson"] +install-types = ["pip"] +mypyc = ["setuptools (>=50)"] +reports = ["lxml"] + +[[package]] +name = "mypy-extensions" +version = "1.0.0" +description = "Type system extensions for programs checked with the mypy type checker." +optional = false +python-versions = ">=3.5" +groups = ["dev"] +files = [ + {file = "mypy_extensions-1.0.0-py3-none-any.whl", hash = "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d"}, + {file = "mypy_extensions-1.0.0.tar.gz", hash = "sha256:75dbf8955dc00442a438fc4d0666508a9a97b6bd41aa2f0ffe9d2f2725af0782"}, +] + +[[package]] +name = "packaging" +version = "24.2" +description = "Core utilities for Python packages" +optional = false +python-versions = ">=3.8" +groups = ["coverage", "dev", "docs", "test"] +files = [ + {file = "packaging-24.2-py3-none-any.whl", hash = "sha256:09abb1bccd265c01f4a3aa3f7a7db064b36514d2cba19a2f694fe6150451a759"}, + {file = "packaging-24.2.tar.gz", hash = "sha256:c228a6dc5e932d346bc5739379109d49e8853dd8223571c7c5b55260edc0b97f"}, +] + +[[package]] +name = "parso" +version = "0.8.4" +description = "A Python Parser" +optional = false +python-versions = ">=3.6" +groups = ["dev"] +files = [ + {file = "parso-0.8.4-py2.py3-none-any.whl", hash = "sha256:a418670a20291dacd2dddc80c377c5c3791378ee1e8d12bffc35420643d43f18"}, + {file = "parso-0.8.4.tar.gz", hash = "sha256:eb3a7b58240fb99099a345571deecc0f9540ea5f4dd2fe14c2a99d6b281ab92d"}, +] + +[package.extras] +qa = ["flake8 (==5.0.4)", "mypy (==0.971)", "types-setuptools (==67.2.0.1)"] +testing = ["docopt", "pytest"] + +[[package]] +name = "paste" +version = "3.10.1" +description = "Tools for using a Web Server Gateway Interface stack" +optional = true +python-versions = ">=3" +groups = ["main"] +markers = "extra == \"s2repoze\"" +files = [ + {file = "Paste-3.10.1-py3-none-any.whl", hash = "sha256:995e9994b6a94a2bdd8bd9654fb70ca3946ffab75442468bacf31b4d06481c3d"}, + {file = "paste-3.10.1.tar.gz", hash = "sha256:1c3d12065a5e8a7a18c0c7be1653a97cf38cc3e9a5a0c8334a9dd992d3a05e4a"}, +] + +[package.dependencies] +setuptools = "*" + +[package.extras] +flup = ["flup"] +openid = ["python-openid"] + +[[package]] +name = "pathspec" +version = "0.12.1" +description = "Utility library for gitignore style pattern matching of file paths." +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "pathspec-0.12.1-py3-none-any.whl", hash = "sha256:a0d503e138a4c123b27490a4f7beda6a01c6f288df0e4a8b79c7eb0dc7b4cc08"}, + {file = "pathspec-0.12.1.tar.gz", hash = "sha256:a482d51503a1ab33b1c67a6c3813a26953dbdc71c31dacaef9a838c4e29f5712"}, +] + +[[package]] +name = "pexpect" +version = "4.9.0" +description = "Pexpect allows easy control of interactive console applications." +optional = false +python-versions = "*" +groups = ["dev"] +markers = "sys_platform != \"win32\"" +files = [ + {file = "pexpect-4.9.0-py2.py3-none-any.whl", hash = "sha256:7236d1e080e4936be2dc3e326cec0af72acf9212a7e1d060210e70a47e253523"}, + {file = "pexpect-4.9.0.tar.gz", hash = "sha256:ee7d41123f3c9911050ea2c2dac107568dc43b2d3b0c7557a33212c398ead30f"}, +] + +[package.dependencies] +ptyprocess = ">=0.5" + +[[package]] +name = "platformdirs" +version = "4.3.6" +description = "A small Python package for determining appropriate platform-specific dirs, e.g. a `user data dir`." +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "platformdirs-4.3.6-py3-none-any.whl", hash = "sha256:73e575e1408ab8103900836b97580d5307456908a03e92031bab39e4554cc3fb"}, + {file = "platformdirs-4.3.6.tar.gz", hash = "sha256:357fb2acbc885b0419afd3ce3ed34564c13c9b95c89360cd9563f73aa5e2b907"}, +] + +[package.extras] +docs = ["furo (>=2024.8.6)", "proselint (>=0.14)", "sphinx (>=8.0.2)", "sphinx-autodoc-typehints (>=2.4)"] +test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest (>=8.3.2)", "pytest-cov (>=5)", "pytest-mock (>=3.14)"] +type = ["mypy (>=1.11.2)"] + +[[package]] +name = "pluggy" +version = "1.5.0" +description = "plugin and hook calling mechanisms for python" +optional = false +python-versions = ">=3.8" +groups = ["coverage", "dev", "test"] +files = [ + {file = "pluggy-1.5.0-py3-none-any.whl", hash = "sha256:44e1ad92c8ca002de6377e165f3e0f1be63266ab4d554740532335b9d75ea669"}, + {file = "pluggy-1.5.0.tar.gz", hash = "sha256:2cffa88e94fdc978c4c574f15f9e59b7f4201d439195c3715ca9e2486f1d0cf1"}, +] + +[package.extras] +dev = ["pre-commit", "tox"] +testing = ["pytest", "pytest-benchmark"] + +[[package]] +name = "prompt-toolkit" +version = "3.0.50" +description = "Library for building powerful interactive command lines in Python" +optional = false +python-versions = ">=3.8.0" +groups = ["dev"] +files = [ + {file = "prompt_toolkit-3.0.50-py3-none-any.whl", hash = "sha256:9b6427eb19e479d98acff65196a307c555eb567989e6d88ebbb1b509d9779198"}, + {file = "prompt_toolkit-3.0.50.tar.gz", hash = "sha256:544748f3860a2623ca5cd6d2795e7a14f3d0e1c3c9728359013f79877fc89bab"}, +] + +[package.dependencies] +wcwidth = "*" + +[[package]] +name = "ptyprocess" +version = "0.7.0" +description = "Run a subprocess in a pseudo terminal" +optional = false +python-versions = "*" +groups = ["dev"] +markers = "sys_platform != \"win32\"" +files = [ + {file = "ptyprocess-0.7.0-py2.py3-none-any.whl", hash = "sha256:4b41f3967fce3af57cc7e94b888626c18bf37a083e3651ca8feeb66d492fef35"}, + {file = "ptyprocess-0.7.0.tar.gz", hash = "sha256:5c5d0a3b48ceee0b48485e0c26037c0acd7d29765ca3fbb5cb3831d347423220"}, +] + +[[package]] +name = "pure-eval" +version = "0.2.3" +description = "Safely evaluate AST nodes without side effects" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "pure_eval-0.2.3-py3-none-any.whl", hash = "sha256:1db8e35b67b3d218d818ae653e27f06c3aa420901fa7b081ca98cbedc874e0d0"}, + {file = "pure_eval-0.2.3.tar.gz", hash = "sha256:5f4e983f40564c576c7c8635ae88db5956bb2229d7e9237d03b3c0b0190eaf42"}, +] + +[package.extras] +tests = ["pytest"] + +[[package]] +name = "py" +version = "1.11.0" +description = "library with cross-python path, ini-parsing, io, code, log facilities" +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*, !=3.4.*" +groups = ["dev"] +files = [ + {file = "py-1.11.0-py2.py3-none-any.whl", hash = "sha256:607c53218732647dff4acdfcd50cb62615cedf612e72d1724fb1a0cc6405b378"}, + {file = "py-1.11.0.tar.gz", hash = "sha256:51c75c4126074b472f746a24399ad32f6053d1b34b68d2fa41e558e6f4a98719"}, +] + +[[package]] +name = "pyasn1" +version = "0.6.1" +description = "Pure-Python implementation of ASN.1 types and DER/BER/CER codecs (X.208)" +optional = false +python-versions = ">=3.8" +groups = ["test"] +files = [ + {file = "pyasn1-0.6.1-py3-none-any.whl", hash = "sha256:0d632f46f2ba09143da3a8afe9e33fb6f92fa2320ab7e886e2d0f7672af84629"}, + {file = "pyasn1-0.6.1.tar.gz", hash = "sha256:6f580d2bdd84365380830acf45550f2511469f673cb4a5ae3857a3170128b034"}, +] + +[[package]] +name = "pycodestyle" +version = "2.12.1" +description = "Python style guide checker" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "pycodestyle-2.12.1-py2.py3-none-any.whl", hash = "sha256:46f0fb92069a7c28ab7bb558f05bfc0110dac69a0cd23c61ea0040283a9d78b3"}, + {file = "pycodestyle-2.12.1.tar.gz", hash = "sha256:6838eae08bbce4f6accd5d5572075c63626a15ee3e6f842df996bf62f6d73521"}, +] + +[[package]] +name = "pycparser" +version = "2.22" +description = "C parser in Python" +optional = false +python-versions = ">=3.8" +groups = ["main", "dev"] +markers = "platform_python_implementation != \"PyPy\" and implementation_name != \"PyPy\"" +files = [ + {file = "pycparser-2.22-py3-none-any.whl", hash = "sha256:c3702b6d3dd8c7abc1afa565d7e63d53a1d0bd86cdc24edd75470f4de499cfcc"}, + {file = "pycparser-2.22.tar.gz", hash = "sha256:491c8be9c040f5390f5bf44a5b07752bd07f56edf992381b05c701439eec10f6"}, +] + +[[package]] +name = "pyflakes" +version = "3.2.0" +description = "passive checker of Python programs" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "pyflakes-3.2.0-py2.py3-none-any.whl", hash = "sha256:84b5be138a2dfbb40689ca07e2152deb896a65c3a3e24c251c5c62489568074a"}, + {file = "pyflakes-3.2.0.tar.gz", hash = "sha256:1c61603ff154621fb2a9172037d84dca3500def8c8b630657d1701f026f8af3f"}, +] + +[[package]] +name = "pygments" +version = "2.19.1" +description = "Pygments is a syntax highlighting package written in Python." +optional = false +python-versions = ">=3.8" +groups = ["dev", "docs"] +files = [ + {file = "pygments-2.19.1-py3-none-any.whl", hash = "sha256:9ea1544ad55cecf4b8242fab6dd35a93bbce657034b0611ee383099054ab6d8c"}, + {file = "pygments-2.19.1.tar.gz", hash = "sha256:61c16d2a8576dc0649d9f39e089b5f02bcd27fba10d8fb4dcc28173f7a45151f"}, +] + +[package.extras] +windows-terminal = ["colorama (>=0.4.6)"] + +[[package]] +name = "pymongo" +version = "4.11.1" +description = "Python driver for MongoDB " +optional = false +python-versions = ">=3.9" +groups = ["test"] +files = [ + {file = "pymongo-4.11.1-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:e596caec72db62a3f438559dfa46d22faefea1967279f553f936ddcb873903df"}, + {file = "pymongo-4.11.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:15a88b25efcd61c5e539e9204932849b20f393efa330771676e860c4466fe8ad"}, + {file = "pymongo-4.11.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e7073a740aad257f9d2c12cb95a08f17db1f273d422e7ddfed9895738571cac7"}, + {file = "pymongo-4.11.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:25b7cadae1d5287b2eed3d901a347f3fa9bc3f898532e1cb7f28a1c9237d824d"}, + {file = "pymongo-4.11.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:3fe9589d9a83f6e2abe88f32daa410276eddd038eb8f8f75975cf8ce834cea1f"}, + {file = "pymongo-4.11.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:1cc6d48b74e9abe544dd71b000453ad06e65cbfcfd57c7342a9f012f65532eb2"}, + {file = "pymongo-4.11.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:1518931a4a26d3cb31a97b9187087c6378cd0b0401d7a7cc160e92223a2a3059"}, + {file = "pymongo-4.11.1-cp310-cp310-win32.whl", hash = "sha256:163c887384cb9fd16e0463128600867138a5a9a5344fc0903db08494b39a2d6e"}, + {file = "pymongo-4.11.1-cp310-cp310-win_amd64.whl", hash = "sha256:e147e08df329a7d23cbcb6213bc2fd360e51551626be828092fe2027f3473abc"}, + {file = "pymongo-4.11.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:8ac125f2782d8fe3f3ff93a396af5482d694093b3be3e06052197096c83acadc"}, + {file = "pymongo-4.11.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:681806d3ecaf29b11e16a45c1f4c28f99d9d8283238f7b6ea9eee93b5d7bc6d2"}, + {file = "pymongo-4.11.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:50210249a9bf67937e97205a312b96a4b1250b111cbaaff532d7a61bc2b1562d"}, + {file = "pymongo-4.11.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:cdd0e404d5c3b1203ee61fcfee40a1f062f3780ce272febdc2378797b00401d1"}, + {file = "pymongo-4.11.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:e6e46bcd3c2f86f442b721551ed5e5812294e4a93fce42517e173bd41d4cd2d8"}, + {file = "pymongo-4.11.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f28d179e7d434869e23f4582c941cb400f75e996cfea472693ec756ee213c685"}, + {file = "pymongo-4.11.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:b56dbb6883ce7adad8588464948e0723a3d881e5549f48c4767f1654e8e4cb7d"}, + {file = "pymongo-4.11.1-cp311-cp311-win32.whl", hash = "sha256:27bc58e0b1bebb17d2426d0cc191c579f2eeaf9692be880f93fe4180cf850ca7"}, + {file = "pymongo-4.11.1-cp311-cp311-win_amd64.whl", hash = "sha256:7751e6e99c79057b09441c6ab2a93fae10b4028478aac5b455db8b12f884a3c0"}, + {file = "pymongo-4.11.1-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:f96683f1dec7d28f12fe43a4d5c0df35d6b80348a9fbf5aac47fa284332a1f92"}, + {file = "pymongo-4.11.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:157e6a722d051c4bab3e6bc34a1f80fc98101cf2d12139a94e51638d023198c5"}, + {file = "pymongo-4.11.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:74503e853758e1eaa1cad2df9c08c8c35a3d26222cf6426d2cde4b2e8593b9b3"}, + {file = "pymongo-4.11.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:b630596089106c968ddd252bde3fe692c420e24f214dd39ca517d26343d81012"}, + {file = "pymongo-4.11.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7007669eef871079d39a9bbcda0fbcd4252f9b575592804343d0b5c05849d65b"}, + {file = "pymongo-4.11.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:488d1da6201e1350cfcd4deab599b32237ac2ac591180d44553a2c8e614f2c0e"}, + {file = "pymongo-4.11.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:908e65ab42cd4bf1ffeaafe8f11bb86b3f804d54227058794e33fff2963ccc86"}, + {file = "pymongo-4.11.1-cp312-cp312-win32.whl", hash = "sha256:2d1d956c15dd05f1e41c61f0dbcaec59f274db4814cff2c3d9c2508f58004c39"}, + {file = "pymongo-4.11.1-cp312-cp312-win_amd64.whl", hash = "sha256:c71655f4188c70032ba56ac7ead688449e4f86a4ccd8e57201ee283f2f591e1d"}, + {file = "pymongo-4.11.1-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:f845b46d77a5bcf0c9ee16f11c5bc84c63f4668d9ea4fc54cd923c8d48a1d521"}, + {file = "pymongo-4.11.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:aadea45e01103f6ee4e80d76d4a27393a4e2bd93472ce4ebb894781f395e1053"}, + {file = "pymongo-4.11.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a63348c850df796199abef7e9afbd86c34449f56731c7ec70b3901df1f5c135b"}, + {file = "pymongo-4.11.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:7dd7656794bfbfbe10723813332ec33eed29bd9bb7fc122c63829fd445eb8425"}, + {file = "pymongo-4.11.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7146ae04300ce6f83b75c639e97c3d0ce873f30edaac4b719ae173e886b9ff90"}, + {file = "pymongo-4.11.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:698fb3d13126c0719077c98b40378cb9a6f4ab4a72b7691779aa01f1f6c66493"}, + {file = "pymongo-4.11.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f415d9569720f408cc4dcc171f60299d454b0414f120666e6fdd349d414bf010"}, + {file = "pymongo-4.11.1-cp313-cp313-win32.whl", hash = "sha256:4aa2c40e391ca29a337bef2b46b495c3f24b5696a87a58f0a0676a8bf131f9f8"}, + {file = "pymongo-4.11.1-cp313-cp313-win_amd64.whl", hash = "sha256:1f871efa14a1f368559edff39ec03799ca108bfa8e1ba330b7ffc05eb958661f"}, + {file = "pymongo-4.11.1-cp313-cp313t-macosx_10_13_x86_64.whl", hash = "sha256:d293cec18624825937bd7f1d8bacf16104c79ced45a8ada93f08ec8a7a2ad17a"}, + {file = "pymongo-4.11.1-cp313-cp313t-macosx_11_0_arm64.whl", hash = "sha256:7b3ea3494f3e166a524529bb05a4fdda97afd77031fed3a63862fd815288c9df"}, + {file = "pymongo-4.11.1-cp313-cp313t-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d12f4c4579076b7351c63378e22f43d4ce4ed4f2c93208b653c4752f18f47309"}, + {file = "pymongo-4.11.1-cp313-cp313t-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:0a8aba4818350d2a463e084ae2426d395e725525fe86bd0219240b265dc1ca52"}, + {file = "pymongo-4.11.1-cp313-cp313t-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f97f62e6edde15d1d3d08abd7e43f1787ee9e672b1bb8e9d9f5fd6ded24f5599"}, + {file = "pymongo-4.11.1-cp313-cp313t-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:8a4e82dce301c97bb132dec28a487c1a609dc67948e9db7cbd23485875367204"}, + {file = "pymongo-4.11.1-cp313-cp313t-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:985a614ec24519f4a3d82aafb766c3f782a452fc46b32112d508a4e19b33fff3"}, + {file = "pymongo-4.11.1-cp313-cp313t-win32.whl", hash = "sha256:889d20850d5aaa4f19814462c06488553e70ed4c62195dbaad5d5662884778af"}, + {file = "pymongo-4.11.1-cp313-cp313t-win_amd64.whl", hash = "sha256:3854db4be39cb9e0c34add1fd7e515deab0b4ee30f3cc3978e057746d119ac12"}, + {file = "pymongo-4.11.1-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:61f9a7ca6eb47378809c94cd8fbdbc5ee90c4bbb0c18ddf5592d25ed95cf939c"}, + {file = "pymongo-4.11.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:3b01623eb4a7ac58706e1920a94fbb47465f8ee19e7fbbb077e1707e37678863"}, + {file = "pymongo-4.11.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2737ad54f0cd38e19ebf76e6f34dbbc6927615a2973425e64475d15a65fc2f6b"}, + {file = "pymongo-4.11.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:2d7f291245c1688655aa308bbba7c9afa8116692c4fa6ad2646a835ed277a67b"}, + {file = "pymongo-4.11.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:892f2137282a0a993d342db6e4e6dc2f3db0b771831c2d505f7055c52c023198"}, + {file = "pymongo-4.11.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:822a73d22970978a6e55751d53eb0948521fc8e1380e306b8644096b5230412f"}, + {file = "pymongo-4.11.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:18b669e15922316e25a318cf9ba594eae5a6c24285a70f455ea01571d70a47d2"}, + {file = "pymongo-4.11.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:9e7bac5fb1383a0df8b6881046207da20deb582a54e70c4c53ac9d4bbce323a3"}, + {file = "pymongo-4.11.1-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:34d8b0ee57ad2a07ecdccec06269a4530767c2befb68f4a185113c866ad20b00"}, + {file = "pymongo-4.11.1-cp39-cp39-win32.whl", hash = "sha256:490d3fd8006154894319af3a974764bf16baea87100222779f49c75cd8b16d3d"}, + {file = "pymongo-4.11.1-cp39-cp39-win_amd64.whl", hash = "sha256:1ed3c885ac221ddebd3e894aeae7b6bd84e7dbd4fd59f03e551d8f51455c7e9b"}, + {file = "pymongo-4.11.1.tar.gz", hash = "sha256:3757ce9257c3486eead45680a8895a0ed9ba27efaf1791fc0cf854367c21c638"}, +] + +[package.dependencies] +dnspython = ">=1.16.0,<3.0.0" + +[package.extras] +aws = ["pymongo-auth-aws (>=1.1.0,<2.0.0)"] +docs = ["furo (==2024.8.6)", "readthedocs-sphinx-search (>=0.3,<1.0)", "sphinx (>=5.3,<9)", "sphinx-autobuild (>=2020.9.1)", "sphinx-rtd-theme (>=2,<4)", "sphinxcontrib-shellcheck (>=1,<2)"] +encryption = ["certifi ; os_name == \"nt\" or sys_platform == \"darwin\"", "pymongo-auth-aws (>=1.1.0,<2.0.0)", "pymongocrypt (>=1.12.0,<2.0.0)"] +gssapi = ["pykerberos ; os_name != \"nt\"", "winkerberos (>=0.5.0) ; os_name == \"nt\""] +ocsp = ["certifi ; os_name == \"nt\" or sys_platform == \"darwin\"", "cryptography (>=2.5)", "pyopenssl (>=17.2.0)", "requests (<3.0.0)", "service-identity (>=18.1.0)"] +snappy = ["python-snappy"] +test = ["pytest (>=8.2)", "pytest-asyncio (>=0.24.0)"] +zstd = ["zstandard"] + +[[package]] +name = "pyopenssl" +version = "24.2.1" +description = "Python wrapper module around the OpenSSL library" +optional = false +python-versions = ">=3.7" +groups = ["main"] +files = [ + {file = "pyOpenSSL-24.2.1-py3-none-any.whl", hash = "sha256:967d5719b12b243588573f39b0c677637145c7a1ffedcd495a487e58177fbb8d"}, + {file = "pyopenssl-24.2.1.tar.gz", hash = "sha256:4247f0dbe3748d560dcbb2ff3ea01af0f9a1a001ef5f7c4c647956ed8cbf0e95"}, +] + +[package.dependencies] +cryptography = ">=41.0.5,<44" + +[package.extras] +docs = ["sphinx (!=5.2.0,!=5.2.0.post0,!=7.2.5)", "sphinx-rtd-theme"] +test = ["pretend", "pytest (>=3.0.1)", "pytest-rerunfailures"] + +[[package]] +name = "pytest" +version = "8.3.4" +description = "pytest: simple powerful testing with Python" +optional = false +python-versions = ">=3.8" +groups = ["coverage", "test"] +files = [ + {file = "pytest-8.3.4-py3-none-any.whl", hash = "sha256:50e16d954148559c9a74109af1eaf0c945ba2d8f30f0a3d3335edde19788b6f6"}, + {file = "pytest-8.3.4.tar.gz", hash = "sha256:965370d062bce11e73868e0335abac31b4d3de0e82f4007408d242b4f8610761"}, +] + +[package.dependencies] +colorama = {version = "*", markers = "sys_platform == \"win32\""} +exceptiongroup = {version = ">=1.0.0rc8", markers = "python_version < \"3.11\""} +iniconfig = "*" +packaging = "*" +pluggy = ">=1.5,<2" +tomli = {version = ">=1", markers = "python_version < \"3.11\""} + +[package.extras] +dev = ["argcomplete", "attrs (>=19.2)", "hypothesis (>=3.56)", "mock", "pygments (>=2.7.2)", "requests", "setuptools", "xmlschema"] + +[[package]] +name = "pytest-cov" +version = "6.0.0" +description = "Pytest plugin for measuring coverage." +optional = false +python-versions = ">=3.9" +groups = ["coverage"] +files = [ + {file = "pytest-cov-6.0.0.tar.gz", hash = "sha256:fde0b595ca248bb8e2d76f020b465f3b107c9632e6a1d1705f17834c89dcadc0"}, + {file = "pytest_cov-6.0.0-py3-none-any.whl", hash = "sha256:eee6f1b9e61008bd34975a4d5bab25801eb31898b032dd55addc93e96fcaaa35"}, +] + +[package.dependencies] +coverage = {version = ">=7.5", extras = ["toml"]} +pytest = ">=4.6" + +[package.extras] +testing = ["fields", "hunter", "process-tests", "pytest-xdist", "virtualenv"] + +[[package]] +name = "python-dateutil" +version = "2.9.0.post0" +description = "Extensions to the standard Python datetime module" +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" +groups = ["main"] +files = [ + {file = "python-dateutil-2.9.0.post0.tar.gz", hash = "sha256:37dd54208da7e1cd875388217d5e00ebd4179249f90fb72437e91a35459a0ad3"}, + {file = "python_dateutil-2.9.0.post0-py2.py3-none-any.whl", hash = "sha256:a8b2bc7bffae282281c8140a97d3aa9c14da0b136dfe83f850eea9a5f7470427"}, +] + +[package.dependencies] +six = ">=1.5" + +[[package]] +name = "pyyaml" +version = "6.0.2" +description = "YAML parser and emitter for Python" +optional = false +python-versions = ">=3.8" +groups = ["test"] +files = [ + {file = "PyYAML-6.0.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:0a9a2848a5b7feac301353437eb7d5957887edbf81d56e903999a75a3d743086"}, + {file = "PyYAML-6.0.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:29717114e51c84ddfba879543fb232a6ed60086602313ca38cce623c1d62cfbf"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8824b5a04a04a047e72eea5cec3bc266db09e35de6bdfe34c9436ac5ee27d237"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7c36280e6fb8385e520936c3cb3b8042851904eba0e58d277dca80a5cfed590b"}, + {file = "PyYAML-6.0.2-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ec031d5d2feb36d1d1a24380e4db6d43695f3748343d99434e6f5f9156aaa2ed"}, + {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:936d68689298c36b53b29f23c6dbb74de12b4ac12ca6cfe0e047bedceea56180"}, + {file = "PyYAML-6.0.2-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:23502f431948090f597378482b4812b0caae32c22213aecf3b55325e049a6c68"}, + {file = "PyYAML-6.0.2-cp310-cp310-win32.whl", hash = "sha256:2e99c6826ffa974fe6e27cdb5ed0021786b03fc98e5ee3c5bfe1fd5015f42b99"}, + {file = "PyYAML-6.0.2-cp310-cp310-win_amd64.whl", hash = "sha256:a4d3091415f010369ae4ed1fc6b79def9416358877534caf6a0fdd2146c87a3e"}, + {file = "PyYAML-6.0.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:cc1c1159b3d456576af7a3e4d1ba7e6924cb39de8f67111c735f6fc832082774"}, + {file = "PyYAML-6.0.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:1e2120ef853f59c7419231f3bf4e7021f1b936f6ebd222406c3b60212205d2ee"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d225db5a45f21e78dd9358e58a98702a0302f2659a3c6cd320564b75b86f47c"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5ac9328ec4831237bec75defaf839f7d4564be1e6b25ac710bd1a96321cc8317"}, + {file = "PyYAML-6.0.2-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ad2a3decf9aaba3d29c8f537ac4b243e36bef957511b4766cb0057d32b0be85"}, + {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:ff3824dc5261f50c9b0dfb3be22b4567a6f938ccce4587b38952d85fd9e9afe4"}, + {file = "PyYAML-6.0.2-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:797b4f722ffa07cc8d62053e4cff1486fa6dc094105d13fea7b1de7d8bf71c9e"}, + {file = "PyYAML-6.0.2-cp311-cp311-win32.whl", hash = "sha256:11d8f3dd2b9c1207dcaf2ee0bbbfd5991f571186ec9cc78427ba5bd32afae4b5"}, + {file = "PyYAML-6.0.2-cp311-cp311-win_amd64.whl", hash = "sha256:e10ce637b18caea04431ce14fabcf5c64a1c61ec9c56b071a4b7ca131ca52d44"}, + {file = "PyYAML-6.0.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:c70c95198c015b85feafc136515252a261a84561b7b1d51e3384e0655ddf25ab"}, + {file = "PyYAML-6.0.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:ce826d6ef20b1bc864f0a68340c8b3287705cae2f8b4b1d932177dcc76721725"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:1f71ea527786de97d1a0cc0eacd1defc0985dcf6b3f17bb77dcfc8c34bec4dc5"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:9b22676e8097e9e22e36d6b7bda33190d0d400f345f23d4065d48f4ca7ae0425"}, + {file = "PyYAML-6.0.2-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:80bab7bfc629882493af4aa31a4cfa43a4c57c83813253626916b8c7ada83476"}, + {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:0833f8694549e586547b576dcfaba4a6b55b9e96098b36cdc7ebefe667dfed48"}, + {file = "PyYAML-6.0.2-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:8b9c7197f7cb2738065c481a0461e50ad02f18c78cd75775628afb4d7137fb3b"}, + {file = "PyYAML-6.0.2-cp312-cp312-win32.whl", hash = "sha256:ef6107725bd54b262d6dedcc2af448a266975032bc85ef0172c5f059da6325b4"}, + {file = "PyYAML-6.0.2-cp312-cp312-win_amd64.whl", hash = "sha256:7e7401d0de89a9a855c839bc697c079a4af81cf878373abd7dc625847d25cbd8"}, + {file = "PyYAML-6.0.2-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:efdca5630322a10774e8e98e1af481aad470dd62c3170801852d752aa7a783ba"}, + {file = "PyYAML-6.0.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:50187695423ffe49e2deacb8cd10510bc361faac997de9efef88badc3bb9e2d1"}, + {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:0ffe8360bab4910ef1b9e87fb812d8bc0a308b0d0eef8c8f44e0254ab3b07133"}, + {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:17e311b6c678207928d649faa7cb0d7b4c26a0ba73d41e99c4fff6b6c3276484"}, + {file = "PyYAML-6.0.2-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:70b189594dbe54f75ab3a1acec5f1e3faa7e8cf2f1e08d9b561cb41b845f69d5"}, + {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_aarch64.whl", hash = "sha256:41e4e3953a79407c794916fa277a82531dd93aad34e29c2a514c2c0c5fe971cc"}, + {file = "PyYAML-6.0.2-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:68ccc6023a3400877818152ad9a1033e3db8625d899c72eacb5a668902e4d652"}, + {file = "PyYAML-6.0.2-cp313-cp313-win32.whl", hash = "sha256:bc2fa7c6b47d6bc618dd7fb02ef6fdedb1090ec036abab80d4681424b84c1183"}, + {file = "PyYAML-6.0.2-cp313-cp313-win_amd64.whl", hash = "sha256:8388ee1976c416731879ac16da0aff3f63b286ffdd57cdeb95f3f2e085687563"}, + {file = "PyYAML-6.0.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:24471b829b3bf607e04e88d79542a9d48bb037c2267d7927a874e6c205ca7e9a"}, + {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d7fded462629cfa4b685c5416b949ebad6cec74af5e2d42905d41e257e0869f5"}, + {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:d84a1718ee396f54f3a086ea0a66d8e552b2ab2017ef8b420e92edbc841c352d"}, + {file = "PyYAML-6.0.2-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9056c1ecd25795207ad294bcf39f2db3d845767be0ea6e6a34d856f006006083"}, + {file = "PyYAML-6.0.2-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:82d09873e40955485746739bcb8b4586983670466c23382c19cffecbf1fd8706"}, + {file = "PyYAML-6.0.2-cp38-cp38-win32.whl", hash = "sha256:43fa96a3ca0d6b1812e01ced1044a003533c47f6ee8aca31724f78e93ccc089a"}, + {file = "PyYAML-6.0.2-cp38-cp38-win_amd64.whl", hash = "sha256:01179a4a8559ab5de078078f37e5c1a30d76bb88519906844fd7bdea1b7729ff"}, + {file = "PyYAML-6.0.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:688ba32a1cffef67fd2e9398a2efebaea461578b0923624778664cc1c914db5d"}, + {file = "PyYAML-6.0.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:a8786accb172bd8afb8be14490a16625cbc387036876ab6ba70912730faf8e1f"}, + {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:d8e03406cac8513435335dbab54c0d385e4a49e4945d2909a581c83647ca0290"}, + {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f753120cb8181e736c57ef7636e83f31b9c0d1722c516f7e86cf15b7aa57ff12"}, + {file = "PyYAML-6.0.2-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3b1fdb9dc17f5a7677423d508ab4f243a726dea51fa5e70992e59a7411c89d19"}, + {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:0b69e4ce7a131fe56b7e4d770c67429700908fc0752af059838b1cfb41960e4e"}, + {file = "PyYAML-6.0.2-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:a9f8c2e67970f13b16084e04f134610fd1d374bf477b17ec1599185cf611d725"}, + {file = "PyYAML-6.0.2-cp39-cp39-win32.whl", hash = "sha256:6395c297d42274772abc367baaa79683958044e5d3835486c16da75d2a694631"}, + {file = "PyYAML-6.0.2-cp39-cp39-win_amd64.whl", hash = "sha256:39693e1f8320ae4f43943590b49779ffb98acb81f788220ea932a6b6c51004d8"}, + {file = "pyyaml-6.0.2.tar.gz", hash = "sha256:d584d9ec91ad65861cc08d42e834324ef890a082e591037abe114850ff7bbc3e"}, +] + +[[package]] +name = "repoze-who" +version = "3.0.0" +description = "repoze.who is an identification and authentication framework for WSGI." +optional = true +python-versions = "*" +groups = ["main"] +markers = "extra == \"s2repoze\"" +files = [ + {file = "repoze.who-3.0.0-py3-none-any.whl", hash = "sha256:d9f4523795db192956a10923c9e2d0fcb2bee2da6de4d6a88049a71f7ee6a1ac"}, + {file = "repoze.who-3.0.0.tar.gz", hash = "sha256:e955adf00c1f0b0c715e828979a237ec4bf7ee70827bd97f5e17bf82760dcb30"}, +] + +[package.dependencies] +setuptools = "*" +WebOb = "*" +"zope.interface" = "*" + +[package.extras] +docs = ["Sphinx", "WebOb", "repoze.sphinx.autointerface", "zope.interface"] + +[[package]] +name = "requests" +version = "2.32.5" +description = "Python HTTP for Humans." +optional = false +python-versions = ">=3.9" +groups = ["main", "docs", "test"] +files = [ + {file = "requests-2.32.5-py3-none-any.whl", hash = "sha256:2462f94637a34fd532264295e186976db0f5d453d1cdd31473c85a6a161affb6"}, + {file = "requests-2.32.5.tar.gz", hash = "sha256:dbba0bac56e100853db0ea71b82b4dfd5fe2bf6d3754a8893c3af500cec7d7cf"}, +] + +[package.dependencies] +certifi = ">=2017.4.17" +charset_normalizer = ">=2,<4" +idna = ">=2.5,<4" +urllib3 = ">=1.21.1,<3" + +[package.extras] +socks = ["PySocks (>=1.5.6,!=1.5.7)"] +use-chardet-on-py3 = ["chardet (>=3.0.2,<6)"] + +[[package]] +name = "responses" +version = "0.25.6" +description = "A utility library for mocking out the `requests` Python library." +optional = false +python-versions = ">=3.8" +groups = ["test"] +files = [ + {file = "responses-0.25.6-py3-none-any.whl", hash = "sha256:9cac8f21e1193bb150ec557875377e41ed56248aed94e4567ed644db564bacf1"}, + {file = "responses-0.25.6.tar.gz", hash = "sha256:eae7ce61a9603004e76c05691e7c389e59652d91e94b419623c12bbfb8e331d8"}, +] + +[package.dependencies] +pyyaml = "*" +requests = ">=2.30.0,<3.0" +urllib3 = ">=1.25.10,<3.0" + +[package.extras] +tests = ["coverage (>=6.0.0)", "flake8", "mypy", "pytest (>=7.0.0)", "pytest-asyncio", "pytest-cov", "pytest-httpserver", "tomli ; python_version < \"3.11\"", "tomli-w", "types-PyYAML", "types-requests"] + +[[package]] +name = "setuptools" +version = "80.9.0" +description = "Easily download, build, install, upgrade, and uninstall Python packages" +optional = true +python-versions = ">=3.9" +groups = ["main"] +markers = "extra == \"s2repoze\"" +files = [ + {file = "setuptools-80.9.0-py3-none-any.whl", hash = "sha256:062d34222ad13e0cc312a4c02d73f059e86a4acbfbdea8f8f76b28c99f306922"}, + {file = "setuptools-80.9.0.tar.gz", hash = "sha256:f36b47402ecde768dbfafc46e8e4207b4360c654f1f3bb84475f0a28628fb19c"}, +] + +[package.extras] +check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1) ; sys_platform != \"cygwin\"", "ruff (>=0.8.0) ; sys_platform != \"cygwin\""] +core = ["importlib_metadata (>=6) ; python_version < \"3.10\"", "jaraco.functools (>=4)", "jaraco.text (>=3.7)", "more_itertools", "more_itertools (>=8.8)", "packaging (>=24.2)", "platformdirs (>=4.2.2)", "tomli (>=2.0.1) ; python_version < \"3.11\"", "wheel (>=0.43.0)"] +cover = ["pytest-cov"] +doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "pygments-github-lexers (==0.0.5)", "pyproject-hooks (!=1.1)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-favicon", "sphinx-inline-tabs", "sphinx-lint", "sphinx-notfound-page (>=1,<2)", "sphinx-reredirects", "sphinxcontrib-towncrier", "towncrier (<24.7)"] +enabler = ["pytest-enabler (>=2.2)"] +test = ["build[virtualenv] (>=1.0.3)", "filelock (>=3.4.0)", "ini2toml[lite] (>=0.14)", "jaraco.develop (>=7.21) ; python_version >= \"3.9\" and sys_platform != \"cygwin\"", "jaraco.envs (>=2.2)", "jaraco.path (>=3.7.2)", "jaraco.test (>=5.5)", "packaging (>=24.2)", "pip (>=19.1)", "pyproject-hooks (!=1.1)", "pytest (>=6,!=8.1.*)", "pytest-home (>=0.5)", "pytest-perf ; sys_platform != \"cygwin\"", "pytest-subprocess", "pytest-timeout", "pytest-xdist (>=3)", "tomli-w (>=1.0.0)", "virtualenv (>=13.0.0)", "wheel (>=0.44.0)"] +type = ["importlib_metadata (>=7.0.2) ; python_version < \"3.10\"", "jaraco.develop (>=7.21) ; sys_platform != \"cygwin\"", "mypy (==1.14.*)", "pytest-mypy"] + +[[package]] +name = "six" +version = "1.17.0" +description = "Python 2 and 3 compatibility utilities" +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" +groups = ["main", "dev"] +files = [ + {file = "six-1.17.0-py2.py3-none-any.whl", hash = "sha256:4721f391ed90541fddacab5acf947aa0d3dc7d27b2e1e8eda2be8970586c3274"}, + {file = "six-1.17.0.tar.gz", hash = "sha256:ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"}, +] + +[[package]] +name = "snowballstemmer" +version = "2.2.0" +description = "This package provides 29 stemmers for 28 languages generated from Snowball algorithms." +optional = false +python-versions = "*" +groups = ["docs"] +files = [ + {file = "snowballstemmer-2.2.0-py2.py3-none-any.whl", hash = "sha256:c8e1716e83cc398ae16824e5572ae04e0d9fc2c6b985fb0f900f5f0c96ecba1a"}, + {file = "snowballstemmer-2.2.0.tar.gz", hash = "sha256:09b16deb8547d3412ad7b590689584cd0fe25ec8db3be37788be3810cbf19cb1"}, +] + +[[package]] +name = "sphinx" +version = "7.4.7" +description = "Python documentation generator" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "sphinx-7.4.7-py3-none-any.whl", hash = "sha256:c2419e2135d11f1951cd994d6eb18a1835bd8fdd8429f9ca375dc1f3281bd239"}, + {file = "sphinx-7.4.7.tar.gz", hash = "sha256:242f92a7ea7e6c5b406fdc2615413890ba9f699114a9c09192d7dfead2ee9cfe"}, +] + +[package.dependencies] +alabaster = ">=0.7.14,<0.8.0" +babel = ">=2.13" +colorama = {version = ">=0.4.6", markers = "sys_platform == \"win32\""} +docutils = ">=0.20,<0.22" +imagesize = ">=1.3" +importlib-metadata = {version = ">=6.0", markers = "python_version < \"3.10\""} +Jinja2 = ">=3.1" +packaging = ">=23.0" +Pygments = ">=2.17" +requests = ">=2.30.0" +snowballstemmer = ">=2.2" +sphinxcontrib-applehelp = "*" +sphinxcontrib-devhelp = "*" +sphinxcontrib-htmlhelp = ">=2.0.0" +sphinxcontrib-jsmath = "*" +sphinxcontrib-qthelp = "*" +sphinxcontrib-serializinghtml = ">=1.1.9" +tomli = {version = ">=2", markers = "python_version < \"3.11\""} + +[package.extras] +docs = ["sphinxcontrib-websupport"] +lint = ["flake8 (>=6.0)", "importlib-metadata (>=6.0)", "mypy (==1.10.1)", "pytest (>=6.0)", "ruff (==0.5.2)", "sphinx-lint (>=0.9)", "tomli (>=2)", "types-docutils (==0.21.0.20240711)", "types-requests (>=2.30.0)"] +test = ["cython (>=3.0)", "defusedxml (>=0.7.1)", "pytest (>=8.0)", "setuptools (>=70.0)", "typing_extensions (>=4.9)"] + +[[package]] +name = "sphinxcontrib-applehelp" +version = "2.0.0" +description = "sphinxcontrib-applehelp is a Sphinx extension which outputs Apple help books" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "sphinxcontrib_applehelp-2.0.0-py3-none-any.whl", hash = "sha256:4cd3f0ec4ac5dd9c17ec65e9ab272c9b867ea77425228e68ecf08d6b28ddbdb5"}, + {file = "sphinxcontrib_applehelp-2.0.0.tar.gz", hash = "sha256:2f29ef331735ce958efa4734873f084941970894c6090408b079c61b2e1c06d1"}, +] + +[package.extras] +lint = ["mypy", "ruff (==0.5.5)", "types-docutils"] +standalone = ["Sphinx (>=5)"] +test = ["pytest"] + +[[package]] +name = "sphinxcontrib-devhelp" +version = "2.0.0" +description = "sphinxcontrib-devhelp is a sphinx extension which outputs Devhelp documents" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "sphinxcontrib_devhelp-2.0.0-py3-none-any.whl", hash = "sha256:aefb8b83854e4b0998877524d1029fd3e6879210422ee3780459e28a1f03a8a2"}, + {file = "sphinxcontrib_devhelp-2.0.0.tar.gz", hash = "sha256:411f5d96d445d1d73bb5d52133377b4248ec79db5c793ce7dbe59e074b4dd1ad"}, +] + +[package.extras] +lint = ["mypy", "ruff (==0.5.5)", "types-docutils"] +standalone = ["Sphinx (>=5)"] +test = ["pytest"] + +[[package]] +name = "sphinxcontrib-htmlhelp" +version = "2.1.0" +description = "sphinxcontrib-htmlhelp is a sphinx extension which renders HTML help files" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "sphinxcontrib_htmlhelp-2.1.0-py3-none-any.whl", hash = "sha256:166759820b47002d22914d64a075ce08f4c46818e17cfc9470a9786b759b19f8"}, + {file = "sphinxcontrib_htmlhelp-2.1.0.tar.gz", hash = "sha256:c9e2916ace8aad64cc13a0d233ee22317f2b9025b9cf3295249fa985cc7082e9"}, +] + +[package.extras] +lint = ["mypy", "ruff (==0.5.5)", "types-docutils"] +standalone = ["Sphinx (>=5)"] +test = ["html5lib", "pytest"] + +[[package]] +name = "sphinxcontrib-jsmath" +version = "1.0.1" +description = "A sphinx extension which renders display math in HTML via JavaScript" +optional = false +python-versions = ">=3.5" +groups = ["docs"] +files = [ + {file = "sphinxcontrib-jsmath-1.0.1.tar.gz", hash = "sha256:a9925e4a4587247ed2191a22df5f6970656cb8ca2bd6284309578f2153e0c4b8"}, + {file = "sphinxcontrib_jsmath-1.0.1-py2.py3-none-any.whl", hash = "sha256:2ec2eaebfb78f3f2078e73666b1415417a116cc848b72e5172e596c871103178"}, +] + +[package.extras] +test = ["flake8", "mypy", "pytest"] + +[[package]] +name = "sphinxcontrib-qthelp" +version = "2.0.0" +description = "sphinxcontrib-qthelp is a sphinx extension which outputs QtHelp documents" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "sphinxcontrib_qthelp-2.0.0-py3-none-any.whl", hash = "sha256:b18a828cdba941ccd6ee8445dbe72ffa3ef8cbe7505d8cd1fa0d42d3f2d5f3eb"}, + {file = "sphinxcontrib_qthelp-2.0.0.tar.gz", hash = "sha256:4fe7d0ac8fc171045be623aba3e2a8f613f8682731f9153bb2e40ece16b9bbab"}, +] + +[package.extras] +lint = ["mypy", "ruff (==0.5.5)", "types-docutils"] +standalone = ["Sphinx (>=5)"] +test = ["defusedxml (>=0.7.1)", "pytest"] + +[[package]] +name = "sphinxcontrib-serializinghtml" +version = "2.0.0" +description = "sphinxcontrib-serializinghtml is a sphinx extension which outputs \"serialized\" HTML files (json and pickle)" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +files = [ + {file = "sphinxcontrib_serializinghtml-2.0.0-py3-none-any.whl", hash = "sha256:6e2cb0eef194e10c27ec0023bfeb25badbbb5868244cf5bc5bdc04e4464bf331"}, + {file = "sphinxcontrib_serializinghtml-2.0.0.tar.gz", hash = "sha256:e9d912827f872c029017a53f0ef2180b327c3f7fd23c87229f7a8e8b70031d4d"}, +] + +[package.extras] +lint = ["mypy", "ruff (==0.5.5)", "types-docutils"] +standalone = ["Sphinx (>=5)"] +test = ["pytest"] + +[[package]] +name = "stack-data" +version = "0.6.3" +description = "Extract data from python stack frames and tracebacks for informative displays" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "stack_data-0.6.3-py3-none-any.whl", hash = "sha256:d5558e0c25a4cb0853cddad3d77da9891a08cb85dd9f9f91b9f8cd66e511e695"}, + {file = "stack_data-0.6.3.tar.gz", hash = "sha256:836a778de4fec4dcd1dcd89ed8abff8a221f58308462e1c4aa2a3cf30148f0b9"}, +] + +[package.dependencies] +asttokens = ">=2.1.0" +executing = ">=1.2.0" +pure-eval = "*" + +[package.extras] +tests = ["cython", "littleutils", "pygments", "pytest", "typeguard"] + +[[package]] +name = "tomli" +version = "2.2.1" +description = "A lil' TOML parser" +optional = false +python-versions = ">=3.8" +groups = ["coverage", "dev", "docs", "test"] +files = [ + {file = "tomli-2.2.1-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:678e4fa69e4575eb77d103de3df8a895e1591b48e740211bd1067378c69e8249"}, + {file = "tomli-2.2.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:023aa114dd824ade0100497eb2318602af309e5a55595f76b626d6d9f3b7b0a6"}, + {file = "tomli-2.2.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:ece47d672db52ac607a3d9599a9d48dcb2f2f735c6c2d1f34130085bb12b112a"}, + {file = "tomli-2.2.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:6972ca9c9cc9f0acaa56a8ca1ff51e7af152a9f87fb64623e31d5c83700080ee"}, + {file = "tomli-2.2.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:c954d2250168d28797dd4e3ac5cf812a406cd5a92674ee4c8f123c889786aa8e"}, + {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:8dd28b3e155b80f4d54beb40a441d366adcfe740969820caf156c019fb5c7ec4"}, + {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:e59e304978767a54663af13c07b3d1af22ddee3bb2fb0618ca1593e4f593a106"}, + {file = "tomli-2.2.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:33580bccab0338d00994d7f16f4c4ec25b776af3ffaac1ed74e0b3fc95e885a8"}, + {file = "tomli-2.2.1-cp311-cp311-win32.whl", hash = "sha256:465af0e0875402f1d226519c9904f37254b3045fc5084697cefb9bdde1ff99ff"}, + {file = "tomli-2.2.1-cp311-cp311-win_amd64.whl", hash = "sha256:2d0f2fdd22b02c6d81637a3c95f8cd77f995846af7414c5c4b8d0545afa1bc4b"}, + {file = "tomli-2.2.1-cp312-cp312-macosx_10_13_x86_64.whl", hash = "sha256:4a8f6e44de52d5e6c657c9fe83b562f5f4256d8ebbfe4ff922c495620a7f6cea"}, + {file = "tomli-2.2.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:8d57ca8095a641b8237d5b079147646153d22552f1c637fd3ba7f4b0b29167a8"}, + {file = "tomli-2.2.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:4e340144ad7ae1533cb897d406382b4b6fede8890a03738ff1683af800d54192"}, + {file = "tomli-2.2.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:db2b95f9de79181805df90bedc5a5ab4c165e6ec3fe99f970d0e302f384ad222"}, + {file = "tomli-2.2.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:40741994320b232529c802f8bc86da4e1aa9f413db394617b9a256ae0f9a7f77"}, + {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:400e720fe168c0f8521520190686ef8ef033fb19fc493da09779e592861b78c6"}, + {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:02abe224de6ae62c19f090f68da4e27b10af2b93213d36cf44e6e1c5abd19fdd"}, + {file = "tomli-2.2.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:b82ebccc8c8a36f2094e969560a1b836758481f3dc360ce9a3277c65f374285e"}, + {file = "tomli-2.2.1-cp312-cp312-win32.whl", hash = "sha256:889f80ef92701b9dbb224e49ec87c645ce5df3fa2cc548664eb8a25e03127a98"}, + {file = "tomli-2.2.1-cp312-cp312-win_amd64.whl", hash = "sha256:7fc04e92e1d624a4a63c76474610238576942d6b8950a2d7f908a340494e67e4"}, + {file = "tomli-2.2.1-cp313-cp313-macosx_10_13_x86_64.whl", hash = "sha256:f4039b9cbc3048b2416cc57ab3bda989a6fcf9b36cf8937f01a6e731b64f80d7"}, + {file = "tomli-2.2.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:286f0ca2ffeeb5b9bd4fcc8d6c330534323ec51b2f52da063b11c502da16f30c"}, + {file = "tomli-2.2.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a92ef1a44547e894e2a17d24e7557a5e85a9e1d0048b0b5e7541f76c5032cb13"}, + {file = "tomli-2.2.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9316dc65bed1684c9a98ee68759ceaed29d229e985297003e494aa825ebb0281"}, + {file = "tomli-2.2.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e85e99945e688e32d5a35c1ff38ed0b3f41f43fad8df0bdf79f72b2ba7bc5272"}, + {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:ac065718db92ca818f8d6141b5f66369833d4a80a9d74435a268c52bdfa73140"}, + {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:d920f33822747519673ee656a4b6ac33e382eca9d331c87770faa3eef562aeb2"}, + {file = "tomli-2.2.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:a198f10c4d1b1375d7687bc25294306e551bf1abfa4eace6650070a5c1ae2744"}, + {file = "tomli-2.2.1-cp313-cp313-win32.whl", hash = "sha256:d3f5614314d758649ab2ab3a62d4f2004c825922f9e370b29416484086b264ec"}, + {file = "tomli-2.2.1-cp313-cp313-win_amd64.whl", hash = "sha256:a38aa0308e754b0e3c67e344754dff64999ff9b513e691d0e786265c93583c69"}, + {file = "tomli-2.2.1-py3-none-any.whl", hash = "sha256:cb55c73c5f4408779d0cf3eef9f762b9c9f147a77de7b258bef0a5628adc85cc"}, + {file = "tomli-2.2.1.tar.gz", hash = "sha256:cd45e1dc79c835ce60f7404ec8119f2eb06d38b1deba146f07ced3bbc44505ff"}, +] +markers = {coverage = "python_full_version <= \"3.11.0a6\"", dev = "python_version < \"3.11\"", docs = "python_version < \"3.11\"", test = "python_version < \"3.11\""} + +[[package]] +name = "tox" +version = "3.28.0" +description = "tox is a generic virtualenv management and test command line tool" +optional = false +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,>=2.7" +groups = ["dev"] +files = [ + {file = "tox-3.28.0-py2.py3-none-any.whl", hash = "sha256:57b5ab7e8bb3074edc3c0c0b4b192a4f3799d3723b2c5b76f1fa9f2d40316eea"}, + {file = "tox-3.28.0.tar.gz", hash = "sha256:d0d28f3fe6d6d7195c27f8b054c3e99d5451952b54abdae673b71609a581f640"}, +] + +[package.dependencies] +colorama = {version = ">=0.4.1", markers = "platform_system == \"Windows\""} +filelock = ">=3.0.0" +packaging = ">=14" +pluggy = ">=0.12.0" +py = ">=1.4.17" +six = ">=1.14.0" +tomli = {version = ">=2.0.1", markers = "python_version >= \"3.7\" and python_version < \"3.11\""} +virtualenv = ">=16.0.0,<20.0.0 || >20.0.0,<20.0.1 || >20.0.1,<20.0.2 || >20.0.2,<20.0.3 || >20.0.3,<20.0.4 || >20.0.4,<20.0.5 || >20.0.5,<20.0.6 || >20.0.6,<20.0.7 || >20.0.7" + +[package.extras] +docs = ["pygments-github-lexers (>=0.0.5)", "sphinx (>=2.0.0)", "sphinxcontrib-autoprogram (>=0.1.5)", "towncrier (>=18.5.0)"] +testing = ["flaky (>=3.4.0)", "freezegun (>=0.3.11)", "pathlib2 (>=2.3.3) ; python_version < \"3.4\"", "psutil (>=5.6.1) ; platform_python_implementation == \"cpython\"", "pytest (>=4.0.0)", "pytest-cov (>=2.5.1)", "pytest-mock (>=1.10.0)", "pytest-randomly (>=1.0.0)"] + +[[package]] +name = "traitlets" +version = "5.14.3" +description = "Traitlets Python configuration system" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "traitlets-5.14.3-py3-none-any.whl", hash = "sha256:b74e89e397b1ed28cc831db7aea759ba6640cb3de13090ca145426688ff1ac4f"}, + {file = "traitlets-5.14.3.tar.gz", hash = "sha256:9ed0579d3502c94b4b3732ac120375cda96f923114522847de4b3bb98b96b6b7"}, +] + +[package.extras] +docs = ["myst-parser", "pydata-sphinx-theme", "sphinx"] +test = ["argcomplete (>=3.0.3)", "mypy (>=1.7.0)", "pre-commit", "pytest (>=7.0,<8.2)", "pytest-mock", "pytest-mypy-testing"] + +[[package]] +name = "types-pyopenssl" +version = "23.3.0.20240106" +description = "Typing stubs for pyOpenSSL" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "types-pyOpenSSL-23.3.0.20240106.tar.gz", hash = "sha256:3d6f3462bec0c260caadf93fbb377225c126661b779c7d9ab99b6dad5ca10db9"}, + {file = "types_pyOpenSSL-23.3.0.20240106-py3-none-any.whl", hash = "sha256:47a7eedbd18b7bcad17efebf1c53416148f5a173918a6d75027e75e32fe039ae"}, +] + +[package.dependencies] +cryptography = ">=35.0.0" + +[[package]] +name = "types-python-dateutil" +version = "2.9.0.20241206" +description = "Typing stubs for python-dateutil" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "types_python_dateutil-2.9.0.20241206-py3-none-any.whl", hash = "sha256:e248a4bc70a486d3e3ec84d0dc30eec3a5f979d6e7ee4123ae043eedbb987f53"}, + {file = "types_python_dateutil-2.9.0.20241206.tar.gz", hash = "sha256:18f493414c26ffba692a72369fea7a154c502646301ebfe3d56a04b3767284cb"}, +] + +[[package]] +name = "types-requests" +version = "2.32.0.20241016" +description = "Typing stubs for requests" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "types-requests-2.32.0.20241016.tar.gz", hash = "sha256:0d9cad2f27515d0e3e3da7134a1b6f28fb97129d86b867f24d9c726452634d95"}, + {file = "types_requests-2.32.0.20241016-py3-none-any.whl", hash = "sha256:4195d62d6d3e043a4eaaf08ff8a62184584d2e8684e9d2aa178c7915a7da3747"}, +] + +[package.dependencies] +urllib3 = ">=2" + +[[package]] +name = "types-setuptools" +version = "67.8.0.0" +description = "Typing stubs for setuptools" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "types-setuptools-67.8.0.0.tar.gz", hash = "sha256:95c9ed61871d6c0e258433373a4e1753c0a7c3627a46f4d4058c7b5a08ab844f"}, + {file = "types_setuptools-67.8.0.0-py3-none-any.whl", hash = "sha256:6df73340d96b238a4188b7b7668814b37e8018168aef1eef94a3b1872e3f60ff"}, +] + +[[package]] +name = "types-six" +version = "1.17.0.20241205" +description = "Typing stubs for six" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "types_six-1.17.0.20241205-py3-none-any.whl", hash = "sha256:a4947c2bdcd9ab69d44466a533a15839ff48ddc27223615cb8145d73ab805bc2"}, + {file = "types_six-1.17.0.20241205.tar.gz", hash = "sha256:1f662347a8f3b2bf30517d629d82f591420df29811794b0bf3804e14d716f6e0"}, +] + +[[package]] +name = "typing-extensions" +version = "4.12.2" +description = "Backported and Experimental Type Hints for Python 3.8+" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "typing_extensions-4.12.2-py3-none-any.whl", hash = "sha256:04e5ca0351e0f3f85c6853954072df659d0d13fac324d0072316b67d7794700d"}, + {file = "typing_extensions-4.12.2.tar.gz", hash = "sha256:1a7ead55c7e559dd4dee8856e3a88b41225abfe1ce8df57b7c13915fe121ffb8"}, +] + +[[package]] +name = "urllib3" +version = "2.5.0" +description = "HTTP library with thread-safe connection pooling, file post, and more." +optional = false +python-versions = ">=3.9" +groups = ["main", "dev", "docs", "test"] +files = [ + {file = "urllib3-2.5.0-py3-none-any.whl", hash = "sha256:e6b01673c0fa6a13e374b50871808eb3bf7046c4b125b216f6bf1cc604cff0dc"}, + {file = "urllib3-2.5.0.tar.gz", hash = "sha256:3fc47733c7e419d4bc3f6b3dc2b4f890bb743906a30d56ba4a5bfa4bbff92760"}, +] + +[package.extras] +brotli = ["brotli (>=1.0.9) ; platform_python_implementation == \"CPython\"", "brotlicffi (>=0.8.0) ; platform_python_implementation != \"CPython\""] +h2 = ["h2 (>=4,<5)"] +socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] +zstd = ["zstandard (>=0.18.0)"] + +[[package]] +name = "virtualenv" +version = "20.29.2" +description = "Virtual Python Environment builder" +optional = false +python-versions = ">=3.8" +groups = ["dev"] +files = [ + {file = "virtualenv-20.29.2-py3-none-any.whl", hash = "sha256:febddfc3d1ea571bdb1dc0f98d7b45d24def7428214d4fb73cc486c9568cce6a"}, + {file = "virtualenv-20.29.2.tar.gz", hash = "sha256:fdaabebf6d03b5ba83ae0a02cfe96f48a716f4fae556461d180825866f75b728"}, +] + +[package.dependencies] +distlib = ">=0.3.7,<1" +filelock = ">=3.12.2,<4" +platformdirs = ">=3.9.1,<5" + +[package.extras] +docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx (>=7.1.2,!=7.3)", "sphinx-argparse (>=0.4)", "sphinxcontrib-towncrier (>=0.2.1a0)", "towncrier (>=23.6)"] +test = ["covdefaults (>=2.3)", "coverage (>=7.2.7)", "coverage-enable-subprocess (>=1)", "flaky (>=3.7)", "packaging (>=23.1)", "pytest (>=7.4)", "pytest-env (>=0.8.2)", "pytest-freezer (>=0.4.8) ; platform_python_implementation == \"PyPy\" or platform_python_implementation == \"CPython\" and sys_platform == \"win32\" and python_version >= \"3.13\"", "pytest-mock (>=3.11.1)", "pytest-randomly (>=3.12)", "pytest-timeout (>=2.1)", "setuptools (>=68)", "time-machine (>=2.10) ; platform_python_implementation == \"CPython\""] + +[[package]] +name = "wcwidth" +version = "0.2.13" +description = "Measures the displayed width of unicode strings in a terminal" +optional = false +python-versions = "*" +groups = ["dev"] +files = [ + {file = "wcwidth-0.2.13-py2.py3-none-any.whl", hash = "sha256:3da69048e4540d84af32131829ff948f1e022c1c6bdb8d6102117aac784f6859"}, + {file = "wcwidth-0.2.13.tar.gz", hash = "sha256:72ea0c06399eb286d978fdedb6923a9eb47e1c486ce63e9b4e64fc18303972b5"}, +] + +[[package]] +name = "webob" +version = "1.8.9" +description = "WSGI request and response object" +optional = true +python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,>=2.7" +groups = ["main"] +markers = "extra == \"s2repoze\"" +files = [ + {file = "WebOb-1.8.9-py2.py3-none-any.whl", hash = "sha256:45e34c58ed0c7e2ecd238ffd34432487ff13d9ad459ddfd77895e67abba7c1f9"}, + {file = "webob-1.8.9.tar.gz", hash = "sha256:ad6078e2edb6766d1334ec3dee072ac6a7f95b1e32ce10def8ff7f0f02d56589"}, +] + +[package.dependencies] +legacy-cgi = {version = ">=2.6", markers = "python_version >= \"3.13\""} + +[package.extras] +docs = ["Sphinx (>=1.7.5)", "pylons-sphinx-themes"] +testing = ["coverage", "pytest (>=3.1.0)", "pytest-cov", "pytest-xdist"] + +[[package]] +name = "xmlschema" +version = "2.5.1" +description = "An XML Schema validator and decoder" +optional = false +python-versions = ">=3.7" +groups = ["main"] +files = [ + {file = "xmlschema-2.5.1-py3-none-any.whl", hash = "sha256:ec2b2a15c8896c1fcd14dcee34ca30032b99456c3c43ce793fdb9dca2fb4b869"}, + {file = "xmlschema-2.5.1.tar.gz", hash = "sha256:4f7497de6c8b6dc2c28ad7b9ed6e21d186f4afe248a5bea4f54eedab4da44083"}, +] + +[package.dependencies] +elementpath = ">=4.1.5,<5.0.0" + +[package.extras] +codegen = ["elementpath (>=4.1.5,<5.0.0)", "jinja2"] +dev = ["Sphinx", "coverage", "elementpath (>=4.1.5,<5.0.0)", "flake8", "jinja2", "lxml", "lxml-stubs", "memory-profiler", "mypy", "sphinx-rtd-theme", "tox"] +docs = ["Sphinx", "elementpath (>=4.1.5,<5.0.0)", "jinja2", "sphinx-rtd-theme"] + +[[package]] +name = "zipp" +version = "3.21.0" +description = "Backport of pathlib-compatible object wrapper for zip files" +optional = false +python-versions = ">=3.9" +groups = ["docs"] +markers = "python_version == \"3.9\"" +files = [ + {file = "zipp-3.21.0-py3-none-any.whl", hash = "sha256:ac1bbe05fd2991f160ebce24ffbac5f6d11d83dc90891255885223d42b3cd931"}, + {file = "zipp-3.21.0.tar.gz", hash = "sha256:2c9958f6430a2040341a52eb608ed6dd93ef4392e02ffe219417c1b28b5dd1f4"}, +] + +[package.extras] +check = ["pytest-checkdocs (>=2.4)", "pytest-ruff (>=0.2.1) ; sys_platform != \"cygwin\""] +cover = ["pytest-cov"] +doc = ["furo", "jaraco.packaging (>=9.3)", "jaraco.tidelift (>=1.4)", "rst.linker (>=1.9)", "sphinx (>=3.5)", "sphinx-lint"] +enabler = ["pytest-enabler (>=2.2)"] +test = ["big-O", "importlib-resources ; python_version < \"3.9\"", "jaraco.functools", "jaraco.itertools", "jaraco.test", "more-itertools", "pytest (>=6,!=8.1.*)", "pytest-ignore-flaky"] +type = ["pytest-mypy"] + +[[package]] +name = "zope-interface" +version = "7.2" +description = "Interfaces for Python" +optional = true +python-versions = ">=3.8" +groups = ["main"] +markers = "extra == \"s2repoze\"" +files = [ + {file = "zope.interface-7.2-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:ce290e62229964715f1011c3dbeab7a4a1e4971fd6f31324c4519464473ef9f2"}, + {file = "zope.interface-7.2-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:05b910a5afe03256b58ab2ba6288960a2892dfeef01336dc4be6f1b9ed02ab0a"}, + {file = "zope.interface-7.2-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:550f1c6588ecc368c9ce13c44a49b8d6b6f3ca7588873c679bd8fd88a1b557b6"}, + {file = "zope.interface-7.2-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:0ef9e2f865721553c6f22a9ff97da0f0216c074bd02b25cf0d3af60ea4d6931d"}, + {file = "zope.interface-7.2-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:27f926f0dcb058211a3bb3e0e501c69759613b17a553788b2caeb991bed3b61d"}, + {file = "zope.interface-7.2-cp310-cp310-win_amd64.whl", hash = "sha256:144964649eba4c5e4410bb0ee290d338e78f179cdbfd15813de1a664e7649b3b"}, + {file = "zope.interface-7.2-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:1909f52a00c8c3dcab6c4fad5d13de2285a4b3c7be063b239b8dc15ddfb73bd2"}, + {file = "zope.interface-7.2-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:80ecf2451596f19fd607bb09953f426588fc1e79e93f5968ecf3367550396b22"}, + {file = "zope.interface-7.2-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:033b3923b63474800b04cba480b70f6e6243a62208071fc148354f3f89cc01b7"}, + {file = "zope.interface-7.2-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:a102424e28c6b47c67923a1f337ede4a4c2bba3965b01cf707978a801fc7442c"}, + {file = "zope.interface-7.2-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:25e6a61dcb184453bb00eafa733169ab6d903e46f5c2ace4ad275386f9ab327a"}, + {file = "zope.interface-7.2-cp311-cp311-win_amd64.whl", hash = "sha256:3f6771d1647b1fc543d37640b45c06b34832a943c80d1db214a37c31161a93f1"}, + {file = "zope.interface-7.2-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:086ee2f51eaef1e4a52bd7d3111a0404081dadae87f84c0ad4ce2649d4f708b7"}, + {file = "zope.interface-7.2-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:21328fcc9d5b80768bf051faa35ab98fb979080c18e6f84ab3f27ce703bce465"}, + {file = "zope.interface-7.2-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f6dd02ec01f4468da0f234da9d9c8545c5412fef80bc590cc51d8dd084138a89"}, + {file = "zope.interface-7.2-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:8e7da17f53e25d1a3bde5da4601e026adc9e8071f9f6f936d0fe3fe84ace6d54"}, + {file = "zope.interface-7.2-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:cab15ff4832580aa440dc9790b8a6128abd0b88b7ee4dd56abacbc52f212209d"}, + {file = "zope.interface-7.2-cp312-cp312-win_amd64.whl", hash = "sha256:29caad142a2355ce7cfea48725aa8bcf0067e2b5cc63fcf5cd9f97ad12d6afb5"}, + {file = "zope.interface-7.2-cp313-cp313-macosx_10_9_x86_64.whl", hash = "sha256:3e0350b51e88658d5ad126c6a57502b19d5f559f6cb0a628e3dc90442b53dd98"}, + {file = "zope.interface-7.2-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:15398c000c094b8855d7d74f4fdc9e73aa02d4d0d5c775acdef98cdb1119768d"}, + {file = "zope.interface-7.2-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:802176a9f99bd8cc276dcd3b8512808716492f6f557c11196d42e26c01a69a4c"}, + {file = "zope.interface-7.2-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:eb23f58a446a7f09db85eda09521a498e109f137b85fb278edb2e34841055398"}, + {file = "zope.interface-7.2-cp313-cp313-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a71a5b541078d0ebe373a81a3b7e71432c61d12e660f1d67896ca62d9628045b"}, + {file = "zope.interface-7.2-cp313-cp313-win_amd64.whl", hash = "sha256:4893395d5dd2ba655c38ceb13014fd65667740f09fa5bb01caa1e6284e48c0cd"}, + {file = "zope.interface-7.2-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:d3a8ffec2a50d8ec470143ea3d15c0c52d73df882eef92de7537e8ce13475e8a"}, + {file = "zope.interface-7.2-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:31d06db13a30303c08d61d5fb32154be51dfcbdb8438d2374ae27b4e069aac40"}, + {file = "zope.interface-7.2-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:e204937f67b28d2dca73ca936d3039a144a081fc47a07598d44854ea2a106239"}, + {file = "zope.interface-7.2-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:224b7b0314f919e751f2bca17d15aad00ddbb1eadf1cb0190fa8175edb7ede62"}, + {file = "zope.interface-7.2-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:baf95683cde5bc7d0e12d8e7588a3eb754d7c4fa714548adcd96bdf90169f021"}, + {file = "zope.interface-7.2-cp38-cp38-win_amd64.whl", hash = "sha256:7dc5016e0133c1a1ec212fc87a4f7e7e562054549a99c73c8896fa3a9e80cbc7"}, + {file = "zope.interface-7.2-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:7bd449c306ba006c65799ea7912adbbfed071089461a19091a228998b82b1fdb"}, + {file = "zope.interface-7.2-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:a19a6cc9c6ce4b1e7e3d319a473cf0ee989cbbe2b39201d7c19e214d2dfb80c7"}, + {file = "zope.interface-7.2-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:72cd1790b48c16db85d51fbbd12d20949d7339ad84fd971427cf00d990c1f137"}, + {file = "zope.interface-7.2-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:52e446f9955195440e787596dccd1411f543743c359eeb26e9b2c02b077b0519"}, + {file = "zope.interface-7.2-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:2ad9913fd858274db8dd867012ebe544ef18d218f6f7d1e3c3e6d98000f14b75"}, + {file = "zope.interface-7.2-cp39-cp39-win_amd64.whl", hash = "sha256:1090c60116b3da3bfdd0c03406e2f14a1ff53e5771aebe33fec1edc0a350175d"}, + {file = "zope.interface-7.2.tar.gz", hash = "sha256:8b49f1a3d1ee4cdaf5b32d2e738362c7f5e40ac8b46dd7d1a65e82a4872728fe"}, +] + +[package.dependencies] +setuptools = "*" + +[package.extras] +docs = ["Sphinx", "furo", "repoze.sphinx.autointerface"] +test = ["coverage[toml]", "zope.event", "zope.testing"] +testing = ["coverage[toml]", "zope.event", "zope.testing"] + +[extras] +s2repoze = ["paste", "repoze.who", "zope.interface"] + +[metadata] +lock-version = "2.1" +python-versions = ">= 3.9" +content-hash = "04b0c0e0efb4781e75bd015e82e23592fb454f9bdeb42507a18c9e5a18d30029" diff --git a/pyproject.toml b/pyproject.toml index 385c7952a..87068b18d 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,2 +1,273 @@ +[project] +name = "pysaml2" +version = "7.5.4" +description = "Python implementation of SAML Version 2 Standard" +license = "Apache-2.0" +authors = [{name = "IdentityPython", email = "discuss@idpy.org"}] +maintainers = [{name = "IdentityPython", email = "discuss@idpy.org"}] +readme = "README.md" +keywords = [ + "saml", + "saml2", + "standard", + "federation", + "identity", + "idpy", + "IdentityPython", +] +classifiers = [ + "Topic :: Software Development :: Libraries :: Python Modules", +] +requires-python = ">= 3.9" +dependencies = [ + "cryptography >=3.1", + "defusedxml", + "pyopenssl <24.3.0", + "python-dateutil", + "requests >=2.0.0,<3.0.0", # ^2 means compatible with 2.x + "xmlschema >=2.0.0,<3.0.0" +] + +[project.optional-dependencies] +s2repoze = [ + "paste", + "repoze.who", + "zope.interface" +] + +[project.urls] +Homepage = "https://idpy.org" +Documentation = "https://pysaml2.readthedocs.io" +Repository = "https://github.com/IdentityPython/pysaml2" +Issues = "https://github.com/IdentityPython/pysaml2/issues" +Changelog = "https://github.com/IdentityPython/pysaml2/blob/master/CHANGELOG.md" + + +[tool.poetry] +packages = [ + { include = "saml2", from = "src" }, + { include = "saml2test", from = "src" }, +] + +[project.scripts] +make_metadata = "saml2.tools.make_metadata:main" +mdexport = "saml2.tools.mdexport:main" +merge_metadata = "saml2.tools.merge_metadata:main" +parse_xsd2 = "saml2.tools.parse_xsd2:main" + +[tool.poetry.group.dev] +optional = true + +[tool.poetry.group.dev.dependencies] +black = "*" +isort = {version = "^5.10.1", extras = ["pyproject"]} +tox = "^3.25.1" +flake8 = ">=4" +Flake8-pyproject = "^1.1.0.post0" +flake8-bugbear = "^22.8.23" +flake8-logging-format = "^0.7.5" +ipdb = "^0.13.9" +mypy = "^1.0.0" +types-pyopenssl = "^23.0.0.3" +types-python-dateutil = "^2.8.19.6" +types-setuptools = "^67.2.0.1" +types-six = "^1.16.21.4" +types-requests = "^2.28.11.12" + +[tool.poetry.group.test] +optional = true + +[tool.poetry.group.test.dependencies] +pyasn1 = "*" +pymongo = ">=3.5, <5" +pytest = ">=6.0" +responses = "*" + +[tool.poetry.group.coverage] +optional = true + +[tool.poetry.group.coverage.dependencies] +coverage = "*" +pytest-cov = "*" + +[tool.poetry.group.docs] +optional = true + +[tool.poetry.group.docs.dependencies] +sphinx = "*" + [build-system] -requires = ["setuptools>=40.0.0", "wheel"] +requires = ["poetry_core>=1.0.0"] +build-backend = "poetry.core.masonry.api" + +[tool.pytest.ini_options] +minversion = "6.0" +addopts = "-ra -vvv" +testpaths = [ + "tests", +] +markers = [ + "mongo", +] +pythonpath = [ + "tests", +] + +[tool.coverage.run] +branch = true +source = ["saml2"] + +[tool.coverage.report] +exclude_lines = [ + "pragma: no cover", + "def __repr__", + "def __str__", + "raise AssertionError", + "raise NotImplementedError", + "if __name__ == .__main__.:", + "if TYPE_CHECKING:", + "if typing.TYPE_CHECKING:", +] + +[tool.coverage.html] +directory = "cov_html" + +[tool.flake8] +max-line-length = 120 +max-complexity = 18 +count = true +show-source = true +statistics = true +disable-noqa = false +enable-extensions = [ + 'G', # flake8-logging-format +] +# 'ignore' defaults to: E121,E123,E126,E226,E24,E704,W503,W504 +extend-ignore = [ + 'E501', # line too long; instead, use B950 + 'E203', # whitespace before ‘,’, ‘;’, or ‘:’; may conflict with black + 'W503', # line break before binary operator +] +per-file-ignores = [ + '__init__.py:F401', +] +# 'select' defaults to: E,F,W,C90 +extend-select = [ + # * Default warnings reported by flake8-bugbear (B) - + # https://github.com/PyCQA/flake8-bugbear#list-of-warnings + 'B', + # * The B950 flake8-bugbear opinionated warnings - + # https://github.com/PyCQA/flake8-bugbear#opinionated-warnings + 'B9', + # + # * Complexity violations reported by mccabe (C) - + # http://flake8.pycqa.org/en/latest/user/error-codes.html#error-violation-codes + # mccabe only ever reports one violation - C901 based on the complexity value + # provided by the user. + # This is selected by default. + #'C90', + # + # * Documentation conventions compliance reported by pydocstyle (D) - + # http://www.pydocstyle.org/en/stable/error_codes.html + #'D', # FIXME TODO + # + # * Default errors reported by pycodestyle (E) - + # https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes + # This is selected by default. + #'E', + # + # * Default errors reported by pyflakes (F) - + # http://flake8.pycqa.org/en/latest/user/error-codes.html + # This is selected by default. + #'F', + # + # * flake8-mypy - enable limited type checking as a linter + # http://flake8.pycqa.org/en/latest/user/error-codes.html + #'T4', # FIXME TODO + # + # * Default warnings reported by pycodestyle (W) - + # https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes + # This is selected by default. + #'W', +] +extend-exclude = [ + '.github', '.gitlab', + '.Python', '.*.pyc', '.*.pyo', '.*.pyd', '.*.py.class', '*.egg-info', + 'venv*', '.venv*', '.*_cache', + 'lib', 'lib64', '.*.so', + 'build', 'dist', 'sdist', 'wheels', +] + +[tool.black] +line-length = 120 +extend-exclude = ''' +# A regex preceded with ^/ will apply only to files and directories +# in the root of the project. +( + \.pytest_cache +) +''' + +[tool.isort] +profile = 'black' +# The 'black' profile means: +# multi_line_output = 3 +# include_trailing_comma = true +# force_grid_wrap = 0 +# use_parentheses = true +# ensure_newline_before_comments = true +# line_length = 88 +line_length = 120 # override black provile line_length +force_single_line = true # override black profile multi_line_output +star_first = true +group_by_package = true +force_sort_within_sections = true +lines_after_imports = 2 +honor_noqa = true +atomic = true +ignore_comments = true +skip_gitignore = true +src_paths = [ + 'src', + 'test', +] + +[tool.mypy] +pretty = true +check_untyped_defs = false +ignore_errors = false +ignore_missing_imports = true +show_error_codes = true +strict_optional = true +warn_unused_ignores = true +warn_redundant_casts = true +warn_unused_configs = true +warn_unreachable = true +install_types = true +non_interactive = true + +[tool.tox] +legacy_tox_ini = """ +[tox] +isolated_build = true +envlist = + py36 + py37 + py38 + py39 + py310 + +[testenv] +skip_install = true +whitelist_externals = + xmlsec1 + poetry +commands_pre = + poetry install --with test,coverage + xmlsec1 --version + poetry run python --version + poetry run pytest --version + poetry run tox --version +commands = + poetry run pytest --import-mode=importlib --cov=saml2 --cov-report=term-missing +""" diff --git a/release-howto.rst b/release-howto.rst deleted file mode 100644 index 1ea60ba9a..000000000 --- a/release-howto.rst +++ /dev/null @@ -1,80 +0,0 @@ -Releasing software -------------------- - -When releasing a new version, the following steps should be taken: - -1. Make sure all automated tests pass. - -2. Make sure the package metadata in ``setup.py`` is up-to-date. You can - verify the information by re-generating the egg info:: - - python setup.py egg_info - - and inspecting ``src/pysaml2.egg-info/PKG-INFO``. You should also make sure - that the long description renders as valid reStructuredText. You can - do this by using the ``rst2html.py`` utility from docutils_:: - - python setup.py --long-description | rst2html > test.html - - If this will produce warning or errors, PyPI will be unable to render - the long description nicely. It will treat it as plain text instead. - -3. Update the version in the VERSION_ file and report the changes in - CHANGELOG.md_ and commit the changes.:: - - git add CHANGELOG.md - git add VERSION - git commit -v -s -m "Release version X.Y.Z" - -4. Create a release branch_:: - - git branch vX.Y.Z - -5. Create a release tag_:: - - git tag -a -s vX.Y.Z -m "Version X.Y.Z" - -6. Push these changes to Github:: - - git push --follow-tags origin vX.Y.Z - git push --follow-tags origin vX.Y.Z:vX.Y.Z - -7. Create a source and wheel distribution and upload it to PyPI:: - - # generate a source and wheel distribution at once - python setup.py sdist bdist_wheel - - # generated files are under dist/ - ls dist/ - - # upload release on test.pypi.org - twine upload --repository-url https://test.pypi.org/legacy/ dist/pysaml2-X.Y.Z* - - # then, upload release on official pypi.org - twine upload dist/pysaml2-X.Y.Z* - -8. Upload the documentation to PyPI. First you need to generate the html - version of the documentation:: - - cd docs/ - make clean - make html - cd _build/html - zip -r pysaml2-docs.zip * - - Submit the generated pysaml2-docs.zip file. - -9. Send an email to the pysaml2 list announcing this release - - -**Important:** Once released to PyPI or any other public download location, -a released egg may *never* be removed, even if it has proven to be a faulty -release ("brown bag release"). In such a case it should simply be superseded -immediately by a new, improved release. - - -.. _VERSION: https://github.com/IdentityPython/pysaml2/blob/master/VERSION -.. _CHANGELOG.md: https://github.com/IdentityPython/pysaml2/blob/master/CHANGELOG.md -.. _docutils: http://docutils.sourceforge.net/ -.. _branch: https://git-scm.com/book/en/v2/Git-Branching-Branches-in-a-Nutshell -.. _tag: https://git-scm.com/book/en/v2/Git-Basics-Tagging#_annotated_tags diff --git a/script/__init__.py b/script/__init__.py index 3b031d2bf..169408711 100644 --- a/script/__init__.py +++ b/script/__init__.py @@ -1 +1 @@ -__author__ = 'rolandh' +__author__ = "rolandh" diff --git a/script/filter_testcase_ids.py b/script/filter_testcase_ids.py index 675aefe5e..d7c75a3d1 100755 --- a/script/filter_testcase_ids.py +++ b/script/filter_testcase_ids.py @@ -2,9 +2,12 @@ # extract test case IDs from json-formatted list (`sp_testdrv.py -l` or `idp_testdrv.py -l`) # usage: # sp_testdrv.py -l | filter_testcase_ids.py -__author__ = 'rhoerbe' +__author__ = "rhoerbe" + +import json +import sys + -import json, sys jdata = json.load(sys.stdin) for k in jdata: print(k["id"]) diff --git a/script/idp_testdrv.py b/script/idp_testdrv.py index df86d5c6b..c57a78671 100755 --- a/script/idp_testdrv.py +++ b/script/idp_testdrv.py @@ -1,9 +1,10 @@ #!/usr/bin/env python -__author__ = 'rohe0002' +__author__ = "rohe0002" -#from idp_test import saml2base +# from idp_test import saml2base from idp_test import SAML2client from idp_test.check import factory + cli = SAML2client(factory) -cli.run() \ No newline at end of file +cli.run() diff --git a/script/sp_testdrv.py b/script/sp_testdrv.py index 14f943039..27522257b 100755 --- a/script/sp_testdrv.py +++ b/script/sp_testdrv.py @@ -1,9 +1,10 @@ #!/usr/bin/env python -__author__ = 'rohe0002' +__author__ = "rohe0002" -from sp_test import tests from sp_test import Client +from sp_test import tests from sp_test.check import factory + cli = Client(tests, factory) -cli.run() \ No newline at end of file +cli.run() diff --git a/script/utility/filter_testcase_ids.py b/script/utility/filter_testcase_ids.py index 675aefe5e..d7c75a3d1 100755 --- a/script/utility/filter_testcase_ids.py +++ b/script/utility/filter_testcase_ids.py @@ -2,9 +2,12 @@ # extract test case IDs from json-formatted list (`sp_testdrv.py -l` or `idp_testdrv.py -l`) # usage: # sp_testdrv.py -l | filter_testcase_ids.py -__author__ = 'rhoerbe' +__author__ = "rhoerbe" + +import json +import sys + -import json, sys jdata = json.load(sys.stdin) for k in jdata: print(k["id"]) diff --git a/script/utility/run_list_of_tests.py b/script/utility/run_list_of_tests.py index e0242d49a..2b01781af 100755 --- a/script/utility/run_list_of_tests.py +++ b/script/utility/run_list_of_tests.py @@ -3,8 +3,8 @@ import fileinput from subprocess import call + for line in fileinput.input(): - cmd = "./run_oper.sh " + line.rstrip() - print("executing " + cmd) + cmd = f"./run_oper.sh {line.rstrip()}" + print(f"executing {cmd}") call(cmd, shell=True) - diff --git a/setup.cfg b/setup.cfg deleted file mode 100644 index 024030eed..000000000 --- a/setup.cfg +++ /dev/null @@ -1,111 +0,0 @@ -[metadata] -name = pysaml2 -version = file:VERSION -author = IdentityPython -author-email = discuss@idpy.org -maintainer = IdentityPython -maintainer-email = discuss@idpy.org -license = Apache License Version 2.0 -license-file = LICENSE -description = Python implementation of SAML Version 2 Standard -long-description = file:README.rst -long_description_content_type = text/x-rst; charset=UTF-8 -home-page = https://idpy.org -project_urls = - Bug Tracker = https://github.com/IdentityPython/pysaml2/issues - Documentation = https://pysaml2.readthedocs.io - Source Code = https://github.com/IdentityPython/pysaml2 -classifier = - Development Status :: 4 - Beta - License :: OSI Approved :: Apache Software License - Topic :: Software Development :: Libraries :: Python Modules - Programming Language :: Python :: 3 :: Only - Programming Language :: Python :: 3.6 - Programming Language :: Python :: 3.7 - Programming Language :: Python :: 3.8 - Programming Language :: Python :: 3.9 - Programming Language :: Python :: 3.10 -requires-dist = setuptools -keywords = - saml - saml2 - standard - federation - idpy - IdentityPython - - -[options] -zip_safe = False -include_package_data = True -package_dir = - = src -packages = find: -scripts = - tools/make_metadata.py - tools/mdexport.py - tools/merge_metadata.py - tools/parse_xsd2.py -python_requires = >=3.6, <4 -install_requires = - cryptography >= 1.4 - defusedxml - pyOpenSSL - python-dateutil - pytz - requests >= 1.0.0 - setuptools - six - importlib_resources;python_version<'3.9' - xmlschema >= 1.2.1 - - -[options.packages.find] -where = src -include = - saml2 - saml2.* - - -[options.package_data] -* = - *.xml - *.xsd - - -[options.extras_require] -s2repoze = - paste - zope.interface - repoze.who - - -[bdist_wheel] -universal = 1 - - -[tool:pytest] -markers = - mongo: marks tests that need mongodb - - -[flake8] -max-line-length = 120 -author-attribute = forbidden -no-accept-encodings = True -assertive-snakecase = True -# assertive-test-pattern = -inline-quotes = " -multiline-quotes = """ -docstring-quotes = """ -application-import-names = saml2 - -hang_closing = false -doctests = false -max-complexity = 10 -exclude = - .git - __pycache__ - docs/source/conf.py - build - dist diff --git a/setup.py b/setup.py deleted file mode 100755 index 996b404f0..000000000 --- a/setup.py +++ /dev/null @@ -1,13 +0,0 @@ -"""Setup.py entry point for package. - -Configuration is handled by setuptools>30.3.0 through setup.cfg. -https://setuptools.readthedocs.io/en/latest/setuptools.html#metadata -https://setuptools.readthedocs.io/en/latest/setuptools.html#options -""" - -import setuptools - - -setuptools.setup( - package_dir={'': 'src'}, -) diff --git a/src/saml2/__init__.py b/src/saml2/__init__.py index 6588a741b..01067b4be 100644 --- a/src/saml2/__init__.py +++ b/src/saml2/__init__.py @@ -1,5 +1,4 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- """Contains base classes representing SAML elements. @@ -18,36 +17,24 @@ """ import logging +from typing import Any +from typing import Optional +from typing import Union +from xml.etree import ElementTree -import six +import defusedxml.ElementTree -from saml2.version import version as __version__ from saml2.validate import valid_instance - -try: - from xml.etree import cElementTree as ElementTree - - if ElementTree.VERSION < '1.3.0': - # cElementTree has no support for register_namespace - # neither _namespace_map, thus we sacrify performance - # for correctness - from xml.etree import ElementTree -except ImportError: - try: - import cElementTree as ElementTree - except ImportError: - from elementtree import ElementTree -import defusedxml.ElementTree +from saml2.version import version as __version__ logger = logging.getLogger(__name__) -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:assertion" # TEMPLATE = '{urn:oasis:names:tc:SAML:2.0:assertion}%s' # XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' -NAMEID_FORMAT_EMAILADDRESS = ( - "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress") +NAMEID_FORMAT_EMAILADDRESS = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" # These are defined in saml2.saml # NAME_FORMAT_UNSPECIFIED = ( @@ -64,21 +51,21 @@ # The specification was later updated with errata, and the new version is here: # http://www.oasis-open.org/committees/download.php/56779/sstc-saml-bindings-errata-2.0-wd-06.pdf # parse a SOAP header, make a SOAP request, and receive a SOAP response -BINDING_SOAP = 'urn:oasis:names:tc:SAML:2.0:bindings:SOAP' +BINDING_SOAP = "urn:oasis:names:tc:SAML:2.0:bindings:SOAP" # parse a PAOS header, make a PAOS request, and receive a PAOS response -BINDING_PAOS = 'urn:oasis:names:tc:SAML:2.0:bindings:PAOS' +BINDING_PAOS = "urn:oasis:names:tc:SAML:2.0:bindings:PAOS" # URI encoded messages -BINDING_HTTP_REDIRECT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect' +BINDING_HTTP_REDIRECT = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" # HTML encoded messages -BINDING_HTTP_POST = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST' +BINDING_HTTP_POST = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" # sensitive messages are transported over a backchannel -BINDING_HTTP_ARTIFACT = 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact' +BINDING_HTTP_ARTIFACT = "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" # as uri response encoded message -BINDING_URI = 'urn:oasis:names:tc:SAML:2.0:bindings:URI' +BINDING_URI = "urn:oasis:names:tc:SAML:2.0:bindings:URI" def class_name(instance): - return "%s:%s" % (instance.c_namespace, instance.c_tag) + return f"{instance.c_namespace}:{instance.c_tag}" def create_class_from_xml_string(target_class, xml_string): @@ -95,14 +82,13 @@ def create_class_from_xml_string(target_class, xml_string): the contents of the XML - or None if the root XML tag and namespace did not match those of the target class. """ - if not isinstance(xml_string, six.binary_type): - xml_string = xml_string.encode('utf-8') + if not isinstance(xml_string, bytes): + xml_string = xml_string.encode("utf-8") tree = defusedxml.ElementTree.fromstring(xml_string) return create_class_from_element_tree(target_class, tree) -def create_class_from_element_tree(target_class, tree, namespace=None, - tag=None): +def create_class_from_element_tree(target_class, tree, namespace=None, tag=None): """Instantiates the class and populates members according to the tree. Note: Only use this function with classes that have c_namespace and c_tag @@ -126,7 +112,7 @@ class members. namespace = target_class.c_namespace if tag is None: tag = target_class.c_tag - if tree.tag == '{%s}%s' % (namespace, tag): + if tree.tag == f"{{{namespace}}}{tag}": target = target_class() target.harvest_element_tree(tree) return target @@ -136,14 +122,13 @@ class members. class Error(Exception): """Exception class thrown by this module.""" - pass class SAMLError(Exception): pass -class ExtensionElement(object): +class ExtensionElement: """XML which is not part of the SAML specification, these are called extension elements. If a classes parser encounters an unexpected XML construct, it is translated into an @@ -152,8 +137,7 @@ class ExtensionElement(object): extension are turned into ExtensionElements as well. """ - def __init__(self, tag, namespace=None, attributes=None, - children=None, text=None): + def __init__(self, tag, namespace=None, attributes=None, children=None, text=None): """Constructor for ExtensionElement :param namespace: The XML namespace for this element. @@ -173,7 +157,7 @@ def __init__(self, tag, namespace=None, attributes=None, self.text = text def to_string(self): - """ Serialize the object into a XML string """ + """Serialize the object into a XML string""" element_tree = self.transfer_to_element_tree() return ElementTree.tostring(element_tree, encoding="UTF-8") @@ -181,10 +165,10 @@ def transfer_to_element_tree(self): if self.tag is None: return None - element_tree = ElementTree.Element('') + element_tree = ElementTree.Element("") if self.namespace is not None: - element_tree.tag = '{%s}%s' % (self.namespace, self.tag) + element_tree.tag = f"{{{self.namespace}}}{self.tag}" else: element_tree.tag = self.tag @@ -248,7 +232,7 @@ def find_children(self, tag=None, namespace=None): return results def loadd(self, ava): - """ expects a special set of keys """ + """expects a special set of keys""" if "attributes" in ava: for key, val in ava["attributes"].items(): @@ -285,9 +269,9 @@ def extension_element_from_string(xml_string): def _extension_element_from_element_tree(element_tree): elementc_tag = element_tree.tag - if '}' in elementc_tag: - namespace = elementc_tag[1:elementc_tag.index('}')] - tag = elementc_tag[elementc_tag.index('}') + 1:] + if "}" in elementc_tag: + namespace = elementc_tag[1 : elementc_tag.index("}")] + tag = elementc_tag[elementc_tag.index("}") + 1 :] else: namespace = None tag = elementc_tag @@ -300,12 +284,11 @@ def _extension_element_from_element_tree(element_tree): return extension -class ExtensionContainer(object): +class ExtensionContainer: c_tag = "" c_namespace = "" - def __init__(self, text=None, extension_elements=None, - extension_attributes=None): + def __init__(self, text=None, extension_elements=None, extension_attributes=None): self.text = text self.extension_elements = extension_elements or [] @@ -322,8 +305,7 @@ def harvest_element_tree(self, tree): self.text = tree.text def _convert_element_tree_to_member(self, child_tree): - self.extension_elements.append(_extension_element_from_element_tree( - child_tree)) + self.extension_elements.append(_extension_element_from_element_tree(child_tree)) def _convert_element_attribute_to_member(self, attribute, value): self.extension_attributes[attribute] = value @@ -373,7 +355,7 @@ def find_extensions(self, tag=None, namespace=None): return results def extensions_as_elements(self, tag, schema): - """ Return extensions that has the given tag and belongs to the + """Return extensions that has the given tag and belongs to the given schema as native elements of that schema. :param tag: The tag of the element @@ -397,8 +379,7 @@ def add_extension_attribute(self, name, value): self.extension_attributes[name] = value -def make_vals(val, klass, klass_inst=None, prop=None, part=False, - base64encode=False): +def make_vals(val, klass, klass_inst=None, prop=None, part=False, base64encode=False): """ Creates a class instance with a specified value, the specified class instance may be a value on a property in a defined class instance. @@ -423,8 +404,7 @@ class instance may be a value on a property in a defined class instance. cinst = klass().set_text(val) except ValueError: if not part: - cis = [make_vals(sval, klass, klass_inst, prop, True, - base64encode) for sval in val] + cis = [make_vals(sval, klass, klass_inst, prop, True, base64encode) for sval in val] setattr(klass_inst, prop, cis) else: raise @@ -456,20 +436,19 @@ class SamlBase(ExtensionContainer): nodes into ExtensionElements. """ - c_children = {} - c_attributes = {} - c_attribute_type = {} - c_child_order = [] - c_cardinality = {} - c_any = None - c_any_attribute = None - c_value_type = None + c_children: Any = {} + c_attributes: Any = {} + c_attribute_type: Any = {} + c_child_order: list[str] = [] + c_cardinality: dict[str, dict[str, int]] = {} + c_any: Optional[dict[str, str]] = None + c_any_attribute: Optional[dict[str, str]] = None + c_value_type: Any = None c_ns_prefix = None def _get_all_c_children_with_order(self): if len(self.c_child_order) > 0: - for child in self.c_child_order: - yield child + yield from self.c_child_order else: for _, values in iter(self.__class__.c_children.items()): yield values[0] @@ -485,12 +464,9 @@ def _convert_element_tree_to_member(self, child_tree): if isinstance(member_class, list): if getattr(self, member_name) is None: setattr(self, member_name, []) - getattr(self, member_name).append( - create_class_from_element_tree(member_class[0], child_tree)) + getattr(self, member_name).append(create_class_from_element_tree(member_class[0], child_tree)) else: - setattr(self, member_name, - create_class_from_element_tree(member_class, - child_tree)) + setattr(self, member_name, create_class_from_element_tree(member_class, child_tree)) else: ExtensionContainer._convert_element_tree_to_member(self, child_tree) @@ -503,8 +479,7 @@ def _convert_element_attribute_to_member(self, attribute, value): setattr(self, self.__class__.c_attributes[attribute][0], value) else: # If it doesn't appear in the attribute list it's an extension - ExtensionContainer._convert_element_attribute_to_member( - self, attribute, value) + ExtensionContainer._convert_element_attribute_to_member(self, attribute, value) # Three methods to create an ElementTree from an object def _add_members_to_element_tree(self, tree): @@ -521,8 +496,7 @@ def _add_members_to_element_tree(self, tree): else: member.become_child_element_of(tree) # Convert the members of this class which are XML attributes. - for xml_attribute, attribute_info in \ - iter(self.__class__.c_attributes.items()): + for xml_attribute, attribute_info in iter(self.__class__.c_attributes.items()): (member_name, member_type, required) = attribute_info member = getattr(self, member_name) if member is not None: @@ -551,8 +525,7 @@ def _to_element_tree(self): should not be called on in this class. """ - new_tree = ElementTree.Element('{%s}%s' % (self.__class__.c_namespace, - self.__class__.c_tag)) + new_tree = ElementTree.Element(f"{{{self.__class__.c_namespace}}}{self.__class__.c_tag}") self._add_members_to_element_tree(new_tree) return new_tree @@ -601,46 +574,36 @@ def get_prefix_map(self, elements): uri_set = self.get_ns_map(elements, set()) prefix_map = {} for uri in sorted(uri_set): - prefix_map["encas%d" % len(prefix_map)] = uri + prefix_map[f"encas{len(prefix_map)}"] = uri return prefix_map - def get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - self, assertion_tag, advice_tag): - for tmp_encrypted_assertion in \ - self.assertion.advice.encrypted_assertion: + def get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion(self, assertion_tag, advice_tag): + for tmp_encrypted_assertion in self.assertion.advice.encrypted_assertion: if tmp_encrypted_assertion.encrypted_data is None: - prefix_map = self.get_prefix_map([ - tmp_encrypted_assertion._to_element_tree().find( - assertion_tag)]) + prefix_map = self.get_prefix_map([tmp_encrypted_assertion._to_element_tree().find(assertion_tag)]) tree = self._to_element_tree() - encs = tree.find(assertion_tag).find(advice_tag).findall( - tmp_encrypted_assertion._to_element_tree().tag) + encs = tree.find(assertion_tag).find(advice_tag).findall(tmp_encrypted_assertion._to_element_tree().tag) for enc in encs: assertion = enc.find(assertion_tag) if assertion is not None: self.set_prefixes(assertion, prefix_map) - return ElementTree.tostring(tree, encoding="UTF-8").decode('utf-8') + return ElementTree.tostring(tree, encoding="UTF-8").decode("utf-8") - def get_xml_string_with_self_contained_assertion_within_encrypted_assertion( - self, assertion_tag): - """ Makes a encrypted assertion only containing self contained + def get_xml_string_with_self_contained_assertion_within_encrypted_assertion(self, assertion_tag): + """Makes a encrypted assertion only containing self contained namespaces. :param assertion_tag: Tag for the assertion to be transformed. :return: A new samlp.Resonse in string representation. """ - prefix_map = self.get_prefix_map( - [self.encrypted_assertion._to_element_tree().find(assertion_tag)]) + prefix_map = self.get_prefix_map([self.encrypted_assertion._to_element_tree().find(assertion_tag)]) tree = self._to_element_tree() - self.set_prefixes( - tree.find( - self.encrypted_assertion._to_element_tree().tag).find( - assertion_tag), prefix_map) + self.set_prefixes(tree.find(self.encrypted_assertion._to_element_tree().tag).find(assertion_tag), prefix_map) - return ElementTree.tostring(tree, encoding="UTF-8").decode('utf-8') + return ElementTree.tostring(tree, encoding="UTF-8").decode("utf-8") def set_prefixes(self, elem, prefix_map): @@ -652,12 +615,12 @@ def set_prefixes(self, elem, prefix_map): uri_map = {} for prefix, uri in prefix_map.items(): uri_map[uri] = prefix - elem.set("xmlns:" + prefix, uri) + elem.set(f"xmlns:{prefix}", uri) # fixup all elements in the tree memo = {} - for elem in elem.iter(): - self.fixup_element_prefixes(elem, uri_map, memo) + for element in elem.iter(): + self.fixup_element_prefixes(element, uri_map, memo) def fixup_element_prefixes(self, elem, uri_map, memo): def fixup(name): @@ -668,7 +631,7 @@ def fixup(name): return uri, tag = name[1:].split("}") if uri in uri_map: - new_name = uri_map[uri] + ":" + tag + new_name = f"{uri_map[uri]}:{tag}" memo[name] = new_name return new_name @@ -709,30 +672,30 @@ def to_string(self, nspair=None): def __str__(self): # Yes this is confusing. http://bugs.python.org/issue10942 x = self.to_string() - if not isinstance(x, six.string_types): - x = x.decode('utf-8') + if not isinstance(x, str): + x = x.decode("utf-8") return x def keyswv(self): - """ Return the keys of attributes or children that has values + """Return the keys of attributes or children that has values :return: list of keys """ return [key for key, val in self.__dict__.items() if val] def keys(self): - """ Return all the keys that represent possible attributes and + """Return all the keys that represent possible attributes and children. :return: list of keys """ - keys = ['text'] + keys = ["text"] keys.extend([n for (n, t, r) in self.c_attributes.values()]) keys.extend([v[0] for v in self.c_children.values()]) return keys def children_with_values(self): - """ Returns all children that has values + """Returns all children that has values :return: Possibly empty list of children. """ @@ -750,7 +713,7 @@ def children_with_values(self): # noinspection PyUnusedLocal def set_text(self, val, base64encode=False): - """ Sets the text property of this instance. + """Sets the text property of this instance. :param val: The value of the text property :param base64encode: Whether the value should be base64encoded @@ -759,18 +722,15 @@ def set_text(self, val, base64encode=False): # print("set_text: %s" % (val,)) if isinstance(val, bool): - if val: - setattr(self, "text", "true") - else: - setattr(self, "text", "false") + self.text = "true" if val else "false" elif isinstance(val, int): - setattr(self, "text", "%d" % val) - elif isinstance(val, six.string_types): - setattr(self, "text", val) + self.text = str(val) + elif isinstance(val, str): + self.text = val elif val is None: pass else: - raise ValueError("Type shouldn't be '%s'" % (val,)) + raise ValueError(f"Type shouldn't be '{val}'") return self @@ -805,17 +765,14 @@ def loadd(self, ava, base64encode=False): # print("### %s" % ava[prop]) # means there can be a list of values if isinstance(klassdef, list): - make_vals(ava[prop], klassdef[0], self, prop, - base64encode=base64encode) + make_vals(ava[prop], klassdef[0], self, prop, base64encode=base64encode) else: - cis = make_vals(ava[prop], klassdef, self, prop, True, - base64encode) + cis = make_vals(ava[prop], klassdef, self, prop, True, base64encode) setattr(self, prop, cis) if "extension_elements" in ava: for item in ava["extension_elements"]: - self.extension_elements.append(ExtensionElement( - item["tag"]).loadd(item)) + self.extension_elements.append(ExtensionElement(item["tag"]).loadd(item)) if "extension_attributes" in ava: for key, val in ava["extension_attributes"].items(): @@ -843,7 +800,7 @@ def __eq__(self, other): continue svals = self.__dict__[key] ovals = other.__dict__[key] - if isinstance(svals, six.string_types): + if isinstance(svals, str): if svals != ovals: return False elif isinstance(svals, list): @@ -865,7 +822,7 @@ def __eq__(self, other): return True def child_class(self, child): - """ Return the class a child element should be an instance of + """Return the class a child element should be an instance of :param child: The name of the child element :return: The class @@ -879,7 +836,7 @@ def child_class(self, child): return None def child_cardinality(self, child): - """ Return the cardinality of a child element + """Return the cardinality of a child element :param child: The name of the child element :return: The cardinality as a 2-tuple (min, max). @@ -933,27 +890,23 @@ def element_to_extension_element(element): :return: An extension element instance """ - exel = ExtensionElement(element.c_tag, element.c_namespace, - text=element.text) + exel = ExtensionElement(element.c_tag, element.c_namespace, text=element.text) exel.attributes.update(element.extension_attributes) exel.children.extend(element.extension_elements) - for xml_attribute, (member_name, typ, req) in \ - iter(element.c_attributes.items()): + for xml_attribute, (member_name, typ, req) in iter(element.c_attributes.items()): member_value = getattr(element, member_name) if member_value is not None: exel.attributes[xml_attribute] = member_value - exel.children.extend([element_to_extension_element(c) for c in - element.children_with_values()]) + exel.children.extend([element_to_extension_element(c) for c in element.children_with_values()]) return exel -def extension_element_to_element(extension_element, translation_functions, - namespace=None): - """ Convert an extension element to a normal element. +def extension_element_to_element(extension_element, translation_functions, namespace=None): + """Convert an extension element to a normal element. In order to do this you need to have an idea of what type of element it is. Or rather which module it belongs to. @@ -982,7 +935,7 @@ def extension_element_to_element(extension_element, translation_functions, def extension_elements_to_elements(extension_elements, schemas, keep_unmatched=False): - """ Create a list of elements each one matching one of the + """Create a list of elements each one matching one of the given extension elements. This is of course dependent on the access to schemas that describe the extension elements. @@ -1009,11 +962,7 @@ def extension_elements_to_elements(extension_elements, schemas, keep_unmatched=F convert_results = ( inst for schema in schemas - for inst in [ - extension_element_to_element( - extension_element, schema.ELEMENT_FROM_STRING, schema.NAMESPACE - ) - ] + for inst in [extension_element_to_element(extension_element, schema.ELEMENT_FROM_STRING, schema.NAMESPACE)] if inst ) result = next(convert_results, extension_element if keep_unmatched else None) diff --git a/src/saml2/algsupport.py b/src/saml2/algsupport.py index 93580d656..7293b1202 100644 --- a/src/saml2/algsupport.py +++ b/src/saml2/algsupport.py @@ -1,48 +1,51 @@ -from subprocess import Popen, PIPE -from saml2.sigver import get_xmlsec_binary -from saml2.extension.algsupport import SigningMethod +from subprocess import PIPE +from subprocess import Popen + from saml2.extension.algsupport import DigestMethod +from saml2.extension.algsupport import SigningMethod +from saml2.sigver import get_xmlsec_binary + -__author__ = 'roland' +__author__ = "roland" DIGEST_METHODS = { - "hmac-md5": 'http://www.w3.org/2001/04/xmldsig-more#md5', # test framework only! - "hmac-sha1": 'http://www.w3.org/2000/09/xmldsig#sha1', - "hmac-sha224": 'http://www.w3.org/2001/04/xmldsig-more#sha224', - "hmac-sha256": 'http://www.w3.org/2001/04/xmlenc#sha256', - "hmac-sha384": 'http://www.w3.org/2001/04/xmldsig-more#sha384', - "hmac-sha512": 'http://www.w3.org/2001/04/xmlenc#sha512', - "hmac-ripemd160": 'http://www.w3.org/2001/04/xmlenc#ripemd160' + "hmac-md5": "http://www.w3.org/2001/04/xmldsig-more#md5", # test framework only! + "hmac-sha1": "http://www.w3.org/2000/09/xmldsig#sha1", + "hmac-sha224": "http://www.w3.org/2001/04/xmldsig-more#sha224", + "hmac-sha256": "http://www.w3.org/2001/04/xmlenc#sha256", + "hmac-sha384": "http://www.w3.org/2001/04/xmldsig-more#sha384", + "hmac-sha512": "http://www.w3.org/2001/04/xmlenc#sha512", + "hmac-ripemd160": "http://www.w3.org/2001/04/xmlenc#ripemd160", } SIGNING_METHODS = { - "rsa-md5": 'http://www.w3.org/2001/04/xmldsig-more#rsa-md5', - "rsa-ripemd160": 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160', - "rsa-sha1": 'http://www.w3.org/2000/09/xmldsig#rsa-sha1', - "rsa-sha224": 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha224', - "rsa-sha256": 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256', - "rsa-sha384": 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384', - "rsa-sha512": 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512', - "dsa-sha1": 'http://www.w3.org/2000/09/xmldsig#dsa-sha1', - 'dsa-sha256': 'http://www.w3.org/2009/xmldsig11#dsa-sha256', - 'ecdsa-sha1': 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1', - 'ecdsa-sha224': 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224', - 'ecdsa-sha256': 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256', - 'ecdsa-sha384': 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384', - 'ecdsa-sha512': 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512', + "rsa-md5": "http://www.w3.org/2001/04/xmldsig-more#rsa-md5", + "rsa-ripemd160": "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160", + "rsa-sha1": "http://www.w3.org/2000/09/xmldsig#rsa-sha1", + "rsa-sha224": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224", + "rsa-sha256": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", + "rsa-sha384": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384", + "rsa-sha512": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512", + "dsa-sha1": "http://www.w3.org/2000/09/xmldsig#dsa-sha1", + "dsa-sha256": "http://www.w3.org/2009/xmldsig11#dsa-sha256", + "ecdsa-sha1": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1", + "ecdsa-sha224": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224", + "ecdsa-sha256": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256", + "ecdsa-sha384": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384", + "ecdsa-sha512": "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512", } def get_algorithm_support(xmlsec): - com_list = [xmlsec, '--list-transforms'] + com_list = [xmlsec, "--list-transforms"] pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() - p_out = p_out.decode('utf-8') - p_err = p_err.decode('utf-8') + p_out = p_out.decode("utf-8") + p_err = p_err.decode("utf-8") if not p_err: p = p_out.splitlines() - algs = [x.strip('"') for x in p[1].split(',')] + algs = [x.strip('"') for x in p[1].split(",")] digest = [] signing = [] for alg in algs: @@ -68,7 +71,8 @@ def algorithm_support_in_metadata(xmlsec): element_list.append(SigningMethod(algorithm=SIGNING_METHODS[alg])) return element_list -if __name__ == '__main__': + +if __name__ == "__main__": xmlsec = get_xmlsec_binary() res = get_algorithm_support(xmlsec) print(res) diff --git a/src/saml2/argtree.py b/src/saml2/argtree.py index 468b7f07a..3cc579ffc 100644 --- a/src/saml2/argtree.py +++ b/src/saml2/argtree.py @@ -1,4 +1,4 @@ -__author__ = 'roland' +__author__ = "roland" def find_paths(cls, arg, path=None, seen=None, res=None, lev=0): diff --git a/src/saml2/assertion.py b/src/saml2/assertion.py index 99308ecc7..4c0ab1511 100644 --- a/src/saml2/assertion.py +++ b/src/saml2/assertion.py @@ -1,30 +1,29 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- import copy import importlib import logging import re -import six from warnings import warn as _warn from saml2 import saml from saml2 import xmlenc -from saml2.attribute_converter import from_local, ac_factory +from saml2.attribute_converter import ac_factory +from saml2.attribute_converter import from_local from saml2.attribute_converter import get_local_name +from saml2.s_utils import MissingValue from saml2.s_utils import assertion_factory from saml2.s_utils import factory from saml2.s_utils import sid -from saml2.s_utils import MissingValue from saml2.saml import NAME_FORMAT_URI -from saml2.time_util import instant from saml2.time_util import in_a_while +from saml2.time_util import instant logger = logging.getLogger(__name__) def _filter_values(vals, vlist=None, must=False): - """ Removes values from *vals* that does not appear in vlist + """Removes values from *vals* that does not appear in vlist :param vals: The values that are to be filtered :param vlist: required or optional value @@ -35,10 +34,10 @@ def _filter_values(vals, vlist=None, must=False): if not vlist: # No value specified equals any value return vals - if vals is None: # cannot iterate over None, return early + if vals is None: # cannot iterate over None, return early return vals - if isinstance(vlist, six.string_types): + if isinstance(vlist, str): vlist = [vlist] res = [] @@ -71,9 +70,8 @@ def _match(attr, ava): return None -def filter_on_attributes(ava, required=None, optional=None, acs=None, - fail_on_unfulfilled_requirements=True): - """ Filter +def filter_on_attributes(ava, required=None, optional=None, acs=None, fail_on_unfulfilled_requirements=True): + """Filter :param ava: An attribute value assertion as a dictionary :param required: list of RequestedAttribute instances defined to be @@ -86,33 +84,19 @@ def filter_on_attributes(ava, required=None, optional=None, acs=None, """ def _match_attr_name(attr, ava): - local_name = None - - for a in ['name_format', 'friendly_name']: - _val = attr.get(a) - if _val: - if a == 'name_format': - local_name = get_local_name(acs, attr['name'], _val) - else: - local_name = _val - break - - if local_name: - _fn = _match(local_name, ava) - else: - _fn = None - - if not _fn: # In the unlikely case that someone has provided us with - # URIs as attribute names - _fn = _match(attr["name"], ava) - + name = attr["name"].lower() + name_format = attr.get("name_format") + friendly_name = attr.get("friendly_name") + local_name = get_local_name(acs, name, name_format) or friendly_name or "" + _fn = ( + _match(local_name, ava) + # In the unlikely case that someone has provided us with URIs as attribute names + or _match(name, ava) + ) return _fn - def _apply_attr_value_restrictions(attr, res, must=False): - values = [ - av["text"] for av in attr.get("attribute_value", []) - ] + values = [av["text"] for av in attr.get("attribute_value", [])] try: res[_fn].extend(_filter_values(ava[_fn], values)) @@ -133,7 +117,7 @@ def _apply_attr_value_restrictions(attr, res, must=False): if _fn: _apply_attr_value_restrictions(attr, res, True) elif fail_on_unfulfilled_requirements: - desc = "Required attribute missing: '%s'" % (attr["name"]) + desc = f"Required attribute missing: '{attr['name']}'" raise MissingValue(desc) if optional is None: @@ -148,7 +132,7 @@ def _apply_attr_value_restrictions(attr, res, must=False): def filter_on_demands(ava, required=None, optional=None): - """ Never return more than is needed. Filters out everything + """Never return more than is needed. Filters out everything the server is prepared to return but the receiver doesn't ask for :param ava: Attribute value assertion as a dictionary @@ -161,7 +145,7 @@ def filter_on_demands(ava, required=None, optional=None): if required is None: required = {} - lava = dict([(k.lower(), k) for k in ava.keys()]) + lava = {k.lower(): k for k in ava.keys()} for attr, vals in required.items(): attr = attr.lower() @@ -169,11 +153,9 @@ def filter_on_demands(ava, required=None, optional=None): if vals: for val in vals: if val not in ava[lava[attr]]: - raise MissingValue( - "Required attribute value missing: %s,%s" % (attr, - val)) + raise MissingValue(f"Required attribute value missing: {attr},{val}") else: - raise MissingValue("Required attribute missing: %s" % (attr,)) + raise MissingValue(f"Required attribute missing: {attr}") if optional is None: optional = {} @@ -199,7 +181,7 @@ def filter_on_wire_representation(ava, acs, required=None, optional=None): :param optional: A list of saml.Attributes :return: Dictionary of expected/wanted attributes and values """ - acsdic = dict([(ac.name_format, ac) for ac in acs]) + acsdic = {ac.name_format: ac for ac in acs} if required is None: required = [] @@ -232,7 +214,7 @@ def filter_on_wire_representation(ava, acs, required=None, optional=None): def filter_attribute_value_assertions(ava, attribute_restrictions=None): - """ Will weed out attribute values and values according to the + """Will weed out attribute values and values according to the rules defined in the attribute restrictions. If filtering results in an attribute without values, then the attribute is removed from the assertion. @@ -254,7 +236,7 @@ def filter_attribute_value_assertions(ava, attribute_restrictions=None): else: if _rests is None: continue - if isinstance(vals, six.string_types): + if isinstance(vals, str): vals = [vals] rvals = [] for restr in _rests: @@ -283,7 +265,7 @@ def restriction_from_attribute_spec(attributes): def compile(restrictions): - """ This is only for IdPs or AAs, and it's about limiting what + """This is only for IdPs or AAs, and it's about limiting what is returned to the SP. In the configuration file, restrictions on which values that can be returned are specified with the help of regular expressions. @@ -302,13 +284,14 @@ def compile(restrictions): try: _mod = importlib.import_module(cat) except ImportError: - _mod = importlib.import_module("saml2.entity_category.%s" % cat) + _mod = importlib.import_module(f"saml2.entity_category.{cat}") _ec = {} for key, items in _mod.RELEASE.items(): alist = [k.lower() for k in items] _only_required = getattr(_mod, "ONLY_REQUIRED", {}).get(key, False) - _ec[key] = (alist, _only_required) + _no_aggregation = getattr(_mod, "NO_AGGREGATION", {}).get(key, False) + _ec[key] = (alist, _only_required, _no_aggregation) ecs.append(_ec) spec["entity_categories"] = ecs or None @@ -317,15 +300,13 @@ def compile(restrictions): for key, values in attribute_restrictions.items(): lkey = key.lower() values = [] if not values else values - _attribute_restrictions[lkey] = ( - [re.compile(value) for value in values] or None - ) + _attribute_restrictions[lkey] = [re.compile(value) for value in values] or None spec["attribute_restrictions"] = _attribute_restrictions or None return restrictions -class Policy(object): +class Policy: """Handles restrictions on assertions.""" def __init__(self, restrictions=None, mds=None): @@ -353,19 +334,12 @@ def get(self, attribute, sp_entity_id, default=None): if not self._restrictions: return default - ra_info = ( - self.metadata_store.registration_info(sp_entity_id) or {} - if self.metadata_store is not None - else {} - ) + ra_info = self.metadata_store.registration_info(sp_entity_id) or {} if self.metadata_store is not None else {} ra_entity_id = ra_info.get("registration_authority") sp_restrictions = self._restrictions.get(sp_entity_id) ra_restrictions = self._restrictions.get(ra_entity_id) - default_restrictions = ( - self._restrictions.get("default") - or self._restrictions.get("") - ) + default_restrictions = self._restrictions.get("default") or self._restrictions.get("") restrictions = ( sp_restrictions if sp_restrictions is not None @@ -377,22 +351,18 @@ def get(self, attribute, sp_entity_id, default=None): ) attribute_restriction = restrictions.get(attribute) - restriction = ( - attribute_restriction - if attribute_restriction is not None - else default - ) + restriction = attribute_restriction if attribute_restriction is not None else default return restriction def get_nameid_format(self, sp_entity_id): - """ Get the NameIDFormat to used for the entity id + """Get the NameIDFormat to used for the entity id :param: The SP entity ID :retur: The format """ return self.get("nameid_format", sp_entity_id, saml.NAMEID_FORMAT_TRANSIENT) def get_name_form(self, sp_entity_id): - """ Get the NameFormat to used for the entity id + """Get the NameFormat to used for the entity id :param: The SP entity ID :retur: The format """ @@ -400,7 +370,7 @@ def get_name_form(self, sp_entity_id): return self.get("name_form", sp_entity_id, default=NAME_FORMAT_URI) def get_lifetime(self, sp_entity_id): - """ The lifetime of the assertion + """The lifetime of the assertion :param sp_entity_id: The SP entity ID :param: lifetime as a dictionary """ @@ -408,7 +378,7 @@ def get_lifetime(self, sp_entity_id): return self.get("lifetime", sp_entity_id, {"hours": 1}) def get_attribute_restrictions(self, sp_entity_id): - """ Return the attribute restriction for SP that want the information + """Return the attribute restriction for SP that want the information :param sp_entity_id: The SP entity ID :return: The restrictions @@ -417,7 +387,7 @@ def get_attribute_restrictions(self, sp_entity_id): return self.get("attribute_restrictions", sp_entity_id) def get_fail_on_missing_requested(self, sp_entity_id): - """ Return the whether the IdP should should fail if the SPs + """Return the whether the IdP should should fail if the SPs requested attributes could not be found. :param sp_entity_id: The SP entity ID @@ -457,20 +427,15 @@ def get_entity_categories(self, sp_entity_id, mds=None, required=None): def post_entity_categories(maps, sp_entity_id=None, mds=None, required=None): restrictions = {} required_friendly_names = [ - d.get('friendly_name') or get_local_name( - acs=self.acs, attr=d['name'], name_format=d['name_format'] - ) + d.get("friendly_name") or get_local_name(acs=self.acs, attr=d["name"], name_format=d["name_format"]) for d in (required or []) ] - required = [ - friendly_name.lower() - for friendly_name in required_friendly_names - ] + required = [friendly_name.lower() for friendly_name in required_friendly_names] if mds: ecs = mds.entity_categories(sp_entity_id) for ec_map in maps: - for key, (atlist, only_required) in ec_map.items(): + for key, (atlist, only_required, no_aggregation) in ec_map.items(): if key == "": # always released attrs = atlist elif isinstance(key, tuple): @@ -490,10 +455,13 @@ def post_entity_categories(maps, sp_entity_id=None, mds=None, required=None): else: attrs = [] + if attrs and no_aggregation: + # clear restrictions if the found category is a no aggregation category + restrictions = {} for attr in attrs: restrictions[attr] = None else: - restrictions[''] = None + restrictions[""] = None return restrictions @@ -511,7 +479,7 @@ def post_entity_categories(maps, sp_entity_id=None, mds=None, required=None): return result2 def not_on_or_after(self, sp_entity_id): - """ When the assertion stops being valid, should not be + """When the assertion stops being valid, should not be used after this time. :param sp_entity_id: The SP entity ID @@ -521,7 +489,7 @@ def not_on_or_after(self, sp_entity_id): return in_a_while(**self.get_lifetime(sp_entity_id)) def filter(self, ava, sp_entity_id, mdstore=None, required=None, optional=None): - """ What attribute and attribute values returns depends on what + """What attribute and attribute values returns depends on what the SP or the registration authority has said it wants in the request or in the metadata file and what the IdP/AA wants to release. An assumption is that what the SP or the registration authority @@ -571,7 +539,7 @@ def filter(self, ava, sp_entity_id, mdstore=None, required=None, optional=None): return subject_ava or {} def restrict(self, ava, sp_entity_id, metadata=None): - """ Identity attribute names are expected to be expressed as FriendlyNames + """Identity attribute names are expected to be expressed as FriendlyNames :return: A filtered ava according to the IdPs/AAs rules and the list of required/optional attributes according to the SP. @@ -587,20 +555,22 @@ def restrict(self, ava, sp_entity_id, metadata=None): _warn(warn_msg, DeprecationWarning) metadata_store = metadata or self.metadata_store - spec = ( - metadata_store.attribute_requirement(sp_entity_id) or {} - if metadata_store - else {} - ) + spec = metadata_store.attribute_requirement(sp_entity_id) or {} if metadata_store else {} + required_attributes = spec.get("required") or [] + optional_attributes = spec.get("optional") or [] + requirements_subject_id = metadata_store.subject_id_requirement(sp_entity_id) if metadata_store else [] + for r in requirements_subject_id: + if r not in required_attributes: + required_attributes.append(r) return self.filter( ava, sp_entity_id, - required=spec.get("required"), - optional=spec.get("optional"), + required=required_attributes or None, + optional=optional_attributes or None, ) def conditions(self, sp_entity_id): - """ Return a saml.Condition instance + """Return a saml.Condition instance :param sp_entity_id: The SP entity ID :return: A saml.Condition instance @@ -619,7 +589,7 @@ def conditions(self, sp_entity_id): ) -class EntityCategories(object): +class EntityCategories: pass @@ -632,13 +602,13 @@ def _authn_context_class_ref(authn_class, authn_auth=None): """ cntx_class = factory(saml.AuthnContextClassRef, text=authn_class) if authn_auth: - return factory(saml.AuthnContext, - authn_context_class_ref=cntx_class, - authenticating_authority=factory( - saml.AuthenticatingAuthority, text=authn_auth)) + return factory( + saml.AuthnContext, + authn_context_class_ref=cntx_class, + authenticating_authority=factory(saml.AuthenticatingAuthority, text=authn_auth), + ) else: - return factory(saml.AuthnContext, - authn_context_class_ref=cntx_class) + return factory(saml.AuthnContext, authn_context_class_ref=cntx_class) def _authn_context_decl(decl, authn_auth=None): @@ -648,10 +618,11 @@ def _authn_context_decl(decl, authn_auth=None): :param authn_auth: Authenticating Authority :return: An AuthnContext instance """ - return factory(saml.AuthnContext, - authn_context_decl=decl, - authenticating_authority=factory( - saml.AuthenticatingAuthority, text=authn_auth)) + return factory( + saml.AuthnContext, + authn_context_decl=decl, + authenticating_authority=factory(saml.AuthenticatingAuthority, text=authn_auth), + ) def _authn_context_decl_ref(decl_ref, authn_auth=None): @@ -661,15 +632,22 @@ def _authn_context_decl_ref(decl_ref, authn_auth=None): :param authn_auth: Authenticating Authority :return: An AuthnContext instance """ - return factory(saml.AuthnContext, - authn_context_decl_ref=decl_ref, - authenticating_authority=factory( - saml.AuthenticatingAuthority, text=authn_auth)) - - -def authn_statement(authn_class=None, authn_auth=None, - authn_decl=None, authn_decl_ref=None, authn_instant="", - subject_locality="", session_not_on_or_after=None): + return factory( + saml.AuthnContext, + authn_context_decl_ref=decl_ref, + authenticating_authority=factory(saml.AuthenticatingAuthority, text=authn_auth), + ) + + +def authn_statement( + authn_class=None, + authn_auth=None, + authn_decl=None, + authn_decl_ref=None, + authn_instant="", + subject_locality="", + session_not_on_or_after=None, +): """ Construct the AuthnStatement :param authn_class: Authentication Context Class reference @@ -694,29 +672,31 @@ def authn_statement(authn_class=None, authn_auth=None, authn_instant=_instant, session_index=sid(), session_not_on_or_after=session_not_on_or_after, - authn_context=_authn_context_class_ref( - authn_class, authn_auth)) + authn_context=_authn_context_class_ref(authn_class, authn_auth), + ) elif authn_decl: res = factory( saml.AuthnStatement, authn_instant=_instant, session_index=sid(), session_not_on_or_after=session_not_on_or_after, - authn_context=_authn_context_decl(authn_decl, authn_auth)) + authn_context=_authn_context_decl(authn_decl, authn_auth), + ) elif authn_decl_ref: res = factory( saml.AuthnStatement, authn_instant=_instant, session_index=sid(), session_not_on_or_after=session_not_on_or_after, - authn_context=_authn_context_decl_ref(authn_decl_ref, - authn_auth)) + authn_context=_authn_context_decl_ref(authn_decl_ref, authn_auth), + ) else: res = factory( saml.AuthnStatement, authn_instant=_instant, session_index=sid(), - session_not_on_or_after=session_not_on_or_after) + session_not_on_or_after=session_not_on_or_after, + ) if subject_locality: res.subject_locality = saml.SubjectLocality(text=subject_locality) @@ -753,7 +733,7 @@ def do_subject_confirmation(not_on_or_after, key_info=None, **treeargs): def do_subject(not_on_or_after, name_id, **farg): - specs = farg['subject_confirmation'] + specs = farg["subject_confirmation"] if isinstance(specs, list): res = [do_subject_confirmation(not_on_or_after, **s) for s in specs] @@ -764,18 +744,32 @@ def do_subject(not_on_or_after, name_id, **farg): class Assertion(dict): - """ Handles assertions about subjects """ + """Handles assertions about subjects""" def __init__(self, dic=None): dict.__init__(self, dic) self.acs = [] - def construct(self, sp_entity_id, attrconvs, policy, issuer, farg, - authn_class=None, authn_auth=None, authn_decl=None, - encrypt=None, sec_context=None, authn_decl_ref=None, - authn_instant="", subject_locality="", authn_statem=None, - name_id=None, session_not_on_or_after=None): - """ Construct the Assertion + def construct( + self, + sp_entity_id, + attrconvs, + policy, + issuer, + farg, + authn_class=None, + authn_auth=None, + authn_decl=None, + encrypt=None, + sec_context=None, + authn_decl_ref=None, + authn_instant="", + subject_locality="", + authn_statem=None, + name_id=None, + session_not_on_or_after=None, + ): + """Construct the Assertion :param sp_entity_id: The entityid of the SP :param in_response_to: An identifier of the message, this message is @@ -800,13 +794,11 @@ def construct(self, sp_entity_id, attrconvs, policy, issuer, farg, _name_format = policy.get_name_form(sp_entity_id) - attr_statement = saml.AttributeStatement( - attribute=from_local(attrconvs, self, _name_format) - ) + attr_statement = saml.AttributeStatement(attribute=from_local(attrconvs, self, _name_format)) if encrypt == "attributes": for attr in attr_statement.attribute: - enc = sec_context.encrypt(text="%s" % attr) + enc = sec_context.encrypt(text=f"{attr}") encd = xmlenc.encrypted_data_from_string(enc) encattr = saml.EncryptedAttribute(encrypted_data=encd) @@ -820,17 +812,19 @@ def construct(self, sp_entity_id, attrconvs, policy, issuer, farg, if authn_statem: _authn_statement = authn_statem elif authn_auth or authn_class or authn_decl or authn_decl_ref: - _authn_statement = authn_statement(authn_class, authn_auth, - authn_decl, authn_decl_ref, - authn_instant, - subject_locality, - session_not_on_or_after=session_not_on_or_after) + _authn_statement = authn_statement( + authn_class, + authn_auth, + authn_decl, + authn_decl_ref, + authn_instant, + subject_locality, + session_not_on_or_after=session_not_on_or_after, + ) else: _authn_statement = None - subject = do_subject( - policy.not_on_or_after(sp_entity_id), name_id, **farg['subject'] - ) + subject = do_subject(policy.not_on_or_after(sp_entity_id), name_id, **farg["subject"]) _ass = assertion_factory(issuer=issuer, conditions=conds, subject=subject) if _authn_statement: @@ -842,7 +836,7 @@ def construct(self, sp_entity_id, attrconvs, policy, issuer, farg, return _ass def apply_policy(self, sp_entity_id, policy): - """ Apply policy to the assertion I'm representing + """Apply policy to the assertion I'm representing :param sp_entity_id: The SP entity ID :param policy: The policy diff --git a/src/saml2/attribute_converter.py b/src/saml2/attribute_converter.py index da071738c..7e86b9170 100644 --- a/src/saml2/attribute_converter.py +++ b/src/saml2/attribute_converter.py @@ -1,19 +1,22 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # +from importlib import import_module +import logging import os import sys -from importlib import import_module -from saml2.s_utils import factory -from saml2.s_utils import do_ava -from saml2 import saml, ExtensionElement, NAMESPACE -from saml2 import extension_elements_to_elements +from saml2 import NAMESPACE +from saml2 import ExtensionElement from saml2 import SAMLError -from saml2.saml import NAME_FORMAT_UNSPECIFIED, NAMEID_FORMAT_PERSISTENT +from saml2 import extension_elements_to_elements +from saml2 import saml +from saml2.s_utils import do_ava +from saml2.s_utils import factory +from saml2.saml import NAME_FORMAT_UNSPECIFIED +from saml2.saml import NAMEID_FORMAT_PERSISTENT + -import logging logger = logging.getLogger(__name__) @@ -26,7 +29,7 @@ class ConverterError(SAMLError): def load_maps(dirspec): - """ load the attribute maps + """load the attribute maps :param dirspec: a directory specification :return: a dictionary with the name of the map as key and the @@ -67,7 +70,7 @@ def ac_factory(path=""): from saml2 import attributemaps for typ in attributemaps.__all__: - mod = import_module(".%s" % typ, "saml2.attributemaps") + mod = import_module(f".{typ}", "saml2.attributemaps") acs.extend(_attribute_map_module_to_acs(mod)) return acs @@ -98,14 +101,12 @@ def _find_maps_in_module(module): for key, item in module.__dict__.items(): if key.startswith("__"): continue - if isinstance(item, dict) and "identifier" in item and ( - "to" in item or "fro" in item - ): + if isinstance(item, dict) and "identifier" in item and ("to" in item or "fro" in item): yield item def to_local(acs, statement, allow_unknown_attributes=False): - """ Replaces the attribute names in a attribute value assertion with the + """Replaces the attribute names in a attribute value assertion with the equivalent name from a local name format. :param acs: List of Attribute Converters @@ -117,7 +118,7 @@ def to_local(acs, statement, allow_unknown_attributes=False): def list_to_local(acs, attrlist, allow_unknown_attributes=False): - """ Replaces the attribute names in a attribute value assertion with the + """Replaces the attribute names in a attribute value assertion with the equivalent name from a local name format. :param acs: List of Attribute Converters @@ -129,17 +130,14 @@ def list_to_local(acs, attrlist, allow_unknown_attributes=False): acs = [AttributeConverter()] acsd = {"": acs} else: - acsd = dict([(a.name_format, a) for a in acs]) + acsd = {a.name_format: a for a in acs} ava = {} for attr in attrlist: try: _func = acsd[attr.name_format].ava_from except KeyError: - if ( - attr.name_format == NAME_FORMAT_UNSPECIFIED - or allow_unknown_attributes - ): + if attr.name_format == NAME_FORMAT_UNSPECIFIED or allow_unknown_attributes: _func = acs[0].lcd_ava_from else: logger.info("Unsupported attribute name format: %s", attr.name_format) @@ -166,9 +164,9 @@ def list_to_local(acs, attrlist, allow_unknown_attributes=False): def from_local(acs, ava, name_format): for aconv in acs: - #print(ac.format, name_format) + # print(ac.format, name_format) if aconv.name_format == name_format: - #print("Found a name_form converter") + # print("Found a name_form converter") return aconv.to_(ava) return None @@ -182,9 +180,9 @@ def from_local_name(acs, attr, name_format): :return: An Attribute instance """ for aconv in acs: - #print(ac.format, name_format) + # print(ac.format, name_format) if aconv.name_format == name_format: - #print("Found a name_form converter") + # print("Found a name_form converter") return aconv.to_format(attr) return attr @@ -205,7 +203,7 @@ def to_local_name(acs, attr): def get_local_name(acs, attr, name_format): for aconv in acs: - #print(ac.format, name_format) + # print(ac.format, name_format) if aconv.name_format == name_format: return aconv._fro.get(attr) @@ -225,12 +223,12 @@ def d_to_local_name(acs, attr): try: return attr["friendly_name"] except KeyError: - raise ConverterError("Could not find local name for %s" % attr) + raise ConverterError(f"Could not find local name for {attr}") -class AttributeConverter(object): - """ Converts from an attribute statement to a key,value dictionary and - vice-versa """ +class AttributeConverter: + """Converts from an attribute statement to a key,value dictionary and + vice-versa""" def __init__(self, name_format=""): self.name_format = name_format @@ -238,31 +236,28 @@ def __init__(self, name_format=""): self._fro = None def adjust(self): - """ If one of the transformations is not defined it is expected to + """If one of the transformations is not defined it is expected to be the mirror image of the other. """ if self._fro is None and self._to is not None: - self._fro = dict( - [(value.lower(), key) for key, value in self._to.items()]) + self._fro = {value.lower(): key for key, value in self._to.items()} if self._to is None and self._fro is not None: - self._to = dict( - [(value.lower(), key) for key, value in self._fro.items()]) + self._to = {value.lower(): key for key, value in self._fro.items()} def from_dict(self, mapdict): - """ Import the attribute map from a dictionary + """Import the attribute map from a dictionary :param mapdict: The dictionary """ self.name_format = mapdict["identifier"] try: - self._fro = dict( - [(k.lower(), v) for k, v in mapdict["fro"].items()]) + self._fro = {k.lower(): v for k, v in mapdict["fro"].items()} except KeyError: pass try: - self._to = dict([(k.lower(), v) for k, v in mapdict["to"].items()]) + self._to = {k.lower(): v for k, v in mapdict["to"].items()} except KeyError: pass @@ -280,13 +275,11 @@ def lcd_ava_from(self, attribute): :return: """ name = attribute.name.strip() - values = [ - (value.text or '').strip() - for value in attribute.attribute_value] + values = [(value.text or "").strip() for value in attribute.attribute_value] return name, values def fail_safe_fro(self, statement): - """ In case there is not formats defined or if the name format is + """In case there is not formats defined or if the name format is undefined :param statement: AttributeStatement instance @@ -294,8 +287,7 @@ def fail_safe_fro(self, statement): """ result = {} for attribute in statement.attribute: - if attribute.name_format and \ - attribute.name_format != NAME_FORMAT_UNSPECIFIED: + if attribute.name_format and attribute.name_format != NAME_FORMAT_UNSPECIFIED: continue try: name = attribute.friendly_name.strip() @@ -305,7 +297,7 @@ def fail_safe_fro(self, statement): result[name] = [] for value in attribute.attribute_value: if not value.text: - result[name].append('') + result[name].append("") else: result[name].append(value.text.strip()) return result @@ -327,8 +319,7 @@ def ava_from(self, attribute, allow_unknown=False): val = [] for value in attribute.attribute_value: if value.extension_elements: - ext = extension_elements_to_elements(value.extension_elements, - [saml]) + ext = extension_elements_to_elements(value.extension_elements, [saml]) for ex in ext: if attr == "eduPersonTargetedID" and ex.text: val.append(ex.text.strip()) @@ -342,14 +333,14 @@ def ava_from(self, attribute, allow_unknown=False): cval["value"] = ex.text.strip() val.append({ex.c_tag: cval}) elif not value.text: - val.append('') + val.append("") else: val.append(value.text.strip()) return attr, val def fro(self, statement): - """ Get the attributes and the attribute values. + """Get the attributes and the attribute values. :param statement: The AttributeStatement. :return: A dictionary containing attributes and values @@ -360,8 +351,7 @@ def fro(self, statement): result = {} for attribute in statement.attribute: - if attribute.name_format and self.name_format and \ - attribute.name_format != self.name_format: + if attribute.name_format and self.name_format and attribute.name_format != self.name_format: continue try: @@ -374,7 +364,7 @@ def fro(self, statement): return result def to_format(self, attr): - """ Creates an Attribute instance with name, name_format and + """Creates an Attribute instance with name, name_format and friendly_name :param attr: The local name of the attribute @@ -386,18 +376,15 @@ def to_format(self, attr): try: _attr = self._to[attr.lower()] except KeyError: - _attr = '' + _attr = "" if _attr: - return factory(saml.Attribute, - name=_attr, - name_format=self.name_format, - friendly_name=attr) + return factory(saml.Attribute, name=_attr, name_format=self.name_format, friendly_name=attr) else: return factory(saml.Attribute, name=attr) def from_format(self, attr): - """ Find out the local name of an attribute + """Find out the local name of an attribute :param attr: An saml.Attribute instance :return: The local attribute name or "" if no mapping could be made @@ -417,7 +404,7 @@ def from_format(self, attr): return "" def d_from_format(self, attr): - """ Find out the local name of an attribute + """Find out the local name of an attribute :param attr: An Attribute dictionary :return: The local attribute name or "" if no mapping could be made @@ -437,7 +424,7 @@ def d_from_format(self, attr): return "" def to_(self, attrvals): - """ Create a list of Attribute instances. + """Create a list of Attribute instances. :param attrvals: A dictionary of attributes and values :return: A list of Attribute instances @@ -451,15 +438,17 @@ def to_(self, attrvals): attr_value = self.to_eptid_value(value) else: attr_value = do_ava(value) - attributes.append(factory(saml.Attribute, - name=name, - name_format=self.name_format, - friendly_name=key, - attribute_value=attr_value)) + attributes.append( + factory( + saml.Attribute, + name=name, + name_format=self.name_format, + friendly_name=key, + attribute_value=attr_value, + ) + ) else: - attributes.append(factory(saml.Attribute, - name=key, - attribute_value=do_ava(value))) + attributes.append(factory(saml.Attribute, name=key, attribute_value=do_ava(value))) return attributes @@ -492,26 +481,21 @@ def _create_nameid_ext_el(value): if isinstance(value, dict) else {"Format": NAMEID_FORMAT_PERSISTENT} ) - element = ExtensionElement( - "NameID", NAMESPACE, attributes=attributes, text=text - ) + element = ExtensionElement("NameID", NAMESPACE, attributes=attributes, text=text) return element - attribute_values = [ - saml.AttributeValue(extension_elements=[_create_nameid_ext_el(v)]) - for v in values - ] + attribute_values = [saml.AttributeValue(extension_elements=[_create_nameid_ext_el(v)]) for v in values] return attribute_values class AttributeConverterNOOP(AttributeConverter): - """ Does a NOOP conversion, that is no conversion is made """ + """Does a NOOP conversion, that is no conversion is made""" def __init__(self, name_format=""): AttributeConverter.__init__(self, name_format) def to_(self, attrvals): - """ Create a list of Attribute instances. + """Create a list of Attribute instances. :param attrvals: A dictionary of attributes and values :return: A list of Attribute instances @@ -519,9 +503,8 @@ def to_(self, attrvals): attributes = [] for key, value in attrvals.items(): key = key.lower() - attributes.append(factory(saml.Attribute, - name=key, - name_format=self.name_format, - attribute_value=do_ava(value))) + attributes.append( + factory(saml.Attribute, name=key, name_format=self.name_format, attribute_value=do_ava(value)) + ) return attributes diff --git a/src/saml2/attribute_resolver.py b/src/saml2/attribute_resolver.py index 7646e0809..e555c58ce 100644 --- a/src/saml2/attribute_resolver.py +++ b/src/saml2/attribute_resolver.py @@ -1,5 +1,4 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """ @@ -7,7 +6,8 @@ to do attribute aggregation. """ import logging -#from saml2 import client + +# from saml2 import client from saml2 import BINDING_SOAP @@ -16,7 +16,7 @@ DEFAULT_BINDING = BINDING_SOAP -class AttributeResolver(object): +class AttributeResolver: def __init__(self, saml2client, metadata=None, config=None): self.metadata = metadata self.saml2client = saml2client @@ -36,14 +36,11 @@ def extend(self, name_id, issuer, vo_members): for member in vo_members: for ass in self.metadata.attribute_consuming_service(member): for attr_serv in ass.attribute_service: - logger.info( - "Send attribute request to %s", attr_serv.location) + logger.info("Send attribute request to %s", attr_serv.location) if attr_serv.binding != BINDING_SOAP: continue # attribute query assumes SOAP binding - session_info = self.saml2client.attribute_query( - name_id, attr_serv.location, issuer_id=issuer - ) + session_info = self.saml2client.attribute_query(name_id, attr_serv.location, issuer_id=issuer) if session_info: result.append(session_info) return result diff --git a/src/saml2/attributemaps/__init__.py b/src/saml2/attributemaps/__init__.py index d041d3f13..203875e7f 100644 --- a/src/saml2/attributemaps/__init__.py +++ b/src/saml2/attributemaps/__init__.py @@ -1,2 +1,2 @@ -__author__ = 'rohe0002' +__author__ = "rohe0002" __all__ = ["adfs_v1x", "adfs_v20", "basic", "saml_uri", "shibboleth_uri"] diff --git a/src/saml2/attributemaps/adfs_v1x.py b/src/saml2/attributemaps/adfs_v1x.py index 0f8d01a5d..0e405bfb9 100644 --- a/src/saml2/attributemaps/adfs_v1x.py +++ b/src/saml2/attributemaps/adfs_v1x.py @@ -1,18 +1,18 @@ -CLAIMS = 'http://schemas.xmlsoap.org/claims/' +CLAIMS = "http://schemas.xmlsoap.org/claims/" MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified", - 'fro': { - CLAIMS+'commonname': 'commonName', - CLAIMS+'emailaddress': 'emailAddress', - CLAIMS+'group': 'group', - CLAIMS+'upn': 'upn', + "fro": { + f"{CLAIMS}commonname": "commonName", + f"{CLAIMS}emailaddress": "emailAddress", + f"{CLAIMS}group": "group", + f"{CLAIMS}upn": "upn", + }, + "to": { + "commonName": f"{CLAIMS}commonname", + "emailAddress": f"{CLAIMS}emailaddress", + "group": f"{CLAIMS}group", + "upn": f"{CLAIMS}upn", }, - 'to': { - 'commonName': CLAIMS+'commonname', - 'emailAddress': CLAIMS+'emailaddress', - 'group': CLAIMS+'group', - 'upn': CLAIMS+'upn', - } } diff --git a/src/saml2/attributemaps/adfs_v20.py b/src/saml2/attributemaps/adfs_v20.py index 94150d077..20a006756 100644 --- a/src/saml2/attributemaps/adfs_v20.py +++ b/src/saml2/attributemaps/adfs_v20.py @@ -1,49 +1,49 @@ -CLAIMS = 'http://schemas.xmlsoap.org/claims/' -COM_WS_CLAIMS = 'http://schemas.xmlsoap.com/ws/2005/05/identity/claims/' -MS_CLAIMS = 'http://schemas.microsoft.com/ws/2008/06/identity/claims/' -ORG_WS_CLAIMS = 'http://schemas.xmlsoap.org/ws/2005/05/identity/claims/' +CLAIMS = "http://schemas.xmlsoap.org/claims/" +COM_WS_CLAIMS = "http://schemas.xmlsoap.com/ws/2005/05/identity/claims/" +MS_CLAIMS = "http://schemas.microsoft.com/ws/2008/06/identity/claims/" +ORG_WS_CLAIMS = "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/" MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified", - 'fro': { - CLAIMS+'commonname': 'commonName', - CLAIMS+'group': 'group', - COM_WS_CLAIMS+'denyonlysid': 'denyOnlySid', - MS_CLAIMS+'authenticationmethod': 'authenticationMethod', - MS_CLAIMS+'denyonlyprimarygroupsid': 'denyOnlyPrimaryGroupSid', - MS_CLAIMS+'denyonlyprimarysid': 'denyOnlyPrimarySid', - MS_CLAIMS+'groupsid': 'groupSid', - MS_CLAIMS+'primarygroupsid': 'primaryGroupSid', - MS_CLAIMS+'primarysid': 'primarySid', - MS_CLAIMS+'role': 'role', - MS_CLAIMS+'windowsaccountname': 'windowsAccountName', - ORG_WS_CLAIMS+'emailaddress': 'emailAddress', - ORG_WS_CLAIMS+'givenname': 'givenName', - ORG_WS_CLAIMS+'name': 'name', - ORG_WS_CLAIMS+'nameidentifier': 'nameId', - ORG_WS_CLAIMS+'privatepersonalidentifier': 'privatePersonalId', - ORG_WS_CLAIMS+'surname': 'surname', - ORG_WS_CLAIMS+'upn': 'upn', + "fro": { + f"{CLAIMS}commonname": "commonName", + f"{CLAIMS}group": "group", + f"{COM_WS_CLAIMS}denyonlysid": "denyOnlySid", + f"{MS_CLAIMS}authenticationmethod": "authenticationMethod", + f"{MS_CLAIMS}denyonlyprimarygroupsid": "denyOnlyPrimaryGroupSid", + f"{MS_CLAIMS}denyonlyprimarysid": "denyOnlyPrimarySid", + f"{MS_CLAIMS}groupsid": "groupSid", + f"{MS_CLAIMS}primarygroupsid": "primaryGroupSid", + f"{MS_CLAIMS}primarysid": "primarySid", + f"{MS_CLAIMS}role": "role", + f"{MS_CLAIMS}windowsaccountname": "windowsAccountName", + f"{ORG_WS_CLAIMS}emailaddress": "emailAddress", + f"{ORG_WS_CLAIMS}givenname": "givenName", + f"{ORG_WS_CLAIMS}name": "name", + f"{ORG_WS_CLAIMS}nameidentifier": "nameId", + f"{ORG_WS_CLAIMS}privatepersonalidentifier": "privatePersonalId", + f"{ORG_WS_CLAIMS}surname": "surname", + f"{ORG_WS_CLAIMS}upn": "upn", + }, + "to": { + "authenticationMethod": f"{MS_CLAIMS}authenticationmethod", + "commonName": f"{CLAIMS}commonname", + "denyOnlyPrimaryGroupSid": f"{MS_CLAIMS}denyonlyprimarygroupsid", + "denyOnlyPrimarySid": f"{MS_CLAIMS}denyonlyprimarysid", + "denyOnlySid": f"{COM_WS_CLAIMS}denyonlysid", + "emailAddress": f"{ORG_WS_CLAIMS}emailaddress", + "givenName": f"{ORG_WS_CLAIMS}givenname", + "group": f"{CLAIMS}group", + "groupSid": f"{MS_CLAIMS}groupsid", + "name": f"{ORG_WS_CLAIMS}name", + "nameId": f"{ORG_WS_CLAIMS}nameidentifier", + "primaryGroupSid": f"{MS_CLAIMS}primarygroupsid", + "primarySid": f"{MS_CLAIMS}primarysid", + "privatePersonalId": f"{ORG_WS_CLAIMS}privatepersonalidentifier", + "role": f"{MS_CLAIMS}role", + "surname": f"{ORG_WS_CLAIMS}surname", + "upn": f"{ORG_WS_CLAIMS}upn", + "windowsAccountName": f"{MS_CLAIMS}windowsaccountname", }, - 'to': { - 'authenticationMethod': MS_CLAIMS+'authenticationmethod', - 'commonName': CLAIMS+'commonname', - 'denyOnlyPrimaryGroupSid': MS_CLAIMS+'denyonlyprimarygroupsid', - 'denyOnlyPrimarySid': MS_CLAIMS+'denyonlyprimarysid', - 'denyOnlySid': COM_WS_CLAIMS+'denyonlysid', - 'emailAddress': ORG_WS_CLAIMS+'emailaddress', - 'givenName': ORG_WS_CLAIMS+'givenname', - 'group': CLAIMS+'group', - 'groupSid': MS_CLAIMS+'groupsid', - 'name': ORG_WS_CLAIMS+'name', - 'nameId': ORG_WS_CLAIMS+'nameidentifier', - 'primaryGroupSid': MS_CLAIMS+'primarygroupsid', - 'primarySid': MS_CLAIMS+'primarysid', - 'privatePersonalId': ORG_WS_CLAIMS+'privatepersonalidentifier', - 'role': MS_CLAIMS+'role', - 'surname': ORG_WS_CLAIMS+'surname', - 'upn': ORG_WS_CLAIMS+'upn', - 'windowsAccountName': MS_CLAIMS+'windowsaccountname', - } } diff --git a/src/saml2/attributemaps/basic.py b/src/saml2/attributemaps/basic.py index c05b6e98b..995dbd431 100644 --- a/src/saml2/attributemaps/basic.py +++ b/src/saml2/attributemaps/basic.py @@ -1,340 +1,342 @@ -DEF = 'urn:mace:dir:attribute-def:' +DEF = "urn:mace:dir:attribute-def:" MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", - 'fro': { - DEF+'aRecord': 'aRecord', - DEF+'aliasedEntryName': 'aliasedEntryName', - DEF+'aliasedObjectName': 'aliasedObjectName', - DEF+'associatedDomain': 'associatedDomain', - DEF+'associatedName': 'associatedName', - DEF+'audio': 'audio', - DEF+'authorityRevocationList': 'authorityRevocationList', - DEF+'buildingName': 'buildingName', - DEF+'businessCategory': 'businessCategory', - DEF+'c': 'c', - DEF+'cACertificate': 'cACertificate', - DEF+'cNAMERecord': 'cNAMERecord', - DEF+'carLicense': 'carLicense', - DEF+'certificateRevocationList': 'certificateRevocationList', - DEF+'cn': 'cn', - DEF+'co': 'co', - DEF+'commonName': 'commonName', - DEF+'countryName': 'countryName', - DEF+'crossCertificatePair': 'crossCertificatePair', - DEF+'dITRedirect': 'dITRedirect', - DEF+'dSAQuality': 'dSAQuality', - DEF+'dc': 'dc', - DEF+'deltaRevocationList': 'deltaRevocationList', - DEF+'departmentNumber': 'departmentNumber', - DEF+'description': 'description', - DEF+'destinationIndicator': 'destinationIndicator', - DEF+'displayName': 'displayName', - DEF+'distinguishedName': 'distinguishedName', - DEF+'dmdName': 'dmdName', - DEF+'dnQualifier': 'dnQualifier', - DEF+'documentAuthor': 'documentAuthor', - DEF+'documentIdentifier': 'documentIdentifier', - DEF+'documentLocation': 'documentLocation', - DEF+'documentPublisher': 'documentPublisher', - DEF+'documentTitle': 'documentTitle', - DEF+'documentVersion': 'documentVersion', - DEF+'domainComponent': 'domainComponent', - DEF+'drink': 'drink', - DEF+'eduOrgHomePageURI': 'eduOrgHomePageURI', - DEF+'eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI', - DEF+'eduOrgLegalName': 'eduOrgLegalName', - DEF+'eduOrgSuperiorURI': 'eduOrgSuperiorURI', - DEF+'eduOrgWhitePagesURI': 'eduOrgWhitePagesURI', - DEF+'eduCourseOffering': 'eduCourseOffering', - DEF+'eduCourseMember': 'eduCourseMember', - DEF+'eduPersonAffiliation': 'eduPersonAffiliation', - DEF+'eduPersonEntitlement': 'eduPersonEntitlement', - DEF+'eduPersonNickname': 'eduPersonNickname', - DEF+'eduPersonOrgDN': 'eduPersonOrgDN', - DEF+'eduPersonOrgUnitDN': 'eduPersonOrgUnitDN', - DEF+'eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation', - DEF+'eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN', - DEF+'eduPersonPrincipalName': 'eduPersonPrincipalName', - DEF+'eduPersonPrincipalNamePrior': 'eduPersonPrincipalNamePrior', - DEF+'eduPersonScopedAffiliation': 'eduPersonScopedAffiliation', - DEF+'eduPersonTargetedID': 'eduPersonTargetedID', - DEF+'eduPersonAssurance': 'eduPersonAssurance', - DEF+'eduPersonUniqueId': 'eduPersonUniqueId', - DEF+'eduPersonOrcid': 'eduPersonOrcid', - DEF+'email': 'email', - DEF+'emailAddress': 'emailAddress', - DEF+'employeeNumber': 'employeeNumber', - DEF+'employeeType': 'employeeType', - DEF+'enhancedSearchGuide': 'enhancedSearchGuide', - DEF+'facsimileTelephoneNumber': 'facsimileTelephoneNumber', - DEF+'favouriteDrink': 'favouriteDrink', - DEF+'fax': 'fax', - DEF+'federationFeideSchemaVersion': 'federationFeideSchemaVersion', - DEF+'friendlyCountryName': 'friendlyCountryName', - DEF+'generationQualifier': 'generationQualifier', - DEF+'givenName': 'givenName', - DEF+'gn': 'gn', - DEF+'homePhone': 'homePhone', - DEF+'homePostalAddress': 'homePostalAddress', - DEF+'homeTelephoneNumber': 'homeTelephoneNumber', - DEF+'host': 'host', - DEF+'houseIdentifier': 'houseIdentifier', - DEF+'info': 'info', - DEF+'initials': 'initials', - DEF+'internationaliSDNNumber': 'internationaliSDNNumber', - DEF+'janetMailbox': 'janetMailbox', - DEF+'jpegPhoto': 'jpegPhoto', - DEF+'knowledgeInformation': 'knowledgeInformation', - DEF+'l': 'l', - DEF+'labeledURI': 'labeledURI', - DEF+'localityName': 'localityName', - DEF+'mDRecord': 'mDRecord', - DEF+'mXRecord': 'mXRecord', - DEF+'mail': 'mail', - DEF+'mailPreferenceOption': 'mailPreferenceOption', - DEF+'manager': 'manager', - DEF+'member': 'member', - DEF+'mobile': 'mobile', - DEF+'mobileTelephoneNumber': 'mobileTelephoneNumber', - DEF+'nSRecord': 'nSRecord', - DEF+'name': 'name', - DEF+'norEduOrgAcronym': 'norEduOrgAcronym', - DEF+'norEduOrgNIN': 'norEduOrgNIN', - DEF+'norEduOrgSchemaVersion': 'norEduOrgSchemaVersion', - DEF+'norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier', - DEF+'norEduOrgUniqueNumber': 'norEduOrgUniqueNumber', - DEF+'norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier', - DEF+'norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber', - DEF+'norEduPersonBirthDate': 'norEduPersonBirthDate', - DEF+'norEduPersonLIN': 'norEduPersonLIN', - DEF+'norEduPersonNIN': 'norEduPersonNIN', - DEF+'o': 'o', - DEF+'objectClass': 'objectClass', - DEF+'organizationName': 'organizationName', - DEF+'organizationalStatus': 'organizationalStatus', - DEF+'organizationalUnitName': 'organizationalUnitName', - DEF+'otherMailbox': 'otherMailbox', - DEF+'ou': 'ou', - DEF+'owner': 'owner', - DEF+'pager': 'pager', - DEF+'pagerTelephoneNumber': 'pagerTelephoneNumber', - DEF+'personalSignature': 'personalSignature', - DEF+'personalTitle': 'personalTitle', - DEF+'photo': 'photo', - DEF+'physicalDeliveryOfficeName': 'physicalDeliveryOfficeName', - DEF+'pkcs9email': 'pkcs9email', - DEF+'postOfficeBox': 'postOfficeBox', - DEF+'postalAddress': 'postalAddress', - DEF+'postalCode': 'postalCode', - DEF+'preferredDeliveryMethod': 'preferredDeliveryMethod', - DEF+'preferredLanguage': 'preferredLanguage', - DEF+'presentationAddress': 'presentationAddress', - DEF+'protocolInformation': 'protocolInformation', - DEF+'pseudonym': 'pseudonym', - DEF+'registeredAddress': 'registeredAddress', - DEF+'rfc822Mailbox': 'rfc822Mailbox', - DEF+'roleOccupant': 'roleOccupant', - DEF+'roomNumber': 'roomNumber', - DEF+'sOARecord': 'sOARecord', - DEF+'searchGuide': 'searchGuide', - DEF+'secretary': 'secretary', - DEF+'seeAlso': 'seeAlso', - DEF+'serialNumber': 'serialNumber', - DEF+'singleLevelQuality': 'singleLevelQuality', - DEF+'sn': 'sn', - DEF+'st': 'st', - DEF+'stateOrProvinceName': 'stateOrProvinceName', - DEF+'street': 'street', - DEF+'streetAddress': 'streetAddress', - DEF+'subtreeMaximumQuality': 'subtreeMaximumQuality', - DEF+'subtreeMinimumQuality': 'subtreeMinimumQuality', - DEF+'supportedAlgorithms': 'supportedAlgorithms', - DEF+'supportedApplicationContext': 'supportedApplicationContext', - DEF+'surname': 'surname', - DEF+'telephoneNumber': 'telephoneNumber', - DEF+'teletexTerminalIdentifier': 'teletexTerminalIdentifier', - DEF+'telexNumber': 'telexNumber', - DEF+'textEncodedORAddress': 'textEncodedORAddress', - DEF+'title': 'title', - DEF+'uid': 'uid', - DEF+'uniqueIdentifier': 'uniqueIdentifier', - DEF+'uniqueMember': 'uniqueMember', - DEF+'userCertificate': 'userCertificate', - DEF+'userClass': 'userClass', - DEF+'userPKCS12': 'userPKCS12', - DEF+'userPassword': 'userPassword', - DEF+'userSMIMECertificate': 'userSMIMECertificate', - DEF+'userid': 'userid', - DEF+'x121Address': 'x121Address', - DEF+'x500UniqueIdentifier': 'x500UniqueIdentifier', + "fro": { + f"{DEF}aRecord": "aRecord", + f"{DEF}aliasedEntryName": "aliasedEntryName", + f"{DEF}aliasedObjectName": "aliasedObjectName", + f"{DEF}associatedDomain": "associatedDomain", + f"{DEF}associatedName": "associatedName", + f"{DEF}audio": "audio", + f"{DEF}authorityRevocationList": "authorityRevocationList", + f"{DEF}buildingName": "buildingName", + f"{DEF}businessCategory": "businessCategory", + f"{DEF}c": "c", + f"{DEF}cACertificate": "cACertificate", + f"{DEF}cNAMERecord": "cNAMERecord", + f"{DEF}carLicense": "carLicense", + f"{DEF}certificateRevocationList": "certificateRevocationList", + f"{DEF}cn": "cn", + f"{DEF}co": "co", + f"{DEF}commonName": "commonName", + f"{DEF}countryName": "countryName", + f"{DEF}crossCertificatePair": "crossCertificatePair", + f"{DEF}dITRedirect": "dITRedirect", + f"{DEF}dSAQuality": "dSAQuality", + f"{DEF}dc": "dc", + f"{DEF}deltaRevocationList": "deltaRevocationList", + f"{DEF}departmentNumber": "departmentNumber", + f"{DEF}description": "description", + f"{DEF}destinationIndicator": "destinationIndicator", + f"{DEF}displayName": "displayName", + f"{DEF}distinguishedName": "distinguishedName", + f"{DEF}dmdName": "dmdName", + f"{DEF}dnQualifier": "dnQualifier", + f"{DEF}documentAuthor": "documentAuthor", + f"{DEF}documentIdentifier": "documentIdentifier", + f"{DEF}documentLocation": "documentLocation", + f"{DEF}documentPublisher": "documentPublisher", + f"{DEF}documentTitle": "documentTitle", + f"{DEF}documentVersion": "documentVersion", + f"{DEF}domainComponent": "domainComponent", + f"{DEF}drink": "drink", + f"{DEF}eduOrgHomePageURI": "eduOrgHomePageURI", + f"{DEF}eduOrgIdentityAuthNPolicyURI": "eduOrgIdentityAuthNPolicyURI", + f"{DEF}eduOrgLegalName": "eduOrgLegalName", + f"{DEF}eduOrgSuperiorURI": "eduOrgSuperiorURI", + f"{DEF}eduOrgWhitePagesURI": "eduOrgWhitePagesURI", + f"{DEF}eduCourseOffering": "eduCourseOffering", + f"{DEF}eduCourseMember": "eduCourseMember", + f"{DEF}eduPersonAffiliation": "eduPersonAffiliation", + f"{DEF}eduPersonEntitlement": "eduPersonEntitlement", + f"{DEF}eduPersonNickname": "eduPersonNickname", + f"{DEF}eduPersonOrgDN": "eduPersonOrgDN", + f"{DEF}eduPersonOrgUnitDN": "eduPersonOrgUnitDN", + f"{DEF}eduPersonPrimaryAffiliation": "eduPersonPrimaryAffiliation", + f"{DEF}eduPersonPrimaryOrgUnitDN": "eduPersonPrimaryOrgUnitDN", + f"{DEF}eduPersonPrincipalName": "eduPersonPrincipalName", + f"{DEF}eduPersonPrincipalNamePrior": "eduPersonPrincipalNamePrior", + f"{DEF}eduPersonScopedAffiliation": "eduPersonScopedAffiliation", + f"{DEF}eduPersonTargetedID": "eduPersonTargetedID", + f"{DEF}eduPersonAssurance": "eduPersonAssurance", + f"{DEF}eduPersonUniqueId": "eduPersonUniqueId", + f"{DEF}eduPersonOrcid": "eduPersonOrcid", + f"{DEF}email": "email", + f"{DEF}emailAddress": "emailAddress", + f"{DEF}employeeNumber": "employeeNumber", + f"{DEF}employeeType": "employeeType", + f"{DEF}enhancedSearchGuide": "enhancedSearchGuide", + f"{DEF}facsimileTelephoneNumber": "facsimileTelephoneNumber", + f"{DEF}favouriteDrink": "favouriteDrink", + f"{DEF}fax": "fax", + f"{DEF}federationFeideSchemaVersion": "federationFeideSchemaVersion", + f"{DEF}friendlyCountryName": "friendlyCountryName", + f"{DEF}generationQualifier": "generationQualifier", + f"{DEF}givenName": "givenName", + f"{DEF}gn": "gn", + f"{DEF}homePhone": "homePhone", + f"{DEF}homePostalAddress": "homePostalAddress", + f"{DEF}homeTelephoneNumber": "homeTelephoneNumber", + f"{DEF}host": "host", + f"{DEF}houseIdentifier": "houseIdentifier", + f"{DEF}info": "info", + f"{DEF}initials": "initials", + f"{DEF}internationaliSDNNumber": "internationaliSDNNumber", + f"{DEF}isMemberOf": "isMemberOf", + f"{DEF}janetMailbox": "janetMailbox", + f"{DEF}jpegPhoto": "jpegPhoto", + f"{DEF}knowledgeInformation": "knowledgeInformation", + f"{DEF}l": "l", + f"{DEF}labeledURI": "labeledURI", + f"{DEF}localityName": "localityName", + f"{DEF}mDRecord": "mDRecord", + f"{DEF}mXRecord": "mXRecord", + f"{DEF}mail": "mail", + f"{DEF}mailPreferenceOption": "mailPreferenceOption", + f"{DEF}manager": "manager", + f"{DEF}member": "member", + f"{DEF}mobile": "mobile", + f"{DEF}mobileTelephoneNumber": "mobileTelephoneNumber", + f"{DEF}nSRecord": "nSRecord", + f"{DEF}name": "name", + f"{DEF}norEduOrgAcronym": "norEduOrgAcronym", + f"{DEF}norEduOrgNIN": "norEduOrgNIN", + f"{DEF}norEduOrgSchemaVersion": "norEduOrgSchemaVersion", + f"{DEF}norEduOrgUniqueIdentifier": "norEduOrgUniqueIdentifier", + f"{DEF}norEduOrgUniqueNumber": "norEduOrgUniqueNumber", + f"{DEF}norEduOrgUnitUniqueIdentifier": "norEduOrgUnitUniqueIdentifier", + f"{DEF}norEduOrgUnitUniqueNumber": "norEduOrgUnitUniqueNumber", + f"{DEF}norEduPersonBirthDate": "norEduPersonBirthDate", + f"{DEF}norEduPersonLIN": "norEduPersonLIN", + f"{DEF}norEduPersonNIN": "norEduPersonNIN", + f"{DEF}o": "o", + f"{DEF}objectClass": "objectClass", + f"{DEF}organizationName": "organizationName", + f"{DEF}organizationalStatus": "organizationalStatus", + f"{DEF}organizationalUnitName": "organizationalUnitName", + f"{DEF}otherMailbox": "otherMailbox", + f"{DEF}ou": "ou", + f"{DEF}owner": "owner", + f"{DEF}pager": "pager", + f"{DEF}pagerTelephoneNumber": "pagerTelephoneNumber", + f"{DEF}personalSignature": "personalSignature", + f"{DEF}personalTitle": "personalTitle", + f"{DEF}photo": "photo", + f"{DEF}physicalDeliveryOfficeName": "physicalDeliveryOfficeName", + f"{DEF}pkcs9email": "pkcs9email", + f"{DEF}postOfficeBox": "postOfficeBox", + f"{DEF}postalAddress": "postalAddress", + f"{DEF}postalCode": "postalCode", + f"{DEF}preferredDeliveryMethod": "preferredDeliveryMethod", + f"{DEF}preferredLanguage": "preferredLanguage", + f"{DEF}presentationAddress": "presentationAddress", + f"{DEF}protocolInformation": "protocolInformation", + f"{DEF}pseudonym": "pseudonym", + f"{DEF}registeredAddress": "registeredAddress", + f"{DEF}rfc822Mailbox": "rfc822Mailbox", + f"{DEF}roleOccupant": "roleOccupant", + f"{DEF}roomNumber": "roomNumber", + f"{DEF}sOARecord": "sOARecord", + f"{DEF}searchGuide": "searchGuide", + f"{DEF}secretary": "secretary", + f"{DEF}seeAlso": "seeAlso", + f"{DEF}serialNumber": "serialNumber", + f"{DEF}singleLevelQuality": "singleLevelQuality", + f"{DEF}sn": "sn", + f"{DEF}st": "st", + f"{DEF}stateOrProvinceName": "stateOrProvinceName", + f"{DEF}street": "street", + f"{DEF}streetAddress": "streetAddress", + f"{DEF}subtreeMaximumQuality": "subtreeMaximumQuality", + f"{DEF}subtreeMinimumQuality": "subtreeMinimumQuality", + f"{DEF}supportedAlgorithms": "supportedAlgorithms", + f"{DEF}supportedApplicationContext": "supportedApplicationContext", + f"{DEF}surname": "surname", + f"{DEF}telephoneNumber": "telephoneNumber", + f"{DEF}teletexTerminalIdentifier": "teletexTerminalIdentifier", + f"{DEF}telexNumber": "telexNumber", + f"{DEF}textEncodedORAddress": "textEncodedORAddress", + f"{DEF}title": "title", + f"{DEF}uid": "uid", + f"{DEF}uniqueIdentifier": "uniqueIdentifier", + f"{DEF}uniqueMember": "uniqueMember", + f"{DEF}userCertificate": "userCertificate", + f"{DEF}userClass": "userClass", + f"{DEF}userPKCS12": "userPKCS12", + f"{DEF}userPassword": "userPassword", + f"{DEF}userSMIMECertificate": "userSMIMECertificate", + f"{DEF}userid": "userid", + f"{DEF}x121Address": "x121Address", + f"{DEF}x500UniqueIdentifier": "x500UniqueIdentifier", + }, + "to": { + "aRecord": f"{DEF}aRecord", + "aliasedEntryName": f"{DEF}aliasedEntryName", + "aliasedObjectName": f"{DEF}aliasedObjectName", + "associatedDomain": f"{DEF}associatedDomain", + "associatedName": f"{DEF}associatedName", + "audio": f"{DEF}audio", + "authorityRevocationList": f"{DEF}authorityRevocationList", + "buildingName": f"{DEF}buildingName", + "businessCategory": f"{DEF}businessCategory", + "c": f"{DEF}c", + "cACertificate": f"{DEF}cACertificate", + "cNAMERecord": f"{DEF}cNAMERecord", + "carLicense": f"{DEF}carLicense", + "certificateRevocationList": f"{DEF}certificateRevocationList", + "cn": f"{DEF}cn", + "co": f"{DEF}co", + "commonName": f"{DEF}commonName", + "countryName": f"{DEF}countryName", + "crossCertificatePair": f"{DEF}crossCertificatePair", + "dITRedirect": f"{DEF}dITRedirect", + "dSAQuality": f"{DEF}dSAQuality", + "dc": f"{DEF}dc", + "deltaRevocationList": f"{DEF}deltaRevocationList", + "departmentNumber": f"{DEF}departmentNumber", + "description": f"{DEF}description", + "destinationIndicator": f"{DEF}destinationIndicator", + "displayName": f"{DEF}displayName", + "distinguishedName": f"{DEF}distinguishedName", + "dmdName": f"{DEF}dmdName", + "dnQualifier": f"{DEF}dnQualifier", + "documentAuthor": f"{DEF}documentAuthor", + "documentIdentifier": f"{DEF}documentIdentifier", + "documentLocation": f"{DEF}documentLocation", + "documentPublisher": f"{DEF}documentPublisher", + "documentTitle": f"{DEF}documentTitle", + "documentVersion": f"{DEF}documentVersion", + "domainComponent": f"{DEF}domainComponent", + "drink": f"{DEF}drink", + "eduOrgHomePageURI": f"{DEF}eduOrgHomePageURI", + "eduOrgIdentityAuthNPolicyURI": f"{DEF}eduOrgIdentityAuthNPolicyURI", + "eduOrgLegalName": f"{DEF}eduOrgLegalName", + "eduOrgSuperiorURI": f"{DEF}eduOrgSuperiorURI", + "eduOrgWhitePagesURI": f"{DEF}eduOrgWhitePagesURI", + "eduCourseMember": f"{DEF}eduCourseMember", + "eduCourseOffering": f"{DEF}eduCourseOffering", + "eduPersonAffiliation": f"{DEF}eduPersonAffiliation", + "eduPersonEntitlement": f"{DEF}eduPersonEntitlement", + "eduPersonNickname": f"{DEF}eduPersonNickname", + "eduPersonOrgDN": f"{DEF}eduPersonOrgDN", + "eduPersonOrgUnitDN": f"{DEF}eduPersonOrgUnitDN", + "eduPersonPrimaryAffiliation": f"{DEF}eduPersonPrimaryAffiliation", + "eduPersonPrimaryOrgUnitDN": f"{DEF}eduPersonPrimaryOrgUnitDN", + "eduPersonPrincipalName": f"{DEF}eduPersonPrincipalName", + "eduPersonPrincipalNamePrior": f"{DEF}eduPersonPrincipalNamePrior", + "eduPersonScopedAffiliation": f"{DEF}eduPersonScopedAffiliation", + "eduPersonTargetedID": f"{DEF}eduPersonTargetedID", + "eduPersonAssurance": f"{DEF}eduPersonAssurance", + "eduPersonUniqueId": f"{DEF}eduPersonUniqueId", + "eduPersonOrcid": f"{DEF}eduPersonOrcid", + "email": f"{DEF}email", + "emailAddress": f"{DEF}emailAddress", + "employeeNumber": f"{DEF}employeeNumber", + "employeeType": f"{DEF}employeeType", + "enhancedSearchGuide": f"{DEF}enhancedSearchGuide", + "facsimileTelephoneNumber": f"{DEF}facsimileTelephoneNumber", + "favouriteDrink": f"{DEF}favouriteDrink", + "fax": f"{DEF}fax", + "federationFeideSchemaVersion": f"{DEF}federationFeideSchemaVersion", + "friendlyCountryName": f"{DEF}friendlyCountryName", + "generationQualifier": f"{DEF}generationQualifier", + "givenName": f"{DEF}givenName", + "gn": f"{DEF}gn", + "homePhone": f"{DEF}homePhone", + "homePostalAddress": f"{DEF}homePostalAddress", + "homeTelephoneNumber": f"{DEF}homeTelephoneNumber", + "host": f"{DEF}host", + "houseIdentifier": f"{DEF}houseIdentifier", + "info": f"{DEF}info", + "initials": f"{DEF}initials", + "internationaliSDNNumber": f"{DEF}internationaliSDNNumber", + "isMemberOf": f"{DEF}isMemberOf", + "janetMailbox": f"{DEF}janetMailbox", + "jpegPhoto": f"{DEF}jpegPhoto", + "knowledgeInformation": f"{DEF}knowledgeInformation", + "l": f"{DEF}l", + "labeledURI": f"{DEF}labeledURI", + "localityName": f"{DEF}localityName", + "mDRecord": f"{DEF}mDRecord", + "mXRecord": f"{DEF}mXRecord", + "mail": f"{DEF}mail", + "mailPreferenceOption": f"{DEF}mailPreferenceOption", + "manager": f"{DEF}manager", + "member": f"{DEF}member", + "mobile": f"{DEF}mobile", + "mobileTelephoneNumber": f"{DEF}mobileTelephoneNumber", + "nSRecord": f"{DEF}nSRecord", + "name": f"{DEF}name", + "norEduOrgAcronym": f"{DEF}norEduOrgAcronym", + "norEduOrgNIN": f"{DEF}norEduOrgNIN", + "norEduOrgSchemaVersion": f"{DEF}norEduOrgSchemaVersion", + "norEduOrgUniqueIdentifier": f"{DEF}norEduOrgUniqueIdentifier", + "norEduOrgUniqueNumber": f"{DEF}norEduOrgUniqueNumber", + "norEduOrgUnitUniqueIdentifier": f"{DEF}norEduOrgUnitUniqueIdentifier", + "norEduOrgUnitUniqueNumber": f"{DEF}norEduOrgUnitUniqueNumber", + "norEduPersonBirthDate": f"{DEF}norEduPersonBirthDate", + "norEduPersonLIN": f"{DEF}norEduPersonLIN", + "norEduPersonNIN": f"{DEF}norEduPersonNIN", + "o": f"{DEF}o", + "objectClass": f"{DEF}objectClass", + "organizationName": f"{DEF}organizationName", + "organizationalStatus": f"{DEF}organizationalStatus", + "organizationalUnitName": f"{DEF}organizationalUnitName", + "otherMailbox": f"{DEF}otherMailbox", + "ou": f"{DEF}ou", + "owner": f"{DEF}owner", + "pager": f"{DEF}pager", + "pagerTelephoneNumber": f"{DEF}pagerTelephoneNumber", + "personalSignature": f"{DEF}personalSignature", + "personalTitle": f"{DEF}personalTitle", + "photo": f"{DEF}photo", + "physicalDeliveryOfficeName": f"{DEF}physicalDeliveryOfficeName", + "pkcs9email": f"{DEF}pkcs9email", + "postOfficeBox": f"{DEF}postOfficeBox", + "postalAddress": f"{DEF}postalAddress", + "postalCode": f"{DEF}postalCode", + "preferredDeliveryMethod": f"{DEF}preferredDeliveryMethod", + "preferredLanguage": f"{DEF}preferredLanguage", + "presentationAddress": f"{DEF}presentationAddress", + "protocolInformation": f"{DEF}protocolInformation", + "pseudonym": f"{DEF}pseudonym", + "registeredAddress": f"{DEF}registeredAddress", + "rfc822Mailbox": f"{DEF}rfc822Mailbox", + "roleOccupant": f"{DEF}roleOccupant", + "roomNumber": f"{DEF}roomNumber", + "sOARecord": f"{DEF}sOARecord", + "searchGuide": f"{DEF}searchGuide", + "secretary": f"{DEF}secretary", + "seeAlso": f"{DEF}seeAlso", + "serialNumber": f"{DEF}serialNumber", + "singleLevelQuality": f"{DEF}singleLevelQuality", + "sn": f"{DEF}sn", + "st": f"{DEF}st", + "stateOrProvinceName": f"{DEF}stateOrProvinceName", + "street": f"{DEF}street", + "streetAddress": f"{DEF}streetAddress", + "subtreeMaximumQuality": f"{DEF}subtreeMaximumQuality", + "subtreeMinimumQuality": f"{DEF}subtreeMinimumQuality", + "supportedAlgorithms": f"{DEF}supportedAlgorithms", + "supportedApplicationContext": f"{DEF}supportedApplicationContext", + "surname": f"{DEF}surname", + "telephoneNumber": f"{DEF}telephoneNumber", + "teletexTerminalIdentifier": f"{DEF}teletexTerminalIdentifier", + "telexNumber": f"{DEF}telexNumber", + "textEncodedORAddress": f"{DEF}textEncodedORAddress", + "title": f"{DEF}title", + "uid": f"{DEF}uid", + "uniqueIdentifier": f"{DEF}uniqueIdentifier", + "uniqueMember": f"{DEF}uniqueMember", + "userCertificate": f"{DEF}userCertificate", + "userClass": f"{DEF}userClass", + "userPKCS12": f"{DEF}userPKCS12", + "userPassword": f"{DEF}userPassword", + "userSMIMECertificate": f"{DEF}userSMIMECertificate", + "userid": f"{DEF}userid", + "x121Address": f"{DEF}x121Address", + "x500UniqueIdentifier": f"{DEF}x500UniqueIdentifier", }, - 'to': { - 'aRecord': DEF+'aRecord', - 'aliasedEntryName': DEF+'aliasedEntryName', - 'aliasedObjectName': DEF+'aliasedObjectName', - 'associatedDomain': DEF+'associatedDomain', - 'associatedName': DEF+'associatedName', - 'audio': DEF+'audio', - 'authorityRevocationList': DEF+'authorityRevocationList', - 'buildingName': DEF+'buildingName', - 'businessCategory': DEF+'businessCategory', - 'c': DEF+'c', - 'cACertificate': DEF+'cACertificate', - 'cNAMERecord': DEF+'cNAMERecord', - 'carLicense': DEF+'carLicense', - 'certificateRevocationList': DEF+'certificateRevocationList', - 'cn': DEF+'cn', - 'co': DEF+'co', - 'commonName': DEF+'commonName', - 'countryName': DEF+'countryName', - 'crossCertificatePair': DEF+'crossCertificatePair', - 'dITRedirect': DEF+'dITRedirect', - 'dSAQuality': DEF+'dSAQuality', - 'dc': DEF+'dc', - 'deltaRevocationList': DEF+'deltaRevocationList', - 'departmentNumber': DEF+'departmentNumber', - 'description': DEF+'description', - 'destinationIndicator': DEF+'destinationIndicator', - 'displayName': DEF+'displayName', - 'distinguishedName': DEF+'distinguishedName', - 'dmdName': DEF+'dmdName', - 'dnQualifier': DEF+'dnQualifier', - 'documentAuthor': DEF+'documentAuthor', - 'documentIdentifier': DEF+'documentIdentifier', - 'documentLocation': DEF+'documentLocation', - 'documentPublisher': DEF+'documentPublisher', - 'documentTitle': DEF+'documentTitle', - 'documentVersion': DEF+'documentVersion', - 'domainComponent': DEF+'domainComponent', - 'drink': DEF+'drink', - 'eduOrgHomePageURI': DEF+'eduOrgHomePageURI', - 'eduOrgIdentityAuthNPolicyURI': DEF+'eduOrgIdentityAuthNPolicyURI', - 'eduOrgLegalName': DEF+'eduOrgLegalName', - 'eduOrgSuperiorURI': DEF+'eduOrgSuperiorURI', - 'eduOrgWhitePagesURI': DEF+'eduOrgWhitePagesURI', - 'eduCourseMember': DEF+'eduCourseMember', - 'eduCourseOffering': DEF+'eduCourseOffering', - 'eduPersonAffiliation': DEF+'eduPersonAffiliation', - 'eduPersonEntitlement': DEF+'eduPersonEntitlement', - 'eduPersonNickname': DEF+'eduPersonNickname', - 'eduPersonOrgDN': DEF+'eduPersonOrgDN', - 'eduPersonOrgUnitDN': DEF+'eduPersonOrgUnitDN', - 'eduPersonPrimaryAffiliation': DEF+'eduPersonPrimaryAffiliation', - 'eduPersonPrimaryOrgUnitDN': DEF+'eduPersonPrimaryOrgUnitDN', - 'eduPersonPrincipalName': DEF+'eduPersonPrincipalName', - 'eduPersonPrincipalNamePrior': DEF+'eduPersonPrincipalNamePrior', - 'eduPersonScopedAffiliation': DEF+'eduPersonScopedAffiliation', - 'eduPersonTargetedID': DEF+'eduPersonTargetedID', - 'eduPersonAssurance': DEF+'eduPersonAssurance', - 'eduPersonUniqueId': DEF+'eduPersonUniqueId', - 'eduPersonOrcid': DEF+'eduPersonOrcid', - 'email': DEF+'email', - 'emailAddress': DEF+'emailAddress', - 'employeeNumber': DEF+'employeeNumber', - 'employeeType': DEF+'employeeType', - 'enhancedSearchGuide': DEF+'enhancedSearchGuide', - 'facsimileTelephoneNumber': DEF+'facsimileTelephoneNumber', - 'favouriteDrink': DEF+'favouriteDrink', - 'fax': DEF+'fax', - 'federationFeideSchemaVersion': DEF+'federationFeideSchemaVersion', - 'friendlyCountryName': DEF+'friendlyCountryName', - 'generationQualifier': DEF+'generationQualifier', - 'givenName': DEF+'givenName', - 'gn': DEF+'gn', - 'homePhone': DEF+'homePhone', - 'homePostalAddress': DEF+'homePostalAddress', - 'homeTelephoneNumber': DEF+'homeTelephoneNumber', - 'host': DEF+'host', - 'houseIdentifier': DEF+'houseIdentifier', - 'info': DEF+'info', - 'initials': DEF+'initials', - 'internationaliSDNNumber': DEF+'internationaliSDNNumber', - 'janetMailbox': DEF+'janetMailbox', - 'jpegPhoto': DEF+'jpegPhoto', - 'knowledgeInformation': DEF+'knowledgeInformation', - 'l': DEF+'l', - 'labeledURI': DEF+'labeledURI', - 'localityName': DEF+'localityName', - 'mDRecord': DEF+'mDRecord', - 'mXRecord': DEF+'mXRecord', - 'mail': DEF+'mail', - 'mailPreferenceOption': DEF+'mailPreferenceOption', - 'manager': DEF+'manager', - 'member': DEF+'member', - 'mobile': DEF+'mobile', - 'mobileTelephoneNumber': DEF+'mobileTelephoneNumber', - 'nSRecord': DEF+'nSRecord', - 'name': DEF+'name', - 'norEduOrgAcronym': DEF+'norEduOrgAcronym', - 'norEduOrgNIN': DEF+'norEduOrgNIN', - 'norEduOrgSchemaVersion': DEF+'norEduOrgSchemaVersion', - 'norEduOrgUniqueIdentifier': DEF+'norEduOrgUniqueIdentifier', - 'norEduOrgUniqueNumber': DEF+'norEduOrgUniqueNumber', - 'norEduOrgUnitUniqueIdentifier': DEF+'norEduOrgUnitUniqueIdentifier', - 'norEduOrgUnitUniqueNumber': DEF+'norEduOrgUnitUniqueNumber', - 'norEduPersonBirthDate': DEF+'norEduPersonBirthDate', - 'norEduPersonLIN': DEF+'norEduPersonLIN', - 'norEduPersonNIN': DEF+'norEduPersonNIN', - 'o': DEF+'o', - 'objectClass': DEF+'objectClass', - 'organizationName': DEF+'organizationName', - 'organizationalStatus': DEF+'organizationalStatus', - 'organizationalUnitName': DEF+'organizationalUnitName', - 'otherMailbox': DEF+'otherMailbox', - 'ou': DEF+'ou', - 'owner': DEF+'owner', - 'pager': DEF+'pager', - 'pagerTelephoneNumber': DEF+'pagerTelephoneNumber', - 'personalSignature': DEF+'personalSignature', - 'personalTitle': DEF+'personalTitle', - 'photo': DEF+'photo', - 'physicalDeliveryOfficeName': DEF+'physicalDeliveryOfficeName', - 'pkcs9email': DEF+'pkcs9email', - 'postOfficeBox': DEF+'postOfficeBox', - 'postalAddress': DEF+'postalAddress', - 'postalCode': DEF+'postalCode', - 'preferredDeliveryMethod': DEF+'preferredDeliveryMethod', - 'preferredLanguage': DEF+'preferredLanguage', - 'presentationAddress': DEF+'presentationAddress', - 'protocolInformation': DEF+'protocolInformation', - 'pseudonym': DEF+'pseudonym', - 'registeredAddress': DEF+'registeredAddress', - 'rfc822Mailbox': DEF+'rfc822Mailbox', - 'roleOccupant': DEF+'roleOccupant', - 'roomNumber': DEF+'roomNumber', - 'sOARecord': DEF+'sOARecord', - 'searchGuide': DEF+'searchGuide', - 'secretary': DEF+'secretary', - 'seeAlso': DEF+'seeAlso', - 'serialNumber': DEF+'serialNumber', - 'singleLevelQuality': DEF+'singleLevelQuality', - 'sn': DEF+'sn', - 'st': DEF+'st', - 'stateOrProvinceName': DEF+'stateOrProvinceName', - 'street': DEF+'street', - 'streetAddress': DEF+'streetAddress', - 'subtreeMaximumQuality': DEF+'subtreeMaximumQuality', - 'subtreeMinimumQuality': DEF+'subtreeMinimumQuality', - 'supportedAlgorithms': DEF+'supportedAlgorithms', - 'supportedApplicationContext': DEF+'supportedApplicationContext', - 'surname': DEF+'surname', - 'telephoneNumber': DEF+'telephoneNumber', - 'teletexTerminalIdentifier': DEF+'teletexTerminalIdentifier', - 'telexNumber': DEF+'telexNumber', - 'textEncodedORAddress': DEF+'textEncodedORAddress', - 'title': DEF+'title', - 'uid': DEF+'uid', - 'uniqueIdentifier': DEF+'uniqueIdentifier', - 'uniqueMember': DEF+'uniqueMember', - 'userCertificate': DEF+'userCertificate', - 'userClass': DEF+'userClass', - 'userPKCS12': DEF+'userPKCS12', - 'userPassword': DEF+'userPassword', - 'userSMIMECertificate': DEF+'userSMIMECertificate', - 'userid': DEF+'userid', - 'x121Address': DEF+'x121Address', - 'x500UniqueIdentifier': DEF+'x500UniqueIdentifier', - } } diff --git a/src/saml2/attributemaps/saml_uri.py b/src/saml2/attributemaps/saml_uri.py index 5ffa80785..908e3e0a7 100644 --- a/src/saml2/attributemaps/saml_uri.py +++ b/src/saml2/attributemaps/saml_uri.py @@ -1,456 +1,492 @@ -EDUCOURSE_OID = 'urn:oid:1.3.6.1.4.1.5923.1.6.1.' -EDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.' -EDUMEMBER1_OID = 'urn:oid:1.3.6.1.4.1.5923.1.5.1.' +EDUCOURSE_OID = "urn:oid:1.3.6.1.4.1.5923.1.6.1." +EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1." +EDUMEMBER1_OID = "urn:oid:1.3.6.1.4.1.5923.1.5.1." + +# voPerson class References: +# - https://github.com/voperson/voperson/blob/2.0.0/voPerson.md#voperson-object-class-definition +VOPERSON_V2_OID = "urn:oid:1.3.6.1.4.1.25178.4.1." # ldap.gv.at definitions as specified in: # http://www.ref.gv.at/AG-IZ-PVP2-Version-2-1-0-2.2754.0.html -LDAPGVAT_OID = 'urn:oid:1.2.40.0.10.2.1.1.' +LDAPGVAT_OID = "urn:oid:1.2.40.0.10.2.1.1." -UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.' -X500ATTR_OID = 'urn:oid:2.5.4.' +UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1." +X500ATTR_OID = "urn:oid:2.5.4." LDAPGVAT_UCL_DIR_PILOT = UCL_DIR_PILOT LDAPGVAT_X500ATTR_OID = X500ATTR_OID -NETSCAPE_LDAP = 'urn:oid:2.16.840.1.113730.3.1.' -NOREDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.2428.90.1.' -PKCS_9 = 'urn:oid:1.2.840.113549.1.9.1.' -SCHAC = 'urn:oid:1.3.6.1.4.1.25178.1.2.' -SIS = 'urn:oid:1.2.752.194.10.2.' -UMICH = 'urn:oid:1.3.6.1.4.1.250.1.57.' +NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1." +NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1." +PKCS_9 = "urn:oid:1.2.840.113549.1.9.1." +SCHAC = "urn:oid:1.3.6.1.4.1.25178.1.2." +SIS = "urn:oid:1.2.752.194.10.2." +UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." # openosi-0.82.schema http://www.openosi.org/osi/display/ldap/Home -OPENOSI_OID = 'urn:oid:1.3.6.1.4.1.27630.2.1.1.' -SWISSEDUPERSON_OID = 'urn:oid:2.16.756.1.2.5.1.1.' +OPENOSI_OID = "urn:oid:1.3.6.1.4.1.27630.2.1.1." +SWISSEDUPERSON_OID = "urn:oid:2.16.756.1.2.5.1.1." -EIDAS_NATURALPERSON = 'http://eidas.europa.eu/attributes/naturalperson/' -EIDAS_LEGALPERSON = 'http://eidas.europa.eu/attributes/legalperson/' +EIDAS_NATURALPERSON = "http://eidas.europa.eu/attributes/naturalperson/" +EIDAS_LEGALPERSON = "http://eidas.europa.eu/attributes/legalperson/" # SAML subject id specification # https://docs.oasis-open.org/security/saml-subject-id-attr/v1.0/cs01/saml-subject-id-attr-v1.0-cs01.html -SAML_SUBJECT_ID = 'urn:oasis:names:tc:SAML:attribute:' +SAML_SUBJECT_ID = "urn:oasis:names:tc:SAML:attribute:" # umbrellaID specification - https://www.umbrellaid.org # https://github.com/Umbrella-Commiters/UmbrellaIdP3/blob/master/schema/99-user.ldif -UMBRELLA_EAAUser_ID = 'urn:oid:1.3.6.1.4.1.42750.1.1.' +UMBRELLA_EAAUser_ID = "urn:oid:1.3.6.1.4.1.42750.1.1." # PKIX specification (SMI Security for PKIX Personal Data Attributes) # https://tools.ietf.org/html/rfc7299 -PKIX_OID = 'urn:oid:1.3.6.1.5.5.7.9.' +PKIX_OID = "urn:oid:1.3.6.1.5.5.7.9." # INERA specification # Closet public spec source I could find, sadly in swedish # https://www.sambi.se/wordpress/wp-content/uploads/2017/06/Sambi_Attributspecifikation_1.1.pdf -INERA_OID = 'urn:oid:1.2.752.29.4.' +INERA_OID = "urn:oid:1.2.752.29.4." # DIGG specification # https://docs.swedenconnect.se/technical-framework/latest/ELN-0604_-_Attribute_Specification_for_the_Swedish_eID_Framework.html -DIGG_OID = 'urn:oid:1.2.752.201.3.' +DIGG_OID = "urn:oid:1.2.752.201.3." MAP = { - 'identifier': 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri', - 'fro': { - DIGG_OID + '1': 'orgAffiliation', - DIGG_OID + '2': 'transactionIdentifier', - DIGG_OID + '3': 'authContextParams', - DIGG_OID + '4': 'prid', - DIGG_OID + '5': 'pridPersistence', - DIGG_OID + '6': 'personalIdentityNumberBinding', - DIGG_OID + '7': 'eidasPersonIdentifier', - DIGG_OID + '8': 'birthName', - DIGG_OID + '9': 'eidasNaturalPersonAddress', - DIGG_OID + '10': 'userCertificate', - DIGG_OID + '11': 'userSignature', - DIGG_OID + '12': 'sad', - DIGG_OID + '13': 'authServerSignature', - DIGG_OID + '14': 'signMessageDigest', - EIDAS_LEGALPERSON+'LegalPersonIdentifier': 'LegalPersonIdentifier', - EIDAS_LEGALPERSON+'LegalPersonAddress': 'LegalAddress', - EIDAS_LEGALPERSON+'LegalName': 'LegalName', - EIDAS_LEGALPERSON+'VATRegistrationNumber': 'VATRegistration', - EIDAS_LEGALPERSON+'TaxReference': 'TaxReference', - EIDAS_LEGALPERSON+'BusinessCodes': 'BusinessCodes', - EIDAS_LEGALPERSON+'LEI': 'LEI', - EIDAS_LEGALPERSON+'EORI': 'EORI', - EIDAS_LEGALPERSON+'SEED': 'SEED', - EIDAS_LEGALPERSON+'SIC': 'SIC', - EIDAS_LEGALPERSON+'D-2012-17-EUIdentifier': 'D-2012-17-EUIdentifier', - EIDAS_NATURALPERSON+'PersonIdentifier': 'PersonIdentifier', - EIDAS_NATURALPERSON+'CurrentFamilyName': 'FamilyName', - EIDAS_NATURALPERSON+'CurrentGivenName': 'FirstName', - EIDAS_NATURALPERSON+'DateOfBirth': 'DateOfBirth', - EIDAS_NATURALPERSON+'BirthName': 'BirthName', - EIDAS_NATURALPERSON+'PlaceOfBirth': 'PlaceOfBirth', - EIDAS_NATURALPERSON+'CurrentAddress': 'CurrentAddress', - EIDAS_NATURALPERSON+'Gender': 'Gender', - EDUCOURSE_OID+'1': 'eduCourseOffering', - EDUCOURSE_OID+'2': 'eduCourseMember', - EDUMEMBER1_OID+'1': 'isMemberOf', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'12': 'eduPersonPrincipalNamePrior', - EDUPERSON_OID+'13': 'eduPersonUniqueId', - EDUPERSON_OID+'16': 'eduPersonOrcid', - INERA_OID + '1': 'employeeHsaId', - INERA_OID + '13': 'personalIdentityNumber', - LDAPGVAT_OID+'1': 'PVP-GID', - LDAPGVAT_OID+'149': 'PVP-BPK', - LDAPGVAT_OID+'153': 'PVP-OU-OKZ', - LDAPGVAT_OID+'261.10': 'PVP-VERSION', - LDAPGVAT_OID+'261.20': 'PVP-PRINCIPAL-NAME', - LDAPGVAT_OID+'261.24': 'PVP-PARTICIPANT-OKZ', - LDAPGVAT_OID+'261.30': 'PVP-ROLES', - LDAPGVAT_OID+'261.40': 'PVP-INVOICE-RECPT-ID', - LDAPGVAT_OID+'261.50': 'PVP-COST-CENTER-ID', - LDAPGVAT_OID+'261.60': 'PVP-CHARGE-CODE', - LDAPGVAT_OID+'3': 'PVP-OU-GV-OU-ID', - LDAPGVAT_OID+'33': 'PVP-FUNCTION', - LDAPGVAT_OID+'55': 'PVP-BIRTHDATE', - LDAPGVAT_OID+'71': 'PVP-PARTICIPANT-ID', - LDAPGVAT_UCL_DIR_PILOT+'1': 'PVP-USERID', - LDAPGVAT_UCL_DIR_PILOT+'3': 'PVP-MAIL', - LDAPGVAT_X500ATTR_OID+'11': 'PVP-OU', - LDAPGVAT_X500ATTR_OID+'20': 'PVP-TEL', - LDAPGVAT_X500ATTR_OID+'42': 'PVP-GIVENNAME', - NETSCAPE_LDAP+'1': 'carLicense', - NETSCAPE_LDAP+'2': 'departmentNumber', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'4': 'employeeType', - NETSCAPE_LDAP+'39': 'preferredLanguage', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NETSCAPE_LDAP+'216': 'userPKCS12', - NETSCAPE_LDAP+'241': 'displayName', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - NOREDUPERSON_OID+'10': 'norEduPersonLegalName', - NOREDUPERSON_OID+'11': 'norEduOrgSchemaVersion', - NOREDUPERSON_OID+'12': 'norEduOrgNIN', - OPENOSI_OID+'17': 'osiHomeUrl', - OPENOSI_OID+'19': 'osiPreferredTZ', - OPENOSI_OID+'72': 'osiICardTimeLastUpdated', - OPENOSI_OID+'104': 'osiMiddleName', - OPENOSI_OID+'107': 'osiOtherEmail', - OPENOSI_OID+'109': 'osiOtherHomePhone', - OPENOSI_OID+'120': 'osiWorkURL', - PKCS_9+'1': 'email', - PKIX_OID + '1': 'dateOfBirth', - PKIX_OID + '2': 'placeOfBirth', - PKIX_OID + '3': 'gender', - PKIX_OID + '4': 'countryOfCitizenship', - PKIX_OID + '5': 'countryOfResidence', - SAML_SUBJECT_ID+'subject-id': 'subject-id', - SAML_SUBJECT_ID+'pairwise-id': 'pairwise-id', - SCHAC+'1': 'schacMotherTongue', - SCHAC+'2': 'schacGender', - SCHAC+'3': 'schacDateOfBirth', - SCHAC+'4': 'schacPlaceOfBirth', - SCHAC+'5': 'schacCountryOfCitizenship', - SCHAC+'6': 'schacSn1', - SCHAC+'7': 'schacSn2', - SCHAC+'8': 'schacPersonalTitle', - SCHAC+'9': 'schacHomeOrganization', - SCHAC+'10': 'schacHomeOrganizationType', - SCHAC+'11': 'schacCountryOfResidence', - SCHAC+'12': 'schacUserPresenceID', - SCHAC+'13': 'schacPersonalPosition', - SCHAC+'14': 'schacPersonalUniqueCode', - SCHAC+'15': 'schacPersonalUniqueID', - SCHAC+'17': 'schacExpiryDate', - SCHAC+'18': 'schacUserPrivateAttribute', - SCHAC+'19': 'schacUserStatus', - SCHAC+'20': 'schacProjectMembership', - SCHAC+'21': 'schacProjectSpecificRole', - SIS+'1': 'sisLegalGuardianFor', - SIS+'2': 'sisSchoolGrade', - UCL_DIR_PILOT+'1': 'uid', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - UCL_DIR_PILOT+'37': 'associatedDomain', - UCL_DIR_PILOT+'43': 'co', - UCL_DIR_PILOT+'60': 'jpegPhoto', - UMBRELLA_EAAUser_ID+'1': 'EAAHash', - UMBRELLA_EAAUser_ID+'3': 'EAAKey', - UMICH+'57': 'labeledURI', - X500ATTR_OID+'2': 'knowledgeInformation', - X500ATTR_OID+'3': 'cn', - X500ATTR_OID+'4': 'sn', - X500ATTR_OID+'5': 'serialNumber', - X500ATTR_OID+'6': 'c', - X500ATTR_OID+'7': 'l', - X500ATTR_OID+'8': 'st', - X500ATTR_OID+'9': 'street', - X500ATTR_OID+'10': 'o', - X500ATTR_OID+'11': 'ou', - X500ATTR_OID+'12': 'title', - X500ATTR_OID+'14': 'searchGuide', - X500ATTR_OID+'15': 'businessCategory', - X500ATTR_OID+'16': 'postalAddress', - X500ATTR_OID+'17': 'postalCode', - X500ATTR_OID+'18': 'postOfficeBox', - X500ATTR_OID+'19': 'physicalDeliveryOfficeName', - X500ATTR_OID+'20': 'telephoneNumber', - X500ATTR_OID+'21': 'telexNumber', - X500ATTR_OID+'22': 'teletexTerminalIdentifier', - X500ATTR_OID+'23': 'facsimileTelephoneNumber', - X500ATTR_OID+'24': 'x121Address', - X500ATTR_OID+'25': 'internationaliSDNNumber', - X500ATTR_OID+'26': 'registeredAddress', - X500ATTR_OID+'27': 'destinationIndicator', - X500ATTR_OID+'28': 'preferredDeliveryMethod', - X500ATTR_OID+'29': 'presentationAddress', - X500ATTR_OID+'30': 'supportedApplicationContext', - X500ATTR_OID+'31': 'member', - X500ATTR_OID+'32': 'owner', - X500ATTR_OID+'33': 'roleOccupant', - X500ATTR_OID+'36': 'userCertificate', - X500ATTR_OID+'37': 'cACertificate', - X500ATTR_OID+'38': 'authorityRevocationList', - X500ATTR_OID+'39': 'certificateRevocationList', - X500ATTR_OID+'40': 'crossCertificatePair', - X500ATTR_OID+'42': 'givenName', - X500ATTR_OID+'43': 'initials', - X500ATTR_OID+'44': 'generationQualifier', - X500ATTR_OID+'45': 'x500UniqueIdentifier', - X500ATTR_OID+'46': 'dnQualifier', - X500ATTR_OID+'47': 'enhancedSearchGuide', - X500ATTR_OID+'48': 'protocolInformation', - X500ATTR_OID+'50': 'uniqueMember', - X500ATTR_OID+'51': 'houseIdentifier', - X500ATTR_OID+'52': 'supportedAlgorithms', - X500ATTR_OID+'53': 'deltaRevocationList', - X500ATTR_OID+'54': 'dmdName', - X500ATTR_OID+'65': 'pseudonym', - SWISSEDUPERSON_OID+'1': 'swissEduPersonUniqueID', - SWISSEDUPERSON_OID+'2': 'swissEduPersonDateOfBirth', - SWISSEDUPERSON_OID+'3': 'swissEduPersonGender', - SWISSEDUPERSON_OID+'4': 'swissEduPersonHomeOrganization', - SWISSEDUPERSON_OID+'5': 'swissEduPersonHomeOrganizationType', - SWISSEDUPERSON_OID+'6': 'swissEduPersonStudyBranch1', - SWISSEDUPERSON_OID+'7': 'swissEduPersonStudyBranch2', - SWISSEDUPERSON_OID+'8': 'swissEduPersonStudyBranch3', - SWISSEDUPERSON_OID+'9': 'swissEduPersonStudyLevel', - SWISSEDUPERSON_OID+'10': 'swissEduPersonStaffCategory', - SWISSEDUPERSON_OID+'11': 'swissEduPersonMatriculationNumber', - SWISSEDUPERSON_OID+'12': 'swissEduPersonCardUID', - SWISSEDUPERSON_OID+'13': 'swissEduID', - SWISSEDUPERSON_OID+'1023': 'swissLibraryPersonAffiliation', - SWISSEDUPERSON_OID+'1025': 'swissLibraryPersonResidence', + "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "fro": { + f"{DIGG_OID}1": "orgAffiliation", + f"{DIGG_OID}2": "transactionIdentifier", + f"{DIGG_OID}3": "authContextParams", + f"{DIGG_OID}4": "prid", + f"{DIGG_OID}5": "pridPersistence", + f"{DIGG_OID}6": "personalIdentityNumberBinding", + f"{DIGG_OID}7": "eidasPersonIdentifier", + f"{DIGG_OID}8": "birthName", + f"{DIGG_OID}9": "eidasNaturalPersonAddress", + f"{DIGG_OID}10": "userCertificate", + f"{DIGG_OID}11": "userSignature", + f"{DIGG_OID}12": "sad", + f"{DIGG_OID}13": "authServerSignature", + f"{DIGG_OID}14": "signMessageDigest", + f"{EIDAS_LEGALPERSON}LegalPersonIdentifier": "LegalPersonIdentifier", + f"{EIDAS_LEGALPERSON}LegalPersonAddress": "LegalAddress", + f"{EIDAS_LEGALPERSON}LegalName": "LegalName", + f"{EIDAS_LEGALPERSON}VATRegistrationNumber": "VATRegistration", + f"{EIDAS_LEGALPERSON}TaxReference": "TaxReference", + f"{EIDAS_LEGALPERSON}BusinessCodes": "BusinessCodes", + f"{EIDAS_LEGALPERSON}LEI": "LEI", + f"{EIDAS_LEGALPERSON}EORI": "EORI", + f"{EIDAS_LEGALPERSON}SEED": "SEED", + f"{EIDAS_LEGALPERSON}SIC": "SIC", + f"{EIDAS_LEGALPERSON}D-2012-17-EUIdentifier": "D-2012-17-EUIdentifier", + f"{EIDAS_NATURALPERSON}PersonIdentifier": "PersonIdentifier", + f"{EIDAS_NATURALPERSON}CurrentFamilyName": "FamilyName", + f"{EIDAS_NATURALPERSON}CurrentGivenName": "FirstName", + f"{EIDAS_NATURALPERSON}DateOfBirth": "DateOfBirth", + f"{EIDAS_NATURALPERSON}BirthName": "BirthName", + f"{EIDAS_NATURALPERSON}PlaceOfBirth": "PlaceOfBirth", + f"{EIDAS_NATURALPERSON}CurrentAddress": "CurrentAddress", + f"{EIDAS_NATURALPERSON}Gender": "Gender", + f"{EDUCOURSE_OID}1": "eduCourseOffering", + f"{EDUCOURSE_OID}2": "eduCourseMember", + f"{EDUMEMBER1_OID}1": "isMemberOf", + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}12": "eduPersonPrincipalNamePrior", + f"{EDUPERSON_OID}13": "eduPersonUniqueId", + f"{EDUPERSON_OID}16": "eduPersonOrcid", + f"{INERA_OID}1": "employeeHsaId", + f"{INERA_OID}13": "personalIdentityNumber", + f"{LDAPGVAT_OID}1": "PVP-GID", + f"{LDAPGVAT_OID}149": "PVP-BPK", + f"{LDAPGVAT_OID}153": "PVP-OU-OKZ", + f"{LDAPGVAT_OID}261.10": "PVP-VERSION", + f"{LDAPGVAT_OID}261.20": "PVP-PRINCIPAL-NAME", + f"{LDAPGVAT_OID}261.24": "PVP-PARTICIPANT-OKZ", + f"{LDAPGVAT_OID}261.30": "PVP-ROLES", + f"{LDAPGVAT_OID}261.40": "PVP-INVOICE-RECPT-ID", + f"{LDAPGVAT_OID}261.50": "PVP-COST-CENTER-ID", + f"{LDAPGVAT_OID}261.60": "PVP-CHARGE-CODE", + f"{LDAPGVAT_OID}3": "PVP-OU-GV-OU-ID", + f"{LDAPGVAT_OID}33": "PVP-FUNCTION", + f"{LDAPGVAT_OID}55": "PVP-BIRTHDATE", + f"{LDAPGVAT_OID}71": "PVP-PARTICIPANT-ID", + f"{LDAPGVAT_UCL_DIR_PILOT}1": "PVP-USERID", + f"{LDAPGVAT_UCL_DIR_PILOT}3": "PVP-MAIL", + f"{LDAPGVAT_X500ATTR_OID}11": "PVP-OU", + f"{LDAPGVAT_X500ATTR_OID}20": "PVP-TEL", + f"{LDAPGVAT_X500ATTR_OID}42": "PVP-GIVENNAME", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{NETSCAPE_LDAP}13": "mailLocalAddress", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{NETSCAPE_LDAP}241": "displayName", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{NOREDUPERSON_OID}10": "norEduPersonLegalName", + f"{NOREDUPERSON_OID}11": "norEduOrgSchemaVersion", + f"{NOREDUPERSON_OID}12": "norEduOrgNIN", + f"{OPENOSI_OID}17": "osiHomeUrl", + f"{OPENOSI_OID}19": "osiPreferredTZ", + f"{OPENOSI_OID}72": "osiICardTimeLastUpdated", + f"{OPENOSI_OID}104": "osiMiddleName", + f"{OPENOSI_OID}107": "osiOtherEmail", + f"{OPENOSI_OID}109": "osiOtherHomePhone", + f"{OPENOSI_OID}120": "osiWorkURL", + f"{PKCS_9}1": "email", + f"{PKIX_OID}1": "dateOfBirth", + f"{PKIX_OID}2": "placeOfBirth", + f"{PKIX_OID}3": "gender", + f"{PKIX_OID}4": "countryOfCitizenship", + f"{PKIX_OID}5": "countryOfResidence", + f"{SAML_SUBJECT_ID}subject-id": "subject-id", + f"{SAML_SUBJECT_ID}pairwise-id": "pairwise-id", + f"{SCHAC}1": "schacMotherTongue", + f"{SCHAC}2": "schacGender", + f"{SCHAC}3": "schacDateOfBirth", + f"{SCHAC}4": "schacPlaceOfBirth", + f"{SCHAC}5": "schacCountryOfCitizenship", + f"{SCHAC}6": "schacSn1", + f"{SCHAC}7": "schacSn2", + f"{SCHAC}8": "schacPersonalTitle", + f"{SCHAC}9": "schacHomeOrganization", + f"{SCHAC}10": "schacHomeOrganizationType", + f"{SCHAC}11": "schacCountryOfResidence", + f"{SCHAC}12": "schacUserPresenceID", + f"{SCHAC}13": "schacPersonalPosition", + f"{SCHAC}14": "schacPersonalUniqueCode", + f"{SCHAC}15": "schacPersonalUniqueID", + f"{SCHAC}17": "schacExpiryDate", + f"{SCHAC}18": "schacUserPrivateAttribute", + f"{SCHAC}19": "schacUserStatus", + f"{SCHAC}20": "schacProjectMembership", + f"{SCHAC}21": "schacProjectSpecificRole", + f"{SIS}1": "sisLegalGuardianFor", + f"{SIS}2": "sisSchoolGrade", + f"{UCL_DIR_PILOT}1": "uid", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{UCL_DIR_PILOT}43": "co", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{UMBRELLA_EAAUser_ID}1": "EAAHash", + f"{UMBRELLA_EAAUser_ID}3": "EAAKey", + f"{UMICH}57": "labeledURI", + f"{X500ATTR_OID}2": "knowledgeInformation", + f"{X500ATTR_OID}3": "cn", + f"{X500ATTR_OID}4": "sn", + f"{X500ATTR_OID}5": "serialNumber", + f"{X500ATTR_OID}6": "c", + f"{X500ATTR_OID}7": "l", + f"{X500ATTR_OID}8": "st", + f"{X500ATTR_OID}9": "street", + f"{X500ATTR_OID}10": "o", + f"{X500ATTR_OID}11": "ou", + f"{X500ATTR_OID}12": "title", + f"{X500ATTR_OID}14": "searchGuide", + f"{X500ATTR_OID}15": "businessCategory", + f"{X500ATTR_OID}16": "postalAddress", + f"{X500ATTR_OID}17": "postalCode", + f"{X500ATTR_OID}18": "postOfficeBox", + f"{X500ATTR_OID}19": "physicalDeliveryOfficeName", + f"{X500ATTR_OID}20": "telephoneNumber", + f"{X500ATTR_OID}21": "telexNumber", + f"{X500ATTR_OID}22": "teletexTerminalIdentifier", + f"{X500ATTR_OID}23": "facsimileTelephoneNumber", + f"{X500ATTR_OID}24": "x121Address", + f"{X500ATTR_OID}25": "internationaliSDNNumber", + f"{X500ATTR_OID}26": "registeredAddress", + f"{X500ATTR_OID}27": "destinationIndicator", + f"{X500ATTR_OID}28": "preferredDeliveryMethod", + f"{X500ATTR_OID}29": "presentationAddress", + f"{X500ATTR_OID}30": "supportedApplicationContext", + f"{X500ATTR_OID}31": "member", + f"{X500ATTR_OID}32": "owner", + f"{X500ATTR_OID}33": "roleOccupant", + f"{X500ATTR_OID}36": "userCertificate", + f"{X500ATTR_OID}37": "cACertificate", + f"{X500ATTR_OID}38": "authorityRevocationList", + f"{X500ATTR_OID}39": "certificateRevocationList", + f"{X500ATTR_OID}40": "crossCertificatePair", + f"{X500ATTR_OID}42": "givenName", + f"{X500ATTR_OID}43": "initials", + f"{X500ATTR_OID}44": "generationQualifier", + f"{X500ATTR_OID}45": "x500UniqueIdentifier", + f"{X500ATTR_OID}46": "dnQualifier", + f"{X500ATTR_OID}47": "enhancedSearchGuide", + f"{X500ATTR_OID}48": "protocolInformation", + f"{X500ATTR_OID}50": "uniqueMember", + f"{X500ATTR_OID}51": "houseIdentifier", + f"{X500ATTR_OID}52": "supportedAlgorithms", + f"{X500ATTR_OID}53": "deltaRevocationList", + f"{X500ATTR_OID}54": "dmdName", + f"{X500ATTR_OID}65": "pseudonym", + f"{SWISSEDUPERSON_OID}1": "swissEduPersonUniqueID", + f"{SWISSEDUPERSON_OID}2": "swissEduPersonDateOfBirth", + f"{SWISSEDUPERSON_OID}3": "swissEduPersonGender", + f"{SWISSEDUPERSON_OID}4": "swissEduPersonHomeOrganization", + f"{SWISSEDUPERSON_OID}5": "swissEduPersonHomeOrganizationType", + f"{SWISSEDUPERSON_OID}6": "swissEduPersonStudyBranch1", + f"{SWISSEDUPERSON_OID}7": "swissEduPersonStudyBranch2", + f"{SWISSEDUPERSON_OID}8": "swissEduPersonStudyBranch3", + f"{SWISSEDUPERSON_OID}9": "swissEduPersonStudyLevel", + f"{SWISSEDUPERSON_OID}10": "swissEduPersonStaffCategory", + f"{SWISSEDUPERSON_OID}11": "swissEduPersonMatriculationNumber", + f"{SWISSEDUPERSON_OID}12": "swissEduPersonCardUID", + f"{SWISSEDUPERSON_OID}13": "swissEduID", + f"{SWISSEDUPERSON_OID}1023": "swissLibraryPersonAffiliation", + f"{SWISSEDUPERSON_OID}1025": "swissLibraryPersonResidence", + f"{VOPERSON_V2_OID}1": "voPersonApplicationUID", + f"{VOPERSON_V2_OID}2": "voPersonAuthorName", + f"{VOPERSON_V2_OID}3": "voPersonCertificateDN", + f"{VOPERSON_V2_OID}4": "voPersonCertificateIssuerDN", + f"{VOPERSON_V2_OID}5": "voPersonExternalID", + f"{VOPERSON_V2_OID}6": "voPersonID", + f"{VOPERSON_V2_OID}7": "voPersonPolicyAgreement", + f"{VOPERSON_V2_OID}8": "voPersonSoRID", + f"{VOPERSON_V2_OID}9": "voPersonStatus", + f"{VOPERSON_V2_OID}10": "voPersonAffiliation", + f"{VOPERSON_V2_OID}11": "voPersonExternalAffiliation", + f"{VOPERSON_V2_OID}12": "voPersonScopedAffiliation", + f"{VOPERSON_V2_OID}13": "voPersonApplicationPassword", + f"{VOPERSON_V2_OID}14": "voPersonVerifiedEmail", + f"{VOPERSON_V2_OID}15": "voPersonToken", }, - 'to': { - 'LegalPersonIdentifier': EIDAS_LEGALPERSON+'LegalPersonIdentifier', - 'LegalAddress': EIDAS_LEGALPERSON+'LegalPersonAddress', - 'LegalName': EIDAS_LEGALPERSON+'LegalName', - 'VATRegistration': EIDAS_LEGALPERSON+'VATRegistrationNumber', - 'TaxReference': EIDAS_LEGALPERSON+'TaxReference', - 'BusinessCodes': EIDAS_LEGALPERSON+'BusinessCodes', - 'LEI': EIDAS_LEGALPERSON+'LEI', - 'EORI': EIDAS_LEGALPERSON+'EORI', - 'SEED': EIDAS_LEGALPERSON+'SEED', - 'SIC': EIDAS_LEGALPERSON+'SIC', - 'D-2012-17-EUIdentifier': EIDAS_LEGALPERSON+'D-2012-17-EUIdentifier', - 'PersonIdentifier': EIDAS_NATURALPERSON+'PersonIdentifier', - 'FamilyName': EIDAS_NATURALPERSON+'CurrentFamilyName', - 'FirstName': EIDAS_NATURALPERSON+'CurrentGivenName', - 'DateOfBirth': EIDAS_NATURALPERSON+'DateOfBirth', - 'BirthName': EIDAS_NATURALPERSON+'BirthName', - 'PlaceOfBirth': EIDAS_NATURALPERSON+'PlaceOfBirth', - 'CurrentAddress': EIDAS_NATURALPERSON+'CurrentAddress', - 'Gender': EIDAS_NATURALPERSON+'Gender', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'authContextParams': DIGG_OID+'3', - 'authorityRevocationList': X500ATTR_OID+'38', - 'authServerSignature': DIGG_OID+'13', - 'birthName': DIGG_OID+'8', - 'businessCategory': X500ATTR_OID+'15', - 'c': X500ATTR_OID+'6', - 'cACertificate': X500ATTR_OID+'37', - 'carLicense': NETSCAPE_LDAP+'1', - 'certificateRevocationList': X500ATTR_OID+'39', - 'cn': X500ATTR_OID+'3', - 'co': UCL_DIR_PILOT+'43', - 'countryOfCitizenship': PKIX_OID+'4', - 'countryOfResidence': PKIX_OID+'5', - 'crossCertificatePair': X500ATTR_OID+'40', - 'dateOfBirth': PKIX_OID+'1', - 'dc': UCL_DIR_PILOT+'25', - 'deltaRevocationList': X500ATTR_OID+'53', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'destinationIndicator': X500ATTR_OID+'27', - 'displayName': NETSCAPE_LDAP+'241', - 'dmdName': X500ATTR_OID+'54', - 'dnQualifier': X500ATTR_OID+'46', - 'EAAHash': UMBRELLA_EAAUser_ID+'1', - 'EAAKey': UMBRELLA_EAAUser_ID+'3', - 'eduCourseMember': EDUCOURSE_OID+'2', - 'eduCourseOffering': EDUCOURSE_OID+'1', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'eduPersonPrincipalNamePrior': EDUPERSON_OID+'12', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'eduPersonUniqueId': EDUPERSON_OID+'13', - 'eduPersonOrcid': EDUPERSON_OID+'16', - 'eidasNaturalPersonAddress': DIGG_OID+'9', - 'eidasPersonIdentifier': DIGG_OID+'7', - 'email': PKCS_9+'1', - 'employeeHsaId': INERA_OID+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'employeeType': NETSCAPE_LDAP+'4', - 'enhancedSearchGuide': X500ATTR_OID+'47', - 'facsimileTelephoneNumber': X500ATTR_OID+'23', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'gender': PKIX_OID+'3', - 'generationQualifier': X500ATTR_OID+'44', - 'givenName': X500ATTR_OID+'42', - 'houseIdentifier': X500ATTR_OID+'51', - 'initials': X500ATTR_OID+'43', - 'internationaliSDNNumber': X500ATTR_OID+'25', - 'isMemberOf': EDUMEMBER1_OID+'1', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'knowledgeInformation': X500ATTR_OID+'2', - 'l': X500ATTR_OID+'7', - 'labeledURI': UMICH+'57', - 'mail': UCL_DIR_PILOT+'3', - 'member': X500ATTR_OID+'31', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'norEduOrgNIN': NOREDUPERSON_OID+'12', - 'norEduOrgSchemaVersion': NOREDUPERSON_OID+'11', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'norEduPersonLegalName': NOREDUPERSON_OID+'10', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'o': X500ATTR_OID+'10', - 'osiHomeUrl': OPENOSI_OID+'17', - 'osiPreferredTZ': OPENOSI_OID+'19', - 'osiICardTimeLastUpdated': OPENOSI_OID+'72', - 'osiMiddleName': OPENOSI_OID+'104', - 'osiOtherEmail': OPENOSI_OID+'107', - 'osiOtherHomePhone': OPENOSI_OID+'109', - 'osiWorkURL': OPENOSI_OID+'120', - 'ou': X500ATTR_OID+'11', - 'orgAffiliation': DIGG_OID+'1', - 'owner': X500ATTR_OID+'32', - 'pairwise-id': SAML_SUBJECT_ID+'pairwise-id', - 'personalIdentityNumber': INERA_OID+'13', - 'personalIdentityNumberBinding': DIGG_OID+'6', - 'physicalDeliveryOfficeName': X500ATTR_OID+'19', - 'placeOfBirth': PKIX_OID+'2', - 'postOfficeBox': X500ATTR_OID+'18', - 'postalAddress': X500ATTR_OID+'16', - 'postalCode': X500ATTR_OID+'17', - 'preferredDeliveryMethod': X500ATTR_OID+'28', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'presentationAddress': X500ATTR_OID+'29', - 'prid': DIGG_OID+'4', - 'pridPersistence': DIGG_OID+'5', - 'protocolInformation': X500ATTR_OID+'48', - 'pseudonym': X500ATTR_OID+'65', - 'PVP-USERID': LDAPGVAT_UCL_DIR_PILOT+'1', - 'PVP-MAIL': LDAPGVAT_UCL_DIR_PILOT+'3', - 'PVP-GID': LDAPGVAT_OID+'1', - 'PVP-BPK': LDAPGVAT_OID+'149', - 'PVP-OU-OKZ': LDAPGVAT_OID+'153', - 'PVP-VERSION': LDAPGVAT_OID+'261.10', - 'PVP-PRINCIPAL-NAME': LDAPGVAT_OID+'261.20', - 'PVP-PARTICIPANT-OKZ': LDAPGVAT_OID+'261.24', - 'PVP-ROLES': LDAPGVAT_OID+'261.30', - 'PVP-INVOICE-RECPT-ID': LDAPGVAT_OID+'261.40', - 'PVP-COST-CENTER-ID': LDAPGVAT_OID+'261.50', - 'PVP-CHARGE-CODE': LDAPGVAT_OID+'261.60', - 'PVP-OU-GV-OU-ID': LDAPGVAT_OID+'3', - 'PVP-FUNCTION': LDAPGVAT_OID+'33', - 'PVP-BIRTHDATE': LDAPGVAT_OID+'55', - 'PVP-PARTICIPANT-ID': LDAPGVAT_OID+'71', - 'PVP-OU': LDAPGVAT_X500ATTR_OID+'11', - 'PVP-TEL': LDAPGVAT_X500ATTR_OID+'20', - 'PVP-GIVENNAME': LDAPGVAT_X500ATTR_OID+'42', - 'registeredAddress': X500ATTR_OID+'26', - 'roleOccupant': X500ATTR_OID+'33', - 'sad': DIGG_OID+'12', - 'schacCountryOfCitizenship': SCHAC+'5', - 'schacCountryOfResidence': SCHAC+'11', - 'schacDateOfBirth': SCHAC+'3', - 'schacExpiryDate': SCHAC+'17', - 'schacGender': SCHAC+'2', - 'schacHomeOrganization': SCHAC+'9', - 'schacHomeOrganizationType': SCHAC+'10', - 'schacMotherTongue': SCHAC+'1', - 'schacPersonalPosition': SCHAC+'13', - 'schacPersonalTitle': SCHAC+'8', - 'schacPersonalUniqueCode': SCHAC+'14', - 'schacPersonalUniqueID': SCHAC+'15', - 'schacPlaceOfBirth': SCHAC+'4', - 'schacProjectMembership': SCHAC+'20', - 'schacProjectSpecificRole': SCHAC+'21', - 'schacSn1': SCHAC+'6', - 'schacSn2': SCHAC+'7', - 'schacUserPresenceID': SCHAC+'12', - 'schacUserPrivateAttribute': SCHAC+'18', - 'schacUserStatus': SCHAC+'19', - 'searchGuide': X500ATTR_OID+'14', - 'serialNumber': X500ATTR_OID+'5', - 'signMessageDigest': DIGG_OID+'14', - 'sisLegalGuardianFor': SIS+'1', - 'sisSchoolGrade': SIS+'2', - 'sn': X500ATTR_OID+'4', - 'st': X500ATTR_OID+'8', - 'street': X500ATTR_OID+'9', - 'subject-id': SAML_SUBJECT_ID+'subject-id', - 'supportedAlgorithms': X500ATTR_OID+'52', - 'supportedApplicationContext': X500ATTR_OID+'30', - 'telephoneNumber': X500ATTR_OID+'20', - 'teletexTerminalIdentifier': X500ATTR_OID+'22', - 'telexNumber': X500ATTR_OID+'21', - 'title': X500ATTR_OID+'12', - 'transactionIdentifier': DIGG_OID+'2', - 'uid': UCL_DIR_PILOT+'1', - 'uniqueMember': X500ATTR_OID+'50', - 'userCertificate': X500ATTR_OID+'36', + "to": { + "LegalPersonIdentifier": f"{EIDAS_LEGALPERSON}LegalPersonIdentifier", + "LegalAddress": f"{EIDAS_LEGALPERSON}LegalPersonAddress", + "LegalName": f"{EIDAS_LEGALPERSON}LegalName", + "VATRegistration": f"{EIDAS_LEGALPERSON}VATRegistrationNumber", + "TaxReference": f"{EIDAS_LEGALPERSON}TaxReference", + "BusinessCodes": f"{EIDAS_LEGALPERSON}BusinessCodes", + "LEI": f"{EIDAS_LEGALPERSON}LEI", + "EORI": f"{EIDAS_LEGALPERSON}EORI", + "SEED": f"{EIDAS_LEGALPERSON}SEED", + "SIC": f"{EIDAS_LEGALPERSON}SIC", + "D-2012-17-EUIdentifier": f"{EIDAS_LEGALPERSON}D-2012-17-EUIdentifier", + "PersonIdentifier": f"{EIDAS_NATURALPERSON}PersonIdentifier", + "FamilyName": f"{EIDAS_NATURALPERSON}CurrentFamilyName", + "FirstName": f"{EIDAS_NATURALPERSON}CurrentGivenName", + "DateOfBirth": f"{EIDAS_NATURALPERSON}DateOfBirth", + "BirthName": f"{EIDAS_NATURALPERSON}BirthName", + "PlaceOfBirth": f"{EIDAS_NATURALPERSON}PlaceOfBirth", + "CurrentAddress": f"{EIDAS_NATURALPERSON}CurrentAddress", + "Gender": f"{EIDAS_NATURALPERSON}Gender", + "associatedDomain": f"{UCL_DIR_PILOT}37", + "authContextParams": f"{DIGG_OID}3", + "authorityRevocationList": f"{X500ATTR_OID}38", + "authServerSignature": f"{DIGG_OID}13", + "birthName": f"{DIGG_OID}8", + "businessCategory": f"{X500ATTR_OID}15", + "c": f"{X500ATTR_OID}6", + "cACertificate": f"{X500ATTR_OID}37", + "carLicense": f"{NETSCAPE_LDAP}1", + "certificateRevocationList": f"{X500ATTR_OID}39", + "cn": f"{X500ATTR_OID}3", + "co": f"{UCL_DIR_PILOT}43", + "countryOfCitizenship": f"{PKIX_OID}4", + "countryOfResidence": f"{PKIX_OID}5", + "crossCertificatePair": f"{X500ATTR_OID}40", + "dateOfBirth": f"{PKIX_OID}1", + "dc": f"{UCL_DIR_PILOT}25", + "deltaRevocationList": f"{X500ATTR_OID}53", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "destinationIndicator": f"{X500ATTR_OID}27", + "displayName": f"{NETSCAPE_LDAP}241", + "dmdName": f"{X500ATTR_OID}54", + "dnQualifier": f"{X500ATTR_OID}46", + "EAAHash": f"{UMBRELLA_EAAUser_ID}1", + "EAAKey": f"{UMBRELLA_EAAUser_ID}3", + "eduCourseMember": f"{EDUCOURSE_OID}2", + "eduCourseOffering": f"{EDUCOURSE_OID}1", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "eduPersonPrincipalNamePrior": f"{EDUPERSON_OID}12", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "eduPersonUniqueId": f"{EDUPERSON_OID}13", + "eduPersonOrcid": f"{EDUPERSON_OID}16", + "eidasNaturalPersonAddress": f"{DIGG_OID}9", + "eidasPersonIdentifier": f"{DIGG_OID}7", + "email": f"{PKCS_9}1", + "employeeHsaId": f"{INERA_OID}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "employeeType": f"{NETSCAPE_LDAP}4", + "enhancedSearchGuide": f"{X500ATTR_OID}47", + "facsimileTelephoneNumber": f"{X500ATTR_OID}23", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "gender": f"{PKIX_OID}3", + "generationQualifier": f"{X500ATTR_OID}44", + "givenName": f"{X500ATTR_OID}42", + "houseIdentifier": f"{X500ATTR_OID}51", + "initials": f"{X500ATTR_OID}43", + "internationaliSDNNumber": f"{X500ATTR_OID}25", + "isMemberOf": f"{EDUMEMBER1_OID}1", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "knowledgeInformation": f"{X500ATTR_OID}2", + "l": f"{X500ATTR_OID}7", + "labeledURI": f"{UMICH}57", + "mail": f"{UCL_DIR_PILOT}3", + "mailLocalAddress": f"{NETSCAPE_LDAP}13", + "member": f"{X500ATTR_OID}31", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "norEduOrgNIN": f"{NOREDUPERSON_OID}12", + "norEduOrgSchemaVersion": f"{NOREDUPERSON_OID}11", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "norEduPersonLegalName": f"{NOREDUPERSON_OID}10", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "o": f"{X500ATTR_OID}10", + "osiHomeUrl": f"{OPENOSI_OID}17", + "osiPreferredTZ": f"{OPENOSI_OID}19", + "osiICardTimeLastUpdated": f"{OPENOSI_OID}72", + "osiMiddleName": f"{OPENOSI_OID}104", + "osiOtherEmail": f"{OPENOSI_OID}107", + "osiOtherHomePhone": f"{OPENOSI_OID}109", + "osiWorkURL": f"{OPENOSI_OID}120", + "ou": f"{X500ATTR_OID}11", + "orgAffiliation": f"{DIGG_OID}1", + "owner": f"{X500ATTR_OID}32", + "pairwise-id": f"{SAML_SUBJECT_ID}pairwise-id", + "personalIdentityNumber": f"{INERA_OID}13", + "personalIdentityNumberBinding": f"{DIGG_OID}6", + "physicalDeliveryOfficeName": f"{X500ATTR_OID}19", + "placeOfBirth": f"{PKIX_OID}2", + "postOfficeBox": f"{X500ATTR_OID}18", + "postalAddress": f"{X500ATTR_OID}16", + "postalCode": f"{X500ATTR_OID}17", + "preferredDeliveryMethod": f"{X500ATTR_OID}28", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "presentationAddress": f"{X500ATTR_OID}29", + "prid": f"{DIGG_OID}4", + "pridPersistence": f"{DIGG_OID}5", + "protocolInformation": f"{X500ATTR_OID}48", + "pseudonym": f"{X500ATTR_OID}65", + "PVP-USERID": f"{LDAPGVAT_UCL_DIR_PILOT}1", + "PVP-MAIL": f"{LDAPGVAT_UCL_DIR_PILOT}3", + "PVP-GID": f"{LDAPGVAT_OID}1", + "PVP-BPK": f"{LDAPGVAT_OID}149", + "PVP-OU-OKZ": f"{LDAPGVAT_OID}153", + "PVP-VERSION": f"{LDAPGVAT_OID}261.10", + "PVP-PRINCIPAL-NAME": f"{LDAPGVAT_OID}261.20", + "PVP-PARTICIPANT-OKZ": f"{LDAPGVAT_OID}261.24", + "PVP-ROLES": f"{LDAPGVAT_OID}261.30", + "PVP-INVOICE-RECPT-ID": f"{LDAPGVAT_OID}261.40", + "PVP-COST-CENTER-ID": f"{LDAPGVAT_OID}261.50", + "PVP-CHARGE-CODE": f"{LDAPGVAT_OID}261.60", + "PVP-OU-GV-OU-ID": f"{LDAPGVAT_OID}3", + "PVP-FUNCTION": f"{LDAPGVAT_OID}33", + "PVP-BIRTHDATE": f"{LDAPGVAT_OID}55", + "PVP-PARTICIPANT-ID": f"{LDAPGVAT_OID}71", + "PVP-OU": f"{LDAPGVAT_X500ATTR_OID}11", + "PVP-TEL": f"{LDAPGVAT_X500ATTR_OID}20", + "PVP-GIVENNAME": f"{LDAPGVAT_X500ATTR_OID}42", + "registeredAddress": f"{X500ATTR_OID}26", + "roleOccupant": f"{X500ATTR_OID}33", + "sad": f"{DIGG_OID}12", + "schacCountryOfCitizenship": f"{SCHAC}5", + "schacCountryOfResidence": f"{SCHAC}11", + "schacDateOfBirth": f"{SCHAC}3", + "schacExpiryDate": f"{SCHAC}17", + "schacGender": f"{SCHAC}2", + "schacHomeOrganization": f"{SCHAC}9", + "schacHomeOrganizationType": f"{SCHAC}10", + "schacMotherTongue": f"{SCHAC}1", + "schacPersonalPosition": f"{SCHAC}13", + "schacPersonalTitle": f"{SCHAC}8", + "schacPersonalUniqueCode": f"{SCHAC}14", + "schacPersonalUniqueID": f"{SCHAC}15", + "schacPlaceOfBirth": f"{SCHAC}4", + "schacProjectMembership": f"{SCHAC}20", + "schacProjectSpecificRole": f"{SCHAC}21", + "schacSn1": f"{SCHAC}6", + "schacSn2": f"{SCHAC}7", + "schacUserPresenceID": f"{SCHAC}12", + "schacUserPrivateAttribute": f"{SCHAC}18", + "schacUserStatus": f"{SCHAC}19", + "searchGuide": f"{X500ATTR_OID}14", + "serialNumber": f"{X500ATTR_OID}5", + "signMessageDigest": f"{DIGG_OID}14", + "sisLegalGuardianFor": f"{SIS}1", + "sisSchoolGrade": f"{SIS}2", + "sn": f"{X500ATTR_OID}4", + "st": f"{X500ATTR_OID}8", + "street": f"{X500ATTR_OID}9", + "subject-id": f"{SAML_SUBJECT_ID}subject-id", + "supportedAlgorithms": f"{X500ATTR_OID}52", + "supportedApplicationContext": f"{X500ATTR_OID}30", + "telephoneNumber": f"{X500ATTR_OID}20", + "teletexTerminalIdentifier": f"{X500ATTR_OID}22", + "telexNumber": f"{X500ATTR_OID}21", + "title": f"{X500ATTR_OID}12", + "transactionIdentifier": f"{DIGG_OID}2", + "uid": f"{UCL_DIR_PILOT}1", + "uniqueMember": f"{X500ATTR_OID}50", + "userCertificate": f"{X500ATTR_OID}36", # 'userCertificate': DIGG_OID+'10', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'userSignature': DIGG_OID+'11', - 'x121Address': X500ATTR_OID+'24', - 'x500UniqueIdentifier': X500ATTR_OID+'45', - 'swissEduPersonUniqueID': SWISSEDUPERSON_OID+'1', - 'swissEduPersonDateOfBirth': SWISSEDUPERSON_OID+'2', - 'swissEduPersonGender': SWISSEDUPERSON_OID+'3', - 'swissEduPersonHomeOrganization': SWISSEDUPERSON_OID+'4', - 'swissEduPersonHomeOrganizationType': SWISSEDUPERSON_OID+'5', - 'swissEduPersonStudyBranch1': SWISSEDUPERSON_OID+'6', - 'swissEduPersonStudyBranch2': SWISSEDUPERSON_OID+'7', - 'swissEduPersonStudyBranch3': SWISSEDUPERSON_OID+'8', - 'swissEduPersonStudyLevel': SWISSEDUPERSON_OID+'9', - 'swissEduPersonStaffCategory': SWISSEDUPERSON_OID+'10', - 'swissEduPersonMatriculationNumber': SWISSEDUPERSON_OID+'11', - 'swissEduPersonCardUID': SWISSEDUPERSON_OID+'12', - 'swissEduID': SWISSEDUPERSON_OID+'13', - 'swissLibraryPersonAffiliation': SWISSEDUPERSON_OID+'1023', - 'swissLibraryPersonResidence': SWISSEDUPERSON_OID+'1025', - } + "userPKCS12": f"{NETSCAPE_LDAP}216", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "userSignature": f"{DIGG_OID}11", + "x121Address": f"{X500ATTR_OID}24", + "x500UniqueIdentifier": f"{X500ATTR_OID}45", + "swissEduPersonUniqueID": f"{SWISSEDUPERSON_OID}1", + "swissEduPersonDateOfBirth": f"{SWISSEDUPERSON_OID}2", + "swissEduPersonGender": f"{SWISSEDUPERSON_OID}3", + "swissEduPersonHomeOrganization": f"{SWISSEDUPERSON_OID}4", + "swissEduPersonHomeOrganizationType": f"{SWISSEDUPERSON_OID}5", + "swissEduPersonStudyBranch1": f"{SWISSEDUPERSON_OID}6", + "swissEduPersonStudyBranch2": f"{SWISSEDUPERSON_OID}7", + "swissEduPersonStudyBranch3": f"{SWISSEDUPERSON_OID}8", + "swissEduPersonStudyLevel": f"{SWISSEDUPERSON_OID}9", + "swissEduPersonStaffCategory": f"{SWISSEDUPERSON_OID}10", + "swissEduPersonMatriculationNumber": f"{SWISSEDUPERSON_OID}11", + "swissEduPersonCardUID": f"{SWISSEDUPERSON_OID}12", + "swissEduID": f"{SWISSEDUPERSON_OID}13", + "swissLibraryPersonAffiliation": f"{SWISSEDUPERSON_OID}1023", + "swissLibraryPersonResidence": f"{SWISSEDUPERSON_OID}1025", + "voPersonAffiliation": f"{VOPERSON_V2_OID}10", + "voPersonApplicationPassword": f"{VOPERSON_V2_OID}13", + "voPersonApplicationUID": f"{VOPERSON_V2_OID}1", + "voPersonAuthorName": f"{VOPERSON_V2_OID}2", + "voPersonCertificateDN": f"{VOPERSON_V2_OID}3", + "voPersonCertificateIssuerDN": f"{VOPERSON_V2_OID}4", + "voPersonExternalAffiliation": f"{VOPERSON_V2_OID}11", + "voPersonExternalID": f"{VOPERSON_V2_OID}5", + "voPersonID": f"{VOPERSON_V2_OID}6", + "voPersonPolicyAgreement": f"{VOPERSON_V2_OID}7", + "voPersonScopedAffiliation": f"{VOPERSON_V2_OID}12", + "voPersonSoRID": f"{VOPERSON_V2_OID}8", + "voPersonStatus": f"{VOPERSON_V2_OID}9", + "voPersonToken": f"{VOPERSON_V2_OID}15", + "voPersonVerifiedEmail": f"{VOPERSON_V2_OID}14", + }, } diff --git a/src/saml2/attributemaps/shibboleth_uri.py b/src/saml2/attributemaps/shibboleth_uri.py index 54de47353..8f14c42f4 100644 --- a/src/saml2/attributemaps/shibboleth_uri.py +++ b/src/saml2/attributemaps/shibboleth_uri.py @@ -1,197 +1,199 @@ -EDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.5923.1.1.1.' -NETSCAPE_LDAP = 'urn:oid:2.16.840.1.113730.3.1.' -NOREDUPERSON_OID = 'urn:oid:1.3.6.1.4.1.2428.90.1.' -PKCS_9 = 'urn:oid:1.2.840.113549.1.9.' -UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.' -UMICH = 'urn:oid:1.3.6.1.4.1.250.1.57.' -X500ATTR = 'urn:oid:2.5.4.' +EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1." +NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1." +NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1." +PKCS_9 = "urn:oid:1.2.840.113549.1.9." +UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1." +UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." +X500ATTR = "urn:oid:2.5.4." MAP = { "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri", - 'fro': { - EDUPERSON_OID+'1': 'eduPersonAffiliation', - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'12': 'eduPersonPrincipalNamePrior', - EDUPERSON_OID+'13': 'eduPersonUniqueId', - EDUPERSON_OID+'16': 'eduPersonOrcid', - NETSCAPE_LDAP+'1': 'carLicense', - NETSCAPE_LDAP+'2': 'departmentNumber', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'4': 'employeeType', - NETSCAPE_LDAP+'39': 'preferredLanguage', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NETSCAPE_LDAP+'216': 'userPKCS12', - NETSCAPE_LDAP+'241': 'displayName', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - PKCS_9+'1': 'email', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - UCL_DIR_PILOT+'37': 'associatedDomain', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR+'2': 'knowledgeInformation', - X500ATTR+'4': 'sn', - X500ATTR+'5': 'serialNumber', - X500ATTR+'6': 'c', - X500ATTR+'7': 'l', - X500ATTR+'8': 'st', - X500ATTR+'9': 'street', - X500ATTR+'10': 'o', - X500ATTR+'11': 'ou', - X500ATTR+'12': 'title', - X500ATTR+'14': 'searchGuide', - X500ATTR+'15': 'businessCategory', - X500ATTR+'16': 'postalAddress', - X500ATTR+'17': 'postalCode', - X500ATTR+'18': 'postOfficeBox', - X500ATTR+'19': 'physicalDeliveryOfficeName', - X500ATTR+'20': 'telephoneNumber', - X500ATTR+'21': 'telexNumber', - X500ATTR+'22': 'teletexTerminalIdentifier', - X500ATTR+'23': 'facsimileTelephoneNumber', - X500ATTR+'24': 'x121Address', - X500ATTR+'25': 'internationaliSDNNumber', - X500ATTR+'26': 'registeredAddress', - X500ATTR+'27': 'destinationIndicator', - X500ATTR+'28': 'preferredDeliveryMethod', - X500ATTR+'29': 'presentationAddress', - X500ATTR+'30': 'supportedApplicationContext', - X500ATTR+'31': 'member', - X500ATTR+'32': 'owner', - X500ATTR+'33': 'roleOccupant', - X500ATTR+'36': 'userCertificate', - X500ATTR+'37': 'cACertificate', - X500ATTR+'38': 'authorityRevocationList', - X500ATTR+'39': 'certificateRevocationList', - X500ATTR+'40': 'crossCertificatePair', - X500ATTR+'42': 'givenName', - X500ATTR+'43': 'initials', - X500ATTR+'44': 'generationQualifier', - X500ATTR+'45': 'x500UniqueIdentifier', - X500ATTR+'46': 'dnQualifier', - X500ATTR+'47': 'enhancedSearchGuide', - X500ATTR+'48': 'protocolInformation', - X500ATTR+'50': 'uniqueMember', - X500ATTR+'51': 'houseIdentifier', - X500ATTR+'52': 'supportedAlgorithms', - X500ATTR+'53': 'deltaRevocationList', - X500ATTR+'54': 'dmdName', - X500ATTR+'65': 'pseudonym', + "fro": { + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}12": "eduPersonPrincipalNamePrior", + f"{EDUPERSON_OID}13": "eduPersonUniqueId", + f"{EDUPERSON_OID}16": "eduPersonOrcid", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{NETSCAPE_LDAP}13": "mailLocalAddress", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{NETSCAPE_LDAP}241": "displayName", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{PKCS_9}1": "email", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{X500ATTR}2": "knowledgeInformation", + f"{X500ATTR}4": "sn", + f"{X500ATTR}5": "serialNumber", + f"{X500ATTR}6": "c", + f"{X500ATTR}7": "l", + f"{X500ATTR}8": "st", + f"{X500ATTR}9": "street", + f"{X500ATTR}10": "o", + f"{X500ATTR}11": "ou", + f"{X500ATTR}12": "title", + f"{X500ATTR}14": "searchGuide", + f"{X500ATTR}15": "businessCategory", + f"{X500ATTR}16": "postalAddress", + f"{X500ATTR}17": "postalCode", + f"{X500ATTR}18": "postOfficeBox", + f"{X500ATTR}19": "physicalDeliveryOfficeName", + f"{X500ATTR}20": "telephoneNumber", + f"{X500ATTR}21": "telexNumber", + f"{X500ATTR}22": "teletexTerminalIdentifier", + f"{X500ATTR}23": "facsimileTelephoneNumber", + f"{X500ATTR}24": "x121Address", + f"{X500ATTR}25": "internationaliSDNNumber", + f"{X500ATTR}26": "registeredAddress", + f"{X500ATTR}27": "destinationIndicator", + f"{X500ATTR}28": "preferredDeliveryMethod", + f"{X500ATTR}29": "presentationAddress", + f"{X500ATTR}30": "supportedApplicationContext", + f"{X500ATTR}31": "member", + f"{X500ATTR}32": "owner", + f"{X500ATTR}33": "roleOccupant", + f"{X500ATTR}36": "userCertificate", + f"{X500ATTR}37": "cACertificate", + f"{X500ATTR}38": "authorityRevocationList", + f"{X500ATTR}39": "certificateRevocationList", + f"{X500ATTR}40": "crossCertificatePair", + f"{X500ATTR}42": "givenName", + f"{X500ATTR}43": "initials", + f"{X500ATTR}44": "generationQualifier", + f"{X500ATTR}45": "x500UniqueIdentifier", + f"{X500ATTR}46": "dnQualifier", + f"{X500ATTR}47": "enhancedSearchGuide", + f"{X500ATTR}48": "protocolInformation", + f"{X500ATTR}50": "uniqueMember", + f"{X500ATTR}51": "houseIdentifier", + f"{X500ATTR}52": "supportedAlgorithms", + f"{X500ATTR}53": "deltaRevocationList", + f"{X500ATTR}54": "dmdName", + f"{X500ATTR}65": "pseudonym", + }, + "to": { + "associatedDomain": f"{UCL_DIR_PILOT}37", + "authorityRevocationList": f"{X500ATTR}38", + "businessCategory": f"{X500ATTR}15", + "c": f"{X500ATTR}6", + "cACertificate": f"{X500ATTR}37", + "carLicense": f"{NETSCAPE_LDAP}1", + "certificateRevocationList": f"{X500ATTR}39", + "countryName": f"{X500ATTR}6", + "crossCertificatePair": f"{X500ATTR}40", + "dc": f"{UCL_DIR_PILOT}25", + "deltaRevocationList": f"{X500ATTR}53", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "destinationIndicator": f"{X500ATTR}27", + "displayName": f"{NETSCAPE_LDAP}241", + "dmdName": f"{X500ATTR}54", + "dnQualifier": f"{X500ATTR}46", + "domainComponent": f"{UCL_DIR_PILOT}25", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "eduPersonPrincipalNamePrior": f"{EDUPERSON_OID}12", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "eduPersonUniqueId": f"{EDUPERSON_OID}13", + "eduPersonOrcid": f"{EDUPERSON_OID}16", + "email": f"{PKCS_9}1", + "emailAddress": f"{PKCS_9}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "employeeType": f"{NETSCAPE_LDAP}4", + "enhancedSearchGuide": f"{X500ATTR}47", + "facsimileTelephoneNumber": f"{X500ATTR}23", + "fax": f"{X500ATTR}23", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "generationQualifier": f"{X500ATTR}44", + "givenName": f"{X500ATTR}42", + "gn": f"{X500ATTR}42", + "houseIdentifier": f"{X500ATTR}51", + "initials": f"{X500ATTR}43", + "internationaliSDNNumber": f"{X500ATTR}25", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "knowledgeInformation": f"{X500ATTR}2", + "l": f"{X500ATTR}7", + "localityName": f"{X500ATTR}7", + "mail": f"{UCL_DIR_PILOT}3", + "mailLocalAddress": f"{NETSCAPE_LDAP}13", + "member": f"{X500ATTR}31", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "o": f"{X500ATTR}10", + "organizationName": f"{X500ATTR}10", + "organizationalUnitName": f"{X500ATTR}11", + "ou": f"{X500ATTR}11", + "owner": f"{X500ATTR}32", + "physicalDeliveryOfficeName": f"{X500ATTR}19", + "pkcs9email": f"{PKCS_9}1", + "postOfficeBox": f"{X500ATTR}18", + "postalAddress": f"{X500ATTR}16", + "postalCode": f"{X500ATTR}17", + "preferredDeliveryMethod": f"{X500ATTR}28", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "presentationAddress": f"{X500ATTR}29", + "protocolInformation": f"{X500ATTR}48", + "pseudonym": f"{X500ATTR}65", + "registeredAddress": f"{X500ATTR}26", + "rfc822Mailbox": f"{UCL_DIR_PILOT}3", + "roleOccupant": f"{X500ATTR}33", + "searchGuide": f"{X500ATTR}14", + "serialNumber": f"{X500ATTR}5", + "sn": f"{X500ATTR}4", + "st": f"{X500ATTR}8", + "stateOrProvinceName": f"{X500ATTR}8", + "street": f"{X500ATTR}9", + "streetAddress": f"{X500ATTR}9", + "supportedAlgorithms": f"{X500ATTR}52", + "supportedApplicationContext": f"{X500ATTR}30", + "surname": f"{X500ATTR}4", + "telephoneNumber": f"{X500ATTR}20", + "teletexTerminalIdentifier": f"{X500ATTR}22", + "telexNumber": f"{X500ATTR}21", + "title": f"{X500ATTR}12", + "uniqueMember": f"{X500ATTR}50", + "userCertificate": f"{X500ATTR}36", + "userPKCS12": f"{NETSCAPE_LDAP}216", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "x121Address": f"{X500ATTR}24", + "x500UniqueIdentifier": f"{X500ATTR}45", }, - 'to': { - 'associatedDomain': UCL_DIR_PILOT+'37', - 'authorityRevocationList': X500ATTR+'38', - 'businessCategory': X500ATTR+'15', - 'c': X500ATTR+'6', - 'cACertificate': X500ATTR+'37', - 'carLicense': NETSCAPE_LDAP+'1', - 'certificateRevocationList': X500ATTR+'39', - 'countryName': X500ATTR+'6', - 'crossCertificatePair': X500ATTR+'40', - 'dc': UCL_DIR_PILOT+'25', - 'deltaRevocationList': X500ATTR+'53', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'destinationIndicator': X500ATTR+'27', - 'displayName': NETSCAPE_LDAP+'241', - 'dmdName': X500ATTR+'54', - 'dnQualifier': X500ATTR+'46', - 'domainComponent': UCL_DIR_PILOT+'25', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'eduPersonPrincipalNamePrior': EDUPERSON_OID+'12', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'eduPersonUniqueId': EDUPERSON_OID+'13', - 'eduPersonOrcid': EDUPERSON_OID+'16', - 'email': PKCS_9+'1', - 'emailAddress': PKCS_9+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'employeeType': NETSCAPE_LDAP+'4', - 'enhancedSearchGuide': X500ATTR+'47', - 'facsimileTelephoneNumber': X500ATTR+'23', - 'fax': X500ATTR+'23', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'generationQualifier': X500ATTR+'44', - 'givenName': X500ATTR+'42', - 'gn': X500ATTR+'42', - 'houseIdentifier': X500ATTR+'51', - 'initials': X500ATTR+'43', - 'internationaliSDNNumber': X500ATTR+'25', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'knowledgeInformation': X500ATTR+'2', - 'l': X500ATTR+'7', - 'localityName': X500ATTR+'7', - 'mail': UCL_DIR_PILOT+'3', - 'member': X500ATTR+'31', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'o': X500ATTR+'10', - 'organizationName': X500ATTR+'10', - 'organizationalUnitName': X500ATTR+'11', - 'ou': X500ATTR+'11', - 'owner': X500ATTR+'32', - 'physicalDeliveryOfficeName': X500ATTR+'19', - 'pkcs9email': PKCS_9+'1', - 'postOfficeBox': X500ATTR+'18', - 'postalAddress': X500ATTR+'16', - 'postalCode': X500ATTR+'17', - 'preferredDeliveryMethod': X500ATTR+'28', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'presentationAddress': X500ATTR+'29', - 'protocolInformation': X500ATTR+'48', - 'pseudonym': X500ATTR+'65', - 'registeredAddress': X500ATTR+'26', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'roleOccupant': X500ATTR+'33', - 'searchGuide': X500ATTR+'14', - 'serialNumber': X500ATTR+'5', - 'sn': X500ATTR+'4', - 'st': X500ATTR+'8', - 'stateOrProvinceName': X500ATTR+'8', - 'street': X500ATTR+'9', - 'streetAddress': X500ATTR+'9', - 'supportedAlgorithms': X500ATTR+'52', - 'supportedApplicationContext': X500ATTR+'30', - 'surname': X500ATTR+'4', - 'telephoneNumber': X500ATTR+'20', - 'teletexTerminalIdentifier': X500ATTR+'22', - 'telexNumber': X500ATTR+'21', - 'title': X500ATTR+'12', - 'uniqueMember': X500ATTR+'50', - 'userCertificate': X500ATTR+'36', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'x121Address': X500ATTR+'24', - 'x500UniqueIdentifier': X500ATTR+'45', - } } diff --git a/src/saml2/authn.py b/src/saml2/authn.py index 480d89965..9a2eef517 100644 --- a/src/saml2/authn.py +++ b/src/saml2/authn.py @@ -1,17 +1,19 @@ import logging -import six import time +from urllib.parse import parse_qs +from urllib.parse import urlencode +from urllib.parse import urlsplit + from saml2 import SAMLError import saml2.cryptography.symmetric -from saml2.httputil import Response -from saml2.httputil import make_cookie from saml2.httputil import Redirect +from saml2.httputil import Response from saml2.httputil import Unauthorized +from saml2.httputil import make_cookie from saml2.httputil import parse_cookie -from six.moves.urllib.parse import urlencode, parse_qs, urlsplit -__author__ = 'rolandh' +__author__ = "rolandh" logger = logging.getLogger(__name__) @@ -24,7 +26,7 @@ class EncodeError(SAMLError): pass -class UserAuthnMethod(object): +class UserAuthnMethod: def __init__(self, srv): self.srv = srv @@ -76,7 +78,7 @@ def create_return_url(base, query, **kwargs): for key, values in parse_qs(query).items(): if key in kwargs: - if isinstance(kwargs[key], six.string_types): + if isinstance(kwargs[key], str): kwargs[key] = [kwargs[key]] kwargs[key].extend(values) else: @@ -85,7 +87,7 @@ def create_return_url(base, query, **kwargs): if part.query: for key, values in parse_qs(part.query).items(): if key in kwargs: - if isinstance(kwargs[key], six.string_types): + if isinstance(kwargs[key], str): kwargs[key] = [kwargs[key]] kwargs[key].extend(values) else: @@ -95,14 +97,15 @@ def create_return_url(base, query, **kwargs): else: _pre = base - logger.debug("kwargs: %s" % kwargs) + logger.debug(f"kwargs: {kwargs}") - return "%s?%s" % (_pre, url_encode_params(kwargs)) + return f"{_pre}?{url_encode_params(kwargs)}" class UsernamePasswordMako(UserAuthnMethod): """Do user authentication using the normal username password form using Mako as template system""" + cookie_name = "userpassmako" def __init__(self, srv, mako_template, template_lookup, pwd, return_to): @@ -122,8 +125,7 @@ def __init__(self, srv, mako_template, template_lookup, pwd, return_to): self.query_param = "upm_answer" self.symmetric = saml2.cryptography.symmetric.Default(srv.symkey) - def __call__(self, cookie=None, policy_url=None, logo_url=None, - query="", **kwargs): + def __call__(self, cookie=None, policy_url=None, logo_url=None, query="", **kwargs): """ Put up the login form """ @@ -134,13 +136,15 @@ def __call__(self, cookie=None, policy_url=None, logo_url=None, resp = Response(headers=headers) - argv = {"login": "", - "password": "", - "action": "verify", - "policy_url": policy_url, - "logo_url": logo_url, - "query": query} - logger.info("do_authentication argv: %s" % argv) + argv = { + "login": "", + "password": "", + "action": "verify", + "policy_url": policy_url, + "logo_url": logo_url, + "query": query, + } + logger.debug(f"do_authentication argv: {argv}") mte = self.template_lookup.get_template(self.mako_template) resp.message = mte.render(**argv) return resp @@ -160,7 +164,7 @@ def verify(self, request, **kwargs): """ # logger.debug("verify(%s)" % request) - if isinstance(request, six.string_types): + if isinstance(request, str): _dict = parse_qs(request) elif isinstance(request, dict): _dict = request @@ -175,8 +179,7 @@ def verify(self, request, **kwargs): info = self.symmetric.encrypt(msg.encode()) self.active[info] = timestamp cookie = make_cookie(self.cookie_name, info, self.srv.seed) - return_to = create_return_url(self.return_to, _dict["query"][0], - **{self.query_param: "true"}) + return_to = create_return_url(self.return_to, _dict["query"][0], **{self.query_param: "true"}) resp = Redirect(return_to, headers=[cookie]) except (ValueError, KeyError): resp = Unauthorized("Unknown user or wrong password") @@ -187,10 +190,9 @@ def authenticated_as(self, cookie=None, **kwargs): if cookie is None: return None else: - logger.debug("kwargs: %s" % kwargs) + logger.debug(f"kwargs: {kwargs}") try: - info, timestamp = parse_cookie(self.cookie_name, - self.srv.seed, cookie) + info, timestamp = parse_cookie(self.cookie_name, self.srv.seed, cookie) if self.active[info] == timestamp: msg = self.symmetric.decrypt(info).decode() uid, _ts = msg.split("::") @@ -221,7 +223,7 @@ def callback(self, server_env, cookie=None, sid="", query="", **kwargs): return self.social.callback(server_env, cookie, sid, query, **kwargs) -class AuthnMethodChooser(object): +class AuthnMethodChooser: def __init__(self, methods=None): self.methods = methods @@ -233,21 +235,19 @@ def __call__(self, **kwargs): else: pass # TODO + try: import ldap - class LDAPAuthn(UsernamePasswordMako): - def __init__(self, srv, ldapsrv, return_to, - dn_pattern, mako_template, template_lookup): + def __init__(self, srv, ldapsrv, return_to, dn_pattern, mako_template, template_lookup): """ :param srv: The server instance :param ldapsrv: Which LDAP server to us :param return_to: Where to send the user after authentication :return: """ - UsernamePasswordMako.__init__(self, srv, mako_template, template_lookup, - None, return_to) + UsernamePasswordMako.__init__(self, srv, mako_template, template_lookup, None, return_to) self.ldap = ldap.initialize(ldapsrv) self.ldap.protocol_version = 3 @@ -266,6 +266,8 @@ def _verify(self, pwd, user): self.ldap.simple_bind_s(_dn, pwd) except Exception: raise AssertionError() + except ImportError: - class LDAPAuthn(UserAuthnMethod): + + class LDAPAuthn(UserAuthnMethod): # type: ignore[no-redef] pass diff --git a/src/saml2/authn_context/__init__.py b/src/saml2/authn_context/__init__.py index 3abdf74cf..766495296 100644 --- a/src/saml2/authn_context/__init__.py +++ b/src/saml2/authn_context/__init__.py @@ -1,20 +1,21 @@ -from saml2.saml import AuthnContext, AuthnContextClassRef +from saml2 import extension_elements_to_elements +from saml2.authn_context import ippword +from saml2.authn_context import mobiletwofactor +from saml2.authn_context import ppt +from saml2.authn_context import pword +from saml2.authn_context import sslcert +from saml2.saml import AuthnContext +from saml2.saml import AuthnContextClassRef from saml2.samlp import RequestedAuthnContext -__author__ = 'rolandh' - -from saml2 import extension_elements_to_elements UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified" -INTERNETPROTOCOLPASSWORD = \ - 'urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword' -MOBILETWOFACTORCONTRACT = \ - 'urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract' -PASSWORDPROTECTEDTRANSPORT = \ - 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport' -PASSWORD = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password' -TLSCLIENT = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient' +INTERNETPROTOCOLPASSWORD = "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword" +MOBILETWOFACTORCONTRACT = "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract" +PASSWORDPROTECTEDTRANSPORT = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" +PASSWORD = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password" +TLSCLIENT = "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient" TIMESYNCTOKEN = "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken" AL1 = "http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel1" @@ -22,16 +23,10 @@ AL3 = "http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel3" AL4 = "http://idmanagement.gov/icam/2009/12/saml_2.0_profile/assurancelevel4" -from saml2.authn_context import ippword -from saml2.authn_context import mobiletwofactor -from saml2.authn_context import ppt -from saml2.authn_context import pword -from saml2.authn_context import sslcert - -CMP_TYPE = ['exact', 'minimum', 'maximum', 'better'] +CMP_TYPE = ["exact", "minimum", "maximum", "better"] -class AuthnBroker(object): +class AuthnBroker: def __init__(self): self.db = {"info": {}, "key": {}} self.next = 0 @@ -68,20 +63,10 @@ def add(self, spec, method, level=0, authn_authority="", reference=None): if spec.authn_context_class_ref: key = spec.authn_context_class_ref.text - _info = { - "class_ref": key, - "method": method, - "level": level, - "authn_auth": authn_authority - } + _info = {"class_ref": key, "method": method, "level": level, "authn_auth": authn_authority} elif spec.authn_context_decl: key = spec.authn_context_decl.c_namespace - _info = { - "method": method, - "decl": spec.authn_context_decl, - "level": level, - "authn_auth": authn_authority - } + _info = {"method": method, "decl": spec.authn_context_decl, "level": level, "authn_auth": authn_authority} else: raise NotImplementedError() @@ -114,8 +99,7 @@ def remove(self, spec, method=None, level=0, authn_authority=""): _remain.append(_ref) if level and level != item["level"]: _remain.append(_ref) - if authn_authority and \ - authn_authority != item["authn_authority"]: + if authn_authority and authn_authority != item["authn_authority"]: _remain.append(_ref) if _remain: self.db[_cls_ref] = _remain @@ -169,21 +153,19 @@ def pick(self, req_authn_context=None): _cmp = req_authn_context.comparison else: _cmp = "exact" - if _cmp == 'exact': + if _cmp == "exact": res = [] for cls_ref in req_authn_context.authn_context_class_ref: - res += (self._pick_by_class_ref(cls_ref.text, _cmp)) + res += self._pick_by_class_ref(cls_ref.text, _cmp) return res else: - return self._pick_by_class_ref( - req_authn_context.authn_context_class_ref[0].text, _cmp) + return self._pick_by_class_ref(req_authn_context.authn_context_class_ref[0].text, _cmp) elif req_authn_context.authn_context_decl_ref: if req_authn_context.comparison: _cmp = req_authn_context.comparison else: _cmp = "exact" - return self._pick_by_class_ref( - req_authn_context.authn_context_decl_ref, _cmp) + return self._pick_by_class_ref(req_authn_context.authn_context_decl_ref, _cmp) def match(self, requested, provided): if requested == provided: @@ -210,8 +192,7 @@ def authn_context_factory(text): def authn_context_decl_from_extension_elements(extelems): - res = extension_elements_to_elements(extelems, [ippword, mobiletwofactor, - ppt, pword, sslcert]) + res = extension_elements_to_elements(extelems, [ippword, mobiletwofactor, ppt, pword, sslcert]) try: return res[0] except IndexError: @@ -226,5 +207,5 @@ def requested_authn_context(class_ref, comparison="minimum"): if not isinstance(class_ref, list): class_ref = [class_ref] return RequestedAuthnContext( - authn_context_class_ref=[AuthnContextClassRef(text=i) for i in class_ref], - comparison=comparison) + authn_context_class_ref=[AuthnContextClassRef(text=i) for i in class_ref], comparison=comparison + ) diff --git a/src/saml2/authn_context/ippword.py b/src/saml2/authn_context/ippword.py index 47655d8d8..f3feebbc6 100644 --- a/src/saml2/authn_context/ippword.py +++ b/src/saml2/authn_context/ippword.py @@ -14,30 +14,32 @@ from saml2 import SamlBase -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword" class PhysicalVerification(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PhysicalVerification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PhysicalVerification element""" - c_tag = 'PhysicalVerification' + c_tag = "PhysicalVerification" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['credentialLevel'] = ('credential_level', 'None', False) - - def __init__(self, - credential_level=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["credentialLevel"] = ("credential_level", "None", False) + + def __init__( + self, + credential_level=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.credential_level = credential_level @@ -47,26 +49,28 @@ def physical_verification_from_string(xml_string): class Generation(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Generation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Generation element""" - c_tag = 'Generation' + c_tag = "Generation" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['mechanism'] = ('mechanism', 'None', True) - - def __init__(self, - mechanism=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["mechanism"] = ("mechanism", "None", True) + + def __init__( + self, + mechanism=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.mechanism = mechanism @@ -76,12 +80,11 @@ def generation_from_string(xml_string): class NymType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:nymType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:nymType element""" - c_tag = 'nymType' + c_tag = "nymType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['anonymity', 'verinymity', 'pseudonymity']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["anonymity", "verinymity", "pseudonymity"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -93,57 +96,59 @@ def nym_type__from_string(xml_string): class GoverningAgreementRefType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreementRefType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreementRefType element""" - c_tag = 'GoverningAgreementRefType' + c_tag = "GoverningAgreementRefType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['governingAgreementRef'] = ( - 'governing_agreement_ref', 'anyURI', True) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["governingAgreementRef"] = ("governing_agreement_ref", "anyURI", True) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref def governing_agreement_ref_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementRefType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementRefType_, xml_string) class KeySharingType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeySharingType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeySharingType element""" - c_tag = 'KeySharingType' + c_tag = "KeySharingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['sharing'] = ('sharing', 'boolean', True) - - def __init__(self, - sharing=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["sharing"] = ("sharing", "boolean", True) + + def __init__( + self, + sharing=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.sharing = sharing @@ -153,28 +158,30 @@ def key_sharing_type__from_string(xml_string): class RestrictedLengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:RestrictedLengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:RestrictedLengthType element""" - c_tag = 'RestrictedLengthType' + c_tag = "RestrictedLengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'None', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "None", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -185,30 +192,32 @@ def restricted_length_type__from_string(xml_string): class AlphabetType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AlphabetType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AlphabetType element""" - c_tag = 'AlphabetType' + c_tag = "AlphabetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['requiredChars'] = ('required_chars', 'string', True) - c_attributes['excludedChars'] = ('excluded_chars', 'string', False) - c_attributes['case'] = ('case', 'string', False) - - def __init__(self, - required_chars=None, - excluded_chars=None, - case=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["requiredChars"] = ("required_chars", "string", True) + c_attributes["excludedChars"] = ("excluded_chars", "string", False) + c_attributes["case"] = ("case", "string", False) + + def __init__( + self, + required_chars=None, + excluded_chars=None, + case=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.required_chars = required_chars self.excluded_chars = excluded_chars @@ -220,12 +229,11 @@ def alphabet_type__from_string(xml_string): class DeviceTypeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:DeviceTypeType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:DeviceTypeType element""" - c_tag = 'DeviceTypeType' + c_tag = "DeviceTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['hardware', 'software']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["hardware", "software"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -237,11 +245,11 @@ def device_type_type__from_string(xml_string): class BooleanType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:booleanType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:booleanType element""" - c_tag = 'booleanType' + c_tag = "booleanType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', 'enumeration': ['true', 'false']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["true", "false"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -253,30 +261,32 @@ def boolean_type__from_string(xml_string): class TimeSyncTokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TimeSyncTokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TimeSyncTokenType element""" - c_tag = 'TimeSyncTokenType' + c_tag = "TimeSyncTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['DeviceType'] = ('device_type', DeviceTypeType_, True) - c_attributes['SeedLength'] = ('seed_length', 'integer', True) - c_attributes['DeviceInHand'] = ('device_in_hand', BooleanType_, True) - - def __init__(self, - device_type=None, - seed_length=None, - device_in_hand=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["DeviceType"] = ("device_type", DeviceTypeType_, True) + c_attributes["SeedLength"] = ("seed_length", "integer", True) + c_attributes["DeviceInHand"] = ("device_in_hand", BooleanType_, True) + + def __init__( + self, + device_type=None, + seed_length=None, + device_in_hand=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.device_type = device_type self.seed_length = seed_length @@ -288,69 +298,71 @@ def time_sync_token_type__from_string(xml_string): class ActivationLimitDurationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitDurationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitDurationType element""" - c_tag = 'ActivationLimitDurationType' + c_tag = "ActivationLimitDurationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['duration'] = ('duration', 'duration', True) - - def __init__(self, - duration=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["duration"] = ("duration", "duration", True) + + def __init__( + self, + duration=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.duration = duration def activation_limit_duration_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDurationType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDurationType_, xml_string) class ActivationLimitUsagesType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitUsagesType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitUsagesType element""" - c_tag = 'ActivationLimitUsagesType' + c_tag = "ActivationLimitUsagesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['number'] = ('number', 'integer', True) - - def __init__(self, - number=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["number"] = ("number", "integer", True) + + def __init__( + self, + number=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.number = number def activation_limit_usages_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, xml_string) class ActivationLimitSessionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitSessionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitSessionType element""" - c_tag = 'ActivationLimitSessionType' + c_tag = "ActivationLimitSessionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -359,33 +371,34 @@ class ActivationLimitSessionType_(SamlBase): def activation_limit_session_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSessionType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSessionType_, xml_string) class LengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:LengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:LengthType element""" - c_tag = 'LengthType' + c_tag = "LengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'integer', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "integer", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -396,13 +409,14 @@ def length_type__from_string(xml_string): class MediumType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:mediumType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:mediumType element""" - c_tag = 'mediumType' + c_tag = "mediumType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['memory', 'smartcard', 'token', - 'MobileDevice', 'MobileAuthCard']} + c_value_type = { + "base": "xs:NMTOKEN", + "enumeration": ["memory", "smartcard", "token", "MobileDevice", "MobileAuthCard"], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -414,26 +428,28 @@ def medium_type__from_string(xml_string): class KeyStorageType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyStorageType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyStorageType element""" - c_tag = 'KeyStorageType' + c_tag = "KeyStorageType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['medium'] = ('medium', MediumType_, True) - - def __init__(self, - medium=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["medium"] = ("medium", MediumType_, True) + + def __init__( + self, + medium=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.medium = medium @@ -443,9 +459,9 @@ def key_storage_type__from_string(xml_string): class ExtensionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ExtensionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ExtensionType element""" - c_tag = 'ExtensionType' + c_tag = "ExtensionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -458,9 +474,9 @@ def extension_type__from_string(xml_string): class KeySharing(KeySharingType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeySharing element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeySharing element""" - c_tag = 'KeySharing' + c_tag = "KeySharing" c_namespace = NAMESPACE c_children = KeySharingType_.c_children.copy() c_attributes = KeySharingType_.c_attributes.copy() @@ -473,9 +489,9 @@ def key_sharing_from_string(xml_string): class KeyStorage(KeyStorageType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyStorage element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyStorage element""" - c_tag = 'KeyStorage' + c_tag = "KeyStorage" c_namespace = NAMESPACE c_children = KeyStorageType_.c_children.copy() c_attributes = KeyStorageType_.c_attributes.copy() @@ -488,9 +504,9 @@ def key_storage_from_string(xml_string): class TimeSyncToken(TimeSyncTokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TimeSyncToken element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TimeSyncToken element""" - c_tag = 'TimeSyncToken' + c_tag = "TimeSyncToken" c_namespace = NAMESPACE c_children = TimeSyncTokenType_.c_children.copy() c_attributes = TimeSyncTokenType_.c_attributes.copy() @@ -503,9 +519,9 @@ def time_sync_token_from_string(xml_string): class Length(LengthType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Length element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Length element""" - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = LengthType_.c_children.copy() c_attributes = LengthType_.c_attributes.copy() @@ -518,9 +534,9 @@ def length_from_string(xml_string): class GoverningAgreementRef(GoverningAgreementRefType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreementRef element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreementRef element""" - c_tag = 'GoverningAgreementRef' + c_tag = "GoverningAgreementRef" c_namespace = NAMESPACE c_children = GoverningAgreementRefType_.c_children.copy() c_attributes = GoverningAgreementRefType_.c_attributes.copy() @@ -533,41 +549,43 @@ def governing_agreement_ref_from_string(xml_string): class GoverningAgreementsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreementsType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreementsType element""" - c_tag = 'GoverningAgreementsType' + c_tag = "GoverningAgreementsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}GoverningAgreementRef'] = ( - 'governing_agreement_ref', [GoverningAgreementRef]) - c_cardinality['governing_agreement_ref'] = {"min": 1} - c_child_order.extend(['governing_agreement_ref']) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}GoverningAgreementRef"] = ( + "governing_agreement_ref", + [GoverningAgreementRef], + ) + c_cardinality["governing_agreement_ref"] = {"min": 1} + c_child_order.extend(["governing_agreement_ref"]) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref or [] def governing_agreements_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementsType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementsType_, xml_string) class RestrictedPasswordType_Length(RestrictedLengthType_): - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = RestrictedLengthType_.c_children.copy() c_attributes = RestrictedLengthType_.c_attributes.copy() @@ -576,14 +594,13 @@ class RestrictedPasswordType_Length(RestrictedLengthType_): def restricted_password_type__length_from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, xml_string) class Alphabet(AlphabetType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Alphabet element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Alphabet element""" - c_tag = 'Alphabet' + c_tag = "Alphabet" c_namespace = NAMESPACE c_children = AlphabetType_.c_children.copy() c_attributes = AlphabetType_.c_attributes.copy() @@ -596,9 +613,9 @@ def alphabet_from_string(xml_string): class ActivationLimitDuration(ActivationLimitDurationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitDuration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitDuration element""" - c_tag = 'ActivationLimitDuration' + c_tag = "ActivationLimitDuration" c_namespace = NAMESPACE c_children = ActivationLimitDurationType_.c_children.copy() c_attributes = ActivationLimitDurationType_.c_attributes.copy() @@ -607,14 +624,13 @@ class ActivationLimitDuration(ActivationLimitDurationType_): def activation_limit_duration_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDuration, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDuration, xml_string) class ActivationLimitUsages(ActivationLimitUsagesType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitUsages element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitUsages element""" - c_tag = 'ActivationLimitUsages' + c_tag = "ActivationLimitUsages" c_namespace = NAMESPACE c_children = ActivationLimitUsagesType_.c_children.copy() c_attributes = ActivationLimitUsagesType_.c_attributes.copy() @@ -627,9 +643,9 @@ def activation_limit_usages_from_string(xml_string): class ActivationLimitSession(ActivationLimitSessionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitSession element""" - c_tag = 'ActivationLimitSession' + c_tag = "ActivationLimitSession" c_namespace = NAMESPACE c_children = ActivationLimitSessionType_.c_children.copy() c_attributes = ActivationLimitSessionType_.c_attributes.copy() @@ -638,14 +654,13 @@ class ActivationLimitSession(ActivationLimitSessionType_): def activation_limit_session_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSession, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSession, xml_string) class Extension(ExtensionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Extension element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Extension element""" - c_tag = 'Extension' + c_tag = "Extension" c_namespace = NAMESPACE c_children = ExtensionType_.c_children.copy() c_attributes = ExtensionType_.c_attributes.copy() @@ -658,69 +673,74 @@ def extension_from_string(xml_string): class SharedSecretChallengeResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SharedSecretChallengeResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SharedSecretChallengeResponseType element""" - c_tag = 'SharedSecretChallengeResponseType' + c_tag = "SharedSecretChallengeResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['method'] = ('method', 'anyURI', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - method=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["method"] = ("method", "anyURI", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + method=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.method = method def shared_secret_challenge_response_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - SharedSecretChallengeResponseType_, xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponseType_, xml_string) class PublicKeyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PublicKeyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PublicKeyType element""" - c_tag = 'PublicKeyType' + c_tag = "PublicKeyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['keyValidation'] = ('key_validation', 'None', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - key_validation=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["keyValidation"] = ("key_validation", "None", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + key_validation=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.key_validation = key_validation @@ -731,9 +751,9 @@ def public_key_type__from_string(xml_string): class GoverningAgreements(GoverningAgreementsType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreements element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:GoverningAgreements element""" - c_tag = 'GoverningAgreements' + c_tag = "GoverningAgreements" c_namespace = NAMESPACE c_children = GoverningAgreementsType_.c_children.copy() c_attributes = GoverningAgreementsType_.c_attributes.copy() @@ -746,48 +766,47 @@ def governing_agreements_from_string(xml_string): class PasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PasswordType element""" - c_tag = 'PasswordType' + c_tag = "PasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'alphabet', 'generation', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "alphabet", "generation", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -801,42 +820,46 @@ def password_type__from_string(xml_string): class RestrictedPasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:RestrictedPasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:RestrictedPasswordType element""" - c_tag = 'RestrictedPasswordType' + c_tag = "RestrictedPasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Length'] = ( - 'length', RestrictedPasswordType_Length) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'generation', 'extension']) - - def __init__(self, - length=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Length"] = ( + "length", + RestrictedPasswordType_Length, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "generation", "extension"]) + + def __init__( + self, + length=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.generation = generation @@ -845,39 +868,42 @@ def __init__(self, def restricted_password_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_, xml_string) class TokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TokenType element""" - c_tag = 'TokenType' + c_tag = "TokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}TimeSyncToken'] = ( - 'time_sync_token', TimeSyncToken) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['time_sync_token', 'extension']) - - def __init__(self, - time_sync_token=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}TimeSyncToken"] = ( + "time_sync_token", + TimeSyncToken, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["time_sync_token", "extension"]) + + def __init__( + self, + time_sync_token=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.time_sync_token = time_sync_token self.extension = extension or [] @@ -888,42 +914,45 @@ def token_type__from_string(xml_string): class ActivationLimitType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimitType element""" - c_tag = 'ActivationLimitType' + c_tag = "ActivationLimitType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimitDuration'] = ( - 'activation_limit_duration', ActivationLimitDuration) - c_cardinality['activation_limit_duration'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimitUsages'] = ( - 'activation_limit_usages', ActivationLimitUsages) - c_cardinality['activation_limit_usages'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimitSession'] = ( - 'activation_limit_session', ActivationLimitSession) - c_cardinality['activation_limit_session'] = {"min": 0, "max": 1} - c_child_order.extend( - ['activation_limit_duration', 'activation_limit_usages', - 'activation_limit_session']) - - def __init__(self, - activation_limit_duration=None, - activation_limit_usages=None, - activation_limit_session=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimitDuration"] = ( + "activation_limit_duration", + ActivationLimitDuration, + ) + c_cardinality["activation_limit_duration"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimitUsages"] = ( + "activation_limit_usages", + ActivationLimitUsages, + ) + c_cardinality["activation_limit_usages"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimitSession"] = ( + "activation_limit_session", + ActivationLimitSession, + ) + c_cardinality["activation_limit_session"] = {"min": 0, "max": 1} + c_child_order.extend(["activation_limit_duration", "activation_limit_usages", "activation_limit_session"]) + + def __init__( + self, + activation_limit_duration=None, + activation_limit_usages=None, + activation_limit_session=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_limit_duration = activation_limit_duration self.activation_limit_usages = activation_limit_usages @@ -935,30 +964,33 @@ def activation_limit_type__from_string(xml_string): class ExtensionOnlyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ExtensionOnlyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ExtensionOnlyType element""" - c_tag = 'ExtensionOnlyType' + c_tag = "ExtensionOnlyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] @@ -968,9 +1000,9 @@ def extension_only_type__from_string(xml_string): class WrittenConsent(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:WrittenConsent element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:WrittenConsent element""" - c_tag = 'WrittenConsent' + c_tag = "WrittenConsent" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -983,9 +1015,9 @@ def written_consent_from_string(xml_string): class SubscriberLineNumber(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SubscriberLineNumber element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SubscriberLineNumber element""" - c_tag = 'SubscriberLineNumber' + c_tag = "SubscriberLineNumber" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -998,9 +1030,9 @@ def subscriber_line_number_from_string(xml_string): class UserSuffix(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:UserSuffix element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:UserSuffix element""" - c_tag = 'UserSuffix' + c_tag = "UserSuffix" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1013,9 +1045,9 @@ def user_suffix_from_string(xml_string): class Password(PasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Password element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Password element""" - c_tag = 'Password' + c_tag = "Password" c_namespace = NAMESPACE c_children = PasswordType_.c_children.copy() c_attributes = PasswordType_.c_attributes.copy() @@ -1028,9 +1060,9 @@ def password_from_string(xml_string): class Token(TokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Token element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Token element""" - c_tag = 'Token' + c_tag = "Token" c_namespace = NAMESPACE c_children = TokenType_.c_children.copy() c_attributes = TokenType_.c_attributes.copy() @@ -1043,9 +1075,9 @@ def token_from_string(xml_string): class Smartcard(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Smartcard element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Smartcard element""" - c_tag = 'Smartcard' + c_tag = "Smartcard" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1058,9 +1090,9 @@ def smartcard_from_string(xml_string): class ActivationLimit(ActivationLimitType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationLimit element""" - c_tag = 'ActivationLimit' + c_tag = "ActivationLimit" c_namespace = NAMESPACE c_children = ActivationLimitType_.c_children.copy() c_attributes = ActivationLimitType_.c_attributes.copy() @@ -1073,9 +1105,9 @@ def activation_limit_from_string(xml_string): class PreviousSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PreviousSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PreviousSession element""" - c_tag = 'PreviousSession' + c_tag = "PreviousSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1088,9 +1120,9 @@ def previous_session_from_string(xml_string): class ResumeSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ResumeSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ResumeSession element""" - c_tag = 'ResumeSession' + c_tag = "ResumeSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1103,9 +1135,9 @@ def resume_session_from_string(xml_string): class ZeroKnowledge(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ZeroKnowledge element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ZeroKnowledge element""" - c_tag = 'ZeroKnowledge' + c_tag = "ZeroKnowledge" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1118,9 +1150,9 @@ def zero_knowledge_from_string(xml_string): class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SharedSecretChallengeResponse element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SharedSecretChallengeResponse element""" - c_tag = 'SharedSecretChallengeResponse' + c_tag = "SharedSecretChallengeResponse" c_namespace = NAMESPACE c_children = SharedSecretChallengeResponseType_.c_children.copy() c_attributes = SharedSecretChallengeResponseType_.c_attributes.copy() @@ -1129,14 +1161,13 @@ class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): def shared_secret_challenge_response_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, xml_string) class DigSig(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:DigSig element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:DigSig element""" - c_tag = 'DigSig' + c_tag = "DigSig" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1149,9 +1180,9 @@ def dig_sig_from_string(xml_string): class AsymmetricDecryption(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AsymmetricDecryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AsymmetricDecryption element""" - c_tag = 'AsymmetricDecryption' + c_tag = "AsymmetricDecryption" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1164,9 +1195,9 @@ def asymmetric_decryption_from_string(xml_string): class AsymmetricKeyAgreement(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AsymmetricKeyAgreement element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AsymmetricKeyAgreement element""" - c_tag = 'AsymmetricKeyAgreement' + c_tag = "AsymmetricKeyAgreement" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1175,14 +1206,13 @@ class AsymmetricKeyAgreement(PublicKeyType_): def asymmetric_key_agreement_from_string(xml_string): - return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, - xml_string) + return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, xml_string) class IPAddress(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:IPAddress element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:IPAddress element""" - c_tag = 'IPAddress' + c_tag = "IPAddress" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1195,9 +1225,9 @@ def ip_address_from_string(xml_string): class SharedSecretDynamicPlaintext(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SharedSecretDynamicPlaintext element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SharedSecretDynamicPlaintext element""" - c_tag = 'SharedSecretDynamicPlaintext' + c_tag = "SharedSecretDynamicPlaintext" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1206,14 +1236,13 @@ class SharedSecretDynamicPlaintext(ExtensionOnlyType_): def shared_secret_dynamic_plaintext_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, xml_string) class HTTP(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:HTTP element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:HTTP element""" - c_tag = 'HTTP' + c_tag = "HTTP" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1226,9 +1255,9 @@ def http_from_string(xml_string): class IPSec(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:IPSec element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:IPSec element""" - c_tag = 'IPSec' + c_tag = "IPSec" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1241,9 +1270,9 @@ def ip_sec_from_string(xml_string): class WTLS(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:WTLS element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:WTLS element""" - c_tag = 'WTLS' + c_tag = "WTLS" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1256,9 +1285,9 @@ def wtls_from_string(xml_string): class MobileNetworkNoEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:MobileNetworkNoEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:MobileNetworkNoEncryption element""" - c_tag = 'MobileNetworkNoEncryption' + c_tag = "MobileNetworkNoEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1267,14 +1296,13 @@ class MobileNetworkNoEncryption(ExtensionOnlyType_): def mobile_network_no_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, xml_string) class MobileNetworkRadioEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:MobileNetworkRadioEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:MobileNetworkRadioEncryption element""" - c_tag = 'MobileNetworkRadioEncryption' + c_tag = "MobileNetworkRadioEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1283,14 +1311,13 @@ class MobileNetworkRadioEncryption(ExtensionOnlyType_): def mobile_network_radio_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, xml_string) class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:MobileNetworkEndToEndEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:MobileNetworkEndToEndEncryption element""" - c_tag = 'MobileNetworkEndToEndEncryption' + c_tag = "MobileNetworkEndToEndEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1299,14 +1326,13 @@ class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): def mobile_network_end_to_end_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, xml_string) class SSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SSL element""" - c_tag = 'SSL' + c_tag = "SSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1319,9 +1345,9 @@ def ssl_from_string(xml_string): class PSTN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PSTN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PSTN element""" - c_tag = 'PSTN' + c_tag = "PSTN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1334,9 +1360,9 @@ def pstn_from_string(xml_string): class ISDN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ISDN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ISDN element""" - c_tag = 'ISDN' + c_tag = "ISDN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1349,9 +1375,9 @@ def isdn_from_string(xml_string): class ADSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ADSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ADSL element""" - c_tag = 'ADSL' + c_tag = "ADSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1364,9 +1390,9 @@ def adsl_from_string(xml_string): class SwitchAudit(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SwitchAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SwitchAudit element""" - c_tag = 'SwitchAudit' + c_tag = "SwitchAudit" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1379,9 +1405,9 @@ def switch_audit_from_string(xml_string): class DeactivationCallCenter(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:DeactivationCallCenter element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:DeactivationCallCenter element""" - c_tag = 'DeactivationCallCenter' + c_tag = "DeactivationCallCenter" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1390,54 +1416,57 @@ class DeactivationCallCenter(ExtensionOnlyType_): def deactivation_call_center_from_string(xml_string): - return saml2.create_class_from_xml_string(DeactivationCallCenter, - xml_string) + return saml2.create_class_from_xml_string(DeactivationCallCenter, xml_string) class IdentificationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:IdentificationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:IdentificationType element""" - c_tag = 'IdentificationType' + c_tag = "IdentificationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PhysicalVerification'] = ( - 'physical_verification', PhysicalVerification) - c_cardinality['physical_verification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}WrittenConsent'] = ( - 'written_consent', WrittenConsent) - c_cardinality['written_consent'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['nym'] = ('nym', NymType_, False) - c_child_order.extend( - ['physical_verification', 'written_consent', 'governing_agreements', - 'extension']) - - def __init__(self, - physical_verification=None, - written_consent=None, - governing_agreements=None, - extension=None, - nym=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PhysicalVerification"] = ( + "physical_verification", + PhysicalVerification, + ) + c_cardinality["physical_verification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}WrittenConsent"] = ( + "written_consent", + WrittenConsent, + ) + c_cardinality["written_consent"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["nym"] = ("nym", NymType_, False) + c_child_order.extend(["physical_verification", "written_consent", "governing_agreements", "extension"]) + + def __init__( + self, + physical_verification=None, + written_consent=None, + governing_agreements=None, + extension=None, + nym=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.physical_verification = physical_verification self.written_consent = written_consent @@ -1451,83 +1480,86 @@ def identification_type__from_string(xml_string): class AuthenticatorTransportProtocolType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticatorTransportProtocolType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticatorTransportProtocolType element""" - c_tag = 'AuthenticatorTransportProtocolType' + c_tag = "AuthenticatorTransportProtocolType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}HTTP'] = ( - 'http', HTTP) - c_cardinality['http'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SSL'] = ( - 'ssl', SSL) - c_cardinality['ssl'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}MobileNetworkNoEncryption'] = ( - 'mobile_network_no_encryption', MobileNetworkNoEncryption) - c_cardinality['mobile_network_no_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}MobileNetworkRadioEncryption'] = ( - 'mobile_network_radio_encryption', MobileNetworkRadioEncryption) - c_cardinality['mobile_network_radio_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}MobileNetworkEndToEndEncryption'] = ( - 'mobile_network_end_to_end_encryption', MobileNetworkEndToEndEncryption) - c_cardinality['mobile_network_end_to_end_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}WTLS'] = ( - 'wtls', WTLS) - c_cardinality['wtls'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}IPSec'] = ( - 'ip_sec', IPSec) - c_cardinality['ip_sec'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PSTN'] = ( - 'pstn', PSTN) - c_cardinality['pstn'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ISDN'] = ( - 'isdn', ISDN) - c_cardinality['isdn'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ADSL'] = ( - 'adsl', ADSL) - c_cardinality['adsl'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['http', 'ssl', 'mobile_network_no_encryption', - 'mobile_network_radio_encryption', - 'mobile_network_end_to_end_encryption', 'wtls', - 'ip_sec', 'pstn', 'isdn', 'adsl', 'extension']) - - def __init__(self, - http=None, - ssl=None, - mobile_network_no_encryption=None, - mobile_network_radio_encryption=None, - mobile_network_end_to_end_encryption=None, - wtls=None, - ip_sec=None, - pstn=None, - isdn=None, - adsl=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}HTTP"] = ("http", HTTP) + c_cardinality["http"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SSL"] = ("ssl", SSL) + c_cardinality["ssl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}MobileNetworkNoEncryption"] = ( + "mobile_network_no_encryption", + MobileNetworkNoEncryption, + ) + c_cardinality["mobile_network_no_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}MobileNetworkRadioEncryption"] = ( + "mobile_network_radio_encryption", + MobileNetworkRadioEncryption, + ) + c_cardinality["mobile_network_radio_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}MobileNetworkEndToEndEncryption"] = ( + "mobile_network_end_to_end_encryption", + MobileNetworkEndToEndEncryption, + ) + c_cardinality["mobile_network_end_to_end_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}WTLS"] = ("wtls", WTLS) + c_cardinality["wtls"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}IPSec"] = ("ip_sec", IPSec) + c_cardinality["ip_sec"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PSTN"] = ("pstn", PSTN) + c_cardinality["pstn"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ISDN"] = ("isdn", ISDN) + c_cardinality["isdn"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ADSL"] = ("adsl", ADSL) + c_cardinality["adsl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + [ + "http", + "ssl", + "mobile_network_no_encryption", + "mobile_network_radio_encryption", + "mobile_network_end_to_end_encryption", + "wtls", + "ip_sec", + "pstn", + "isdn", + "adsl", + "extension", + ] + ) + + def __init__( + self, + http=None, + ssl=None, + mobile_network_no_encryption=None, + mobile_network_radio_encryption=None, + mobile_network_end_to_end_encryption=None, + wtls=None, + ip_sec=None, + pstn=None, + isdn=None, + adsl=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.http = http self.ssl = ssl @@ -1543,14 +1575,13 @@ def __init__(self, def authenticator_transport_protocol_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - AuthenticatorTransportProtocolType_, xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocolType_, xml_string) class RestrictedPassword(RestrictedPasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:RestrictedPassword element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:RestrictedPassword element""" - c_tag = 'RestrictedPassword' + c_tag = "RestrictedPassword" c_namespace = NAMESPACE c_children = RestrictedPasswordType_.c_children.copy() c_attributes = RestrictedPasswordType_.c_attributes.copy() @@ -1563,51 +1594,51 @@ def restricted_password_from_string(xml_string): class ActivationPinType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationPinType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationPinType element""" - c_tag = 'ActivationPinType' + c_tag = "ActivationPinType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimit'] = ( - 'activation_limit', ActivationLimit) - c_cardinality['activation_limit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['length', 'alphabet', 'generation', 'activation_limit', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - activation_limit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationLimit"] = ( + "activation_limit", + ActivationLimit, + ) + c_cardinality["activation_limit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["length", "alphabet", "generation", "activation_limit", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + activation_limit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -1621,35 +1652,39 @@ def activation_pin_type__from_string(xml_string): class SecurityAuditType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecurityAuditType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecurityAuditType element""" - c_tag = 'SecurityAuditType' + c_tag = "SecurityAuditType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SwitchAudit'] = ( - 'switch_audit', SwitchAudit) - c_cardinality['switch_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['switch_audit', 'extension']) - - def __init__(self, - switch_audit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SwitchAudit"] = ( + "switch_audit", + SwitchAudit, + ) + c_cardinality["switch_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["switch_audit", "extension"]) + + def __init__( + self, + switch_audit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.switch_audit = switch_audit self.extension = extension or [] @@ -1660,38 +1695,37 @@ def security_audit_type__from_string(xml_string): class AuthenticatorBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticatorBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticatorBaseType element""" - c_tag = 'AuthenticatorBaseType' + c_tag = "AuthenticatorBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Password'] = ( - 'password', Password) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}IPAddress'] = ( - 'ip_address', IPAddress) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['password', 'ip_address', 'extension']) - - def __init__(self, - password=None, - ip_address=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Password"] = ("password", Password) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}IPAddress"] = ("ip_address", IPAddress) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["password", "ip_address", "extension"]) + + def __init__( + self, + password=None, + ip_address=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.password = password self.ip_address = ip_address @@ -1699,14 +1733,13 @@ def __init__(self, def authenticator_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorBaseType_, xml_string) class Identification(IdentificationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Identification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Identification element""" - c_tag = 'Identification' + c_tag = "Identification" c_namespace = NAMESPACE c_children = IdentificationType_.c_children.copy() c_attributes = IdentificationType_.c_attributes.copy() @@ -1719,9 +1752,9 @@ def identification_from_string(xml_string): class ActivationPin(ActivationPinType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationPin element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ActivationPin element""" - c_tag = 'ActivationPin' + c_tag = "ActivationPin" c_namespace = NAMESPACE c_children = ActivationPinType_.c_children.copy() c_attributes = ActivationPinType_.c_attributes.copy() @@ -1734,9 +1767,9 @@ def activation_pin_from_string(xml_string): class Authenticator(AuthenticatorBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Authenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:Authenticator element""" - c_tag = 'Authenticator' + c_tag = "Authenticator" c_namespace = NAMESPACE c_children = AuthenticatorBaseType_.c_children.copy() c_attributes = AuthenticatorBaseType_.c_attributes.copy() @@ -1749,9 +1782,9 @@ def authenticator_from_string(xml_string): class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticatorTransportProtocol element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticatorTransportProtocol element""" - c_tag = 'AuthenticatorTransportProtocol' + c_tag = "AuthenticatorTransportProtocol" c_namespace = NAMESPACE c_children = AuthenticatorTransportProtocolType_.c_children.copy() c_attributes = AuthenticatorTransportProtocolType_.c_attributes.copy() @@ -1760,14 +1793,13 @@ class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): def authenticator_transport_protocol_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, xml_string) class SecurityAudit(SecurityAuditType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecurityAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecurityAudit element""" - c_tag = 'SecurityAudit' + c_tag = "SecurityAudit" c_namespace = NAMESPACE c_children = SecurityAuditType_.c_children.copy() c_attributes = SecurityAuditType_.c_attributes.copy() @@ -1780,41 +1812,45 @@ def security_audit_from_string(xml_string): class OperationalProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:OperationalProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:OperationalProtectionType element""" - c_tag = 'OperationalProtectionType' + c_tag = "OperationalProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SecurityAudit'] = ( - 'security_audit', SecurityAudit) - c_cardinality['security_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}DeactivationCallCenter'] = ( - 'deactivation_call_center', DeactivationCallCenter) - c_cardinality['deactivation_call_center'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['security_audit', 'deactivation_call_center', 'extension']) - - def __init__(self, - security_audit=None, - deactivation_call_center=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SecurityAudit"] = ( + "security_audit", + SecurityAudit, + ) + c_cardinality["security_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}DeactivationCallCenter"] = ( + "deactivation_call_center", + DeactivationCallCenter, + ) + c_cardinality["deactivation_call_center"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["security_audit", "deactivation_call_center", "extension"]) + + def __init__( + self, + security_audit=None, + deactivation_call_center=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.security_audit = security_audit self.deactivation_call_center = deactivation_call_center @@ -1822,64 +1858,60 @@ def __init__(self, def operational_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(OperationalProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(OperationalProtectionType_, xml_string) class PrincipalAuthenticationMechanismType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrincipalAuthenticationMechanismType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrincipalAuthenticationMechanismType element""" - c_tag = 'PrincipalAuthenticationMechanismType' + c_tag = "PrincipalAuthenticationMechanismType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Token'] = ( - 'token', Token) - c_cardinality['token'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Smartcard'] = ( - 'smartcard', Smartcard) - c_cardinality['smartcard'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['preauth'] = ('preauth', 'integer', False) - c_child_order.extend( - ['password', 'restricted_password', 'token', 'smartcard', - 'activation_pin', 'extension']) - - def __init__(self, - password=None, - restricted_password=None, - token=None, - smartcard=None, - activation_pin=None, - extension=None, - preauth=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Token"] = ("token", Token) + c_cardinality["token"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Smartcard"] = ("smartcard", Smartcard) + c_cardinality["smartcard"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationPin"] = ( + "activation_pin", + ActivationPin, + ) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["preauth"] = ("preauth", "integer", False) + c_child_order.extend(["password", "restricted_password", "token", "smartcard", "activation_pin", "extension"]) + + def __init__( + self, + password=None, + restricted_password=None, + token=None, + smartcard=None, + activation_pin=None, + extension=None, + preauth=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.password = password self.restricted_password = restricted_password @@ -1891,41 +1923,43 @@ def __init__(self, def principal_authentication_mechanism_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - PrincipalAuthenticationMechanismType_, xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanismType_, xml_string) class KeyActivationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyActivationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyActivationType element""" - c_tag = 'KeyActivationType' + c_tag = "KeyActivationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword' \ - '}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['activation_pin', 'extension']) - - def __init__(self, - activation_pin=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ActivationPin"] = ( + "activation_pin", + ActivationPin, + ) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword" "}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["activation_pin", "extension"]) + + def __init__( + self, + activation_pin=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_pin = activation_pin self.extension = extension or [] @@ -1936,9 +1970,9 @@ def key_activation_type__from_string(xml_string): class KeyActivation(KeyActivationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyActivation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:KeyActivation element""" - c_tag = 'KeyActivation' + c_tag = "KeyActivation" c_namespace = NAMESPACE c_children = KeyActivationType_.c_children.copy() c_attributes = KeyActivationType_.c_attributes.copy() @@ -1951,9 +1985,9 @@ def key_activation_from_string(xml_string): class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrincipalAuthenticationMechanism element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrincipalAuthenticationMechanism element""" - c_tag = 'PrincipalAuthenticationMechanism' + c_tag = "PrincipalAuthenticationMechanism" c_namespace = NAMESPACE c_children = PrincipalAuthenticationMechanismType_.c_children.copy() c_attributes = PrincipalAuthenticationMechanismType_.c_attributes.copy() @@ -1962,14 +1996,13 @@ class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): def principal_authentication_mechanism_from_string(xml_string): - return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, - xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, xml_string) class OperationalProtection(OperationalProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:OperationalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:OperationalProtection element""" - c_tag = 'OperationalProtection' + c_tag = "OperationalProtection" c_namespace = NAMESPACE c_children = OperationalProtectionType_.c_children.copy() c_attributes = OperationalProtectionType_.c_attributes.copy() @@ -1982,46 +2015,51 @@ def operational_protection_from_string(xml_string): class PrivateKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrivateKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrivateKeyProtectionType element""" - c_tag = 'PrivateKeyProtectionType' + c_tag = "PrivateKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeySharing'] = ( - 'key_sharing', KeySharing) - c_cardinality['key_sharing'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['key_activation', 'key_storage', 'key_sharing', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - key_sharing=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyStorage"] = ( + "key_storage", + KeyStorage, + ) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeySharing"] = ( + "key_sharing", + KeySharing, + ) + c_cardinality["key_sharing"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "key_sharing", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + key_sharing=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -2030,45 +2068,49 @@ def __init__(self, def private_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, xml_string) class SecretKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecretKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecretKeyProtectionType element""" - c_tag = 'SecretKeyProtectionType' + c_tag = "SecretKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['key_activation', 'key_storage', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}KeyStorage"] = ( + "key_storage", + KeyStorage, + ) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -2076,51 +2118,56 @@ def __init__(self, def secret_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SecretKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(SecretKeyProtectionType_, xml_string) class AuthnMethodBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthnMethodBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthnMethodBaseType element""" - c_tag = 'AuthnMethodBaseType' + c_tag = "AuthnMethodBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PrincipalAuthenticationMechanism'] = ( - 'principal_authentication_mechanism', PrincipalAuthenticationMechanism) - c_cardinality['principal_authentication_mechanism'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Authenticator'] = ( - 'authenticator', Authenticator) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AuthenticatorTransportProtocol'] = ( - 'authenticator_transport_protocol', AuthenticatorTransportProtocol) - c_cardinality['authenticator_transport_protocol'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword' \ - '}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['principal_authentication_mechanism', 'authenticator', - 'authenticator_transport_protocol', 'extension']) - - def __init__(self, - principal_authentication_mechanism=None, - authenticator=None, - authenticator_transport_protocol=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PrincipalAuthenticationMechanism"] = ( + "principal_authentication_mechanism", + PrincipalAuthenticationMechanism, + ) + c_cardinality["principal_authentication_mechanism"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Authenticator"] = ( + "authenticator", + Authenticator, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AuthenticatorTransportProtocol"] = ( + "authenticator_transport_protocol", + AuthenticatorTransportProtocol, + ) + c_cardinality["authenticator_transport_protocol"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword" "}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + ["principal_authentication_mechanism", "authenticator", "authenticator_transport_protocol", "extension"] + ) + + def __init__( + self, + principal_authentication_mechanism=None, + authenticator=None, + authenticator_transport_protocol=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.principal_authentication_mechanism = principal_authentication_mechanism self.authenticator = authenticator @@ -2133,9 +2180,9 @@ def authn_method_base_type__from_string(xml_string): class SecretKeyProtection(SecretKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecretKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:SecretKeyProtection element""" - c_tag = 'SecretKeyProtection' + c_tag = "SecretKeyProtection" c_namespace = NAMESPACE c_children = SecretKeyProtectionType_.c_children.copy() c_attributes = SecretKeyProtectionType_.c_attributes.copy() @@ -2148,9 +2195,9 @@ def secret_key_protection_from_string(xml_string): class PrivateKeyProtection(PrivateKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrivateKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:PrivateKeyProtection element""" - c_tag = 'PrivateKeyProtection' + c_tag = "PrivateKeyProtection" c_namespace = NAMESPACE c_children = PrivateKeyProtectionType_.c_children.copy() c_attributes = PrivateKeyProtectionType_.c_attributes.copy() @@ -2163,9 +2210,9 @@ def private_key_protection_from_string(xml_string): class AuthnMethod(AuthnMethodBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthnMethod element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthnMethod element""" - c_tag = 'AuthnMethod' + c_tag = "AuthnMethod" c_namespace = NAMESPACE c_children = AuthnMethodBaseType_.c_children.copy() c_attributes = AuthnMethodBaseType_.c_attributes.copy() @@ -2178,41 +2225,45 @@ def authn_method_from_string(xml_string): class TechnicalProtectionBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TechnicalProtectionBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TechnicalProtectionBaseType element""" - c_tag = 'TechnicalProtectionBaseType' + c_tag = "TechnicalProtectionBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PrivateKeyProtection'] = ( - 'private_key_protection', PrivateKeyProtection) - c_cardinality['private_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SecretKeyProtection'] = ( - 'secret_key_protection', SecretKeyProtection) - c_cardinality['secret_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['private_key_protection', 'secret_key_protection', 'extension']) - - def __init__(self, - private_key_protection=None, - secret_key_protection=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PrivateKeyProtection"] = ( + "private_key_protection", + PrivateKeyProtection, + ) + c_cardinality["private_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SecretKeyProtection"] = ( + "secret_key_protection", + SecretKeyProtection, + ) + c_cardinality["secret_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["private_key_protection", "secret_key_protection", "extension"]) + + def __init__( + self, + private_key_protection=None, + secret_key_protection=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.private_key_protection = private_key_protection self.secret_key_protection = secret_key_protection @@ -2220,14 +2271,13 @@ def __init__(self, def technical_protection_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, - xml_string) + return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, xml_string) class TechnicalProtection(TechnicalProtectionBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TechnicalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:TechnicalProtection element""" - c_tag = 'TechnicalProtection' + c_tag = "TechnicalProtection" c_namespace = NAMESPACE c_children = TechnicalProtectionBaseType_.c_children.copy() c_attributes = TechnicalProtectionBaseType_.c_attributes.copy() @@ -2240,58 +2290,73 @@ def technical_protection_from_string(xml_string): class AuthnContextDeclarationBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthnContextDeclarationBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthnContextDeclarationBaseType element""" - c_tag = 'AuthnContextDeclarationBaseType' + c_tag = "AuthnContextDeclarationBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Identification'] = ( - 'identification', Identification) - c_cardinality['identification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}TechnicalProtection'] = ( - 'technical_protection', TechnicalProtection) - c_cardinality['technical_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}OperationalProtection'] = ( - 'operational_protection', OperationalProtection) - c_cardinality['operational_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AuthnMethod'] = ( - 'authn_method', AuthnMethod) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ID'] = ('id', 'ID', False) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Identification"] = ( + "identification", + Identification, + ) + c_cardinality["identification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}TechnicalProtection"] = ( + "technical_protection", + TechnicalProtection, + ) + c_cardinality["technical_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}OperationalProtection"] = ( + "operational_protection", + OperationalProtection, + ) + c_cardinality["operational_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AuthnMethod"] = ( + "authn_method", + AuthnMethod, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["ID"] = ("id", "ID", False) c_child_order.extend( - ['identification', 'technical_protection', 'operational_protection', - 'authn_method', 'governing_agreements', 'extension']) - - def __init__(self, - identification=None, - technical_protection=None, - operational_protection=None, - authn_method=None, - governing_agreements=None, - extension=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "identification", + "technical_protection", + "operational_protection", + "authn_method", + "governing_agreements", + "extension", + ] + ) + + def __init__( + self, + identification=None, + technical_protection=None, + operational_protection=None, + authn_method=None, + governing_agreements=None, + extension=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.identification = identification self.technical_protection = technical_protection @@ -2303,14 +2368,13 @@ def __init__(self, def authn_context_declaration_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, xml_string) class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticationContextDeclaration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:AuthenticationContextDeclaration element""" - c_tag = 'AuthenticationContextDeclaration' + c_tag = "AuthenticationContextDeclaration" c_namespace = NAMESPACE c_children = AuthnContextDeclarationBaseType_.c_children.copy() c_attributes = AuthnContextDeclarationBaseType_.c_attributes.copy() @@ -2319,110 +2383,128 @@ class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): def authentication_context_declaration_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, - xml_string) + return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, xml_string) -#.................. +# .................. # ['ComplexAuthenticator', 'ComplexAuthenticatorType'] class ComplexAuthenticatorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ComplexAuthenticatorType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ComplexAuthenticatorType element""" - c_tag = 'ComplexAuthenticatorType' + c_tag = "ComplexAuthenticatorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PreviousSession'] = ( - 'previous_session', PreviousSession) - c_cardinality['previous_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ResumeSession'] = ( - 'resume_session', ResumeSession) - c_cardinality['resume_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}DigSig'] = ( - 'dig_sig', DigSig) - c_cardinality['dig_sig'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ZeroKnowledge'] = ( - 'zero_knowledge', ZeroKnowledge) - c_cardinality['zero_knowledge'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}IPAddress'] = ( - 'ip_address', IPAddress) - c_cardinality['ip_address'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AsymmetricDecryption'] = ( - 'asymmetric_decryption', AsymmetricDecryption) - c_cardinality['asymmetric_decryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AsymmetricKeyAgreement'] = ( - 'asymmetric_key_agreement', AsymmetricKeyAgreement) - c_cardinality['asymmetric_key_agreement'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SubscriberLineNumber'] = ( - 'subscriber_line_number', SubscriberLineNumber) - c_cardinality['subscriber_line_number'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}UserSuffix'] = ( - 'user_suffix', UserSuffix) - c_cardinality['user_suffix'] = {"min": 0, "max": 1} - c_cardinality['complex_authenticator'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}PreviousSession"] = ( + "previous_session", + PreviousSession, + ) + c_cardinality["previous_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ResumeSession"] = ( + "resume_session", + ResumeSession, + ) + c_cardinality["resume_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}DigSig"] = ("dig_sig", DigSig) + c_cardinality["dig_sig"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ZeroKnowledge"] = ( + "zero_knowledge", + ZeroKnowledge, + ) + c_cardinality["zero_knowledge"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}IPAddress"] = ("ip_address", IPAddress) + c_cardinality["ip_address"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AsymmetricDecryption"] = ( + "asymmetric_decryption", + AsymmetricDecryption, + ) + c_cardinality["asymmetric_decryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}AsymmetricKeyAgreement"] = ( + "asymmetric_key_agreement", + AsymmetricKeyAgreement, + ) + c_cardinality["asymmetric_key_agreement"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}SubscriberLineNumber"] = ( + "subscriber_line_number", + SubscriberLineNumber, + ) + c_cardinality["subscriber_line_number"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}UserSuffix"] = ( + "user_suffix", + UserSuffix, + ) + c_cardinality["user_suffix"] = {"min": 0, "max": 1} + c_cardinality["complex_authenticator"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} c_child_order.extend( - ['previous_session', 'resume_session', 'dig_sig', 'password', - 'restricted_password', 'zero_knowledge', - 'shared_secret_challenge_response', 'shared_secret_dynamic_plaintext', - 'ip_address', 'asymmetric_decryption', 'asymmetric_key_agreement', - 'subscriber_line_number', 'user_suffix', 'complex_authenticator', - 'extension']) - - def __init__(self, - previous_session=None, - resume_session=None, - dig_sig=None, - password=None, - restricted_password=None, - zero_knowledge=None, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - ip_address=None, - asymmetric_decryption=None, - asymmetric_key_agreement=None, - subscriber_line_number=None, - user_suffix=None, - complex_authenticator=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "previous_session", + "resume_session", + "dig_sig", + "password", + "restricted_password", + "zero_knowledge", + "shared_secret_challenge_response", + "shared_secret_dynamic_plaintext", + "ip_address", + "asymmetric_decryption", + "asymmetric_key_agreement", + "subscriber_line_number", + "user_suffix", + "complex_authenticator", + "extension", + ] + ) + + def __init__( + self, + previous_session=None, + resume_session=None, + dig_sig=None, + password=None, + restricted_password=None, + zero_knowledge=None, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + ip_address=None, + asymmetric_decryption=None, + asymmetric_key_agreement=None, + subscriber_line_number=None, + user_suffix=None, + complex_authenticator=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.previous_session = previous_session self.resume_session = resume_session @@ -2442,14 +2524,13 @@ def __init__(self, def complex_authenticator_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, - xml_string) + return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, xml_string) class ComplexAuthenticator(ComplexAuthenticatorType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ComplexAuthenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword:ComplexAuthenticator element""" - c_tag = 'ComplexAuthenticator' + c_tag = "ComplexAuthenticator" c_namespace = NAMESPACE c_children = ComplexAuthenticatorType_.c_children.copy() c_attributes = ComplexAuthenticatorType_.c_attributes.copy() @@ -2463,11 +2544,11 @@ def complex_authenticator_from_string(xml_string): # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ComplexAuthenticatorType_.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) + "{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ComplexAuthenticator" +] = ("complex_authenticator", ComplexAuthenticator) ComplexAuthenticator.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) + "{urn:oasis:names:tc:SAML:2.0:ac:classes:InternetProtocolPassword}ComplexAuthenticator" +] = ("complex_authenticator", ComplexAuthenticator) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ELEMENT_FROM_STRING = { @@ -2567,102 +2648,101 @@ def complex_authenticator_from_string(xml_string): } ELEMENT_BY_TAG = { - 'AuthenticationContextDeclaration': AuthenticationContextDeclaration, - 'Identification': Identification, - 'PhysicalVerification': PhysicalVerification, - 'WrittenConsent': WrittenConsent, - 'TechnicalProtection': TechnicalProtection, - 'SecretKeyProtection': SecretKeyProtection, - 'PrivateKeyProtection': PrivateKeyProtection, - 'KeyActivation': KeyActivation, - 'KeySharing': KeySharing, - 'KeyStorage': KeyStorage, - 'SubscriberLineNumber': SubscriberLineNumber, - 'UserSuffix': UserSuffix, - 'Password': Password, - 'ActivationPin': ActivationPin, - 'Token': Token, - 'TimeSyncToken': TimeSyncToken, - 'Smartcard': Smartcard, - 'Length': Length, - 'ActivationLimit': ActivationLimit, - 'Generation': Generation, - 'AuthnMethod': AuthnMethod, - 'PrincipalAuthenticationMechanism': PrincipalAuthenticationMechanism, - 'Authenticator': Authenticator, - 'ComplexAuthenticator': ComplexAuthenticator, - 'PreviousSession': PreviousSession, - 'ResumeSession': ResumeSession, - 'ZeroKnowledge': ZeroKnowledge, - 'SharedSecretChallengeResponse': SharedSecretChallengeResponse, - 'SharedSecretChallengeResponseType': SharedSecretChallengeResponseType_, - 'DigSig': DigSig, - 'AsymmetricDecryption': AsymmetricDecryption, - 'AsymmetricKeyAgreement': AsymmetricKeyAgreement, - 'PublicKeyType': PublicKeyType_, - 'IPAddress': IPAddress, - 'SharedSecretDynamicPlaintext': SharedSecretDynamicPlaintext, - 'AuthenticatorTransportProtocol': AuthenticatorTransportProtocol, - 'HTTP': HTTP, - 'IPSec': IPSec, - 'WTLS': WTLS, - 'MobileNetworkNoEncryption': MobileNetworkNoEncryption, - 'MobileNetworkRadioEncryption': MobileNetworkRadioEncryption, - 'MobileNetworkEndToEndEncryption': MobileNetworkEndToEndEncryption, - 'SSL': SSL, - 'PSTN': PSTN, - 'ISDN': ISDN, - 'ADSL': ADSL, - 'OperationalProtection': OperationalProtection, - 'SecurityAudit': SecurityAudit, - 'SwitchAudit': SwitchAudit, - 'DeactivationCallCenter': DeactivationCallCenter, - 'GoverningAgreements': GoverningAgreements, - 'GoverningAgreementRef': GoverningAgreementRef, - 'nymType': NymType_, - 'IdentificationType': IdentificationType_, - 'TechnicalProtectionBaseType': TechnicalProtectionBaseType_, - 'OperationalProtectionType': OperationalProtectionType_, - 'GoverningAgreementsType': GoverningAgreementsType_, - 'GoverningAgreementRefType': GoverningAgreementRefType_, - 'PrincipalAuthenticationMechanismType': PrincipalAuthenticationMechanismType_, - 'ComplexAuthenticatorType': ComplexAuthenticatorType_, - 'AuthenticatorTransportProtocolType': AuthenticatorTransportProtocolType_, - 'KeyActivationType': KeyActivationType_, - 'KeySharingType': KeySharingType_, - 'PrivateKeyProtectionType': PrivateKeyProtectionType_, - 'PasswordType': PasswordType_, - 'RestrictedPassword': RestrictedPassword, - 'RestrictedPasswordType': RestrictedPasswordType_, - 'RestrictedLengthType': RestrictedLengthType_, - 'ActivationPinType': ActivationPinType_, - 'Alphabet': Alphabet, - 'AlphabetType': AlphabetType_, - 'TokenType': TokenType_, - 'DeviceTypeType': DeviceTypeType_, - 'booleanType': BooleanType_, - 'TimeSyncTokenType': TimeSyncTokenType_, - 'ActivationLimitType': ActivationLimitType_, - 'ActivationLimitDuration': ActivationLimitDuration, - 'ActivationLimitUsages': ActivationLimitUsages, - 'ActivationLimitSession': ActivationLimitSession, - 'ActivationLimitDurationType': ActivationLimitDurationType_, - 'ActivationLimitUsagesType': ActivationLimitUsagesType_, - 'ActivationLimitSessionType': ActivationLimitSessionType_, - 'LengthType': LengthType_, - 'mediumType': MediumType_, - 'KeyStorageType': KeyStorageType_, - 'SecretKeyProtectionType': SecretKeyProtectionType_, - 'SecurityAuditType': SecurityAuditType_, - 'ExtensionOnlyType': ExtensionOnlyType_, - 'Extension': Extension, - 'ExtensionType': ExtensionType_, - 'AuthnContextDeclarationBaseType': AuthnContextDeclarationBaseType_, - 'AuthnMethodBaseType': AuthnMethodBaseType_, - 'AuthenticatorBaseType': AuthenticatorBaseType_, + "AuthenticationContextDeclaration": AuthenticationContextDeclaration, + "Identification": Identification, + "PhysicalVerification": PhysicalVerification, + "WrittenConsent": WrittenConsent, + "TechnicalProtection": TechnicalProtection, + "SecretKeyProtection": SecretKeyProtection, + "PrivateKeyProtection": PrivateKeyProtection, + "KeyActivation": KeyActivation, + "KeySharing": KeySharing, + "KeyStorage": KeyStorage, + "SubscriberLineNumber": SubscriberLineNumber, + "UserSuffix": UserSuffix, + "Password": Password, + "ActivationPin": ActivationPin, + "Token": Token, + "TimeSyncToken": TimeSyncToken, + "Smartcard": Smartcard, + "Length": Length, + "ActivationLimit": ActivationLimit, + "Generation": Generation, + "AuthnMethod": AuthnMethod, + "PrincipalAuthenticationMechanism": PrincipalAuthenticationMechanism, + "Authenticator": Authenticator, + "ComplexAuthenticator": ComplexAuthenticator, + "PreviousSession": PreviousSession, + "ResumeSession": ResumeSession, + "ZeroKnowledge": ZeroKnowledge, + "SharedSecretChallengeResponse": SharedSecretChallengeResponse, + "SharedSecretChallengeResponseType": SharedSecretChallengeResponseType_, + "DigSig": DigSig, + "AsymmetricDecryption": AsymmetricDecryption, + "AsymmetricKeyAgreement": AsymmetricKeyAgreement, + "PublicKeyType": PublicKeyType_, + "IPAddress": IPAddress, + "SharedSecretDynamicPlaintext": SharedSecretDynamicPlaintext, + "AuthenticatorTransportProtocol": AuthenticatorTransportProtocol, + "HTTP": HTTP, + "IPSec": IPSec, + "WTLS": WTLS, + "MobileNetworkNoEncryption": MobileNetworkNoEncryption, + "MobileNetworkRadioEncryption": MobileNetworkRadioEncryption, + "MobileNetworkEndToEndEncryption": MobileNetworkEndToEndEncryption, + "SSL": SSL, + "PSTN": PSTN, + "ISDN": ISDN, + "ADSL": ADSL, + "OperationalProtection": OperationalProtection, + "SecurityAudit": SecurityAudit, + "SwitchAudit": SwitchAudit, + "DeactivationCallCenter": DeactivationCallCenter, + "GoverningAgreements": GoverningAgreements, + "GoverningAgreementRef": GoverningAgreementRef, + "nymType": NymType_, + "IdentificationType": IdentificationType_, + "TechnicalProtectionBaseType": TechnicalProtectionBaseType_, + "OperationalProtectionType": OperationalProtectionType_, + "GoverningAgreementsType": GoverningAgreementsType_, + "GoverningAgreementRefType": GoverningAgreementRefType_, + "PrincipalAuthenticationMechanismType": PrincipalAuthenticationMechanismType_, + "ComplexAuthenticatorType": ComplexAuthenticatorType_, + "AuthenticatorTransportProtocolType": AuthenticatorTransportProtocolType_, + "KeyActivationType": KeyActivationType_, + "KeySharingType": KeySharingType_, + "PrivateKeyProtectionType": PrivateKeyProtectionType_, + "PasswordType": PasswordType_, + "RestrictedPassword": RestrictedPassword, + "RestrictedPasswordType": RestrictedPasswordType_, + "RestrictedLengthType": RestrictedLengthType_, + "ActivationPinType": ActivationPinType_, + "Alphabet": Alphabet, + "AlphabetType": AlphabetType_, + "TokenType": TokenType_, + "DeviceTypeType": DeviceTypeType_, + "booleanType": BooleanType_, + "TimeSyncTokenType": TimeSyncTokenType_, + "ActivationLimitType": ActivationLimitType_, + "ActivationLimitDuration": ActivationLimitDuration, + "ActivationLimitUsages": ActivationLimitUsages, + "ActivationLimitSession": ActivationLimitSession, + "ActivationLimitDurationType": ActivationLimitDurationType_, + "ActivationLimitUsagesType": ActivationLimitUsagesType_, + "ActivationLimitSessionType": ActivationLimitSessionType_, + "LengthType": LengthType_, + "mediumType": MediumType_, + "KeyStorageType": KeyStorageType_, + "SecretKeyProtectionType": SecretKeyProtectionType_, + "SecurityAuditType": SecurityAuditType_, + "ExtensionOnlyType": ExtensionOnlyType_, + "Extension": Extension, + "ExtensionType": ExtensionType_, + "AuthnContextDeclarationBaseType": AuthnContextDeclarationBaseType_, + "AuthnMethodBaseType": AuthnMethodBaseType_, + "AuthenticatorBaseType": AuthenticatorBaseType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/authn_context/mobiletwofactor.py b/src/saml2/authn_context/mobiletwofactor.py index af0337420..50c40c61a 100644 --- a/src/saml2/authn_context/mobiletwofactor.py +++ b/src/saml2/authn_context/mobiletwofactor.py @@ -15,30 +15,32 @@ from saml2 import SamlBase -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract" class PhysicalVerification(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PhysicalVerification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PhysicalVerification element""" - c_tag = 'PhysicalVerification' + c_tag = "PhysicalVerification" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['credentialLevel'] = ('credential_level', 'None', False) - - def __init__(self, - credential_level=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["credentialLevel"] = ("credential_level", "None", False) + + def __init__( + self, + credential_level=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.credential_level = credential_level @@ -48,26 +50,28 @@ def physical_verification_from_string(xml_string): class Generation(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Generation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Generation element""" - c_tag = 'Generation' + c_tag = "Generation" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['mechanism'] = ('mechanism', 'None', True) - - def __init__(self, - mechanism=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["mechanism"] = ("mechanism", "None", True) + + def __init__( + self, + mechanism=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.mechanism = mechanism @@ -77,12 +81,11 @@ def generation_from_string(xml_string): class NymType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:nymType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:nymType element""" - c_tag = 'nymType' + c_tag = "nymType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['anonymity', 'verinymity', 'pseudonymity']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["anonymity", "verinymity", "pseudonymity"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -94,57 +97,59 @@ def nym_type__from_string(xml_string): class GoverningAgreementRefType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreementRefType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreementRefType element""" - c_tag = 'GoverningAgreementRefType' + c_tag = "GoverningAgreementRefType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['governingAgreementRef'] = ( - 'governing_agreement_ref', 'anyURI', True) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["governingAgreementRef"] = ("governing_agreement_ref", "anyURI", True) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref def governing_agreement_ref_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementRefType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementRefType_, xml_string) class KeySharingType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeySharingType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeySharingType element""" - c_tag = 'KeySharingType' + c_tag = "KeySharingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['sharing'] = ('sharing', 'boolean', True) - - def __init__(self, - sharing=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["sharing"] = ("sharing", "boolean", True) + + def __init__( + self, + sharing=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.sharing = sharing @@ -154,28 +159,30 @@ def key_sharing_type__from_string(xml_string): class RestrictedLengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:RestrictedLengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:RestrictedLengthType element""" - c_tag = 'RestrictedLengthType' + c_tag = "RestrictedLengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'None', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "None", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -186,30 +193,32 @@ def restricted_length_type__from_string(xml_string): class AlphabetType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AlphabetType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AlphabetType element""" - c_tag = 'AlphabetType' + c_tag = "AlphabetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['requiredChars'] = ('required_chars', 'string', True) - c_attributes['excludedChars'] = ('excluded_chars', 'string', False) - c_attributes['case'] = ('case', 'string', False) - - def __init__(self, - required_chars=None, - excluded_chars=None, - case=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["requiredChars"] = ("required_chars", "string", True) + c_attributes["excludedChars"] = ("excluded_chars", "string", False) + c_attributes["case"] = ("case", "string", False) + + def __init__( + self, + required_chars=None, + excluded_chars=None, + case=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.required_chars = required_chars self.excluded_chars = excluded_chars @@ -221,12 +230,11 @@ def alphabet_type__from_string(xml_string): class DeviceTypeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:DeviceTypeType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:DeviceTypeType element""" - c_tag = 'DeviceTypeType' + c_tag = "DeviceTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['hardware', 'software']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["hardware", "software"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -238,11 +246,11 @@ def device_type_type__from_string(xml_string): class BooleanType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:booleanType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:booleanType element""" - c_tag = 'booleanType' + c_tag = "booleanType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', 'enumeration': ['true', 'false']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["true", "false"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -254,30 +262,32 @@ def boolean_type__from_string(xml_string): class TimeSyncTokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TimeSyncTokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TimeSyncTokenType element""" - c_tag = 'TimeSyncTokenType' + c_tag = "TimeSyncTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['DeviceType'] = ('device_type', DeviceTypeType_, True) - c_attributes['SeedLength'] = ('seed_length', 'integer', True) - c_attributes['DeviceInHand'] = ('device_in_hand', BooleanType_, True) - - def __init__(self, - device_type=None, - seed_length=None, - device_in_hand=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["DeviceType"] = ("device_type", DeviceTypeType_, True) + c_attributes["SeedLength"] = ("seed_length", "integer", True) + c_attributes["DeviceInHand"] = ("device_in_hand", BooleanType_, True) + + def __init__( + self, + device_type=None, + seed_length=None, + device_in_hand=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.device_type = device_type self.seed_length = seed_length @@ -289,69 +299,71 @@ def time_sync_token_type__from_string(xml_string): class ActivationLimitDurationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitDurationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitDurationType element""" - c_tag = 'ActivationLimitDurationType' + c_tag = "ActivationLimitDurationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['duration'] = ('duration', 'duration', True) - - def __init__(self, - duration=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["duration"] = ("duration", "duration", True) + + def __init__( + self, + duration=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.duration = duration def activation_limit_duration_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDurationType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDurationType_, xml_string) class ActivationLimitUsagesType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitUsagesType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitUsagesType element""" - c_tag = 'ActivationLimitUsagesType' + c_tag = "ActivationLimitUsagesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['number'] = ('number', 'integer', True) - - def __init__(self, - number=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["number"] = ("number", "integer", True) + + def __init__( + self, + number=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.number = number def activation_limit_usages_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, xml_string) class ActivationLimitSessionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitSessionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitSessionType element""" - c_tag = 'ActivationLimitSessionType' + c_tag = "ActivationLimitSessionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -360,33 +372,34 @@ class ActivationLimitSessionType_(SamlBase): def activation_limit_session_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSessionType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSessionType_, xml_string) class LengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:LengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:LengthType element""" - c_tag = 'LengthType' + c_tag = "LengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'integer', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "integer", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -397,13 +410,14 @@ def length_type__from_string(xml_string): class MediumType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:mediumType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:mediumType element""" - c_tag = 'mediumType' + c_tag = "mediumType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['memory', 'smartcard', 'token', - 'MobileDevice', 'MobileAuthCard']} + c_value_type = { + "base": "xs:NMTOKEN", + "enumeration": ["memory", "smartcard", "token", "MobileDevice", "MobileAuthCard"], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -415,9 +429,9 @@ def medium_type__from_string(xml_string): class ExtensionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ExtensionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ExtensionType element""" - c_tag = 'ExtensionType' + c_tag = "ExtensionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -430,26 +444,28 @@ def extension_type__from_string(xml_string): class KeyStorageType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyStorageType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyStorageType element""" - c_tag = 'KeyStorageType' + c_tag = "KeyStorageType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['medium'] = ('medium', 'None', True) - - def __init__(self, - medium=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["medium"] = ("medium", "None", True) + + def __init__( + self, + medium=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.medium = medium @@ -459,9 +475,9 @@ def key_storage_type__from_string(xml_string): class KeySharing(KeySharingType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeySharing element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeySharing element""" - c_tag = 'KeySharing' + c_tag = "KeySharing" c_namespace = NAMESPACE c_children = KeySharingType_.c_children.copy() c_attributes = KeySharingType_.c_attributes.copy() @@ -474,9 +490,9 @@ def key_sharing_from_string(xml_string): class KeyStorage(KeyStorageType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyStorage element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyStorage element""" - c_tag = 'KeyStorage' + c_tag = "KeyStorage" c_namespace = NAMESPACE c_children = KeyStorageType_.c_children.copy() c_attributes = KeyStorageType_.c_attributes.copy() @@ -489,9 +505,9 @@ def key_storage_from_string(xml_string): class TimeSyncToken(TimeSyncTokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TimeSyncToken element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TimeSyncToken element""" - c_tag = 'TimeSyncToken' + c_tag = "TimeSyncToken" c_namespace = NAMESPACE c_children = TimeSyncTokenType_.c_children.copy() c_attributes = TimeSyncTokenType_.c_attributes.copy() @@ -504,9 +520,9 @@ def time_sync_token_from_string(xml_string): class Length(LengthType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Length element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Length element""" - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = LengthType_.c_children.copy() c_attributes = LengthType_.c_attributes.copy() @@ -519,9 +535,9 @@ def length_from_string(xml_string): class GoverningAgreementRef(GoverningAgreementRefType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreementRef element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreementRef element""" - c_tag = 'GoverningAgreementRef' + c_tag = "GoverningAgreementRef" c_namespace = NAMESPACE c_children = GoverningAgreementRefType_.c_children.copy() c_attributes = GoverningAgreementRefType_.c_attributes.copy() @@ -534,41 +550,43 @@ def governing_agreement_ref_from_string(xml_string): class GoverningAgreementsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreementsType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreementsType element""" - c_tag = 'GoverningAgreementsType' + c_tag = "GoverningAgreementsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}GoverningAgreementRef'] = ( - 'governing_agreement_ref', [GoverningAgreementRef]) - c_cardinality['governing_agreement_ref'] = {"min": 1} - c_child_order.extend(['governing_agreement_ref']) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}GoverningAgreementRef"] = ( + "governing_agreement_ref", + [GoverningAgreementRef], + ) + c_cardinality["governing_agreement_ref"] = {"min": 1} + c_child_order.extend(["governing_agreement_ref"]) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref or [] def governing_agreements_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementsType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementsType_, xml_string) class RestrictedPasswordType_Length(RestrictedLengthType_): - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = RestrictedLengthType_.c_children.copy() c_attributes = RestrictedLengthType_.c_attributes.copy() @@ -577,14 +595,13 @@ class RestrictedPasswordType_Length(RestrictedLengthType_): def restricted_password_type__length_from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, xml_string) class Alphabet(AlphabetType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Alphabet element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Alphabet element""" - c_tag = 'Alphabet' + c_tag = "Alphabet" c_namespace = NAMESPACE c_children = AlphabetType_.c_children.copy() c_attributes = AlphabetType_.c_attributes.copy() @@ -597,9 +614,9 @@ def alphabet_from_string(xml_string): class ActivationLimitDuration(ActivationLimitDurationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitDuration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitDuration element""" - c_tag = 'ActivationLimitDuration' + c_tag = "ActivationLimitDuration" c_namespace = NAMESPACE c_children = ActivationLimitDurationType_.c_children.copy() c_attributes = ActivationLimitDurationType_.c_attributes.copy() @@ -608,14 +625,13 @@ class ActivationLimitDuration(ActivationLimitDurationType_): def activation_limit_duration_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDuration, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDuration, xml_string) class ActivationLimitUsages(ActivationLimitUsagesType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitUsages element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitUsages element""" - c_tag = 'ActivationLimitUsages' + c_tag = "ActivationLimitUsages" c_namespace = NAMESPACE c_children = ActivationLimitUsagesType_.c_children.copy() c_attributes = ActivationLimitUsagesType_.c_attributes.copy() @@ -628,9 +644,9 @@ def activation_limit_usages_from_string(xml_string): class ActivationLimitSession(ActivationLimitSessionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitSession element""" - c_tag = 'ActivationLimitSession' + c_tag = "ActivationLimitSession" c_namespace = NAMESPACE c_children = ActivationLimitSessionType_.c_children.copy() c_attributes = ActivationLimitSessionType_.c_attributes.copy() @@ -639,14 +655,13 @@ class ActivationLimitSession(ActivationLimitSessionType_): def activation_limit_session_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSession, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSession, xml_string) class Extension(ExtensionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Extension element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Extension element""" - c_tag = 'Extension' + c_tag = "Extension" c_namespace = NAMESPACE c_children = ExtensionType_.c_children.copy() c_attributes = ExtensionType_.c_attributes.copy() @@ -659,69 +674,68 @@ def extension_from_string(xml_string): class SharedSecretChallengeResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SharedSecretChallengeResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SharedSecretChallengeResponseType element""" - c_tag = 'SharedSecretChallengeResponseType' + c_tag = "SharedSecretChallengeResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['method'] = ('method', 'anyURI', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - method=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["method"] = ("method", "anyURI", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + method=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.method = method def shared_secret_challenge_response_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - SharedSecretChallengeResponseType_, xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponseType_, xml_string) class PublicKeyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PublicKeyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PublicKeyType element""" - c_tag = 'PublicKeyType' + c_tag = "PublicKeyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['keyValidation'] = ('key_validation', 'None', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - key_validation=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["keyValidation"] = ("key_validation", "None", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + key_validation=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.key_validation = key_validation @@ -732,9 +746,9 @@ def public_key_type__from_string(xml_string): class GoverningAgreements(GoverningAgreementsType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreements element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:GoverningAgreements element""" - c_tag = 'GoverningAgreements' + c_tag = "GoverningAgreements" c_namespace = NAMESPACE c_children = GoverningAgreementsType_.c_children.copy() c_attributes = GoverningAgreementsType_.c_attributes.copy() @@ -747,48 +761,44 @@ def governing_agreements_from_string(xml_string): class PasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PasswordType element""" - c_tag = 'PasswordType' + c_tag = "PasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'alphabet', 'generation', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "alphabet", "generation", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -802,42 +812,43 @@ def password_type__from_string(xml_string): class RestrictedPasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:RestrictedPasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:RestrictedPasswordType element""" - c_tag = 'RestrictedPasswordType' + c_tag = "RestrictedPasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Length'] = ( - 'length', RestrictedPasswordType_Length) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'generation', 'extension']) - - def __init__(self, - length=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Length"] = ( + "length", + RestrictedPasswordType_Length, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "generation", "extension"]) + + def __init__( + self, + length=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.generation = generation @@ -846,39 +857,39 @@ def __init__(self, def restricted_password_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_, xml_string) class TokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TokenType element""" - c_tag = 'TokenType' + c_tag = "TokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}TimeSyncToken'] = ( - 'time_sync_token', TimeSyncToken) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['time_sync_token', 'extension']) - - def __init__(self, - time_sync_token=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}TimeSyncToken"] = ( + "time_sync_token", + TimeSyncToken, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["time_sync_token", "extension"]) + + def __init__( + self, + time_sync_token=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.time_sync_token = time_sync_token self.extension = extension or [] @@ -889,42 +900,45 @@ def token_type__from_string(xml_string): class ActivationLimitType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimitType element""" - c_tag = 'ActivationLimitType' + c_tag = "ActivationLimitType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimitDuration'] = ( - 'activation_limit_duration', ActivationLimitDuration) - c_cardinality['activation_limit_duration'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimitUsages'] = ( - 'activation_limit_usages', ActivationLimitUsages) - c_cardinality['activation_limit_usages'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimitSession'] = ( - 'activation_limit_session', ActivationLimitSession) - c_cardinality['activation_limit_session'] = {"min": 0, "max": 1} - c_child_order.extend( - ['activation_limit_duration', 'activation_limit_usages', - 'activation_limit_session']) - - def __init__(self, - activation_limit_duration=None, - activation_limit_usages=None, - activation_limit_session=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimitDuration"] = ( + "activation_limit_duration", + ActivationLimitDuration, + ) + c_cardinality["activation_limit_duration"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimitUsages"] = ( + "activation_limit_usages", + ActivationLimitUsages, + ) + c_cardinality["activation_limit_usages"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimitSession"] = ( + "activation_limit_session", + ActivationLimitSession, + ) + c_cardinality["activation_limit_session"] = {"min": 0, "max": 1} + c_child_order.extend(["activation_limit_duration", "activation_limit_usages", "activation_limit_session"]) + + def __init__( + self, + activation_limit_duration=None, + activation_limit_usages=None, + activation_limit_session=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_limit_duration = activation_limit_duration self.activation_limit_usages = activation_limit_usages @@ -936,30 +950,30 @@ def activation_limit_type__from_string(xml_string): class ExtensionOnlyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ExtensionOnlyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ExtensionOnlyType element""" - c_tag = 'ExtensionOnlyType' + c_tag = "ExtensionOnlyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] @@ -969,9 +983,9 @@ def extension_only_type__from_string(xml_string): class WrittenConsent(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:WrittenConsent element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:WrittenConsent element""" - c_tag = 'WrittenConsent' + c_tag = "WrittenConsent" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -984,9 +998,9 @@ def written_consent_from_string(xml_string): class SubscriberLineNumber(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SubscriberLineNumber element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SubscriberLineNumber element""" - c_tag = 'SubscriberLineNumber' + c_tag = "SubscriberLineNumber" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -999,9 +1013,9 @@ def subscriber_line_number_from_string(xml_string): class UserSuffix(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:UserSuffix element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:UserSuffix element""" - c_tag = 'UserSuffix' + c_tag = "UserSuffix" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1014,9 +1028,9 @@ def user_suffix_from_string(xml_string): class Password(PasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Password element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Password element""" - c_tag = 'Password' + c_tag = "Password" c_namespace = NAMESPACE c_children = PasswordType_.c_children.copy() c_attributes = PasswordType_.c_attributes.copy() @@ -1029,9 +1043,9 @@ def password_from_string(xml_string): class Token(TokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Token element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Token element""" - c_tag = 'Token' + c_tag = "Token" c_namespace = NAMESPACE c_children = TokenType_.c_children.copy() c_attributes = TokenType_.c_attributes.copy() @@ -1044,9 +1058,9 @@ def token_from_string(xml_string): class Smartcard(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Smartcard element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Smartcard element""" - c_tag = 'Smartcard' + c_tag = "Smartcard" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1059,9 +1073,9 @@ def smartcard_from_string(xml_string): class ActivationLimit(ActivationLimitType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationLimit element""" - c_tag = 'ActivationLimit' + c_tag = "ActivationLimit" c_namespace = NAMESPACE c_children = ActivationLimitType_.c_children.copy() c_attributes = ActivationLimitType_.c_attributes.copy() @@ -1074,9 +1088,9 @@ def activation_limit_from_string(xml_string): class PreviousSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PreviousSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PreviousSession element""" - c_tag = 'PreviousSession' + c_tag = "PreviousSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1089,9 +1103,9 @@ def previous_session_from_string(xml_string): class ResumeSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ResumeSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ResumeSession element""" - c_tag = 'ResumeSession' + c_tag = "ResumeSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1104,9 +1118,9 @@ def resume_session_from_string(xml_string): class ZeroKnowledge(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ZeroKnowledge element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ZeroKnowledge element""" - c_tag = 'ZeroKnowledge' + c_tag = "ZeroKnowledge" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1119,9 +1133,9 @@ def zero_knowledge_from_string(xml_string): class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SharedSecretChallengeResponse element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SharedSecretChallengeResponse element""" - c_tag = 'SharedSecretChallengeResponse' + c_tag = "SharedSecretChallengeResponse" c_namespace = NAMESPACE c_children = SharedSecretChallengeResponseType_.c_children.copy() c_attributes = SharedSecretChallengeResponseType_.c_attributes.copy() @@ -1130,14 +1144,13 @@ class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): def shared_secret_challenge_response_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, xml_string) class DigSig(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:DigSig element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:DigSig element""" - c_tag = 'DigSig' + c_tag = "DigSig" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1150,9 +1163,9 @@ def dig_sig_from_string(xml_string): class AsymmetricDecryption(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AsymmetricDecryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AsymmetricDecryption element""" - c_tag = 'AsymmetricDecryption' + c_tag = "AsymmetricDecryption" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1165,9 +1178,9 @@ def asymmetric_decryption_from_string(xml_string): class AsymmetricKeyAgreement(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AsymmetricKeyAgreement element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AsymmetricKeyAgreement element""" - c_tag = 'AsymmetricKeyAgreement' + c_tag = "AsymmetricKeyAgreement" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1176,14 +1189,13 @@ class AsymmetricKeyAgreement(PublicKeyType_): def asymmetric_key_agreement_from_string(xml_string): - return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, - xml_string) + return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, xml_string) class IPAddress(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:IPAddress element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:IPAddress element""" - c_tag = 'IPAddress' + c_tag = "IPAddress" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1196,9 +1208,9 @@ def ip_address_from_string(xml_string): class SharedSecretDynamicPlaintext(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SharedSecretDynamicPlaintext element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SharedSecretDynamicPlaintext element""" - c_tag = 'SharedSecretDynamicPlaintext' + c_tag = "SharedSecretDynamicPlaintext" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1207,14 +1219,13 @@ class SharedSecretDynamicPlaintext(ExtensionOnlyType_): def shared_secret_dynamic_plaintext_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, xml_string) class HTTP(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:HTTP element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:HTTP element""" - c_tag = 'HTTP' + c_tag = "HTTP" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1227,9 +1238,9 @@ def http_from_string(xml_string): class IPSec(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:IPSec element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:IPSec element""" - c_tag = 'IPSec' + c_tag = "IPSec" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1242,9 +1253,9 @@ def ip_sec_from_string(xml_string): class WTLS(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:WTLS element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:WTLS element""" - c_tag = 'WTLS' + c_tag = "WTLS" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1257,9 +1268,9 @@ def wtls_from_string(xml_string): class MobileNetworkNoEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:MobileNetworkNoEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:MobileNetworkNoEncryption element""" - c_tag = 'MobileNetworkNoEncryption' + c_tag = "MobileNetworkNoEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1268,14 +1279,13 @@ class MobileNetworkNoEncryption(ExtensionOnlyType_): def mobile_network_no_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, xml_string) class MobileNetworkRadioEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:MobileNetworkRadioEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:MobileNetworkRadioEncryption element""" - c_tag = 'MobileNetworkRadioEncryption' + c_tag = "MobileNetworkRadioEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1284,14 +1294,13 @@ class MobileNetworkRadioEncryption(ExtensionOnlyType_): def mobile_network_radio_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, xml_string) class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:MobileNetworkEndToEndEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:MobileNetworkEndToEndEncryption element""" - c_tag = 'MobileNetworkEndToEndEncryption' + c_tag = "MobileNetworkEndToEndEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1300,14 +1309,13 @@ class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): def mobile_network_end_to_end_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, xml_string) class SSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SSL element""" - c_tag = 'SSL' + c_tag = "SSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1320,9 +1328,9 @@ def ssl_from_string(xml_string): class PSTN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PSTN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PSTN element""" - c_tag = 'PSTN' + c_tag = "PSTN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1335,9 +1343,9 @@ def pstn_from_string(xml_string): class ISDN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ISDN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ISDN element""" - c_tag = 'ISDN' + c_tag = "ISDN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1350,9 +1358,9 @@ def isdn_from_string(xml_string): class ADSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ADSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ADSL element""" - c_tag = 'ADSL' + c_tag = "ADSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1365,9 +1373,9 @@ def adsl_from_string(xml_string): class SwitchAudit(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SwitchAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SwitchAudit element""" - c_tag = 'SwitchAudit' + c_tag = "SwitchAudit" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1380,9 +1388,9 @@ def switch_audit_from_string(xml_string): class DeactivationCallCenter(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:DeactivationCallCenter element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:DeactivationCallCenter element""" - c_tag = 'DeactivationCallCenter' + c_tag = "DeactivationCallCenter" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1391,14 +1399,13 @@ class DeactivationCallCenter(ExtensionOnlyType_): def deactivation_call_center_from_string(xml_string): - return saml2.create_class_from_xml_string(DeactivationCallCenter, - xml_string) + return saml2.create_class_from_xml_string(DeactivationCallCenter, xml_string) class RestrictedPassword(RestrictedPasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:RestrictedPassword element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:RestrictedPassword element""" - c_tag = 'RestrictedPassword' + c_tag = "RestrictedPassword" c_namespace = NAMESPACE c_children = RestrictedPasswordType_.c_children.copy() c_attributes = RestrictedPasswordType_.c_attributes.copy() @@ -1411,51 +1418,48 @@ def restricted_password_from_string(xml_string): class ActivationPinType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationPinType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationPinType element""" - c_tag = 'ActivationPinType' + c_tag = "ActivationPinType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimit'] = ( - 'activation_limit', ActivationLimit) - c_cardinality['activation_limit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['length', 'alphabet', 'generation', 'activation_limit', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - activation_limit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationLimit"] = ( + "activation_limit", + ActivationLimit, + ) + c_cardinality["activation_limit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["length", "alphabet", "generation", "activation_limit", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + activation_limit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -1469,41 +1473,41 @@ def activation_pin_type__from_string(xml_string): class ComplexAuthenticatorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ComplexAuthenticatorType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ComplexAuthenticatorType element""" - c_tag = 'ComplexAuthenticatorType' + c_tag = "ComplexAuthenticatorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Password'] = ( - 'password', Password) - c_child_order.extend( - ['shared_secret_challenge_response', 'shared_secret_dynamic_plaintext', - 'password']) - - def __init__(self, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - password=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Password"] = ("password", Password) + c_child_order.extend(["shared_secret_challenge_response", "shared_secret_dynamic_plaintext", "password"]) + + def __init__( + self, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + password=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.shared_secret_challenge_response = shared_secret_challenge_response self.shared_secret_dynamic_plaintext = shared_secret_dynamic_plaintext @@ -1511,63 +1515,67 @@ def __init__(self, def complex_authenticator_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, - xml_string) + return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, xml_string) class AuthenticatorTransportProtocolType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticatorTransportProtocolType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticatorTransportProtocolType element""" - c_tag = 'AuthenticatorTransportProtocolType' + c_tag = "AuthenticatorTransportProtocolType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SSL'] = ( - 'ssl', SSL) - c_cardinality['ssl'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}MobileNetworkNoEncryption'] = ( - 'mobile_network_no_encryption', MobileNetworkNoEncryption) - c_cardinality['mobile_network_no_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}MobileNetworkRadioEncryption'] = ( - 'mobile_network_radio_encryption', MobileNetworkRadioEncryption) - c_cardinality['mobile_network_radio_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}MobileNetworkEndToEndEncryption'] = ( - 'mobile_network_end_to_end_encryption', MobileNetworkEndToEndEncryption) - c_cardinality['mobile_network_end_to_end_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}WTLS'] = ( - 'wtls', WTLS) - c_cardinality['wtls'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['ssl', 'mobile_network_no_encryption', - 'mobile_network_radio_encryption', - 'mobile_network_end_to_end_encryption', 'wtls', - 'extension']) - - def __init__(self, - ssl=None, - mobile_network_no_encryption=None, - mobile_network_radio_encryption=None, - mobile_network_end_to_end_encryption=None, - wtls=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SSL"] = ("ssl", SSL) + c_cardinality["ssl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}MobileNetworkNoEncryption"] = ( + "mobile_network_no_encryption", + MobileNetworkNoEncryption, + ) + c_cardinality["mobile_network_no_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}MobileNetworkRadioEncryption"] = ( + "mobile_network_radio_encryption", + MobileNetworkRadioEncryption, + ) + c_cardinality["mobile_network_radio_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}MobileNetworkEndToEndEncryption"] = ( + "mobile_network_end_to_end_encryption", + MobileNetworkEndToEndEncryption, + ) + c_cardinality["mobile_network_end_to_end_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}WTLS"] = ("wtls", WTLS) + c_cardinality["wtls"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + [ + "ssl", + "mobile_network_no_encryption", + "mobile_network_radio_encryption", + "mobile_network_end_to_end_encryption", + "wtls", + "extension", + ] + ) + + def __init__( + self, + ssl=None, + mobile_network_no_encryption=None, + mobile_network_radio_encryption=None, + mobile_network_end_to_end_encryption=None, + wtls=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.ssl = ssl self.mobile_network_no_encryption = mobile_network_no_encryption @@ -1578,39 +1586,39 @@ def __init__(self, def authenticator_transport_protocol_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - AuthenticatorTransportProtocolType_, xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocolType_, xml_string) class SecurityAuditType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecurityAuditType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecurityAuditType element""" - c_tag = 'SecurityAuditType' + c_tag = "SecurityAuditType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SwitchAudit'] = ( - 'switch_audit', SwitchAudit) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['switch_audit', 'extension']) - - def __init__(self, - switch_audit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SwitchAudit"] = ( + "switch_audit", + SwitchAudit, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["switch_audit", "extension"]) + + def __init__( + self, + switch_audit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.switch_audit = switch_audit self.extension = extension or [] @@ -1621,46 +1629,47 @@ def security_audit_type__from_string(xml_string): class IdentificationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:IdentificationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:IdentificationType element""" - c_tag = 'IdentificationType' + c_tag = "IdentificationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}PhysicalVerification'] = ( - 'physical_verification', PhysicalVerification) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}WrittenConsent'] = ( - 'written_consent', WrittenConsent) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['nym'] = ('nym', 'None', False) - c_child_order.extend( - ['physical_verification', 'written_consent', 'governing_agreements', - 'extension']) - - def __init__(self, - physical_verification=None, - written_consent=None, - governing_agreements=None, - extension=None, - nym=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}PhysicalVerification"] = ( + "physical_verification", + PhysicalVerification, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}WrittenConsent"] = ( + "written_consent", + WrittenConsent, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["nym"] = ("nym", "None", False) + c_child_order.extend(["physical_verification", "written_consent", "governing_agreements", "extension"]) + + def __init__( + self, + physical_verification=None, + written_consent=None, + governing_agreements=None, + extension=None, + nym=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.physical_verification = physical_verification self.written_consent = written_consent @@ -1674,9 +1683,9 @@ def identification_type__from_string(xml_string): class Identification(IdentificationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Identification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Identification element""" - c_tag = 'Identification' + c_tag = "Identification" c_namespace = NAMESPACE c_children = IdentificationType_.c_children.copy() c_attributes = IdentificationType_.c_attributes.copy() @@ -1689,9 +1698,9 @@ def identification_from_string(xml_string): class ActivationPin(ActivationPinType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationPin element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ActivationPin element""" - c_tag = 'ActivationPin' + c_tag = "ActivationPin" c_namespace = NAMESPACE c_children = ActivationPinType_.c_children.copy() c_attributes = ActivationPinType_.c_attributes.copy() @@ -1704,9 +1713,9 @@ def activation_pin_from_string(xml_string): class ComplexAuthenticator(ComplexAuthenticatorType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ComplexAuthenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:ComplexAuthenticator element""" - c_tag = 'ComplexAuthenticator' + c_tag = "ComplexAuthenticator" c_namespace = NAMESPACE c_children = ComplexAuthenticatorType_.c_children.copy() c_attributes = ComplexAuthenticatorType_.c_attributes.copy() @@ -1719,9 +1728,9 @@ def complex_authenticator_from_string(xml_string): class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticatorTransportProtocol element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticatorTransportProtocol element""" - c_tag = 'AuthenticatorTransportProtocol' + c_tag = "AuthenticatorTransportProtocol" c_namespace = NAMESPACE c_children = AuthenticatorTransportProtocolType_.c_children.copy() c_attributes = AuthenticatorTransportProtocolType_.c_attributes.copy() @@ -1730,14 +1739,13 @@ class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): def authenticator_transport_protocol_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, xml_string) class SecurityAudit(SecurityAuditType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecurityAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecurityAudit element""" - c_tag = 'SecurityAudit' + c_tag = "SecurityAudit" c_namespace = NAMESPACE c_children = SecurityAuditType_.c_children.copy() c_attributes = SecurityAuditType_.c_attributes.copy() @@ -1750,59 +1758,53 @@ def security_audit_from_string(xml_string): class PrincipalAuthenticationMechanismType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrincipalAuthenticationMechanismType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrincipalAuthenticationMechanismType element""" - c_tag = 'PrincipalAuthenticationMechanismType' + c_tag = "PrincipalAuthenticationMechanismType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Token'] = ( - 'token', Token) - c_cardinality['token'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Smartcard'] = ( - 'smartcard', Smartcard) - c_cardinality['smartcard'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['preauth'] = ('preauth', 'integer', False) - c_child_order.extend( - ['password', 'restricted_password', 'token', 'smartcard', - 'activation_pin', 'extension']) - - def __init__(self, - password=None, - restricted_password=None, - token=None, - smartcard=None, - activation_pin=None, - extension=None, - preauth=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Token"] = ("token", Token) + c_cardinality["token"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Smartcard"] = ("smartcard", Smartcard) + c_cardinality["smartcard"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationPin"] = ( + "activation_pin", + ActivationPin, + ) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["preauth"] = ("preauth", "integer", False) + c_child_order.extend(["password", "restricted_password", "token", "smartcard", "activation_pin", "extension"]) + + def __init__( + self, + password=None, + restricted_password=None, + token=None, + smartcard=None, + activation_pin=None, + extension=None, + preauth=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.password = password self.restricted_password = restricted_password @@ -1814,40 +1816,40 @@ def __init__(self, def principal_authentication_mechanism_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - PrincipalAuthenticationMechanismType_, xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanismType_, xml_string) class KeyActivationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyActivationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyActivationType element""" - c_tag = 'KeyActivationType' + c_tag = "KeyActivationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['activation_pin', 'extension']) - - def __init__(self, - activation_pin=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ActivationPin"] = ( + "activation_pin", + ActivationPin, + ) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["activation_pin", "extension"]) + + def __init__( + self, + activation_pin=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_pin = activation_pin self.extension = extension or [] @@ -1858,68 +1860,80 @@ def key_activation_type__from_string(xml_string): class AuthenticatorBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticatorBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticatorBaseType element""" - c_tag = 'AuthenticatorBaseType' + c_tag = "AuthenticatorBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}DigSig'] = ( - 'dig_sig', DigSig) - c_cardinality['dig_sig'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ZeroKnowledge'] = ( - 'zero_knowledge', ZeroKnowledge) - c_cardinality['zero_knowledge'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AsymmetricDecryption'] = ( - 'asymmetric_decryption', AsymmetricDecryption) - c_cardinality['asymmetric_decryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AsymmetricKeyAgreement'] = ( - 'asymmetric_key_agreement', AsymmetricKeyAgreement) - c_cardinality['asymmetric_key_agreement'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) - c_cardinality['complex_authenticator'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}DigSig"] = ("dig_sig", DigSig) + c_cardinality["dig_sig"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ZeroKnowledge"] = ( + "zero_knowledge", + ZeroKnowledge, + ) + c_cardinality["zero_knowledge"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AsymmetricDecryption"] = ( + "asymmetric_decryption", + AsymmetricDecryption, + ) + c_cardinality["asymmetric_decryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AsymmetricKeyAgreement"] = ( + "asymmetric_key_agreement", + AsymmetricKeyAgreement, + ) + c_cardinality["asymmetric_key_agreement"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, + ) + c_cardinality["complex_authenticator"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} c_child_order.extend( - ['dig_sig', 'zero_knowledge', 'shared_secret_challenge_response', - 'shared_secret_dynamic_plaintext', 'asymmetric_decryption', - 'asymmetric_key_agreement', 'complex_authenticator', 'extension']) - - def __init__(self, - dig_sig=None, - zero_knowledge=None, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - asymmetric_decryption=None, - asymmetric_key_agreement=None, - complex_authenticator=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "dig_sig", + "zero_knowledge", + "shared_secret_challenge_response", + "shared_secret_dynamic_plaintext", + "asymmetric_decryption", + "asymmetric_key_agreement", + "complex_authenticator", + "extension", + ] + ) + + def __init__( + self, + dig_sig=None, + zero_knowledge=None, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + asymmetric_decryption=None, + asymmetric_key_agreement=None, + complex_authenticator=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.dig_sig = dig_sig self.zero_knowledge = zero_knowledge @@ -1932,44 +1946,44 @@ def __init__(self, def authenticator_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorBaseType_, xml_string) class OperationalProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:OperationalProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:OperationalProtectionType element""" - c_tag = 'OperationalProtectionType' + c_tag = "OperationalProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SecurityAudit'] = ( - 'security_audit', SecurityAudit) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}DeactivationCallCenter'] = ( - 'deactivation_call_center', DeactivationCallCenter) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['security_audit', 'deactivation_call_center', 'extension']) - - def __init__(self, - security_audit=None, - deactivation_call_center=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SecurityAudit"] = ( + "security_audit", + SecurityAudit, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}DeactivationCallCenter"] = ( + "deactivation_call_center", + DeactivationCallCenter, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["security_audit", "deactivation_call_center", "extension"]) + + def __init__( + self, + security_audit=None, + deactivation_call_center=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.security_audit = security_audit self.deactivation_call_center = deactivation_call_center @@ -1977,14 +1991,13 @@ def __init__(self, def operational_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(OperationalProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(OperationalProtectionType_, xml_string) class KeyActivation(KeyActivationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyActivation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:KeyActivation element""" - c_tag = 'KeyActivation' + c_tag = "KeyActivation" c_namespace = NAMESPACE c_children = KeyActivationType_.c_children.copy() c_attributes = KeyActivationType_.c_attributes.copy() @@ -1997,9 +2010,9 @@ def key_activation_from_string(xml_string): class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrincipalAuthenticationMechanism element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrincipalAuthenticationMechanism element""" - c_tag = 'PrincipalAuthenticationMechanism' + c_tag = "PrincipalAuthenticationMechanism" c_namespace = NAMESPACE c_children = PrincipalAuthenticationMechanismType_.c_children.copy() c_attributes = PrincipalAuthenticationMechanismType_.c_attributes.copy() @@ -2008,14 +2021,13 @@ class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): def principal_authentication_mechanism_from_string(xml_string): - return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, - xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, xml_string) class Authenticator(AuthenticatorBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Authenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:Authenticator element""" - c_tag = 'Authenticator' + c_tag = "Authenticator" c_namespace = NAMESPACE c_children = AuthenticatorBaseType_.c_children.copy() c_attributes = AuthenticatorBaseType_.c_attributes.copy() @@ -2028,9 +2040,9 @@ def authenticator_from_string(xml_string): class OperationalProtection(OperationalProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:OperationalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:OperationalProtection element""" - c_tag = 'OperationalProtection' + c_tag = "OperationalProtection" c_namespace = NAMESPACE c_children = OperationalProtectionType_.c_children.copy() c_attributes = OperationalProtectionType_.c_attributes.copy() @@ -2043,45 +2055,49 @@ def operational_protection_from_string(xml_string): class AuthnMethodBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthnMethodBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthnMethodBaseType element""" - c_tag = 'AuthnMethodBaseType' + c_tag = "AuthnMethodBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}PrincipalAuthenticationMechanism'] = ( - 'principal_authentication_mechanism', PrincipalAuthenticationMechanism) - c_cardinality['principal_authentication_mechanism'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Authenticator'] = ( - 'authenticator', Authenticator) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AuthenticatorTransportProtocol'] = ( - 'authenticator_transport_protocol', AuthenticatorTransportProtocol) - c_cardinality['authenticator_transport_protocol'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['principal_authentication_mechanism', 'authenticator', - 'authenticator_transport_protocol', 'extension']) - - def __init__(self, - principal_authentication_mechanism=None, - authenticator=None, - authenticator_transport_protocol=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}PrincipalAuthenticationMechanism"] = ( + "principal_authentication_mechanism", + PrincipalAuthenticationMechanism, + ) + c_cardinality["principal_authentication_mechanism"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Authenticator"] = ( + "authenticator", + Authenticator, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AuthenticatorTransportProtocol"] = ( + "authenticator_transport_protocol", + AuthenticatorTransportProtocol, + ) + c_cardinality["authenticator_transport_protocol"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + ["principal_authentication_mechanism", "authenticator", "authenticator_transport_protocol", "extension"] + ) + + def __init__( + self, + principal_authentication_mechanism=None, + authenticator=None, + authenticator_transport_protocol=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.principal_authentication_mechanism = principal_authentication_mechanism self.authenticator = authenticator @@ -2094,38 +2110,40 @@ def authn_method_base_type__from_string(xml_string): class PrivateKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrivateKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrivateKeyProtectionType element""" - c_tag = 'PrivateKeyProtectionType' + c_tag = "PrivateKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['key_activation', 'key_storage', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyStorage"] = ( + "key_storage", + KeyStorage, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -2133,44 +2151,47 @@ def __init__(self, def private_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, xml_string) class SecretKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecretKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecretKeyProtectionType element""" - c_tag = 'SecretKeyProtectionType' + c_tag = "SecretKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract' \ - '}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['key_activation', 'key_storage', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}KeyStorage"] = ( + "key_storage", + KeyStorage, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract" "}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -2178,14 +2199,13 @@ def __init__(self, def secret_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SecretKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(SecretKeyProtectionType_, xml_string) class SecretKeyProtection(SecretKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecretKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:SecretKeyProtection element""" - c_tag = 'SecretKeyProtection' + c_tag = "SecretKeyProtection" c_namespace = NAMESPACE c_children = SecretKeyProtectionType_.c_children.copy() c_attributes = SecretKeyProtectionType_.c_attributes.copy() @@ -2198,9 +2218,9 @@ def secret_key_protection_from_string(xml_string): class PrivateKeyProtection(PrivateKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrivateKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:PrivateKeyProtection element""" - c_tag = 'PrivateKeyProtection' + c_tag = "PrivateKeyProtection" c_namespace = NAMESPACE c_children = PrivateKeyProtectionType_.c_children.copy() c_attributes = PrivateKeyProtectionType_.c_attributes.copy() @@ -2213,9 +2233,9 @@ def private_key_protection_from_string(xml_string): class AuthnMethod(AuthnMethodBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthnMethod element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthnMethod element""" - c_tag = 'AuthnMethod' + c_tag = "AuthnMethod" c_namespace = NAMESPACE c_children = AuthnMethodBaseType_.c_children.copy() c_attributes = AuthnMethodBaseType_.c_attributes.copy() @@ -2228,41 +2248,42 @@ def authn_method_from_string(xml_string): class TechnicalProtectionBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TechnicalProtectionBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TechnicalProtectionBaseType element""" - c_tag = 'TechnicalProtectionBaseType' + c_tag = "TechnicalProtectionBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}PrivateKeyProtection'] = ( - 'private_key_protection', PrivateKeyProtection) - c_cardinality['private_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SecretKeyProtection'] = ( - 'secret_key_protection', SecretKeyProtection) - c_cardinality['secret_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['private_key_protection', 'secret_key_protection', 'extension']) - - def __init__(self, - private_key_protection=None, - secret_key_protection=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}PrivateKeyProtection"] = ( + "private_key_protection", + PrivateKeyProtection, + ) + c_cardinality["private_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}SecretKeyProtection"] = ( + "secret_key_protection", + SecretKeyProtection, + ) + c_cardinality["secret_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["private_key_protection", "secret_key_protection", "extension"]) + + def __init__( + self, + private_key_protection=None, + secret_key_protection=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.private_key_protection = private_key_protection self.secret_key_protection = secret_key_protection @@ -2270,14 +2291,13 @@ def __init__(self, def technical_protection_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, - xml_string) + return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, xml_string) class TechnicalProtection(TechnicalProtectionBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TechnicalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:TechnicalProtection element""" - c_tag = 'TechnicalProtection' + c_tag = "TechnicalProtection" c_namespace = NAMESPACE c_children = TechnicalProtectionBaseType_.c_children.copy() c_attributes = TechnicalProtectionBaseType_.c_attributes.copy() @@ -2290,58 +2310,70 @@ def technical_protection_from_string(xml_string): class AuthnContextDeclarationBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthnContextDeclarationBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthnContextDeclarationBaseType element""" - c_tag = 'AuthnContextDeclarationBaseType' + c_tag = "AuthnContextDeclarationBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Identification'] = ( - 'identification', Identification) - c_cardinality['identification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}TechnicalProtection'] = ( - 'technical_protection', TechnicalProtection) - c_cardinality['technical_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}OperationalProtection'] = ( - 'operational_protection', OperationalProtection) - c_cardinality['operational_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AuthnMethod'] = ( - 'authn_method', AuthnMethod) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ID'] = ('id', 'ID', False) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Identification"] = ( + "identification", + Identification, + ) + c_cardinality["identification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}TechnicalProtection"] = ( + "technical_protection", + TechnicalProtection, + ) + c_cardinality["technical_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}OperationalProtection"] = ( + "operational_protection", + OperationalProtection, + ) + c_cardinality["operational_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}AuthnMethod"] = ( + "authn_method", + AuthnMethod, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ID"] = ("id", "ID", False) c_child_order.extend( - ['identification', 'technical_protection', 'operational_protection', - 'authn_method', 'governing_agreements', 'extension']) - - def __init__(self, - identification=None, - technical_protection=None, - operational_protection=None, - authn_method=None, - governing_agreements=None, - extension=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "identification", + "technical_protection", + "operational_protection", + "authn_method", + "governing_agreements", + "extension", + ] + ) + + def __init__( + self, + identification=None, + technical_protection=None, + operational_protection=None, + authn_method=None, + governing_agreements=None, + extension=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.identification = identification self.technical_protection = technical_protection @@ -2353,14 +2385,13 @@ def __init__(self, def authn_context_declaration_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, xml_string) class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticationContextDeclaration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:MobileTwoFactorContract:AuthenticationContextDeclaration element""" - c_tag = 'AuthenticationContextDeclaration' + c_tag = "AuthenticationContextDeclaration" c_namespace = NAMESPACE c_children = AuthnContextDeclarationBaseType_.c_children.copy() c_attributes = AuthnContextDeclarationBaseType_.c_attributes.copy() @@ -2369,8 +2400,7 @@ class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): def authentication_context_declaration_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, - xml_string) + return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, xml_string) ELEMENT_FROM_STRING = { @@ -2470,102 +2500,101 @@ def authentication_context_declaration_from_string(xml_string): } ELEMENT_BY_TAG = { - 'AuthenticationContextDeclaration': AuthenticationContextDeclaration, - 'Identification': Identification, - 'PhysicalVerification': PhysicalVerification, - 'WrittenConsent': WrittenConsent, - 'TechnicalProtection': TechnicalProtection, - 'SecretKeyProtection': SecretKeyProtection, - 'PrivateKeyProtection': PrivateKeyProtection, - 'KeyActivation': KeyActivation, - 'KeySharing': KeySharing, - 'KeyStorage': KeyStorage, - 'SubscriberLineNumber': SubscriberLineNumber, - 'UserSuffix': UserSuffix, - 'Password': Password, - 'ActivationPin': ActivationPin, - 'Token': Token, - 'TimeSyncToken': TimeSyncToken, - 'Smartcard': Smartcard, - 'Length': Length, - 'ActivationLimit': ActivationLimit, - 'Generation': Generation, - 'AuthnMethod': AuthnMethod, - 'PrincipalAuthenticationMechanism': PrincipalAuthenticationMechanism, - 'Authenticator': Authenticator, - 'ComplexAuthenticator': ComplexAuthenticator, - 'PreviousSession': PreviousSession, - 'ResumeSession': ResumeSession, - 'ZeroKnowledge': ZeroKnowledge, - 'SharedSecretChallengeResponse': SharedSecretChallengeResponse, - 'SharedSecretChallengeResponseType': SharedSecretChallengeResponseType_, - 'DigSig': DigSig, - 'AsymmetricDecryption': AsymmetricDecryption, - 'AsymmetricKeyAgreement': AsymmetricKeyAgreement, - 'PublicKeyType': PublicKeyType_, - 'IPAddress': IPAddress, - 'SharedSecretDynamicPlaintext': SharedSecretDynamicPlaintext, - 'AuthenticatorTransportProtocol': AuthenticatorTransportProtocol, - 'HTTP': HTTP, - 'IPSec': IPSec, - 'WTLS': WTLS, - 'MobileNetworkNoEncryption': MobileNetworkNoEncryption, - 'MobileNetworkRadioEncryption': MobileNetworkRadioEncryption, - 'MobileNetworkEndToEndEncryption': MobileNetworkEndToEndEncryption, - 'SSL': SSL, - 'PSTN': PSTN, - 'ISDN': ISDN, - 'ADSL': ADSL, - 'OperationalProtection': OperationalProtection, - 'SecurityAudit': SecurityAudit, - 'SwitchAudit': SwitchAudit, - 'DeactivationCallCenter': DeactivationCallCenter, - 'GoverningAgreements': GoverningAgreements, - 'GoverningAgreementRef': GoverningAgreementRef, - 'nymType': NymType_, - 'GoverningAgreementsType': GoverningAgreementsType_, - 'GoverningAgreementRefType': GoverningAgreementRefType_, - 'PrincipalAuthenticationMechanismType': PrincipalAuthenticationMechanismType_, - 'KeyActivationType': KeyActivationType_, - 'KeySharingType': KeySharingType_, - 'PasswordType': PasswordType_, - 'RestrictedPassword': RestrictedPassword, - 'RestrictedPasswordType': RestrictedPasswordType_, - 'RestrictedLengthType': RestrictedLengthType_, - 'ActivationPinType': ActivationPinType_, - 'Alphabet': Alphabet, - 'AlphabetType': AlphabetType_, - 'TokenType': TokenType_, - 'DeviceTypeType': DeviceTypeType_, - 'booleanType': BooleanType_, - 'TimeSyncTokenType': TimeSyncTokenType_, - 'ActivationLimitType': ActivationLimitType_, - 'ActivationLimitDuration': ActivationLimitDuration, - 'ActivationLimitUsages': ActivationLimitUsages, - 'ActivationLimitSession': ActivationLimitSession, - 'ActivationLimitDurationType': ActivationLimitDurationType_, - 'ActivationLimitUsagesType': ActivationLimitUsagesType_, - 'ActivationLimitSessionType': ActivationLimitSessionType_, - 'LengthType': LengthType_, - 'mediumType': MediumType_, - 'ExtensionOnlyType': ExtensionOnlyType_, - 'Extension': Extension, - 'ExtensionType': ExtensionType_, - 'AuthnContextDeclarationBaseType': AuthnContextDeclarationBaseType_, - 'AuthnMethodBaseType': AuthnMethodBaseType_, - 'AuthenticatorBaseType': AuthenticatorBaseType_, - 'ComplexAuthenticatorType': ComplexAuthenticatorType_, - 'AuthenticatorTransportProtocolType': AuthenticatorTransportProtocolType_, - 'OperationalProtectionType': OperationalProtectionType_, - 'TechnicalProtectionBaseType': TechnicalProtectionBaseType_, - 'PrivateKeyProtectionType': PrivateKeyProtectionType_, - 'SecretKeyProtectionType': SecretKeyProtectionType_, - 'KeyStorageType': KeyStorageType_, - 'SecurityAuditType': SecurityAuditType_, - 'IdentificationType': IdentificationType_, + "AuthenticationContextDeclaration": AuthenticationContextDeclaration, + "Identification": Identification, + "PhysicalVerification": PhysicalVerification, + "WrittenConsent": WrittenConsent, + "TechnicalProtection": TechnicalProtection, + "SecretKeyProtection": SecretKeyProtection, + "PrivateKeyProtection": PrivateKeyProtection, + "KeyActivation": KeyActivation, + "KeySharing": KeySharing, + "KeyStorage": KeyStorage, + "SubscriberLineNumber": SubscriberLineNumber, + "UserSuffix": UserSuffix, + "Password": Password, + "ActivationPin": ActivationPin, + "Token": Token, + "TimeSyncToken": TimeSyncToken, + "Smartcard": Smartcard, + "Length": Length, + "ActivationLimit": ActivationLimit, + "Generation": Generation, + "AuthnMethod": AuthnMethod, + "PrincipalAuthenticationMechanism": PrincipalAuthenticationMechanism, + "Authenticator": Authenticator, + "ComplexAuthenticator": ComplexAuthenticator, + "PreviousSession": PreviousSession, + "ResumeSession": ResumeSession, + "ZeroKnowledge": ZeroKnowledge, + "SharedSecretChallengeResponse": SharedSecretChallengeResponse, + "SharedSecretChallengeResponseType": SharedSecretChallengeResponseType_, + "DigSig": DigSig, + "AsymmetricDecryption": AsymmetricDecryption, + "AsymmetricKeyAgreement": AsymmetricKeyAgreement, + "PublicKeyType": PublicKeyType_, + "IPAddress": IPAddress, + "SharedSecretDynamicPlaintext": SharedSecretDynamicPlaintext, + "AuthenticatorTransportProtocol": AuthenticatorTransportProtocol, + "HTTP": HTTP, + "IPSec": IPSec, + "WTLS": WTLS, + "MobileNetworkNoEncryption": MobileNetworkNoEncryption, + "MobileNetworkRadioEncryption": MobileNetworkRadioEncryption, + "MobileNetworkEndToEndEncryption": MobileNetworkEndToEndEncryption, + "SSL": SSL, + "PSTN": PSTN, + "ISDN": ISDN, + "ADSL": ADSL, + "OperationalProtection": OperationalProtection, + "SecurityAudit": SecurityAudit, + "SwitchAudit": SwitchAudit, + "DeactivationCallCenter": DeactivationCallCenter, + "GoverningAgreements": GoverningAgreements, + "GoverningAgreementRef": GoverningAgreementRef, + "nymType": NymType_, + "GoverningAgreementsType": GoverningAgreementsType_, + "GoverningAgreementRefType": GoverningAgreementRefType_, + "PrincipalAuthenticationMechanismType": PrincipalAuthenticationMechanismType_, + "KeyActivationType": KeyActivationType_, + "KeySharingType": KeySharingType_, + "PasswordType": PasswordType_, + "RestrictedPassword": RestrictedPassword, + "RestrictedPasswordType": RestrictedPasswordType_, + "RestrictedLengthType": RestrictedLengthType_, + "ActivationPinType": ActivationPinType_, + "Alphabet": Alphabet, + "AlphabetType": AlphabetType_, + "TokenType": TokenType_, + "DeviceTypeType": DeviceTypeType_, + "booleanType": BooleanType_, + "TimeSyncTokenType": TimeSyncTokenType_, + "ActivationLimitType": ActivationLimitType_, + "ActivationLimitDuration": ActivationLimitDuration, + "ActivationLimitUsages": ActivationLimitUsages, + "ActivationLimitSession": ActivationLimitSession, + "ActivationLimitDurationType": ActivationLimitDurationType_, + "ActivationLimitUsagesType": ActivationLimitUsagesType_, + "ActivationLimitSessionType": ActivationLimitSessionType_, + "LengthType": LengthType_, + "mediumType": MediumType_, + "ExtensionOnlyType": ExtensionOnlyType_, + "Extension": Extension, + "ExtensionType": ExtensionType_, + "AuthnContextDeclarationBaseType": AuthnContextDeclarationBaseType_, + "AuthnMethodBaseType": AuthnMethodBaseType_, + "AuthenticatorBaseType": AuthenticatorBaseType_, + "ComplexAuthenticatorType": ComplexAuthenticatorType_, + "AuthenticatorTransportProtocolType": AuthenticatorTransportProtocolType_, + "OperationalProtectionType": OperationalProtectionType_, + "TechnicalProtectionBaseType": TechnicalProtectionBaseType_, + "PrivateKeyProtectionType": PrivateKeyProtectionType_, + "SecretKeyProtectionType": SecretKeyProtectionType_, + "KeyStorageType": KeyStorageType_, + "SecurityAuditType": SecurityAuditType_, + "IdentificationType": IdentificationType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/authn_context/ppt.py b/src/saml2/authn_context/ppt.py index 6635ad882..baba191cc 100644 --- a/src/saml2/authn_context/ppt.py +++ b/src/saml2/authn_context/ppt.py @@ -12,30 +12,32 @@ from saml2 import SamlBase -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" class PhysicalVerification(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PhysicalVerification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PhysicalVerification element""" - c_tag = 'PhysicalVerification' + c_tag = "PhysicalVerification" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['credentialLevel'] = ('credential_level', 'None', False) - - def __init__(self, - credential_level=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["credentialLevel"] = ("credential_level", "None", False) + + def __init__( + self, + credential_level=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.credential_level = credential_level @@ -45,26 +47,28 @@ def physical_verification_from_string(xml_string): class Generation(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Generation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Generation element""" - c_tag = 'Generation' + c_tag = "Generation" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['mechanism'] = ('mechanism', 'None', True) - - def __init__(self, - mechanism=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["mechanism"] = ("mechanism", "None", True) + + def __init__( + self, + mechanism=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.mechanism = mechanism @@ -74,12 +78,11 @@ def generation_from_string(xml_string): class NymType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:nymType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:nymType element""" - c_tag = 'nymType' + c_tag = "nymType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['anonymity', 'verinymity', 'pseudonymity']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["anonymity", "verinymity", "pseudonymity"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -91,57 +94,59 @@ def nym_type__from_string(xml_string): class GoverningAgreementRefType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreementRefType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreementRefType element""" - c_tag = 'GoverningAgreementRefType' + c_tag = "GoverningAgreementRefType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['governingAgreementRef'] = ( - 'governing_agreement_ref', 'anyURI', True) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["governingAgreementRef"] = ("governing_agreement_ref", "anyURI", True) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref def governing_agreement_ref_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementRefType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementRefType_, xml_string) class KeySharingType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeySharingType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeySharingType element""" - c_tag = 'KeySharingType' + c_tag = "KeySharingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['sharing'] = ('sharing', 'boolean', True) - - def __init__(self, - sharing=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["sharing"] = ("sharing", "boolean", True) + + def __init__( + self, + sharing=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.sharing = sharing @@ -151,28 +156,30 @@ def key_sharing_type__from_string(xml_string): class RestrictedLengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:RestrictedLengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:RestrictedLengthType element""" - c_tag = 'RestrictedLengthType' + c_tag = "RestrictedLengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'None', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "None", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -183,30 +190,32 @@ def restricted_length_type__from_string(xml_string): class AlphabetType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AlphabetType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AlphabetType element""" - c_tag = 'AlphabetType' + c_tag = "AlphabetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['requiredChars'] = ('required_chars', 'string', True) - c_attributes['excludedChars'] = ('excluded_chars', 'string', False) - c_attributes['case'] = ('case', 'string', False) - - def __init__(self, - required_chars=None, - excluded_chars=None, - case=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["requiredChars"] = ("required_chars", "string", True) + c_attributes["excludedChars"] = ("excluded_chars", "string", False) + c_attributes["case"] = ("case", "string", False) + + def __init__( + self, + required_chars=None, + excluded_chars=None, + case=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.required_chars = required_chars self.excluded_chars = excluded_chars @@ -218,12 +227,11 @@ def alphabet_type__from_string(xml_string): class DeviceTypeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:DeviceTypeType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:DeviceTypeType element""" - c_tag = 'DeviceTypeType' + c_tag = "DeviceTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['hardware', 'software']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["hardware", "software"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -235,11 +243,11 @@ def device_type_type__from_string(xml_string): class BooleanType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:booleanType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:booleanType element""" - c_tag = 'booleanType' + c_tag = "booleanType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', 'enumeration': ['true', 'false']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["true", "false"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -251,30 +259,32 @@ def boolean_type__from_string(xml_string): class TimeSyncTokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TimeSyncTokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TimeSyncTokenType element""" - c_tag = 'TimeSyncTokenType' + c_tag = "TimeSyncTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['DeviceType'] = ('device_type', DeviceTypeType_, True) - c_attributes['SeedLength'] = ('seed_length', 'integer', True) - c_attributes['DeviceInHand'] = ('device_in_hand', BooleanType_, True) - - def __init__(self, - device_type=None, - seed_length=None, - device_in_hand=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["DeviceType"] = ("device_type", DeviceTypeType_, True) + c_attributes["SeedLength"] = ("seed_length", "integer", True) + c_attributes["DeviceInHand"] = ("device_in_hand", BooleanType_, True) + + def __init__( + self, + device_type=None, + seed_length=None, + device_in_hand=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.device_type = device_type self.seed_length = seed_length @@ -286,69 +296,71 @@ def time_sync_token_type__from_string(xml_string): class ActivationLimitDurationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitDurationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitDurationType element""" - c_tag = 'ActivationLimitDurationType' + c_tag = "ActivationLimitDurationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['duration'] = ('duration', 'duration', True) - - def __init__(self, - duration=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["duration"] = ("duration", "duration", True) + + def __init__( + self, + duration=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.duration = duration def activation_limit_duration_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDurationType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDurationType_, xml_string) class ActivationLimitUsagesType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitUsagesType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitUsagesType element""" - c_tag = 'ActivationLimitUsagesType' + c_tag = "ActivationLimitUsagesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['number'] = ('number', 'integer', True) - - def __init__(self, - number=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["number"] = ("number", "integer", True) + + def __init__( + self, + number=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.number = number def activation_limit_usages_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, xml_string) class ActivationLimitSessionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitSessionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitSessionType element""" - c_tag = 'ActivationLimitSessionType' + c_tag = "ActivationLimitSessionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -357,33 +369,34 @@ class ActivationLimitSessionType_(SamlBase): def activation_limit_session_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSessionType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSessionType_, xml_string) class LengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:LengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:LengthType element""" - c_tag = 'LengthType' + c_tag = "LengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'integer', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "integer", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -394,13 +407,14 @@ def length_type__from_string(xml_string): class MediumType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:mediumType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:mediumType element""" - c_tag = 'mediumType' + c_tag = "mediumType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['memory', 'smartcard', 'token', - 'MobileDevice', 'MobileAuthCard']} + c_value_type = { + "base": "xs:NMTOKEN", + "enumeration": ["memory", "smartcard", "token", "MobileDevice", "MobileAuthCard"], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -412,26 +426,28 @@ def medium_type__from_string(xml_string): class KeyStorageType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyStorageType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyStorageType element""" - c_tag = 'KeyStorageType' + c_tag = "KeyStorageType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['medium'] = ('medium', MediumType_, True) - - def __init__(self, - medium=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["medium"] = ("medium", MediumType_, True) + + def __init__( + self, + medium=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.medium = medium @@ -441,9 +457,9 @@ def key_storage_type__from_string(xml_string): class ExtensionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ExtensionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ExtensionType element""" - c_tag = 'ExtensionType' + c_tag = "ExtensionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -456,9 +472,9 @@ def extension_type__from_string(xml_string): class KeySharing(KeySharingType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeySharing element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeySharing element""" - c_tag = 'KeySharing' + c_tag = "KeySharing" c_namespace = NAMESPACE c_children = KeySharingType_.c_children.copy() c_attributes = KeySharingType_.c_attributes.copy() @@ -471,9 +487,9 @@ def key_sharing_from_string(xml_string): class KeyStorage(KeyStorageType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyStorage element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyStorage element""" - c_tag = 'KeyStorage' + c_tag = "KeyStorage" c_namespace = NAMESPACE c_children = KeyStorageType_.c_children.copy() c_attributes = KeyStorageType_.c_attributes.copy() @@ -486,9 +502,9 @@ def key_storage_from_string(xml_string): class TimeSyncToken(TimeSyncTokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TimeSyncToken element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TimeSyncToken element""" - c_tag = 'TimeSyncToken' + c_tag = "TimeSyncToken" c_namespace = NAMESPACE c_children = TimeSyncTokenType_.c_children.copy() c_attributes = TimeSyncTokenType_.c_attributes.copy() @@ -501,9 +517,9 @@ def time_sync_token_from_string(xml_string): class Length(LengthType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Length element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Length element""" - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = LengthType_.c_children.copy() c_attributes = LengthType_.c_attributes.copy() @@ -516,9 +532,9 @@ def length_from_string(xml_string): class GoverningAgreementRef(GoverningAgreementRefType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreementRef element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreementRef element""" - c_tag = 'GoverningAgreementRef' + c_tag = "GoverningAgreementRef" c_namespace = NAMESPACE c_children = GoverningAgreementRefType_.c_children.copy() c_attributes = GoverningAgreementRefType_.c_attributes.copy() @@ -531,41 +547,43 @@ def governing_agreement_ref_from_string(xml_string): class GoverningAgreementsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreementsType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreementsType element""" - c_tag = 'GoverningAgreementsType' + c_tag = "GoverningAgreementsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}GoverningAgreementRef'] = ( - 'governing_agreement_ref', [GoverningAgreementRef]) - c_cardinality['governing_agreement_ref'] = {"min": 1} - c_child_order.extend(['governing_agreement_ref']) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}GoverningAgreementRef"] = ( + "governing_agreement_ref", + [GoverningAgreementRef], + ) + c_cardinality["governing_agreement_ref"] = {"min": 1} + c_child_order.extend(["governing_agreement_ref"]) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref or [] def governing_agreements_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementsType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementsType_, xml_string) class RestrictedPasswordType_Length(RestrictedLengthType_): - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = RestrictedLengthType_.c_children.copy() c_attributes = RestrictedLengthType_.c_attributes.copy() @@ -574,14 +592,13 @@ class RestrictedPasswordType_Length(RestrictedLengthType_): def restricted_password_type__length_from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, xml_string) class Alphabet(AlphabetType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Alphabet element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Alphabet element""" - c_tag = 'Alphabet' + c_tag = "Alphabet" c_namespace = NAMESPACE c_children = AlphabetType_.c_children.copy() c_attributes = AlphabetType_.c_attributes.copy() @@ -594,9 +611,9 @@ def alphabet_from_string(xml_string): class ActivationLimitDuration(ActivationLimitDurationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitDuration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitDuration element""" - c_tag = 'ActivationLimitDuration' + c_tag = "ActivationLimitDuration" c_namespace = NAMESPACE c_children = ActivationLimitDurationType_.c_children.copy() c_attributes = ActivationLimitDurationType_.c_attributes.copy() @@ -605,14 +622,13 @@ class ActivationLimitDuration(ActivationLimitDurationType_): def activation_limit_duration_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDuration, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDuration, xml_string) class ActivationLimitUsages(ActivationLimitUsagesType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitUsages element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitUsages element""" - c_tag = 'ActivationLimitUsages' + c_tag = "ActivationLimitUsages" c_namespace = NAMESPACE c_children = ActivationLimitUsagesType_.c_children.copy() c_attributes = ActivationLimitUsagesType_.c_attributes.copy() @@ -625,9 +641,9 @@ def activation_limit_usages_from_string(xml_string): class ActivationLimitSession(ActivationLimitSessionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitSession element""" - c_tag = 'ActivationLimitSession' + c_tag = "ActivationLimitSession" c_namespace = NAMESPACE c_children = ActivationLimitSessionType_.c_children.copy() c_attributes = ActivationLimitSessionType_.c_attributes.copy() @@ -636,14 +652,13 @@ class ActivationLimitSession(ActivationLimitSessionType_): def activation_limit_session_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSession, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSession, xml_string) class Extension(ExtensionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Extension element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Extension element""" - c_tag = 'Extension' + c_tag = "Extension" c_namespace = NAMESPACE c_children = ExtensionType_.c_children.copy() c_attributes = ExtensionType_.c_attributes.copy() @@ -656,69 +671,74 @@ def extension_from_string(xml_string): class SharedSecretChallengeResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SharedSecretChallengeResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SharedSecretChallengeResponseType element""" - c_tag = 'SharedSecretChallengeResponseType' + c_tag = "SharedSecretChallengeResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['method'] = ('method', 'anyURI', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - method=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["method"] = ("method", "anyURI", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + method=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.method = method def shared_secret_challenge_response_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - SharedSecretChallengeResponseType_, xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponseType_, xml_string) class PublicKeyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PublicKeyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PublicKeyType element""" - c_tag = 'PublicKeyType' + c_tag = "PublicKeyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['keyValidation'] = ('key_validation', 'None', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - key_validation=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["keyValidation"] = ("key_validation", "None", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + key_validation=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.key_validation = key_validation @@ -729,9 +749,9 @@ def public_key_type__from_string(xml_string): class GoverningAgreements(GoverningAgreementsType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreements element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:GoverningAgreements element""" - c_tag = 'GoverningAgreements' + c_tag = "GoverningAgreements" c_namespace = NAMESPACE c_children = GoverningAgreementsType_.c_children.copy() c_attributes = GoverningAgreementsType_.c_attributes.copy() @@ -744,48 +764,47 @@ def governing_agreements_from_string(xml_string): class PasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PasswordType element""" - c_tag = 'PasswordType' + c_tag = "PasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'alphabet', 'generation', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "alphabet", "generation", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -799,42 +818,46 @@ def password_type__from_string(xml_string): class RestrictedPasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:RestrictedPasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:RestrictedPasswordType element""" - c_tag = 'RestrictedPasswordType' + c_tag = "RestrictedPasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Length'] = ( - 'length', RestrictedPasswordType_Length) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'generation', 'extension']) - - def __init__(self, - length=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Length"] = ( + "length", + RestrictedPasswordType_Length, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "generation", "extension"]) + + def __init__( + self, + length=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.generation = generation @@ -843,39 +866,42 @@ def __init__(self, def restricted_password_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_, xml_string) class TokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TokenType element""" - c_tag = 'TokenType' + c_tag = "TokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}TimeSyncToken'] = ( - 'time_sync_token', TimeSyncToken) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['time_sync_token', 'extension']) - - def __init__(self, - time_sync_token=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}TimeSyncToken"] = ( + "time_sync_token", + TimeSyncToken, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["time_sync_token", "extension"]) + + def __init__( + self, + time_sync_token=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.time_sync_token = time_sync_token self.extension = extension or [] @@ -886,42 +912,45 @@ def token_type__from_string(xml_string): class ActivationLimitType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimitType element""" - c_tag = 'ActivationLimitType' + c_tag = "ActivationLimitType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimitDuration'] = ( - 'activation_limit_duration', ActivationLimitDuration) - c_cardinality['activation_limit_duration'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimitUsages'] = ( - 'activation_limit_usages', ActivationLimitUsages) - c_cardinality['activation_limit_usages'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimitSession'] = ( - 'activation_limit_session', ActivationLimitSession) - c_cardinality['activation_limit_session'] = {"min": 0, "max": 1} - c_child_order.extend( - ['activation_limit_duration', 'activation_limit_usages', - 'activation_limit_session']) - - def __init__(self, - activation_limit_duration=None, - activation_limit_usages=None, - activation_limit_session=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimitDuration"] = ( + "activation_limit_duration", + ActivationLimitDuration, + ) + c_cardinality["activation_limit_duration"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimitUsages"] = ( + "activation_limit_usages", + ActivationLimitUsages, + ) + c_cardinality["activation_limit_usages"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimitSession"] = ( + "activation_limit_session", + ActivationLimitSession, + ) + c_cardinality["activation_limit_session"] = {"min": 0, "max": 1} + c_child_order.extend(["activation_limit_duration", "activation_limit_usages", "activation_limit_session"]) + + def __init__( + self, + activation_limit_duration=None, + activation_limit_usages=None, + activation_limit_session=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_limit_duration = activation_limit_duration self.activation_limit_usages = activation_limit_usages @@ -933,30 +962,33 @@ def activation_limit_type__from_string(xml_string): class ExtensionOnlyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ExtensionOnlyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ExtensionOnlyType element""" - c_tag = 'ExtensionOnlyType' + c_tag = "ExtensionOnlyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] @@ -966,9 +998,9 @@ def extension_only_type__from_string(xml_string): class WrittenConsent(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:WrittenConsent element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:WrittenConsent element""" - c_tag = 'WrittenConsent' + c_tag = "WrittenConsent" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -981,9 +1013,9 @@ def written_consent_from_string(xml_string): class SubscriberLineNumber(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SubscriberLineNumber element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SubscriberLineNumber element""" - c_tag = 'SubscriberLineNumber' + c_tag = "SubscriberLineNumber" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -996,9 +1028,9 @@ def subscriber_line_number_from_string(xml_string): class UserSuffix(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:UserSuffix element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:UserSuffix element""" - c_tag = 'UserSuffix' + c_tag = "UserSuffix" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1011,9 +1043,9 @@ def user_suffix_from_string(xml_string): class Password(PasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Password element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Password element""" - c_tag = 'Password' + c_tag = "Password" c_namespace = NAMESPACE c_children = PasswordType_.c_children.copy() c_attributes = PasswordType_.c_attributes.copy() @@ -1026,9 +1058,9 @@ def password_from_string(xml_string): class Token(TokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Token element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Token element""" - c_tag = 'Token' + c_tag = "Token" c_namespace = NAMESPACE c_children = TokenType_.c_children.copy() c_attributes = TokenType_.c_attributes.copy() @@ -1041,9 +1073,9 @@ def token_from_string(xml_string): class Smartcard(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Smartcard element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Smartcard element""" - c_tag = 'Smartcard' + c_tag = "Smartcard" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1056,9 +1088,9 @@ def smartcard_from_string(xml_string): class ActivationLimit(ActivationLimitType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationLimit element""" - c_tag = 'ActivationLimit' + c_tag = "ActivationLimit" c_namespace = NAMESPACE c_children = ActivationLimitType_.c_children.copy() c_attributes = ActivationLimitType_.c_attributes.copy() @@ -1071,9 +1103,9 @@ def activation_limit_from_string(xml_string): class PreviousSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PreviousSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PreviousSession element""" - c_tag = 'PreviousSession' + c_tag = "PreviousSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1086,9 +1118,9 @@ def previous_session_from_string(xml_string): class ResumeSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ResumeSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ResumeSession element""" - c_tag = 'ResumeSession' + c_tag = "ResumeSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1101,9 +1133,9 @@ def resume_session_from_string(xml_string): class ZeroKnowledge(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ZeroKnowledge element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ZeroKnowledge element""" - c_tag = 'ZeroKnowledge' + c_tag = "ZeroKnowledge" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1116,9 +1148,9 @@ def zero_knowledge_from_string(xml_string): class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SharedSecretChallengeResponse element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SharedSecretChallengeResponse element""" - c_tag = 'SharedSecretChallengeResponse' + c_tag = "SharedSecretChallengeResponse" c_namespace = NAMESPACE c_children = SharedSecretChallengeResponseType_.c_children.copy() c_attributes = SharedSecretChallengeResponseType_.c_attributes.copy() @@ -1127,14 +1159,13 @@ class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): def shared_secret_challenge_response_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, xml_string) class DigSig(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:DigSig element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:DigSig element""" - c_tag = 'DigSig' + c_tag = "DigSig" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1147,9 +1178,9 @@ def dig_sig_from_string(xml_string): class AsymmetricDecryption(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AsymmetricDecryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AsymmetricDecryption element""" - c_tag = 'AsymmetricDecryption' + c_tag = "AsymmetricDecryption" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1162,9 +1193,9 @@ def asymmetric_decryption_from_string(xml_string): class AsymmetricKeyAgreement(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AsymmetricKeyAgreement element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AsymmetricKeyAgreement element""" - c_tag = 'AsymmetricKeyAgreement' + c_tag = "AsymmetricKeyAgreement" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1173,14 +1204,13 @@ class AsymmetricKeyAgreement(PublicKeyType_): def asymmetric_key_agreement_from_string(xml_string): - return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, - xml_string) + return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, xml_string) class IPAddress(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:IPAddress element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:IPAddress element""" - c_tag = 'IPAddress' + c_tag = "IPAddress" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1193,9 +1223,9 @@ def ip_address_from_string(xml_string): class SharedSecretDynamicPlaintext(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SharedSecretDynamicPlaintext element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SharedSecretDynamicPlaintext element""" - c_tag = 'SharedSecretDynamicPlaintext' + c_tag = "SharedSecretDynamicPlaintext" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1204,14 +1234,13 @@ class SharedSecretDynamicPlaintext(ExtensionOnlyType_): def shared_secret_dynamic_plaintext_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, xml_string) class HTTP(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:HTTP element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:HTTP element""" - c_tag = 'HTTP' + c_tag = "HTTP" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1224,9 +1253,9 @@ def http_from_string(xml_string): class IPSec(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:IPSec element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:IPSec element""" - c_tag = 'IPSec' + c_tag = "IPSec" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1239,9 +1268,9 @@ def ip_sec_from_string(xml_string): class WTLS(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:WTLS element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:WTLS element""" - c_tag = 'WTLS' + c_tag = "WTLS" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1254,9 +1283,9 @@ def wtls_from_string(xml_string): class MobileNetworkNoEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:MobileNetworkNoEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:MobileNetworkNoEncryption element""" - c_tag = 'MobileNetworkNoEncryption' + c_tag = "MobileNetworkNoEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1265,14 +1294,13 @@ class MobileNetworkNoEncryption(ExtensionOnlyType_): def mobile_network_no_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, xml_string) class MobileNetworkRadioEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:MobileNetworkRadioEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:MobileNetworkRadioEncryption element""" - c_tag = 'MobileNetworkRadioEncryption' + c_tag = "MobileNetworkRadioEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1281,14 +1309,13 @@ class MobileNetworkRadioEncryption(ExtensionOnlyType_): def mobile_network_radio_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, xml_string) class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:MobileNetworkEndToEndEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:MobileNetworkEndToEndEncryption element""" - c_tag = 'MobileNetworkEndToEndEncryption' + c_tag = "MobileNetworkEndToEndEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1297,14 +1324,13 @@ class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): def mobile_network_end_to_end_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, xml_string) class SSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SSL element""" - c_tag = 'SSL' + c_tag = "SSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1317,9 +1343,9 @@ def ssl_from_string(xml_string): class PSTN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PSTN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PSTN element""" - c_tag = 'PSTN' + c_tag = "PSTN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1332,9 +1358,9 @@ def pstn_from_string(xml_string): class ISDN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ISDN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ISDN element""" - c_tag = 'ISDN' + c_tag = "ISDN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1347,9 +1373,9 @@ def isdn_from_string(xml_string): class ADSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ADSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ADSL element""" - c_tag = 'ADSL' + c_tag = "ADSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1362,9 +1388,9 @@ def adsl_from_string(xml_string): class SwitchAudit(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SwitchAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SwitchAudit element""" - c_tag = 'SwitchAudit' + c_tag = "SwitchAudit" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1377,9 +1403,9 @@ def switch_audit_from_string(xml_string): class DeactivationCallCenter(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:DeactivationCallCenter element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:DeactivationCallCenter element""" - c_tag = 'DeactivationCallCenter' + c_tag = "DeactivationCallCenter" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1388,54 +1414,57 @@ class DeactivationCallCenter(ExtensionOnlyType_): def deactivation_call_center_from_string(xml_string): - return saml2.create_class_from_xml_string(DeactivationCallCenter, - xml_string) + return saml2.create_class_from_xml_string(DeactivationCallCenter, xml_string) class IdentificationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:IdentificationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:IdentificationType element""" - c_tag = 'IdentificationType' + c_tag = "IdentificationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PhysicalVerification'] = ( - 'physical_verification', PhysicalVerification) - c_cardinality['physical_verification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}WrittenConsent'] = ( - 'written_consent', WrittenConsent) - c_cardinality['written_consent'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['nym'] = ('nym', NymType_, False) - c_child_order.extend( - ['physical_verification', 'written_consent', 'governing_agreements', - 'extension']) - - def __init__(self, - physical_verification=None, - written_consent=None, - governing_agreements=None, - extension=None, - nym=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PhysicalVerification"] = ( + "physical_verification", + PhysicalVerification, + ) + c_cardinality["physical_verification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}WrittenConsent"] = ( + "written_consent", + WrittenConsent, + ) + c_cardinality["written_consent"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["nym"] = ("nym", NymType_, False) + c_child_order.extend(["physical_verification", "written_consent", "governing_agreements", "extension"]) + + def __init__( + self, + physical_verification=None, + written_consent=None, + governing_agreements=None, + extension=None, + nym=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.physical_verification = physical_verification self.written_consent = written_consent @@ -1449,9 +1478,9 @@ def identification_type__from_string(xml_string): class RestrictedPassword(RestrictedPasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:RestrictedPassword element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:RestrictedPassword element""" - c_tag = 'RestrictedPassword' + c_tag = "RestrictedPassword" c_namespace = NAMESPACE c_children = RestrictedPasswordType_.c_children.copy() c_attributes = RestrictedPasswordType_.c_attributes.copy() @@ -1464,51 +1493,51 @@ def restricted_password_from_string(xml_string): class ActivationPinType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationPinType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationPinType element""" - c_tag = 'ActivationPinType' + c_tag = "ActivationPinType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimit'] = ( - 'activation_limit', ActivationLimit) - c_cardinality['activation_limit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['length', 'alphabet', 'generation', 'activation_limit', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - activation_limit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Generation"] = ( + "generation", + Generation, + ) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationLimit"] = ( + "activation_limit", + ActivationLimit, + ) + c_cardinality["activation_limit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["length", "alphabet", "generation", "activation_limit", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + activation_limit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -1522,35 +1551,39 @@ def activation_pin_type__from_string(xml_string): class SecurityAuditType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecurityAuditType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecurityAuditType element""" - c_tag = 'SecurityAuditType' + c_tag = "SecurityAuditType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SwitchAudit'] = ( - 'switch_audit', SwitchAudit) - c_cardinality['switch_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['switch_audit', 'extension']) - - def __init__(self, - switch_audit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SwitchAudit"] = ( + "switch_audit", + SwitchAudit, + ) + c_cardinality["switch_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["switch_audit", "extension"]) + + def __init__( + self, + switch_audit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.switch_audit = switch_audit self.extension = extension or [] @@ -1561,90 +1594,98 @@ def security_audit_type__from_string(xml_string): class AuthenticatorBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticatorBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticatorBaseType element""" - c_tag = 'AuthenticatorBaseType' + c_tag = "AuthenticatorBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_child_order.extend(['restricted_password']) - - def __init__(self, - restricted_password=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_child_order.extend(["restricted_password"]) + + def __init__( + self, + restricted_password=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.restricted_password = restricted_password def authenticator_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorBaseType_, xml_string) class AuthenticatorTransportProtocolType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticatorTransportProtocolType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticatorTransportProtocolType element""" - c_tag = 'AuthenticatorTransportProtocolType' + c_tag = "AuthenticatorTransportProtocolType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SSL'] = ( - 'ssl', SSL) - c_cardinality['ssl'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}MobileNetworkRadioEncryption'] = ( - 'mobile_network_radio_encryption', MobileNetworkRadioEncryption) - c_cardinality['mobile_network_radio_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}MobileNetworkEndToEndEncryption'] = ( - 'mobile_network_end_to_end_encryption', MobileNetworkEndToEndEncryption) - c_cardinality['mobile_network_end_to_end_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}WTLS'] = ( - 'wtls', WTLS) - c_cardinality['wtls'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}IPSec'] = ( - 'ip_sec', IPSec) - c_cardinality['ip_sec'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['ssl', 'mobile_network_radio_encryption', - 'mobile_network_end_to_end_encryption', 'wtls', - 'ip_sec', 'extension']) - - def __init__(self, - ssl=None, - mobile_network_radio_encryption=None, - mobile_network_end_to_end_encryption=None, - wtls=None, - ip_sec=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SSL"] = ("ssl", SSL) + c_cardinality["ssl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}MobileNetworkRadioEncryption"] = ( + "mobile_network_radio_encryption", + MobileNetworkRadioEncryption, + ) + c_cardinality["mobile_network_radio_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}MobileNetworkEndToEndEncryption"] = ( + "mobile_network_end_to_end_encryption", + MobileNetworkEndToEndEncryption, + ) + c_cardinality["mobile_network_end_to_end_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}WTLS"] = ("wtls", WTLS) + c_cardinality["wtls"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}IPSec"] = ("ip_sec", IPSec) + c_cardinality["ip_sec"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + [ + "ssl", + "mobile_network_radio_encryption", + "mobile_network_end_to_end_encryption", + "wtls", + "ip_sec", + "extension", + ] + ) + + def __init__( + self, + ssl=None, + mobile_network_radio_encryption=None, + mobile_network_end_to_end_encryption=None, + wtls=None, + ip_sec=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.ssl = ssl self.mobile_network_radio_encryption = mobile_network_radio_encryption @@ -1655,14 +1696,13 @@ def __init__(self, def authenticator_transport_protocol_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - AuthenticatorTransportProtocolType_, xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocolType_, xml_string) class Identification(IdentificationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Identification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Identification element""" - c_tag = 'Identification' + c_tag = "Identification" c_namespace = NAMESPACE c_children = IdentificationType_.c_children.copy() c_attributes = IdentificationType_.c_attributes.copy() @@ -1675,9 +1715,9 @@ def identification_from_string(xml_string): class ActivationPin(ActivationPinType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationPin element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ActivationPin element""" - c_tag = 'ActivationPin' + c_tag = "ActivationPin" c_namespace = NAMESPACE c_children = ActivationPinType_.c_children.copy() c_attributes = ActivationPinType_.c_attributes.copy() @@ -1690,9 +1730,9 @@ def activation_pin_from_string(xml_string): class Authenticator(AuthenticatorBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Authenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:Authenticator element""" - c_tag = 'Authenticator' + c_tag = "Authenticator" c_namespace = NAMESPACE c_children = AuthenticatorBaseType_.c_children.copy() c_attributes = AuthenticatorBaseType_.c_attributes.copy() @@ -1705,9 +1745,9 @@ def authenticator_from_string(xml_string): class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticatorTransportProtocol element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticatorTransportProtocol element""" - c_tag = 'AuthenticatorTransportProtocol' + c_tag = "AuthenticatorTransportProtocol" c_namespace = NAMESPACE c_children = AuthenticatorTransportProtocolType_.c_children.copy() c_attributes = AuthenticatorTransportProtocolType_.c_attributes.copy() @@ -1716,14 +1756,13 @@ class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): def authenticator_transport_protocol_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, xml_string) class SecurityAudit(SecurityAuditType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecurityAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecurityAudit element""" - c_tag = 'SecurityAudit' + c_tag = "SecurityAudit" c_namespace = NAMESPACE c_children = SecurityAuditType_.c_children.copy() c_attributes = SecurityAuditType_.c_attributes.copy() @@ -1736,41 +1775,45 @@ def security_audit_from_string(xml_string): class OperationalProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:OperationalProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:OperationalProtectionType element""" - c_tag = 'OperationalProtectionType' + c_tag = "OperationalProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SecurityAudit'] = ( - 'security_audit', SecurityAudit) - c_cardinality['security_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}DeactivationCallCenter'] = ( - 'deactivation_call_center', DeactivationCallCenter) - c_cardinality['deactivation_call_center'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['security_audit', 'deactivation_call_center', 'extension']) - - def __init__(self, - security_audit=None, - deactivation_call_center=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SecurityAudit"] = ( + "security_audit", + SecurityAudit, + ) + c_cardinality["security_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}DeactivationCallCenter"] = ( + "deactivation_call_center", + DeactivationCallCenter, + ) + c_cardinality["deactivation_call_center"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["security_audit", "deactivation_call_center", "extension"]) + + def __init__( + self, + security_audit=None, + deactivation_call_center=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.security_audit = security_audit self.deactivation_call_center = deactivation_call_center @@ -1778,64 +1821,63 @@ def __init__(self, def operational_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(OperationalProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(OperationalProtectionType_, xml_string) class PrincipalAuthenticationMechanismType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrincipalAuthenticationMechanismType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrincipalAuthenticationMechanismType element""" - c_tag = 'PrincipalAuthenticationMechanismType' + c_tag = "PrincipalAuthenticationMechanismType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Token'] = ( - 'token', Token) - c_cardinality['token'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Smartcard'] = ( - 'smartcard', Smartcard) - c_cardinality['smartcard'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['preauth'] = ('preauth', 'integer', False) - c_child_order.extend( - ['password', 'restricted_password', 'token', 'smartcard', - 'activation_pin', 'extension']) - - def __init__(self, - password=None, - restricted_password=None, - token=None, - smartcard=None, - activation_pin=None, - extension=None, - preauth=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Token"] = ("token", Token) + c_cardinality["token"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Smartcard"] = ( + "smartcard", + Smartcard, + ) + c_cardinality["smartcard"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationPin"] = ( + "activation_pin", + ActivationPin, + ) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["preauth"] = ("preauth", "integer", False) + c_child_order.extend(["password", "restricted_password", "token", "smartcard", "activation_pin", "extension"]) + + def __init__( + self, + password=None, + restricted_password=None, + token=None, + smartcard=None, + activation_pin=None, + extension=None, + preauth=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.password = password self.restricted_password = restricted_password @@ -1847,40 +1889,43 @@ def __init__(self, def principal_authentication_mechanism_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - PrincipalAuthenticationMechanismType_, xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanismType_, xml_string) class KeyActivationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyActivationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyActivationType element""" - c_tag = 'KeyActivationType' + c_tag = "KeyActivationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['activation_pin', 'extension']) - - def __init__(self, - activation_pin=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ActivationPin"] = ( + "activation_pin", + ActivationPin, + ) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["activation_pin", "extension"]) + + def __init__( + self, + activation_pin=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_pin = activation_pin self.extension = extension or [] @@ -1891,9 +1936,9 @@ def key_activation_type__from_string(xml_string): class KeyActivation(KeyActivationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyActivation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:KeyActivation element""" - c_tag = 'KeyActivation' + c_tag = "KeyActivation" c_namespace = NAMESPACE c_children = KeyActivationType_.c_children.copy() c_attributes = KeyActivationType_.c_attributes.copy() @@ -1906,9 +1951,9 @@ def key_activation_from_string(xml_string): class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrincipalAuthenticationMechanism element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrincipalAuthenticationMechanism element""" - c_tag = 'PrincipalAuthenticationMechanism' + c_tag = "PrincipalAuthenticationMechanism" c_namespace = NAMESPACE c_children = PrincipalAuthenticationMechanismType_.c_children.copy() c_attributes = PrincipalAuthenticationMechanismType_.c_attributes.copy() @@ -1917,14 +1962,13 @@ class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): def principal_authentication_mechanism_from_string(xml_string): - return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, - xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, xml_string) class OperationalProtection(OperationalProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:OperationalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:OperationalProtection element""" - c_tag = 'OperationalProtection' + c_tag = "OperationalProtection" c_namespace = NAMESPACE c_children = OperationalProtectionType_.c_children.copy() c_attributes = OperationalProtectionType_.c_attributes.copy() @@ -1937,48 +1981,51 @@ def operational_protection_from_string(xml_string): class PrivateKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrivateKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrivateKeyProtectionType element""" - c_tag = 'PrivateKeyProtectionType' + c_tag = "PrivateKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyStorage'] = ( - - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeySharing'] = ( - 'key_sharing', KeySharing) - c_cardinality['key_sharing'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport' \ - '}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['key_activation', 'key_storage', 'key_sharing', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - key_sharing=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyStorage"] = ( + "key_storage", + KeyStorage, + ) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeySharing"] = ( + "key_sharing", + KeySharing, + ) + c_cardinality["key_sharing"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" "}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "key_sharing", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + key_sharing=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -1987,45 +2034,49 @@ def __init__(self, def private_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, xml_string) class SecretKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecretKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecretKeyProtectionType element""" - c_tag = 'SecretKeyProtectionType' + c_tag = "SecretKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['key_activation', 'key_storage', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}KeyStorage"] = ( + "key_storage", + KeyStorage, + ) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -2033,49 +2084,54 @@ def __init__(self, def secret_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SecretKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(SecretKeyProtectionType_, xml_string) class AuthnMethodBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthnMethodBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthnMethodBaseType element""" - c_tag = 'AuthnMethodBaseType' + c_tag = "AuthnMethodBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PrincipalAuthenticationMechanism'] = ( - 'principal_authentication_mechanism', PrincipalAuthenticationMechanism) - c_cardinality['principal_authentication_mechanism'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Authenticator'] = ( - 'authenticator', Authenticator) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AuthenticatorTransportProtocol'] = ( - 'authenticator_transport_protocol', AuthenticatorTransportProtocol) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['principal_authentication_mechanism', 'authenticator', - 'authenticator_transport_protocol', 'extension']) - - def __init__(self, - principal_authentication_mechanism=None, - authenticator=None, - authenticator_transport_protocol=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + "{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PrincipalAuthenticationMechanism" + ] = ("principal_authentication_mechanism", PrincipalAuthenticationMechanism) + c_cardinality["principal_authentication_mechanism"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Authenticator"] = ( + "authenticator", + Authenticator, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AuthenticatorTransportProtocol"] = ( + "authenticator_transport_protocol", + AuthenticatorTransportProtocol, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + ["principal_authentication_mechanism", "authenticator", "authenticator_transport_protocol", "extension"] + ) + + def __init__( + self, + principal_authentication_mechanism=None, + authenticator=None, + authenticator_transport_protocol=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.principal_authentication_mechanism = principal_authentication_mechanism self.authenticator = authenticator @@ -2088,9 +2144,9 @@ def authn_method_base_type__from_string(xml_string): class SecretKeyProtection(SecretKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecretKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:SecretKeyProtection element""" - c_tag = 'SecretKeyProtection' + c_tag = "SecretKeyProtection" c_namespace = NAMESPACE c_children = SecretKeyProtectionType_.c_children.copy() c_attributes = SecretKeyProtectionType_.c_attributes.copy() @@ -2103,9 +2159,9 @@ def secret_key_protection_from_string(xml_string): class PrivateKeyProtection(PrivateKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrivateKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:PrivateKeyProtection element""" - c_tag = 'PrivateKeyProtection' + c_tag = "PrivateKeyProtection" c_namespace = NAMESPACE c_children = PrivateKeyProtectionType_.c_children.copy() c_attributes = PrivateKeyProtectionType_.c_attributes.copy() @@ -2118,9 +2174,9 @@ def private_key_protection_from_string(xml_string): class AuthnMethod(AuthnMethodBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthnMethod element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthnMethod element""" - c_tag = 'AuthnMethod' + c_tag = "AuthnMethod" c_namespace = NAMESPACE c_children = AuthnMethodBaseType_.c_children.copy() c_attributes = AuthnMethodBaseType_.c_attributes.copy() @@ -2133,42 +2189,45 @@ def authn_method_from_string(xml_string): class TechnicalProtectionBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TechnicalProtectionBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TechnicalProtectionBaseType element""" - c_tag = 'TechnicalProtectionBaseType' + c_tag = "TechnicalProtectionBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PrivateKeyProtection'] = ( - 'private_key_protection', PrivateKeyProtection) - c_cardinality['private_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SecretKeyProtection'] = ( - 'secret_key_protection', SecretKeyProtection) - c_cardinality['secret_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport' \ - '}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['private_key_protection', 'secret_key_protection', 'extension']) - - def __init__(self, - private_key_protection=None, - secret_key_protection=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PrivateKeyProtection"] = ( + "private_key_protection", + PrivateKeyProtection, + ) + c_cardinality["private_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SecretKeyProtection"] = ( + "secret_key_protection", + SecretKeyProtection, + ) + c_cardinality["secret_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" "}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["private_key_protection", "secret_key_protection", "extension"]) + + def __init__( + self, + private_key_protection=None, + secret_key_protection=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.private_key_protection = private_key_protection self.secret_key_protection = secret_key_protection @@ -2176,14 +2235,13 @@ def __init__(self, def technical_protection_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, - xml_string) + return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, xml_string) class TechnicalProtection(TechnicalProtectionBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TechnicalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:TechnicalProtection element""" - c_tag = 'TechnicalProtection' + c_tag = "TechnicalProtection" c_namespace = NAMESPACE c_children = TechnicalProtectionBaseType_.c_children.copy() c_attributes = TechnicalProtectionBaseType_.c_attributes.copy() @@ -2196,58 +2254,73 @@ def technical_protection_from_string(xml_string): class AuthnContextDeclarationBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthnContextDeclarationBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthnContextDeclarationBaseType element""" - c_tag = 'AuthnContextDeclarationBaseType' + c_tag = "AuthnContextDeclarationBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Identification'] = ( - 'identification', Identification) - c_cardinality['identification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}TechnicalProtection'] = ( - 'technical_protection', TechnicalProtection) - c_cardinality['technical_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}OperationalProtection'] = ( - 'operational_protection', OperationalProtection) - c_cardinality['operational_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AuthnMethod'] = ( - 'authn_method', AuthnMethod) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ID'] = ('id', 'ID', False) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Identification"] = ( + "identification", + Identification, + ) + c_cardinality["identification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}TechnicalProtection"] = ( + "technical_protection", + TechnicalProtection, + ) + c_cardinality["technical_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}OperationalProtection"] = ( + "operational_protection", + OperationalProtection, + ) + c_cardinality["operational_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AuthnMethod"] = ( + "authn_method", + AuthnMethod, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} + c_attributes["ID"] = ("id", "ID", False) c_child_order.extend( - ['identification', 'technical_protection', 'operational_protection', - 'authn_method', 'governing_agreements', 'extension']) - - def __init__(self, - identification=None, - technical_protection=None, - operational_protection=None, - authn_method=None, - governing_agreements=None, - extension=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "identification", + "technical_protection", + "operational_protection", + "authn_method", + "governing_agreements", + "extension", + ] + ) + + def __init__( + self, + identification=None, + technical_protection=None, + operational_protection=None, + authn_method=None, + governing_agreements=None, + extension=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.identification = identification self.technical_protection = technical_protection @@ -2259,14 +2332,13 @@ def __init__(self, def authn_context_declaration_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, xml_string) class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticationContextDeclaration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:AuthenticationContextDeclaration element""" - c_tag = 'AuthenticationContextDeclaration' + c_tag = "AuthenticationContextDeclaration" c_namespace = NAMESPACE c_children = AuthnContextDeclarationBaseType_.c_children.copy() c_attributes = AuthnContextDeclarationBaseType_.c_attributes.copy() @@ -2275,109 +2347,129 @@ class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): def authentication_context_declaration_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, - xml_string) + return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, xml_string) class ComplexAuthenticatorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ComplexAuthenticatorType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ComplexAuthenticatorType element""" - c_tag = 'ComplexAuthenticatorType' + c_tag = "ComplexAuthenticatorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PreviousSession'] = ( - - 'previous_session', PreviousSession) - c_cardinality['previous_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ResumeSession'] = ( - 'resume_session', ResumeSession) - c_cardinality['resume_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}DigSig'] = ( - 'dig_sig', DigSig) - c_cardinality['dig_sig'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ZeroKnowledge'] = ( - 'zero_knowledge', ZeroKnowledge) - c_cardinality['zero_knowledge'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}IPAddress'] = ( - 'ip_address', IPAddress) - c_cardinality['ip_address'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AsymmetricDecryption'] = ( - 'asymmetric_decryption', AsymmetricDecryption) - c_cardinality['asymmetric_decryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AsymmetricKeyAgreement'] = ( - 'asymmetric_key_agreement', AsymmetricKeyAgreement) - c_cardinality['asymmetric_key_agreement'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SubscriberLineNumber'] = ( - 'subscriber_line_number', SubscriberLineNumber) - c_cardinality['subscriber_line_number'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}UserSuffix'] = ( - 'user_suffix', UserSuffix) - c_cardinality['user_suffix'] = {"min": 0, "max": 1} - c_cardinality['complex_authenticator'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}PreviousSession"] = ( + "previous_session", + PreviousSession, + ) + c_cardinality["previous_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ResumeSession"] = ( + "resume_session", + ResumeSession, + ) + c_cardinality["resume_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}DigSig"] = ("dig_sig", DigSig) + c_cardinality["dig_sig"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ZeroKnowledge"] = ( + "zero_knowledge", + ZeroKnowledge, + ) + c_cardinality["zero_knowledge"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}IPAddress"] = ( + "ip_address", + IPAddress, + ) + c_cardinality["ip_address"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AsymmetricDecryption"] = ( + "asymmetric_decryption", + AsymmetricDecryption, + ) + c_cardinality["asymmetric_decryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}AsymmetricKeyAgreement"] = ( + "asymmetric_key_agreement", + AsymmetricKeyAgreement, + ) + c_cardinality["asymmetric_key_agreement"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}SubscriberLineNumber"] = ( + "subscriber_line_number", + SubscriberLineNumber, + ) + c_cardinality["subscriber_line_number"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}UserSuffix"] = ( + "user_suffix", + UserSuffix, + ) + c_cardinality["user_suffix"] = {"min": 0, "max": 1} + c_cardinality["complex_authenticator"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}Extension"] = ( + "extension", + [Extension], + ) + c_cardinality["extension"] = {"min": 0} c_child_order.extend( - ['previous_session', 'resume_session', 'dig_sig', 'password', - 'restricted_password', 'zero_knowledge', - 'shared_secret_challenge_response', 'shared_secret_dynamic_plaintext', - 'ip_address', 'asymmetric_decryption', 'asymmetric_key_agreement', - 'subscriber_line_number', 'user_suffix', 'complex_authenticator', - 'extension']) - - def __init__(self, - previous_session=None, - resume_session=None, - dig_sig=None, - password=None, - restricted_password=None, - zero_knowledge=None, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - ip_address=None, - asymmetric_decryption=None, - asymmetric_key_agreement=None, - subscriber_line_number=None, - user_suffix=None, - complex_authenticator=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "previous_session", + "resume_session", + "dig_sig", + "password", + "restricted_password", + "zero_knowledge", + "shared_secret_challenge_response", + "shared_secret_dynamic_plaintext", + "ip_address", + "asymmetric_decryption", + "asymmetric_key_agreement", + "subscriber_line_number", + "user_suffix", + "complex_authenticator", + "extension", + ] + ) + + def __init__( + self, + previous_session=None, + resume_session=None, + dig_sig=None, + password=None, + restricted_password=None, + zero_knowledge=None, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + ip_address=None, + asymmetric_decryption=None, + asymmetric_key_agreement=None, + subscriber_line_number=None, + user_suffix=None, + complex_authenticator=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.previous_session = previous_session self.resume_session = resume_session @@ -2397,14 +2489,13 @@ def __init__(self, def complex_authenticator_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, - xml_string) + return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, xml_string) class ComplexAuthenticator(ComplexAuthenticatorType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ComplexAuthenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport:ComplexAuthenticator element""" - c_tag = 'ComplexAuthenticator' + c_tag = "ComplexAuthenticator" c_namespace = NAMESPACE c_children = ComplexAuthenticatorType_.c_children.copy() c_attributes = ComplexAuthenticatorType_.c_attributes.copy() @@ -2418,11 +2509,11 @@ def complex_authenticator_from_string(xml_string): # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ComplexAuthenticatorType_.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) + "{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ComplexAuthenticator" +] = ("complex_authenticator", ComplexAuthenticator) ComplexAuthenticator.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) + "{urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport}ComplexAuthenticator" +] = ("complex_authenticator", ComplexAuthenticator) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ELEMENT_FROM_STRING = { @@ -2522,102 +2613,101 @@ def complex_authenticator_from_string(xml_string): } ELEMENT_BY_TAG = { - 'AuthenticationContextDeclaration': AuthenticationContextDeclaration, - 'Identification': Identification, - 'PhysicalVerification': PhysicalVerification, - 'WrittenConsent': WrittenConsent, - 'TechnicalProtection': TechnicalProtection, - 'SecretKeyProtection': SecretKeyProtection, - 'PrivateKeyProtection': PrivateKeyProtection, - 'KeyActivation': KeyActivation, - 'KeySharing': KeySharing, - 'KeyStorage': KeyStorage, - 'SubscriberLineNumber': SubscriberLineNumber, - 'UserSuffix': UserSuffix, - 'Password': Password, - 'ActivationPin': ActivationPin, - 'Token': Token, - 'TimeSyncToken': TimeSyncToken, - 'Smartcard': Smartcard, - 'Length': Length, - 'ActivationLimit': ActivationLimit, - 'Generation': Generation, - 'AuthnMethod': AuthnMethod, - 'PrincipalAuthenticationMechanism': PrincipalAuthenticationMechanism, - 'Authenticator': Authenticator, - 'ComplexAuthenticator': ComplexAuthenticator, - 'PreviousSession': PreviousSession, - 'ResumeSession': ResumeSession, - 'ZeroKnowledge': ZeroKnowledge, - 'SharedSecretChallengeResponse': SharedSecretChallengeResponse, - 'SharedSecretChallengeResponseType': SharedSecretChallengeResponseType_, - 'DigSig': DigSig, - 'AsymmetricDecryption': AsymmetricDecryption, - 'AsymmetricKeyAgreement': AsymmetricKeyAgreement, - 'PublicKeyType': PublicKeyType_, - 'IPAddress': IPAddress, - 'SharedSecretDynamicPlaintext': SharedSecretDynamicPlaintext, - 'AuthenticatorTransportProtocol': AuthenticatorTransportProtocol, - 'HTTP': HTTP, - 'IPSec': IPSec, - 'WTLS': WTLS, - 'MobileNetworkNoEncryption': MobileNetworkNoEncryption, - 'MobileNetworkRadioEncryption': MobileNetworkRadioEncryption, - 'MobileNetworkEndToEndEncryption': MobileNetworkEndToEndEncryption, - 'SSL': SSL, - 'PSTN': PSTN, - 'ISDN': ISDN, - 'ADSL': ADSL, - 'OperationalProtection': OperationalProtection, - 'SecurityAudit': SecurityAudit, - 'SwitchAudit': SwitchAudit, - 'DeactivationCallCenter': DeactivationCallCenter, - 'GoverningAgreements': GoverningAgreements, - 'GoverningAgreementRef': GoverningAgreementRef, - 'nymType': NymType_, - 'IdentificationType': IdentificationType_, - 'TechnicalProtectionBaseType': TechnicalProtectionBaseType_, - 'OperationalProtectionType': OperationalProtectionType_, - 'GoverningAgreementsType': GoverningAgreementsType_, - 'GoverningAgreementRefType': GoverningAgreementRefType_, - 'PrincipalAuthenticationMechanismType': PrincipalAuthenticationMechanismType_, - 'ComplexAuthenticatorType': ComplexAuthenticatorType_, - 'KeyActivationType': KeyActivationType_, - 'KeySharingType': KeySharingType_, - 'PrivateKeyProtectionType': PrivateKeyProtectionType_, - 'PasswordType': PasswordType_, - 'RestrictedPassword': RestrictedPassword, - 'RestrictedPasswordType': RestrictedPasswordType_, - 'RestrictedLengthType': RestrictedLengthType_, - 'ActivationPinType': ActivationPinType_, - 'Alphabet': Alphabet, - 'AlphabetType': AlphabetType_, - 'TokenType': TokenType_, - 'DeviceTypeType': DeviceTypeType_, - 'booleanType': BooleanType_, - 'TimeSyncTokenType': TimeSyncTokenType_, - 'ActivationLimitType': ActivationLimitType_, - 'ActivationLimitDuration': ActivationLimitDuration, - 'ActivationLimitUsages': ActivationLimitUsages, - 'ActivationLimitSession': ActivationLimitSession, - 'ActivationLimitDurationType': ActivationLimitDurationType_, - 'ActivationLimitUsagesType': ActivationLimitUsagesType_, - 'ActivationLimitSessionType': ActivationLimitSessionType_, - 'LengthType': LengthType_, - 'mediumType': MediumType_, - 'KeyStorageType': KeyStorageType_, - 'SecretKeyProtectionType': SecretKeyProtectionType_, - 'SecurityAuditType': SecurityAuditType_, - 'ExtensionOnlyType': ExtensionOnlyType_, - 'Extension': Extension, - 'ExtensionType': ExtensionType_, - 'AuthnContextDeclarationBaseType': AuthnContextDeclarationBaseType_, - 'AuthnMethodBaseType': AuthnMethodBaseType_, - 'AuthenticatorBaseType': AuthenticatorBaseType_, - 'AuthenticatorTransportProtocolType': AuthenticatorTransportProtocolType_, + "AuthenticationContextDeclaration": AuthenticationContextDeclaration, + "Identification": Identification, + "PhysicalVerification": PhysicalVerification, + "WrittenConsent": WrittenConsent, + "TechnicalProtection": TechnicalProtection, + "SecretKeyProtection": SecretKeyProtection, + "PrivateKeyProtection": PrivateKeyProtection, + "KeyActivation": KeyActivation, + "KeySharing": KeySharing, + "KeyStorage": KeyStorage, + "SubscriberLineNumber": SubscriberLineNumber, + "UserSuffix": UserSuffix, + "Password": Password, + "ActivationPin": ActivationPin, + "Token": Token, + "TimeSyncToken": TimeSyncToken, + "Smartcard": Smartcard, + "Length": Length, + "ActivationLimit": ActivationLimit, + "Generation": Generation, + "AuthnMethod": AuthnMethod, + "PrincipalAuthenticationMechanism": PrincipalAuthenticationMechanism, + "Authenticator": Authenticator, + "ComplexAuthenticator": ComplexAuthenticator, + "PreviousSession": PreviousSession, + "ResumeSession": ResumeSession, + "ZeroKnowledge": ZeroKnowledge, + "SharedSecretChallengeResponse": SharedSecretChallengeResponse, + "SharedSecretChallengeResponseType": SharedSecretChallengeResponseType_, + "DigSig": DigSig, + "AsymmetricDecryption": AsymmetricDecryption, + "AsymmetricKeyAgreement": AsymmetricKeyAgreement, + "PublicKeyType": PublicKeyType_, + "IPAddress": IPAddress, + "SharedSecretDynamicPlaintext": SharedSecretDynamicPlaintext, + "AuthenticatorTransportProtocol": AuthenticatorTransportProtocol, + "HTTP": HTTP, + "IPSec": IPSec, + "WTLS": WTLS, + "MobileNetworkNoEncryption": MobileNetworkNoEncryption, + "MobileNetworkRadioEncryption": MobileNetworkRadioEncryption, + "MobileNetworkEndToEndEncryption": MobileNetworkEndToEndEncryption, + "SSL": SSL, + "PSTN": PSTN, + "ISDN": ISDN, + "ADSL": ADSL, + "OperationalProtection": OperationalProtection, + "SecurityAudit": SecurityAudit, + "SwitchAudit": SwitchAudit, + "DeactivationCallCenter": DeactivationCallCenter, + "GoverningAgreements": GoverningAgreements, + "GoverningAgreementRef": GoverningAgreementRef, + "nymType": NymType_, + "IdentificationType": IdentificationType_, + "TechnicalProtectionBaseType": TechnicalProtectionBaseType_, + "OperationalProtectionType": OperationalProtectionType_, + "GoverningAgreementsType": GoverningAgreementsType_, + "GoverningAgreementRefType": GoverningAgreementRefType_, + "PrincipalAuthenticationMechanismType": PrincipalAuthenticationMechanismType_, + "ComplexAuthenticatorType": ComplexAuthenticatorType_, + "KeyActivationType": KeyActivationType_, + "KeySharingType": KeySharingType_, + "PrivateKeyProtectionType": PrivateKeyProtectionType_, + "PasswordType": PasswordType_, + "RestrictedPassword": RestrictedPassword, + "RestrictedPasswordType": RestrictedPasswordType_, + "RestrictedLengthType": RestrictedLengthType_, + "ActivationPinType": ActivationPinType_, + "Alphabet": Alphabet, + "AlphabetType": AlphabetType_, + "TokenType": TokenType_, + "DeviceTypeType": DeviceTypeType_, + "booleanType": BooleanType_, + "TimeSyncTokenType": TimeSyncTokenType_, + "ActivationLimitType": ActivationLimitType_, + "ActivationLimitDuration": ActivationLimitDuration, + "ActivationLimitUsages": ActivationLimitUsages, + "ActivationLimitSession": ActivationLimitSession, + "ActivationLimitDurationType": ActivationLimitDurationType_, + "ActivationLimitUsagesType": ActivationLimitUsagesType_, + "ActivationLimitSessionType": ActivationLimitSessionType_, + "LengthType": LengthType_, + "mediumType": MediumType_, + "KeyStorageType": KeyStorageType_, + "SecretKeyProtectionType": SecretKeyProtectionType_, + "SecurityAuditType": SecurityAuditType_, + "ExtensionOnlyType": ExtensionOnlyType_, + "Extension": Extension, + "ExtensionType": ExtensionType_, + "AuthnContextDeclarationBaseType": AuthnContextDeclarationBaseType_, + "AuthnMethodBaseType": AuthnMethodBaseType_, + "AuthenticatorBaseType": AuthenticatorBaseType_, + "AuthenticatorTransportProtocolType": AuthenticatorTransportProtocolType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/authn_context/pword.py b/src/saml2/authn_context/pword.py index e4ddd6016..7e8f6225d 100644 --- a/src/saml2/authn_context/pword.py +++ b/src/saml2/authn_context/pword.py @@ -14,30 +14,32 @@ from saml2 import SamlBase -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:ac:classes:Password' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password" class PhysicalVerification(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PhysicalVerification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PhysicalVerification element""" - c_tag = 'PhysicalVerification' + c_tag = "PhysicalVerification" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['credentialLevel'] = ('credential_level', 'None', False) - - def __init__(self, - credential_level=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["credentialLevel"] = ("credential_level", "None", False) + + def __init__( + self, + credential_level=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.credential_level = credential_level @@ -47,26 +49,28 @@ def physical_verification_from_string(xml_string): class Generation(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Generation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Generation element""" - c_tag = 'Generation' + c_tag = "Generation" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['mechanism'] = ('mechanism', 'None', True) - - def __init__(self, - mechanism=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["mechanism"] = ("mechanism", "None", True) + + def __init__( + self, + mechanism=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.mechanism = mechanism @@ -76,12 +80,11 @@ def generation_from_string(xml_string): class NymType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:nymType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:nymType element""" - c_tag = 'nymType' + c_tag = "nymType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['anonymity', 'verinymity', 'pseudonymity']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["anonymity", "verinymity", "pseudonymity"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -93,57 +96,59 @@ def nym_type__from_string(xml_string): class GoverningAgreementRefType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreementRefType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreementRefType element""" - c_tag = 'GoverningAgreementRefType' + c_tag = "GoverningAgreementRefType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['governingAgreementRef'] = ( - 'governing_agreement_ref', 'anyURI', True) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["governingAgreementRef"] = ("governing_agreement_ref", "anyURI", True) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref def governing_agreement_ref_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementRefType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementRefType_, xml_string) class KeySharingType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeySharingType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeySharingType element""" - c_tag = 'KeySharingType' + c_tag = "KeySharingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['sharing'] = ('sharing', 'boolean', True) - - def __init__(self, - sharing=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["sharing"] = ("sharing", "boolean", True) + + def __init__( + self, + sharing=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.sharing = sharing @@ -153,28 +158,30 @@ def key_sharing_type__from_string(xml_string): class RestrictedLengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:RestrictedLengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:RestrictedLengthType element""" - c_tag = 'RestrictedLengthType' + c_tag = "RestrictedLengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'None', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "None", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -185,30 +192,32 @@ def restricted_length_type__from_string(xml_string): class AlphabetType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AlphabetType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AlphabetType element""" - c_tag = 'AlphabetType' + c_tag = "AlphabetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['requiredChars'] = ('required_chars', 'string', True) - c_attributes['excludedChars'] = ('excluded_chars', 'string', False) - c_attributes['case'] = ('case', 'string', False) - - def __init__(self, - required_chars=None, - excluded_chars=None, - case=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["requiredChars"] = ("required_chars", "string", True) + c_attributes["excludedChars"] = ("excluded_chars", "string", False) + c_attributes["case"] = ("case", "string", False) + + def __init__( + self, + required_chars=None, + excluded_chars=None, + case=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.required_chars = required_chars self.excluded_chars = excluded_chars @@ -220,12 +229,11 @@ def alphabet_type__from_string(xml_string): class DeviceTypeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:DeviceTypeType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:DeviceTypeType element""" - c_tag = 'DeviceTypeType' + c_tag = "DeviceTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['hardware', 'software']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["hardware", "software"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -237,11 +245,11 @@ def device_type_type__from_string(xml_string): class BooleanType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:booleanType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:booleanType element""" - c_tag = 'booleanType' + c_tag = "booleanType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', 'enumeration': ['true', 'false']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["true", "false"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -253,30 +261,32 @@ def boolean_type__from_string(xml_string): class TimeSyncTokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TimeSyncTokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TimeSyncTokenType element""" - c_tag = 'TimeSyncTokenType' + c_tag = "TimeSyncTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['DeviceType'] = ('device_type', DeviceTypeType_, True) - c_attributes['SeedLength'] = ('seed_length', 'integer', True) - c_attributes['DeviceInHand'] = ('device_in_hand', BooleanType_, True) - - def __init__(self, - device_type=None, - seed_length=None, - device_in_hand=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["DeviceType"] = ("device_type", DeviceTypeType_, True) + c_attributes["SeedLength"] = ("seed_length", "integer", True) + c_attributes["DeviceInHand"] = ("device_in_hand", BooleanType_, True) + + def __init__( + self, + device_type=None, + seed_length=None, + device_in_hand=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.device_type = device_type self.seed_length = seed_length @@ -288,69 +298,71 @@ def time_sync_token_type__from_string(xml_string): class ActivationLimitDurationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitDurationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitDurationType element""" - c_tag = 'ActivationLimitDurationType' + c_tag = "ActivationLimitDurationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['duration'] = ('duration', 'duration', True) - - def __init__(self, - duration=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["duration"] = ("duration", "duration", True) + + def __init__( + self, + duration=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.duration = duration def activation_limit_duration_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDurationType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDurationType_, xml_string) class ActivationLimitUsagesType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitUsagesType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitUsagesType element""" - c_tag = 'ActivationLimitUsagesType' + c_tag = "ActivationLimitUsagesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['number'] = ('number', 'integer', True) - - def __init__(self, - number=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["number"] = ("number", "integer", True) + + def __init__( + self, + number=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.number = number def activation_limit_usages_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, xml_string) class ActivationLimitSessionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitSessionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitSessionType element""" - c_tag = 'ActivationLimitSessionType' + c_tag = "ActivationLimitSessionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -359,33 +371,34 @@ class ActivationLimitSessionType_(SamlBase): def activation_limit_session_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSessionType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSessionType_, xml_string) class LengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:LengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:LengthType element""" - c_tag = 'LengthType' + c_tag = "LengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'integer', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "integer", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -396,13 +409,14 @@ def length_type__from_string(xml_string): class MediumType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:mediumType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:mediumType element""" - c_tag = 'mediumType' + c_tag = "mediumType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['memory', 'smartcard', 'token', - 'MobileDevice', 'MobileAuthCard']} + c_value_type = { + "base": "xs:NMTOKEN", + "enumeration": ["memory", "smartcard", "token", "MobileDevice", "MobileAuthCard"], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -414,26 +428,28 @@ def medium_type__from_string(xml_string): class KeyStorageType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyStorageType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyStorageType element""" - c_tag = 'KeyStorageType' + c_tag = "KeyStorageType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['medium'] = ('medium', MediumType_, True) - - def __init__(self, - medium=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["medium"] = ("medium", MediumType_, True) + + def __init__( + self, + medium=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.medium = medium @@ -443,9 +459,9 @@ def key_storage_type__from_string(xml_string): class ExtensionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ExtensionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ExtensionType element""" - c_tag = 'ExtensionType' + c_tag = "ExtensionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -458,9 +474,9 @@ def extension_type__from_string(xml_string): class KeySharing(KeySharingType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeySharing element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeySharing element""" - c_tag = 'KeySharing' + c_tag = "KeySharing" c_namespace = NAMESPACE c_children = KeySharingType_.c_children.copy() c_attributes = KeySharingType_.c_attributes.copy() @@ -473,9 +489,9 @@ def key_sharing_from_string(xml_string): class KeyStorage(KeyStorageType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyStorage element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyStorage element""" - c_tag = 'KeyStorage' + c_tag = "KeyStorage" c_namespace = NAMESPACE c_children = KeyStorageType_.c_children.copy() c_attributes = KeyStorageType_.c_attributes.copy() @@ -488,9 +504,9 @@ def key_storage_from_string(xml_string): class TimeSyncToken(TimeSyncTokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TimeSyncToken element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TimeSyncToken element""" - c_tag = 'TimeSyncToken' + c_tag = "TimeSyncToken" c_namespace = NAMESPACE c_children = TimeSyncTokenType_.c_children.copy() c_attributes = TimeSyncTokenType_.c_attributes.copy() @@ -503,9 +519,9 @@ def time_sync_token_from_string(xml_string): class Length(LengthType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Length element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Length element""" - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = LengthType_.c_children.copy() c_attributes = LengthType_.c_attributes.copy() @@ -518,9 +534,9 @@ def length_from_string(xml_string): class GoverningAgreementRef(GoverningAgreementRefType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreementRef element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreementRef element""" - c_tag = 'GoverningAgreementRef' + c_tag = "GoverningAgreementRef" c_namespace = NAMESPACE c_children = GoverningAgreementRefType_.c_children.copy() c_attributes = GoverningAgreementRefType_.c_attributes.copy() @@ -533,41 +549,43 @@ def governing_agreement_ref_from_string(xml_string): class GoverningAgreementsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreementsType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreementsType element""" - c_tag = 'GoverningAgreementsType' + c_tag = "GoverningAgreementsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}GoverningAgreementRef'] = ( - 'governing_agreement_ref', [GoverningAgreementRef]) - c_cardinality['governing_agreement_ref'] = {"min": 1} - c_child_order.extend(['governing_agreement_ref']) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}GoverningAgreementRef"] = ( + "governing_agreement_ref", + [GoverningAgreementRef], + ) + c_cardinality["governing_agreement_ref"] = {"min": 1} + c_child_order.extend(["governing_agreement_ref"]) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref or [] def governing_agreements_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementsType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementsType_, xml_string) class RestrictedPasswordType_Length(RestrictedLengthType_): - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = RestrictedLengthType_.c_children.copy() c_attributes = RestrictedLengthType_.c_attributes.copy() @@ -576,14 +594,13 @@ class RestrictedPasswordType_Length(RestrictedLengthType_): def restricted_password_type__length_from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, xml_string) class Alphabet(AlphabetType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Alphabet element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Alphabet element""" - c_tag = 'Alphabet' + c_tag = "Alphabet" c_namespace = NAMESPACE c_children = AlphabetType_.c_children.copy() c_attributes = AlphabetType_.c_attributes.copy() @@ -596,9 +613,9 @@ def alphabet_from_string(xml_string): class ActivationLimitDuration(ActivationLimitDurationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitDuration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitDuration element""" - c_tag = 'ActivationLimitDuration' + c_tag = "ActivationLimitDuration" c_namespace = NAMESPACE c_children = ActivationLimitDurationType_.c_children.copy() c_attributes = ActivationLimitDurationType_.c_attributes.copy() @@ -607,14 +624,13 @@ class ActivationLimitDuration(ActivationLimitDurationType_): def activation_limit_duration_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDuration, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDuration, xml_string) class ActivationLimitUsages(ActivationLimitUsagesType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitUsages element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitUsages element""" - c_tag = 'ActivationLimitUsages' + c_tag = "ActivationLimitUsages" c_namespace = NAMESPACE c_children = ActivationLimitUsagesType_.c_children.copy() c_attributes = ActivationLimitUsagesType_.c_attributes.copy() @@ -627,9 +643,9 @@ def activation_limit_usages_from_string(xml_string): class ActivationLimitSession(ActivationLimitSessionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitSession element""" - c_tag = 'ActivationLimitSession' + c_tag = "ActivationLimitSession" c_namespace = NAMESPACE c_children = ActivationLimitSessionType_.c_children.copy() c_attributes = ActivationLimitSessionType_.c_attributes.copy() @@ -638,14 +654,13 @@ class ActivationLimitSession(ActivationLimitSessionType_): def activation_limit_session_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSession, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSession, xml_string) class Extension(ExtensionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Extension element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Extension element""" - c_tag = 'Extension' + c_tag = "Extension" c_namespace = NAMESPACE c_children = ExtensionType_.c_children.copy() c_attributes = ExtensionType_.c_attributes.copy() @@ -658,67 +673,68 @@ def extension_from_string(xml_string): class SharedSecretChallengeResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SharedSecretChallengeResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SharedSecretChallengeResponseType element""" - c_tag = 'SharedSecretChallengeResponseType' + c_tag = "SharedSecretChallengeResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['method'] = ('method', 'anyURI', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - method=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["method"] = ("method", "anyURI", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + method=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.method = method def shared_secret_challenge_response_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - SharedSecretChallengeResponseType_, xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponseType_, xml_string) class PublicKeyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PublicKeyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PublicKeyType element""" - c_tag = 'PublicKeyType' + c_tag = "PublicKeyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['keyValidation'] = ('key_validation', 'None', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - key_validation=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["keyValidation"] = ("key_validation", "None", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + key_validation=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.key_validation = key_validation @@ -729,9 +745,9 @@ def public_key_type__from_string(xml_string): class GoverningAgreements(GoverningAgreementsType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreements element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:GoverningAgreements element""" - c_tag = 'GoverningAgreements' + c_tag = "GoverningAgreements" c_namespace = NAMESPACE c_children = GoverningAgreementsType_.c_children.copy() c_attributes = GoverningAgreementsType_.c_attributes.copy() @@ -744,45 +760,41 @@ def governing_agreements_from_string(xml_string): class PasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PasswordType element""" - c_tag = 'PasswordType' + c_tag = "PasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'alphabet', 'generation', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "alphabet", "generation", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -796,40 +808,37 @@ def password_type__from_string(xml_string): class RestrictedPasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:RestrictedPasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:RestrictedPasswordType element""" - c_tag = 'RestrictedPasswordType' + c_tag = "RestrictedPasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Length'] = ( - 'length', RestrictedPasswordType_Length) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'generation', 'extension']) - - def __init__(self, - length=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Length"] = ("length", RestrictedPasswordType_Length) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "generation", "extension"]) + + def __init__( + self, + length=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.generation = generation @@ -838,38 +847,36 @@ def __init__(self, def restricted_password_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_, xml_string) class TokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TokenType element""" - c_tag = 'TokenType' + c_tag = "TokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}TimeSyncToken'] = ( - 'time_sync_token', TimeSyncToken) - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['time_sync_token', 'extension']) - - def __init__(self, - time_sync_token=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}TimeSyncToken"] = ("time_sync_token", TimeSyncToken) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["time_sync_token", "extension"]) + + def __init__( + self, + time_sync_token=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.time_sync_token = time_sync_token self.extension = extension or [] @@ -880,42 +887,45 @@ def token_type__from_string(xml_string): class ActivationLimitType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimitType element""" - c_tag = 'ActivationLimitType' + c_tag = "ActivationLimitType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimitDuration'] = ( - 'activation_limit_duration', ActivationLimitDuration) - c_cardinality['activation_limit_duration'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimitUsages'] = ( - 'activation_limit_usages', ActivationLimitUsages) - c_cardinality['activation_limit_usages'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimitSession'] = ( - 'activation_limit_session', ActivationLimitSession) - c_cardinality['activation_limit_session'] = {"min": 0, "max": 1} - c_child_order.extend( - ['activation_limit_duration', 'activation_limit_usages', - 'activation_limit_session']) - - def __init__(self, - activation_limit_duration=None, - activation_limit_usages=None, - activation_limit_session=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimitDuration"] = ( + "activation_limit_duration", + ActivationLimitDuration, + ) + c_cardinality["activation_limit_duration"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimitUsages"] = ( + "activation_limit_usages", + ActivationLimitUsages, + ) + c_cardinality["activation_limit_usages"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimitSession"] = ( + "activation_limit_session", + ActivationLimitSession, + ) + c_cardinality["activation_limit_session"] = {"min": 0, "max": 1} + c_child_order.extend(["activation_limit_duration", "activation_limit_usages", "activation_limit_session"]) + + def __init__( + self, + activation_limit_duration=None, + activation_limit_usages=None, + activation_limit_session=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_limit_duration = activation_limit_duration self.activation_limit_usages = activation_limit_usages @@ -927,29 +937,30 @@ def activation_limit_type__from_string(xml_string): class ExtensionOnlyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ExtensionOnlyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ExtensionOnlyType element""" - c_tag = 'ExtensionOnlyType' + c_tag = "ExtensionOnlyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] @@ -959,9 +970,9 @@ def extension_only_type__from_string(xml_string): class WrittenConsent(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:WrittenConsent element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:WrittenConsent element""" - c_tag = 'WrittenConsent' + c_tag = "WrittenConsent" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -974,9 +985,9 @@ def written_consent_from_string(xml_string): class SubscriberLineNumber(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SubscriberLineNumber element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SubscriberLineNumber element""" - c_tag = 'SubscriberLineNumber' + c_tag = "SubscriberLineNumber" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -989,9 +1000,9 @@ def subscriber_line_number_from_string(xml_string): class UserSuffix(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:UserSuffix element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:UserSuffix element""" - c_tag = 'UserSuffix' + c_tag = "UserSuffix" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1004,9 +1015,9 @@ def user_suffix_from_string(xml_string): class Password(PasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Password element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Password element""" - c_tag = 'Password' + c_tag = "Password" c_namespace = NAMESPACE c_children = PasswordType_.c_children.copy() c_attributes = PasswordType_.c_attributes.copy() @@ -1019,9 +1030,9 @@ def password_from_string(xml_string): class Token(TokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Token element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Token element""" - c_tag = 'Token' + c_tag = "Token" c_namespace = NAMESPACE c_children = TokenType_.c_children.copy() c_attributes = TokenType_.c_attributes.copy() @@ -1034,9 +1045,9 @@ def token_from_string(xml_string): class Smartcard(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Smartcard element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Smartcard element""" - c_tag = 'Smartcard' + c_tag = "Smartcard" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1049,9 +1060,9 @@ def smartcard_from_string(xml_string): class ActivationLimit(ActivationLimitType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationLimit element""" - c_tag = 'ActivationLimit' + c_tag = "ActivationLimit" c_namespace = NAMESPACE c_children = ActivationLimitType_.c_children.copy() c_attributes = ActivationLimitType_.c_attributes.copy() @@ -1064,9 +1075,9 @@ def activation_limit_from_string(xml_string): class PreviousSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PreviousSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PreviousSession element""" - c_tag = 'PreviousSession' + c_tag = "PreviousSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1079,9 +1090,9 @@ def previous_session_from_string(xml_string): class ResumeSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ResumeSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ResumeSession element""" - c_tag = 'ResumeSession' + c_tag = "ResumeSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1094,9 +1105,9 @@ def resume_session_from_string(xml_string): class ZeroKnowledge(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ZeroKnowledge element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ZeroKnowledge element""" - c_tag = 'ZeroKnowledge' + c_tag = "ZeroKnowledge" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1109,9 +1120,9 @@ def zero_knowledge_from_string(xml_string): class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SharedSecretChallengeResponse element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SharedSecretChallengeResponse element""" - c_tag = 'SharedSecretChallengeResponse' + c_tag = "SharedSecretChallengeResponse" c_namespace = NAMESPACE c_children = SharedSecretChallengeResponseType_.c_children.copy() c_attributes = SharedSecretChallengeResponseType_.c_attributes.copy() @@ -1120,14 +1131,13 @@ class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): def shared_secret_challenge_response_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, xml_string) class DigSig(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:DigSig element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:DigSig element""" - c_tag = 'DigSig' + c_tag = "DigSig" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1140,9 +1150,9 @@ def dig_sig_from_string(xml_string): class AsymmetricDecryption(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AsymmetricDecryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AsymmetricDecryption element""" - c_tag = 'AsymmetricDecryption' + c_tag = "AsymmetricDecryption" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1155,9 +1165,9 @@ def asymmetric_decryption_from_string(xml_string): class AsymmetricKeyAgreement(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AsymmetricKeyAgreement element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AsymmetricKeyAgreement element""" - c_tag = 'AsymmetricKeyAgreement' + c_tag = "AsymmetricKeyAgreement" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1166,14 +1176,13 @@ class AsymmetricKeyAgreement(PublicKeyType_): def asymmetric_key_agreement_from_string(xml_string): - return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, - xml_string) + return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, xml_string) class IPAddress(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:IPAddress element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:IPAddress element""" - c_tag = 'IPAddress' + c_tag = "IPAddress" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1186,9 +1195,9 @@ def ip_address_from_string(xml_string): class SharedSecretDynamicPlaintext(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SharedSecretDynamicPlaintext element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SharedSecretDynamicPlaintext element""" - c_tag = 'SharedSecretDynamicPlaintext' + c_tag = "SharedSecretDynamicPlaintext" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1197,14 +1206,13 @@ class SharedSecretDynamicPlaintext(ExtensionOnlyType_): def shared_secret_dynamic_plaintext_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, xml_string) class HTTP(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:HTTP element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:HTTP element""" - c_tag = 'HTTP' + c_tag = "HTTP" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1217,9 +1225,9 @@ def http_from_string(xml_string): class IPSec(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:IPSec element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:IPSec element""" - c_tag = 'IPSec' + c_tag = "IPSec" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1232,9 +1240,9 @@ def ip_sec_from_string(xml_string): class WTLS(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:WTLS element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:WTLS element""" - c_tag = 'WTLS' + c_tag = "WTLS" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1247,9 +1255,9 @@ def wtls_from_string(xml_string): class MobileNetworkNoEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:MobileNetworkNoEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:MobileNetworkNoEncryption element""" - c_tag = 'MobileNetworkNoEncryption' + c_tag = "MobileNetworkNoEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1258,14 +1266,13 @@ class MobileNetworkNoEncryption(ExtensionOnlyType_): def mobile_network_no_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, xml_string) class MobileNetworkRadioEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:MobileNetworkRadioEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:MobileNetworkRadioEncryption element""" - c_tag = 'MobileNetworkRadioEncryption' + c_tag = "MobileNetworkRadioEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1274,14 +1281,13 @@ class MobileNetworkRadioEncryption(ExtensionOnlyType_): def mobile_network_radio_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, xml_string) class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:MobileNetworkEndToEndEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:MobileNetworkEndToEndEncryption element""" - c_tag = 'MobileNetworkEndToEndEncryption' + c_tag = "MobileNetworkEndToEndEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1290,14 +1296,13 @@ class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): def mobile_network_end_to_end_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, xml_string) class SSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SSL element""" - c_tag = 'SSL' + c_tag = "SSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1310,9 +1315,9 @@ def ssl_from_string(xml_string): class PSTN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PSTN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PSTN element""" - c_tag = 'PSTN' + c_tag = "PSTN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1325,9 +1330,9 @@ def pstn_from_string(xml_string): class ISDN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ISDN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ISDN element""" - c_tag = 'ISDN' + c_tag = "ISDN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1340,9 +1345,9 @@ def isdn_from_string(xml_string): class ADSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ADSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ADSL element""" - c_tag = 'ADSL' + c_tag = "ADSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1355,9 +1360,9 @@ def adsl_from_string(xml_string): class SwitchAudit(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SwitchAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SwitchAudit element""" - c_tag = 'SwitchAudit' + c_tag = "SwitchAudit" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1370,9 +1375,9 @@ def switch_audit_from_string(xml_string): class DeactivationCallCenter(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:DeactivationCallCenter element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:DeactivationCallCenter element""" - c_tag = 'DeactivationCallCenter' + c_tag = "DeactivationCallCenter" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1381,53 +1386,51 @@ class DeactivationCallCenter(ExtensionOnlyType_): def deactivation_call_center_from_string(xml_string): - return saml2.create_class_from_xml_string(DeactivationCallCenter, - xml_string) + return saml2.create_class_from_xml_string(DeactivationCallCenter, xml_string) class IdentificationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:IdentificationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:IdentificationType element""" - c_tag = 'IdentificationType' + c_tag = "IdentificationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PhysicalVerification'] = ( - 'physical_verification', PhysicalVerification) - c_cardinality['physical_verification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}WrittenConsent'] = ( - 'written_consent', WrittenConsent) - c_cardinality['written_consent'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['nym'] = ('nym', NymType_, False) - c_child_order.extend( - ['physical_verification', 'written_consent', 'governing_agreements', - 'extension']) - - def __init__(self, - physical_verification=None, - written_consent=None, - governing_agreements=None, - extension=None, - nym=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PhysicalVerification"] = ( + "physical_verification", + PhysicalVerification, + ) + c_cardinality["physical_verification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}WrittenConsent"] = ("written_consent", WrittenConsent) + c_cardinality["written_consent"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["nym"] = ("nym", NymType_, False) + c_child_order.extend(["physical_verification", "written_consent", "governing_agreements", "extension"]) + + def __init__( + self, + physical_verification=None, + written_consent=None, + governing_agreements=None, + extension=None, + nym=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.physical_verification = physical_verification self.written_consent = written_consent @@ -1441,75 +1444,83 @@ def identification_type__from_string(xml_string): class AuthenticatorTransportProtocolType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticatorTransportProtocolType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticatorTransportProtocolType element""" - c_tag = 'AuthenticatorTransportProtocolType' + c_tag = "AuthenticatorTransportProtocolType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}HTTP'] = ( - 'http', HTTP) - c_cardinality['http'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SSL'] = ( - 'ssl', SSL) - c_cardinality['ssl'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}MobileNetworkNoEncryption'] = ( - 'mobile_network_no_encryption', MobileNetworkNoEncryption) - c_cardinality['mobile_network_no_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}MobileNetworkRadioEncryption'] = ( - 'mobile_network_radio_encryption', MobileNetworkRadioEncryption) - c_cardinality['mobile_network_radio_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}MobileNetworkEndToEndEncryption'] = ( - 'mobile_network_end_to_end_encryption', MobileNetworkEndToEndEncryption) - c_cardinality['mobile_network_end_to_end_encryption'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}WTLS'] = ( - 'wtls', WTLS) - c_cardinality['wtls'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}IPSec'] = ( - 'ip_sec', IPSec) - c_cardinality['ip_sec'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PSTN'] = ( - 'pstn', PSTN) - c_cardinality['pstn'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ISDN'] = ( - 'isdn', ISDN) - c_cardinality['isdn'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ADSL'] = ( - 'adsl', ADSL) - c_cardinality['adsl'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['http', 'ssl', 'mobile_network_no_encryption', - 'mobile_network_radio_encryption', - 'mobile_network_end_to_end_encryption', 'wtls', - 'ip_sec', 'pstn', 'isdn', 'adsl', 'extension']) - - def __init__(self, - http=None, - ssl=None, - mobile_network_no_encryption=None, - mobile_network_radio_encryption=None, - mobile_network_end_to_end_encryption=None, - wtls=None, - ip_sec=None, - pstn=None, - isdn=None, - adsl=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}HTTP"] = ("http", HTTP) + c_cardinality["http"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SSL"] = ("ssl", SSL) + c_cardinality["ssl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}MobileNetworkNoEncryption"] = ( + "mobile_network_no_encryption", + MobileNetworkNoEncryption, + ) + c_cardinality["mobile_network_no_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}MobileNetworkRadioEncryption"] = ( + "mobile_network_radio_encryption", + MobileNetworkRadioEncryption, + ) + c_cardinality["mobile_network_radio_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}MobileNetworkEndToEndEncryption"] = ( + "mobile_network_end_to_end_encryption", + MobileNetworkEndToEndEncryption, + ) + c_cardinality["mobile_network_end_to_end_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}WTLS"] = ("wtls", WTLS) + c_cardinality["wtls"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}IPSec"] = ("ip_sec", IPSec) + c_cardinality["ip_sec"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PSTN"] = ("pstn", PSTN) + c_cardinality["pstn"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ISDN"] = ("isdn", ISDN) + c_cardinality["isdn"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ADSL"] = ("adsl", ADSL) + c_cardinality["adsl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + [ + "http", + "ssl", + "mobile_network_no_encryption", + "mobile_network_radio_encryption", + "mobile_network_end_to_end_encryption", + "wtls", + "ip_sec", + "pstn", + "isdn", + "adsl", + "extension", + ] + ) + + def __init__( + self, + http=None, + ssl=None, + mobile_network_no_encryption=None, + mobile_network_radio_encryption=None, + mobile_network_end_to_end_encryption=None, + wtls=None, + ip_sec=None, + pstn=None, + isdn=None, + adsl=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.http = http self.ssl = ssl @@ -1525,14 +1536,13 @@ def __init__(self, def authenticator_transport_protocol_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - AuthenticatorTransportProtocolType_, xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocolType_, xml_string) class RestrictedPassword(RestrictedPasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:RestrictedPassword element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:RestrictedPassword element""" - c_tag = 'RestrictedPassword' + c_tag = "RestrictedPassword" c_namespace = NAMESPACE c_children = RestrictedPasswordType_.c_children.copy() c_attributes = RestrictedPasswordType_.c_attributes.copy() @@ -1545,48 +1555,45 @@ def restricted_password_from_string(xml_string): class ActivationPinType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationPinType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationPinType element""" - c_tag = 'ActivationPinType' + c_tag = "ActivationPinType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimit'] = ( - 'activation_limit', ActivationLimit) - c_cardinality['activation_limit'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['length', 'alphabet', 'generation', 'activation_limit', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - activation_limit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationLimit"] = ( + "activation_limit", + ActivationLimit, + ) + c_cardinality["activation_limit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["length", "alphabet", "generation", "activation_limit", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + activation_limit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -1600,34 +1607,33 @@ def activation_pin_type__from_string(xml_string): class SecurityAuditType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecurityAuditType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecurityAuditType element""" - c_tag = 'SecurityAuditType' + c_tag = "SecurityAuditType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SwitchAudit'] = ( - 'switch_audit', SwitchAudit) - c_cardinality['switch_audit'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['switch_audit', 'extension']) - - def __init__(self, - switch_audit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SwitchAudit"] = ("switch_audit", SwitchAudit) + c_cardinality["switch_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["switch_audit", "extension"]) + + def __init__( + self, + switch_audit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.switch_audit = switch_audit self.extension = extension or [] @@ -1638,43 +1644,44 @@ def security_audit_type__from_string(xml_string): class AuthenticatorBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticatorBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticatorBaseType element""" - c_tag = 'AuthenticatorBaseType' + c_tag = "AuthenticatorBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}RestrictedPassword'] = ( - - 'restricted_password', RestrictedPassword) - c_child_order.extend(['restricted_password']) - - def __init__(self, - restricted_password=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_child_order.extend(["restricted_password"]) + + def __init__( + self, + restricted_password=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.restricted_password = restricted_password def authenticator_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorBaseType_, xml_string) class Identification(IdentificationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Identification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Identification element""" - c_tag = 'Identification' + c_tag = "Identification" c_namespace = NAMESPACE c_children = IdentificationType_.c_children.copy() c_attributes = IdentificationType_.c_attributes.copy() @@ -1687,9 +1694,9 @@ def identification_from_string(xml_string): class ActivationPin(ActivationPinType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationPin element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ActivationPin element""" - c_tag = 'ActivationPin' + c_tag = "ActivationPin" c_namespace = NAMESPACE c_children = ActivationPinType_.c_children.copy() c_attributes = ActivationPinType_.c_attributes.copy() @@ -1702,9 +1709,9 @@ def activation_pin_from_string(xml_string): class Authenticator(AuthenticatorBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Authenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:Authenticator element""" - c_tag = 'Authenticator' + c_tag = "Authenticator" c_namespace = NAMESPACE c_children = AuthenticatorBaseType_.c_children.copy() c_attributes = AuthenticatorBaseType_.c_attributes.copy() @@ -1717,9 +1724,9 @@ def authenticator_from_string(xml_string): class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticatorTransportProtocol element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticatorTransportProtocol element""" - c_tag = 'AuthenticatorTransportProtocol' + c_tag = "AuthenticatorTransportProtocol" c_namespace = NAMESPACE c_children = AuthenticatorTransportProtocolType_.c_children.copy() c_attributes = AuthenticatorTransportProtocolType_.c_attributes.copy() @@ -1728,14 +1735,13 @@ class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): def authenticator_transport_protocol_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, xml_string) class SecurityAudit(SecurityAuditType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecurityAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecurityAudit element""" - c_tag = 'SecurityAudit' + c_tag = "SecurityAudit" c_namespace = NAMESPACE c_children = SecurityAuditType_.c_children.copy() c_attributes = SecurityAuditType_.c_attributes.copy() @@ -1748,40 +1754,39 @@ def security_audit_from_string(xml_string): class OperationalProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:OperationalProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:OperationalProtectionType element""" - c_tag = 'OperationalProtectionType' + c_tag = "OperationalProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SecurityAudit'] = ( - 'security_audit', SecurityAudit) - c_cardinality['security_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}DeactivationCallCenter'] = ( - 'deactivation_call_center', DeactivationCallCenter) - c_cardinality['deactivation_call_center'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['security_audit', 'deactivation_call_center', 'extension']) - - def __init__(self, - security_audit=None, - deactivation_call_center=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SecurityAudit"] = ("security_audit", SecurityAudit) + c_cardinality["security_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}DeactivationCallCenter"] = ( + "deactivation_call_center", + DeactivationCallCenter, + ) + c_cardinality["deactivation_call_center"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["security_audit", "deactivation_call_center", "extension"]) + + def __init__( + self, + security_audit=None, + deactivation_call_center=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.security_audit = security_audit self.deactivation_call_center = deactivation_call_center @@ -1789,60 +1794,54 @@ def __init__(self, def operational_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(OperationalProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(OperationalProtectionType_, xml_string) class PrincipalAuthenticationMechanismType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrincipalAuthenticationMechanismType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrincipalAuthenticationMechanismType element""" - c_tag = 'PrincipalAuthenticationMechanismType' + c_tag = "PrincipalAuthenticationMechanismType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Token'] = ( - 'token', Token) - c_cardinality['token'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Smartcard'] = ( - 'smartcard', Smartcard) - c_cardinality['smartcard'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['preauth'] = ('preauth', 'integer', False) - c_child_order.extend( - ['password', 'restricted_password', 'token', 'smartcard', - 'activation_pin', 'extension']) - - def __init__(self, - password=None, - restricted_password=None, - token=None, - smartcard=None, - activation_pin=None, - extension=None, - preauth=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Token"] = ("token", Token) + c_cardinality["token"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Smartcard"] = ("smartcard", Smartcard) + c_cardinality["smartcard"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationPin"] = ("activation_pin", ActivationPin) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["preauth"] = ("preauth", "integer", False) + c_child_order.extend(["password", "restricted_password", "token", "smartcard", "activation_pin", "extension"]) + + def __init__( + self, + password=None, + restricted_password=None, + token=None, + smartcard=None, + activation_pin=None, + extension=None, + preauth=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.password = password self.restricted_password = restricted_password @@ -1854,39 +1853,37 @@ def __init__(self, def principal_authentication_mechanism_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - PrincipalAuthenticationMechanismType_, xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanismType_, xml_string) class KeyActivationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyActivationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyActivationType element""" - c_tag = 'KeyActivationType' + c_tag = "KeyActivationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['activation_pin', 'extension']) - - def __init__(self, - activation_pin=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ActivationPin"] = ("activation_pin", ActivationPin) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["activation_pin", "extension"]) + + def __init__( + self, + activation_pin=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_pin = activation_pin self.extension = extension or [] @@ -1897,9 +1894,9 @@ def key_activation_type__from_string(xml_string): class KeyActivation(KeyActivationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyActivation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:KeyActivation element""" - c_tag = 'KeyActivation' + c_tag = "KeyActivation" c_namespace = NAMESPACE c_children = KeyActivationType_.c_children.copy() c_attributes = KeyActivationType_.c_attributes.copy() @@ -1912,9 +1909,9 @@ def key_activation_from_string(xml_string): class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrincipalAuthenticationMechanism element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrincipalAuthenticationMechanism element""" - c_tag = 'PrincipalAuthenticationMechanism' + c_tag = "PrincipalAuthenticationMechanism" c_namespace = NAMESPACE c_children = PrincipalAuthenticationMechanismType_.c_children.copy() c_attributes = PrincipalAuthenticationMechanismType_.c_attributes.copy() @@ -1923,14 +1920,13 @@ class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): def principal_authentication_mechanism_from_string(xml_string): - return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, - xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, xml_string) class OperationalProtection(OperationalProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:OperationalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:OperationalProtection element""" - c_tag = 'OperationalProtection' + c_tag = "OperationalProtection" c_namespace = NAMESPACE c_children = OperationalProtectionType_.c_children.copy() c_attributes = OperationalProtectionType_.c_attributes.copy() @@ -1943,45 +1939,39 @@ def operational_protection_from_string(xml_string): class PrivateKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrivateKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrivateKeyProtectionType element""" - c_tag = 'PrivateKeyProtectionType' + c_tag = "PrivateKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeySharing'] = ( - 'key_sharing', KeySharing) - c_cardinality['key_sharing'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['key_activation', 'key_storage', 'key_sharing', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - key_sharing=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyActivation"] = ("key_activation", KeyActivation) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyStorage"] = ("key_storage", KeyStorage) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeySharing"] = ("key_sharing", KeySharing) + c_cardinality["key_sharing"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "key_sharing", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + key_sharing=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -1990,44 +1980,40 @@ def __init__(self, def private_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, xml_string) class SecretKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecretKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecretKeyProtectionType element""" - c_tag = 'SecretKeyProtectionType' + c_tag = "SecretKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['key_activation', 'key_storage', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyActivation"] = ("key_activation", KeyActivation) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}KeyStorage"] = ("key_storage", KeyStorage) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -2035,50 +2021,50 @@ def __init__(self, def secret_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SecretKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(SecretKeyProtectionType_, xml_string) class AuthnMethodBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthnMethodBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthnMethodBaseType element""" - c_tag = 'AuthnMethodBaseType' + c_tag = "AuthnMethodBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PrincipalAuthenticationMechanism'] = ( - - 'principal_authentication_mechanism', PrincipalAuthenticationMechanism) - c_cardinality['principal_authentication_mechanism'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Authenticator'] = ( - 'authenticator', Authenticator) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AuthenticatorTransportProtocol'] = ( - 'authenticator_transport_protocol', AuthenticatorTransportProtocol) - c_cardinality['authenticator_transport_protocol'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['principal_authentication_mechanism', 'authenticator', - 'authenticator_transport_protocol', 'extension']) - - def __init__(self, - principal_authentication_mechanism=None, - authenticator=None, - authenticator_transport_protocol=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PrincipalAuthenticationMechanism"] = ( + "principal_authentication_mechanism", + PrincipalAuthenticationMechanism, + ) + c_cardinality["principal_authentication_mechanism"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Authenticator"] = ("authenticator", Authenticator) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AuthenticatorTransportProtocol"] = ( + "authenticator_transport_protocol", + AuthenticatorTransportProtocol, + ) + c_cardinality["authenticator_transport_protocol"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + ["principal_authentication_mechanism", "authenticator", "authenticator_transport_protocol", "extension"] + ) + + def __init__( + self, + principal_authentication_mechanism=None, + authenticator=None, + authenticator_transport_protocol=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.principal_authentication_mechanism = principal_authentication_mechanism self.authenticator = authenticator @@ -2091,9 +2077,9 @@ def authn_method_base_type__from_string(xml_string): class SecretKeyProtection(SecretKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecretKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:SecretKeyProtection element""" - c_tag = 'SecretKeyProtection' + c_tag = "SecretKeyProtection" c_namespace = NAMESPACE c_children = SecretKeyProtectionType_.c_children.copy() c_attributes = SecretKeyProtectionType_.c_attributes.copy() @@ -2106,9 +2092,9 @@ def secret_key_protection_from_string(xml_string): class PrivateKeyProtection(PrivateKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrivateKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:PrivateKeyProtection element""" - c_tag = 'PrivateKeyProtection' + c_tag = "PrivateKeyProtection" c_namespace = NAMESPACE c_children = PrivateKeyProtectionType_.c_children.copy() c_attributes = PrivateKeyProtectionType_.c_attributes.copy() @@ -2121,9 +2107,9 @@ def private_key_protection_from_string(xml_string): class AuthnMethod(AuthnMethodBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthnMethod element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthnMethod element""" - c_tag = 'AuthnMethod' + c_tag = "AuthnMethod" c_namespace = NAMESPACE c_children = AuthnMethodBaseType_.c_children.copy() c_attributes = AuthnMethodBaseType_.c_attributes.copy() @@ -2136,40 +2122,42 @@ def authn_method_from_string(xml_string): class TechnicalProtectionBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TechnicalProtectionBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TechnicalProtectionBaseType element""" - c_tag = 'TechnicalProtectionBaseType' + c_tag = "TechnicalProtectionBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PrivateKeyProtection'] = ( - 'private_key_protection', PrivateKeyProtection) - c_cardinality['private_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SecretKeyProtection'] = ( - 'secret_key_protection', SecretKeyProtection) - c_cardinality['secret_key_protection'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['private_key_protection', 'secret_key_protection', 'extension']) - - def __init__(self, - private_key_protection=None, - secret_key_protection=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PrivateKeyProtection"] = ( + "private_key_protection", + PrivateKeyProtection, + ) + c_cardinality["private_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SecretKeyProtection"] = ( + "secret_key_protection", + SecretKeyProtection, + ) + c_cardinality["secret_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["private_key_protection", "secret_key_protection", "extension"]) + + def __init__( + self, + private_key_protection=None, + secret_key_protection=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.private_key_protection = private_key_protection self.secret_key_protection = secret_key_protection @@ -2177,14 +2165,13 @@ def __init__(self, def technical_protection_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, - xml_string) + return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, xml_string) class TechnicalProtection(TechnicalProtectionBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TechnicalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:TechnicalProtection element""" - c_tag = 'TechnicalProtection' + c_tag = "TechnicalProtection" c_namespace = NAMESPACE c_children = TechnicalProtectionBaseType_.c_children.copy() c_attributes = TechnicalProtectionBaseType_.c_attributes.copy() @@ -2197,57 +2184,64 @@ def technical_protection_from_string(xml_string): class AuthnContextDeclarationBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthnContextDeclarationBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthnContextDeclarationBaseType element""" - c_tag = 'AuthnContextDeclarationBaseType' + c_tag = "AuthnContextDeclarationBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Identification'] = ( - 'identification', Identification) - c_cardinality['identification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}TechnicalProtection'] = ( - 'technical_protection', TechnicalProtection) - c_cardinality['technical_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}OperationalProtection'] = ( - 'operational_protection', OperationalProtection) - c_cardinality['operational_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AuthnMethod'] = ( - 'authn_method', AuthnMethod) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ID'] = ('id', 'ID', False) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Identification"] = ("identification", Identification) + c_cardinality["identification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}TechnicalProtection"] = ( + "technical_protection", + TechnicalProtection, + ) + c_cardinality["technical_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}OperationalProtection"] = ( + "operational_protection", + OperationalProtection, + ) + c_cardinality["operational_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AuthnMethod"] = ("authn_method", AuthnMethod) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ID"] = ("id", "ID", False) c_child_order.extend( - ['identification', 'technical_protection', 'operational_protection', - 'authn_method', 'governing_agreements', 'extension']) - - def __init__(self, - identification=None, - technical_protection=None, - operational_protection=None, - authn_method=None, - governing_agreements=None, - extension=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "identification", + "technical_protection", + "operational_protection", + "authn_method", + "governing_agreements", + "extension", + ] + ) + + def __init__( + self, + identification=None, + technical_protection=None, + operational_protection=None, + authn_method=None, + governing_agreements=None, + extension=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.identification = identification self.technical_protection = technical_protection @@ -2259,14 +2253,13 @@ def __init__(self, def authn_context_declaration_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, xml_string) class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticationContextDeclaration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:AuthenticationContextDeclaration element""" - c_tag = 'AuthenticationContextDeclaration' + c_tag = "AuthenticationContextDeclaration" c_namespace = NAMESPACE c_children = AuthnContextDeclarationBaseType_.c_children.copy() c_attributes = AuthnContextDeclarationBaseType_.c_attributes.copy() @@ -2275,107 +2268,116 @@ class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): def authentication_context_declaration_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, - xml_string) + return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, xml_string) -#.................. +# .................. # ['ComplexAuthenticator', 'ComplexAuthenticatorType'] class ComplexAuthenticatorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ComplexAuthenticatorType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ComplexAuthenticatorType element""" - c_tag = 'ComplexAuthenticatorType' + c_tag = "ComplexAuthenticatorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PreviousSession'] = ( - 'previous_session', PreviousSession) - c_cardinality['previous_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ResumeSession'] = ( - 'resume_session', ResumeSession) - c_cardinality['resume_session'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}DigSig'] = ( - 'dig_sig', DigSig) - c_cardinality['dig_sig'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}RestrictedPassword' \ - ''] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ZeroKnowledge'] = ( - 'zero_knowledge', ZeroKnowledge) - c_cardinality['zero_knowledge'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}IPAddress'] = ( - 'ip_address', IPAddress) - c_cardinality['ip_address'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AsymmetricDecryption'] = ( - 'asymmetric_decryption', AsymmetricDecryption) - c_cardinality['asymmetric_decryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AsymmetricKeyAgreement'] = ( - 'asymmetric_key_agreement', AsymmetricKeyAgreement) - c_cardinality['asymmetric_key_agreement'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SubscriberLineNumber'] = ( - 'subscriber_line_number', SubscriberLineNumber) - c_cardinality['subscriber_line_number'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}UserSuffix'] = ( - 'user_suffix', UserSuffix) - c_cardinality['user_suffix'] = {"min": 0, "max": 1} - c_cardinality['complex_authenticator'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}PreviousSession"] = ( + "previous_session", + PreviousSession, + ) + c_cardinality["previous_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ResumeSession"] = ("resume_session", ResumeSession) + c_cardinality["resume_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}DigSig"] = ("dig_sig", DigSig) + c_cardinality["dig_sig"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}RestrictedPassword" ""] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ZeroKnowledge"] = ("zero_knowledge", ZeroKnowledge) + c_cardinality["zero_knowledge"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}IPAddress"] = ("ip_address", IPAddress) + c_cardinality["ip_address"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AsymmetricDecryption"] = ( + "asymmetric_decryption", + AsymmetricDecryption, + ) + c_cardinality["asymmetric_decryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}AsymmetricKeyAgreement"] = ( + "asymmetric_key_agreement", + AsymmetricKeyAgreement, + ) + c_cardinality["asymmetric_key_agreement"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}SubscriberLineNumber"] = ( + "subscriber_line_number", + SubscriberLineNumber, + ) + c_cardinality["subscriber_line_number"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}UserSuffix"] = ("user_suffix", UserSuffix) + c_cardinality["user_suffix"] = {"min": 0, "max": 1} + c_cardinality["complex_authenticator"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} c_child_order.extend( - ['previous_session', 'resume_session', 'dig_sig', 'password', - 'restricted_password', 'zero_knowledge', - 'shared_secret_challenge_response', 'shared_secret_dynamic_plaintext', - 'ip_address', 'asymmetric_decryption', 'asymmetric_key_agreement', - 'subscriber_line_number', 'user_suffix', 'complex_authenticator', - 'extension']) - - def __init__(self, - previous_session=None, - resume_session=None, - dig_sig=None, - password=None, - restricted_password=None, - zero_knowledge=None, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - ip_address=None, - asymmetric_decryption=None, - asymmetric_key_agreement=None, - subscriber_line_number=None, - user_suffix=None, - complex_authenticator=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "previous_session", + "resume_session", + "dig_sig", + "password", + "restricted_password", + "zero_knowledge", + "shared_secret_challenge_response", + "shared_secret_dynamic_plaintext", + "ip_address", + "asymmetric_decryption", + "asymmetric_key_agreement", + "subscriber_line_number", + "user_suffix", + "complex_authenticator", + "extension", + ] + ) + + def __init__( + self, + previous_session=None, + resume_session=None, + dig_sig=None, + password=None, + restricted_password=None, + zero_knowledge=None, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + ip_address=None, + asymmetric_decryption=None, + asymmetric_key_agreement=None, + subscriber_line_number=None, + user_suffix=None, + complex_authenticator=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.previous_session = previous_session self.resume_session = resume_session @@ -2395,14 +2397,13 @@ def __init__(self, def complex_authenticator_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, - xml_string) + return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, xml_string) class ComplexAuthenticator(ComplexAuthenticatorType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ComplexAuthenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:Password:ComplexAuthenticator element""" - c_tag = 'ComplexAuthenticator' + c_tag = "ComplexAuthenticator" c_namespace = NAMESPACE c_children = ComplexAuthenticatorType_.c_children.copy() c_attributes = ComplexAuthenticatorType_.c_attributes.copy() @@ -2415,12 +2416,14 @@ def complex_authenticator_from_string(xml_string): # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -ComplexAuthenticatorType_.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) -ComplexAuthenticator.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) +ComplexAuthenticatorType_.c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, +) +ComplexAuthenticator.c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:Password}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, +) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ELEMENT_FROM_STRING = { @@ -2520,102 +2523,101 @@ def complex_authenticator_from_string(xml_string): } ELEMENT_BY_TAG = { - 'AuthenticationContextDeclaration': AuthenticationContextDeclaration, - 'Identification': Identification, - 'PhysicalVerification': PhysicalVerification, - 'WrittenConsent': WrittenConsent, - 'TechnicalProtection': TechnicalProtection, - 'SecretKeyProtection': SecretKeyProtection, - 'PrivateKeyProtection': PrivateKeyProtection, - 'KeyActivation': KeyActivation, - 'KeySharing': KeySharing, - 'KeyStorage': KeyStorage, - 'SubscriberLineNumber': SubscriberLineNumber, - 'UserSuffix': UserSuffix, - 'Password': Password, - 'ActivationPin': ActivationPin, - 'Token': Token, - 'TimeSyncToken': TimeSyncToken, - 'Smartcard': Smartcard, - 'Length': Length, - 'ActivationLimit': ActivationLimit, - 'Generation': Generation, - 'AuthnMethod': AuthnMethod, - 'PrincipalAuthenticationMechanism': PrincipalAuthenticationMechanism, - 'Authenticator': Authenticator, - 'ComplexAuthenticator': ComplexAuthenticator, - 'PreviousSession': PreviousSession, - 'ResumeSession': ResumeSession, - 'ZeroKnowledge': ZeroKnowledge, - 'SharedSecretChallengeResponse': SharedSecretChallengeResponse, - 'SharedSecretChallengeResponseType': SharedSecretChallengeResponseType_, - 'DigSig': DigSig, - 'AsymmetricDecryption': AsymmetricDecryption, - 'AsymmetricKeyAgreement': AsymmetricKeyAgreement, - 'PublicKeyType': PublicKeyType_, - 'IPAddress': IPAddress, - 'SharedSecretDynamicPlaintext': SharedSecretDynamicPlaintext, - 'AuthenticatorTransportProtocol': AuthenticatorTransportProtocol, - 'HTTP': HTTP, - 'IPSec': IPSec, - 'WTLS': WTLS, - 'MobileNetworkNoEncryption': MobileNetworkNoEncryption, - 'MobileNetworkRadioEncryption': MobileNetworkRadioEncryption, - 'MobileNetworkEndToEndEncryption': MobileNetworkEndToEndEncryption, - 'SSL': SSL, - 'PSTN': PSTN, - 'ISDN': ISDN, - 'ADSL': ADSL, - 'OperationalProtection': OperationalProtection, - 'SecurityAudit': SecurityAudit, - 'SwitchAudit': SwitchAudit, - 'DeactivationCallCenter': DeactivationCallCenter, - 'GoverningAgreements': GoverningAgreements, - 'GoverningAgreementRef': GoverningAgreementRef, - 'nymType': NymType_, - 'IdentificationType': IdentificationType_, - 'TechnicalProtectionBaseType': TechnicalProtectionBaseType_, - 'OperationalProtectionType': OperationalProtectionType_, - 'GoverningAgreementsType': GoverningAgreementsType_, - 'GoverningAgreementRefType': GoverningAgreementRefType_, - 'PrincipalAuthenticationMechanismType': PrincipalAuthenticationMechanismType_, - 'ComplexAuthenticatorType': ComplexAuthenticatorType_, - 'AuthenticatorTransportProtocolType': AuthenticatorTransportProtocolType_, - 'KeyActivationType': KeyActivationType_, - 'KeySharingType': KeySharingType_, - 'PrivateKeyProtectionType': PrivateKeyProtectionType_, - 'PasswordType': PasswordType_, - 'RestrictedPassword': RestrictedPassword, - 'RestrictedPasswordType': RestrictedPasswordType_, - 'RestrictedLengthType': RestrictedLengthType_, - 'ActivationPinType': ActivationPinType_, - 'Alphabet': Alphabet, - 'AlphabetType': AlphabetType_, - 'TokenType': TokenType_, - 'DeviceTypeType': DeviceTypeType_, - 'booleanType': BooleanType_, - 'TimeSyncTokenType': TimeSyncTokenType_, - 'ActivationLimitType': ActivationLimitType_, - 'ActivationLimitDuration': ActivationLimitDuration, - 'ActivationLimitUsages': ActivationLimitUsages, - 'ActivationLimitSession': ActivationLimitSession, - 'ActivationLimitDurationType': ActivationLimitDurationType_, - 'ActivationLimitUsagesType': ActivationLimitUsagesType_, - 'ActivationLimitSessionType': ActivationLimitSessionType_, - 'LengthType': LengthType_, - 'mediumType': MediumType_, - 'KeyStorageType': KeyStorageType_, - 'SecretKeyProtectionType': SecretKeyProtectionType_, - 'SecurityAuditType': SecurityAuditType_, - 'ExtensionOnlyType': ExtensionOnlyType_, - 'Extension': Extension, - 'ExtensionType': ExtensionType_, - 'AuthnContextDeclarationBaseType': AuthnContextDeclarationBaseType_, - 'AuthnMethodBaseType': AuthnMethodBaseType_, - 'AuthenticatorBaseType': AuthenticatorBaseType_, + "AuthenticationContextDeclaration": AuthenticationContextDeclaration, + "Identification": Identification, + "PhysicalVerification": PhysicalVerification, + "WrittenConsent": WrittenConsent, + "TechnicalProtection": TechnicalProtection, + "SecretKeyProtection": SecretKeyProtection, + "PrivateKeyProtection": PrivateKeyProtection, + "KeyActivation": KeyActivation, + "KeySharing": KeySharing, + "KeyStorage": KeyStorage, + "SubscriberLineNumber": SubscriberLineNumber, + "UserSuffix": UserSuffix, + "Password": Password, + "ActivationPin": ActivationPin, + "Token": Token, + "TimeSyncToken": TimeSyncToken, + "Smartcard": Smartcard, + "Length": Length, + "ActivationLimit": ActivationLimit, + "Generation": Generation, + "AuthnMethod": AuthnMethod, + "PrincipalAuthenticationMechanism": PrincipalAuthenticationMechanism, + "Authenticator": Authenticator, + "ComplexAuthenticator": ComplexAuthenticator, + "PreviousSession": PreviousSession, + "ResumeSession": ResumeSession, + "ZeroKnowledge": ZeroKnowledge, + "SharedSecretChallengeResponse": SharedSecretChallengeResponse, + "SharedSecretChallengeResponseType": SharedSecretChallengeResponseType_, + "DigSig": DigSig, + "AsymmetricDecryption": AsymmetricDecryption, + "AsymmetricKeyAgreement": AsymmetricKeyAgreement, + "PublicKeyType": PublicKeyType_, + "IPAddress": IPAddress, + "SharedSecretDynamicPlaintext": SharedSecretDynamicPlaintext, + "AuthenticatorTransportProtocol": AuthenticatorTransportProtocol, + "HTTP": HTTP, + "IPSec": IPSec, + "WTLS": WTLS, + "MobileNetworkNoEncryption": MobileNetworkNoEncryption, + "MobileNetworkRadioEncryption": MobileNetworkRadioEncryption, + "MobileNetworkEndToEndEncryption": MobileNetworkEndToEndEncryption, + "SSL": SSL, + "PSTN": PSTN, + "ISDN": ISDN, + "ADSL": ADSL, + "OperationalProtection": OperationalProtection, + "SecurityAudit": SecurityAudit, + "SwitchAudit": SwitchAudit, + "DeactivationCallCenter": DeactivationCallCenter, + "GoverningAgreements": GoverningAgreements, + "GoverningAgreementRef": GoverningAgreementRef, + "nymType": NymType_, + "IdentificationType": IdentificationType_, + "TechnicalProtectionBaseType": TechnicalProtectionBaseType_, + "OperationalProtectionType": OperationalProtectionType_, + "GoverningAgreementsType": GoverningAgreementsType_, + "GoverningAgreementRefType": GoverningAgreementRefType_, + "PrincipalAuthenticationMechanismType": PrincipalAuthenticationMechanismType_, + "ComplexAuthenticatorType": ComplexAuthenticatorType_, + "AuthenticatorTransportProtocolType": AuthenticatorTransportProtocolType_, + "KeyActivationType": KeyActivationType_, + "KeySharingType": KeySharingType_, + "PrivateKeyProtectionType": PrivateKeyProtectionType_, + "PasswordType": PasswordType_, + "RestrictedPassword": RestrictedPassword, + "RestrictedPasswordType": RestrictedPasswordType_, + "RestrictedLengthType": RestrictedLengthType_, + "ActivationPinType": ActivationPinType_, + "Alphabet": Alphabet, + "AlphabetType": AlphabetType_, + "TokenType": TokenType_, + "DeviceTypeType": DeviceTypeType_, + "booleanType": BooleanType_, + "TimeSyncTokenType": TimeSyncTokenType_, + "ActivationLimitType": ActivationLimitType_, + "ActivationLimitDuration": ActivationLimitDuration, + "ActivationLimitUsages": ActivationLimitUsages, + "ActivationLimitSession": ActivationLimitSession, + "ActivationLimitDurationType": ActivationLimitDurationType_, + "ActivationLimitUsagesType": ActivationLimitUsagesType_, + "ActivationLimitSessionType": ActivationLimitSessionType_, + "LengthType": LengthType_, + "mediumType": MediumType_, + "KeyStorageType": KeyStorageType_, + "SecretKeyProtectionType": SecretKeyProtectionType_, + "SecurityAuditType": SecurityAuditType_, + "ExtensionOnlyType": ExtensionOnlyType_, + "Extension": Extension, + "ExtensionType": ExtensionType_, + "AuthnContextDeclarationBaseType": AuthnContextDeclarationBaseType_, + "AuthnMethodBaseType": AuthnMethodBaseType_, + "AuthenticatorBaseType": AuthenticatorBaseType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/authn_context/sslcert.py b/src/saml2/authn_context/sslcert.py index 80dd2b8b9..e7a1c9f1d 100644 --- a/src/saml2/authn_context/sslcert.py +++ b/src/saml2/authn_context/sslcert.py @@ -13,30 +13,32 @@ from saml2 import SamlBase -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient" class PhysicalVerification(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PhysicalVerification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PhysicalVerification element""" - c_tag = 'PhysicalVerification' + c_tag = "PhysicalVerification" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['credentialLevel'] = ('credential_level', 'None', False) - - def __init__(self, - credential_level=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["credentialLevel"] = ("credential_level", "None", False) + + def __init__( + self, + credential_level=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.credential_level = credential_level @@ -46,26 +48,28 @@ def physical_verification_from_string(xml_string): class Generation(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Generation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Generation element""" - c_tag = 'Generation' + c_tag = "Generation" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['mechanism'] = ('mechanism', 'None', True) - - def __init__(self, - mechanism=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["mechanism"] = ("mechanism", "None", True) + + def __init__( + self, + mechanism=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.mechanism = mechanism @@ -75,12 +79,11 @@ def generation_from_string(xml_string): class NymType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:nymType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:nymType element""" - c_tag = 'nymType' + c_tag = "nymType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['anonymity', 'verinymity', 'pseudonymity']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["anonymity", "verinymity", "pseudonymity"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -92,57 +95,59 @@ def nym_type__from_string(xml_string): class GoverningAgreementRefType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreementRefType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreementRefType element""" - c_tag = 'GoverningAgreementRefType' + c_tag = "GoverningAgreementRefType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['governingAgreementRef'] = ( - 'governing_agreement_ref', 'anyURI', True) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["governingAgreementRef"] = ("governing_agreement_ref", "anyURI", True) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref def governing_agreement_ref_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementRefType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementRefType_, xml_string) class KeySharingType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeySharingType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeySharingType element""" - c_tag = 'KeySharingType' + c_tag = "KeySharingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['sharing'] = ('sharing', 'boolean', True) - - def __init__(self, - sharing=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["sharing"] = ("sharing", "boolean", True) + + def __init__( + self, + sharing=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.sharing = sharing @@ -152,28 +157,30 @@ def key_sharing_type__from_string(xml_string): class RestrictedLengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:RestrictedLengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:RestrictedLengthType element""" - c_tag = 'RestrictedLengthType' + c_tag = "RestrictedLengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'None', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "None", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -184,30 +191,32 @@ def restricted_length_type__from_string(xml_string): class AlphabetType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AlphabetType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AlphabetType element""" - c_tag = 'AlphabetType' + c_tag = "AlphabetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['requiredChars'] = ('required_chars', 'string', True) - c_attributes['excludedChars'] = ('excluded_chars', 'string', False) - c_attributes['case'] = ('case', 'string', False) - - def __init__(self, - required_chars=None, - excluded_chars=None, - case=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["requiredChars"] = ("required_chars", "string", True) + c_attributes["excludedChars"] = ("excluded_chars", "string", False) + c_attributes["case"] = ("case", "string", False) + + def __init__( + self, + required_chars=None, + excluded_chars=None, + case=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.required_chars = required_chars self.excluded_chars = excluded_chars @@ -219,12 +228,11 @@ def alphabet_type__from_string(xml_string): class DeviceTypeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:DeviceTypeType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:DeviceTypeType element""" - c_tag = 'DeviceTypeType' + c_tag = "DeviceTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['hardware', 'software']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["hardware", "software"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -236,11 +244,11 @@ def device_type_type__from_string(xml_string): class BooleanType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:booleanType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:booleanType element""" - c_tag = 'booleanType' + c_tag = "booleanType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', 'enumeration': ['true', 'false']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["true", "false"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -252,30 +260,32 @@ def boolean_type__from_string(xml_string): class TimeSyncTokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TimeSyncTokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TimeSyncTokenType element""" - c_tag = 'TimeSyncTokenType' + c_tag = "TimeSyncTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['DeviceType'] = ('device_type', DeviceTypeType_, True) - c_attributes['SeedLength'] = ('seed_length', 'integer', True) - c_attributes['DeviceInHand'] = ('device_in_hand', BooleanType_, True) - - def __init__(self, - device_type=None, - seed_length=None, - device_in_hand=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["DeviceType"] = ("device_type", DeviceTypeType_, True) + c_attributes["SeedLength"] = ("seed_length", "integer", True) + c_attributes["DeviceInHand"] = ("device_in_hand", BooleanType_, True) + + def __init__( + self, + device_type=None, + seed_length=None, + device_in_hand=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.device_type = device_type self.seed_length = seed_length @@ -287,69 +297,71 @@ def time_sync_token_type__from_string(xml_string): class ActivationLimitDurationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitDurationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitDurationType element""" - c_tag = 'ActivationLimitDurationType' + c_tag = "ActivationLimitDurationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['duration'] = ('duration', 'duration', True) - - def __init__(self, - duration=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["duration"] = ("duration", "duration", True) + + def __init__( + self, + duration=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.duration = duration def activation_limit_duration_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDurationType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDurationType_, xml_string) class ActivationLimitUsagesType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitUsagesType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitUsagesType element""" - c_tag = 'ActivationLimitUsagesType' + c_tag = "ActivationLimitUsagesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['number'] = ('number', 'integer', True) - - def __init__(self, - number=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["number"] = ("number", "integer", True) + + def __init__( + self, + number=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.number = number def activation_limit_usages_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, xml_string) class ActivationLimitSessionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitSessionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitSessionType element""" - c_tag = 'ActivationLimitSessionType' + c_tag = "ActivationLimitSessionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -358,33 +370,34 @@ class ActivationLimitSessionType_(SamlBase): def activation_limit_session_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSessionType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSessionType_, xml_string) class LengthType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:LengthType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:LengthType element""" - c_tag = 'LengthType' + c_tag = "LengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'integer', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["min"] = ("min", "integer", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__( + self, + min=None, + max=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.min = min self.max = max @@ -395,13 +408,14 @@ def length_type__from_string(xml_string): class MediumType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:mediumType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:mediumType element""" - c_tag = 'mediumType' + c_tag = "mediumType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['memory', 'smartcard', 'token', - 'MobileDevice', 'MobileAuthCard']} + c_value_type = { + "base": "xs:NMTOKEN", + "enumeration": ["memory", "smartcard", "token", "MobileDevice", "MobileAuthCard"], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -413,26 +427,28 @@ def medium_type__from_string(xml_string): class KeyStorageType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyStorageType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyStorageType element""" - c_tag = 'KeyStorageType' + c_tag = "KeyStorageType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['medium'] = ('medium', MediumType_, True) - - def __init__(self, - medium=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["medium"] = ("medium", MediumType_, True) + + def __init__( + self, + medium=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.medium = medium @@ -442,9 +458,9 @@ def key_storage_type__from_string(xml_string): class ExtensionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ExtensionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ExtensionType element""" - c_tag = 'ExtensionType' + c_tag = "ExtensionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -457,25 +473,26 @@ def extension_type__from_string(xml_string): class PublicKeyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PublicKeyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PublicKeyType element""" - c_tag = 'PublicKeyType' + c_tag = "PublicKeyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['keyValidation'] = ('key_validation', 'anyURI', False) - - def __init__(self, - key_validation="urn:oasis:names:tc:SAML:2.0:ac:classes:X509", - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["keyValidation"] = ("key_validation", "anyURI", False) + + def __init__( + self, + key_validation="urn:oasis:names:tc:SAML:2.0:ac:classes:X509", + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) def public_key_type__from_string(xml_string): @@ -483,9 +500,9 @@ def public_key_type__from_string(xml_string): class KeySharing(KeySharingType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeySharing element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeySharing element""" - c_tag = 'KeySharing' + c_tag = "KeySharing" c_namespace = NAMESPACE c_children = KeySharingType_.c_children.copy() c_attributes = KeySharingType_.c_attributes.copy() @@ -498,9 +515,9 @@ def key_sharing_from_string(xml_string): class KeyStorage(KeyStorageType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyStorage element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyStorage element""" - c_tag = 'KeyStorage' + c_tag = "KeyStorage" c_namespace = NAMESPACE c_children = KeyStorageType_.c_children.copy() c_attributes = KeyStorageType_.c_attributes.copy() @@ -513,9 +530,9 @@ def key_storage_from_string(xml_string): class TimeSyncToken(TimeSyncTokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TimeSyncToken element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TimeSyncToken element""" - c_tag = 'TimeSyncToken' + c_tag = "TimeSyncToken" c_namespace = NAMESPACE c_children = TimeSyncTokenType_.c_children.copy() c_attributes = TimeSyncTokenType_.c_attributes.copy() @@ -528,9 +545,9 @@ def time_sync_token_from_string(xml_string): class Length(LengthType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Length element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Length element""" - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = LengthType_.c_children.copy() c_attributes = LengthType_.c_attributes.copy() @@ -543,9 +560,9 @@ def length_from_string(xml_string): class DigSig(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:DigSig element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:DigSig element""" - c_tag = 'DigSig' + c_tag = "DigSig" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -558,9 +575,9 @@ def dig_sig_from_string(xml_string): class AsymmetricDecryption(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AsymmetricDecryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AsymmetricDecryption element""" - c_tag = 'AsymmetricDecryption' + c_tag = "AsymmetricDecryption" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -573,9 +590,9 @@ def asymmetric_decryption_from_string(xml_string): class AsymmetricKeyAgreement(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AsymmetricKeyAgreement element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AsymmetricKeyAgreement element""" - c_tag = 'AsymmetricKeyAgreement' + c_tag = "AsymmetricKeyAgreement" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -584,14 +601,13 @@ class AsymmetricKeyAgreement(PublicKeyType_): def asymmetric_key_agreement_from_string(xml_string): - return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, - xml_string) + return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, xml_string) class GoverningAgreementRef(GoverningAgreementRefType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreementRef element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreementRef element""" - c_tag = 'GoverningAgreementRef' + c_tag = "GoverningAgreementRef" c_namespace = NAMESPACE c_children = GoverningAgreementRefType_.c_children.copy() c_attributes = GoverningAgreementRefType_.c_attributes.copy() @@ -604,41 +620,43 @@ def governing_agreement_ref_from_string(xml_string): class GoverningAgreementsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreementsType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreementsType element""" - c_tag = 'GoverningAgreementsType' + c_tag = "GoverningAgreementsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}GoverningAgreementRef'] = ( - 'governing_agreement_ref', [GoverningAgreementRef]) - c_cardinality['governing_agreement_ref'] = {"min": 1} - c_child_order.extend(['governing_agreement_ref']) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}GoverningAgreementRef"] = ( + "governing_agreement_ref", + [GoverningAgreementRef], + ) + c_cardinality["governing_agreement_ref"] = {"min": 1} + c_child_order.extend(["governing_agreement_ref"]) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref or [] def governing_agreements_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementsType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementsType_, xml_string) class RestrictedPasswordType_Length(RestrictedLengthType_): - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = RestrictedLengthType_.c_children.copy() c_attributes = RestrictedLengthType_.c_attributes.copy() @@ -647,14 +665,13 @@ class RestrictedPasswordType_Length(RestrictedLengthType_): def restricted_password_type__length_from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, xml_string) class Alphabet(AlphabetType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Alphabet element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Alphabet element""" - c_tag = 'Alphabet' + c_tag = "Alphabet" c_namespace = NAMESPACE c_children = AlphabetType_.c_children.copy() c_attributes = AlphabetType_.c_attributes.copy() @@ -667,9 +684,9 @@ def alphabet_from_string(xml_string): class ActivationLimitDuration(ActivationLimitDurationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitDuration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitDuration element""" - c_tag = 'ActivationLimitDuration' + c_tag = "ActivationLimitDuration" c_namespace = NAMESPACE c_children = ActivationLimitDurationType_.c_children.copy() c_attributes = ActivationLimitDurationType_.c_attributes.copy() @@ -678,14 +695,13 @@ class ActivationLimitDuration(ActivationLimitDurationType_): def activation_limit_duration_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDuration, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDuration, xml_string) class ActivationLimitUsages(ActivationLimitUsagesType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitUsages element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitUsages element""" - c_tag = 'ActivationLimitUsages' + c_tag = "ActivationLimitUsages" c_namespace = NAMESPACE c_children = ActivationLimitUsagesType_.c_children.copy() c_attributes = ActivationLimitUsagesType_.c_attributes.copy() @@ -698,9 +714,9 @@ def activation_limit_usages_from_string(xml_string): class ActivationLimitSession(ActivationLimitSessionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitSession element""" - c_tag = 'ActivationLimitSession' + c_tag = "ActivationLimitSession" c_namespace = NAMESPACE c_children = ActivationLimitSessionType_.c_children.copy() c_attributes = ActivationLimitSessionType_.c_attributes.copy() @@ -709,14 +725,13 @@ class ActivationLimitSession(ActivationLimitSessionType_): def activation_limit_session_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSession, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSession, xml_string) class Extension(ExtensionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Extension element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Extension element""" - c_tag = 'Extension' + c_tag = "Extension" c_namespace = NAMESPACE c_children = ExtensionType_.c_children.copy() c_attributes = ExtensionType_.c_attributes.copy() @@ -729,41 +744,41 @@ def extension_from_string(xml_string): class AuthenticatorBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticatorBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticatorBaseType element""" - c_tag = 'AuthenticatorBaseType' + c_tag = "AuthenticatorBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}DigSig'] = ( - 'dig_sig', DigSig) - c_child_order.extend(['dig_sig']) - - def __init__(self, - dig_sig=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}DigSig"] = ("dig_sig", DigSig) + c_child_order.extend(["dig_sig"]) + + def __init__( + self, + dig_sig=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.dig_sig = dig_sig def authenticator_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorBaseType_, xml_string) class Authenticator(AuthenticatorBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Authenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Authenticator element""" - c_tag = 'Authenticator' + c_tag = "Authenticator" c_namespace = NAMESPACE c_children = AuthenticatorBaseType_.c_children.copy() c_attributes = AuthenticatorBaseType_.c_attributes.copy() @@ -776,46 +791,45 @@ def authenticator_from_string(xml_string): class SharedSecretChallengeResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SharedSecretChallengeResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SharedSecretChallengeResponseType element""" - c_tag = 'SharedSecretChallengeResponseType' + c_tag = "SharedSecretChallengeResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['method'] = ('method', 'anyURI', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - method=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["method"] = ("method", "anyURI", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + method=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.method = method def shared_secret_challenge_response_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - SharedSecretChallengeResponseType_, xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponseType_, xml_string) class GoverningAgreements(GoverningAgreementsType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreements element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:GoverningAgreements element""" - c_tag = 'GoverningAgreements' + c_tag = "GoverningAgreements" c_namespace = NAMESPACE c_children = GoverningAgreementsType_.c_children.copy() c_attributes = GoverningAgreementsType_.c_attributes.copy() @@ -828,46 +842,41 @@ def governing_agreements_from_string(xml_string): class PasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PasswordType element""" - c_tag = 'PasswordType' + c_tag = "PasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'alphabet', 'generation', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "alphabet", "generation", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -881,41 +890,37 @@ def password_type__from_string(xml_string): class RestrictedPasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:RestrictedPasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:RestrictedPasswordType element""" - c_tag = 'RestrictedPasswordType' + c_tag = "RestrictedPasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Length'] = ( - 'length', RestrictedPasswordType_Length) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'generation', 'extension']) - - def __init__(self, - length=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Length"] = ("length", RestrictedPasswordType_Length) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "generation", "extension"]) + + def __init__( + self, + length=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.generation = generation @@ -924,39 +929,36 @@ def __init__(self, def restricted_password_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_, xml_string) class TokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TokenType element""" - c_tag = 'TokenType' + c_tag = "TokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}TimeSyncToken'] = ( - 'time_sync_token', TimeSyncToken) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['time_sync_token', 'extension']) - - def __init__(self, - time_sync_token=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}TimeSyncToken"] = ("time_sync_token", TimeSyncToken) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["time_sync_token", "extension"]) + + def __init__( + self, + time_sync_token=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.time_sync_token = time_sync_token self.extension = extension or [] @@ -967,42 +969,45 @@ def token_type__from_string(xml_string): class ActivationLimitType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimitType element""" - c_tag = 'ActivationLimitType' + c_tag = "ActivationLimitType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimitDuration'] = ( - 'activation_limit_duration', ActivationLimitDuration) - c_cardinality['activation_limit_duration'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimitUsages'] = ( - 'activation_limit_usages', ActivationLimitUsages) - c_cardinality['activation_limit_usages'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimitSession'] = ( - 'activation_limit_session', ActivationLimitSession) - c_cardinality['activation_limit_session'] = {"min": 0, "max": 1} - c_child_order.extend( - ['activation_limit_duration', 'activation_limit_usages', - 'activation_limit_session']) - - def __init__(self, - activation_limit_duration=None, - activation_limit_usages=None, - activation_limit_session=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimitDuration"] = ( + "activation_limit_duration", + ActivationLimitDuration, + ) + c_cardinality["activation_limit_duration"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimitUsages"] = ( + "activation_limit_usages", + ActivationLimitUsages, + ) + c_cardinality["activation_limit_usages"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimitSession"] = ( + "activation_limit_session", + ActivationLimitSession, + ) + c_cardinality["activation_limit_session"] = {"min": 0, "max": 1} + c_child_order.extend(["activation_limit_duration", "activation_limit_usages", "activation_limit_session"]) + + def __init__( + self, + activation_limit_duration=None, + activation_limit_usages=None, + activation_limit_session=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_limit_duration = activation_limit_duration self.activation_limit_usages = activation_limit_usages @@ -1014,30 +1019,30 @@ def activation_limit_type__from_string(xml_string): class ExtensionOnlyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ExtensionOnlyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ExtensionOnlyType element""" - c_tag = 'ExtensionOnlyType' + c_tag = "ExtensionOnlyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] @@ -1047,9 +1052,9 @@ def extension_only_type__from_string(xml_string): class WrittenConsent(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:WrittenConsent element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:WrittenConsent element""" - c_tag = 'WrittenConsent' + c_tag = "WrittenConsent" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1062,9 +1067,9 @@ def written_consent_from_string(xml_string): class SubscriberLineNumber(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SubscriberLineNumber element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SubscriberLineNumber element""" - c_tag = 'SubscriberLineNumber' + c_tag = "SubscriberLineNumber" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1077,9 +1082,9 @@ def subscriber_line_number_from_string(xml_string): class UserSuffix(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:UserSuffix element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:UserSuffix element""" - c_tag = 'UserSuffix' + c_tag = "UserSuffix" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1092,9 +1097,9 @@ def user_suffix_from_string(xml_string): class Password(PasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Password element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Password element""" - c_tag = 'Password' + c_tag = "Password" c_namespace = NAMESPACE c_children = PasswordType_.c_children.copy() c_attributes = PasswordType_.c_attributes.copy() @@ -1107,9 +1112,9 @@ def password_from_string(xml_string): class Token(TokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Token element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Token element""" - c_tag = 'Token' + c_tag = "Token" c_namespace = NAMESPACE c_children = TokenType_.c_children.copy() c_attributes = TokenType_.c_attributes.copy() @@ -1122,9 +1127,9 @@ def token_from_string(xml_string): class Smartcard(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Smartcard element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Smartcard element""" - c_tag = 'Smartcard' + c_tag = "Smartcard" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1137,9 +1142,9 @@ def smartcard_from_string(xml_string): class ActivationLimit(ActivationLimitType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationLimit element""" - c_tag = 'ActivationLimit' + c_tag = "ActivationLimit" c_namespace = NAMESPACE c_children = ActivationLimitType_.c_children.copy() c_attributes = ActivationLimitType_.c_attributes.copy() @@ -1152,9 +1157,9 @@ def activation_limit_from_string(xml_string): class PreviousSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PreviousSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PreviousSession element""" - c_tag = 'PreviousSession' + c_tag = "PreviousSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1167,9 +1172,9 @@ def previous_session_from_string(xml_string): class ResumeSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ResumeSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ResumeSession element""" - c_tag = 'ResumeSession' + c_tag = "ResumeSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1182,9 +1187,9 @@ def resume_session_from_string(xml_string): class ZeroKnowledge(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ZeroKnowledge element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ZeroKnowledge element""" - c_tag = 'ZeroKnowledge' + c_tag = "ZeroKnowledge" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1197,9 +1202,9 @@ def zero_knowledge_from_string(xml_string): class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SharedSecretChallengeResponse element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SharedSecretChallengeResponse element""" - c_tag = 'SharedSecretChallengeResponse' + c_tag = "SharedSecretChallengeResponse" c_namespace = NAMESPACE c_children = SharedSecretChallengeResponseType_.c_children.copy() c_attributes = SharedSecretChallengeResponseType_.c_attributes.copy() @@ -1208,14 +1213,13 @@ class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): def shared_secret_challenge_response_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, xml_string) class IPAddress(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:IPAddress element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:IPAddress element""" - c_tag = 'IPAddress' + c_tag = "IPAddress" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1228,9 +1232,9 @@ def ip_address_from_string(xml_string): class SharedSecretDynamicPlaintext(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SharedSecretDynamicPlaintext element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SharedSecretDynamicPlaintext element""" - c_tag = 'SharedSecretDynamicPlaintext' + c_tag = "SharedSecretDynamicPlaintext" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1239,14 +1243,13 @@ class SharedSecretDynamicPlaintext(ExtensionOnlyType_): def shared_secret_dynamic_plaintext_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, xml_string) class HTTP(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:HTTP element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:HTTP element""" - c_tag = 'HTTP' + c_tag = "HTTP" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1259,9 +1262,9 @@ def http_from_string(xml_string): class IPSec(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:IPSec element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:IPSec element""" - c_tag = 'IPSec' + c_tag = "IPSec" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1274,9 +1277,9 @@ def ip_sec_from_string(xml_string): class WTLS(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:WTLS element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:WTLS element""" - c_tag = 'WTLS' + c_tag = "WTLS" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1289,9 +1292,9 @@ def wtls_from_string(xml_string): class MobileNetworkNoEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:MobileNetworkNoEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:MobileNetworkNoEncryption element""" - c_tag = 'MobileNetworkNoEncryption' + c_tag = "MobileNetworkNoEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1300,14 +1303,13 @@ class MobileNetworkNoEncryption(ExtensionOnlyType_): def mobile_network_no_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, xml_string) class MobileNetworkRadioEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:MobileNetworkRadioEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:MobileNetworkRadioEncryption element""" - c_tag = 'MobileNetworkRadioEncryption' + c_tag = "MobileNetworkRadioEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1316,14 +1318,13 @@ class MobileNetworkRadioEncryption(ExtensionOnlyType_): def mobile_network_radio_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, xml_string) class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:MobileNetworkEndToEndEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:MobileNetworkEndToEndEncryption element""" - c_tag = 'MobileNetworkEndToEndEncryption' + c_tag = "MobileNetworkEndToEndEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1332,14 +1333,13 @@ class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): def mobile_network_end_to_end_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, xml_string) class SSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SSL element""" - c_tag = 'SSL' + c_tag = "SSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1352,9 +1352,9 @@ def ssl_from_string(xml_string): class PSTN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PSTN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PSTN element""" - c_tag = 'PSTN' + c_tag = "PSTN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1367,9 +1367,9 @@ def pstn_from_string(xml_string): class ISDN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ISDN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ISDN element""" - c_tag = 'ISDN' + c_tag = "ISDN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1382,9 +1382,9 @@ def isdn_from_string(xml_string): class ADSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ADSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ADSL element""" - c_tag = 'ADSL' + c_tag = "ADSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1397,9 +1397,9 @@ def adsl_from_string(xml_string): class SwitchAudit(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SwitchAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SwitchAudit element""" - c_tag = 'SwitchAudit' + c_tag = "SwitchAudit" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1412,9 +1412,9 @@ def switch_audit_from_string(xml_string): class DeactivationCallCenter(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:DeactivationCallCenter element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:DeactivationCallCenter element""" - c_tag = 'DeactivationCallCenter' + c_tag = "DeactivationCallCenter" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1423,54 +1423,51 @@ class DeactivationCallCenter(ExtensionOnlyType_): def deactivation_call_center_from_string(xml_string): - return saml2.create_class_from_xml_string(DeactivationCallCenter, - xml_string) + return saml2.create_class_from_xml_string(DeactivationCallCenter, xml_string) class IdentificationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:IdentificationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:IdentificationType element""" - c_tag = 'IdentificationType' + c_tag = "IdentificationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PhysicalVerification'] = ( - 'physical_verification', PhysicalVerification) - c_cardinality['physical_verification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}WrittenConsent'] = ( - 'written_consent', WrittenConsent) - c_cardinality['written_consent'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['nym'] = ('nym', NymType_, False) - c_child_order.extend( - ['physical_verification', 'written_consent', 'governing_agreements', - 'extension']) - - def __init__(self, - physical_verification=None, - written_consent=None, - governing_agreements=None, - extension=None, - nym=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PhysicalVerification"] = ( + "physical_verification", + PhysicalVerification, + ) + c_cardinality["physical_verification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}WrittenConsent"] = ("written_consent", WrittenConsent) + c_cardinality["written_consent"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["nym"] = ("nym", NymType_, False) + c_child_order.extend(["physical_verification", "written_consent", "governing_agreements", "extension"]) + + def __init__( + self, + physical_verification=None, + written_consent=None, + governing_agreements=None, + extension=None, + nym=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.physical_verification = physical_verification self.written_consent = written_consent @@ -1484,9 +1481,9 @@ def identification_type__from_string(xml_string): class RestrictedPassword(RestrictedPasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:RestrictedPassword element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:RestrictedPassword element""" - c_tag = 'RestrictedPassword' + c_tag = "RestrictedPassword" c_namespace = NAMESPACE c_children = RestrictedPasswordType_.c_children.copy() c_attributes = RestrictedPasswordType_.c_attributes.copy() @@ -1499,49 +1496,45 @@ def restricted_password_from_string(xml_string): class ActivationPinType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationPinType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationPinType element""" - c_tag = 'ActivationPinType' + c_tag = "ActivationPinType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimit'] = ( - 'activation_limit', ActivationLimit) - c_cardinality['activation_limit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['length', 'alphabet', 'generation', 'activation_limit', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - activation_limit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationLimit"] = ( + "activation_limit", + ActivationLimit, + ) + c_cardinality["activation_limit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["length", "alphabet", "generation", "activation_limit", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + activation_limit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -1555,35 +1548,33 @@ def activation_pin_type__from_string(xml_string): class SecurityAuditType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecurityAuditType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecurityAuditType element""" - c_tag = 'SecurityAuditType' + c_tag = "SecurityAuditType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SwitchAudit'] = ( - 'switch_audit', SwitchAudit) - c_cardinality['switch_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['switch_audit', 'extension']) - - def __init__(self, - switch_audit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SwitchAudit"] = ("switch_audit", SwitchAudit) + c_cardinality["switch_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["switch_audit", "extension"]) + + def __init__( + self, + switch_audit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.switch_audit = switch_audit self.extension = extension or [] @@ -1594,74 +1585,74 @@ def security_audit_type__from_string(xml_string): class PrincipalAuthenticationMechanismType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrincipalAuthenticationMechanismType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrincipalAuthenticationMechanismType element""" - c_tag = 'PrincipalAuthenticationMechanismType' + c_tag = "PrincipalAuthenticationMechanismType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_attributes['preauth'] = ('preauth', 'integer', False) - c_child_order.extend(['restricted_password']) - - def __init__(self, - restricted_password=None, - preauth=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_attributes["preauth"] = ("preauth", "integer", False) + c_child_order.extend(["restricted_password"]) + + def __init__( + self, + restricted_password=None, + preauth=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.restricted_password = restricted_password self.preauth = preauth def principal_authentication_mechanism_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - PrincipalAuthenticationMechanismType_, xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanismType_, xml_string) class AuthenticatorTransportProtocolType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticatorTransportProtocolType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticatorTransportProtocolType element""" - c_tag = 'AuthenticatorTransportProtocolType' + c_tag = "AuthenticatorTransportProtocolType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SSL'] = ( - 'ssl', SSL) - c_cardinality['ssl'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}WTLS'] = ( - 'wtls', WTLS) - c_cardinality['wtls'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['ssl', 'wtls', 'extension']) - - def __init__(self, - ssl=None, - wtls=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SSL"] = ("ssl", SSL) + c_cardinality["ssl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}WTLS"] = ("wtls", WTLS) + c_cardinality["wtls"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["ssl", "wtls", "extension"]) + + def __init__( + self, + ssl=None, + wtls=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.ssl = ssl self.wtls = wtls @@ -1669,14 +1660,13 @@ def __init__(self, def authenticator_transport_protocol_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - AuthenticatorTransportProtocolType_, xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocolType_, xml_string) class Identification(IdentificationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Identification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:Identification element""" - c_tag = 'Identification' + c_tag = "Identification" c_namespace = NAMESPACE c_children = IdentificationType_.c_children.copy() c_attributes = IdentificationType_.c_attributes.copy() @@ -1689,9 +1679,9 @@ def identification_from_string(xml_string): class ActivationPin(ActivationPinType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationPin element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ActivationPin element""" - c_tag = 'ActivationPin' + c_tag = "ActivationPin" c_namespace = NAMESPACE c_children = ActivationPinType_.c_children.copy() c_attributes = ActivationPinType_.c_attributes.copy() @@ -1704,9 +1694,9 @@ def activation_pin_from_string(xml_string): class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrincipalAuthenticationMechanism element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrincipalAuthenticationMechanism element""" - c_tag = 'PrincipalAuthenticationMechanism' + c_tag = "PrincipalAuthenticationMechanism" c_namespace = NAMESPACE c_children = PrincipalAuthenticationMechanismType_.c_children.copy() c_attributes = PrincipalAuthenticationMechanismType_.c_attributes.copy() @@ -1715,14 +1705,13 @@ class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): def principal_authentication_mechanism_from_string(xml_string): - return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, - xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, xml_string) class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticatorTransportProtocol element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticatorTransportProtocol element""" - c_tag = 'AuthenticatorTransportProtocol' + c_tag = "AuthenticatorTransportProtocol" c_namespace = NAMESPACE c_children = AuthenticatorTransportProtocolType_.c_children.copy() c_attributes = AuthenticatorTransportProtocolType_.c_attributes.copy() @@ -1731,14 +1720,13 @@ class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): def authenticator_transport_protocol_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, xml_string) class SecurityAudit(SecurityAuditType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecurityAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecurityAudit element""" - c_tag = 'SecurityAudit' + c_tag = "SecurityAudit" c_namespace = NAMESPACE c_children = SecurityAuditType_.c_children.copy() c_attributes = SecurityAuditType_.c_attributes.copy() @@ -1751,41 +1739,39 @@ def security_audit_from_string(xml_string): class OperationalProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:OperationalProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:OperationalProtectionType element""" - c_tag = 'OperationalProtectionType' + c_tag = "OperationalProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SecurityAudit'] = ( - 'security_audit', SecurityAudit) - c_cardinality['security_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}DeactivationCallCenter'] = ( - 'deactivation_call_center', DeactivationCallCenter) - c_cardinality['deactivation_call_center'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['security_audit', 'deactivation_call_center', 'extension']) - - def __init__(self, - security_audit=None, - deactivation_call_center=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SecurityAudit"] = ("security_audit", SecurityAudit) + c_cardinality["security_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}DeactivationCallCenter"] = ( + "deactivation_call_center", + DeactivationCallCenter, + ) + c_cardinality["deactivation_call_center"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["security_audit", "deactivation_call_center", "extension"]) + + def __init__( + self, + security_audit=None, + deactivation_call_center=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.security_audit = security_audit self.deactivation_call_center = deactivation_call_center @@ -1793,40 +1779,37 @@ def __init__(self, def operational_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(OperationalProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(OperationalProtectionType_, xml_string) class KeyActivationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyActivationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyActivationType element""" - c_tag = 'KeyActivationType' + c_tag = "KeyActivationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['activation_pin', 'extension']) - - def __init__(self, - activation_pin=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ActivationPin"] = ("activation_pin", ActivationPin) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["activation_pin", "extension"]) + + def __init__( + self, + activation_pin=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_pin = activation_pin self.extension = extension or [] @@ -1837,44 +1820,45 @@ def key_activation_type__from_string(xml_string): class AuthnMethodBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthnMethodBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthnMethodBaseType element""" - c_tag = 'AuthnMethodBaseType' + c_tag = "AuthnMethodBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PrincipalAuthenticationMechanism'] = ( - 'principal_authentication_mechanism', PrincipalAuthenticationMechanism) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Authenticator'] = ( - 'authenticator', Authenticator) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AuthenticatorTransportProtocol'] = ( - 'authenticator_transport_protocol', AuthenticatorTransportProtocol) - c_cardinality['authenticator_transport_protocol'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['principal_authentication_mechanism', 'authenticator', - 'authenticator_transport_protocol', 'extension']) - - def __init__(self, - principal_authentication_mechanism=None, - authenticator=None, - authenticator_transport_protocol=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PrincipalAuthenticationMechanism"] = ( + "principal_authentication_mechanism", + PrincipalAuthenticationMechanism, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Authenticator"] = ("authenticator", Authenticator) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AuthenticatorTransportProtocol"] = ( + "authenticator_transport_protocol", + AuthenticatorTransportProtocol, + ) + c_cardinality["authenticator_transport_protocol"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + ["principal_authentication_mechanism", "authenticator", "authenticator_transport_protocol", "extension"] + ) + + def __init__( + self, + principal_authentication_mechanism=None, + authenticator=None, + authenticator_transport_protocol=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.principal_authentication_mechanism = principal_authentication_mechanism self.authenticator = authenticator @@ -1887,9 +1871,9 @@ def authn_method_base_type__from_string(xml_string): class KeyActivation(KeyActivationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyActivation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:KeyActivation element""" - c_tag = 'KeyActivation' + c_tag = "KeyActivation" c_namespace = NAMESPACE c_children = KeyActivationType_.c_children.copy() c_attributes = KeyActivationType_.c_attributes.copy() @@ -1902,9 +1886,9 @@ def key_activation_from_string(xml_string): class AuthnMethod(AuthnMethodBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthnMethod element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthnMethod element""" - c_tag = 'AuthnMethod' + c_tag = "AuthnMethod" c_namespace = NAMESPACE c_children = AuthnMethodBaseType_.c_children.copy() c_attributes = AuthnMethodBaseType_.c_attributes.copy() @@ -1917,9 +1901,9 @@ def authn_method_from_string(xml_string): class OperationalProtection(OperationalProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:OperationalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:OperationalProtection element""" - c_tag = 'OperationalProtection' + c_tag = "OperationalProtection" c_namespace = NAMESPACE c_children = OperationalProtectionType_.c_children.copy() c_attributes = OperationalProtectionType_.c_attributes.copy() @@ -1932,46 +1916,39 @@ def operational_protection_from_string(xml_string): class PrivateKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrivateKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrivateKeyProtectionType element""" - c_tag = 'PrivateKeyProtectionType' + c_tag = "PrivateKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeySharing'] = ( - 'key_sharing', KeySharing) - c_cardinality['key_sharing'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['key_activation', 'key_storage', 'key_sharing', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - key_sharing=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyActivation"] = ("key_activation", KeyActivation) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyStorage"] = ("key_storage", KeyStorage) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeySharing"] = ("key_sharing", KeySharing) + c_cardinality["key_sharing"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "key_sharing", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + key_sharing=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -1980,45 +1957,40 @@ def __init__(self, def private_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, xml_string) class SecretKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecretKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecretKeyProtectionType element""" - c_tag = 'SecretKeyProtectionType' + c_tag = "SecretKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['key_activation', 'key_storage', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyActivation"] = ("key_activation", KeyActivation) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}KeyStorage"] = ("key_storage", KeyStorage) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -2026,14 +1998,13 @@ def __init__(self, def secret_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SecretKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(SecretKeyProtectionType_, xml_string) class SecretKeyProtection(SecretKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecretKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:SecretKeyProtection element""" - c_tag = 'SecretKeyProtection' + c_tag = "SecretKeyProtection" c_namespace = NAMESPACE c_children = SecretKeyProtectionType_.c_children.copy() c_attributes = SecretKeyProtectionType_.c_attributes.copy() @@ -2046,9 +2017,9 @@ def secret_key_protection_from_string(xml_string): class PrivateKeyProtection(PrivateKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrivateKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:PrivateKeyProtection element""" - c_tag = 'PrivateKeyProtection' + c_tag = "PrivateKeyProtection" c_namespace = NAMESPACE c_children = PrivateKeyProtectionType_.c_children.copy() c_attributes = PrivateKeyProtectionType_.c_attributes.copy() @@ -2061,41 +2032,42 @@ def private_key_protection_from_string(xml_string): class TechnicalProtectionBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TechnicalProtectionBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TechnicalProtectionBaseType element""" - c_tag = 'TechnicalProtectionBaseType' + c_tag = "TechnicalProtectionBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PrivateKeyProtection'] = ( - 'private_key_protection', PrivateKeyProtection) - c_cardinality['private_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SecretKeyProtection'] = ( - 'secret_key_protection', SecretKeyProtection) - c_cardinality['secret_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['private_key_protection', 'secret_key_protection', 'extension']) - - def __init__(self, - private_key_protection=None, - secret_key_protection=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PrivateKeyProtection"] = ( + "private_key_protection", + PrivateKeyProtection, + ) + c_cardinality["private_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SecretKeyProtection"] = ( + "secret_key_protection", + SecretKeyProtection, + ) + c_cardinality["secret_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["private_key_protection", "secret_key_protection", "extension"]) + + def __init__( + self, + private_key_protection=None, + secret_key_protection=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.private_key_protection = private_key_protection self.secret_key_protection = secret_key_protection @@ -2103,14 +2075,13 @@ def __init__(self, def technical_protection_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, - xml_string) + return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, xml_string) class TechnicalProtection(TechnicalProtectionBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TechnicalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:TechnicalProtection element""" - c_tag = 'TechnicalProtection' + c_tag = "TechnicalProtection" c_namespace = NAMESPACE c_children = TechnicalProtectionBaseType_.c_children.copy() c_attributes = TechnicalProtectionBaseType_.c_attributes.copy() @@ -2123,58 +2094,64 @@ def technical_protection_from_string(xml_string): class AuthnContextDeclarationBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthnContextDeclarationBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthnContextDeclarationBaseType element""" - c_tag = 'AuthnContextDeclarationBaseType' + c_tag = "AuthnContextDeclarationBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Identification'] = ( - 'identification', Identification) - c_cardinality['identification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}TechnicalProtection'] = ( - 'technical_protection', TechnicalProtection) - c_cardinality['technical_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}OperationalProtection'] = ( - 'operational_protection', OperationalProtection) - c_cardinality['operational_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AuthnMethod'] = ( - 'authn_method', AuthnMethod) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ID'] = ('id', 'ID', False) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Identification"] = ("identification", Identification) + c_cardinality["identification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}TechnicalProtection"] = ( + "technical_protection", + TechnicalProtection, + ) + c_cardinality["technical_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}OperationalProtection"] = ( + "operational_protection", + OperationalProtection, + ) + c_cardinality["operational_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AuthnMethod"] = ("authn_method", AuthnMethod) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ID"] = ("id", "ID", False) c_child_order.extend( - ['identification', 'technical_protection', 'operational_protection', - 'authn_method', 'governing_agreements', 'extension']) - - def __init__(self, - identification=None, - technical_protection=None, - operational_protection=None, - authn_method=None, - governing_agreements=None, - extension=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "identification", + "technical_protection", + "operational_protection", + "authn_method", + "governing_agreements", + "extension", + ] + ) + + def __init__( + self, + identification=None, + technical_protection=None, + operational_protection=None, + authn_method=None, + governing_agreements=None, + extension=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.identification = identification self.technical_protection = technical_protection @@ -2186,14 +2163,13 @@ def __init__(self, def authn_context_declaration_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, xml_string) class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticationContextDeclaration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:AuthenticationContextDeclaration element""" - c_tag = 'AuthenticationContextDeclaration' + c_tag = "AuthenticationContextDeclaration" c_namespace = NAMESPACE c_children = AuthnContextDeclarationBaseType_.c_children.copy() c_attributes = AuthnContextDeclarationBaseType_.c_attributes.copy() @@ -2202,108 +2178,116 @@ class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): def authentication_context_declaration_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, - xml_string) + return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, xml_string) -#.................. +# .................. # ['ComplexAuthenticatorType', 'ComplexAuthenticator'] class ComplexAuthenticatorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ComplexAuthenticatorType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ComplexAuthenticatorType element""" - c_tag = 'ComplexAuthenticatorType' + c_tag = "ComplexAuthenticatorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PreviousSession'] = ( - 'previous_session', PreviousSession) - c_cardinality['previous_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ResumeSession'] = ( - 'resume_session', ResumeSession) - c_cardinality['resume_session'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}DigSig'] = ( - 'dig_sig', DigSig) - c_cardinality['dig_sig'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ZeroKnowledge'] = ( - 'zero_knowledge', ZeroKnowledge) - c_cardinality['zero_knowledge'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}IPAddress'] = ( - 'ip_address', IPAddress) - c_cardinality['ip_address'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AsymmetricDecryption'] = ( - 'asymmetric_decryption', AsymmetricDecryption) - c_cardinality['asymmetric_decryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AsymmetricKeyAgreement'] = ( - 'asymmetric_key_agreement', AsymmetricKeyAgreement) - c_cardinality['asymmetric_key_agreement'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SubscriberLineNumber'] = ( - 'subscriber_line_number', SubscriberLineNumber) - c_cardinality['subscriber_line_number'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}UserSuffix'] = ( - 'user_suffix', UserSuffix) - c_cardinality['user_suffix'] = {"min": 0, "max": 1} - c_cardinality['complex_authenticator'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}PreviousSession"] = ( + "previous_session", + PreviousSession, + ) + c_cardinality["previous_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ResumeSession"] = ("resume_session", ResumeSession) + c_cardinality["resume_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}DigSig"] = ("dig_sig", DigSig) + c_cardinality["dig_sig"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ZeroKnowledge"] = ("zero_knowledge", ZeroKnowledge) + c_cardinality["zero_knowledge"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}IPAddress"] = ("ip_address", IPAddress) + c_cardinality["ip_address"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AsymmetricDecryption"] = ( + "asymmetric_decryption", + AsymmetricDecryption, + ) + c_cardinality["asymmetric_decryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}AsymmetricKeyAgreement"] = ( + "asymmetric_key_agreement", + AsymmetricKeyAgreement, + ) + c_cardinality["asymmetric_key_agreement"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}SubscriberLineNumber"] = ( + "subscriber_line_number", + SubscriberLineNumber, + ) + c_cardinality["subscriber_line_number"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}UserSuffix"] = ("user_suffix", UserSuffix) + c_cardinality["user_suffix"] = {"min": 0, "max": 1} + c_cardinality["complex_authenticator"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} c_child_order.extend( - ['previous_session', 'resume_session', 'dig_sig', 'password', - 'restricted_password', 'zero_knowledge', - 'shared_secret_challenge_response', 'shared_secret_dynamic_plaintext', - 'ip_address', 'asymmetric_decryption', 'asymmetric_key_agreement', - 'subscriber_line_number', 'user_suffix', 'complex_authenticator', - 'extension']) - - def __init__(self, - previous_session=None, - resume_session=None, - dig_sig=None, - password=None, - restricted_password=None, - zero_knowledge=None, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - ip_address=None, - asymmetric_decryption=None, - asymmetric_key_agreement=None, - subscriber_line_number=None, - user_suffix=None, - complex_authenticator=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "previous_session", + "resume_session", + "dig_sig", + "password", + "restricted_password", + "zero_knowledge", + "shared_secret_challenge_response", + "shared_secret_dynamic_plaintext", + "ip_address", + "asymmetric_decryption", + "asymmetric_key_agreement", + "subscriber_line_number", + "user_suffix", + "complex_authenticator", + "extension", + ] + ) + + def __init__( + self, + previous_session=None, + resume_session=None, + dig_sig=None, + password=None, + restricted_password=None, + zero_knowledge=None, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + ip_address=None, + asymmetric_decryption=None, + asymmetric_key_agreement=None, + subscriber_line_number=None, + user_suffix=None, + complex_authenticator=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.previous_session = previous_session self.resume_session = resume_session @@ -2323,14 +2307,13 @@ def __init__(self, def complex_authenticator_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, - xml_string) + return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, xml_string) class ComplexAuthenticator(ComplexAuthenticatorType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ComplexAuthenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient:ComplexAuthenticator element""" - c_tag = 'ComplexAuthenticator' + c_tag = "ComplexAuthenticator" c_namespace = NAMESPACE c_children = ComplexAuthenticatorType_.c_children.copy() c_attributes = ComplexAuthenticatorType_.c_attributes.copy() @@ -2343,12 +2326,14 @@ def complex_authenticator_from_string(xml_string): # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -ComplexAuthenticatorType_.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) -ComplexAuthenticator.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) +ComplexAuthenticatorType_.c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, +) +ComplexAuthenticator.c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TLSClient}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, +) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ELEMENT_FROM_STRING = { @@ -2448,102 +2433,101 @@ def complex_authenticator_from_string(xml_string): } ELEMENT_BY_TAG = { - 'AuthenticationContextDeclaration': AuthenticationContextDeclaration, - 'Identification': Identification, - 'PhysicalVerification': PhysicalVerification, - 'WrittenConsent': WrittenConsent, - 'TechnicalProtection': TechnicalProtection, - 'SecretKeyProtection': SecretKeyProtection, - 'PrivateKeyProtection': PrivateKeyProtection, - 'KeyActivation': KeyActivation, - 'KeySharing': KeySharing, - 'KeyStorage': KeyStorage, - 'SubscriberLineNumber': SubscriberLineNumber, - 'UserSuffix': UserSuffix, - 'Password': Password, - 'ActivationPin': ActivationPin, - 'Token': Token, - 'TimeSyncToken': TimeSyncToken, - 'Smartcard': Smartcard, - 'Length': Length, - 'ActivationLimit': ActivationLimit, - 'Generation': Generation, - 'AuthnMethod': AuthnMethod, - 'PrincipalAuthenticationMechanism': PrincipalAuthenticationMechanism, - 'Authenticator': Authenticator, - 'ComplexAuthenticator': ComplexAuthenticator, - 'PreviousSession': PreviousSession, - 'ResumeSession': ResumeSession, - 'ZeroKnowledge': ZeroKnowledge, - 'SharedSecretChallengeResponse': SharedSecretChallengeResponse, - 'SharedSecretChallengeResponseType': SharedSecretChallengeResponseType_, - 'DigSig': DigSig, - 'AsymmetricDecryption': AsymmetricDecryption, - 'AsymmetricKeyAgreement': AsymmetricKeyAgreement, - 'IPAddress': IPAddress, - 'SharedSecretDynamicPlaintext': SharedSecretDynamicPlaintext, - 'AuthenticatorTransportProtocol': AuthenticatorTransportProtocol, - 'HTTP': HTTP, - 'IPSec': IPSec, - 'WTLS': WTLS, - 'MobileNetworkNoEncryption': MobileNetworkNoEncryption, - 'MobileNetworkRadioEncryption': MobileNetworkRadioEncryption, - 'MobileNetworkEndToEndEncryption': MobileNetworkEndToEndEncryption, - 'SSL': SSL, - 'PSTN': PSTN, - 'ISDN': ISDN, - 'ADSL': ADSL, - 'OperationalProtection': OperationalProtection, - 'SecurityAudit': SecurityAudit, - 'SwitchAudit': SwitchAudit, - 'DeactivationCallCenter': DeactivationCallCenter, - 'GoverningAgreements': GoverningAgreements, - 'GoverningAgreementRef': GoverningAgreementRef, - 'nymType': NymType_, - 'IdentificationType': IdentificationType_, - 'TechnicalProtectionBaseType': TechnicalProtectionBaseType_, - 'OperationalProtectionType': OperationalProtectionType_, - 'GoverningAgreementsType': GoverningAgreementsType_, - 'GoverningAgreementRefType': GoverningAgreementRefType_, - 'ComplexAuthenticatorType': ComplexAuthenticatorType_, - 'KeyActivationType': KeyActivationType_, - 'KeySharingType': KeySharingType_, - 'PrivateKeyProtectionType': PrivateKeyProtectionType_, - 'PasswordType': PasswordType_, - 'RestrictedPassword': RestrictedPassword, - 'RestrictedPasswordType': RestrictedPasswordType_, - 'RestrictedLengthType': RestrictedLengthType_, - 'ActivationPinType': ActivationPinType_, - 'Alphabet': Alphabet, - 'AlphabetType': AlphabetType_, - 'TokenType': TokenType_, - 'DeviceTypeType': DeviceTypeType_, - 'booleanType': BooleanType_, - 'TimeSyncTokenType': TimeSyncTokenType_, - 'ActivationLimitType': ActivationLimitType_, - 'ActivationLimitDuration': ActivationLimitDuration, - 'ActivationLimitUsages': ActivationLimitUsages, - 'ActivationLimitSession': ActivationLimitSession, - 'ActivationLimitDurationType': ActivationLimitDurationType_, - 'ActivationLimitUsagesType': ActivationLimitUsagesType_, - 'ActivationLimitSessionType': ActivationLimitSessionType_, - 'LengthType': LengthType_, - 'mediumType': MediumType_, - 'KeyStorageType': KeyStorageType_, - 'SecretKeyProtectionType': SecretKeyProtectionType_, - 'SecurityAuditType': SecurityAuditType_, - 'ExtensionOnlyType': ExtensionOnlyType_, - 'Extension': Extension, - 'ExtensionType': ExtensionType_, - 'AuthnContextDeclarationBaseType': AuthnContextDeclarationBaseType_, - 'AuthnMethodBaseType': AuthnMethodBaseType_, - 'PrincipalAuthenticationMechanismType': PrincipalAuthenticationMechanismType_, - 'AuthenticatorBaseType': AuthenticatorBaseType_, - 'PublicKeyType': PublicKeyType_, - 'AuthenticatorTransportProtocolType': AuthenticatorTransportProtocolType_, + "AuthenticationContextDeclaration": AuthenticationContextDeclaration, + "Identification": Identification, + "PhysicalVerification": PhysicalVerification, + "WrittenConsent": WrittenConsent, + "TechnicalProtection": TechnicalProtection, + "SecretKeyProtection": SecretKeyProtection, + "PrivateKeyProtection": PrivateKeyProtection, + "KeyActivation": KeyActivation, + "KeySharing": KeySharing, + "KeyStorage": KeyStorage, + "SubscriberLineNumber": SubscriberLineNumber, + "UserSuffix": UserSuffix, + "Password": Password, + "ActivationPin": ActivationPin, + "Token": Token, + "TimeSyncToken": TimeSyncToken, + "Smartcard": Smartcard, + "Length": Length, + "ActivationLimit": ActivationLimit, + "Generation": Generation, + "AuthnMethod": AuthnMethod, + "PrincipalAuthenticationMechanism": PrincipalAuthenticationMechanism, + "Authenticator": Authenticator, + "ComplexAuthenticator": ComplexAuthenticator, + "PreviousSession": PreviousSession, + "ResumeSession": ResumeSession, + "ZeroKnowledge": ZeroKnowledge, + "SharedSecretChallengeResponse": SharedSecretChallengeResponse, + "SharedSecretChallengeResponseType": SharedSecretChallengeResponseType_, + "DigSig": DigSig, + "AsymmetricDecryption": AsymmetricDecryption, + "AsymmetricKeyAgreement": AsymmetricKeyAgreement, + "IPAddress": IPAddress, + "SharedSecretDynamicPlaintext": SharedSecretDynamicPlaintext, + "AuthenticatorTransportProtocol": AuthenticatorTransportProtocol, + "HTTP": HTTP, + "IPSec": IPSec, + "WTLS": WTLS, + "MobileNetworkNoEncryption": MobileNetworkNoEncryption, + "MobileNetworkRadioEncryption": MobileNetworkRadioEncryption, + "MobileNetworkEndToEndEncryption": MobileNetworkEndToEndEncryption, + "SSL": SSL, + "PSTN": PSTN, + "ISDN": ISDN, + "ADSL": ADSL, + "OperationalProtection": OperationalProtection, + "SecurityAudit": SecurityAudit, + "SwitchAudit": SwitchAudit, + "DeactivationCallCenter": DeactivationCallCenter, + "GoverningAgreements": GoverningAgreements, + "GoverningAgreementRef": GoverningAgreementRef, + "nymType": NymType_, + "IdentificationType": IdentificationType_, + "TechnicalProtectionBaseType": TechnicalProtectionBaseType_, + "OperationalProtectionType": OperationalProtectionType_, + "GoverningAgreementsType": GoverningAgreementsType_, + "GoverningAgreementRefType": GoverningAgreementRefType_, + "ComplexAuthenticatorType": ComplexAuthenticatorType_, + "KeyActivationType": KeyActivationType_, + "KeySharingType": KeySharingType_, + "PrivateKeyProtectionType": PrivateKeyProtectionType_, + "PasswordType": PasswordType_, + "RestrictedPassword": RestrictedPassword, + "RestrictedPasswordType": RestrictedPasswordType_, + "RestrictedLengthType": RestrictedLengthType_, + "ActivationPinType": ActivationPinType_, + "Alphabet": Alphabet, + "AlphabetType": AlphabetType_, + "TokenType": TokenType_, + "DeviceTypeType": DeviceTypeType_, + "booleanType": BooleanType_, + "TimeSyncTokenType": TimeSyncTokenType_, + "ActivationLimitType": ActivationLimitType_, + "ActivationLimitDuration": ActivationLimitDuration, + "ActivationLimitUsages": ActivationLimitUsages, + "ActivationLimitSession": ActivationLimitSession, + "ActivationLimitDurationType": ActivationLimitDurationType_, + "ActivationLimitUsagesType": ActivationLimitUsagesType_, + "ActivationLimitSessionType": ActivationLimitSessionType_, + "LengthType": LengthType_, + "mediumType": MediumType_, + "KeyStorageType": KeyStorageType_, + "SecretKeyProtectionType": SecretKeyProtectionType_, + "SecurityAuditType": SecurityAuditType_, + "ExtensionOnlyType": ExtensionOnlyType_, + "Extension": Extension, + "ExtensionType": ExtensionType_, + "AuthnContextDeclarationBaseType": AuthnContextDeclarationBaseType_, + "AuthnMethodBaseType": AuthnMethodBaseType_, + "PrincipalAuthenticationMechanismType": PrincipalAuthenticationMechanismType_, + "AuthenticatorBaseType": AuthenticatorBaseType_, + "PublicKeyType": PublicKeyType_, + "AuthenticatorTransportProtocolType": AuthenticatorTransportProtocolType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/authn_context/timesync.py b/src/saml2/authn_context/timesync.py index f2c670121..32f28354d 100755 --- a/src/saml2/authn_context/timesync.py +++ b/src/saml2/authn_context/timesync.py @@ -8,30 +8,25 @@ from saml2 import SamlBase -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken" class PhysicalVerification(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - PhysicalVerification element """ + PhysicalVerification element""" - c_tag = 'PhysicalVerification' + c_tag = "PhysicalVerification" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['credentialLevel'] = ('credential_level', 'None', False) - - def __init__(self, - credential_level=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["credentialLevel"] = ("credential_level", "None", False) + + def __init__(self, credential_level=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.credential_level = credential_level @@ -41,25 +36,20 @@ def physical_verification_from_string(xml_string): class Generation(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Generation - element """ + element""" - c_tag = 'Generation' + c_tag = "Generation" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['mechanism'] = ('mechanism', 'None', True) - - def __init__(self, - mechanism=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["mechanism"] = ("mechanism", "None", True) + + def __init__(self, mechanism=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.mechanism = mechanism @@ -69,12 +59,11 @@ def generation_from_string(xml_string): class NymType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:nymType - element """ + element""" - c_tag = 'nymType' + c_tag = "nymType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['anonymity', 'verinymity', 'pseudonymity']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["anonymity", "verinymity", "pseudonymity"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -87,55 +76,43 @@ def nym_type__from_string(xml_string): class GoverningAgreementRefType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - GoverningAgreementRefType element """ + GoverningAgreementRefType element""" - c_tag = 'GoverningAgreementRefType' + c_tag = "GoverningAgreementRefType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['governingAgreementRef'] = ( - 'governing_agreement_ref', 'anyURI', True) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["governingAgreementRef"] = ("governing_agreement_ref", "anyURI", True) + + def __init__(self, governing_agreement_ref=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.governing_agreement_ref = governing_agreement_ref def governing_agreement_ref_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementRefType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementRefType_, xml_string) class KeySharingType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeySharingType - element """ + element""" - c_tag = 'KeySharingType' + c_tag = "KeySharingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['sharing'] = ('sharing', 'boolean', True) - - def __init__(self, - sharing=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["sharing"] = ("sharing", "boolean", True) + + def __init__(self, sharing=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.sharing = sharing @@ -145,27 +122,21 @@ def key_sharing_type__from_string(xml_string): class RestrictedLengthType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - RestrictedLengthType element """ + RestrictedLengthType element""" - c_tag = 'RestrictedLengthType' + c_tag = "RestrictedLengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'None', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["min"] = ("min", "None", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__(self, min=None, max=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.min = min self.max = max @@ -176,30 +147,32 @@ def restricted_length_type__from_string(xml_string): class AlphabetType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AlphabetType - element """ + element""" - c_tag = 'AlphabetType' + c_tag = "AlphabetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['requiredChars'] = ('required_chars', 'string', True) - c_attributes['excludedChars'] = ('excluded_chars', 'string', False) - c_attributes['case'] = ('case', 'string', False) - - def __init__(self, - required_chars=None, - excluded_chars=None, - case=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["requiredChars"] = ("required_chars", "string", True) + c_attributes["excludedChars"] = ("excluded_chars", "string", False) + c_attributes["case"] = ("case", "string", False) + + def __init__( + self, + required_chars=None, + excluded_chars=None, + case=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.required_chars = required_chars self.excluded_chars = excluded_chars @@ -212,12 +185,11 @@ def alphabet_type__from_string(xml_string): class DeviceTypeType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:DeviceTypeType - element """ + element""" - c_tag = 'DeviceTypeType' + c_tag = "DeviceTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['hardware', 'software']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["hardware", "software"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -230,11 +202,11 @@ def device_type_type__from_string(xml_string): class BooleanType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:booleanType - element """ + element""" - c_tag = 'booleanType' + c_tag = "booleanType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', 'enumeration': ['true', 'false']} + c_value_type = {"base": "xs:NMTOKEN", "enumeration": ["true", "false"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -247,67 +219,55 @@ def boolean_type__from_string(xml_string): class ActivationLimitDurationType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - ActivationLimitDurationType element """ + ActivationLimitDurationType element""" - c_tag = 'ActivationLimitDurationType' + c_tag = "ActivationLimitDurationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['duration'] = ('duration', 'duration', True) - - def __init__(self, - duration=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["duration"] = ("duration", "duration", True) + + def __init__(self, duration=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.duration = duration def activation_limit_duration_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDurationType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDurationType_, xml_string) class ActivationLimitUsagesType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - ActivationLimitUsagesType element """ + ActivationLimitUsagesType element""" - c_tag = 'ActivationLimitUsagesType' + c_tag = "ActivationLimitUsagesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['number'] = ('number', 'integer', True) - - def __init__(self, - number=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["number"] = ("number", "integer", True) + + def __init__(self, number=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.number = number def activation_limit_usages_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitUsagesType_, xml_string) class ActivationLimitSessionType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - ActivationLimitSessionType element """ + ActivationLimitSessionType element""" - c_tag = 'ActivationLimitSessionType' + c_tag = "ActivationLimitSessionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -316,33 +276,26 @@ class ActivationLimitSessionType_(SamlBase): def activation_limit_session_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSessionType_, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSessionType_, xml_string) class LengthType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:LengthType - element """ + element""" - c_tag = 'LengthType' + c_tag = "LengthType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['min'] = ('min', 'integer', True) - c_attributes['max'] = ('max', 'integer', False) - - def __init__(self, - min=None, - max=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["min"] = ("min", "integer", True) + c_attributes["max"] = ("max", "integer", False) + + def __init__(self, min=None, max=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.min = min self.max = max @@ -353,13 +306,14 @@ def length_type__from_string(xml_string): class MediumType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:mediumType - element """ + element""" - c_tag = 'mediumType' + c_tag = "mediumType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:NMTOKEN', - 'enumeration': ['memory', 'smartcard', 'token', - 'MobileDevice', 'MobileAuthCard']} + c_value_type = { + "base": "xs:NMTOKEN", + "enumeration": ["memory", "smartcard", "token", "MobileDevice", "MobileAuthCard"], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -372,25 +326,20 @@ def medium_type__from_string(xml_string): class KeyStorageType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeyStorageType - element """ + element""" - c_tag = 'KeyStorageType' + c_tag = "KeyStorageType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['medium'] = ('medium', MediumType_, True) - - def __init__(self, - medium=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["medium"] = ("medium", MediumType_, True) + + def __init__(self, medium=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.medium = medium @@ -400,9 +349,9 @@ def key_storage_type__from_string(xml_string): class ExtensionType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ExtensionType - element """ + element""" - c_tag = 'ExtensionType' + c_tag = "ExtensionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -416,29 +365,30 @@ def extension_type__from_string(xml_string): class TimeSyncTokenType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - TimeSyncTokenType element """ + TimeSyncTokenType element""" - c_tag = 'TimeSyncTokenType' + c_tag = "TimeSyncTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['DeviceType'] = ('device_type', 'None', True) - c_attributes['SeedLength'] = ('seed_length', 'None', True) - c_attributes['DeviceInHand'] = ('device_in_hand', 'None', True) - - def __init__(self, - device_type=None, - seed_length=None, - device_in_hand=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["DeviceType"] = ("device_type", "None", True) + c_attributes["SeedLength"] = ("seed_length", "None", True) + c_attributes["DeviceInHand"] = ("device_in_hand", "None", True) + + def __init__( + self, + device_type=None, + seed_length=None, + device_in_hand=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.device_type = device_type self.seed_length = seed_length self.device_in_hand = device_in_hand @@ -450,9 +400,9 @@ def time_sync_token_type__from_string(xml_string): class KeySharing(KeySharingType_): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeySharing - element """ + element""" - c_tag = 'KeySharing' + c_tag = "KeySharing" c_namespace = NAMESPACE c_children = KeySharingType_.c_children.copy() c_attributes = KeySharingType_.c_attributes.copy() @@ -466,9 +416,9 @@ def key_sharing_from_string(xml_string): class KeyStorage(KeyStorageType_): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeyStorage - element """ + element""" - c_tag = 'KeyStorage' + c_tag = "KeyStorage" c_namespace = NAMESPACE c_children = KeyStorageType_.c_children.copy() c_attributes = KeyStorageType_.c_attributes.copy() @@ -482,9 +432,9 @@ def key_storage_from_string(xml_string): class TimeSyncToken(TimeSyncTokenType_): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:TimeSyncToken - element """ + element""" - c_tag = 'TimeSyncToken' + c_tag = "TimeSyncToken" c_namespace = NAMESPACE c_children = TimeSyncTokenType_.c_children.copy() c_attributes = TimeSyncTokenType_.c_attributes.copy() @@ -497,9 +447,9 @@ def time_sync_token_from_string(xml_string): class Length(LengthType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Length element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Length element""" - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = LengthType_.c_children.copy() c_attributes = LengthType_.c_attributes.copy() @@ -512,9 +462,9 @@ def length_from_string(xml_string): class GoverningAgreementRef(GoverningAgreementRefType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:GoverningAgreementRef element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:GoverningAgreementRef element""" - c_tag = 'GoverningAgreementRef' + c_tag = "GoverningAgreementRef" c_namespace = NAMESPACE c_children = GoverningAgreementRefType_.c_children.copy() c_attributes = GoverningAgreementRefType_.c_attributes.copy() @@ -528,41 +478,43 @@ def governing_agreement_ref_from_string(xml_string): class GoverningAgreementsType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken: - GoverningAgreementsType element """ + GoverningAgreementsType element""" - c_tag = 'GoverningAgreementsType' + c_tag = "GoverningAgreementsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}GoverningAgreementRef'] = ( - 'governing_agreement_ref', [GoverningAgreementRef]) - c_cardinality['governing_agreement_ref'] = {"min": 1} - c_child_order.extend(['governing_agreement_ref']) - - def __init__(self, - governing_agreement_ref=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}GoverningAgreementRef"] = ( + "governing_agreement_ref", + [GoverningAgreementRef], + ) + c_cardinality["governing_agreement_ref"] = {"min": 1} + c_child_order.extend(["governing_agreement_ref"]) + + def __init__( + self, + governing_agreement_ref=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.governing_agreement_ref = governing_agreement_ref or [] def governing_agreements_type__from_string(xml_string): - return saml2.create_class_from_xml_string(GoverningAgreementsType_, - xml_string) + return saml2.create_class_from_xml_string(GoverningAgreementsType_, xml_string) class RestrictedPasswordType_Length(RestrictedLengthType_): - c_tag = 'Length' + c_tag = "Length" c_namespace = NAMESPACE c_children = RestrictedLengthType_.c_children.copy() c_attributes = RestrictedLengthType_.c_attributes.copy() @@ -571,14 +523,13 @@ class RestrictedPasswordType_Length(RestrictedLengthType_): def restricted_password_type__length_from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_Length, xml_string) class Alphabet(AlphabetType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Alphabet element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Alphabet element""" - c_tag = 'Alphabet' + c_tag = "Alphabet" c_namespace = NAMESPACE c_children = AlphabetType_.c_children.copy() c_attributes = AlphabetType_.c_attributes.copy() @@ -591,9 +542,9 @@ def alphabet_from_string(xml_string): class ActivationLimitDuration(ActivationLimitDurationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitDuration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitDuration element""" - c_tag = 'ActivationLimitDuration' + c_tag = "ActivationLimitDuration" c_namespace = NAMESPACE c_children = ActivationLimitDurationType_.c_children.copy() c_attributes = ActivationLimitDurationType_.c_attributes.copy() @@ -602,14 +553,13 @@ class ActivationLimitDuration(ActivationLimitDurationType_): def activation_limit_duration_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitDuration, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitDuration, xml_string) class ActivationLimitUsages(ActivationLimitUsagesType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitUsages element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitUsages element""" - c_tag = 'ActivationLimitUsages' + c_tag = "ActivationLimitUsages" c_namespace = NAMESPACE c_children = ActivationLimitUsagesType_.c_children.copy() c_attributes = ActivationLimitUsagesType_.c_attributes.copy() @@ -622,9 +572,9 @@ def activation_limit_usages_from_string(xml_string): class ActivationLimitSession(ActivationLimitSessionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitSession element""" - c_tag = 'ActivationLimitSession' + c_tag = "ActivationLimitSession" c_namespace = NAMESPACE c_children = ActivationLimitSessionType_.c_children.copy() c_attributes = ActivationLimitSessionType_.c_attributes.copy() @@ -633,14 +583,13 @@ class ActivationLimitSession(ActivationLimitSessionType_): def activation_limit_session_from_string(xml_string): - return saml2.create_class_from_xml_string(ActivationLimitSession, - xml_string) + return saml2.create_class_from_xml_string(ActivationLimitSession, xml_string) class Extension(ExtensionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Extension element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Extension element""" - c_tag = 'Extension' + c_tag = "Extension" c_namespace = NAMESPACE c_children = ExtensionType_.c_children.copy() c_attributes = ExtensionType_.c_attributes.copy() @@ -653,34 +602,35 @@ def extension_from_string(xml_string): class TokenType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:TokenType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:TokenType element""" - c_tag = 'TokenType' + c_tag = "TokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}TimeSyncToken'] = ( - 'time_sync_token', TimeSyncToken) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['time_sync_token', 'extension']) - - def __init__(self, - time_sync_token=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}TimeSyncToken"] = ( + "time_sync_token", + TimeSyncToken, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["time_sync_token", "extension"]) + + def __init__( + self, + time_sync_token=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.time_sync_token = time_sync_token self.extension = extension or [] @@ -691,9 +641,9 @@ def token_type__from_string(xml_string): class Token(TokenType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Token element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Token element""" - c_tag = 'Token' + c_tag = "Token" c_namespace = NAMESPACE c_children = TokenType_.c_children.copy() c_attributes = TokenType_.c_attributes.copy() @@ -706,69 +656,68 @@ def token_from_string(xml_string): class SharedSecretChallengeResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SharedSecretChallengeResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SharedSecretChallengeResponseType element""" - c_tag = 'SharedSecretChallengeResponseType' + c_tag = "SharedSecretChallengeResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['method'] = ('method', 'anyURI', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - method=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["method"] = ("method", "anyURI", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + method=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.method = method def shared_secret_challenge_response_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - SharedSecretChallengeResponseType_, xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponseType_, xml_string) class PublicKeyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PublicKeyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PublicKeyType element""" - c_tag = 'PublicKeyType' + c_tag = "PublicKeyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['keyValidation'] = ('key_validation', 'None', False) - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - key_validation=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["keyValidation"] = ("key_validation", "None", False) + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + key_validation=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] self.key_validation = key_validation @@ -779,9 +728,9 @@ def public_key_type__from_string(xml_string): class GoverningAgreements(GoverningAgreementsType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:GoverningAgreements element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:GoverningAgreements element""" - c_tag = 'GoverningAgreements' + c_tag = "GoverningAgreements" c_namespace = NAMESPACE c_children = GoverningAgreementsType_.c_children.copy() c_attributes = GoverningAgreementsType_.c_attributes.copy() @@ -794,48 +743,41 @@ def governing_agreements_from_string(xml_string): class PasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PasswordType element""" - c_tag = 'PasswordType' + c_tag = "PasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'alphabet', 'generation', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "alphabet", "generation", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -849,42 +791,40 @@ def password_type__from_string(xml_string): class RestrictedPasswordType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:RestrictedPasswordType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:RestrictedPasswordType element""" - c_tag = 'RestrictedPasswordType' + c_tag = "RestrictedPasswordType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Length'] = ( - 'length', RestrictedPasswordType_Length) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ExternalVerification'] = ( - 'external_verification', 'anyURI', False) - c_child_order.extend(['length', 'generation', 'extension']) - - def __init__(self, - length=None, - generation=None, - extension=None, - external_verification=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Length"] = ( + "length", + RestrictedPasswordType_Length, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ExternalVerification"] = ("external_verification", "anyURI", False) + c_child_order.extend(["length", "generation", "extension"]) + + def __init__( + self, + length=None, + generation=None, + extension=None, + external_verification=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.generation = generation @@ -893,47 +833,49 @@ def __init__(self, def restricted_password_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RestrictedPasswordType_, - xml_string) + return saml2.create_class_from_xml_string(RestrictedPasswordType_, xml_string) class ActivationLimitType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimitType element""" - c_tag = 'ActivationLimitType' + c_tag = "ActivationLimitType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimitDuration'] = ( - 'activation_limit_duration', ActivationLimitDuration) - c_cardinality['activation_limit_duration'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimitUsages'] = ( - 'activation_limit_usages', ActivationLimitUsages) - c_cardinality['activation_limit_usages'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimitSession'] = ( - 'activation_limit_session', ActivationLimitSession) - c_cardinality['activation_limit_session'] = {"min": 0, "max": 1} - c_child_order.extend( - ['activation_limit_duration', 'activation_limit_usages', - 'activation_limit_session']) - - def __init__(self, - activation_limit_duration=None, - activation_limit_usages=None, - activation_limit_session=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimitDuration"] = ( + "activation_limit_duration", + ActivationLimitDuration, + ) + c_cardinality["activation_limit_duration"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimitUsages"] = ( + "activation_limit_usages", + ActivationLimitUsages, + ) + c_cardinality["activation_limit_usages"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimitSession"] = ( + "activation_limit_session", + ActivationLimitSession, + ) + c_cardinality["activation_limit_session"] = {"min": 0, "max": 1} + c_child_order.extend(["activation_limit_duration", "activation_limit_usages", "activation_limit_session"]) + + def __init__( + self, + activation_limit_duration=None, + activation_limit_usages=None, + activation_limit_session=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_limit_duration = activation_limit_duration self.activation_limit_usages = activation_limit_usages @@ -945,30 +887,30 @@ def activation_limit_type__from_string(xml_string): class ExtensionOnlyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ExtensionOnlyType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ExtensionOnlyType element""" - c_tag = 'ExtensionOnlyType' + c_tag = "ExtensionOnlyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['extension']) - - def __init__(self, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["extension"]) + + def __init__( + self, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extension = extension or [] @@ -978,42 +920,41 @@ def extension_only_type__from_string(xml_string): class PrincipalAuthenticationMechanismType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrincipalAuthenticationMechanismType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrincipalAuthenticationMechanismType element""" - c_tag = 'PrincipalAuthenticationMechanismType' + c_tag = "PrincipalAuthenticationMechanismType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Token'] = ( - 'token', Token) - c_child_order.extend(['token']) - - def __init__(self, - token=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Token"] = ("token", Token) + c_child_order.extend(["token"]) + + def __init__( + self, + token=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.token = token def principal_authentication_mechanism_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - PrincipalAuthenticationMechanismType_, xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanismType_, xml_string) class WrittenConsent(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:WrittenConsent element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:WrittenConsent element""" - c_tag = 'WrittenConsent' + c_tag = "WrittenConsent" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1026,9 +967,9 @@ def written_consent_from_string(xml_string): class SubscriberLineNumber(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SubscriberLineNumber element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SubscriberLineNumber element""" - c_tag = 'SubscriberLineNumber' + c_tag = "SubscriberLineNumber" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1041,9 +982,9 @@ def subscriber_line_number_from_string(xml_string): class UserSuffix(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:UserSuffix element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:UserSuffix element""" - c_tag = 'UserSuffix' + c_tag = "UserSuffix" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1056,9 +997,9 @@ def user_suffix_from_string(xml_string): class Password(PasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Password element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Password element""" - c_tag = 'Password' + c_tag = "Password" c_namespace = NAMESPACE c_children = PasswordType_.c_children.copy() c_attributes = PasswordType_.c_attributes.copy() @@ -1071,9 +1012,9 @@ def password_from_string(xml_string): class Smartcard(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Smartcard element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Smartcard element""" - c_tag = 'Smartcard' + c_tag = "Smartcard" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1086,9 +1027,9 @@ def smartcard_from_string(xml_string): class ActivationLimit(ActivationLimitType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationLimit element""" - c_tag = 'ActivationLimit' + c_tag = "ActivationLimit" c_namespace = NAMESPACE c_children = ActivationLimitType_.c_children.copy() c_attributes = ActivationLimitType_.c_attributes.copy() @@ -1101,9 +1042,9 @@ def activation_limit_from_string(xml_string): class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrincipalAuthenticationMechanism element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrincipalAuthenticationMechanism element""" - c_tag = 'PrincipalAuthenticationMechanism' + c_tag = "PrincipalAuthenticationMechanism" c_namespace = NAMESPACE c_children = PrincipalAuthenticationMechanismType_.c_children.copy() c_attributes = PrincipalAuthenticationMechanismType_.c_attributes.copy() @@ -1112,14 +1053,13 @@ class PrincipalAuthenticationMechanism(PrincipalAuthenticationMechanismType_): def principal_authentication_mechanism_from_string(xml_string): - return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, - xml_string) + return saml2.create_class_from_xml_string(PrincipalAuthenticationMechanism, xml_string) class PreviousSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PreviousSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PreviousSession element""" - c_tag = 'PreviousSession' + c_tag = "PreviousSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1132,9 +1072,9 @@ def previous_session_from_string(xml_string): class ResumeSession(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ResumeSession element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ResumeSession element""" - c_tag = 'ResumeSession' + c_tag = "ResumeSession" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1147,9 +1087,9 @@ def resume_session_from_string(xml_string): class ZeroKnowledge(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ZeroKnowledge element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ZeroKnowledge element""" - c_tag = 'ZeroKnowledge' + c_tag = "ZeroKnowledge" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1162,9 +1102,9 @@ def zero_knowledge_from_string(xml_string): class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SharedSecretChallengeResponse element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SharedSecretChallengeResponse element""" - c_tag = 'SharedSecretChallengeResponse' + c_tag = "SharedSecretChallengeResponse" c_namespace = NAMESPACE c_children = SharedSecretChallengeResponseType_.c_children.copy() c_attributes = SharedSecretChallengeResponseType_.c_attributes.copy() @@ -1173,14 +1113,13 @@ class SharedSecretChallengeResponse(SharedSecretChallengeResponseType_): def shared_secret_challenge_response_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretChallengeResponse, xml_string) class DigSig(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:DigSig element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:DigSig element""" - c_tag = 'DigSig' + c_tag = "DigSig" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1193,9 +1132,9 @@ def dig_sig_from_string(xml_string): class AsymmetricDecryption(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AsymmetricDecryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AsymmetricDecryption element""" - c_tag = 'AsymmetricDecryption' + c_tag = "AsymmetricDecryption" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1208,9 +1147,9 @@ def asymmetric_decryption_from_string(xml_string): class AsymmetricKeyAgreement(PublicKeyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AsymmetricKeyAgreement element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AsymmetricKeyAgreement element""" - c_tag = 'AsymmetricKeyAgreement' + c_tag = "AsymmetricKeyAgreement" c_namespace = NAMESPACE c_children = PublicKeyType_.c_children.copy() c_attributes = PublicKeyType_.c_attributes.copy() @@ -1219,14 +1158,13 @@ class AsymmetricKeyAgreement(PublicKeyType_): def asymmetric_key_agreement_from_string(xml_string): - return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, - xml_string) + return saml2.create_class_from_xml_string(AsymmetricKeyAgreement, xml_string) class IPAddress(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:IPAddress element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:IPAddress element""" - c_tag = 'IPAddress' + c_tag = "IPAddress" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1239,9 +1177,9 @@ def ip_address_from_string(xml_string): class SharedSecretDynamicPlaintext(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SharedSecretDynamicPlaintext element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SharedSecretDynamicPlaintext element""" - c_tag = 'SharedSecretDynamicPlaintext' + c_tag = "SharedSecretDynamicPlaintext" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1250,14 +1188,13 @@ class SharedSecretDynamicPlaintext(ExtensionOnlyType_): def shared_secret_dynamic_plaintext_from_string(xml_string): - return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, - xml_string) + return saml2.create_class_from_xml_string(SharedSecretDynamicPlaintext, xml_string) class HTTP(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:HTTP element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:HTTP element""" - c_tag = 'HTTP' + c_tag = "HTTP" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1270,9 +1207,9 @@ def http_from_string(xml_string): class IPSec(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:IPSec element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:IPSec element""" - c_tag = 'IPSec' + c_tag = "IPSec" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1285,9 +1222,9 @@ def ip_sec_from_string(xml_string): class WTLS(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:WTLS element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:WTLS element""" - c_tag = 'WTLS' + c_tag = "WTLS" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1300,9 +1237,9 @@ def wtls_from_string(xml_string): class MobileNetworkNoEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:MobileNetworkNoEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:MobileNetworkNoEncryption element""" - c_tag = 'MobileNetworkNoEncryption' + c_tag = "MobileNetworkNoEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1311,14 +1248,13 @@ class MobileNetworkNoEncryption(ExtensionOnlyType_): def mobile_network_no_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkNoEncryption, xml_string) class MobileNetworkRadioEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:MobileNetworkRadioEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:MobileNetworkRadioEncryption element""" - c_tag = 'MobileNetworkRadioEncryption' + c_tag = "MobileNetworkRadioEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1327,14 +1263,13 @@ class MobileNetworkRadioEncryption(ExtensionOnlyType_): def mobile_network_radio_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkRadioEncryption, xml_string) class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:MobileNetworkEndToEndEncryption element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:MobileNetworkEndToEndEncryption element""" - c_tag = 'MobileNetworkEndToEndEncryption' + c_tag = "MobileNetworkEndToEndEncryption" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1343,14 +1278,13 @@ class MobileNetworkEndToEndEncryption(ExtensionOnlyType_): def mobile_network_end_to_end_encryption_from_string(xml_string): - return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, - xml_string) + return saml2.create_class_from_xml_string(MobileNetworkEndToEndEncryption, xml_string) class SSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SSL element""" - c_tag = 'SSL' + c_tag = "SSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1363,9 +1297,9 @@ def ssl_from_string(xml_string): class PSTN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PSTN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PSTN element""" - c_tag = 'PSTN' + c_tag = "PSTN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1378,9 +1312,9 @@ def pstn_from_string(xml_string): class ISDN(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ISDN element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ISDN element""" - c_tag = 'ISDN' + c_tag = "ISDN" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1393,9 +1327,9 @@ def isdn_from_string(xml_string): class ADSL(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ADSL element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ADSL element""" - c_tag = 'ADSL' + c_tag = "ADSL" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1408,9 +1342,9 @@ def adsl_from_string(xml_string): class SwitchAudit(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SwitchAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SwitchAudit element""" - c_tag = 'SwitchAudit' + c_tag = "SwitchAudit" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1423,9 +1357,9 @@ def switch_audit_from_string(xml_string): class DeactivationCallCenter(ExtensionOnlyType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:DeactivationCallCenter element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:DeactivationCallCenter element""" - c_tag = 'DeactivationCallCenter' + c_tag = "DeactivationCallCenter" c_namespace = NAMESPACE c_children = ExtensionOnlyType_.c_children.copy() c_attributes = ExtensionOnlyType_.c_attributes.copy() @@ -1434,54 +1368,54 @@ class DeactivationCallCenter(ExtensionOnlyType_): def deactivation_call_center_from_string(xml_string): - return saml2.create_class_from_xml_string(DeactivationCallCenter, - xml_string) + return saml2.create_class_from_xml_string(DeactivationCallCenter, xml_string) class IdentificationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:IdentificationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:IdentificationType element""" - c_tag = 'IdentificationType' + c_tag = "IdentificationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PhysicalVerification'] = ( - 'physical_verification', PhysicalVerification) - c_cardinality['physical_verification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}WrittenConsent'] = ( - 'written_consent', WrittenConsent) - c_cardinality['written_consent'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['nym'] = ('nym', NymType_, False) - c_child_order.extend( - ['physical_verification', 'written_consent', 'governing_agreements', - 'extension']) - - def __init__(self, - physical_verification=None, - written_consent=None, - governing_agreements=None, - extension=None, - nym=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PhysicalVerification"] = ( + "physical_verification", + PhysicalVerification, + ) + c_cardinality["physical_verification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}WrittenConsent"] = ( + "written_consent", + WrittenConsent, + ) + c_cardinality["written_consent"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["nym"] = ("nym", NymType_, False) + c_child_order.extend(["physical_verification", "written_consent", "governing_agreements", "extension"]) + + def __init__( + self, + physical_verification=None, + written_consent=None, + governing_agreements=None, + extension=None, + nym=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.physical_verification = physical_verification self.written_consent = written_consent @@ -1495,77 +1429,83 @@ def identification_type__from_string(xml_string): class AuthenticatorTransportProtocolType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticatorTransportProtocolType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticatorTransportProtocolType element""" - c_tag = 'AuthenticatorTransportProtocolType' + c_tag = "AuthenticatorTransportProtocolType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}HTTP'] = ( - 'http', HTTP) - c_cardinality['http'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SSL'] = ( - 'ssl', SSL) - c_cardinality['ssl'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}MobileNetworkNoEncryption'] = ( - 'mobile_network_no_encryption', MobileNetworkNoEncryption) - c_cardinality['mobile_network_no_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}MobileNetworkRadioEncryption'] = ( - 'mobile_network_radio_encryption', MobileNetworkRadioEncryption) - c_cardinality['mobile_network_radio_encryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}MobileNetworkEndToEndEncryption'] = ( - 'mobile_network_end_to_end_encryption', MobileNetworkEndToEndEncryption) - c_cardinality['mobile_network_end_to_end_encryption'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}WTLS'] = ( - 'wtls', WTLS) - c_cardinality['wtls'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}IPSec'] = ( - 'ip_sec', IPSec) - c_cardinality['ip_sec'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PSTN'] = ( - 'pstn', PSTN) - c_cardinality['pstn'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ISDN'] = ( - 'isdn', ISDN) - c_cardinality['isdn'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ADSL'] = ( - 'adsl', ADSL) - c_cardinality['adsl'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['http', 'ssl', 'mobile_network_no_encryption', - 'mobile_network_radio_encryption', - 'mobile_network_end_to_end_encryption', 'wtls', - 'ip_sec', 'pstn', 'isdn', 'adsl', 'extension']) - - def __init__(self, - http=None, - ssl=None, - mobile_network_no_encryption=None, - mobile_network_radio_encryption=None, - mobile_network_end_to_end_encryption=None, - wtls=None, - ip_sec=None, - pstn=None, - isdn=None, - adsl=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}HTTP"] = ("http", HTTP) + c_cardinality["http"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SSL"] = ("ssl", SSL) + c_cardinality["ssl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}MobileNetworkNoEncryption"] = ( + "mobile_network_no_encryption", + MobileNetworkNoEncryption, + ) + c_cardinality["mobile_network_no_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}MobileNetworkRadioEncryption"] = ( + "mobile_network_radio_encryption", + MobileNetworkRadioEncryption, + ) + c_cardinality["mobile_network_radio_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}MobileNetworkEndToEndEncryption"] = ( + "mobile_network_end_to_end_encryption", + MobileNetworkEndToEndEncryption, + ) + c_cardinality["mobile_network_end_to_end_encryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}WTLS"] = ("wtls", WTLS) + c_cardinality["wtls"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}IPSec"] = ("ip_sec", IPSec) + c_cardinality["ip_sec"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PSTN"] = ("pstn", PSTN) + c_cardinality["pstn"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ISDN"] = ("isdn", ISDN) + c_cardinality["isdn"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ADSL"] = ("adsl", ADSL) + c_cardinality["adsl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + [ + "http", + "ssl", + "mobile_network_no_encryption", + "mobile_network_radio_encryption", + "mobile_network_end_to_end_encryption", + "wtls", + "ip_sec", + "pstn", + "isdn", + "adsl", + "extension", + ] + ) + + def __init__( + self, + http=None, + ssl=None, + mobile_network_no_encryption=None, + mobile_network_radio_encryption=None, + mobile_network_end_to_end_encryption=None, + wtls=None, + ip_sec=None, + pstn=None, + isdn=None, + adsl=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.http = http self.ssl = ssl @@ -1581,14 +1521,13 @@ def __init__(self, def authenticator_transport_protocol_type__from_string(xml_string): - return saml2.create_class_from_xml_string( - AuthenticatorTransportProtocolType_, xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocolType_, xml_string) class RestrictedPassword(RestrictedPasswordType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:RestrictedPassword element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:RestrictedPassword element""" - c_tag = 'RestrictedPassword' + c_tag = "RestrictedPassword" c_namespace = NAMESPACE c_children = RestrictedPasswordType_.c_children.copy() c_attributes = RestrictedPasswordType_.c_attributes.copy() @@ -1601,51 +1540,45 @@ def restricted_password_from_string(xml_string): class ActivationPinType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationPinType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationPinType element""" - c_tag = 'ActivationPinType' + c_tag = "ActivationPinType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Length'] = ( - 'length', Length) - c_cardinality['length'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Alphabet'] = ( - 'alphabet', Alphabet) - c_cardinality['alphabet'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Generation'] = ( - 'generation', Generation) - c_cardinality['generation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimit'] = ( - 'activation_limit', ActivationLimit) - c_cardinality['activation_limit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['length', 'alphabet', 'generation', 'activation_limit', 'extension']) - - def __init__(self, - length=None, - alphabet=None, - generation=None, - activation_limit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Length"] = ("length", Length) + c_cardinality["length"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Alphabet"] = ("alphabet", Alphabet) + c_cardinality["alphabet"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Generation"] = ("generation", Generation) + c_cardinality["generation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationLimit"] = ( + "activation_limit", + ActivationLimit, + ) + c_cardinality["activation_limit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["length", "alphabet", "generation", "activation_limit", "extension"]) + + def __init__( + self, + length=None, + alphabet=None, + generation=None, + activation_limit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.length = length self.alphabet = alphabet @@ -1659,35 +1592,33 @@ def activation_pin_type__from_string(xml_string): class SecurityAuditType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecurityAuditType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecurityAuditType element""" - c_tag = 'SecurityAuditType' + c_tag = "SecurityAuditType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SwitchAudit'] = ( - 'switch_audit', SwitchAudit) - c_cardinality['switch_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['switch_audit', 'extension']) - - def __init__(self, - switch_audit=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SwitchAudit"] = ("switch_audit", SwitchAudit) + c_cardinality["switch_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["switch_audit", "extension"]) + + def __init__( + self, + switch_audit=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.switch_audit = switch_audit self.extension = extension or [] @@ -1698,9 +1629,9 @@ def security_audit_type__from_string(xml_string): class Identification(IdentificationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Identification element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Identification element""" - c_tag = 'Identification' + c_tag = "Identification" c_namespace = NAMESPACE c_children = IdentificationType_.c_children.copy() c_attributes = IdentificationType_.c_attributes.copy() @@ -1713,9 +1644,9 @@ def identification_from_string(xml_string): class ActivationPin(ActivationPinType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationPin element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ActivationPin element""" - c_tag = 'ActivationPin' + c_tag = "ActivationPin" c_namespace = NAMESPACE c_children = ActivationPinType_.c_children.copy() c_attributes = ActivationPinType_.c_attributes.copy() @@ -1728,9 +1659,9 @@ def activation_pin_from_string(xml_string): class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticatorTransportProtocol element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticatorTransportProtocol element""" - c_tag = 'AuthenticatorTransportProtocol' + c_tag = "AuthenticatorTransportProtocol" c_namespace = NAMESPACE c_children = AuthenticatorTransportProtocolType_.c_children.copy() c_attributes = AuthenticatorTransportProtocolType_.c_attributes.copy() @@ -1739,14 +1670,13 @@ class AuthenticatorTransportProtocol(AuthenticatorTransportProtocolType_): def authenticator_transport_protocol_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorTransportProtocol, xml_string) class SecurityAudit(SecurityAuditType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecurityAudit element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecurityAudit element""" - c_tag = 'SecurityAudit' + c_tag = "SecurityAudit" c_namespace = NAMESPACE c_children = SecurityAuditType_.c_children.copy() c_attributes = SecurityAuditType_.c_attributes.copy() @@ -1759,41 +1689,42 @@ def security_audit_from_string(xml_string): class OperationalProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:OperationalProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:OperationalProtectionType element""" - c_tag = 'OperationalProtectionType' + c_tag = "OperationalProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SecurityAudit'] = ( - 'security_audit', SecurityAudit) - c_cardinality['security_audit'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}DeactivationCallCenter'] = ( - 'deactivation_call_center', DeactivationCallCenter) - c_cardinality['deactivation_call_center'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['security_audit', 'deactivation_call_center', 'extension']) - - def __init__(self, - security_audit=None, - deactivation_call_center=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SecurityAudit"] = ( + "security_audit", + SecurityAudit, + ) + c_cardinality["security_audit"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}DeactivationCallCenter"] = ( + "deactivation_call_center", + DeactivationCallCenter, + ) + c_cardinality["deactivation_call_center"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["security_audit", "deactivation_call_center", "extension"]) + + def __init__( + self, + security_audit=None, + deactivation_call_center=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.security_audit = security_audit self.deactivation_call_center = deactivation_call_center @@ -1801,40 +1732,40 @@ def __init__(self, def operational_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(OperationalProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(OperationalProtectionType_, xml_string) class KeyActivationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeyActivationType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeyActivationType element""" - c_tag = 'KeyActivationType' + c_tag = "KeyActivationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationPin'] = ( - 'activation_pin', ActivationPin) - c_cardinality['activation_pin'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['activation_pin', 'extension']) - - def __init__(self, - activation_pin=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ActivationPin"] = ( + "activation_pin", + ActivationPin, + ) + c_cardinality["activation_pin"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["activation_pin", "extension"]) + + def __init__( + self, + activation_pin=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.activation_pin = activation_pin self.extension = extension or [] @@ -1845,9 +1776,9 @@ def key_activation_type__from_string(xml_string): class KeyActivation(KeyActivationType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeyActivation element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:KeyActivation element""" - c_tag = 'KeyActivation' + c_tag = "KeyActivation" c_namespace = NAMESPACE c_children = KeyActivationType_.c_children.copy() c_attributes = KeyActivationType_.c_attributes.copy() @@ -1860,9 +1791,9 @@ def key_activation_from_string(xml_string): class OperationalProtection(OperationalProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:OperationalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:OperationalProtection element""" - c_tag = 'OperationalProtection' + c_tag = "OperationalProtection" c_namespace = NAMESPACE c_children = OperationalProtectionType_.c_children.copy() c_attributes = OperationalProtectionType_.c_attributes.copy() @@ -1875,46 +1806,42 @@ def operational_protection_from_string(xml_string): class PrivateKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrivateKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrivateKeyProtectionType element""" - c_tag = 'PrivateKeyProtectionType' + c_tag = "PrivateKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeySharing'] = ( - 'key_sharing', KeySharing) - c_cardinality['key_sharing'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['key_activation', 'key_storage', 'key_sharing', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - key_sharing=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyStorage"] = ("key_storage", KeyStorage) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeySharing"] = ("key_sharing", KeySharing) + c_cardinality["key_sharing"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "key_sharing", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + key_sharing=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -1923,45 +1850,43 @@ def __init__(self, def private_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(PrivateKeyProtectionType_, xml_string) class SecretKeyProtectionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecretKeyProtectionType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecretKeyProtectionType element""" - c_tag = 'SecretKeyProtectionType' + c_tag = "SecretKeyProtectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyActivation'] = ( - 'key_activation', KeyActivation) - c_cardinality['key_activation'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyStorage'] = ( - 'key_storage', KeyStorage) - c_cardinality['key_storage'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['key_activation', 'key_storage', 'extension']) - - def __init__(self, - key_activation=None, - key_storage=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyActivation"] = ( + "key_activation", + KeyActivation, + ) + c_cardinality["key_activation"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}KeyStorage"] = ("key_storage", KeyStorage) + c_cardinality["key_storage"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["key_activation", "key_storage", "extension"]) + + def __init__( + self, + key_activation=None, + key_storage=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.key_activation = key_activation self.key_storage = key_storage @@ -1969,14 +1894,13 @@ def __init__(self, def secret_key_protection_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SecretKeyProtectionType_, - xml_string) + return saml2.create_class_from_xml_string(SecretKeyProtectionType_, xml_string) class SecretKeyProtection(SecretKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecretKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:SecretKeyProtection element""" - c_tag = 'SecretKeyProtection' + c_tag = "SecretKeyProtection" c_namespace = NAMESPACE c_children = SecretKeyProtectionType_.c_children.copy() c_attributes = SecretKeyProtectionType_.c_attributes.copy() @@ -1989,9 +1913,9 @@ def secret_key_protection_from_string(xml_string): class PrivateKeyProtection(PrivateKeyProtectionType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrivateKeyProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:PrivateKeyProtection element""" - c_tag = 'PrivateKeyProtection' + c_tag = "PrivateKeyProtection" c_namespace = NAMESPACE c_children = PrivateKeyProtectionType_.c_children.copy() c_attributes = PrivateKeyProtectionType_.c_attributes.copy() @@ -2004,41 +1928,42 @@ def private_key_protection_from_string(xml_string): class TechnicalProtectionBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:TechnicalProtectionBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:TechnicalProtectionBaseType element""" - c_tag = 'TechnicalProtectionBaseType' + c_tag = "TechnicalProtectionBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PrivateKeyProtection'] = ( - 'private_key_protection', PrivateKeyProtection) - c_cardinality['private_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SecretKeyProtection'] = ( - 'secret_key_protection', SecretKeyProtection) - c_cardinality['secret_key_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend( - ['private_key_protection', 'secret_key_protection', 'extension']) - - def __init__(self, - private_key_protection=None, - secret_key_protection=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PrivateKeyProtection"] = ( + "private_key_protection", + PrivateKeyProtection, + ) + c_cardinality["private_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SecretKeyProtection"] = ( + "secret_key_protection", + SecretKeyProtection, + ) + c_cardinality["secret_key_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend(["private_key_protection", "secret_key_protection", "extension"]) + + def __init__( + self, + private_key_protection=None, + secret_key_protection=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.private_key_protection = private_key_protection self.secret_key_protection = secret_key_protection @@ -2046,14 +1971,13 @@ def __init__(self, def technical_protection_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, - xml_string) + return saml2.create_class_from_xml_string(TechnicalProtectionBaseType_, xml_string) class TechnicalProtection(TechnicalProtectionBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:TechnicalProtection element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:TechnicalProtection element""" - c_tag = 'TechnicalProtection' + c_tag = "TechnicalProtection" c_namespace = NAMESPACE c_children = TechnicalProtectionBaseType_.c_children.copy() c_attributes = TechnicalProtectionBaseType_.c_attributes.copy() @@ -2065,106 +1989,119 @@ def technical_protection_from_string(xml_string): return saml2.create_class_from_xml_string(TechnicalProtection, xml_string) -#.................. +# .................. # ['ComplexAuthenticator', 'Authenticator', 'AuthnMethod', 'ComplexAuthenticatorType', 'AuthenticatorBaseType', 'AuthnContextDeclarationBaseType', 'AuthnMethodBaseType', 'AuthenticationContextDeclaration'] class ComplexAuthenticatorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ComplexAuthenticatorType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ComplexAuthenticatorType element""" - c_tag = 'ComplexAuthenticatorType' + c_tag = "ComplexAuthenticatorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PreviousSession'] = ( - 'previous_session', PreviousSession) - c_cardinality['previous_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ResumeSession'] = ( - 'resume_session', ResumeSession) - c_cardinality['resume_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}DigSig'] = ( - 'dig_sig', DigSig) - c_cardinality['dig_sig'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ZeroKnowledge'] = ( - 'zero_knowledge', ZeroKnowledge) - c_cardinality['zero_knowledge'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}IPAddress'] = ( - 'ip_address', IPAddress) - c_cardinality['ip_address'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricDecryption'] = ( - 'asymmetric_decryption', AsymmetricDecryption) - c_cardinality['asymmetric_decryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricKeyAgreement'] = ( - 'asymmetric_key_agreement', AsymmetricKeyAgreement) - c_cardinality['asymmetric_key_agreement'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SubscriberLineNumber'] = ( - 'subscriber_line_number', SubscriberLineNumber) - c_cardinality['subscriber_line_number'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}UserSuffix'] = ( - 'user_suffix', UserSuffix) - c_cardinality['user_suffix'] = {"min": 0, "max": 1} - c_cardinality['complex_authenticator'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PreviousSession"] = ( + "previous_session", + PreviousSession, + ) + c_cardinality["previous_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ResumeSession"] = ( + "resume_session", + ResumeSession, + ) + c_cardinality["resume_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}DigSig"] = ("dig_sig", DigSig) + c_cardinality["dig_sig"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ZeroKnowledge"] = ( + "zero_knowledge", + ZeroKnowledge, + ) + c_cardinality["zero_knowledge"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}IPAddress"] = ("ip_address", IPAddress) + c_cardinality["ip_address"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricDecryption"] = ( + "asymmetric_decryption", + AsymmetricDecryption, + ) + c_cardinality["asymmetric_decryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricKeyAgreement"] = ( + "asymmetric_key_agreement", + AsymmetricKeyAgreement, + ) + c_cardinality["asymmetric_key_agreement"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SubscriberLineNumber"] = ( + "subscriber_line_number", + SubscriberLineNumber, + ) + c_cardinality["subscriber_line_number"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}UserSuffix"] = ("user_suffix", UserSuffix) + c_cardinality["user_suffix"] = {"min": 0, "max": 1} + c_cardinality["complex_authenticator"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} c_child_order.extend( - ['previous_session', 'resume_session', 'dig_sig', 'password', - 'restricted_password', 'zero_knowledge', - 'shared_secret_challenge_response', 'shared_secret_dynamic_plaintext', - 'ip_address', 'asymmetric_decryption', 'asymmetric_key_agreement', - 'subscriber_line_number', 'user_suffix', 'complex_authenticator', - 'extension']) - - def __init__(self, - previous_session=None, - resume_session=None, - dig_sig=None, - password=None, - restricted_password=None, - zero_knowledge=None, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - ip_address=None, - asymmetric_decryption=None, - asymmetric_key_agreement=None, - subscriber_line_number=None, - user_suffix=None, - complex_authenticator=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "previous_session", + "resume_session", + "dig_sig", + "password", + "restricted_password", + "zero_knowledge", + "shared_secret_challenge_response", + "shared_secret_dynamic_plaintext", + "ip_address", + "asymmetric_decryption", + "asymmetric_key_agreement", + "subscriber_line_number", + "user_suffix", + "complex_authenticator", + "extension", + ] + ) + + def __init__( + self, + previous_session=None, + resume_session=None, + dig_sig=None, + password=None, + restricted_password=None, + zero_knowledge=None, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + ip_address=None, + asymmetric_decryption=None, + asymmetric_key_agreement=None, + subscriber_line_number=None, + user_suffix=None, + complex_authenticator=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.previous_session = previous_session self.resume_session = resume_session @@ -2184,14 +2121,13 @@ def __init__(self, def complex_authenticator_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, - xml_string) + return saml2.create_class_from_xml_string(ComplexAuthenticatorType_, xml_string) class ComplexAuthenticator(ComplexAuthenticatorType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ComplexAuthenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:ComplexAuthenticator element""" - c_tag = 'ComplexAuthenticator' + c_tag = "ComplexAuthenticator" c_namespace = NAMESPACE c_children = ComplexAuthenticatorType_.c_children.copy() c_attributes = ComplexAuthenticatorType_.c_attributes.copy() @@ -2204,106 +2140,120 @@ def complex_authenticator_from_string(xml_string): class AuthenticatorBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticatorBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticatorBaseType element""" - c_tag = 'AuthenticatorBaseType' + c_tag = "AuthenticatorBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PreviousSession'] = ( - 'previous_session', PreviousSession) - c_cardinality['previous_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ResumeSession'] = ( - 'resume_session', ResumeSession) - c_cardinality['resume_session'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}DigSig'] = ( - 'dig_sig', DigSig) - c_cardinality['dig_sig'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Password'] = ( - 'password', Password) - c_cardinality['password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}RestrictedPassword'] = ( - 'restricted_password', RestrictedPassword) - c_cardinality['restricted_password'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ZeroKnowledge'] = ( - 'zero_knowledge', ZeroKnowledge) - c_cardinality['zero_knowledge'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretChallengeResponse'] = ( - 'shared_secret_challenge_response', SharedSecretChallengeResponse) - c_cardinality['shared_secret_challenge_response'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretDynamicPlaintext'] = ( - 'shared_secret_dynamic_plaintext', SharedSecretDynamicPlaintext) - c_cardinality['shared_secret_dynamic_plaintext'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}IPAddress'] = ( - 'ip_address', IPAddress) - c_cardinality['ip_address'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricDecryption'] = ( - 'asymmetric_decryption', AsymmetricDecryption) - c_cardinality['asymmetric_decryption'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricKeyAgreement'] = ( - 'asymmetric_key_agreement', AsymmetricKeyAgreement) - c_cardinality['asymmetric_key_agreement'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SubscriberLineNumber'] = ( - 'subscriber_line_number', SubscriberLineNumber) - c_cardinality['subscriber_line_number'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}UserSuffix'] = ( - 'user_suffix', UserSuffix) - c_cardinality['user_suffix'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) - c_cardinality['complex_authenticator'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PreviousSession"] = ( + "previous_session", + PreviousSession, + ) + c_cardinality["previous_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ResumeSession"] = ( + "resume_session", + ResumeSession, + ) + c_cardinality["resume_session"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}DigSig"] = ("dig_sig", DigSig) + c_cardinality["dig_sig"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Password"] = ("password", Password) + c_cardinality["password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}RestrictedPassword"] = ( + "restricted_password", + RestrictedPassword, + ) + c_cardinality["restricted_password"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ZeroKnowledge"] = ( + "zero_knowledge", + ZeroKnowledge, + ) + c_cardinality["zero_knowledge"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretChallengeResponse"] = ( + "shared_secret_challenge_response", + SharedSecretChallengeResponse, + ) + c_cardinality["shared_secret_challenge_response"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SharedSecretDynamicPlaintext"] = ( + "shared_secret_dynamic_plaintext", + SharedSecretDynamicPlaintext, + ) + c_cardinality["shared_secret_dynamic_plaintext"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}IPAddress"] = ("ip_address", IPAddress) + c_cardinality["ip_address"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricDecryption"] = ( + "asymmetric_decryption", + AsymmetricDecryption, + ) + c_cardinality["asymmetric_decryption"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AsymmetricKeyAgreement"] = ( + "asymmetric_key_agreement", + AsymmetricKeyAgreement, + ) + c_cardinality["asymmetric_key_agreement"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}SubscriberLineNumber"] = ( + "subscriber_line_number", + SubscriberLineNumber, + ) + c_cardinality["subscriber_line_number"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}UserSuffix"] = ("user_suffix", UserSuffix) + c_cardinality["user_suffix"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, + ) + c_cardinality["complex_authenticator"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} c_child_order.extend( - ['previous_session', 'resume_session', 'dig_sig', 'password', - 'restricted_password', 'zero_knowledge', - 'shared_secret_challenge_response', 'shared_secret_dynamic_plaintext', - 'ip_address', 'asymmetric_decryption', 'asymmetric_key_agreement', - 'subscriber_line_number', 'user_suffix', 'complex_authenticator', - 'extension']) - - def __init__(self, - previous_session=None, - resume_session=None, - dig_sig=None, - password=None, - restricted_password=None, - zero_knowledge=None, - shared_secret_challenge_response=None, - shared_secret_dynamic_plaintext=None, - ip_address=None, - asymmetric_decryption=None, - asymmetric_key_agreement=None, - subscriber_line_number=None, - user_suffix=None, - complex_authenticator=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "previous_session", + "resume_session", + "dig_sig", + "password", + "restricted_password", + "zero_knowledge", + "shared_secret_challenge_response", + "shared_secret_dynamic_plaintext", + "ip_address", + "asymmetric_decryption", + "asymmetric_key_agreement", + "subscriber_line_number", + "user_suffix", + "complex_authenticator", + "extension", + ] + ) + + def __init__( + self, + previous_session=None, + resume_session=None, + dig_sig=None, + password=None, + restricted_password=None, + zero_knowledge=None, + shared_secret_challenge_response=None, + shared_secret_dynamic_plaintext=None, + ip_address=None, + asymmetric_decryption=None, + asymmetric_key_agreement=None, + subscriber_line_number=None, + user_suffix=None, + complex_authenticator=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.previous_session = previous_session self.resume_session = resume_session @@ -2323,14 +2273,13 @@ def __init__(self, def authenticator_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatorBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatorBaseType_, xml_string) class Authenticator(AuthenticatorBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Authenticator element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:Authenticator element""" - c_tag = 'Authenticator' + c_tag = "Authenticator" c_namespace = NAMESPACE c_children = AuthenticatorBaseType_.c_children.copy() c_attributes = AuthenticatorBaseType_.c_attributes.copy() @@ -2343,45 +2292,46 @@ def authenticator_from_string(xml_string): class AuthnMethodBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthnMethodBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthnMethodBaseType element""" - c_tag = 'AuthnMethodBaseType' + c_tag = "AuthnMethodBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PrincipalAuthenticationMechanism'] = ( - 'principal_authentication_mechanism', PrincipalAuthenticationMechanism) - c_cardinality['principal_authentication_mechanism'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Authenticator'] = ( - 'authenticator', Authenticator) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AuthenticatorTransportProtocol'] = ( - 'authenticator_transport_protocol', AuthenticatorTransportProtocol) - c_cardinality['authenticator_transport_protocol'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_child_order.extend(['principal_authentication_mechanism', 'authenticator', - 'authenticator_transport_protocol', 'extension']) - - def __init__(self, - principal_authentication_mechanism=None, - authenticator=None, - authenticator_transport_protocol=None, - extension=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}PrincipalAuthenticationMechanism"] = ( + "principal_authentication_mechanism", + PrincipalAuthenticationMechanism, + ) + c_cardinality["principal_authentication_mechanism"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Authenticator"] = ("authenticator", Authenticator) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AuthenticatorTransportProtocol"] = ( + "authenticator_transport_protocol", + AuthenticatorTransportProtocol, + ) + c_cardinality["authenticator_transport_protocol"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_child_order.extend( + ["principal_authentication_mechanism", "authenticator", "authenticator_transport_protocol", "extension"] + ) + + def __init__( + self, + principal_authentication_mechanism=None, + authenticator=None, + authenticator_transport_protocol=None, + extension=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.principal_authentication_mechanism = principal_authentication_mechanism self.authenticator = authenticator @@ -2394,9 +2344,9 @@ def authn_method_base_type__from_string(xml_string): class AuthnMethod(AuthnMethodBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthnMethod element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthnMethod element""" - c_tag = 'AuthnMethod' + c_tag = "AuthnMethod" c_namespace = NAMESPACE c_children = AuthnMethodBaseType_.c_children.copy() c_attributes = AuthnMethodBaseType_.c_attributes.copy() @@ -2409,58 +2359,67 @@ def authn_method_from_string(xml_string): class AuthnContextDeclarationBaseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthnContextDeclarationBaseType element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthnContextDeclarationBaseType element""" - c_tag = 'AuthnContextDeclarationBaseType' + c_tag = "AuthnContextDeclarationBaseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Identification'] = ( - 'identification', Identification) - c_cardinality['identification'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}TechnicalProtection'] = ( - 'technical_protection', TechnicalProtection) - c_cardinality['technical_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}OperationalProtection'] = ( - 'operational_protection', OperationalProtection) - c_cardinality['operational_protection'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AuthnMethod'] = ( - 'authn_method', AuthnMethod) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}GoverningAgreements'] = ( - 'governing_agreements', GoverningAgreements) - c_cardinality['governing_agreements'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension'] = ( - 'extension', [Extension]) - c_cardinality['extension'] = {"min": 0} - c_attributes['ID'] = ('id', 'ID', False) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Identification"] = ( + "identification", + Identification, + ) + c_cardinality["identification"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}TechnicalProtection"] = ( + "technical_protection", + TechnicalProtection, + ) + c_cardinality["technical_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}OperationalProtection"] = ( + "operational_protection", + OperationalProtection, + ) + c_cardinality["operational_protection"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}AuthnMethod"] = ("authn_method", AuthnMethod) + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}GoverningAgreements"] = ( + "governing_agreements", + GoverningAgreements, + ) + c_cardinality["governing_agreements"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}Extension"] = ("extension", [Extension]) + c_cardinality["extension"] = {"min": 0} + c_attributes["ID"] = ("id", "ID", False) c_child_order.extend( - ['identification', 'technical_protection', 'operational_protection', - 'authn_method', 'governing_agreements', 'extension']) - - def __init__(self, - identification=None, - technical_protection=None, - operational_protection=None, - authn_method=None, - governing_agreements=None, - extension=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + [ + "identification", + "technical_protection", + "operational_protection", + "authn_method", + "governing_agreements", + "extension", + ] + ) + + def __init__( + self, + identification=None, + technical_protection=None, + operational_protection=None, + authn_method=None, + governing_agreements=None, + extension=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.identification = identification self.technical_protection = technical_protection @@ -2472,14 +2431,13 @@ def __init__(self, def authn_context_declaration_base_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnContextDeclarationBaseType_, xml_string) class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): - """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticationContextDeclaration element """ + """The urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken:AuthenticationContextDeclaration element""" - c_tag = 'AuthenticationContextDeclaration' + c_tag = "AuthenticationContextDeclaration" c_namespace = NAMESPACE c_children = AuthnContextDeclarationBaseType_.c_children.copy() c_attributes = AuthnContextDeclarationBaseType_.c_attributes.copy() @@ -2488,17 +2446,18 @@ class AuthenticationContextDeclaration(AuthnContextDeclarationBaseType_): def authentication_context_declaration_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, - xml_string) + return saml2.create_class_from_xml_string(AuthenticationContextDeclaration, xml_string) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -ComplexAuthenticatorType_.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) -ComplexAuthenticator.c_children[ - '{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ComplexAuthenticator'] = ( - 'complex_authenticator', ComplexAuthenticator) +ComplexAuthenticatorType_.c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, +) +ComplexAuthenticator.c_children["{urn:oasis:names:tc:SAML:2.0:ac:classes:TimeSyncToken}ComplexAuthenticator"] = ( + "complex_authenticator", + ComplexAuthenticator, +) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ELEMENT_FROM_STRING = { @@ -2598,102 +2557,101 @@ def authentication_context_declaration_from_string(xml_string): } ELEMENT_BY_TAG = { - 'AuthenticationContextDeclaration': AuthenticationContextDeclaration, - 'Identification': Identification, - 'PhysicalVerification': PhysicalVerification, - 'WrittenConsent': WrittenConsent, - 'TechnicalProtection': TechnicalProtection, - 'SecretKeyProtection': SecretKeyProtection, - 'PrivateKeyProtection': PrivateKeyProtection, - 'KeyActivation': KeyActivation, - 'KeySharing': KeySharing, - 'KeyStorage': KeyStorage, - 'SubscriberLineNumber': SubscriberLineNumber, - 'UserSuffix': UserSuffix, - 'Password': Password, - 'ActivationPin': ActivationPin, - 'Token': Token, - 'TimeSyncToken': TimeSyncToken, - 'Smartcard': Smartcard, - 'Length': Length, - 'ActivationLimit': ActivationLimit, - 'Generation': Generation, - 'AuthnMethod': AuthnMethod, - 'PrincipalAuthenticationMechanism': PrincipalAuthenticationMechanism, - 'Authenticator': Authenticator, - 'ComplexAuthenticator': ComplexAuthenticator, - 'PreviousSession': PreviousSession, - 'ResumeSession': ResumeSession, - 'ZeroKnowledge': ZeroKnowledge, - 'SharedSecretChallengeResponse': SharedSecretChallengeResponse, - 'SharedSecretChallengeResponseType': SharedSecretChallengeResponseType_, - 'DigSig': DigSig, - 'AsymmetricDecryption': AsymmetricDecryption, - 'AsymmetricKeyAgreement': AsymmetricKeyAgreement, - 'PublicKeyType': PublicKeyType_, - 'IPAddress': IPAddress, - 'SharedSecretDynamicPlaintext': SharedSecretDynamicPlaintext, - 'AuthenticatorTransportProtocol': AuthenticatorTransportProtocol, - 'HTTP': HTTP, - 'IPSec': IPSec, - 'WTLS': WTLS, - 'MobileNetworkNoEncryption': MobileNetworkNoEncryption, - 'MobileNetworkRadioEncryption': MobileNetworkRadioEncryption, - 'MobileNetworkEndToEndEncryption': MobileNetworkEndToEndEncryption, - 'SSL': SSL, - 'PSTN': PSTN, - 'ISDN': ISDN, - 'ADSL': ADSL, - 'OperationalProtection': OperationalProtection, - 'SecurityAudit': SecurityAudit, - 'SwitchAudit': SwitchAudit, - 'DeactivationCallCenter': DeactivationCallCenter, - 'GoverningAgreements': GoverningAgreements, - 'GoverningAgreementRef': GoverningAgreementRef, - 'nymType': NymType_, - 'IdentificationType': IdentificationType_, - 'TechnicalProtectionBaseType': TechnicalProtectionBaseType_, - 'OperationalProtectionType': OperationalProtectionType_, - 'GoverningAgreementsType': GoverningAgreementsType_, - 'GoverningAgreementRefType': GoverningAgreementRefType_, - 'AuthenticatorBaseType': AuthenticatorBaseType_, - 'ComplexAuthenticatorType': ComplexAuthenticatorType_, - 'AuthenticatorTransportProtocolType': AuthenticatorTransportProtocolType_, - 'KeyActivationType': KeyActivationType_, - 'KeySharingType': KeySharingType_, - 'PrivateKeyProtectionType': PrivateKeyProtectionType_, - 'PasswordType': PasswordType_, - 'RestrictedPassword': RestrictedPassword, - 'RestrictedPasswordType': RestrictedPasswordType_, - 'RestrictedLengthType': RestrictedLengthType_, - 'ActivationPinType': ActivationPinType_, - 'Alphabet': Alphabet, - 'AlphabetType': AlphabetType_, - 'DeviceTypeType': DeviceTypeType_, - 'booleanType': BooleanType_, - 'ActivationLimitType': ActivationLimitType_, - 'ActivationLimitDuration': ActivationLimitDuration, - 'ActivationLimitUsages': ActivationLimitUsages, - 'ActivationLimitSession': ActivationLimitSession, - 'ActivationLimitDurationType': ActivationLimitDurationType_, - 'ActivationLimitUsagesType': ActivationLimitUsagesType_, - 'ActivationLimitSessionType': ActivationLimitSessionType_, - 'LengthType': LengthType_, - 'mediumType': MediumType_, - 'KeyStorageType': KeyStorageType_, - 'SecretKeyProtectionType': SecretKeyProtectionType_, - 'SecurityAuditType': SecurityAuditType_, - 'ExtensionOnlyType': ExtensionOnlyType_, - 'Extension': Extension, - 'ExtensionType': ExtensionType_, - 'AuthnContextDeclarationBaseType': AuthnContextDeclarationBaseType_, - 'AuthnMethodBaseType': AuthnMethodBaseType_, - 'PrincipalAuthenticationMechanismType': PrincipalAuthenticationMechanismType_, - 'TokenType': TokenType_, - 'TimeSyncTokenType': TimeSyncTokenType_, + "AuthenticationContextDeclaration": AuthenticationContextDeclaration, + "Identification": Identification, + "PhysicalVerification": PhysicalVerification, + "WrittenConsent": WrittenConsent, + "TechnicalProtection": TechnicalProtection, + "SecretKeyProtection": SecretKeyProtection, + "PrivateKeyProtection": PrivateKeyProtection, + "KeyActivation": KeyActivation, + "KeySharing": KeySharing, + "KeyStorage": KeyStorage, + "SubscriberLineNumber": SubscriberLineNumber, + "UserSuffix": UserSuffix, + "Password": Password, + "ActivationPin": ActivationPin, + "Token": Token, + "TimeSyncToken": TimeSyncToken, + "Smartcard": Smartcard, + "Length": Length, + "ActivationLimit": ActivationLimit, + "Generation": Generation, + "AuthnMethod": AuthnMethod, + "PrincipalAuthenticationMechanism": PrincipalAuthenticationMechanism, + "Authenticator": Authenticator, + "ComplexAuthenticator": ComplexAuthenticator, + "PreviousSession": PreviousSession, + "ResumeSession": ResumeSession, + "ZeroKnowledge": ZeroKnowledge, + "SharedSecretChallengeResponse": SharedSecretChallengeResponse, + "SharedSecretChallengeResponseType": SharedSecretChallengeResponseType_, + "DigSig": DigSig, + "AsymmetricDecryption": AsymmetricDecryption, + "AsymmetricKeyAgreement": AsymmetricKeyAgreement, + "PublicKeyType": PublicKeyType_, + "IPAddress": IPAddress, + "SharedSecretDynamicPlaintext": SharedSecretDynamicPlaintext, + "AuthenticatorTransportProtocol": AuthenticatorTransportProtocol, + "HTTP": HTTP, + "IPSec": IPSec, + "WTLS": WTLS, + "MobileNetworkNoEncryption": MobileNetworkNoEncryption, + "MobileNetworkRadioEncryption": MobileNetworkRadioEncryption, + "MobileNetworkEndToEndEncryption": MobileNetworkEndToEndEncryption, + "SSL": SSL, + "PSTN": PSTN, + "ISDN": ISDN, + "ADSL": ADSL, + "OperationalProtection": OperationalProtection, + "SecurityAudit": SecurityAudit, + "SwitchAudit": SwitchAudit, + "DeactivationCallCenter": DeactivationCallCenter, + "GoverningAgreements": GoverningAgreements, + "GoverningAgreementRef": GoverningAgreementRef, + "nymType": NymType_, + "IdentificationType": IdentificationType_, + "TechnicalProtectionBaseType": TechnicalProtectionBaseType_, + "OperationalProtectionType": OperationalProtectionType_, + "GoverningAgreementsType": GoverningAgreementsType_, + "GoverningAgreementRefType": GoverningAgreementRefType_, + "AuthenticatorBaseType": AuthenticatorBaseType_, + "ComplexAuthenticatorType": ComplexAuthenticatorType_, + "AuthenticatorTransportProtocolType": AuthenticatorTransportProtocolType_, + "KeyActivationType": KeyActivationType_, + "KeySharingType": KeySharingType_, + "PrivateKeyProtectionType": PrivateKeyProtectionType_, + "PasswordType": PasswordType_, + "RestrictedPassword": RestrictedPassword, + "RestrictedPasswordType": RestrictedPasswordType_, + "RestrictedLengthType": RestrictedLengthType_, + "ActivationPinType": ActivationPinType_, + "Alphabet": Alphabet, + "AlphabetType": AlphabetType_, + "DeviceTypeType": DeviceTypeType_, + "booleanType": BooleanType_, + "ActivationLimitType": ActivationLimitType_, + "ActivationLimitDuration": ActivationLimitDuration, + "ActivationLimitUsages": ActivationLimitUsages, + "ActivationLimitSession": ActivationLimitSession, + "ActivationLimitDurationType": ActivationLimitDurationType_, + "ActivationLimitUsagesType": ActivationLimitUsagesType_, + "ActivationLimitSessionType": ActivationLimitSessionType_, + "LengthType": LengthType_, + "mediumType": MediumType_, + "KeyStorageType": KeyStorageType_, + "SecretKeyProtectionType": SecretKeyProtectionType_, + "SecurityAuditType": SecurityAuditType_, + "ExtensionOnlyType": ExtensionOnlyType_, + "Extension": Extension, + "ExtensionType": ExtensionType_, + "AuthnContextDeclarationBaseType": AuthnContextDeclarationBaseType_, + "AuthnMethodBaseType": AuthnMethodBaseType_, + "PrincipalAuthenticationMechanismType": PrincipalAuthenticationMechanismType_, + "TokenType": TokenType_, + "TimeSyncTokenType": TimeSyncTokenType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/cache.py b/src/saml2/cache.py index c93a160aa..5aaddbdb4 100644 --- a/src/saml2/cache.py +++ b/src/saml2/cache.py @@ -1,10 +1,13 @@ #!/usr/bin/env python -import shelve -import six -from saml2.ident import code, decode -from saml2 import time_util, SAMLError import logging +import shelve + +from saml2 import SAMLError +from saml2 import time_util +from saml2.ident import code +from saml2.ident import decode + logger = logging.getLogger(__name__) @@ -25,7 +28,7 @@ class CacheError(SAMLError): pass -class Cache(object): +class Cache: def __init__(self, filename=None): if filename: self._db = shelve.open(filename, writeback=True, protocol=2) @@ -47,9 +50,8 @@ def delete(self, name_id): except AttributeError: pass - def get_identity(self, name_id, entities=None, - check_not_on_or_after=True): - """ Get all the identity information that has been received and + def get_identity(self, name_id, entities=None, check_not_on_or_after=True): + """Get all the identity information that has been received and are still valid about the subject. :param name_id: The subject identifier, a NameID instance @@ -88,7 +90,7 @@ def get_identity(self, name_id, entities=None, return res, oldees def get(self, name_id, entity_id, check_not_on_or_after=True): - """ Get session information about a subject gotten from a + """Get session information about a subject gotten from a specified IdP/AA. :param name_id: The subject identifier, a NameID instance @@ -102,14 +104,14 @@ def get(self, name_id, entity_id, check_not_on_or_after=True): (timestamp, info) = self._db[cni][entity_id] info = info.copy() if check_not_on_or_after and time_util.after(timestamp): - raise TooOld("past %s" % str(timestamp)) + raise TooOld(f"past {str(timestamp)}") - if 'name_id' in info and isinstance(info['name_id'], six.string_types): - info['name_id'] = decode(info['name_id']) + if "name_id" in info and isinstance(info["name_id"], str): + info["name_id"] = decode(info["name_id"]) return info or None def set(self, name_id, entity_id, info, not_on_or_after=0): - """ Stores session information in the cache. Assumes that the name_id + """Stores session information in the cache. Assumes that the name_id is unique within the context of the Service Provider. :param name_id: The subject identifier, a NameID instance @@ -119,9 +121,9 @@ def set(self, name_id, entity_id, info, not_on_or_after=0): :param not_on_or_after: A time after which the assertion is not valid. """ info = dict(info) - if 'name_id' in info and not isinstance(info['name_id'], six.string_types): + if "name_id" in info and not isinstance(info["name_id"], str): # make friendly to (JSON) serialization - info['name_id'] = code(name_id) + info["name_id"] = code(name_id) cni = code(name_id) if cni not in self._db: @@ -135,7 +137,7 @@ def set(self, name_id, entity_id, info, not_on_or_after=0): pass def reset(self, name_id, entity_id): - """ Scrap the assertions received from a IdP or an AA about a special + """Scrap the assertions received from a IdP or an AA about a special subject. :param name_id: The subject identifier, a NameID instance @@ -145,7 +147,7 @@ def reset(self, name_id, entity_id): self.set(name_id, entity_id, {}, 0) def entities(self, name_id): - """ Returns all the entities of assertions for a subject, disregarding + """Returns all the entities of assertions for a subject, disregarding whether the assertion still is valid or not. :param name_id: The subject identifier, a NameID instance @@ -155,12 +157,12 @@ def entities(self, name_id): return list(self._db[cni].keys()) def receivers(self, name_id): - """ Another name for entities() just to make it more logic in the IdP - scenario """ + """Another name for entities() just to make it more logic in the IdP + scenario""" return self.entities(name_id) def active(self, name_id, entity_id): - """ Returns the status of assertions from a specific entity_id. + """Returns the status of assertions from a specific entity_id. :param name_id: The ID of the subject :param entity_id: The entity ID of the entity_id of the assertion @@ -179,7 +181,7 @@ def active(self, name_id, entity_id): return time_util.not_on_or_after(timestamp) def subjects(self): - """ Return identifiers for all the subjects that are in the cache. + """Return identifiers for all the subjects that are in the cache. :return: list of subject identifiers """ diff --git a/src/saml2/cert.py b/src/saml2/cert.py index 68bd55e3b..e90651e44 100644 --- a/src/saml2/cert.py +++ b/src/saml2/cert.py @@ -1,13 +1,13 @@ -__author__ = 'haho0032' +__author__ = "haho0032" import base64 -import datetime -import dateutil.parser -import pytz -import six -from OpenSSL import crypto -from os.path import join from os import remove +from os.path import join +from datetime import datetime +from datetime import timezone + +from OpenSSL import crypto +import dateutil.parser import saml2.cryptography.pki @@ -24,14 +24,23 @@ class PayloadError(Exception): pass -class OpenSSLWrapper(object): +class OpenSSLWrapper: def __init__(self): pass - def create_certificate(self, cert_info, request=False, valid_from=0, - valid_to=315360000, sn=1, key_length=1024, - hash_alg="sha256", write_to_file=False, cert_dir="", - cipher_passphrase=None): + def create_certificate( + self, + cert_info, + request=False, + valid_from=0, + valid_to=315360000, + sn=1, + key_length=1024, + hash_alg="sha256", + write_to_file=False, + cert_dir="", + cipher_passphrase=None, + ): """ Can create certificate requests, to be signed later by another certificate with the method @@ -108,20 +117,19 @@ def create_certificate(self, cert_info, request=False, valid_from=0, k_f = None if write_to_file: - cert_file = "%s.crt" % cn - key_file = "%s.key" % cn + cert_file = f"{cn}.crt" + key_file = f"{cn}.key" try: remove(cert_file) - except: + except Exception: pass try: remove(key_file) - except: + except Exception: pass c_f = join(cert_dir, cert_file) k_f = join(cert_dir, key_file) - # create a key pair k = crypto.PKey() k.generate_key(crypto.TYPE_RSA, key_length) @@ -132,55 +140,51 @@ def create_certificate(self, cert_info, request=False, valid_from=0, if request: cert = crypto.X509Req() - if (len(cert_info["country_code"]) != 2): + if len(cert_info["country_code"]) != 2: raise WrongInput("Country code must be two letters!") cert.get_subject().C = cert_info["country_code"] cert.get_subject().ST = cert_info["state"] cert.get_subject().L = cert_info["city"] - cert.get_subject().O = cert_info["organization"] + cert.get_subject().O = cert_info["organization"] # noqa: E741 cert.get_subject().OU = cert_info["organization_unit"] cert.get_subject().CN = cn if not request: cert.set_serial_number(sn) - cert.gmtime_adj_notBefore(valid_from) #Valid before present time - cert.gmtime_adj_notAfter(valid_to) #3 650 days + cert.gmtime_adj_notBefore(valid_from) # Valid before present time + cert.gmtime_adj_notAfter(valid_to) # 3 650 days cert.set_issuer(cert.get_subject()) cert.set_pubkey(k) cert.sign(k, hash_alg) try: if request: - tmp_cert = crypto.dump_certificate_request(crypto.FILETYPE_PEM, - cert) + tmp_cert = crypto.dump_certificate_request(crypto.FILETYPE_PEM, cert) else: tmp_cert = crypto.dump_certificate(crypto.FILETYPE_PEM, cert) tmp_key = None if cipher_passphrase is not None: passphrase = cipher_passphrase["passphrase"] - if isinstance(cipher_passphrase["passphrase"], - six.string_types): - passphrase = passphrase.encode('utf-8') - tmp_key = crypto.dump_privatekey(crypto.FILETYPE_PEM, k, - cipher_passphrase["cipher"], - passphrase) + if isinstance(cipher_passphrase["passphrase"], str): + passphrase = passphrase.encode("utf-8") + tmp_key = crypto.dump_privatekey(crypto.FILETYPE_PEM, k, cipher_passphrase["cipher"], passphrase) else: tmp_key = crypto.dump_privatekey(crypto.FILETYPE_PEM, k) if write_to_file: - with open(c_f, 'wt') as fc: - fc.write(tmp_cert.decode('utf-8')) - with open(k_f, 'wt') as fk: - fk.write(tmp_key.decode('utf-8')) + with open(c_f, "w") as fc: + fc.write(tmp_cert.decode("utf-8")) + with open(k_f, "w") as fk: + fk.write(tmp_key.decode("utf-8")) return c_f, k_f return tmp_cert, tmp_key except Exception as ex: raise CertificateError("Certificate cannot be generated.", ex) def write_str_to_file(self, file, str_data): - with open(file, 'wt') as f: + with open(file, "w") as f: f.write(str_data) def read_str_from_file(self, file, type="pem"): - with open(file, 'rb') as f: + with open(file, "rb") as f: str_data = f.read() if type == "pem": @@ -189,11 +193,17 @@ def read_str_from_file(self, file, type="pem"): if type in ["der", "cer", "crt"]: return base64.b64encode(str(str_data)) - - def create_cert_signed_certificate(self, sign_cert_str, sign_key_str, - request_cert_str, hash_alg="sha256", - valid_from=0, valid_to=315360000, sn=1, - passphrase=None): + def create_cert_signed_certificate( + self, + sign_cert_str, + sign_key_str, + request_cert_str, + hash_alg="sha256", + valid_from=0, + valid_to=315360000, + sn=1, + passphrase=None, + ): """ Will sign a certificate request with a give certificate. @@ -230,12 +240,10 @@ def create_cert_signed_certificate(self, sign_cert_str, sign_key_str, ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM, sign_cert_str) ca_key = None if passphrase is not None: - ca_key = crypto.load_privatekey(crypto.FILETYPE_PEM, sign_key_str, - passphrase) + ca_key = crypto.load_privatekey(crypto.FILETYPE_PEM, sign_key_str, passphrase) else: ca_key = crypto.load_privatekey(crypto.FILETYPE_PEM, sign_key_str) - req_cert = crypto.load_certificate_request(crypto.FILETYPE_PEM, - request_cert_str) + req_cert = crypto.load_certificate_request(crypto.FILETYPE_PEM, request_cert_str) cert = crypto.X509() cert.set_subject(req_cert.get_subject()) @@ -247,9 +255,9 @@ def create_cert_signed_certificate(self, sign_cert_str, sign_key_str, cert.sign(ca_key, hash_alg) cert_dump = crypto.dump_certificate(crypto.FILETYPE_PEM, cert) - if isinstance(cert_dump, six.string_types): + if isinstance(cert_dump, str): return cert_dump - return cert_dump.decode('utf-8') + return cert_dump.decode("utf-8") def verify_chain(self, cert_chain_str_list, cert_str): """ @@ -266,18 +274,15 @@ def verify_chain(self, cert_chain_str_list, cert_str): return False, message else: cert_str = tmp_cert_str - return (True, - "Signed certificate is valid and correctly signed by CA " - "certificate.") + return (True, "Signed certificate is valid and correctly signed by CA " "certificate.") def certificate_not_valid_yet(self, cert): starts_to_be_valid = dateutil.parser.parse(cert.get_notBefore()) - now = pytz.UTC.localize(datetime.datetime.utcnow()) + now = datetime.now(timezone.utc) if starts_to_be_valid < now: return False return True - def verify(self, signing_cert_str, cert_str): """ Verifies if a certificate is valid and signed by a given certificate. @@ -298,8 +303,7 @@ def verify(self, signing_cert_str, cert_str): Message = Why the validation failed. """ try: - ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM, - signing_cert_str) + ca_cert = crypto.load_certificate(crypto.FILETYPE_PEM, signing_cert_str) cert = crypto.load_certificate(crypto.FILETYPE_PEM, cert_str) if self.certificate_not_valid_yet(ca_cert): @@ -315,23 +319,43 @@ def verify(self, signing_cert_str, cert_str): return False, "The signed certificate is not valid yet." if ca_cert.get_subject().CN == cert.get_subject().CN: - return False, ("CN may not be equal for CA certificate and the " - "signed certificate.") + return False, ("CN may not be equal for CA certificate and the " "signed certificate.") cert_algorithm = cert.get_signature_algorithm() - if six.PY3: - cert_algorithm = cert_algorithm.decode('ascii') - cert_str = cert_str.encode('ascii') + cert_algorithm = cert_algorithm.decode("ascii") + cert_str = cert_str.encode("ascii") - cert_crypto = saml2.cryptography.pki.load_pem_x509_certificate( - cert_str) + cert_crypto = saml2.cryptography.pki.load_pem_x509_certificate(cert_str) try: - crypto.verify(ca_cert, cert_crypto.signature, - cert_crypto.tbs_certificate_bytes, - cert_algorithm) + crypto.verify(ca_cert, cert_crypto.signature, cert_crypto.tbs_certificate_bytes, cert_algorithm) return True, "Signed certificate is valid and correctly signed by CA certificate." except crypto.Error as e: - return False, "Certificate is incorrectly signed." + return False, f"Certificate is incorrectly signed: {str(e)}" except Exception as e: - return False, "Certificate is not valid for an unknown reason. %s" % str(e) + return False, f"Certificate is not valid for an unknown reason. {str(e)}" + + +def read_cert_from_file(cert_file, cert_type="pem"): + """Read a certificate from a file. + + If there are multiple certificates in the file, the first is returned. + + :param cert_file: The name of the file + :param cert_type: The certificate type + :return: A base64 encoded certificate as a string or the empty string + """ + if not cert_file: + return "" + + with open(cert_file, "rb") as fp: + data = fp.read() + + try: + cert = saml2.cryptography.pki.load_x509_certificate(data, cert_type) + pem_data = saml2.cryptography.pki.get_public_bytes_from_cert(cert) + except Exception as e: + raise CertificateError(e) + + pem_data_no_headers = "".join(pem_data.splitlines()[1:-1]) + return pem_data_no_headers diff --git a/src/saml2/client.py b/src/saml2/client.py index 1eebf31d8..4c91a08b8 100644 --- a/src/saml2/client.py +++ b/src/saml2/client.py @@ -1,40 +1,40 @@ # !/usr/bin/env python -# -*- coding: utf-8 -*- # -import six + """Contains classes and functions that a SAML2.0 Service Provider (SP) may use to conclude its tasks. """ -import saml2 +import logging -from saml2 import saml, SAMLError -from saml2 import BINDING_HTTP_REDIRECT +import saml2 from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP - -from saml2.ident import decode, code +from saml2 import SAMLError +from saml2 import saml +from saml2.client_base import Base +from saml2.client_base import LogoutError +from saml2.client_base import NoServiceDefined +from saml2.client_base import SignOnError from saml2.httpbase import HTTPError +from saml2.ident import code +from saml2.ident import decode +from saml2.mdstore import locations from saml2.s_utils import sid from saml2.s_utils import status_message_factory from saml2.s_utils import success_status_factory +from saml2.saml import AssertionIDRef from saml2.samlp import STATUS_REQUEST_DENIED from saml2.samlp import STATUS_UNKNOWN_PRINCIPAL from saml2.time_util import not_on_or_after -from saml2.saml import AssertionIDRef -from saml2.client_base import Base -from saml2.client_base import SignOnError -from saml2.client_base import LogoutError -from saml2.client_base import NoServiceDefined -from saml2.mdstore import locations -import logging logger = logging.getLogger(__name__) class Saml2Client(Base): - """ The basic pySAML2 service provider class """ + """The basic pySAML2 service provider class""" def prepare_for_authenticate( self, @@ -44,14 +44,15 @@ def prepare_for_authenticate( vorg="", nameid_format=None, scoping=None, - consent=None, extensions=None, + consent=None, + extensions=None, sign=None, sigalg=None, digest_alg=None, response_binding=saml2.BINDING_HTTP_POST, **kwargs, ): - """ Makes all necessary preparations for an authentication request. + """Makes all necessary preparations for an authentication request. :param entityid: The entity ID of the IdP to send the request to :param relay_state: To where the user should be returned after @@ -85,11 +86,7 @@ def prepare_for_authenticate( ) if negotiated_binding != binding: - raise ValueError( - "Negotiated binding '{}' does not match binding to use '{}'".format( - negotiated_binding, binding - ) - ) + raise ValueError(f"Negotiated binding '{negotiated_binding}' does not match binding to use '{binding}'") return reqid, info @@ -109,7 +106,7 @@ def prepare_for_negotiated_authenticate( digest_alg=None, **kwargs, ): - """ Makes all necessary preparations for an authentication request + """Makes all necessary preparations for an authentication request that negotiates which binding to use for authentication. :param entityid: The entity ID of the IdP to send the request to @@ -128,11 +125,7 @@ def prepare_for_negotiated_authenticate( """ expected_binding = binding - bindings_to_try = ( - [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST] - if not expected_binding - else [expected_binding] - ) + bindings_to_try = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST] if not expected_binding else [expected_binding] binding_destinations = [] unsupported_bindings = [] @@ -145,14 +138,14 @@ def prepare_for_negotiated_authenticate( binding_destinations.append((binding, destination)) for binding, destination in binding_destinations: - logger.info("destination to provider: %s", destination) + logger.debug("destination to provider: %s", destination) # XXX - sign_post will embed the signature to the xml doc # XXX ^through self.create_authn_request(...) # XXX - sign_redirect will add the signature to the query params # XXX ^through self.apply_binding(...) - sign_redirect = sign and binding == BINDING_HTTP_REDIRECT - sign_post = sign and not sign_redirect + sign_redirect = sign if binding == BINDING_HTTP_REDIRECT else False + sign_post = sign if binding != BINDING_HTTP_REDIRECT else False reqid, request = self.create_authn_request( destination=destination, @@ -169,7 +162,7 @@ def prepare_for_negotiated_authenticate( ) _req_str = str(request) - logger.info("AuthNReq: %s", _req_str) + logger.debug("AuthNReq: %s", _req_str) http_info = self.apply_binding( binding, @@ -198,7 +191,7 @@ def global_logout( sign_alg=None, digest_alg=None, ): - """ More or less a layer of indirection :-/ + """More or less a layer of indirection :-/ Bootstrapping the whole thing by finding all the IdPs that should be notified. @@ -215,10 +208,10 @@ def global_logout( conversation. """ - if isinstance(name_id, six.string_types): + if isinstance(name_id, str): name_id = decode(name_id) - logger.info("logout request for: %s", name_id) + logger.debug("logout request for: %s", name_id) # find out which IdPs/AAs I should notify entity_ids = self.users.issuers_of_info(name_id) @@ -271,13 +264,9 @@ def do_logout( for entity_id in entity_ids: logger.debug("Logout from '%s'", entity_id) - bindings_slo_supported = self.metadata.single_logout_service( - entity_id=entity_id, typ="idpsso" - ) + bindings_slo_supported = self.metadata.single_logout_service(entity_id=entity_id, typ="idpsso") bindings_slo_preferred_and_supported = ( - binding - for binding in bindings_slo_preferred - if binding in bindings_slo_supported + binding for binding in bindings_slo_preferred if binding in bindings_slo_supported ) bindings_slo_choices = filter( lambda x: x, @@ -285,7 +274,7 @@ def do_logout( expected_binding, *bindings_slo_preferred_and_supported, *bindings_slo_supported, - ) + ), ) binding = next(bindings_slo_choices, None) if not binding: @@ -311,7 +300,7 @@ def do_logout( try: session_info = self.users.get_info_from(name_id, entity_id, False) - session_index = session_info.get('session_index') + session_index = session_info.get("session_index") session_indexes = [session_index] if session_index else None except KeyError: session_indexes = None @@ -386,12 +375,12 @@ def do_logout( if not_done: # upstream should try later - raise LogoutError("%s" % (entity_ids,)) + raise LogoutError(f"{entity_ids}") return responses def local_logout(self, name_id): - """ Remove the user from the cache, equals local logout + """Remove the user from the cache, equals local logout :param name_id: The identifier of the subject """ @@ -399,7 +388,7 @@ def local_logout(self, name_id): return True def is_logged_in(self, name_id): - """ Check if user is in the cache + """Check if user is in the cache :param name_id: The identifier of the subject """ @@ -407,18 +396,18 @@ def is_logged_in(self, name_id): return bool(identity) def handle_logout_response(self, response, sign_alg=None, digest_alg=None): - """ handles a Logout response + """handles a Logout response :param response: A response.Response instance :return: 4-tuple of (session_id of the last sent logout request, response message, response headers and message) """ - logger.info("state: %s", self.state) + logger.debug("state: %s", self.state) status = self.state[response.in_response_to] - logger.info("status: %s", status) + logger.debug("status: %s", status) issuer = response.issuer() - logger.info("issuer: %s", issuer) + logger.debug("issuer: %s", issuer) del self.state[response.in_response_to] if status["entity_ids"] == [issuer]: # done self.local_logout(decode(status["name_id"])) @@ -438,8 +427,8 @@ def handle_logout_response(self, response, sign_alg=None, digest_alg=None): ) def _use_soap(self, destination, query_type, **kwargs): - _create_func = getattr(self, "create_%s" % query_type) - _response_func = getattr(self, "parse_%s_response" % query_type) + _create_func = getattr(self, f"create_{query_type}") + _response_func = getattr(self, f"parse_{query_type}_response") try: response_args = kwargs["response_args"] del kwargs["response_args"] @@ -456,77 +445,89 @@ def _use_soap(self, destination, query_type, **kwargs): else: response_args["binding"] = BINDING_SOAP - logger.info("Verifying response") + logger.debug("Verifying response") if response_args: response = _response_func(response.content, **response_args) else: response = _response_func(response.content) else: - raise HTTPError("%d:%s" % (response.status_code, response.error)) + raise HTTPError(f"{int(response.status_code)}:{response.error}") if response: # not_done.remove(entity_id) - logger.info("OK response from %s", destination) + logger.debug("OK response from %s", destination) return response else: - logger.info("NOT OK response from %s", destination) + logger.debug("NOT OK response from %s", destination) return None # noinspection PyUnusedLocal - def do_authz_decision_query(self, entity_id, action, - subject_id, nameid_format, - evidence=None, resource=None, - sp_name_qualifier=None, - name_qualifier=None, - consent=None, extensions=None, sign=False): + def do_authz_decision_query( + self, + entity_id, + action, + subject_id, + nameid_format, + evidence=None, + resource=None, + sp_name_qualifier=None, + name_qualifier=None, + consent=None, + extensions=None, + sign=False, + ): subject = saml.Subject( - name_id=saml.NameID(text=subject_id, format=nameid_format, - sp_name_qualifier=sp_name_qualifier, - name_qualifier=name_qualifier)) + name_id=saml.NameID( + text=subject_id, + format=nameid_format, + sp_name_qualifier=sp_name_qualifier, + name_qualifier=name_qualifier, + ) + ) srvs = self.metadata.authz_service(entity_id, BINDING_SOAP) for dest in locations(srvs): - resp = self._use_soap(dest, "authz_decision_query", - action=action, evidence=evidence, - resource=resource, subject=subject) + resp = self._use_soap( + dest, "authz_decision_query", action=action, evidence=evidence, resource=resource, subject=subject + ) if resp: return resp return None - def do_assertion_id_request(self, assertion_ids, entity_id, - consent=None, extensions=None, sign=False): + def do_assertion_id_request(self, assertion_ids, entity_id, consent=None, extensions=None, sign=False): - srvs = self.metadata.assertion_id_request_service(entity_id, - BINDING_SOAP) + srvs = self.metadata.assertion_id_request_service(entity_id, BINDING_SOAP) if not srvs: - raise NoServiceDefined("%s: %s" % (entity_id, - "assertion_id_request_service")) + raise NoServiceDefined(f"{entity_id}: assertion_id_request_service") - if isinstance(assertion_ids, six.string_types): + if isinstance(assertion_ids, str): assertion_ids = [assertion_ids] _id_refs = [AssertionIDRef(_id) for _id in assertion_ids] for destination in locations(srvs): - res = self._use_soap(destination, "assertion_id_request", - assertion_id_refs=_id_refs, consent=consent, - extensions=extensions, sign=sign) + res = self._use_soap( + destination, + "assertion_id_request", + assertion_id_refs=_id_refs, + consent=consent, + extensions=extensions, + sign=sign, + ) if res: return res return None - def do_authn_query(self, entity_id, - consent=None, extensions=None, sign=False): + def do_authn_query(self, entity_id, consent=None, extensions=None, sign=False): srvs = self.metadata.authn_request_service(entity_id, BINDING_SOAP) for destination in locations(srvs): - resp = self._use_soap(destination, "authn_query", consent=consent, - extensions=extensions, sign=sign) + resp = self._use_soap(destination, "authn_query", consent=consent, extensions=extensions, sign=sign) if resp: return resp @@ -549,7 +550,7 @@ def do_attribute_query( sign_alg=None, digest_alg=None, ): - """ Does a attribute request to an attribute authority, this is + """Does a attribute request to an attribute authority, this is by default done over SOAP. :param entityid: To whom the query should be sent @@ -670,7 +671,7 @@ def handle_logout_request( 'method': "POST } """ - logger.info("logout request: %s", request) + logger.debug("logout request: %s", request) _req = self.parse_logout_request( xmlstr=request, @@ -685,40 +686,49 @@ def handle_logout_request( if self.local_logout(name_id): status = success_status_factory() else: - status = status_message_factory("Server error", - STATUS_REQUEST_DENIED) + status = status_message_factory("Server error", STATUS_REQUEST_DENIED) except KeyError: - status = status_message_factory("Server error", - STATUS_REQUEST_DENIED) + status = status_message_factory("Server error", STATUS_REQUEST_DENIED) else: - status = status_message_factory("Wrong user", - STATUS_UNKNOWN_PRINCIPAL) + status = status_message_factory("Wrong user", STATUS_UNKNOWN_PRINCIPAL) response_bindings = { BINDING_SOAP: [BINDING_SOAP], BINDING_HTTP_POST: [BINDING_HTTP_POST, BINDING_HTTP_REDIRECT], BINDING_HTTP_REDIRECT: [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST], - }.get(binding) + }.get(binding, []) - if sign is None: - sign = self.logout_responses_signed + for response_binding in response_bindings: + sign = sign if sign is not None else self.logout_responses_signed + sign_redirect = sign and response_binding == BINDING_HTTP_REDIRECT + sign_post = sign and not sign_redirect - response = self.create_logout_response( - _req.message, - bindings=response_bindings, - status=status, - sign=sign, - sign_alg=sign_alg, - digest_alg=digest_alg, - ) - rinfo = self.response_args(_req.message, response_bindings) - - return self.apply_binding( - rinfo["binding"], - response, - rinfo["destination"], - relay_state, - response=True, - sign=sign, - sigalg=sign_alg, - ) + try: + response = self.create_logout_response( + _req.message, + bindings=[response_binding], + status=status, + sign=sign_post, + sign_alg=sign_alg, + digest_alg=digest_alg, + ) + rinfo = self.response_args(_req.message, [response_binding]) + + return self.apply_binding( + rinfo["binding"], + response, + rinfo["destination"], + relay_state, + response=True, + sign=sign_redirect, + sigalg=sign_alg, + ) + except Exception: + continue + + log_ctx = { + "message": "No supported bindings found to create LogoutResponse", + "issuer": _req.issuer.text, + "response_bindings": response_bindings, + } + raise SAMLError(log_ctx) diff --git a/src/saml2/client_base.py b/src/saml2/client_base.py index cf88dee9c..d5e797d76 100644 --- a/src/saml2/client_base.py +++ b/src/saml2/client_base.py @@ -1,65 +1,57 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """Contains classes and functions that a SAML2.0 Service Provider (SP) may use to conclude its tasks. """ +import logging import threading -import six import time -import logging from typing import Mapping +from urllib.parse import parse_qs +from urllib.parse import urlencode +from urllib.parse import urlparse from warnings import warn as _warn +import saml2 +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_PAOS +from saml2 import BINDING_SOAP +from saml2 import SAMLError +from saml2 import saml +from saml2 import samlp +from saml2 import soap from saml2.entity import Entity - +from saml2.extension import sp_type +from saml2.extension.requested_attributes import RequestedAttribute +from saml2.extension.requested_attributes import RequestedAttributes from saml2.mdstore import locations -from saml2.profile import paos, ecp +from saml2.population import Population +from saml2.profile import ecp +from saml2.profile import paos +from saml2.response import AssertionIDResponse +from saml2.response import AttributeResponse +from saml2.response import AuthnQueryResponse +from saml2.response import AuthnResponse +from saml2.response import AuthzResponse +from saml2.response import NameIDMappingResponse +from saml2.response import StatusError +from saml2.s_utils import UnravelError +from saml2.s_utils import do_attributes +from saml2.s_utils import signature from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAMEID_FORMAT_TRANSIENT from saml2.saml import AuthnContextClassRef -from saml2.samlp import AuthnQuery -from saml2.samlp import RequestedAuthnContext -from saml2.samlp import NameIDMappingRequest from saml2.samlp import AttributeQuery -from saml2.samlp import AuthzDecisionQuery +from saml2.samlp import AuthnQuery from saml2.samlp import AuthnRequest +from saml2.samlp import AuthzDecisionQuery from saml2.samlp import Extensions -from saml2.extension import sp_type -from saml2.extension.requested_attributes import RequestedAttribute -from saml2.extension.requested_attributes import RequestedAttributes - -import saml2 +from saml2.samlp import NameIDMappingRequest +from saml2.samlp import RequestedAuthnContext from saml2.soap import make_soap_enveloped_saml_thingy -from six.moves.urllib.parse import parse_qs -from six.moves.urllib.parse import urlencode -from six.moves.urllib.parse import urlparse - -from saml2.s_utils import signature -from saml2.s_utils import UnravelError -from saml2.s_utils import do_attributes - -from saml2 import samlp, BINDING_SOAP, SAMLError -from saml2 import saml -from saml2 import soap -from saml2.population import Population - -from saml2.response import AttributeResponse, StatusError -from saml2.response import AuthzResponse -from saml2.response import AssertionIDResponse -from saml2.response import AuthnQueryResponse -from saml2.response import NameIDMappingResponse -from saml2.response import AuthnResponse - -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_PAOS - -from saml2.xmldsig import SIG_ALLOWED_ALG -from saml2.xmldsig import DIGEST_ALLOWED_ALG - logger = logging.getLogger(__name__) @@ -101,10 +93,10 @@ class NoServiceDefined(SAMLError): def create_requested_attribute_node(requested_attrs, attribute_converters): items = [] for attr in requested_attrs: - friendly_name = attr.get('friendly_name') - name = attr.get('name') - name_format = attr.get('name_format') - is_required = str(attr.get('required', False)).lower() + friendly_name = attr.get("friendly_name") + name = attr.get("name") + name_format = attr.get("name_format") + is_required = str(attr.get("required", False)).lower() if not name and not friendly_name: raise ValueError("Missing required attribute: 'name' or 'friendly_name'") @@ -145,10 +137,11 @@ def create_requested_attribute_node(requested_attrs, attribute_converters): class Base(Entity): - """ The basic pySAML2 service provider class """ + """The basic pySAML2 service provider class""" - def __init__(self, config=None, identity_cache=None, state_cache=None, - virtual_organization="", config_file="", msg_cb=None): + def __init__( + self, config=None, identity_cache=None, state_cache=None, virtual_organization="", config_file="", msg_cb=None + ): """ :param config: A saml2.config.Config instance :param identity_cache: Where the class should store identity information @@ -156,8 +149,7 @@ def __init__(self, config=None, identity_cache=None, state_cache=None, :param virtual_organization: A specific virtual organization """ - Entity.__init__(self, "sp", config, config_file, virtual_organization, - msg_cb=msg_cb) + Entity.__init__(self, "sp", config, config_file, virtual_organization, msg_cb=msg_cb) self.users = Population(identity_cache) self.lock = threading.Lock() @@ -178,12 +170,8 @@ def __init__(self, config=None, identity_cache=None, state_cache=None, } for attr, val_default in attribute_defaults.items(): val_config = self.config.getattr(attr, "sp") - val = ( - val_config - if val_config is not None - else val_default - ) - if val == 'true': + val = val_config if val_config is not None else val_default + if val == "true": val = True setattr(self, attr, val) @@ -232,7 +220,7 @@ def _sso_location(self, entityid=None, binding=BINDING_HTTP_REDIRECT): # IdP in the configuration raise exception eids = self.metadata.with_descriptor("idpsso") if len(eids) > 1: - raise IdpUnspecified("Too many IdPs to choose from: %s" % eids) + raise IdpUnspecified(f"Too many IdPs to choose from: {eids}") try: srvs = self.metadata.single_sign_on_service(list(eids.keys())[0], binding) @@ -252,7 +240,7 @@ def _my_name(self): # def add_vo_information_about_user(self, name_id): - """ Add information to the knowledge I have about the user. This is + """Add information to the knowledge I have about the user. This is for Virtual organizations. :param name_id: The subject identifier @@ -275,8 +263,7 @@ def add_vo_information_about_user(self, name_id): # noinspection PyUnusedLocal @staticmethod def is_session_valid(_session_id): - """ Place holder. Supposed to check if the session is still valid. - """ + """Place holder. Supposed to check if the session is still valid.""" return True def service_urls(self, binding=BINDING_HTTP_POST): @@ -306,7 +293,7 @@ def create_authn_request( requested_attributes=None, **kwargs, ): - """ Creates an authentication request. + """Creates an authentication request. :param destination: Where the request should be sent. :param vorg: The virtual organization the service belongs to. @@ -338,10 +325,9 @@ def create_authn_request( # AssertionConsumerServiceURL # AssertionConsumerServiceIndex - hide_assertion_consumer_service = self.config.getattr('hide_assertion_consumer_service', 'sp') - assertion_consumer_service_url = ( - kwargs.pop("assertion_consumer_service_urls", [None])[0] - or kwargs.pop("assertion_consumer_service_url", None) + hide_assertion_consumer_service = self.config.getattr("hide_assertion_consumer_service", "sp") + assertion_consumer_service_url = kwargs.pop("assertion_consumer_service_urls", [None])[0] or kwargs.pop( + "assertion_consumer_service_url", None ) assertion_consumer_service_index = kwargs.pop("assertion_consumer_service_index", None) service_url = (self.service_urls(service_url_binding or binding) or [None])[0] @@ -362,33 +348,26 @@ def create_authn_request( args["provider_name"] = provider_name requested_authn_context = ( - kwargs.pop("requested_authn_context", None) - or self.config.getattr("requested_authn_context", "sp") - or {} + kwargs.pop("requested_authn_context", None) or self.config.getattr("requested_authn_context", "sp") or {} ) if isinstance(requested_authn_context, RequestedAuthnContext): args["requested_authn_context"] = requested_authn_context elif isinstance(requested_authn_context, Mapping): - requested_authn_context_accrs = requested_authn_context.get( - "authn_context_class_ref", [] - ) - requested_authn_context_comparison = requested_authn_context.get( - "comparison", "exact" - ) + requested_authn_context_accrs = requested_authn_context.get("authn_context_class_ref", []) + requested_authn_context_comparison = requested_authn_context.get("comparison", "exact") if requested_authn_context_accrs: args["requested_authn_context"] = RequestedAuthnContext( - authn_context_class_ref=[ - AuthnContextClassRef(accr) - for accr in requested_authn_context_accrs - ], + authn_context_class_ref=[AuthnContextClassRef(accr) for accr in requested_authn_context_accrs], comparison=requested_authn_context_comparison, ) else: - logger.warning({ - "message": "Cannot process requested_authn_context", - "requested_authn_context": requested_authn_context, - "type_of_requested_authn_context": type(requested_authn_context), - }) + logger.warning( + { + "message": "Cannot process requested_authn_context", + "requested_authn_context": requested_authn_context, + "type_of_requested_authn_context": type(requested_authn_context), + } + ) # Allow argument values either as class instances or as dictionaries # all of these have cardinality 0..1 @@ -401,15 +380,11 @@ def create_authn_request( if isinstance(_item, _msg.child_class(param)): args[param] = _item else: - raise ValueError("Wrong type for param {name}".format(name=param)) + raise ValueError(f"Wrong type for param {param}") # NameIDPolicy nameid_policy_format_config = self.config.getattr("name_id_policy_format", "sp") - nameid_policy_format = ( - nameid_format - or nameid_policy_format_config - or None - ) + nameid_policy_format = nameid_format or nameid_policy_format_config or None allow_create_config = self.config.getattr("name_id_format_allow_create", "sp") allow_create = ( @@ -426,9 +401,7 @@ def create_authn_request( if "name_id_policy" in kwargs else None if not nameid_policy_format - else samlp.NameIDPolicy( - allow_create=allow_create, format=nameid_policy_format - ) + else samlp.NameIDPolicy(allow_create=allow_create, format=nameid_policy_format) ) if name_id_policy and vorg: @@ -438,8 +411,8 @@ def create_authn_request( args["name_id_policy"] = name_id_policy # eIDAS SPType - conf_sp_type = self.config.getattr('sp_type', 'sp') - conf_sp_type_in_md = self.config.getattr('sp_type_in_metadata', 'sp') + conf_sp_type = self.config.getattr("sp_type", "sp") + conf_sp_type_in_md = self.config.getattr("sp_type_in_metadata", "sp") if conf_sp_type and conf_sp_type_in_md is False: if not extensions: extensions = Extensions() @@ -447,35 +420,27 @@ def create_authn_request( extensions.add_extension_element(item) # eIDAS RequestedAttributes - requested_attrs = ( - requested_attributes - or self.config.getattr('requested_attributes', 'sp') - or [] - ) + requested_attrs = requested_attributes or self.config.getattr("requested_attributes", "sp") or [] if requested_attrs: - req_attrs_node = create_requested_attribute_node( - requested_attrs, self.config.attribute_converters - ) + req_attrs_node = create_requested_attribute_node(requested_attrs, self.config.attribute_converters) if not extensions: extensions = Extensions() extensions.add_extension_element(req_attrs_node) # ForceAuthn - force_authn = str( - kwargs.pop("force_authn", None) - or self.config.getattr("force_authn", "sp") - ).lower() in ["true", "1"] + force_authn = str(kwargs.pop("force_authn", None) or self.config.getattr("force_authn", "sp")).lower() in [ + "true", + "1", + ] if force_authn: kwargs["force_authn"] = "true" if kwargs: - _args, extensions = self._filter_args( - AuthnRequest(), extensions, **kwargs - ) + _args, extensions = self._filter_args(AuthnRequest(), extensions, **kwargs) args.update(_args) args.pop("id", None) - client_crt = kwargs.get("client_crt") + # client_crt = kwargs.get("client_crt") nsprefix = kwargs.get("nsprefix") msg = self._message( @@ -511,7 +476,7 @@ def create_attribute_query( digest_alg=None, **kwargs, ): - """ Constructs an AttributeQuery + """Constructs an AttributeQuery :param destination: To whom the query should be sent :param name_id: The identifier of the subject @@ -538,15 +503,14 @@ def create_attribute_query( if name_id is None: if "subject_id" in kwargs: name_id = saml.NameID(text=kwargs["subject_id"]) - for key in ["sp_name_qualifier", "name_qualifier", - "format"]: + for key in ["sp_name_qualifier", "name_qualifier", "format"]: try: setattr(name_id, key, kwargs[key]) except KeyError: pass else: raise AttributeError("Missing required parameter") - elif isinstance(name_id, six.string_types): + elif isinstance(name_id, str): name_id = saml.NameID(text=name_id) for key in ["sp_name_qualifier", "name_qualifier", "format"]: try: @@ -598,7 +562,7 @@ def create_authz_decision_query( digest_alg=None, **kwargs, ): - """ Creates an authz decision query. + """Creates an authz decision query. :param destination: The IdP endpoint :param action: The action you want to perform (has to be at least one) @@ -644,7 +608,7 @@ def create_authz_decision_query_using_assertion( digest_alg=None, nsprefix=None, ): - """ Makes an authz decision query based on a previously received + """Makes an authz decision query based on a previously received Assertion. :param destination: The IdP endpoint to send the request to @@ -660,7 +624,7 @@ def create_authz_decision_query_using_assertion( """ if action: - if isinstance(action, six.string_types): + if isinstance(action, str): _action = [saml.Action(text=action)] else: _action = [saml.Action(text=a) for a in action] @@ -690,7 +654,7 @@ def create_assertion_id_request(assertion_id_refs, **kwargs): :return: One ID ref """ - if isinstance(assertion_id_refs, six.string_types): + if isinstance(assertion_id_refs, str): return 0, assertion_id_refs else: return 0, assertion_id_refs[0] @@ -768,22 +732,12 @@ def create_name_id_mapping_request( """ if not name_id and not base_id and not encrypted_id: - raise ValueError( - "At least one of name_id, base_id or encrypted_id must be present." - ) + raise ValueError("At least one of name_id, base_id or encrypted_id must be present.") id_attr = { "name_id": name_id, - "base_id": ( - base_id - if not name_id - else None - ), - "encrypted_id": ( - encrypted_id - if not name_id and not base_id - else None - ), + "base_id": (base_id if not name_id else None), + "encrypted_id": (encrypted_id if not name_id and not base_id else None), } return self._message( @@ -802,10 +756,8 @@ def create_name_id_mapping_request( # ======== response handling =========== - def parse_authn_request_response( - self, xmlstr, binding, outstanding=None, outstanding_certs=None, conv_info=None - ): - """ Deal with an AuthnResponse + def parse_authn_request_response(self, xmlstr, binding, outstanding=None, outstanding_certs=None, conv_info=None): + """Deal with an AuthnResponse :param xmlstr: The reply as a xml string :param binding: Which binding that was used for the transport @@ -817,7 +769,7 @@ def parse_authn_request_response( :return: An response.AuthnResponse or None """ - if not getattr(self.config, 'entityid', None): + if not getattr(self.config, "entityid", None): raise SAMLError("Missing entity_id specification") if not xmlstr: @@ -834,31 +786,25 @@ def parse_authn_request_response( "entity_id": self.config.entityid, "attribute_converters": self.config.attribute_converters, "allow_unknown_attributes": self.config.allow_unknown_attributes, - 'conv_info': conv_info, + "conv_info": conv_info, } try: - resp = self._parse_response( - xmlstr, AuthnResponse, "assertion_consumer_service", binding, **kwargs - ) + resp = self._parse_response(xmlstr, AuthnResponse, "assertion_consumer_service", binding, **kwargs) except StatusError as err: - logger.error("SAML status error: %s", err) + logger.error("SAML status error: %s", str(err)) raise except UnravelError: return None except Exception as err: - logger.error("XML parse error: %s", err) + logger.error("XML parse error: %s", str(err)) raise if not isinstance(resp, AuthnResponse): logger.error("Response type not supported: %s", saml2.class_name(resp)) return None - if ( - resp.assertion - and len(resp.response.encrypted_assertion) == 0 - and resp.assertion.subject.name_id - ): + if resp.assertion and len(resp.response.encrypted_assertion) == 0 and resp.name_id: self.users.add_information_about_person(resp.session_info()) logger.info("--- ADDED person info ----") @@ -869,8 +815,7 @@ def parse_authn_request_response( # AuthzDecisionQuery all get Response as response def parse_authz_decision_query_response(self, response, binding=BINDING_SOAP): - """ Verify that the response is OK - """ + """Verify that the response is OK""" kwargs = { "entity_id": self.config.entityid, "attribute_converters": self.config.attribute_converters, @@ -879,33 +824,24 @@ def parse_authz_decision_query_response(self, response, binding=BINDING_SOAP): return self._parse_response(response, AuthzResponse, "", binding, **kwargs) def parse_authn_query_response(self, response, binding=BINDING_SOAP): - """ Verify that the response is OK - """ - kwargs = {"entity_id": self.config.entityid, - "attribute_converters": self.config.attribute_converters} + """Verify that the response is OK""" + kwargs = {"entity_id": self.config.entityid, "attribute_converters": self.config.attribute_converters} - return self._parse_response(response, AuthnQueryResponse, "", binding, - **kwargs) + return self._parse_response(response, AuthnQueryResponse, "", binding, **kwargs) def parse_assertion_id_request_response(self, response, binding): - """ Verify that the response is OK - """ - kwargs = {"entity_id": self.config.entityid, - "attribute_converters": self.config.attribute_converters} + """Verify that the response is OK""" + kwargs = {"entity_id": self.config.entityid, "attribute_converters": self.config.attribute_converters} - res = self._parse_response(response, AssertionIDResponse, "", binding, - **kwargs) + res = self._parse_response(response, AssertionIDResponse, "", binding, **kwargs) return res # ------------------------------------------------------------------------ def parse_attribute_query_response(self, response, binding): - kwargs = {"entity_id": self.config.entityid, - "attribute_converters": self.config.attribute_converters} + kwargs = {"entity_id": self.config.entityid, "attribute_converters": self.config.attribute_converters} - return self._parse_response(response, AttributeResponse, - "attribute_consuming_service", binding, - **kwargs) + return self._parse_response(response, AttributeResponse, "attribute_consuming_service", binding, **kwargs) def parse_name_id_mapping_request_response(self, txt, binding=BINDING_SOAP): """ @@ -929,7 +865,7 @@ def create_ecp_authn_request( digest_alg=None, **kwargs, ): - """ Makes an authentication request. + """Makes an authentication request. :param entityid: The entity ID of the IdP to send the request to :param relay_state: A token that can be used by the SP to know @@ -983,9 +919,7 @@ def create_ecp_authn_request( # The IDP publishes support for ECP by using the SOAP binding on # SingleSignOnService - _, location = self.pick_binding( - "single_sign_on_service", [_binding], entity_id=entityid - ) + _, location = self.pick_binding("single_sign_on_service", [_binding], entity_id=entityid) req_id, authn_req = self.create_authn_request( location, service_url_binding=BINDING_PAOS, @@ -999,26 +933,19 @@ def create_ecp_authn_request( # The SOAP envelope # ---------------------------------------- - soap_envelope = make_soap_enveloped_saml_thingy( - authn_req, [paos_request, relay_state] - ) + soap_envelope = make_soap_enveloped_saml_thingy(authn_req, [paos_request, relay_state]) return req_id, str(soap_envelope) def parse_ecp_authn_response(self, txt, outstanding=None): - rdict = soap.class_instances_from_soap_enveloped_saml_thingies(txt, - [paos, - ecp, - samlp]) + rdict = soap.class_instances_from_soap_enveloped_saml_thingies(txt, [paos, ecp, samlp]) _relay_state = None for item in rdict["header"]: - if item.c_tag == "RelayState" and \ - item.c_namespace == ecp.NAMESPACE: + if item.c_tag == "RelayState" and item.c_namespace == ecp.NAMESPACE: _relay_state = item - response = self.parse_authn_request_response(rdict["body"], - BINDING_PAOS, outstanding) + response = self.parse_authn_request_response(rdict["body"], BINDING_PAOS, outstanding) return response, _relay_state @@ -1067,25 +994,18 @@ def create_discovery_service_request(url, entity_id, **kwargs): "policy": kwargs.get("policy"), "returnIDParam": kwargs.get("returnIDParam"), "return": kwargs.get("return_url") or kwargs.get("return"), - "isPassive": ( - None - if "isPassive" not in kwargs.keys() - else "true" - if kwargs.get("isPassive") - else "false" - ), + "isPassive": (None if "isPassive" not in kwargs.keys() else "true" if kwargs.get("isPassive") else "false"), } params = urlencode({k: v for k, v in args.items() if v}) # url can already contain some parameters - if '?' in url: - return "%s&%s" % (url, params) + if "?" in url: + return f"{url}&{params}" else: - return "%s?%s" % (url, params) + return f"{url}?{params}" @staticmethod - def parse_discovery_service_response(url="", query="", - returnIDParam="entityID"): + def parse_discovery_service_response(url="", query="", returnIDParam="entityID"): """ Deal with the response url from a Discovery Service diff --git a/src/saml2/config.py b/src/saml2/config.py index 357dc6b86..d8862110b 100644 --- a/src/saml2/config.py +++ b/src/saml2/config.py @@ -1,11 +1,11 @@ import copy import importlib import logging +from logging.config import dictConfig as configure_logging_by_dict import logging.handlers import os import re import sys -from logging.config import dictConfig as configure_logging_by_dict from warnings import warn as _warn from saml2 import BINDING_HTTP_ARTIFACT @@ -14,9 +14,8 @@ from saml2 import BINDING_SOAP from saml2 import BINDING_URI from saml2 import SAMLError - -from saml2.attribute_converter import ac_factory from saml2.assertion import Policy +from saml2.attribute_converter import ac_factory from saml2.mdstore import MetadataStore from saml2.saml import NAME_FORMAT_URI from saml2.virtual_org import VirtualOrg @@ -24,7 +23,7 @@ logger = logging.getLogger(__name__) -__author__ = 'rolandh' +__author__ = "rolandh" COMMON_ARGS = [ @@ -76,6 +75,7 @@ "name_id_format", "signing_algorithm", "digest_algorithm", + "http_client_timeout", ] SP_ARGS = [ @@ -120,6 +120,7 @@ "domain", "name_qualifier", "edu_person_targeted_id", + "error_url", ] PDP_ARGS = ["endpoints", "name_form", "name_id_format"] @@ -132,12 +133,12 @@ ALL = set(COMMON_ARGS + SP_ARGS + AA_IDP_ARGS + PDP_ARGS + COMPLEX_ARGS + AA_ARGS) SPEC = { - "": COMMON_ARGS + COMPLEX_ARGS, - "sp": COMMON_ARGS + COMPLEX_ARGS + SP_ARGS, + "": COMMON_ARGS + COMPLEX_ARGS, + "sp": COMMON_ARGS + COMPLEX_ARGS + SP_ARGS, "idp": COMMON_ARGS + COMPLEX_ARGS + AA_IDP_ARGS, - "aa": COMMON_ARGS + COMPLEX_ARGS + AA_IDP_ARGS + AA_ARGS, + "aa": COMMON_ARGS + COMPLEX_ARGS + AA_IDP_ARGS + AA_ARGS, "pdp": COMMON_ARGS + COMPLEX_ARGS + PDP_ARGS, - "aq": COMMON_ARGS + COMPLEX_ARGS + AQ_ARGS, + "aq": COMMON_ARGS + COMPLEX_ARGS + AQ_ARGS, } _RPA = [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST, BINDING_HTTP_ARTIFACT] @@ -155,7 +156,7 @@ "authz_service": [BINDING_SOAP], "assertion_id_request_service": [BINDING_URI], "artifact_resolution_service": [BINDING_SOAP], - "attribute_consuming_service": _RPA + "attribute_consuming_service": _RPA, } @@ -163,7 +164,7 @@ class ConfigurationError(SAMLError): pass -class Config(object): +class Config: def_context = "" def __init__(self, homedir="."): @@ -177,7 +178,7 @@ def __init__(self, homedir="."): self.cert_file = None self.encryption_keypairs = None self.additional_cert_files = None - self.metadata_key_usage = 'both' + self.metadata_key_usage = "both" self.secret = None self.accepted_time_diff = None self.name = None @@ -209,7 +210,7 @@ def __init__(self, homedir="."): self.entity_attributes = [] self.entity_category = [] self.entity_category_support = [] - self.crypto_backend = 'xmlsec1' + self.crypto_backend = "xmlsec1" self.scope = "" self.allow_unknown_attributes = False self.extension_schema = {} @@ -228,12 +229,13 @@ def __init__(self, homedir="."): self.delete_tmpfiles = True self.signing_algorithm = None self.digest_algorithm = None + self.http_client_timeout = None def setattr(self, context, attr, val): if context == "": setattr(self, attr, val) else: - setattr(self, "_%s_%s" % (context, attr), val) + setattr(self, f"_{context}_{attr}", val) def getattr(self, attr, context=None): if context is None: @@ -242,7 +244,7 @@ def getattr(self, attr, context=None): if context == "": return getattr(self, attr, None) else: - return getattr(self, "_%s_%s" % (context, attr), None) + return getattr(self, f"_{context}_{attr}", None) def load_special(self, cnf, typ): for arg in SPEC[typ]: @@ -276,7 +278,7 @@ def load_complex(self, cnf): self.setattr(srv, "policy", Policy(policy_conf, self.metadata)) def load(self, cnf, metadata_construction=None): - """ The base load method, loads the configuration + """The base load method, loads the configuration :param cnf: The configuration as a dictionary :return: The Configuration instance @@ -365,7 +367,7 @@ def load_file(self, config_filename, metadata_construction=None): return self.load(copy.deepcopy(mod.CONFIG)) def load_metadata(self, metadata_conf): - """ Loads metadata into an internal structure """ + """Loads metadata into an internal structure""" acs = self.attribute_converters if acs is None: @@ -381,15 +383,17 @@ def load_metadata(self, metadata_conf): disable_validation = False mds = MetadataStore( - acs, self, ca_certs, disable_ssl_certificate_validation=disable_validation + acs, + self, + ca_certs, + disable_ssl_certificate_validation=disable_validation, + http_client_timeout=self.http_client_timeout, ) - mds.imp(metadata_conf) - return mds def endpoint(self, service, binding=None, context=None): - """ Goes through the list of endpoint specifications for the + """Goes through the list of endpoint specifications for the given type of service and returns a list of endpoint that matches the given binding. If no binding is given all endpoints available for that service will be returned. @@ -509,7 +513,7 @@ def config_factory(_type, config): elif isinstance(config, str): conf.load_file(config) else: - raise ValueError('Unknown type of config') + raise ValueError("Unknown type of config") conf.context = _type return conf diff --git a/src/saml2/country_codes.py b/src/saml2/country_codes.py index bf4b60a4d..55271d7b0 100644 --- a/src/saml2/country_codes.py +++ b/src/saml2/country_codes.py @@ -1,5 +1,4 @@ #!/usr/bin/env python -# This Python file uses the following encoding: utf-8 # ISO 3166-1 country names and codes from http://opencountrycodes.appspot.com/python COUNTRIES = ( diff --git a/src/saml2/cryptography/asymmetric.py b/src/saml2/cryptography/asymmetric.py index 8cff93af2..e52a68e2e 100644 --- a/src/saml2/cryptography/asymmetric.py +++ b/src/saml2/cryptography/asymmetric.py @@ -1,15 +1,13 @@ """This module provides methods for asymmetric cryptography.""" -import cryptography.hazmat.backends as _backends import cryptography.hazmat.primitives.asymmetric as _asymmetric import cryptography.hazmat.primitives.hashes as _hashes import cryptography.hazmat.primitives.serialization as _serialization -def load_pem_private_key(data, password): +def load_pem_private_key(data, password=None): """Load RSA PEM certificate.""" - key = _serialization.load_pem_private_key( - data, password, _backends.default_backend()) + key = _serialization.load_pem_private_key(data, password) return key @@ -28,7 +26,7 @@ def key_verify(rsakey, signature, message, digest): try: rsakey.verify(signature, message, padding, digest) - except Exception as e: + except Exception: return False else: return True diff --git a/src/saml2/cryptography/pki.py b/src/saml2/cryptography/pki.py index 8c59fdaf9..6fe4c79d2 100644 --- a/src/saml2/cryptography/pki.py +++ b/src/saml2/cryptography/pki.py @@ -1,9 +1,48 @@ """This module provides methods for PKI operations.""" -import cryptography.hazmat.backends as _backends +from logging import getLogger as get_logger + +from cryptography.hazmat.primitives.serialization import Encoding as _cryptography_encoding import cryptography.x509 as _x509 +logger = get_logger(__name__) + +DEFAULT_CERT_TYPE = "pem" + + def load_pem_x509_certificate(data): """Load X.509 PEM certificate.""" - return _x509.load_pem_x509_certificate(data, _backends.default_backend()) + return _x509.load_pem_x509_certificate(data) + + +def load_der_x509_certificate(data): + """Load X.509 DER certificate.""" + return _x509.load_der_x509_certificate(data) + + +def load_x509_certificate(data, cert_type="pem"): + cert_reader = _x509_loaders.get(cert_type) + + if not cert_reader: + cert_reader = _x509_loaders.get("pem") + context = { + "message": "Unknown cert_type, falling back to default", + "cert_type": cert_type, + "default": DEFAULT_CERT_TYPE, + } + logger.warning(context) + + cert = cert_reader(data) + return cert + + +def get_public_bytes_from_cert(cert): + data = cert.public_bytes(_cryptography_encoding.PEM).decode() + return data + + +_x509_loaders = { + "pem": load_pem_x509_certificate, + "der": load_der_x509_certificate, +} diff --git a/src/saml2/cryptography/symmetric.py b/src/saml2/cryptography/symmetric.py index ff73641e2..ea4565b8a 100644 --- a/src/saml2/cryptography/symmetric.py +++ b/src/saml2/cryptography/symmetric.py @@ -5,12 +5,11 @@ """ import base64 as _base64 -import os as _os import logging +import os as _os from warnings import warn as _warn import cryptography.fernet as _fernet -import cryptography.hazmat.backends as _backends import cryptography.hazmat.primitives.ciphers as _ciphers from .errors import SymmetricCryptographyError @@ -19,7 +18,7 @@ logger = logging.getLogger(__name__) -class Fernet(object): +class Fernet: """The default symmetric cryptography method.""" @staticmethod @@ -37,9 +36,7 @@ def __init__(self, key=None): :param key: byte data representing the encyption/decryption key """ if key: - fernet_key_error = SymmetricCryptographyError( - "Fernet key must be 32 url-safe base64-encoded bytes." - ) + fernet_key_error = SymmetricCryptographyError("Fernet key must be 32 url-safe base64-encoded bytes.") try: raw_key = _base64.b64decode(key) except Exception as e: @@ -100,15 +97,15 @@ def build_cipher(self, *args, **kwargs): _warn(_deprecation_msg, DeprecationWarning) -class AESCipher(object): +class AESCipher: """[deprecated] Symmetric cryptography method using AES. The default parameter set is AES 128bit in CBC mode. """ POSTFIX_MODE = { - 'cbc': _ciphers.modes.CBC, - 'cfb': _ciphers.modes.CFB, + "cbc": _ciphers.modes.CBC, + "cfb": _ciphers.modes.CFB, } AES_BLOCK_SIZE = int(_ciphers.algorithms.AES.block_size / 8) @@ -117,11 +114,11 @@ class AESCipher(object): def _deprecation_notice(cls): """Warn about deprecation of this class.""" _deprecation_msg = ( - '{name} {type} is deprecated. ' - 'It will be removed in the next version. ' - 'Use saml2.cryptography.symmetric.Default ' - 'or saml2.cryptography.symmetric.Fernet ' - 'instead.' + "{name} {type} is deprecated. " + "It will be removed in the next version. " + "Use saml2.cryptography.symmetric.Default " + "or saml2.cryptography.symmetric.Fernet " + "instead." ).format(name=cls.__name__, type=type(cls).__name__) logger.warning(_deprecation_msg) _warn(_deprecation_msg, DeprecationWarning) @@ -134,39 +131,35 @@ def __init__(self, key): self.__class__._deprecation_notice() self.key = key - def build_cipher(self, alg='aes_128_cbc'): + def build_cipher(self, alg="aes_128_cbc"): """ :param alg: cipher algorithm :return: A Cipher instance """ self.__class__._deprecation_notice() - typ, bits, cmode = alg.lower().split('_') + typ, bits, cmode = alg.lower().split("_") bits = int(bits) iv = _os.urandom(self.AES_BLOCK_SIZE) if len(iv) != self.AES_BLOCK_SIZE: - raise Exception('Wrong iv size: {}'.format(len(iv))) + raise Exception(f"Wrong iv size: {len(iv)}") if bits not in _ciphers.algorithms.AES.key_sizes: - raise Exception('Unsupported key length: {}'.format(bits)) + raise Exception(f"Unsupported key length: {bits}") if len(self.key) != bits / 8: - raise Exception('Wrong Key length: {}'.format(len(self.key))) + raise Exception(f"Wrong Key length: {len(self.key)}") try: mode = self.POSTFIX_MODE[cmode] except KeyError: - raise Exception('Unsupported chaining mode: {}'.format(cmode)) + raise Exception(f"Unsupported chaining mode: {cmode}") - cipher = _ciphers.Cipher( - _ciphers.algorithms.AES(self.key), - mode(iv), - backend=_backends.default_backend()) + cipher = _ciphers.Cipher(_ciphers.algorithms.AES(self.key), mode(iv)) return cipher, iv - def encrypt(self, msg, alg='aes_128_cbc', padding='PKCS#7', b64enc=True, - block_size=AES_BLOCK_SIZE): + def encrypt(self, msg, alg="aes_128_cbc", padding="PKCS#7", b64enc=True, block_size=AES_BLOCK_SIZE): """ :param key: The encryption key :param msg: Message to be encrypted @@ -176,9 +169,9 @@ def encrypt(self, msg, alg='aes_128_cbc', padding='PKCS#7', b64enc=True, :return: The encrypted message """ self.__class__._deprecation_notice() - if padding == 'PKCS#7': + if padding == "PKCS#7": _block_size = block_size - elif padding == 'PKCS#5': + elif padding == "PKCS#5": _block_size = 8 else: _block_size = 0 @@ -199,7 +192,7 @@ def encrypt(self, msg, alg='aes_128_cbc', padding='PKCS#7', b64enc=True, return enc_msg - def decrypt(self, msg, alg='aes_128_cbc', padding='PKCS#7', b64dec=True): + def decrypt(self, msg, alg="aes_128_cbc", padding="PKCS#7", b64dec=True): """ :param key: The encryption key :param msg: Base64 encoded message to be decrypted @@ -210,9 +203,9 @@ def decrypt(self, msg, alg='aes_128_cbc', padding='PKCS#7', b64dec=True): cipher, iv = self.build_cipher(alg=alg) decryptor = cipher.decryptor() - res = decryptor.update(data)[self.AES_BLOCK_SIZE:] + res = decryptor.update(data)[self.AES_BLOCK_SIZE :] res += decryptor.finalize() - if padding in ['PKCS#5', 'PKCS#7']: + if padding in ["PKCS#5", "PKCS#7"]: idx = bytearray(res)[-1] res = res[:-idx] return res diff --git a/src/saml2/data/schemas/eidas-schema-attribute-legalperson.xsd b/src/saml2/data/schemas/eidas-schema-attribute-legalperson.xsd new file mode 100644 index 000000000..d4d75220e --- /dev/null +++ b/src/saml2/data/schemas/eidas-schema-attribute-legalperson.xsd @@ -0,0 +1,86 @@ + + + + + + + Unique identifier for the legal person as defined by the eIDAS Regulation. + + + + + + Current legal name for the legal person or organisation. + + + + + + + + + + + The address the legal person has registered with the MS authority or operating address if not registered. For a company this should be the registered address within the MS issuing the eID. + + + + + + + + + + + + + + + + The address the legal person has registered with the MS authority or operating address if not registered. For a company this should be the registered address within the MS issuing the eID as a base64 encoded string. + + + + + + VAT - VAT registration number + + + + + + TAX-Ref - tax reference number + + + + + + D-2012/17/EU - the identifier used under Directive 2012/17/EU + + + + + + LEI - Legal Entity Identifier + + + + + + EORI - Economic Operator Registration and Identification + + + + + + SEED - System for Exchange of Excise Data + + + + + + SIC - Standard Industrial Classification + + + + diff --git a/src/saml2/data/schemas/eidas-schema-attribute-naturalperson.xsd b/src/saml2/data/schemas/eidas-schema-attribute-naturalperson.xsd new file mode 100644 index 000000000..c8a2181d0 --- /dev/null +++ b/src/saml2/data/schemas/eidas-schema-attribute-naturalperson.xsd @@ -0,0 +1,88 @@ + + + + + + + Unique identifier for the natural person as defined by the eIDAS Regulation. + + + + + + Current family name of the natural person. + + + + + + + + + + Current given names of the natural person. + + + + + + + + + + Date of Birth for the Natural Person (Based on xsd:date i.e. YYYY-MM-DD format). + + + + + + + Current address of the natural person. + + + + + + + + + + + + + + + + Current address of the natural person as a base64 encoded string. + + + + + + Gender of the natural person. + + + + + + + + + + First name(s) and family name(s) of the natural person at birth. + + + + + + + + + + Place of birth for a natural person. + + + + + + diff --git a/src/saml2/data/schemas/eidas-schema-metadata-servicelist.xsd b/src/saml2/data/schemas/eidas-schema-metadata-servicelist.xsd new file mode 100644 index 000000000..376b01c4e --- /dev/null +++ b/src/saml2/data/schemas/eidas-schema-metadata-servicelist.xsd @@ -0,0 +1,103 @@ + + + + + Document identifier: eidas-metadata-servicelist-1.0 + + + + + The MetadataServiceListType is the root type for representing a metadata service list. It holds scheme information, metadata locations for each member state and optionally distribution point(s). + + + + + + + + + + The version of a metadata service list. + + + + + Issuance time for a metadata service list. + + + + + Time when the next metadata service list will be published. + + + + + The unique ID for a metadata service list. + + + + + + Scheme information about a published metadata service list, where the publisher and territory are included. + + + + + + + + + + Defines the metadata location(s) for a specific member state (territory). + + + + + + + + + + A list of distribution points. URLs from where the metadata service list can be downloaded. + + + + + + + + + + A list of eIDAS endpoints (nodes) for the current location. + + + + + Key material (usually a certificate) that should be used to verify the signature of the downloaded metadata for this metadata location. + + + + + + The URL from where the metadata for the endpoint(s) can be obtained. + + + + + + + Defines a member state "endpoint" (eIDAS node). + + + + The type of endpoint. Currently defined URI:s are: http://eidas.europa.eu/metadata/ept/ProxyService for an eIDAS Proxy Service, and, http://eidas.europa.eu/metadata/ept/Connector for an eIDAS Connector. + + + + + The SAML entityID of the endpoint. For an eIDAS connector this is the entityID for the SP-part of the node, and for an eIDAS Proxy Service this is the entityID for the IdP-part of the node. + + + + + diff --git a/src/saml2/data/schemas/eidas-schema-saml-extensions.xsd b/src/saml2/data/schemas/eidas-schema-saml-extensions.xsd new file mode 100644 index 000000000..794790775 --- /dev/null +++ b/src/saml2/data/schemas/eidas-schema-saml-extensions.xsd @@ -0,0 +1,33 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/saml2/data/schemas/xenc-schema-11.xsd b/src/saml2/data/schemas/xenc-schema-11.xsd new file mode 100644 index 000000000..8d0af5afe --- /dev/null +++ b/src/saml2/data/schemas/xenc-schema-11.xsd @@ -0,0 +1,117 @@ + + + + + + + + +]> + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/src/saml2/discovery.py b/src/saml2/discovery.py index 978caed4b..2f777d017 100644 --- a/src/saml2/discovery.py +++ b/src/saml2/discovery.py @@ -1,9 +1,10 @@ -from six.moves.urllib import parse +from urllib import parse from saml2.entity import Entity from saml2.response import VerificationError -__author__ = 'rolandh' + +__author__ = "rolandh" IDPDISC_POLICY = "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol:single" @@ -24,10 +25,10 @@ def parse_discovery_service_request(self, url="", query=""): # verify - for key in ["isPassive", "return", "returnIDParam", "policy", 'entityID']: + for key in ["isPassive", "return", "returnIDParam", "policy", "entityID"]: try: if len(dsr[key]) != 1: - raise Exception("Invalid DS request keys: {k}".format(k=key)) + raise Exception(f"Invalid DS request keys: {key}") dsr[key] = dsr[key][0] except KeyError: pass @@ -38,9 +39,7 @@ def parse_discovery_service_request(self, url="", query=""): qp = parse.parse_qs(part.query) if "returnIDParam" in dsr: if dsr["returnIDParam"] in qp.keys(): - raise Exception( - "returnIDParam value should not be in the query params" - ) + raise Exception("returnIDParam value should not be in the query params") else: if "entityID" in qp.keys(): raise Exception("entityID should not be in the query params") @@ -53,11 +52,7 @@ def parse_discovery_service_request(self, url="", query=""): is_passive = dsr.get("isPassive") if is_passive not in ["true", "false"]: - raise ValueError( - "Invalid value '{v}' for attribute '{attr}'".format( - v=is_passive, attr="isPassive" - ) - ) + raise ValueError(f"Invalid value '{is_passive}' for attribute 'isPassive'") if "isPassive" in dsr and dsr["isPassive"] == "true": dsr["isPassive"] = True @@ -72,9 +67,7 @@ def parse_discovery_service_request(self, url="", query=""): # ------------------------------------------------------------------------- @staticmethod - def create_discovery_service_response(return_url=None, - returnIDParam="entityID", - entity_id=None, **kwargs): + def create_discovery_service_response(return_url=None, returnIDParam="entityID", entity_id=None, **kwargs): if return_url is None: return_url = kwargs["return"] @@ -84,9 +77,9 @@ def create_discovery_service_response(return_url=None, part = parse.urlparse(return_url) if part.query: # Iff there is a query part add the new info at the end - return_url = "%s&%s" % (return_url, qp) + return_url = f"{return_url}&{qp}" else: - return_url = "%s?%s" % (return_url, qp) + return_url = f"{return_url}?{qp}" return return_url diff --git a/src/saml2/ecp.py b/src/saml2/ecp.py index 8db0afad2..5e1ad0b77 100644 --- a/src/saml2/ecp.py +++ b/src/saml2/ecp.py @@ -1,30 +1,28 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """ Contains classes used in the SAML ECP profile """ import logging -from saml2.client_base import ACTOR, MIME_PAOS -from saml2.ecp_client import SERVICE +from saml2 import BINDING_PAOS +from saml2 import BINDING_SOAP from saml2 import element_to_extension_element +from saml2 import saml from saml2 import samlp from saml2 import soap -from saml2 import BINDING_SOAP, BINDING_PAOS - -from saml2.profile import paos +from saml2.client_base import ACTOR +from saml2.client_base import MIME_PAOS +from saml2.ecp_client import SERVICE from saml2.profile import ecp - -#from saml2.client import Saml2Client -from saml2.server import Server - +from saml2.profile import paos +from saml2.response import authn_response from saml2.schema import soapenv -from saml2.response import authn_response +# from saml2.client import Saml2Client +from saml2.server import Server -from saml2 import saml logger = logging.getLogger(__name__) @@ -32,18 +30,15 @@ def ecp_capable(headers): if MIME_PAOS in headers["Accept"]: if "PAOS" in headers: - if 'ver="%s";"%s"' % (paos.NAMESPACE, - SERVICE) in headers["PAOS"]: + if f'ver="{paos.NAMESPACE}";"{SERVICE}"' in headers["PAOS"]: return True return False -#noinspection PyUnusedLocal -def ecp_auth_request( - cls, entityid=None, relay_state="", sign=None, sign_alg=None, digest_alg=None -): - """ Makes an authentication request. +# noinspection PyUnusedLocal +def ecp_auth_request(cls, entityid=None, relay_state="", sign=None, sign_alg=None, digest_alg=None): + """Makes an authentication request. :param entityid: The entity ID of the IdP to send the request to :param relay_state: To where the user should be returned after @@ -74,7 +69,7 @@ def ecp_auth_request( # # ---------------------------------------- - logger.info("entityid: %s, binding: %s" % (entityid, BINDING_SOAP)) + logger.info(f"entityid: {entityid}, binding: {BINDING_SOAP}") location = cls._sso_location(entityid, binding=BINDING_SOAP) req_id, authn_req = cls.create_authn_request( @@ -93,13 +88,13 @@ def ecp_auth_request( # # ---------------------------------------- -# idp = samlp.IDPEntry( -# provider_id = "https://idp.example.org/entity", -# name = "Example identity provider", -# loc = "https://idp.example.org/saml2/sso", -# ) -# -# idp_list = samlp.IDPList(idp_entry= [idp]) + # idp = samlp.IDPEntry( + # provider_id = "https://idp.example.org/entity", + # name = "Example identity provider", + # loc = "https://idp.example.org/saml2/sso", + # ) + # + # idp_list = samlp.IDPList(idp_entry= [idp]) idp_list = None ecp_request = ecp.Request( @@ -133,20 +128,16 @@ def ecp_auth_request( def handle_ecp_authn_response(cls, soap_message, outstanding=None): - rdict = soap.class_instances_from_soap_enveloped_saml_thingies( - soap_message, [paos, ecp, samlp] - ) + rdict = soap.class_instances_from_soap_enveloped_saml_thingies(soap_message, [paos, ecp, samlp]) _relay_state = None for item in rdict["header"]: if item.c_tag == "RelayState" and item.c_namespace == ecp.NAMESPACE: _relay_state = item - response = authn_response( - cls.config, cls.service_urls(), outstanding, allow_unsolicited=True - ) + response = authn_response(cls.config, cls.service_urls(), outstanding, allow_unsolicited=True) - response.loads("%s" % rdict["body"], False, soap_message) + response.loads(f"{rdict['body']}", False, soap_message) response.verify() cls.users.add_information_about_person(response.session_info()) @@ -172,14 +163,15 @@ def ecp_response(target_url, response): soap_envelope = soapenv.Envelope(header=header, body=body) - return "%s" % soap_envelope + return f"{soap_envelope}" class ECPServer(Server): - """ This deals with what the IdP has to do + """This deals with what the IdP has to do TODO: Still tentative """ + def __init__(self, config_file="", config=None, cache=None): Server.__init__(self, config_file, config, cache) @@ -207,4 +199,4 @@ def ecp_response(self): soap_envelope = soapenv.Envelope(header=header, body=body) - return "%s" % soap_envelope + return str(soap_envelope) diff --git a/src/saml2/ecp_client.py b/src/saml2/ecp_client.py index 94cfe1355..fe0519901 100644 --- a/src/saml2/ecp_client.py +++ b/src/saml2/ecp_client.py @@ -1,5 +1,4 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """ @@ -7,27 +6,27 @@ programs. """ -from six.moves import http_cookiejar as cookielib +from http import cookiejar as cookielib import logging -from saml2 import soap +from saml2 import BINDING_SOAP +from saml2 import SAMLError from saml2 import saml from saml2 import samlp -from saml2 import SAMLError -from saml2 import BINDING_SOAP +from saml2 import soap from saml2.client_base import MIME_PAOS from saml2.config import Config from saml2.entity import Entity -from saml2.httpbase import set_list2dict, dict2set_list - -from saml2.profile import paos -from saml2.profile import ecp - +from saml2.httpbase import dict2set_list +from saml2.httpbase import set_list2dict from saml2.mdstore import MetadataStore +from saml2.profile import ecp +from saml2.profile import paos from saml2.s_utils import BadRequest + SERVICE = "urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" -PAOS_HEADER_INFO = 'ver="%s";"%s"' % (paos.NAMESPACE, SERVICE) +PAOS_HEADER_INFO = f'ver="{paos.NAMESPACE}";"{SERVICE}"' logger = logging.getLogger(__name__) @@ -39,10 +38,21 @@ class Client(Entity): ECP-aware SP and IdP. """ - def __init__(self, user, passwd, sp="", idp=None, metadata_file=None, - xmlsec_binary=None, verbose=0, ca_certs="", - disable_ssl_certificate_validation=True, key_file=None, - cert_file=None, config=None): + def __init__( + self, + user, + passwd, + sp="", + idp=None, + metadata_file=None, + xmlsec_binary=None, + verbose=0, + ca_certs="", + disable_ssl_certificate_validation=True, + key_file=None, + cert_file=None, + config=None, + ): """ :param user: user name :param passwd: user password @@ -63,8 +73,7 @@ def __init__(self, user, passwd, sp="", idp=None, metadata_file=None, """ if not config: config = Config() - config.disable_ssl_certificate_validation = \ - disable_ssl_certificate_validation + config.disable_ssl_certificate_validation = disable_ssl_certificate_validation config.key_file = key_file config.cert_file = cert_file config.ca_certs = ca_certs @@ -78,7 +87,7 @@ def __init__(self, user, passwd, sp="", idp=None, metadata_file=None, self._verbose = verbose if metadata_file: - self._metadata = MetadataStore([saml, samlp], None, config) + self._metadata = MetadataStore([saml, samlp], None, config, http_client_timeout=config.http_client_timeout) self._metadata.load("local", metadata_file) logger.debug("Loaded metadata from '%s'", metadata_file) else: @@ -113,13 +122,9 @@ def phase2( :return: The response from the IdP """ - _, destination = self.pick_binding( - "single_sign_on_service", [BINDING_SOAP], "idpsso", entity_id=idp_entity_id - ) + _, destination = self.pick_binding("single_sign_on_service", [BINDING_SOAP], "idpsso", entity_id=idp_entity_id) - ht_args = self.apply_binding( - BINDING_SOAP, authn_request, destination, sign=sign, sigalg=sign_alg - ) + ht_args = self.apply_binding(BINDING_SOAP, authn_request, destination, sign=sign, sigalg=sign_alg) if headers: ht_args["headers"].extend(headers) @@ -132,11 +137,7 @@ def phase2( logger.debug("[P2] Got IdP response: %s", response) if response.status_code != 200: - raise SAMLError( - "Request to IdP failed ({status}): {text}".format( - status=response.status_code, text=response.text - ) - ) + raise SAMLError(f"Request to IdP failed ({response.status_code}): {response.text}") # SAMLP response in a SOAP envelope body, ecp response in headers respdict = self.parse_soap_message(response.text) @@ -165,8 +166,10 @@ def phase2( _acs_url = _ecp_response.assertion_consumer_service_url if rc_url != _acs_url: - error = ("response_consumer_url '%s' does not match" % rc_url, - "assertion_consumer_service_url '%s" % _acs_url) + error = ( + f"response_consumer_url '{rc_url}' does not match", + f"assertion_consumer_service_url '{_acs_url}", + ) # Send an error message to the SP _ = self.send(rc_url, "POST", data=soap.soap_fault(error)) # Raise an exception so the user knows something went wrong @@ -233,7 +236,7 @@ def ecp_conversation(self, respdict, idp_entity_id=None): # ********************************** ht_args = self.use_soap(idp_response, args["rc_url"], [args["relay_state"]]) - ht_args["headers"][0] = ('Content-Type', MIME_PAOS) + ht_args["headers"][0] = ("Content-Type", MIME_PAOS) logger.debug("[P3] Post to SP: %s", ht_args["data"]) # POST the package from the IdP to the SP @@ -244,7 +247,7 @@ def ecp_conversation(self, respdict, idp_entity_id=None): # url I started off with. pass else: - raise SAMLError("Error POSTing package to SP: %s" % response.text) + raise SAMLError(f"Error POSTing package to SP: {response.text}") logger.debug("[P3] SP response: %s", response.text) @@ -259,17 +262,14 @@ def add_paos_headers(headers=None): headers = set_list2dict(headers) headers["PAOS"] = PAOS_HEADER_INFO if "Accept" in headers: - headers["Accept"] += ";%s" % MIME_PAOS + headers["Accept"] += f";{MIME_PAOS}" elif "accept" in headers: headers["Accept"] = headers["accept"] - headers["Accept"] += ";%s" % MIME_PAOS + headers["Accept"] += f";{MIME_PAOS}" del headers["accept"] headers = dict2set_list(headers) else: - headers = [ - ('Accept', 'text/html; %s' % MIME_PAOS), - ('PAOS', PAOS_HEADER_INFO) - ] + headers = [("Accept", f"text/html; {MIME_PAOS}"), ("PAOS", PAOS_HEADER_INFO)] return headers @@ -294,12 +294,11 @@ def operation(self, url, idp_entity_id, op, **opargs): opargs["headers"] = self.add_paos_headers(opargs["headers"]) response = self.send(sp_url, op, **opargs) - logger.debug("[Op] SP response: %s" % response) + logger.debug("[Op] SP response", extra={"response": response}) print(response.text) if response.status_code != 200: - raise SAMLError( - "Request to SP failed: %s" % response.text) + raise SAMLError(f"Request to SP failed: {response.text}") # The response might be a AuthnRequest instance in a SOAP envelope # body. If so it's the start of the ECP conversation @@ -319,8 +318,7 @@ def operation(self, url, idp_entity_id, op, **opargs): raise if response.status_code >= 400: - raise SAMLError("Error performing operation: %s" % ( - response.text,)) + raise SAMLError(f"Error performing operation: {response.text}") return response @@ -332,9 +330,7 @@ def get(self, url=None, idp_entity_id=None, headers=None): return self.operation(url, idp_entity_id, "GET", headers=headers) def post(self, url=None, data="", idp_entity_id=None, headers=None): - return self.operation(url, idp_entity_id, "POST", data=data, - headers=headers) + return self.operation(url, idp_entity_id, "POST", data=data, headers=headers) def put(self, url=None, data="", idp_entity_id=None, headers=None): - return self.operation(url, idp_entity_id, "PUT", data=data, - headers=headers) + return self.operation(url, idp_entity_id, "PUT", data=data, headers=headers) diff --git a/src/saml2/entity.py b/src/saml2/entity.py index f818b7028..aeaf52ca6 100644 --- a/src/saml2/entity.py +++ b/src/saml2/entity.py @@ -1,88 +1,89 @@ import base64 -import copy -import logging -import requests -import six - from binascii import hexlify +import copy from hashlib import sha1 +import logging +import zlib -from saml2.metadata import ENDPOINTS -from saml2.profile import paos, ecp, samlec -from saml2.soap import parse_soap_enveloped_saml_artifact_resolve -from saml2.soap import class_instances_from_soap_enveloped_saml_thingies -from saml2.soap import open_soap_envelope +import requests -from saml2 import samlp -from saml2 import SamlBase -from saml2 import SAMLError -from saml2 import saml -from saml2 import response as saml_response -from saml2 import BINDING_URI from saml2 import BINDING_HTTP_ARTIFACT +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_PAOS -from saml2 import request as saml_request -from saml2 import soap +from saml2 import BINDING_SOAP +from saml2 import BINDING_URI +from saml2 import VERSION +from saml2 import SamlBase +from saml2 import SAMLError +from saml2 import class_name from saml2 import element_to_extension_element from saml2 import extension_elements_to_elements - -from saml2.saml import NameID -from saml2.saml import EncryptedAssertion -from saml2.saml import Issuer -from saml2.saml import NAMEID_FORMAT_ENTITY +from saml2 import request as saml_request +from saml2 import response as saml_response +from saml2 import saml +from saml2 import samlp +from saml2 import soap +from saml2.config import config_factory +from saml2.httpbase import HTTPBase +from saml2.mdstore import all_locations +from saml2.metadata import ENDPOINTS +from saml2.pack import http_form_post_message +from saml2.pack import http_redirect_message +from saml2.profile import ecp +from saml2.profile import paos +from saml2.profile import samlec from saml2.response import LogoutResponse from saml2.response import UnsolicitedResponse -from saml2.time_util import instant -from saml2.s_utils import sid from saml2.s_utils import UnravelError +from saml2.s_utils import UnsupportedBinding +from saml2.s_utils import decode_base64_and_inflate from saml2.s_utils import error_status_factory from saml2.s_utils import rndbytes +from saml2.s_utils import sid from saml2.s_utils import success_status_factory -from saml2.s_utils import decode_base64_and_inflate -from saml2.s_utils import UnsupportedBinding -from saml2.samlp import AuthnRequest, SessionIndex, response_from_string -from saml2.samlp import AuthzDecisionQuery -from saml2.samlp import AuthnQuery +from saml2.saml import NAMEID_FORMAT_ENTITY +from saml2.saml import EncryptedAssertion +from saml2.saml import Issuer +from saml2.saml import NameID +from saml2.samlp import Artifact +from saml2.samlp import ArtifactResolve +from saml2.samlp import ArtifactResponse from saml2.samlp import AssertionIDRequest +from saml2.samlp import AttributeQuery +from saml2.samlp import AuthnQuery +from saml2.samlp import AuthnRequest +from saml2.samlp import AuthzDecisionQuery +from saml2.samlp import LogoutRequest from saml2.samlp import ManageNameIDRequest from saml2.samlp import NameIDMappingRequest +from saml2.samlp import SessionIndex from saml2.samlp import artifact_resolve_from_string -from saml2.samlp import ArtifactResolve -from saml2.samlp import ArtifactResponse -from saml2.samlp import Artifact -from saml2.samlp import LogoutRequest -from saml2.samlp import AttributeQuery -from saml2.mdstore import all_locations -from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_SOAP -from saml2 import VERSION -from saml2 import class_name -from saml2.config import config_factory -from saml2.httpbase import HTTPBase -from saml2.sigver import security_context -from saml2.sigver import SigverError +from saml2.samlp import response_from_string from saml2.sigver import SignatureError -from saml2.sigver import make_temp +from saml2.sigver import SigverError from saml2.sigver import get_pem_wrapped_unwrapped +from saml2.sigver import make_temp +from saml2.sigver import pre_encrypt_assertion from saml2.sigver import pre_encryption_part from saml2.sigver import pre_signature_part -from saml2.sigver import pre_encrypt_assertion +from saml2.sigver import security_context from saml2.sigver import signed_instance_factory +from saml2.soap import class_instances_from_soap_enveloped_saml_thingies +from saml2.soap import open_soap_envelope +from saml2.soap import parse_soap_enveloped_saml_artifact_resolve +from saml2.time_util import instant from saml2.virtual_org import VirtualOrg -from saml2.pack import http_redirect_message -from saml2.pack import http_form_post_message - -from saml2.xmldsig import DefaultSignature -from saml2.xmldsig import SIG_ALLOWED_ALG from saml2.xmldsig import DIGEST_ALLOWED_ALG +from saml2.xmldsig import SIG_ALLOWED_ALG +from saml2.xmldsig import DefaultSignature logger = logging.getLogger(__name__) -__author__ = 'rolandh' +__author__ = "rolandh" -ARTIFACT_TYPECODE = b'\x00\x04' +ARTIFACT_TYPECODE = b"\x00\x04" SERVICE2MESSAGE = { "single_sign_on_service": AuthnRequest, @@ -93,7 +94,7 @@ "manage_name_id_service": ManageNameIDRequest, "name_id_mapping_service": NameIDMappingRequest, "artifact_resolve_service": ArtifactResolve, - "single_logout_service": LogoutRequest + "single_logout_service": LogoutRequest, } @@ -116,22 +117,18 @@ def create_artifact(entity_id, message_handle, endpoint_index=0): :param endpoint_index: :return: """ - if not isinstance(entity_id, six.binary_type): - entity_id = entity_id.encode('utf-8') + if not isinstance(entity_id, bytes): + entity_id = entity_id.encode("utf-8") sourceid = sha1(entity_id) - if not isinstance(message_handle, six.binary_type): - message_handle = message_handle.encode('utf-8') - ter = b"".join((ARTIFACT_TYPECODE, - ("%.2x" % endpoint_index).encode('ascii'), - sourceid.digest(), - message_handle)) - return base64.b64encode(ter).decode('ascii') + if not isinstance(message_handle, bytes): + message_handle = message_handle.encode("utf-8") + ter = b"".join((ARTIFACT_TYPECODE, (f"{endpoint_index:02x}").encode("ascii"), sourceid.digest(), message_handle)) + return base64.b64encode(ter).decode("ascii") class Entity(HTTPBase): - def __init__(self, entity_type, config=None, config_file="", - virtual_organization="", msg_cb=None): + def __init__(self, entity_type, config=None, config_file="", virtual_organization="", msg_cb=None): self.entity_type = entity_type self.users = None @@ -143,18 +140,12 @@ def __init__(self, entity_type, config=None, config_file="", raise SAMLError("Missing configuration") def_sig = DefaultSignature() - self.signing_algorithm = ( - self.config.getattr('signing_algorithm') - or def_sig.get_sign_alg() - ) - self.digest_algorithm = ( - self.config.getattr('digest_algorithm') - or def_sig.get_digest_alg() - ) + self.signing_algorithm = self.config.getattr("signing_algorithm") or def_sig.get_sign_alg() + self.digest_algorithm = self.config.getattr("digest_algorithm") or def_sig.get_digest_alg() sign_config_per_entity_type = { - 'sp': self.config.getattr("authn_requests_signed", "sp"), - 'idp': self.config.getattr("sign_response", "idp"), + "sp": self.config.getattr("authn_requests_signed", "sp"), + "idp": self.config.getattr("sign_response", "idp"), } sign_config = sign_config_per_entity_type.get(self.entity_type, False) self.should_sign = sign_config @@ -165,17 +156,21 @@ def __init__(self, entity_type, config=None, config_file="", continue if _val.startswith("http"): - r = requests.request("GET", _val) + r = requests.request("GET", _val, timeout=self.config.http_client_timeout) if r.status_code == 200: tmp = make_temp(r.text, ".pem", False, self.config.delete_tmpfiles) setattr(self.config, item, tmp.name) else: - raise Exception( - "Could not fetch certificate from %s" % _val) - - HTTPBase.__init__(self, self.config.verify_ssl_cert, - self.config.ca_certs, self.config.key_file, - self.config.cert_file) + raise Exception(f"Could not fetch certificate from {_val}") + + HTTPBase.__init__( + self, + self.config.verify_ssl_cert, + self.config.ca_certs, + self.config.key_file, + self.config.cert_file, + self.config.http_client_timeout, + ) if self.config.vorg: for vo in self.config.vorg.values(): @@ -187,7 +182,7 @@ def __init__(self, entity_type, config=None, config_file="", self.sec = security_context(self.config) if virtual_organization: - if isinstance(virtual_organization, six.string_types): + if isinstance(virtual_organization, str): self.vorg = self.config.vorg[virtual_organization] elif isinstance(virtual_organization, VirtualOrg): self.vorg = virtual_organization @@ -218,33 +213,24 @@ def reload_metadata(self, metadata_conf): """ logger.debug("Loading new metadata") try: - new_metadata = self.config.load_metadata(metadata_conf) + self.metadata.reload(metadata_conf) except Exception as ex: - logger.error("Loading metadata failed", exc_info=ex) + logger.error(f"Loading metadata failed; reason: {str(ex)}") return False - logger.debug("Applying new metadata to main config") - ( self.metadata, self.sec.metadata, self.config.metadata ) = [new_metadata]*3 - policy = getattr(self.config, "_%s_policy" % self.entity_type, None) - if policy and policy.metadata_store: - logger.debug("Applying new metadata to %s policy", self.entity_type) - policy.metadata_store = self.metadata - - logger.debug("Applying new metadata source_id") self.sourceid = self.metadata.construct_source_id() return True def _issuer(self, entityid=None): - """ Return an Issuer instance """ + """Return an Issuer instance""" if entityid: if isinstance(entityid, Issuer): return entityid else: return Issuer(text=entityid, format=NAMEID_FORMAT_ENTITY) else: - return Issuer(text=self.config.entityid, - format=NAMEID_FORMAT_ENTITY) + return Issuer(text=self.config.entityid, format=NAMEID_FORMAT_ENTITY) # XXX DONE will actually use sign_alg and digest_alg for the Redirect-Binding # XXX DONE deepest level - needs to decide the sign_alg (no digest_alg here) @@ -282,9 +268,7 @@ def apply_binding( sign = sign if sign is not None else self.should_sign sign_alg = sigalg or self.signing_algorithm if sign_alg not in [long_name for short_name, long_name in SIG_ALLOWED_ALG]: - raise Exception( - "Signature algo not in allowed list: {algo}".format(algo=sign_alg) - ) + raise Exception(f"Signature algo not in allowed list: {sign_alg}") # unless if BINDING_HTTP_ARTIFACT if response: @@ -293,13 +277,12 @@ def apply_binding( typ = "SAMLRequest" if binding == BINDING_HTTP_POST: - logger.info("HTTP POST") + logger.debug("HTTP POST") info = http_form_post_message(msg_str, destination, relay_state, typ) - (msg_str, destination, relay_state, typ) info["url"] = destination info["method"] = "POST" elif binding == BINDING_HTTP_REDIRECT: - logger.info("HTTP REDIRECT") + logger.debug("HTTP REDIRECT") info = http_redirect_message( message=msg_str, location=destination, @@ -312,9 +295,7 @@ def apply_binding( info["url"] = str(destination) info["method"] = "GET" elif binding == BINDING_SOAP or binding == BINDING_PAOS: - info = self.use_soap( - msg_str, destination, sign=sign, sigalg=sign_alg, **kwargs - ) + info = self.use_soap(msg_str, destination, sign=sign, sigalg=sign_alg, **kwargs) elif binding == BINDING_URI: info = self.use_http_uri(msg_str, typ, destination) elif binding == BINDING_HTTP_ARTIFACT: @@ -325,13 +306,11 @@ def apply_binding( else: info = self.use_http_artifact(msg_str, destination, relay_state) else: - raise SAMLError("Unknown binding type: %s" % binding) + raise SAMLError(f"Unknown binding type: {binding}") return info - def pick_binding( - self, service, bindings=None, descr_type="", request=None, entity_id="" - ): + def pick_binding(self, service, bindings=None, descr_type="", request=None, entity_id=""): if request and not entity_id: entity_id = request.issuer.text.strip() @@ -349,8 +328,8 @@ def pick_binding( else: descr_type = "spsso" - _url = getattr(request, "%s_url" % service, None) - _index = getattr(request, "%s_index" % service, None) + _url = getattr(request, f"{service}_url", None) + _index = getattr(request, f"{service}_index", None) for binding in bindings: try: @@ -370,8 +349,7 @@ def pick_binding( except UnsupportedBinding: pass - logger.error("Failed to find consumer URL: %s, %s, %s", - entity_id, bindings, descr_type) + logger.error("Failed to find consumer URL: %s, %s, %s", entity_id, bindings, descr_type) # logger.error("Bindings: %s", bindings) # logger.error("Entities: %s", self.metadata) @@ -436,9 +414,7 @@ def response_args(self, message, bindings=None, descr_type=""): else: descr_type = "spsso" - binding, destination = self.pick_binding( - rsrv, bindings, descr_type=descr_type, request=message - ) + binding, destination = self.pick_binding(rsrv, bindings, descr_type=descr_type, request=message) info["binding"] = binding info["destination"] = destination @@ -455,26 +431,33 @@ def unravel(txt, binding, msgtype="response"): :return: """ # logger.debug("unravel '%s'", txt) - if binding not in [BINDING_HTTP_REDIRECT, BINDING_HTTP_POST, - BINDING_SOAP, BINDING_URI, BINDING_HTTP_ARTIFACT, - None]: - raise UnknownBinding("Don't know how to handle '%s'" % binding) - else: - try: - if binding == BINDING_HTTP_REDIRECT: + if binding not in [ + BINDING_HTTP_REDIRECT, + BINDING_HTTP_POST, + BINDING_SOAP, + BINDING_URI, + BINDING_HTTP_ARTIFACT, + None, + ]: + raise UnknownBinding(f"Don't know how to handle '{binding}'") + + try: + if binding == BINDING_HTTP_REDIRECT: + xmlstr = decode_base64_and_inflate(txt) + elif binding == BINDING_HTTP_POST: + try: xmlstr = decode_base64_and_inflate(txt) - elif binding == BINDING_HTTP_POST: + except zlib.error: xmlstr = base64.b64decode(txt) - elif binding == BINDING_SOAP: - func = getattr(soap, - "parse_soap_enveloped_saml_%s" % msgtype) - xmlstr = func(txt) - elif binding == BINDING_HTTP_ARTIFACT: - xmlstr = base64.b64decode(txt) - else: - xmlstr = txt - except Exception: - raise UnravelError("Unravelling binding '%s' failed" % binding) + elif binding == BINDING_SOAP: + func = getattr(soap, f"parse_soap_enveloped_saml_{msgtype}") + xmlstr = func(txt) + elif binding == BINDING_HTTP_ARTIFACT: + xmlstr = base64.b64decode(txt) + else: + xmlstr = txt + except Exception: + raise UnravelError(f"Unravelling binding '{binding}' failed") return xmlstr @@ -485,10 +468,7 @@ def parse_soap_message(text): :param text: The SOAP message :return: A dictionary with two keys "body" and "header" """ - return class_instances_from_soap_enveloped_saml_thingies(text, [paos, - ecp, - samlp, - samlec]) + return class_instances_from_soap_enveloped_saml_thingies(text, [paos, ecp, samlp, samlec]) @staticmethod def unpack_soap_message(text): @@ -522,18 +502,12 @@ def sign( sign_alg = sign_alg or self.signing_algorithm digest_alg = digest_alg or self.digest_algorithm if sign_alg not in [long_name for short_name, long_name in SIG_ALLOWED_ALG]: - raise Exception( - "Signature algo not in allowed list: {algo}".format(algo=sign_alg) - ) + raise Exception(f"Signature algo not in allowed list: {sign_alg}") if digest_alg not in [long_name for short_name, long_name in DIGEST_ALLOWED_ALG]: - raise Exception( - "Digest algo not in allowed list: {algo}".format(algo=digest_alg) - ) + raise Exception(f"Digest algo not in allowed list: {digest_alg}") if msg.signature is None: - msg.signature = pre_signature_part( - msg.id, self.sec.my_cert, 1, sign_alg=sign_alg, digest_alg=digest_alg - ) + msg.signature = pre_signature_part(msg.id, self.sec.my_cert, 1, sign_alg=sign_alg, digest_alg=digest_alg) if sign_prepare: return msg @@ -546,7 +520,7 @@ def sign( except (AttributeError, TypeError): to_sign = [(class_name(msg), mid)] - logger.info("REQUEST: %s", msg) + logger.debug("REQUEST: %s", msg) return signed_instance_factory(msg, self.sec, to_sign) # XXX DONE will actually use sign the POST-Binding @@ -619,7 +593,7 @@ def _message( ) req = signed_req - logger.info("REQUEST: %s", req) + logger.debug("REQUEST: %s", req) return reqid, req @staticmethod @@ -659,7 +633,7 @@ def _add_info(self, msg, **kwargs): msg.extension_elements = extensions def has_encrypt_cert_in_metadata(self, sp_entity_id): - """ Verifies if the metadata contains encryption certificates. + """Verifies if the metadata contains encryption certificates. :param sp_entity_id: Entity ID for the calling service provider. :return: True if encrypt cert exists in metadata, otherwise False. @@ -671,7 +645,7 @@ def has_encrypt_cert_in_metadata(self, sp_entity_id): return False def _encrypt_assertion(self, encrypt_cert, sp_entity_id, response, node_xpath=None): - """ Encryption of assertions. + """Encryption of assertions. :param encrypt_cert: Certificate to be used for encryption. :param sp_entity_id: Entity ID for the calling service provider. @@ -690,22 +664,19 @@ def _encrypt_assertion(self, encrypt_cert, sp_entity_id, response, node_xpath=No wrapped_cert, unwrapped_cert = get_pem_wrapped_unwrapped(_cert) try: tmp = make_temp( - wrapped_cert.encode('ascii'), + wrapped_cert.encode("ascii"), decode=False, delete_tmpfiles=self.config.delete_tmpfiles, ) response = self.sec.encrypt_assertion( response, tmp.name, - pre_encryption_part( - key_name=_cert_name, encrypt_cert=unwrapped_cert - ), + pre_encryption_part(key_name=_cert_name, encrypt_cert=unwrapped_cert), node_xpath=node_xpath, ) return response except Exception as ex: exception = ex - pass if exception: raise exception return response @@ -733,7 +704,7 @@ def _response( digest_alg=None, **kwargs, ): - """ Create a Response. + """Create a Response. Encryption: encrypt_assertion must be true for encryption to be performed. If encrypted_advice_attributes also is @@ -785,11 +756,7 @@ def _response( self._add_info(response, **kwargs) sign = sign if sign is not None else self.should_sign - if ( - to_sign - and not sign - and not encrypt_assertion - ): + if to_sign and not sign and not encrypt_assertion: return signed_instance_factory(response, self.sec, to_sign) has_encrypt_cert = self.has_encrypt_cert_in_metadata(sp_entity_id) @@ -863,33 +830,25 @@ def _response( # XXX prepare encrypt assertion # tmp_assertion = response.assertion.advice.assertion[0] - _assertion.advice.encrypted_assertion[0].add_extension_element( - tmp_assertion - ) + _assertion.advice.encrypted_assertion[0].add_extension_element(tmp_assertion) if encrypt_assertion_self_contained: advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = tmp_assertion._to_element_tree().tag - response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag + response = ( + response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) ) - node_xpath = ''.join( + node_xpath = "".join( [ - "/*[local-name()=\"%s\"]" % v - for v in [ - "Response", - "Assertion", - "Advice", - "EncryptedAssertion", - "Assertion" - ] + f'/*[local-name()="{v}"]' + for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"] ] ) # XXX sign assertion if to_sign_advice: - response = signed_instance_factory( - response, self.sec, to_sign_advice - ) + response = signed_instance_factory(response, self.sec, to_sign_advice) # XXX encrypt assertion response = self._encrypt_assertion( @@ -915,7 +874,7 @@ def _response( _assertion.signature = pre_signature_part( _assertion.id, self.sec.my_cert, - 1, + 2, sign_alg=sign_alg, digest_alg=digest_alg, ) @@ -927,7 +886,7 @@ def _response( if encrypt_assertion_self_contained: try: assertion_tag = response.assertion._to_element_tree().tag - except: + except Exception: assertion_tag = response.assertion[0]._to_element_tree().tag response = pre_encrypt_assertion(response) response = response.get_xml_string_with_self_contained_assertion_within_encrypted_assertion( @@ -938,14 +897,10 @@ def _response( # XXX sign assertion if to_sign_assertion: - response = signed_instance_factory( - response, self.sec, to_sign_assertion - ) + response = signed_instance_factory(response, self.sec, to_sign_assertion) # XXX encrypt assertion - response = self._encrypt_assertion( - encrypt_cert_assertion, sp_entity_id, response - ) + response = self._encrypt_assertion(encrypt_cert_assertion, sp_entity_id, response) else: # XXX sign other parts! (defiend by to_sign) if to_sign: @@ -960,9 +915,7 @@ def _response( # XXX sign response if sign: - return self.sign( - response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg - ) + return self.sign(response, to_sign=to_sign, sign_alg=sign_alg, digest_alg=digest_alg) return response @@ -977,7 +930,7 @@ def _status_response( digest_alg=None, **kwargs, ): - """ Create a StatusResponse. + """Create a StatusResponse. :param response_class: Which subclass of StatusResponse that should be used @@ -1044,7 +997,7 @@ def _parse_request( :return: A request instance """ - _log_info = logger.info + # _log_info = logger.info _log_debug = logger.debug # The addresses I should receive messages like this on @@ -1065,22 +1018,25 @@ def _parse_request( except AttributeError: timeslack = 0 - _request = request_cls(self.sec, receiver_addresses, - self.config.attribute_converters, - timeslack=timeslack) + _request = request_cls(self.sec, receiver_addresses, self.config.attribute_converters, timeslack=timeslack) xmlstr = self.unravel(enc_request, binding, request_cls.msgtype) must = self.config.getattr("want_authn_requests_signed", "idp") - only_valid_cert = self.config.getattr( - "want_authn_requests_only_with_valid_cert", "idp") + only_valid_cert = self.config.getattr("want_authn_requests_only_with_valid_cert", "idp") if only_valid_cert is None: only_valid_cert = False if only_valid_cert: must = True - _request = _request.loads(xmlstr, binding, origdoc=enc_request, - must=must, only_valid_cert=only_valid_cert, - relay_state=relay_state, sigalg=sigalg, - signature=signature) + _request = _request.loads( + xmlstr, + binding, + origdoc=enc_request, + must=must, + only_valid_cert=only_valid_cert, + relay_state=relay_state, + sigalg=sigalg, + signature=signature, + ) _log_debug("Loaded request") @@ -1107,7 +1063,7 @@ def create_error_response( digest_alg=None, **kwargs, ): - """ Create a error response. + """Create a error response. :param in_response_to: The identifier of the message this is a response to. @@ -1150,7 +1106,7 @@ def create_logout_request( sign_alg=None, digest_alg=None, ): - """ Constructs a LogoutRequest + """Constructs a LogoutRequest :param destination: Destination of the request :param issuer_entity_id: The entity ID of the IdP the request is @@ -1171,9 +1127,7 @@ def create_logout_request( if subject_id: if self.entity_type == "idp": - name_id = NameID( - text=self.users.get_entityid(subject_id, issuer_entity_id, False) - ) + name_id = NameID(text=self.users.get_entityid(subject_id, issuer_entity_id, False)) else: name_id = NameID(text=subject_id) @@ -1217,7 +1171,7 @@ def create_logout_response( sign_alg=None, digest_alg=None, ): - """ Create a LogoutResponse. + """Create a LogoutResponse. :param request: The request this is a response to :param bindings: Which bindings that can be used for the response @@ -1243,7 +1197,7 @@ def create_logout_response( **rinfo, ) - logger.info("Response: %s", response) + logger.debug("Response: %s", response) return response @@ -1316,7 +1270,7 @@ def create_artifact_response( msg = element_to_extension_element(self.artifact[artifact]) response.extension_elements = [msg] - logger.info("Response: %s", response) + logger.debug("Response: %s", response) return response @@ -1357,8 +1311,7 @@ def create_manage_name_id_request( elif encrypted_id: kwargs["encrypted_id"] = encrypted_id else: - raise AttributeError( - "One of NameID or EncryptedNameID has to be provided") + raise AttributeError("One of NameID or EncryptedNameID has to be provided") if new_id: kwargs["new_id"] = new_id @@ -1367,9 +1320,7 @@ def create_manage_name_id_request( elif terminate: kwargs["terminate"] = terminate else: - raise AttributeError( - "One of NewID, NewEncryptedNameID or Terminate has to be " - "provided") + raise AttributeError("One of NewID, NewEncryptedNameID or Terminate has to be " "provided") return self._message( ManageNameIDRequest, @@ -1383,7 +1334,7 @@ def create_manage_name_id_request( ) def parse_manage_name_id_request(self, xmlstr, binding=BINDING_SOAP): - """ Deal with a LogoutRequest + """Deal with a LogoutRequest :param xmlstr: The response as a xml string :param binding: What type of binding this message came through. @@ -1392,8 +1343,7 @@ def parse_manage_name_id_request(self, xmlstr, binding=BINDING_SOAP): was not. """ - return self._parse_request(xmlstr, saml_request.ManageNameIDRequest, - "manage_name_id_service", binding) + return self._parse_request(xmlstr, saml_request.ManageNameIDRequest, "manage_name_id_service", binding) # XXX DONE ent create > _status_response def create_manage_name_id_response( @@ -1420,7 +1370,7 @@ def create_manage_name_id_response( **rinfo, ) - logger.info("Response: %s", response) + logger.debug("Response: %s", response) return response @@ -1444,7 +1394,7 @@ def _parse_response( outstanding_certs=None, **kwargs, ): - """ Deal with a Response + """Deal with a Response :param xmlstr: The response as a xml string :param response_cls: What type of response it is @@ -1477,15 +1427,12 @@ def _parse_response( } if binding in bindings: # expected return address - kwargs["return_addrs"] = self.config.endpoint( - service, - binding=binding, - context=self.entity_type) + kwargs["return_addrs"] = self.config.endpoint(service, binding=binding, context=self.entity_type) try: response = response_cls(self.sec, **kwargs) except Exception as exc: - logger.info("%s", exc) + logger.error(str(exc)) raise xmlstr = self.unravel(xmlstr, binding, response_cls.msgtype) @@ -1504,7 +1451,7 @@ def _parse_response( response = response.loads(xmlstr, False, origxml=xmlstr) except SigverError as err: if require_response_signature: - logger.error("Signature Error: %s", err) + logger.error("Signature Error: %s", str(err)) raise else: # The response is not signed but a signature is not required @@ -1516,7 +1463,7 @@ def _parse_response( logger.error("Unsolicited response") raise except Exception as err: - if "not well-formed" in "%s" % err: + if "not well-formed" in f"{err}": logger.error("Not well-formed XML") raise else: @@ -1556,7 +1503,7 @@ def _parse_response( response.verify(keys) except SignatureError as err: if require_signature: - logger.error("Signature Error: %s", err) + logger.error("Signature Error: %s", str(err)) raise else: response.require_signature = require_signature @@ -1579,8 +1526,7 @@ def _parse_response( # ------------------------------------------------------------------------ def parse_logout_request_response(self, xmlstr, binding=BINDING_SOAP): - return self._parse_response(xmlstr, LogoutResponse, - "single_logout_service", binding) + return self._parse_response(xmlstr, LogoutResponse, "single_logout_service", binding) # ------------------------------------------------------------------------ @@ -1592,7 +1538,7 @@ def parse_logout_request( sigalg=None, signature=None, ): - """ Deal with a LogoutRequest + """Deal with a LogoutRequest :param xmlstr: The response as a xml string :param binding: What type of binding this message came through. @@ -1618,7 +1564,7 @@ def use_artifact(self, message, endpoint_index=0): :param endpoint_index: :return: """ - message_handle = sha1(str(message).encode('utf-8')) + message_handle = sha1(str(message).encode("utf-8")) message_handle.update(rndbytes()) mhd = message_handle.digest() saml_art = create_artifact(self.config.entityid, mhd, endpoint_index) @@ -1637,11 +1583,7 @@ def artifact2destination(self, artifact, descriptor): typecode = _art[:2] if typecode != ARTIFACT_TYPECODE: - raise ValueError( - "Invalid artifact typecode '{invalid}' should be {valid}".format( - invalid=typecode, valid=ARTIFACT_TYPECODE - ) - ) + raise ValueError(f"Invalid artifact typecode {repr(typecode)} should be {repr(ARTIFACT_TYPECODE)}") try: endpoint_index = str(int(_art[2:4])) @@ -1650,7 +1592,7 @@ def artifact2destination(self, artifact, descriptor): entity = self.sourceid[_art[4:24]] destination = None - for desc in entity["%s_descriptor" % descriptor]: + for desc in entity[f"{descriptor}_descriptor"]: for srv in desc["artifact_resolution_service"]: if srv["index"] == endpoint_index: destination = srv["location"] @@ -1704,13 +1646,9 @@ def parse_artifact_resolve(self, txt, **kwargs): return artifact_resolve_from_string(_resp) def parse_artifact_resolve_response(self, xmlstr): - kwargs = {"entity_id": self.config.entityid, - "attribute_converters": self.config.attribute_converters} + kwargs = {"entity_id": self.config.entityid, "attribute_converters": self.config.attribute_converters} - resp = self._parse_response(xmlstr, saml_response.ArtifactResponse, - "artifact_resolve", BINDING_SOAP, - **kwargs) + resp = self._parse_response(xmlstr, saml_response.ArtifactResponse, "artifact_resolve", BINDING_SOAP, **kwargs) # should just be one - elems = extension_elements_to_elements(resp.response.extension_elements, - [samlp, saml]) + elems = extension_elements_to_elements(resp.response.extension_elements, [samlp, saml]) return elems[0] diff --git a/src/saml2/entity_category/__init__.py b/src/saml2/entity_category/__init__.py index d78e3b995..38e10a5ce 100644 --- a/src/saml2/entity_category/__init__.py +++ b/src/saml2/entity_category/__init__.py @@ -1,4 +1,4 @@ -__author__ = 'rolandh' +__author__ = "rolandh" ENTITYATTRIBUTES = "urn:oasis:names:tc:SAML:metadata:attribute&EntityAttributes" @@ -11,4 +11,4 @@ def entity_categories(md): for attr in elem["attribute"]: res.append(attr["text"]) - return res \ No newline at end of file + return res diff --git a/src/saml2/entity_category/at_egov_pvp2.py b/src/saml2/entity_category/at_egov_pvp2.py index 4a041c2f6..723b3d500 100644 --- a/src/saml2/entity_category/at_egov_pvp2.py +++ b/src/saml2/entity_category/at_egov_pvp2.py @@ -1,29 +1,31 @@ -__author__ = 'rhoerbe' #2013-09-05 +__author__ = "rhoerbe" # 2013-09-05 # Entity Categories specifying the PVP eGov Token as of "PVP2-Allgemein V2.1.0", http://www.ref.gv.at/ -EGOVTOKEN = ["PVP-VERSION", - "PVP-PRINCIPAL-NAME", - "PVP-GIVENNAME", - "PVP-BIRTHDATE", - "PVP-USERID", - "PVP-GID", - "PVP-BPK", - "PVP-MAIL", - "PVP-TEL", - "PVP-PARTICIPANT-ID", - "PVP-PARTICIPANT-OKZ", - "PVP-OU-OKZ", - "PVP-OU", - "PVP-OU-GV-OU-ID", - "PVP-FUNCTION", - "PVP-ROLES", +EGOVTOKEN = [ + "PVP-VERSION", + "PVP-PRINCIPAL-NAME", + "PVP-GIVENNAME", + "PVP-BIRTHDATE", + "PVP-USERID", + "PVP-GID", + "PVP-BPK", + "PVP-MAIL", + "PVP-TEL", + "PVP-PARTICIPANT-ID", + "PVP-PARTICIPANT-OKZ", + "PVP-OU-OKZ", + "PVP-OU", + "PVP-OU-GV-OU-ID", + "PVP-FUNCTION", + "PVP-ROLES", ] -CHARGEATTR = ["PVP-INVOICE-RECPT-ID", - "PVP-COST-CENTER-ID", - "PVP-CHARGE-CODE", +CHARGEATTR = [ + "PVP-INVOICE-RECPT-ID", + "PVP-COST-CENTER-ID", + "PVP-CHARGE-CODE", ] # all eGov Token attributes except (1) transaction charging and (2) chaining diff --git a/src/saml2/entity_category/edugain.py b/src/saml2/entity_category/edugain.py index 533af426d..9d388dd56 100644 --- a/src/saml2/entity_category/edugain.py +++ b/src/saml2/entity_category/edugain.py @@ -1,4 +1,4 @@ -__author__ = 'rolandh' +__author__ = "rolandh" COC = "http://www.geant.net/uri/dataprotection-code-of-conduct/v1" COCO = COC @@ -7,9 +7,15 @@ "": ["eduPersonTargetedID"], # COC: ["eduPersonPrincipalName", "eduPersonScopedAffiliation", "mail", # "displayName", "schacHomeOrganization"], - COCO: ["eduPersonPrincipalName", "eduPersonScopedAffiliation", - 'eduPersonAffiliation', "mail", "displayName", 'cn', - "schacHomeOrganization"] + COCO: [ + "eduPersonPrincipalName", + "eduPersonScopedAffiliation", + "eduPersonAffiliation", + "mail", + "displayName", + "cn", + "schacHomeOrganization", + ], } ONLY_REQUIRED = {COCO: True} diff --git a/src/saml2/entity_category/incommon.py b/src/saml2/entity_category/incommon.py index 9df7730bb..82c9dab46 100644 --- a/src/saml2/entity_category/incommon.py +++ b/src/saml2/entity_category/incommon.py @@ -1,10 +1,15 @@ -__author__ = 'rolandh' +__author__ = "rolandh" RESEARCH_AND_SCHOLARSHIP = "http://id.incommon.org/category/research-and-scholarship" RELEASE = { "": ["eduPersonTargetedID"], - RESEARCH_AND_SCHOLARSHIP: ["eduPersonPrincipalName", - "eduPersonScopedAffiliation", "mail", - "givenName", "sn", "displayName"] + RESEARCH_AND_SCHOLARSHIP: [ + "eduPersonPrincipalName", + "eduPersonScopedAffiliation", + "mail", + "givenName", + "sn", + "displayName", + ], } diff --git a/src/saml2/entity_category/refeds.py b/src/saml2/entity_category/refeds.py index c6fe882a4..fa68aea2b 100644 --- a/src/saml2/entity_category/refeds.py +++ b/src/saml2/entity_category/refeds.py @@ -1,11 +1,15 @@ -__author__ = 'rolandh' +__author__ = "rolandh" RESEARCH_AND_SCHOLARSHIP = "http://refeds.org/category/research-and-scholarship" RELEASE = { "": ["eduPersonTargetedID"], - RESEARCH_AND_SCHOLARSHIP: ["eduPersonPrincipalName", - "eduPersonScopedAffiliation", "mail", - "givenName", "sn", "displayName"] + RESEARCH_AND_SCHOLARSHIP: [ + "eduPersonPrincipalName", + "eduPersonScopedAffiliation", + "mail", + "givenName", + "sn", + "displayName", + ], } - diff --git a/src/saml2/entity_category/swamid.py b/src/saml2/entity_category/swamid.py index ed0ac6181..decf81854 100644 --- a/src/saml2/entity_category/swamid.py +++ b/src/saml2/entity_category/swamid.py @@ -1,90 +1,136 @@ -__author__ = 'rolandh' +__author__ = "rolandh" NAME = [ - 'givenName', - 'displayName', - 'sn', - 'cn', + "givenName", + "displayName", + "sn", + "cn", ] STATIC_ORG_INFO = [ - 'c', - 'o', - 'co', - 'norEduOrgAcronym', - 'schacHomeOrganization', - 'schacHomeOrganizationType', + "c", + "o", + "co", + "norEduOrgAcronym", + "schacHomeOrganization", + "schacHomeOrganizationType", ] -OTHER = [ - 'eduPersonPrincipalName', - 'eduPersonScopedAffiliation', - 'mail', - 'eduPersonAssurance' -] +OTHER = ["eduPersonPrincipalName", "eduPersonScopedAffiliation", "mail", "eduPersonAssurance"] R_AND_S = [ - 'eduPersonPrincipalName', - 'eduPersonUniqueID', - 'mail', - 'displayName', - 'givenName', - 'sn', - 'eduPersonAssurance', - 'eduPersonScopedAffiliation' + "eduPersonPrincipalName", + "eduPersonUniqueID", + "mail", + "displayName", + "givenName", + "sn", + "eduPersonAssurance", + "eduPersonScopedAffiliation", ] GEANT_COCO = [ - 'eduPersonTargetedID', - 'eduPersonPrincipalName', - 'eduPersonUniqueID', - 'eduPersonOrcid', - 'norEduPersonNIN', - 'personalIdentityNumber', - 'schacDateOfBirth', - 'mail', - 'displayName', - 'cn', - 'givenName', - 'sn', - 'eduPersonAssurance', - 'eduPersonScopedAffiliation', - 'eduPersonAffiliation', - 'o', - 'norEduOrgAcronym', - 'c', - 'co', - 'schacHomeOrganization', - 'schacHomeOrganizationType', + "pairwise-id", + "subject-id", + "eduPersonTargetedID", + "eduPersonPrincipalName", + "eduPersonOrcid", + "norEduPersonNIN", + "personalIdentityNumber", + "schacDateOfBirth", + "mail", + "mailLocalAddress", + "displayName", + "cn", + "givenName", + "sn", + "norEduPersonLegalName", + "eduPersonAssurance", + "eduPersonScopedAffiliation", + "eduPersonAffiliation", + "o", + "norEduOrgAcronym", + "c", + "co", + "schacHomeOrganization", + "schacHomeOrganizationType", +] + +REFEDS_COCO = GEANT_COCO # for now these two are identical + +MYACADEMICID_ESI = ["schacPersonalUniqueCode"] + +REFEDS_PERSONALIZED_ACCESS = [ + "subject-id", + "mail", + "displayName", + "givenName", + "sn", + "eduPersonScopedAffiliation", + "eduPersonAssurance", + "schacHomeOrganization", +] + +REFEDS_PSEUDONYMOUS_ACCESS = [ + "pairwise-id", + "eduPersonScopedAffiliation", + "eduPersonAssurance", + "schacHomeOrganization", +] + +REFEDS_ANONYMOUS_ACCESS = [ + "eduPersonScopedAffiliation", + "schacHomeOrganization", ] -MYACADEMICID_ESI = ['schacPersonalUniqueCode'] # These give you access to information -RESEARCH_AND_EDUCATION = 'http://www.swamid.se/category/research-and-education' # Deprecated from 2021-03-31 -SFS_1993_1153 = 'http://www.swamid.se/category/sfs-1993-1153' # Deprecated from 2021-03-31 -RESEARCH_AND_SCHOLARSHIP = 'http://refeds.org/category/research-and-scholarship' -COCO = 'http://www.geant.net/uri/dataprotection-code-of-conduct/v1' -ESI = 'https://myacademicid.org/entity-categories/esi' +RESEARCH_AND_EDUCATION = "http://www.swamid.se/category/research-and-education" # Deprecated from 2021-03-31 +SFS_1993_1153 = "http://www.swamid.se/category/sfs-1993-1153" # Deprecated from 2021-03-31 +RESEARCH_AND_SCHOLARSHIP = "http://refeds.org/category/research-and-scholarship" +COCOv1 = "http://www.geant.net/uri/dataprotection-code-of-conduct/v1" +COCOv2 = "https://refeds.org/category/code-of-conduct/v2" +ESI = "https://myacademicid.org/entity-categories/esi" +PERSONALIZED = "https://refeds.org/category/personalized" +PSEUDONYMOUS = "https://refeds.org/category/pseudonymous" +ANONYMOUS = "https://refeds.org/category/anonymous" -# presently these don't by themself -EU = 'http://www.swamid.se/category/eu-adequate-protection' # Deprecated from 2021-03-31 -NREN = 'http://www.swamid.se/category/nren-service' # Deprecated from 2021-03-31 -HEI = 'http://www.swamid.se/category/hei-service' # Deprecated from 2021-03-31 +# presently these don't by themselves +EU = "http://www.swamid.se/category/eu-adequate-protection" # Deprecated from 2021-03-31 +NREN = "http://www.swamid.se/category/nren-service" # Deprecated from 2021-03-31 +HEI = "http://www.swamid.se/category/hei-service" # Deprecated from 2021-03-31 RELEASE = { - '': [], - SFS_1993_1153: ['norEduPersonNIN', 'eduPersonAssurance'], + # NOTICE: order is important + # no-aggregation categories need to come last and in order of least to most restrictive + "": [], + SFS_1993_1153: ["norEduPersonNIN", "eduPersonAssurance"], (RESEARCH_AND_EDUCATION, EU): NAME + STATIC_ORG_INFO + OTHER, (RESEARCH_AND_EDUCATION, NREN): NAME + STATIC_ORG_INFO + OTHER, (RESEARCH_AND_EDUCATION, HEI): NAME + STATIC_ORG_INFO + OTHER, RESEARCH_AND_SCHOLARSHIP: R_AND_S, - COCO: GEANT_COCO, + COCOv1: GEANT_COCO, + COCOv2: REFEDS_COCO, ESI: MYACADEMICID_ESI, - (ESI, COCO): MYACADEMICID_ESI + GEANT_COCO, + (ESI, COCOv1): MYACADEMICID_ESI + GEANT_COCO, + (ESI, COCOv2): MYACADEMICID_ESI + REFEDS_COCO, + # XXX: disabled temporarily until we can figure out how to handle them + # these need to be able to be combined with other categories just not with each other + # no aggregation categories + # PERSONALIZED: REFEDS_PERSONALIZED_ACCESS, + # PSEUDONYMOUS: REFEDS_PSEUDONYMOUS_ACCESS, + # ANONYMOUS: REFEDS_ANONYMOUS_ACCESS, } ONLY_REQUIRED = { - COCO: True, - (ESI, COCO): True, + COCOv1: True, + COCOv2: True, + (ESI, COCOv1): True, + (ESI, COCOv2): True, +} + +NO_AGGREGATION = { + PERSONALIZED: True, + PSEUDONYMOUS: True, + ANONYMOUS: True, } diff --git a/src/saml2/eptid.py b/src/saml2/eptid.py index c4fd05cc6..b6186fde5 100644 --- a/src/saml2/eptid.py +++ b/src/saml2/eptid.py @@ -5,15 +5,14 @@ # Internet2 and may overtake the other form in due course. import hashlib +import logging import shelve -import logging -import six logger = logging.getLogger(__name__) -class Eptid(object): +class Eptid: def __init__(self, secret): self._db = {} self.secret = secret @@ -22,28 +21,28 @@ def make(self, idp, sp, args): md5 = hashlib.md5() for arg in args: md5.update(arg.encode("utf-8")) - if isinstance(sp, six.binary_type): + if isinstance(sp, bytes): md5.update(sp) else: - md5.update(sp.encode('utf-8')) - if isinstance(self.secret, six.binary_type): + md5.update(sp.encode("utf-8")) + if isinstance(self.secret, bytes): md5.update(self.secret) else: - md5.update(self.secret.encode('utf-8')) + md5.update(self.secret.encode("utf-8")) md5.digest() hashval = md5.hexdigest() - if isinstance(hashval, six.binary_type): - hashval = hashval.decode('ascii') + if isinstance(hashval, bytes): + hashval = hashval.decode("ascii") return "!".join([idp, sp, hashval]) def __getitem__(self, key): - if six.PY3 and isinstance(key, six.binary_type): - key = key.decode('utf-8') + if isinstance(key, bytes): + key = key.decode("utf-8") return self._db[key] def __setitem__(self, key, value): - if six.PY3 and isinstance(key, six.binary_type): - key = key.decode('utf-8') + if isinstance(key, bytes): + key = key.decode("utf-8") self._db[key] = value def get(self, idp, sp, *args): @@ -63,9 +62,8 @@ def close(self): class EptidShelve(Eptid): def __init__(self, secret, filename): Eptid.__init__(self, secret) - if six.PY3: - if filename.endswith('.db'): - filename = filename.rsplit('.db', 1)[0] + if filename.endswith(".db"): + filename = filename.rsplit(".db", 1)[0] self._db = shelve.open(filename, writeback=True, protocol=2) def close(self): diff --git a/src/saml2/extension/algsupport.py b/src/saml2/extension/algsupport.py index 753d4dfe6..1db825f05 100644 --- a/src/saml2/extension/algsupport.py +++ b/src/saml2/extension/algsupport.py @@ -8,30 +8,25 @@ from saml2 import SamlBase -NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:algsupport' +NAMESPACE = "urn:oasis:names:tc:SAML:metadata:algsupport" class DigestMethodType_(SamlBase): """The urn:oasis:names:tc:SAML:metadata:algsupport:DigestMethodType - element """ + element""" - c_tag = 'DigestMethodType' + c_tag = "DigestMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - - def __init__(self, - algorithm=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + + def __init__(self, algorithm=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.algorithm = algorithm @@ -41,29 +36,30 @@ def digest_method_type__from_string(xml_string): class SigningMethodType_(SamlBase): """The urn:oasis:names:tc:SAML:metadata:algsupport:SigningMethodType - element """ + element""" - c_tag = 'SigningMethodType' + c_tag = "SigningMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - c_attributes['MinKeySize'] = ('min_key_size', 'positiveInteger', False) - c_attributes['MaxKeySize'] = ('max_key_size', 'positiveInteger', False) - - def __init__(self, - algorithm=None, - min_key_size=None, - max_key_size=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + c_attributes["MinKeySize"] = ("min_key_size", "positiveInteger", False) + c_attributes["MaxKeySize"] = ("max_key_size", "positiveInteger", False) + + def __init__( + self, + algorithm=None, + min_key_size=None, + max_key_size=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.algorithm = algorithm self.min_key_size = min_key_size self.max_key_size = max_key_size @@ -74,9 +70,9 @@ def signing_method_type__from_string(xml_string): class DigestMethod(DigestMethodType_): - """The urn:oasis:names:tc:SAML:metadata:algsupport:DigestMethod element """ + """The urn:oasis:names:tc:SAML:metadata:algsupport:DigestMethod element""" - c_tag = 'DigestMethod' + c_tag = "DigestMethod" c_namespace = NAMESPACE c_children = DigestMethodType_.c_children.copy() c_attributes = DigestMethodType_.c_attributes.copy() @@ -89,9 +85,9 @@ def digest_method_from_string(xml_string): class SigningMethod(SigningMethodType_): - """The urn:oasis:names:tc:SAML:metadata:algsupport:SigningMethod element """ + """The urn:oasis:names:tc:SAML:metadata:algsupport:SigningMethod element""" - c_tag = 'SigningMethod' + c_tag = "SigningMethod" c_namespace = NAMESPACE c_children = SigningMethodType_.c_children.copy() c_attributes = SigningMethodType_.c_attributes.copy() @@ -111,13 +107,12 @@ def signing_method_from_string(xml_string): } ELEMENT_BY_TAG = { - 'DigestMethod': DigestMethod, - 'DigestMethodType': DigestMethodType_, - 'SigningMethod': SigningMethod, - 'SigningMethodType': SigningMethodType_, + "DigestMethod": DigestMethod, + "DigestMethodType": DigestMethodType_, + "SigningMethod": SigningMethod, + "SigningMethodType": SigningMethodType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/extension/dri.py b/src/saml2/extension/dri.py index ba6002dd9..4f9fa8e5a 100644 --- a/src/saml2/extension/dri.py +++ b/src/saml2/extension/dri.py @@ -6,18 +6,18 @@ import saml2 from saml2 import SamlBase - from saml2 import md -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:metadata:dri' + +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:metadata:dri" class CreationInstant(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:CreationInstant element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:CreationInstant element""" - c_tag = 'CreationInstant' + c_tag = "CreationInstant" c_namespace = NAMESPACE - c_value_type = {'base': 'datetime'} + c_value_type = {"base": "datetime"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -29,11 +29,11 @@ def creation_instant_from_string(xml_string): class SerialNumber(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:SerialNumber element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:SerialNumber element""" - c_tag = 'SerialNumber' + c_tag = "SerialNumber" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -45,11 +45,11 @@ def serial_number_from_string(xml_string): class UsagePolicy(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:UsagePolicy element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:UsagePolicy element""" - c_tag = 'UsagePolicy' + c_tag = "UsagePolicy" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -61,30 +61,32 @@ def usage_policy_from_string(xml_string): class PublisherType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:PublisherType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:PublisherType element""" - c_tag = 'PublisherType' + c_tag = "PublisherType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['PublisherID'] = ('publisher_id', 'md:entityIDType', True) - c_attributes['CreationInstant'] = ('creation_instant', 'datetime', False) - c_attributes['SerialNumber'] = ('serial_number', 'string', False) - - def __init__(self, - publisher_id=None, - creation_instant=None, - serial_number=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_attributes["PublisherID"] = ("publisher_id", "md:entityIDType", True) + c_attributes["CreationInstant"] = ("creation_instant", "datetime", False) + c_attributes["SerialNumber"] = ("serial_number", "string", False) + + def __init__( + self, + publisher_id=None, + creation_instant=None, + serial_number=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.publisher_id = publisher_id self.creation_instant = creation_instant @@ -97,9 +99,9 @@ def publisher_type__from_string(xml_string): class RegistrationAuthority(md.EntityIDType_): """The urn:oasis:names:tc:SAML:2.0:metadata:dri:RegistrationAuthority - element """ + element""" - c_tag = 'RegistrationAuthority' + c_tag = "RegistrationAuthority" c_namespace = NAMESPACE c_children = md.EntityIDType_.c_children.copy() c_attributes = md.EntityIDType_.c_attributes.copy() @@ -113,11 +115,11 @@ def registration_authority_from_string(xml_string): class RegistrationInstant(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:dri:RegistrationInstant - element """ + element""" - c_tag = 'RegistrationInstant' + c_tag = "RegistrationInstant" c_namespace = NAMESPACE - c_value_type = {'base': 'datetime'} + c_value_type = {"base": "datetime"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -130,11 +132,11 @@ def registration_instant_from_string(xml_string): class RegistrationPolicy(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:dri:RegistrationPolicy - element """ + element""" - c_tag = 'RegistrationPolicy' + c_tag = "RegistrationPolicy" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -146,9 +148,9 @@ def registration_policy_from_string(xml_string): class Publisher(PublisherType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:Publisher element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:Publisher element""" - c_tag = 'Publisher' + c_tag = "Publisher" c_namespace = NAMESPACE c_children = PublisherType_.c_children.copy() c_attributes = PublisherType_.c_attributes.copy() @@ -162,39 +164,43 @@ def publisher_from_string(xml_string): class RegistrationInfoType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:dri:RegistrationInfoType - element """ + element""" - c_tag = 'RegistrationInfoType' + c_tag = "RegistrationInfoType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata:dri}RegistrationAuthority'] = ( - 'registration_authority', RegistrationAuthority) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata:dri}RegistrationInstant'] = ( - 'registration_instant', RegistrationInstant) - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata:dri}RegistrationPolicy'] = ( - 'registration_policy', RegistrationPolicy) - c_cardinality['registration_policy'] = {"min": 0, "max": 1} - c_child_order.extend(['registration_authority', 'registration_instant', - 'registration_policy']) - - def __init__(self, - registration_authority=None, - registration_instant=None, - registration_policy=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}RegistrationAuthority"] = ( + "registration_authority", + RegistrationAuthority, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}RegistrationInstant"] = ( + "registration_instant", + RegistrationInstant, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}RegistrationPolicy"] = ( + "registration_policy", + RegistrationPolicy, + ) + c_cardinality["registration_policy"] = {"min": 0, "max": 1} + c_child_order.extend(["registration_authority", "registration_instant", "registration_policy"]) + + def __init__( + self, + registration_authority=None, + registration_instant=None, + registration_policy=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.registration_authority = registration_authority self.registration_instant = registration_instant @@ -206,29 +212,30 @@ def registration_info_type__from_string(xml_string): class PublishersType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:PublishersType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:PublishersType element""" - c_tag = 'PublishersType' + c_tag = "PublishersType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata:dri}Publisher'] = ( - 'publisher', [Publisher]) - c_cardinality['publisher'] = {"min": 0} - c_child_order.extend(['publisher']) - - def __init__(self, - publisher=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}Publisher"] = ("publisher", [Publisher]) + c_cardinality["publisher"] = {"min": 0} + c_child_order.extend(["publisher"]) + + def __init__( + self, + publisher=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.publisher = publisher or [] @@ -238,9 +245,9 @@ def publishers_type__from_string(xml_string): class RegistrationInfo(RegistrationInfoType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:RegistrationInfo element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:RegistrationInfo element""" - c_tag = 'RegistrationInfo' + c_tag = "RegistrationInfo" c_namespace = NAMESPACE c_children = RegistrationInfoType_.c_children.copy() c_attributes = RegistrationInfoType_.c_attributes.copy() @@ -253,9 +260,9 @@ def registration_info_from_string(xml_string): class Publishers(PublishersType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:Publishers element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:Publishers element""" - c_tag = 'Publishers' + c_tag = "Publishers" c_namespace = NAMESPACE c_children = PublishersType_.c_children.copy() c_attributes = PublishersType_.c_attributes.copy() @@ -268,42 +275,39 @@ def publishers_from_string(xml_string): class DocumentInfoType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:DocumentInfoType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:DocumentInfoType element""" - c_tag = 'DocumentInfoType' + c_tag = "DocumentInfoType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata:dri}CreationInstant'] = ( - 'creation_instant', CreationInstant) - c_cardinality['creation_instant'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata:dri}SerialNumber'] = ( - 'serial_number', SerialNumber) - c_cardinality['serial_number'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata:dri}UsagePolicy'] = ( - 'usage_policy', UsagePolicy) - c_cardinality['usage_policy'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata:dri}Publishers'] = ( - 'publishers', Publishers) - c_cardinality['publishers'] = {"min": 0, "max": 1} - c_child_order.extend( - ['creation_instant', 'serial_number', 'usage_policy', 'publishers']) - - def __init__(self, - creation_instant=None, - serial_number=None, - usage_policy=None, - publishers=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}CreationInstant"] = ("creation_instant", CreationInstant) + c_cardinality["creation_instant"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}SerialNumber"] = ("serial_number", SerialNumber) + c_cardinality["serial_number"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}UsagePolicy"] = ("usage_policy", UsagePolicy) + c_cardinality["usage_policy"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata:dri}Publishers"] = ("publishers", Publishers) + c_cardinality["publishers"] = {"min": 0, "max": 1} + c_child_order.extend(["creation_instant", "serial_number", "usage_policy", "publishers"]) + + def __init__( + self, + creation_instant=None, + serial_number=None, + usage_policy=None, + publishers=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.creation_instant = creation_instant self.serial_number = serial_number @@ -316,9 +320,9 @@ def document_info_type__from_string(xml_string): class DocumentInfo(DocumentInfoType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:dri:DocumentInfo element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:dri:DocumentInfo element""" - c_tag = 'DocumentInfo' + c_tag = "DocumentInfo" c_namespace = NAMESPACE c_children = DocumentInfoType_.c_children.copy() c_attributes = DocumentInfoType_.c_attributes.copy() @@ -348,23 +352,22 @@ def document_info_from_string(xml_string): } ELEMENT_BY_TAG = { - 'DocumentInfo': DocumentInfo, - 'DocumentInfoType': DocumentInfoType_, - 'CreationInstant': CreationInstant, - 'SerialNumber': SerialNumber, - 'UsagePolicy': UsagePolicy, - 'Publishers': Publishers, - 'PublishersType': PublishersType_, - 'Publisher': Publisher, - 'PublisherType': PublisherType_, - 'RegistrationInfo': RegistrationInfo, - 'RegistrationInfoType': RegistrationInfoType_, - 'RegistrationAuthority': RegistrationAuthority, - 'RegistrationInstant': RegistrationInstant, - 'RegistrationPolicy': RegistrationPolicy, + "DocumentInfo": DocumentInfo, + "DocumentInfoType": DocumentInfoType_, + "CreationInstant": CreationInstant, + "SerialNumber": SerialNumber, + "UsagePolicy": UsagePolicy, + "Publishers": Publishers, + "PublishersType": PublishersType_, + "Publisher": Publisher, + "PublisherType": PublisherType_, + "RegistrationInfo": RegistrationInfo, + "RegistrationInfoType": RegistrationInfoType_, + "RegistrationAuthority": RegistrationAuthority, + "RegistrationInstant": RegistrationInstant, + "RegistrationPolicy": RegistrationPolicy, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/extension/idpdisc.py b/src/saml2/extension/idpdisc.py index dc5155848..216a54d7a 100644 --- a/src/saml2/extension/idpdisc.py +++ b/src/saml2/extension/idpdisc.py @@ -7,15 +7,16 @@ import saml2 from saml2 import md -NAMESPACE = 'urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol' + +NAMESPACE = "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" BINDING_DISCO = "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" class DiscoveryResponse(md.IndexedEndpointType_): """The urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol: - DiscoveryResponse element """ + DiscoveryResponse element""" - c_tag = 'DiscoveryResponse' + c_tag = "DiscoveryResponse" c_namespace = NAMESPACE c_children = md.IndexedEndpointType_.c_children.copy() c_attributes = md.IndexedEndpointType_.c_attributes.copy() @@ -32,10 +33,9 @@ def discovery_response_from_string(xml_string): } ELEMENT_BY_TAG = { - 'DiscoveryResponse': DiscoveryResponse, + "DiscoveryResponse": DiscoveryResponse, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/extension/mdattr.py b/src/saml2/extension/mdattr.py index 9587c449f..faf532582 100644 --- a/src/saml2/extension/mdattr.py +++ b/src/saml2/extension/mdattr.py @@ -6,55 +6,60 @@ import saml2 from saml2 import SamlBase - from saml2 import saml -NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:attribute' + +NAMESPACE = "urn:oasis:names:tc:SAML:metadata:attribute" + class EntityAttributesType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:attribute:EntityAttributesType element """ + """The urn:oasis:names:tc:SAML:metadata:attribute:EntityAttributesType element""" - c_tag = 'EntityAttributesType' + c_tag = "EntityAttributesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Attribute'] = ('attribute', [saml.Attribute]) - c_cardinality['attribute'] = {"min":0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Assertion'] = ('assertion', [saml.Assertion]) - c_cardinality['assertion'] = {"min":0} - c_child_order.extend(['attribute', 'assertion']) - - def __init__(self, - attribute=None, - assertion=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.attribute=attribute or [] - self.assertion=assertion or [] + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Attribute"] = ("attribute", [saml.Attribute]) + c_cardinality["attribute"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Assertion"] = ("assertion", [saml.Assertion]) + c_cardinality["assertion"] = {"min": 0} + c_child_order.extend(["attribute", "assertion"]) + + def __init__( + self, + attribute=None, + assertion=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.attribute = attribute or [] + self.assertion = assertion or [] + def entity_attributes_type__from_string(xml_string): return saml2.create_class_from_xml_string(EntityAttributesType_, xml_string) class EntityAttributes(EntityAttributesType_): - """The urn:oasis:names:tc:SAML:metadata:attribute:EntityAttributes element """ + """The urn:oasis:names:tc:SAML:metadata:attribute:EntityAttributes element""" - c_tag = 'EntityAttributes' + c_tag = "EntityAttributes" c_namespace = NAMESPACE c_children = EntityAttributesType_.c_children.copy() c_attributes = EntityAttributesType_.c_attributes.copy() c_child_order = EntityAttributesType_.c_child_order[:] c_cardinality = EntityAttributesType_.c_cardinality.copy() + def entity_attributes_from_string(xml_string): return saml2.create_class_from_xml_string(EntityAttributes, xml_string) @@ -65,11 +70,10 @@ def entity_attributes_from_string(xml_string): } ELEMENT_BY_TAG = { - 'EntityAttributes': EntityAttributes, - 'EntityAttributesType': EntityAttributesType_, + "EntityAttributes": EntityAttributes, + "EntityAttributesType": EntityAttributesType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/extension/mdrpi.py b/src/saml2/extension/mdrpi.py index 5951ed61d..77aba50ef 100644 --- a/src/saml2/extension/mdrpi.py +++ b/src/saml2/extension/mdrpi.py @@ -6,16 +6,16 @@ import saml2 from saml2 import SamlBase - from saml2 import md -NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:rpi' + +NAMESPACE = "urn:oasis:names:tc:SAML:metadata:rpi" class RegistrationPolicy(md.LocalizedURIType_): - """The urn:oasis:names:tc:SAML:metadata:rpi:RegistrationPolicy element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:RegistrationPolicy element""" - c_tag = 'RegistrationPolicy' + c_tag = "RegistrationPolicy" c_namespace = NAMESPACE c_children = md.LocalizedURIType_.c_children.copy() c_attributes = md.LocalizedURIType_.c_attributes.copy() @@ -28,9 +28,9 @@ def registration_policy_from_string(xml_string): class UsagePolicy(md.LocalizedURIType_): - """The urn:oasis:names:tc:SAML:metadata:rpi:UsagePolicy element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:UsagePolicy element""" - c_tag = 'UsagePolicy' + c_tag = "UsagePolicy" c_namespace = NAMESPACE c_children = md.LocalizedURIType_.c_children.copy() c_attributes = md.LocalizedURIType_.c_attributes.copy() @@ -43,29 +43,30 @@ def usage_policy_from_string(xml_string): class PublicationType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationType element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationType element""" - c_tag = 'PublicationType' + c_tag = "PublicationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['publisher'] = ('publisher', 'string', True) - c_attributes['creationInstant'] = ('creation_instant', 'dateTime', False) - c_attributes['publicationId'] = ('publication_id', 'string', False) - - def __init__(self, - publisher=None, - creation_instant=None, - publication_id=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["publisher"] = ("publisher", "string", True) + c_attributes["creationInstant"] = ("creation_instant", "dateTime", False) + c_attributes["publicationId"] = ("publication_id", "string", False) + + def __init__( + self, + publisher=None, + creation_instant=None, + publication_id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.publisher = publisher self.creation_instant = creation_instant self.publication_id = publication_id @@ -76,34 +77,35 @@ def publication_type__from_string(xml_string): class RegistrationInfoType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:rpi:RegistrationInfoType element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:RegistrationInfoType element""" - c_tag = 'RegistrationInfoType' + c_tag = "RegistrationInfoType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:metadata:rpi}RegistrationPolicy'] = ( - 'registration_policy', [RegistrationPolicy]) - c_cardinality['registration_policy'] = {"min": 0} - c_attributes['registrationAuthority'] = ( - 'registration_authority', 'string', True) - c_attributes['registrationInstant'] = ( - 'registration_instant', 'dateTime', False) - c_child_order.extend(['registration_policy']) - - def __init__(self, - registration_policy=None, - registration_authority=None, - registration_instant=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:metadata:rpi}RegistrationPolicy"] = ( + "registration_policy", + [RegistrationPolicy], + ) + c_cardinality["registration_policy"] = {"min": 0} + c_attributes["registrationAuthority"] = ("registration_authority", "string", True) + c_attributes["registrationInstant"] = ("registration_instant", "dateTime", False) + c_child_order.extend(["registration_policy"]) + + def __init__( + self, + registration_policy=None, + registration_authority=None, + registration_instant=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.registration_policy = registration_policy or [] self.registration_authority = registration_authority self.registration_instant = registration_instant @@ -114,34 +116,34 @@ def registration_info_type__from_string(xml_string): class PublicationInfoType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationInfoType element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationInfoType element""" - c_tag = 'PublicationInfoType' + c_tag = "PublicationInfoType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:metadata:rpi}UsagePolicy'] = ( - 'usage_policy', [UsagePolicy]) - c_cardinality['usage_policy'] = {"min": 0} - c_attributes['publisher'] = ('publisher', 'string', True) - c_attributes['creationInstant'] = ('creation_instant', 'dateTime', False) - c_attributes['publicationId'] = ('publication_id', 'string', False) - c_child_order.extend(['usage_policy']) - - def __init__(self, - usage_policy=None, - publisher=None, - creation_instant=None, - publication_id=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:metadata:rpi}UsagePolicy"] = ("usage_policy", [UsagePolicy]) + c_cardinality["usage_policy"] = {"min": 0} + c_attributes["publisher"] = ("publisher", "string", True) + c_attributes["creationInstant"] = ("creation_instant", "dateTime", False) + c_attributes["publicationId"] = ("publication_id", "string", False) + c_child_order.extend(["usage_policy"]) + + def __init__( + self, + usage_policy=None, + publisher=None, + creation_instant=None, + publication_id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.usage_policy = usage_policy or [] self.publisher = publisher self.creation_instant = creation_instant @@ -153,9 +155,9 @@ def publication_info_type__from_string(xml_string): class Publication(PublicationType_): - """The urn:oasis:names:tc:SAML:metadata:rpi:Publication element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:Publication element""" - c_tag = 'Publication' + c_tag = "Publication" c_namespace = NAMESPACE c_children = PublicationType_.c_children.copy() c_attributes = PublicationType_.c_attributes.copy() @@ -168,9 +170,9 @@ def publication_from_string(xml_string): class RegistrationInfo(RegistrationInfoType_): - """The urn:oasis:names:tc:SAML:metadata:rpi:RegistrationInfo element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:RegistrationInfo element""" - c_tag = 'RegistrationInfo' + c_tag = "RegistrationInfo" c_namespace = NAMESPACE c_children = RegistrationInfoType_.c_children.copy() c_attributes = RegistrationInfoType_.c_attributes.copy() @@ -183,9 +185,9 @@ def registration_info_from_string(xml_string): class PublicationInfo(PublicationInfoType_): - """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationInfo element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationInfo element""" - c_tag = 'PublicationInfo' + c_tag = "PublicationInfo" c_namespace = NAMESPACE c_children = PublicationInfoType_.c_children.copy() c_attributes = PublicationInfoType_.c_attributes.copy() @@ -198,28 +200,22 @@ def publication_info_from_string(xml_string): class PublicationPathType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationPathType element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationPathType element""" - c_tag = 'PublicationPathType' + c_tag = "PublicationPathType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:metadata:rpi}Publication'] = ( - 'publication', [Publication]) - c_cardinality['publication'] = {"min": 0} - c_child_order.extend(['publication']) - - def __init__(self, - publication=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:metadata:rpi}Publication"] = ("publication", [Publication]) + c_cardinality["publication"] = {"min": 0} + c_child_order.extend(["publication"]) + + def __init__(self, publication=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.publication = publication or [] @@ -228,9 +224,9 @@ def publication_path_type__from_string(xml_string): class PublicationPath(PublicationPathType_): - """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationPath element """ + """The urn:oasis:names:tc:SAML:metadata:rpi:PublicationPath element""" - c_tag = 'PublicationPath' + c_tag = "PublicationPath" c_namespace = NAMESPACE c_children = PublicationPathType_.c_children.copy() c_attributes = PublicationPathType_.c_attributes.copy() @@ -256,19 +252,18 @@ def publication_path_from_string(xml_string): } ELEMENT_BY_TAG = { - 'RegistrationInfo': RegistrationInfo, - 'RegistrationInfoType': RegistrationInfoType_, - 'RegistrationPolicy': RegistrationPolicy, - 'PublicationInfo': PublicationInfo, - 'PublicationInfoType': PublicationInfoType_, - 'UsagePolicy': UsagePolicy, - 'PublicationPath': PublicationPath, - 'PublicationPathType': PublicationPathType_, - 'Publication': Publication, - 'PublicationType': PublicationType_, + "RegistrationInfo": RegistrationInfo, + "RegistrationInfoType": RegistrationInfoType_, + "RegistrationPolicy": RegistrationPolicy, + "PublicationInfo": PublicationInfo, + "PublicationInfoType": PublicationInfoType_, + "UsagePolicy": UsagePolicy, + "PublicationPath": PublicationPath, + "PublicationPathType": PublicationPathType_, + "Publication": Publication, + "PublicationType": PublicationType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/extension/mdui.py b/src/saml2/extension/mdui.py index b27933c9a..6ed0b636d 100644 --- a/src/saml2/extension/mdui.py +++ b/src/saml2/extension/mdui.py @@ -6,16 +6,16 @@ import saml2 from saml2 import SamlBase - from saml2 import md -NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:ui' + +NAMESPACE = "urn:oasis:names:tc:SAML:metadata:ui" class DisplayName(md.LocalizedNameType_): - """The urn:oasis:names:tc:SAML:metadata:ui:DisplayName element """ + """The urn:oasis:names:tc:SAML:metadata:ui:DisplayName element""" - c_tag = 'DisplayName' + c_tag = "DisplayName" c_namespace = NAMESPACE c_children = md.LocalizedNameType_.c_children.copy() c_attributes = md.LocalizedNameType_.c_attributes.copy() @@ -28,9 +28,9 @@ def display_name_from_string(xml_string): class Description(md.LocalizedNameType_): - """The urn:oasis:names:tc:SAML:metadata:ui:Description element """ + """The urn:oasis:names:tc:SAML:metadata:ui:Description element""" - c_tag = 'Description' + c_tag = "Description" c_namespace = NAMESPACE c_children = md.LocalizedNameType_.c_children.copy() c_attributes = md.LocalizedNameType_.c_attributes.copy() @@ -43,9 +43,9 @@ def description_from_string(xml_string): class InformationURL(md.LocalizedURIType_): - """The urn:oasis:names:tc:SAML:metadata:ui:InformationURL element """ + """The urn:oasis:names:tc:SAML:metadata:ui:InformationURL element""" - c_tag = 'InformationURL' + c_tag = "InformationURL" c_namespace = NAMESPACE c_children = md.LocalizedURIType_.c_children.copy() c_attributes = md.LocalizedURIType_.c_attributes.copy() @@ -58,9 +58,9 @@ def information_url_from_string(xml_string): class PrivacyStatementURL(md.LocalizedURIType_): - """The urn:oasis:names:tc:SAML:metadata:ui:PrivacyStatementURL element """ + """The urn:oasis:names:tc:SAML:metadata:ui:PrivacyStatementURL element""" - c_tag = 'PrivacyStatementURL' + c_tag = "PrivacyStatementURL" c_namespace = NAMESPACE c_children = md.LocalizedURIType_.c_children.copy() c_attributes = md.LocalizedURIType_.c_attributes.copy() @@ -73,11 +73,11 @@ def privacy_statement_url_from_string(xml_string): class ListOfStrings_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:ui:listOfStrings element """ + """The urn:oasis:names:tc:SAML:metadata:ui:listOfStrings element""" - c_tag = 'listOfStrings' + c_tag = "listOfStrings" c_namespace = NAMESPACE - c_value_type = {'member': 'string', 'base': 'list'} + c_value_type = {"member": "string", "base": "list"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -89,26 +89,20 @@ def list_of_strings__from_string(xml_string): class KeywordsType_(ListOfStrings_): - """The urn:oasis:names:tc:SAML:metadata:ui:KeywordsType element """ + """The urn:oasis:names:tc:SAML:metadata:ui:KeywordsType element""" - c_tag = 'KeywordsType' + c_tag = "KeywordsType" c_namespace = NAMESPACE c_children = ListOfStrings_.c_children.copy() c_attributes = ListOfStrings_.c_attributes.copy() c_child_order = ListOfStrings_.c_child_order[:] c_cardinality = ListOfStrings_.c_cardinality.copy() - c_attributes['{http://www.w3.org/XML/1998/namespace}lang'] = ( - 'lang', 'mdui:listOfStrings', True) - - def __init__(self, - lang=None, - text=None, - extension_elements=None, - extension_attributes=None): - ListOfStrings_.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["{http://www.w3.org/XML/1998/namespace}lang"] = ("lang", "mdui:listOfStrings", True) + + def __init__(self, lang=None, text=None, extension_elements=None, extension_attributes=None): + ListOfStrings_.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.lang = lang @@ -117,31 +111,25 @@ def keywords_type__from_string(xml_string): class LogoType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:ui:LogoType element """ + """The urn:oasis:names:tc:SAML:metadata:ui:LogoType element""" - c_tag = 'LogoType' + c_tag = "LogoType" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['height'] = ('height', 'positiveInteger', True) - c_attributes['width'] = ('width', 'positiveInteger', True) - c_attributes['{http://www.w3.org/XML/1998/namespace}lang'] = ( - 'lang', 'anyURI', False) - - def __init__(self, - height=None, - width=None, - lang=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["height"] = ("height", "positiveInteger", True) + c_attributes["width"] = ("width", "positiveInteger", True) + c_attributes["{http://www.w3.org/XML/1998/namespace}lang"] = ("lang", "anyURI", False) + + def __init__( + self, height=None, width=None, lang=None, text=None, extension_elements=None, extension_attributes=None + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.height = height self.width = width self.lang = lang @@ -152,11 +140,11 @@ def logo_type__from_string(xml_string): class IPHint(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:ui:IPHint element """ + """The urn:oasis:names:tc:SAML:metadata:ui:IPHint element""" - c_tag = 'IPHint' + c_tag = "IPHint" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -168,11 +156,11 @@ def ip_hint_from_string(xml_string): class DomainHint(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:ui:DomainHint element """ + """The urn:oasis:names:tc:SAML:metadata:ui:DomainHint element""" - c_tag = 'DomainHint' + c_tag = "DomainHint" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -184,11 +172,11 @@ def domain_hint_from_string(xml_string): class GeolocationHint(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:ui:GeolocationHint element """ + """The urn:oasis:names:tc:SAML:metadata:ui:GeolocationHint element""" - c_tag = 'GeolocationHint' + c_tag = "GeolocationHint" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -200,9 +188,9 @@ def geolocation_hint_from_string(xml_string): class Keywords(KeywordsType_): - """The urn:oasis:names:tc:SAML:metadata:ui:Keywords element """ + """The urn:oasis:names:tc:SAML:metadata:ui:Keywords element""" - c_tag = 'Keywords' + c_tag = "Keywords" c_namespace = NAMESPACE c_children = KeywordsType_.c_children.copy() c_attributes = KeywordsType_.c_attributes.copy() @@ -215,9 +203,9 @@ def keywords_from_string(xml_string): class Logo(LogoType_): - """The urn:oasis:names:tc:SAML:metadata:ui:Logo element """ + """The urn:oasis:names:tc:SAML:metadata:ui:Logo element""" - c_tag = 'Logo' + c_tag = "Logo" c_namespace = NAMESPACE c_children = LogoType_.c_children.copy() c_attributes = LogoType_.c_attributes.copy() @@ -230,36 +218,34 @@ def logo_from_string(xml_string): class DiscoHintsType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:ui:DiscoHintsType element """ + """The urn:oasis:names:tc:SAML:metadata:ui:DiscoHintsType element""" - c_tag = 'DiscoHintsType' + c_tag = "DiscoHintsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:metadata:ui}IPHint'] = ( - 'ip_hint', [IPHint]) - c_cardinality['ip_hint'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:metadata:ui}DomainHint'] = ( - 'domain_hint', [DomainHint]) - c_cardinality['domain_hint'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:metadata:ui}GeolocationHint'] = ( - 'geolocation_hint', [GeolocationHint]) - c_cardinality['geolocation_hint'] = {"min": 0} - c_child_order.extend(['ip_hint', 'domain_hint', 'geolocation_hint']) - - def __init__(self, - ip_hint=None, - domain_hint=None, - geolocation_hint=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:metadata:ui}IPHint"] = ("ip_hint", [IPHint]) + c_cardinality["ip_hint"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}DomainHint"] = ("domain_hint", [DomainHint]) + c_cardinality["domain_hint"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}GeolocationHint"] = ("geolocation_hint", [GeolocationHint]) + c_cardinality["geolocation_hint"] = {"min": 0} + c_child_order.extend(["ip_hint", "domain_hint", "geolocation_hint"]) + + def __init__( + self, + ip_hint=None, + domain_hint=None, + geolocation_hint=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.ip_hint = ip_hint or [] self.domain_hint = domain_hint or [] self.geolocation_hint = geolocation_hint or [] @@ -270,49 +256,48 @@ def disco_hints_type__from_string(xml_string): class UIInfoType_(SamlBase): - """The urn:oasis:names:tc:SAML:metadata:ui:UIInfoType element """ + """The urn:oasis:names:tc:SAML:metadata:ui:UIInfoType element""" - c_tag = 'UIInfoType' + c_tag = "UIInfoType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:metadata:ui}DisplayName'] = ( - 'display_name', [DisplayName]) - c_cardinality['display_name'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:metadata:ui}Description'] = ( - 'description', [Description]) - c_cardinality['description'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:metadata:ui}Keywords'] = ( - 'keywords', [Keywords]) - c_cardinality['keywords'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:metadata:ui}Logo'] = ('logo', [Logo]) - c_cardinality['logo'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:metadata:ui}InformationURL'] = ( - 'information_url', [InformationURL]) - c_cardinality['information_url'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:metadata:ui}PrivacyStatementURL'] = ( - 'privacy_statement_url', [PrivacyStatementURL]) - c_cardinality['privacy_statement_url'] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}DisplayName"] = ("display_name", [DisplayName]) + c_cardinality["display_name"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}Description"] = ("description", [Description]) + c_cardinality["description"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}Keywords"] = ("keywords", [Keywords]) + c_cardinality["keywords"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}Logo"] = ("logo", [Logo]) + c_cardinality["logo"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}InformationURL"] = ("information_url", [InformationURL]) + c_cardinality["information_url"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:metadata:ui}PrivacyStatementURL"] = ( + "privacy_statement_url", + [PrivacyStatementURL], + ) + c_cardinality["privacy_statement_url"] = {"min": 0} c_child_order.extend( - ['display_name', 'description', 'keywords', 'logo', 'information_url', - 'privacy_statement_url']) - - def __init__(self, - display_name=None, - description=None, - keywords=None, - logo=None, - information_url=None, - privacy_statement_url=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + ["display_name", "description", "keywords", "logo", "information_url", "privacy_statement_url"] + ) + + def __init__( + self, + display_name=None, + description=None, + keywords=None, + logo=None, + information_url=None, + privacy_statement_url=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.display_name = display_name or [] self.description = description or [] self.keywords = keywords or [] @@ -326,9 +311,9 @@ def ui_info_type__from_string(xml_string): class DiscoHints(DiscoHintsType_): - """The urn:oasis:names:tc:SAML:metadata:ui:DiscoHints element """ + """The urn:oasis:names:tc:SAML:metadata:ui:DiscoHints element""" - c_tag = 'DiscoHints' + c_tag = "DiscoHints" c_namespace = NAMESPACE c_children = DiscoHintsType_.c_children.copy() c_attributes = DiscoHintsType_.c_attributes.copy() @@ -341,9 +326,9 @@ def disco_hints_from_string(xml_string): class UIInfo(UIInfoType_): - """The urn:oasis:names:tc:SAML:metadata:ui:UIInfo element """ + """The urn:oasis:names:tc:SAML:metadata:ui:UIInfo element""" - c_tag = 'UIInfo' + c_tag = "UIInfo" c_namespace = NAMESPACE c_children = UIInfoType_.c_children.copy() c_attributes = UIInfoType_.c_attributes.copy() @@ -375,22 +360,22 @@ def ui_info_from_string(xml_string): } ELEMENT_BY_TAG = { - 'UIInfo': UIInfo, - 'UIInfoType': UIInfoType_, - 'DisplayName': DisplayName, - 'Description': Description, - 'InformationURL': InformationURL, - 'PrivacyStatementURL': PrivacyStatementURL, - 'Keywords': Keywords, - 'KeywordsType': KeywordsType_, - 'listOfStrings': ListOfStrings_, - 'Logo': Logo, - 'LogoType': LogoType_, - 'DiscoHints': DiscoHints, - 'DiscoHintsType': DiscoHintsType_, - 'IPHint': IPHint, - 'DomainHint': DomainHint, - 'GeolocationHint': GeolocationHint, + "UIInfo": UIInfo, + "UIInfoType": UIInfoType_, + "DisplayName": DisplayName, + "Description": Description, + "InformationURL": InformationURL, + "PrivacyStatementURL": PrivacyStatementURL, + "Keywords": Keywords, + "KeywordsType": KeywordsType_, + "listOfStrings": ListOfStrings_, + "Logo": Logo, + "LogoType": LogoType_, + "DiscoHints": DiscoHints, + "DiscoHintsType": DiscoHintsType_, + "IPHint": IPHint, + "DomainHint": DomainHint, + "GeolocationHint": GeolocationHint, } diff --git a/src/saml2/extension/pefim.py b/src/saml2/extension/pefim.py index 4212519f4..5aeeb253e 100644 --- a/src/saml2/extension/pefim.py +++ b/src/saml2/extension/pefim.py @@ -4,35 +4,36 @@ from saml2 import SamlBase from saml2.xmldsig import KeyInfo -NAMESPACE = 'urn:net:eustix:names:tc:PEFIM:0.0:assertion' + +NAMESPACE = "urn:net:eustix:names:tc:PEFIM:0.0:assertion" class SPCertEncType_(SamlBase): - """The urn:net:eustix:names:tc:PEFIM:0.0:assertion:SPCertEncType element """ + """The urn:net:eustix:names:tc:PEFIM:0.0:assertion:SPCertEncType element""" - c_tag = 'SPCertEncType' + c_tag = "SPCertEncType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ('key_info', - [KeyInfo]) - c_cardinality['key_info'] = {"min": 1} - c_attributes['VerifyDepth'] = ('verify_depth', 'unsignedByte', False) - c_child_order.extend(['key_info']) - - def __init__(self, - key_info=None, - x509_data=None, - verify_depth='1', - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyInfo"] = ("key_info", [KeyInfo]) + c_cardinality["key_info"] = {"min": 1} + c_attributes["VerifyDepth"] = ("verify_depth", "unsignedByte", False) + c_child_order.extend(["key_info"]) + + def __init__( + self, + key_info=None, + x509_data=None, + verify_depth="1", + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) if key_info: self.key_info = key_info elif x509_data: @@ -40,7 +41,7 @@ def __init__(self, else: self.key_info = [] self.verify_depth = verify_depth - #self.x509_data = x509_data + # self.x509_data = x509_data def spcertenc_type__from_string(xml_string): @@ -48,9 +49,9 @@ def spcertenc_type__from_string(xml_string): class SPCertEnc(SPCertEncType_): - """The urn:net:eustix:names:tc:PEFIM:0.0:assertion:SPCertEnc element """ + """The urn:net:eustix:names:tc:PEFIM:0.0:assertion:SPCertEnc element""" - c_tag = 'SPCertEnc' + c_tag = "SPCertEnc" c_namespace = NAMESPACE c_children = SPCertEncType_.c_children.copy() c_attributes = SPCertEncType_.c_attributes.copy() @@ -68,10 +69,10 @@ def spcertenc_from_string(xml_string): } ELEMENT_BY_TAG = { - 'SPCertEnc': SPCertEnc, - 'SPCertEncType': SPCertEncType_, + "SPCertEnc": SPCertEnc, + "SPCertEncType": SPCertEncType_, } def factory(tag, **kwargs): - return ELEMENT_BY_TAG[tag](**kwargs) \ No newline at end of file + return ELEMENT_BY_TAG[tag](**kwargs) diff --git a/src/saml2/extension/reqinit.py b/src/saml2/extension/reqinit.py index 58ccc131d..c67423588 100644 --- a/src/saml2/extension/reqinit.py +++ b/src/saml2/extension/reqinit.py @@ -5,17 +5,17 @@ # import saml2 - from saml2 import md -NAMESPACE = 'urn:oasis:names:tc:SAML:profiles:SSO:request-init' + +NAMESPACE = "urn:oasis:names:tc:SAML:profiles:SSO:request-init" class RequestInitiator(md.EndpointType_): """The urn:oasis:names:tc:SAML:profiles:SSO:request-init:RequestInitiator - element """ + element""" - c_tag = 'RequestInitiator' + c_tag = "RequestInitiator" c_namespace = NAMESPACE c_children = md.EndpointType_.c_children.copy() c_attributes = md.EndpointType_.c_attributes.copy() @@ -32,10 +32,9 @@ def request_initiator_from_string(xml_string): } ELEMENT_BY_TAG = { - 'RequestInitiator': RequestInitiator, + "RequestInitiator": RequestInitiator, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/extension/requested_attributes.py b/src/saml2/extension/requested_attributes.py index 3d574f15a..e12ae8648 100644 --- a/src/saml2/extension/requested_attributes.py +++ b/src/saml2/extension/requested_attributes.py @@ -6,108 +6,119 @@ import saml2 from saml2 import SamlBase - from saml2 import saml -NAMESPACE = 'http://eidas.europa.eu/saml-extensions' +NAMESPACE = "http://eidas.europa.eu/saml-extensions" + class RequestedAttributeType_(SamlBase): - """The http://eidas.europa.eu/saml-extensions:RequestedAttributeType element """ + """The http://eidas.europa.eu/saml-extensions:RequestedAttributeType element""" - c_tag = 'RequestedAttributeType' + c_tag = "RequestedAttributeType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AttributeValue'] = ('attribute_value', [saml.AttributeValue]) - c_cardinality['attribute_value'] = {"min":0} - c_attributes['Name'] = ('name', 'None', True) - c_attributes['NameFormat'] = ('name_format', 'None', True) - c_attributes['FriendlyName'] = ('friendly_name', 'None', False) - c_attributes['isRequired'] = ('is_required', 'None', False) - c_child_order.extend(['attribute_value']) - - def __init__(self, - attribute_value=None, - name=None, - name_format=None, - friendly_name=None, - is_required=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.attribute_value=attribute_value or [] - self.name=name - self.name_format=name_format - self.friendly_name=friendly_name - self.is_required=is_required + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AttributeValue"] = ("attribute_value", [saml.AttributeValue]) + c_cardinality["attribute_value"] = {"min": 0} + c_attributes["Name"] = ("name", "None", True) + c_attributes["NameFormat"] = ("name_format", "None", True) + c_attributes["FriendlyName"] = ("friendly_name", "None", False) + c_attributes["isRequired"] = ("is_required", "None", False) + c_child_order.extend(["attribute_value"]) + + def __init__( + self, + attribute_value=None, + name=None, + name_format=None, + friendly_name=None, + is_required=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.attribute_value = attribute_value or [] + self.name = name + self.name_format = name_format + self.friendly_name = friendly_name + self.is_required = is_required + def requested_attribute_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestedAttributeType_, xml_string) class RequestedAttribute(RequestedAttributeType_): - """The http://eidas.europa.eu/saml-extensions:RequestedAttribute element """ + """The http://eidas.europa.eu/saml-extensions:RequestedAttribute element""" - c_tag = 'RequestedAttribute' + c_tag = "RequestedAttribute" c_namespace = NAMESPACE c_children = RequestedAttributeType_.c_children.copy() c_attributes = RequestedAttributeType_.c_attributes.copy() c_child_order = RequestedAttributeType_.c_child_order[:] c_cardinality = RequestedAttributeType_.c_cardinality.copy() + def requested_attribute_from_string(xml_string): return saml2.create_class_from_xml_string(RequestedAttribute, xml_string) class RequestedAttributesType_(SamlBase): - """The http://eidas.europa.eu/saml-extensions:RequestedAttributesType element """ + """The http://eidas.europa.eu/saml-extensions:RequestedAttributesType element""" - c_tag = 'RequestedAttributesType' + c_tag = "RequestedAttributesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://eidas.europa.eu/saml-extensions}RequestedAttribute'] = ('requested_attribute', [RequestedAttribute]) - c_cardinality['requested_attribute'] = {"min":0} - c_child_order.extend(['requested_attribute']) - - def __init__(self, - requested_attribute=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.requested_attribute=requested_attribute or [] + c_children["{http://eidas.europa.eu/saml-extensions}RequestedAttribute"] = ( + "requested_attribute", + [RequestedAttribute], + ) + c_cardinality["requested_attribute"] = {"min": 0} + c_child_order.extend(["requested_attribute"]) + + def __init__( + self, + requested_attribute=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.requested_attribute = requested_attribute or [] + def requested_attributes_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestedAttributesType_, xml_string) class RequestedAttributes(RequestedAttributesType_): - """The http://eidas.europa.eu/saml-extensions:RequestedAttributes element """ + """The http://eidas.europa.eu/saml-extensions:RequestedAttributes element""" - c_tag = 'RequestedAttributes' + c_tag = "RequestedAttributes" c_namespace = NAMESPACE c_children = RequestedAttributesType_.c_children.copy() c_attributes = RequestedAttributesType_.c_attributes.copy() c_child_order = RequestedAttributesType_.c_child_order[:] c_cardinality = RequestedAttributesType_.c_cardinality.copy() + def requested_attributes_from_string(xml_string): return saml2.create_class_from_xml_string(RequestedAttributes, xml_string) @@ -120,10 +131,10 @@ def requested_attributes_from_string(xml_string): } ELEMENT_BY_TAG = { - 'RequestedAttributes': RequestedAttributes, - 'RequestedAttributesType': RequestedAttributesType_, - 'RequestedAttribute': RequestedAttribute, - 'RequestedAttributeType': RequestedAttributeType_, + "RequestedAttributes": RequestedAttributes, + "RequestedAttributesType": RequestedAttributesType_, + "RequestedAttribute": RequestedAttribute, + "RequestedAttributeType": RequestedAttributeType_, } diff --git a/src/saml2/extension/shibmd.py b/src/saml2/extension/shibmd.py index de6e3fb76..86a1cf54e 100644 --- a/src/saml2/extension/shibmd.py +++ b/src/saml2/extension/shibmd.py @@ -8,30 +8,26 @@ from saml2 import SamlBase from saml2 import xmldsig as ds -NAMESPACE = 'urn:mace:shibboleth:metadata:1.0' + +NAMESPACE = "urn:mace:shibboleth:metadata:1.0" class Scope(SamlBase): - """The urn:mace:shibboleth:metadata:1.0:Scope element """ + """The urn:mace:shibboleth:metadata:1.0:Scope element""" - c_tag = 'Scope' + c_tag = "Scope" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['regexp'] = ('regexp', 'boolean', False) - - def __init__(self, - regexp='false', - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["regexp"] = ("regexp", "boolean", False) + + def __init__(self, regexp="false", text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.regexp = regexp @@ -40,30 +36,23 @@ def scope_from_string(xml_string): class KeyAuthority(SamlBase): - """The urn:mace:shibboleth:metadata:1.0:KeyAuthority element """ + """The urn:mace:shibboleth:metadata:1.0:KeyAuthority element""" - c_tag = 'KeyAuthority' + c_tag = "KeyAuthority" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ('key_info', - [ds.KeyInfo]) - c_cardinality['key_info'] = {"min": 1} - c_attributes['VerifyDepth'] = ('verify_depth', 'unsignedByte', False) - c_child_order.extend(['key_info']) - - def __init__(self, - key_info=None, - verify_depth='1', - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyInfo"] = ("key_info", [ds.KeyInfo]) + c_cardinality["key_info"] = {"min": 1} + c_attributes["VerifyDepth"] = ("verify_depth", "unsignedByte", False) + c_child_order.extend(["key_info"]) + + def __init__(self, key_info=None, verify_depth="1", text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.key_info = key_info or [] self.verify_depth = verify_depth @@ -78,8 +67,8 @@ def key_authority_from_string(xml_string): } ELEMENT_BY_TAG = { - 'Scope': Scope, - 'KeyAuthority': KeyAuthority, + "Scope": Scope, + "KeyAuthority": KeyAuthority, } diff --git a/src/saml2/extension/sp_type.py b/src/saml2/extension/sp_type.py index 8ffb2ceaf..6ecafdc01 100644 --- a/src/saml2/extension/sp_type.py +++ b/src/saml2/extension/sp_type.py @@ -8,33 +8,36 @@ from saml2 import SamlBase -NAMESPACE = 'http://eidas.europa.eu/saml-extensions' +NAMESPACE = "http://eidas.europa.eu/saml-extensions" + class SPTypeType_(SamlBase): - """The http://eidas.europa.eu/saml-extensions:SPTypeType element """ + """The http://eidas.europa.eu/saml-extensions:SPTypeType element""" - c_tag = 'SPTypeType' + c_tag = "SPTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'xsd:string', 'enumeration': ['public', 'private']} + c_value_type = {"base": "xsd:string", "enumeration": ["public", "private"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def sp_type_type__from_string(xml_string): return saml2.create_class_from_xml_string(SPTypeType_, xml_string) class SPType(SPTypeType_): - """The http://eidas.europa.eu/saml-extensions:SPType element """ + """The http://eidas.europa.eu/saml-extensions:SPType element""" - c_tag = 'SPType' + c_tag = "SPType" c_namespace = NAMESPACE c_children = SPTypeType_.c_children.copy() c_attributes = SPTypeType_.c_attributes.copy() c_child_order = SPTypeType_.c_child_order[:] c_cardinality = SPTypeType_.c_cardinality.copy() + def sp_type_from_string(xml_string): return saml2.create_class_from_xml_string(SPType, xml_string) @@ -45,8 +48,8 @@ def sp_type_from_string(xml_string): } ELEMENT_BY_TAG = { - 'SPType': SPType, - 'SPTypeType': SPTypeType_, + "SPType": SPType, + "SPTypeType": SPTypeType_, } diff --git a/src/saml2/filter.py b/src/saml2/filter.py index 924cc3345..849cfe5d1 100644 --- a/src/saml2/filter.py +++ b/src/saml2/filter.py @@ -1,6 +1,7 @@ -__author__ = 'roland' +__author__ = "roland" -class Filter(object): + +class Filter: def __init__(self): pass @@ -15,7 +16,7 @@ def __init__(self, allow): :param allow: List of allowed descriptors :return: """ - super(AllowDescriptor, self).__init__() + super().__init__() self.allow = allow def __call__(self, entity_descriptor): @@ -32,4 +33,4 @@ def __call__(self, entity_descriptor): if not _all: return None else: - return entity_descriptor + return entity_descriptor diff --git a/src/saml2/httpbase.py b/src/saml2/httpbase.py index f83936396..5a1d99261 100644 --- a/src/saml2/httpbase.py +++ b/src/saml2/httpbase.py @@ -1,19 +1,20 @@ import calendar -import six -from six.moves import http_cookiejar import copy +import http.cookiejar as http_cookiejar +from http.cookies import SimpleCookie +import logging import re -from six.moves.urllib.parse import urlparse -from six.moves.urllib.parse import urlencode -import requests import time -from six.moves.http_cookies import SimpleCookie -from saml2.time_util import utc_now -from saml2 import class_name, SAMLError -from saml2.pack import http_post_message +from urllib.parse import urlencode +from urllib.parse import urlparse + +import requests + +from saml2 import SAMLError +from saml2 import class_name from saml2.pack import make_soap_enveloped_saml_thingy +from saml2.time_util import utc_now -import logging logger = logging.getLogger(__name__) @@ -22,32 +23,30 @@ else: DICT_HEADERS = True -__author__ = 'rolandh' - -ATTRS = {"version": None, - "name": "", - "value": None, - "port": None, - "port_specified": False, - "domain": "", - "domain_specified": False, - "domain_initial_dot": False, - "path": "", - "path_specified": False, - "secure": False, - "expires": None, - "discard": True, - "comment": None, - "comment_url": None, - "rest": "", - "rfc2109": True} - -PAIRS = { - "port": "port_specified", - "domain": "domain_specified", - "path": "path_specified" +__author__ = "rolandh" + +ATTRS = { + "version": None, + "name": "", + "value": None, + "port": None, + "port_specified": False, + "domain": "", + "domain_specified": False, + "domain_initial_dot": False, + "path": "", + "path_specified": False, + "secure": False, + "expires": None, + "discard": True, + "comment": None, + "comment_url": None, + "rest": "", + "rfc2109": True, } +PAIRS = {"port": "port_specified", "domain": "domain_specified", "path": "path_specified"} + class ConnectionError(SAMLError): pass @@ -57,8 +56,7 @@ class HTTPError(SAMLError): pass -TIME_FORMAT = ["%d-%b-%Y %H:%M:%S %Z", "%d-%b-%y %H:%M:%S %Z", - "%d %b %Y %H:%M:%S %Z"] +TIME_FORMAT = ["%d-%b-%Y %H:%M:%S %Z", "%d-%b-%y %H:%M:%S %Z", "%d %b %Y %H:%M:%S %Z"] def _since_epoch(cdate): @@ -71,20 +69,18 @@ def _since_epoch(cdate): if len(cdate) < 5: return utc_now() - cdate = cdate[5:] # assume short weekday, i.e. do not support obsolete RFC 1036 date format + cdate = cdate[5:] # assume short weekday, i.e. do not support obsolete RFC 1036 date format t = -1 - for time_format in TIME_FORMAT : + for time_format in TIME_FORMAT: try: - t = time.strptime(cdate, time_format) # e.g. 18-Apr-2014 12:30:51 GMT + t = time.strptime(cdate, time_format) # e.g. 18-Apr-2014 12:30:51 GMT except ValueError: pass else: break if t == -1: - err = 'ValueError: Date "{0}" does not match any of: {1}'.format( - cdate, TIME_FORMAT - ) + err = f'ValueError: Date "{cdate}" does not match any of: {TIME_FORMAT}' raise Exception(err) return calendar.timegm(t) @@ -98,11 +94,10 @@ def dict2set_list(dic): return [(k, v) for k, v in dic.items()] -class HTTPBase(object): - def __init__(self, verify=True, ca_bundle=None, key_file=None, - cert_file=None): +class HTTPBase: + def __init__(self, verify=True, ca_bundle=None, key_file=None, cert_file=None, http_client_timeout=None): self.request_args = {"allow_redirects": False} - #self.cookies = {} + # self.cookies = {} self.cookiejar = http_cookiejar.CookieJar() self.request_args["verify"] = verify @@ -111,6 +106,7 @@ def __init__(self, verify=True, ca_bundle=None, key_file=None, self.request_args["verify"] = ca_bundle if key_file: self.request_args["cert"] = (cert_file, key_file) + self.request_args["timeout"] = http_client_timeout self.sec = None self.user = None @@ -125,9 +121,9 @@ def cookies(self, url): """ part = urlparse(url) - #if part.port: + # if part.port: # _domain = "%s:%s" % (part.hostname, part.port) - #else: + # else: _domain = part.hostname cookie_dict = {} @@ -138,7 +134,7 @@ def cookies(self, url): # print(cookie) if cookie.expires and cookie.expires <= now: continue - if not re.search("%s$" % cookie.domain, _domain): + if not re.search(f"{cookie.domain}$", _domain): continue if not re.match(cookie.path, part.path): continue @@ -197,16 +193,12 @@ def set_cookie(self, kaka, request): if morsel["max-age"] == 0: try: - self.cookiejar.clear(domain=std_attr["domain"], - path=std_attr["path"], - name=std_attr["name"]) + self.cookiejar.clear(domain=std_attr["domain"], path=std_attr["path"], name=std_attr["name"]) except ValueError: pass elif std_attr["expires"] and std_attr["expires"] < utc_now(): try: - self.cookiejar.clear(domain=std_attr["domain"], - path=std_attr["path"], - name=std_attr["name"]) + self.cookiejar.clear(domain=std_attr["domain"], path=std_attr["path"], name=std_attr["name"]) except ValueError: pass else: @@ -241,7 +233,7 @@ def send(self, url, method="GET", **kwargs): r = requests.request(method, url, **_kwargs) logger.debug("Response status: %s", r.status_code) except requests.ConnectionError as exc: - raise ConnectionError("%s" % exc) + raise ConnectionError(f"{exc}") try: self.set_cookie(SimpleCookie(r.headers["set-cookie"]), r) @@ -255,14 +247,10 @@ def send(self, url, method="GET", **kwargs): @staticmethod def use_http_artifact(message, destination="", relay_state=""): if relay_state: - query = urlencode({"SAMLart": message, - "RelayState": relay_state}) + query = urlencode({"SAMLart": message, "RelayState": relay_state}) else: query = urlencode({"SAMLart": message}) - info = { - "data": "", - "url": "%s?%s" % (destination, query) - } + info = {"data": "", "url": f"{destination}?{query}"} return info @staticmethod @@ -277,27 +265,22 @@ def use_http_uri(message, typ, destination="", relay_state=""): "headers": [ ("Content-Type", "application/samlassertion+xml"), ("Cache-Control", "no-cache, no-store"), - ("Pragma", "no-cache") - ] + ("Pragma", "no-cache"), + ], } elif typ == "SAMLRequest": # msg should be an identifier if relay_state: - query = urlencode({"ID": message, - "RelayState": relay_state}) + query = urlencode({"ID": message, "RelayState": relay_state}) else: query = urlencode({"ID": message}) - info = { - "data": "", - "url": "%s?%s" % (destination, query) - } + info = {"data": "", "url": f"{destination}?{query}"} else: raise NotImplementedError return info - def use_soap(self, request, destination="", soap_headers=None, sign=False, - **kwargs): + def use_soap(self, request, destination="", soap_headers=None, sign=False, **kwargs): """ Construct the necessary information for using SOAP+POST @@ -314,13 +297,10 @@ def use_soap(self, request, destination="", soap_headers=None, sign=False, logger.debug("SOAP message: %s", soap_message) if sign and self.sec: - _signed = self.sec.sign_statement(soap_message, - node_name=class_name(request), - node_id=request.id) + _signed = self.sec.sign_statement(soap_message, node_name=class_name(request), node_id=request.id) soap_message = _signed - return {"url": destination, "method": "POST", - "data": soap_message, "headers": headers} + return {"url": destination, "method": "POST", "data": soap_message, "headers": headers} def send_using_soap(self, request, destination, headers=None, sign=False): """ @@ -339,11 +319,11 @@ def send_using_soap(self, request, destination, headers=None, sign=False): args["headers"] = dict(args["headers"]) response = self.send(**args) except Exception as exc: - logger.info("HTTPClient exception: %s", exc) + logger.error("HTTPClient exception: %s", str(exc)) raise if response.status_code == 200: - logger.info("SOAP response: %s", response.text) + logger.debug("SOAP response: %s", response.text) return response else: raise HTTPError("%d:%s" % (response.status_code, response.content)) diff --git a/src/saml2/httputil.py b/src/saml2/httputil.py index dbba7d410..c7abc6fdd 100644 --- a/src/saml2/httputil.py +++ b/src/saml2/httputil.py @@ -1,50 +1,50 @@ import hashlib import hmac +from http.cookies import SimpleCookie import logging import time -import cgi -import six - -from six.moves.urllib.parse import quote, parse_qs -from six.moves.http_cookies import SimpleCookie +from typing import Optional +from urllib.parse import parse_qs +from urllib.parse import quote from saml2 import BINDING_HTTP_ARTIFACT -from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_URI +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP +from saml2 import BINDING_URI from saml2 import SAMLError from saml2 import time_util -__author__ = 'rohe0002' + +__author__ = "rohe0002" logger = logging.getLogger(__name__) -class Response(object): - _template = None - _status = '200 OK' - _content_type = 'text/html' +class Response: + _template: Optional[str] = None + _status = "200 OK" + _content_type = "text/html" _mako_template = None _mako_lookup = None def __init__(self, message=None, **kwargs): - self.status = kwargs.get('status', self._status) - self.response = kwargs.get('response', self._response) - self.template = kwargs.get('template', self._template) - self.mako_template = kwargs.get('mako_template', self._mako_template) - self.mako_lookup = kwargs.get('template_lookup', self._mako_lookup) + self.status = kwargs.get("status", self._status) + self.response = kwargs.get("response", self._response) + self.template = kwargs.get("template", self._template) + self.mako_template = kwargs.get("mako_template", self._mako_template) + self.mako_lookup = kwargs.get("template_lookup", self._mako_lookup) self.message = message - self.headers = kwargs.get('headers', []) - _content_type = kwargs.get('content', self._content_type) + self.headers = kwargs.get("headers", []) + _content_type = kwargs.get("content", self._content_type) addContentType = True for header in self.headers: - if 'content-type' == header[0].lower(): + if "content-type" == header[0].lower(): addContentType = False if addContentType: - self.headers.append(('Content-type', _content_type)) + self.headers.append(("Content-type", _content_type)) def __call__(self, environ, start_response, **kwargs): try: @@ -61,9 +61,9 @@ def _response(self, message="", **argv): mte = self.mako_lookup.get_template(self.mako_template) message = mte.render(**argv) - if isinstance(message, six.string_types): - return [message.encode('utf-8')] - elif isinstance(message, six.binary_type): + if isinstance(message, str): + return [message.encode("utf-8")] + elif isinstance(message, bytes): return [message] else: return message @@ -84,29 +84,33 @@ class Created(Response): class Redirect(Response): - _template = '\nRedirecting to %s\n' \ - '\nYou are being redirected to %s\n' \ - '\n' - _status = '302 Found' + _template = ( + "\nRedirecting to %s\n" + '\nYou are being redirected to %s\n' + "\n" + ) + _status = "302 Found" def __call__(self, environ, start_response, **kwargs): location = self.message - self.headers.append(('location', location)) + self.headers.append(("location", location)) start_response(self.status, self.headers) return self.response((location, location, location)) class SeeOther(Response): - _template = '\nRedirecting to %s\n' \ - '\nYou are being redirected to %s\n' \ - '\n' - _status = '303 See Other' + _template = ( + "\nRedirecting to %s\n" + '\nYou are being redirected to %s\n' + "\n" + ) + _status = "303 See Other" def __call__(self, environ, start_response, **kwargs): location = "" if self.message: location = self.message - self.headers.append(('location', location)) + self.headers.append(("location", location)) else: for param, item in self.headers: if param == "location": @@ -117,7 +121,7 @@ def __call__(self, environ, start_response, **kwargs): class Forbidden(Response): - _status = '403 Forbidden' + _status = "403 Forbidden" _template = "Not allowed to mess with: '%s'" @@ -132,35 +136,36 @@ class Unauthorized(Response): class NotFound(Response): - _status = '404 NOT FOUND' + _status = "404 NOT FOUND" class NotAcceptable(Response): - _status = '406 Not Acceptable' + _status = "406 Not Acceptable" class ServiceError(Response): - _status = '500 Internal Service Error' + _status = "500 Internal Service Error" class NotImplemented(Response): _status = "501 Not Implemented" # override template since we need an environment variable - template = ('The request method %s is not implemented ' - 'for this server.\r\n%s') + template = "The request method %s is not implemented " "for this server.\r\n%s" class BadGateway(Response): _status = "502 Bad Gateway" -class HttpParameters(object): +class HttpParameters: """GET or POST signature parameters for Redirect or POST-SimpleSign bindings because they are not contained in XML unlike the POST binding """ + signature = None sigalg = None # Relaystate and SAML message are stored elsewhere + def __init__(self, dict): try: self.signature = dict["Signature"][0] @@ -176,7 +181,10 @@ def extract(environ, empty=False, err=False): :param empty: Stops on empty fields (default: Fault) :param err: Stops on errors in fields (default: Fault) """ - formdata = cgi.parse(environ['wsgi.input'], environ, empty, err) + input_stream = environ["wsgi.input"] + content_length = int(environ.get("CONTENT_LENGTH", 0)) + input_data = input_stream.read(content_length).decode('utf-8') + formdata = parse_qs(input_data) # Remove single entries from lists for key, value in iter(formdata.items()): if len(value) == 1: @@ -195,41 +203,40 @@ def geturl(environ, query=True, path=True, use_server_name=False): :param use_server_name: If SERVER_NAME/_HOST should be used instead of HTTP_HOST """ - url = [environ['wsgi.url_scheme'] + '://'] + url = [f"{environ['wsgi.url_scheme']}://"] if use_server_name: - url.append(environ['SERVER_NAME']) - if environ['wsgi.url_scheme'] == 'https': - if environ['SERVER_PORT'] != '443': - url.append(':' + environ['SERVER_PORT']) + url.append(environ["SERVER_NAME"]) + if environ["wsgi.url_scheme"] == "https": + if environ["SERVER_PORT"] != "443": + url.append(f":{environ['SERVER_PORT']}") else: - if environ['SERVER_PORT'] != '80': - url.append(':' + environ['SERVER_PORT']) + if environ["SERVER_PORT"] != "80": + url.append(f":{environ['SERVER_PORT']}") else: - url.append(environ['HTTP_HOST']) + url.append(environ["HTTP_HOST"]) if path: url.append(getpath(environ)) - if query and environ.get('QUERY_STRING'): - url.append('?' + environ['QUERY_STRING']) - return ''.join(url) + if query and environ.get("QUERY_STRING"): + url.append(f"?{environ['QUERY_STRING']}") + return "".join(url) def getpath(environ): """Builds a path.""" - return ''.join([quote(environ.get('SCRIPT_NAME', '')), - quote(environ.get('PATH_INFO', ''))]) + return "".join([quote(environ.get("SCRIPT_NAME", "")), quote(environ.get("PATH_INFO", ""))]) def get_post(environ): # the environment variable CONTENT_LENGTH may be empty or missing try: - request_body_size = int(environ.get('CONTENT_LENGTH', 0)) + request_body_size = int(environ.get("CONTENT_LENGTH", 0)) except ValueError: request_body_size = 0 # When the method is POST the query string will be sent # in the HTTP request body which is passed by the WSGI server # in the file like wsgi.input environment variable. - return environ['wsgi.input'].read(request_body_size) + return environ["wsgi.input"].read(request_body_size) def get_response(environ, start_response): @@ -247,13 +254,13 @@ def get_response(environ, start_response): def unpack_redirect(environ): if "QUERY_STRING" in environ: _qs = environ["QUERY_STRING"] - return dict([(k, v[0]) for k, v in parse_qs(_qs).items()]) + return {k: v[0] for k, v in parse_qs(_qs).items()} else: return None def unpack_post(environ): - return dict([(k, v[0]) for k, v in parse_qs(get_post(environ))]) + return {k: v[0] for k, v in parse_qs(get_post(environ))} def unpack_soap(environ): @@ -275,7 +282,7 @@ def unpack_artifact(environ): def unpack_any(environ): - if environ['REQUEST_METHOD'].upper() == 'GET': + if environ["REQUEST_METHOD"].upper() == "GET": # Could be either redirect or artifact _dict = unpack_redirect(environ) if "ID" in _dict: @@ -285,8 +292,8 @@ def unpack_any(environ): else: binding = BINDING_HTTP_REDIRECT else: - content_type = environ.get('CONTENT_TYPE', 'application/soap+xml') - if content_type != 'application/soap+xml': + content_type = environ.get("CONTENT_TYPE", "application/soap+xml") + if content_type != "application/soap+xml": # normal post _dict = unpack_post(environ) if "SAMLart" in _dict: @@ -317,8 +324,7 @@ def cookie_signature(seed, *parts): return sha1.hexdigest() -def make_cookie(name, load, seed, expire=0, domain="", path="", - timestamp=""): +def make_cookie(name, load, seed, expire=0, domain="", path="", timestamp=""): """ Create and return a cookie @@ -340,8 +346,7 @@ def make_cookie(name, load, seed, expire=0, domain="", path="", if domain: cookie[name]["domain"] = domain if expire: - cookie[name]["expires"] = _expiration(expire, - "%a, %d-%b-%Y %H:%M:%S GMT") + cookie[name]["expires"] = _expiration(expire, "%a, %d-%b-%Y %H:%M:%S GMT") return tuple(cookie.output().split(": ", 1)) diff --git a/src/saml2/ident.py b/src/saml2/ident.py index c62da23fd..c7d37c0d4 100644 --- a/src/saml2/ident.py +++ b/src/saml2/ident.py @@ -1,25 +1,24 @@ import copy -import shelve +from hashlib import sha256 import logging -import six +import shelve +from urllib.parse import quote +from urllib.parse import unquote -from hashlib import sha256 -from six.moves.urllib.parse import quote -from six.moves.urllib.parse import unquote from saml2 import SAMLError -from saml2.s_utils import rndbytes from saml2.s_utils import PolicyError -from saml2.saml import NameID +from saml2.s_utils import rndbytes +from saml2.saml import NAMEID_FORMAT_EMAILADDRESS from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAMEID_FORMAT_TRANSIENT -from saml2.saml import NAMEID_FORMAT_EMAILADDRESS +from saml2.saml import NameID + -__author__ = 'rolandh' +__author__ = "rolandh" logger = logging.getLogger(__name__) -ATTR = ["name_qualifier", "sp_name_qualifier", "format", "sp_provided_id", - "text"] +ATTR = ["name_qualifier", "sp_name_qualifier", "format", "sp_provided_id", "text"] class Unknown(SAMLError): @@ -41,7 +40,7 @@ class that is used. for attr in ATTR: val = getattr(item, attr) if val: - _res.append("%d=%s" % (i, quote(val))) + _res.append(f"{int(i)}={quote(val)}") i += 1 return ",".join(_res) @@ -51,8 +50,8 @@ def code_binary(item): Return a binary 'code' suitable for hashing. """ code_str = code(item) - if isinstance(code_str, six.string_types): - return code_str.encode('utf-8') + if isinstance(code_str, str): + return code_str.encode("utf-8") return code_str @@ -67,17 +66,18 @@ def decode(txt): i, val = part.split("=") try: setattr(_nid, ATTR[int(i)], unquote(val)) - except: + except Exception: pass return _nid -class IdentDB(object): - """ A class that handles identifiers of entities - Keeps a list of all nameIDs returned per SP +class IdentDB: + """A class that handles identifiers of entities + Keeps a list of all nameIDs returned per SP """ + def __init__(self, db, domain="", name_qualifier=""): - if isinstance(db, six.string_types): + if isinstance(db, str): self.db = shelve.open(db, protocol=2) else: self.db = db @@ -86,16 +86,16 @@ def __init__(self, db, domain="", name_qualifier=""): def _create_id(self, nformat, name_qualifier="", sp_name_qualifier=""): _id = sha256(rndbytes(32)) - if not isinstance(nformat, six.binary_type): - nformat = nformat.encode('utf-8') + if not isinstance(nformat, bytes): + nformat = nformat.encode("utf-8") _id.update(nformat) if name_qualifier: - if not isinstance(name_qualifier, six.binary_type): - name_qualifier = name_qualifier.encode('utf-8') + if not isinstance(name_qualifier, bytes): + name_qualifier = name_qualifier.encode("utf-8") _id.update(name_qualifier) if sp_name_qualifier: - if not isinstance(sp_name_qualifier, six.binary_type): - sp_name_qualifier = sp_name_qualifier.encode('utf-8') + if not isinstance(sp_name_qualifier, bytes): + sp_name_qualifier = sp_name_qualifier.encode("utf-8") _id.update(sp_name_qualifier) return _id.hexdigest() @@ -158,11 +158,7 @@ def get_nameid(self, userid, nformat, sp_name_qualifier, name_qualifier): if nformat == NAMEID_FORMAT_PERSISTENT: nameid = self.match_local_id(userid, sp_name_qualifier, name_qualifier) if nameid: - logger.debug( - "Found existing persistent NameId {nid} for user {uid}".format( - nid=nameid, uid=userid - ) - ) + logger.debug(f"Found existing persistent NameId {nameid} for user {userid}") return nameid _id = self.create_id(nformat, name_qualifier, sp_name_qualifier) @@ -171,7 +167,7 @@ def get_nameid(self, userid, nformat, sp_name_qualifier, name_qualifier): if not self.domain: raise SAMLError("Can't issue email nameids, unknown domain") - _id = "%s@%s" % (_id, self.domain) + _id = f"{_id}@{self.domain}" nameid = NameID( format=nformat, @@ -211,8 +207,7 @@ def find_nameid(self, userid, **kwargs): return res - def nim_args(self, local_policy=None, sp_name_qualifier="", - name_id_policy=None, name_qualifier=""): + def nim_args(self, local_policy=None, sp_name_qualifier="", name_id_policy=None, name_qualifier=""): """ :param local_policy: @@ -222,8 +217,7 @@ def nim_args(self, local_policy=None, sp_name_qualifier="", :return: """ - logger.debug("local_policy: %s, name_id_policy: %s", local_policy, - name_id_policy) + logger.debug("local_policy: %s, name_id_policy: %s", local_policy, name_id_policy) if name_id_policy and name_id_policy.sp_name_qualifier: sp_name_qualifier = name_id_policy.sp_name_qualifier @@ -240,14 +234,12 @@ def nim_args(self, local_policy=None, sp_name_qualifier="", if not name_qualifier: name_qualifier = self.name_qualifier - return {"nformat": nameid_format, - "sp_name_qualifier": sp_name_qualifier, - "name_qualifier": name_qualifier} + return {"nformat": nameid_format, "sp_name_qualifier": sp_name_qualifier, "name_qualifier": name_qualifier} - def construct_nameid(self, userid, local_policy=None, - sp_name_qualifier=None, name_id_policy=None, - name_qualifier=""): - """ Returns a name_id for the userid. How the name_id is + def construct_nameid( + self, userid, local_policy=None, sp_name_qualifier=None, name_id_policy=None, name_qualifier="" + ): + """Returns a name_id for the userid. How the name_id is constructed depends on the context. :param local_policy: The policy the server is configured to follow @@ -268,17 +260,14 @@ def construct_nameid(self, userid, local_policy=None, return self.get_nameid(userid, **args) def transient_nameid(self, userid, sp_name_qualifier="", name_qualifier=""): - return self.get_nameid(userid, NAMEID_FORMAT_TRANSIENT, - sp_name_qualifier, name_qualifier) + return self.get_nameid(userid, NAMEID_FORMAT_TRANSIENT, sp_name_qualifier, name_qualifier) - def persistent_nameid(self, userid, sp_name_qualifier="", - name_qualifier=""): + def persistent_nameid(self, userid, sp_name_qualifier="", name_qualifier=""): nameid = self.match_local_id(userid, sp_name_qualifier, name_qualifier) if nameid: return nameid else: - return self.get_nameid(userid, NAMEID_FORMAT_PERSISTENT, - sp_name_qualifier, name_qualifier) + return self.get_nameid(userid, NAMEID_FORMAT_PERSISTENT, sp_name_qualifier, name_qualifier) def find_local_id(self, name_id): """ @@ -292,7 +281,7 @@ def find_local_id(self, name_id): return self.db[name_id.text] except KeyError: logger.debug("name: %s", name_id.text) - #logger.debug("id sub keys: %s", self.subkeys()) + # logger.debug("id sub keys: %s", self.subkeys()) return None def match_local_id(self, userid, sp_name_qualifier, name_qualifier): @@ -346,8 +335,7 @@ def handle_name_id_mapping_request(self, name_id, name_id_policy): # else create and return a new one return self.construct_nameid(_id, name_id_policy=name_id_policy) - def handle_manage_name_id_request(self, name_id, new_id=None, - new_encrypted_id="", terminate=""): + def handle_manage_name_id_request(self, name_id, new_id=None, new_encrypted_id="", terminate=""): """ Requests from the SP is about the SPProvidedID attribute. So this is about adding,replacing and removing said attribute. @@ -370,7 +358,7 @@ def handle_manage_name_id_request(self, name_id, new_id=None, elif terminate: name_id.sp_provided_id = None else: - #NOOP + # NOOP return name_id self.remove_remote(orig_name_id) @@ -378,9 +366,9 @@ def handle_manage_name_id_request(self, name_id, new_id=None, return name_id def close(self): - if hasattr(self.db, 'close'): + if hasattr(self.db, "close"): self.db.close() def sync(self): - if hasattr(self.db, 'sync'): + if hasattr(self.db, "sync"): self.db.sync() diff --git a/src/saml2/mcache.py b/src/saml2/mcache.py index ceace34d2..c464cfc29 100644 --- a/src/saml2/mcache.py +++ b/src/saml2/mcache.py @@ -2,8 +2,11 @@ import logging import memcache + from saml2 import time_util -from saml2.cache import TooOld, CacheError +from saml2.cache import CacheError +from saml2.cache import TooOld + # The assumption is that any subject may consist of data # gathered from several different sources, all with their own @@ -11,10 +14,12 @@ logger = logging.getLogger(__name__) + def _key(prefix, name): - return "%s_%s" % (prefix, name) + return f"{prefix}_{name}" + -class Cache(object): +class Cache: def __init__(self, servers, debug=0): self._cache = memcache.Client(servers, debug) @@ -35,7 +40,7 @@ def delete(self, subject_id): raise CacheError("Set operation failed") def get_identity(self, subject_id, entities=None): - """ Get all the identity information that has been received and + """Get all the identity information that has been received and are still valid about the subject. :param subject_id: The identifier of the subject @@ -52,8 +57,7 @@ def get_identity(self, subject_id, entities=None): res = {} oldees = [] - for (entity_id, item) in self._cache.get_multi(entities, - subject_id+'_').items(): + for (entity_id, item) in self._cache.get_multi(entities, f"{subject_id}_").items(): try: info = self.get_info(item) except TooOld: @@ -68,7 +72,7 @@ def get_identity(self, subject_id, entities=None): return res, oldees def get_info(self, item, check_not_on_or_after=True): - """ Get session information about a subject gotten from a + """Get session information about a subject gotten from a specified IdP/AA. :param item: Information stored @@ -92,7 +96,7 @@ def get(self, subject_id, entity_id, check_not_on_or_after=True): return self.get_info(res) def set(self, subject_id, entity_id, info, timestamp=0): - """ Stores session information in the cache. Assumes that the subject_id + """Stores session information in the cache. Assumes that the subject_id is unique within the context of the Service Provider. :param subject_id: The subject identifier @@ -122,7 +126,7 @@ def set(self, subject_id, entity_id, info, timestamp=0): raise CacheError("set failed") def reset(self, subject_id, entity_id): - """ Scrap the assertions received from a IdP or an AA about a special + """Scrap the assertions received from a IdP or an AA about a special subject. :param subject_id: The subjects identifier @@ -133,7 +137,7 @@ def reset(self, subject_id, entity_id): raise CacheError("reset failed") def entities(self, subject_id): - """ Returns all the entities of assertions for a subject, disregarding + """Returns all the entities of assertions for a subject, disregarding whether the assertion still is valid or not. :param subject_id: The identifier of the subject @@ -146,12 +150,12 @@ def entities(self, subject_id): return res def receivers(self, subject_id): - """ Another name for entities() just to make it more logic in the IdP - scenario """ + """Another name for entities() just to make it more logic in the IdP + scenario""" return self.entities(subject_id) def active(self, subject_id, entity_id): - """ Returns the status of assertions from a specific entity_id. + """Returns the status of assertions from a specific entity_id. :param subject_id: The ID of the subject :param entity_id: The entity ID of the entity_id of the assertion @@ -174,7 +178,7 @@ def active(self, subject_id, entity_id): return False def subjects(self): - """ Return identifiers for all the subjects that are in the cache. + """Return identifiers for all the subjects that are in the cache. :return: list of subject identifiers """ diff --git a/src/saml2/md.py b/src/saml2/md.py index b9818e263..06d5bd77d 100644 --- a/src/saml2/md.py +++ b/src/saml2/md.py @@ -5,20 +5,21 @@ # import saml2 -from saml2 import saml from saml2 import SamlBase +from saml2 import saml from saml2 import xmldsig as ds from saml2 import xmlenc as xenc -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:metadata' + +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:metadata" class EntityIDType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:entityIDType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:entityIDType element""" - c_tag = 'entityIDType' + c_tag = "entityIDType" c_namespace = NAMESPACE - c_value_type = {'maxlen': '1024', 'base': 'anyURI'} + c_value_type = {"maxlen": "1024", "base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -30,28 +31,21 @@ def entity_id_type__from_string(xml_string): class LocalizedNameType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:localizedNameType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:localizedNameType element""" - c_tag = 'localizedNameType' + c_tag = "localizedNameType" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['{http://www.w3.org/XML/1998/namespace}lang'] = ('lang', - 'string', - True) - - def __init__(self, - lang=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["{http://www.w3.org/XML/1998/namespace}lang"] = ("lang", "string", True) + + def __init__(self, lang=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.lang = lang @@ -60,28 +54,21 @@ def localized_name_type__from_string(xml_string): class LocalizedURIType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:localizedURIType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:localizedURIType element""" - c_tag = 'localizedURIType' + c_tag = "localizedURIType" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['{http://www.w3.org/XML/1998/namespace}lang'] = ('lang', - 'anyURI', - True) - - def __init__(self, - lang=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["{http://www.w3.org/XML/1998/namespace}lang"] = ("lang", "anyURI", True) + + def __init__(self, lang=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.lang = lang @@ -90,9 +77,9 @@ def localized_uri_type__from_string(xml_string): class ExtensionsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:ExtensionsType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:ExtensionsType element""" - c_tag = 'ExtensionsType' + c_tag = "ExtensionsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -105,29 +92,30 @@ def extensions_type__from_string(xml_string): class EndpointType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:EndpointType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:EndpointType element""" - c_tag = 'EndpointType' + c_tag = "EndpointType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Binding'] = ('binding', 'anyURI', True) - c_attributes['Location'] = ('location', 'anyURI', True) - c_attributes['ResponseLocation'] = ('response_location', 'anyURI', False) - - def __init__(self, - binding=None, - location=None, - response_location=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["Binding"] = ("binding", "anyURI", True) + c_attributes["Location"] = ("location", "anyURI", True) + c_attributes["ResponseLocation"] = ("response_location", "anyURI", False) + + def __init__( + self, + binding=None, + location=None, + response_location=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.binding = binding self.location = location self.response_location = response_location @@ -138,33 +126,37 @@ def endpoint_type__from_string(xml_string): class IndexedEndpointType_(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:IndexedEndpointType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:IndexedEndpointType element""" - c_tag = 'IndexedEndpointType' + c_tag = "IndexedEndpointType" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() c_child_order = EndpointType_.c_child_order[:] c_cardinality = EndpointType_.c_cardinality.copy() - c_attributes['index'] = ('index', 'unsignedShort', True) - c_attributes['isDefault'] = ('is_default', 'boolean', False) - - def __init__(self, - index=None, - is_default=None, - binding=None, - location=None, - response_location=None, - text=None, - extension_elements=None, - extension_attributes=None): - EndpointType_.__init__(self, - binding=binding, - location=location, - response_location=response_location, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["index"] = ("index", "unsignedShort", True) + c_attributes["isDefault"] = ("is_default", "boolean", False) + + def __init__( + self, + index=None, + is_default=None, + binding=None, + location=None, + response_location=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + EndpointType_.__init__( + self, + binding=binding, + location=location, + response_location=response_location, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.index = index self.is_default = is_default @@ -174,9 +166,9 @@ def indexed_endpoint_type__from_string(xml_string): class OrganizationName(LocalizedNameType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:OrganizationName element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:OrganizationName element""" - c_tag = 'OrganizationName' + c_tag = "OrganizationName" c_namespace = NAMESPACE c_children = LocalizedNameType_.c_children.copy() c_attributes = LocalizedNameType_.c_attributes.copy() @@ -190,9 +182,9 @@ def organization_name_from_string(xml_string): class OrganizationDisplayName(LocalizedNameType_): """The urn:oasis:names:tc:SAML:2.0:metadata:OrganizationDisplayName - element """ + element""" - c_tag = 'OrganizationDisplayName' + c_tag = "OrganizationDisplayName" c_namespace = NAMESPACE c_children = LocalizedNameType_.c_children.copy() c_attributes = LocalizedNameType_.c_attributes.copy() @@ -201,14 +193,13 @@ class OrganizationDisplayName(LocalizedNameType_): def organization_display_name_from_string(xml_string): - return saml2.create_class_from_xml_string(OrganizationDisplayName, - xml_string) + return saml2.create_class_from_xml_string(OrganizationDisplayName, xml_string) class OrganizationURL(LocalizedURIType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:OrganizationURL element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:OrganizationURL element""" - c_tag = 'OrganizationURL' + c_tag = "OrganizationURL" c_namespace = NAMESPACE c_children = LocalizedURIType_.c_children.copy() c_attributes = LocalizedURIType_.c_attributes.copy() @@ -221,11 +212,11 @@ def organization_url_from_string(xml_string): class Company(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:Company element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:Company element""" - c_tag = 'Company' + c_tag = "Company" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -237,11 +228,11 @@ def company_from_string(xml_string): class GivenName(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:GivenName element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:GivenName element""" - c_tag = 'GivenName' + c_tag = "GivenName" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -253,11 +244,11 @@ def given_name_from_string(xml_string): class SurName(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:SurName element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:SurName element""" - c_tag = 'SurName' + c_tag = "SurName" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -269,11 +260,11 @@ def sur_name_from_string(xml_string): class EmailAddress(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:EmailAddress element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:EmailAddress element""" - c_tag = 'EmailAddress' + c_tag = "EmailAddress" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -285,11 +276,11 @@ def email_address_from_string(xml_string): class TelephoneNumber(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:TelephoneNumber element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:TelephoneNumber element""" - c_tag = 'TelephoneNumber' + c_tag = "TelephoneNumber" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -301,13 +292,11 @@ def telephone_number_from_string(xml_string): class ContactTypeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:ContactTypeType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:ContactTypeType element""" - c_tag = 'ContactTypeType' + c_tag = "ContactTypeType" c_namespace = NAMESPACE - c_value_type = {'base': 'string', 'enumeration': ['technical', 'support', - 'administrative', - 'billing', 'other']} + c_value_type = {"base": "string", "enumeration": ["technical", "support", "administrative", "billing", "other"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -320,36 +309,34 @@ def contact_type_type__from_string(xml_string): class AdditionalMetadataLocationType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:AdditionalMetadataLocationType - element """ + element""" - c_tag = 'AdditionalMetadataLocationType' + c_tag = "AdditionalMetadataLocationType" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['namespace'] = ('namespace', 'anyURI', True) + c_attributes["namespace"] = ("namespace", "anyURI", True) - def __init__(self, namespace=None, text=None, extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + def __init__(self, namespace=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.namespace = namespace def additional_metadata_location_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AdditionalMetadataLocationType_, - xml_string) + return saml2.create_class_from_xml_string(AdditionalMetadataLocationType_, xml_string) class AnyURIListType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:anyURIListType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:anyURIListType element""" - c_tag = 'anyURIListType' + c_tag = "anyURIListType" c_namespace = NAMESPACE - c_value_type = {'member': 'anyURI', 'base': 'list'} + c_value_type = {"member": "anyURI", "base": "list"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -361,11 +348,11 @@ def any_uri_list_type__from_string(xml_string): class KeyTypes_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:KeyTypes element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:KeyTypes element""" - c_tag = 'KeyTypes' + c_tag = "KeyTypes" c_namespace = NAMESPACE - c_value_type = {'base': 'string', 'enumeration': ['encryption', 'signing']} + c_value_type = {"base": "string", "enumeration": ["encryption", "signing"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -377,9 +364,9 @@ def key_types__from_string(xml_string): class EncryptionMethod(xenc.EncryptionMethodType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:EncryptionMethod element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:EncryptionMethod element""" - c_tag = 'EncryptionMethod' + c_tag = "EncryptionMethod" c_namespace = NAMESPACE c_children = xenc.EncryptionMethodType_.c_children.copy() c_attributes = xenc.EncryptionMethodType_.c_attributes.copy() @@ -393,9 +380,9 @@ def encryption_method_from_string(xml_string): class ArtifactResolutionService(IndexedEndpointType_): """The urn:oasis:names:tc:SAML:2.0:metadata:ArtifactResolutionService - element """ + element""" - c_tag = 'ArtifactResolutionService' + c_tag = "ArtifactResolutionService" c_namespace = NAMESPACE c_children = IndexedEndpointType_.c_children.copy() c_attributes = IndexedEndpointType_.c_attributes.copy() @@ -404,14 +391,13 @@ class ArtifactResolutionService(IndexedEndpointType_): def artifact_resolution_service_from_string(xml_string): - return saml2.create_class_from_xml_string(ArtifactResolutionService, - xml_string) + return saml2.create_class_from_xml_string(ArtifactResolutionService, xml_string) class SingleLogoutService(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:SingleLogoutService element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:SingleLogoutService element""" - c_tag = 'SingleLogoutService' + c_tag = "SingleLogoutService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -424,9 +410,9 @@ def single_logout_service_from_string(xml_string): class ManageNameIDService(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:ManageNameIDService element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:ManageNameIDService element""" - c_tag = 'ManageNameIDService' + c_tag = "ManageNameIDService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -439,11 +425,11 @@ def manage_name_id_service_from_string(xml_string): class NameIDFormat(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:NameIDFormat element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:NameIDFormat element""" - c_tag = 'NameIDFormat' + c_tag = "NameIDFormat" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -455,9 +441,9 @@ def name_id_format_from_string(xml_string): class SingleSignOnService(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:SingleSignOnService element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:SingleSignOnService element""" - c_tag = 'SingleSignOnService' + c_tag = "SingleSignOnService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -470,9 +456,9 @@ def single_sign_on_service_from_string(xml_string): class NameIDMappingService(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:NameIDMappingService element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:NameIDMappingService element""" - c_tag = 'NameIDMappingService' + c_tag = "NameIDMappingService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -486,9 +472,9 @@ def name_id_mapping_service_from_string(xml_string): class AssertionIDRequestService(EndpointType_): """The urn:oasis:names:tc:SAML:2.0:metadata:AssertionIDRequestService - element """ + element""" - c_tag = 'AssertionIDRequestService' + c_tag = "AssertionIDRequestService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -497,16 +483,15 @@ class AssertionIDRequestService(EndpointType_): def assertion_id_request_service_from_string(xml_string): - return saml2.create_class_from_xml_string(AssertionIDRequestService, - xml_string) + return saml2.create_class_from_xml_string(AssertionIDRequestService, xml_string) class AttributeProfile(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:AttributeProfile element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:AttributeProfile element""" - c_tag = 'AttributeProfile' + c_tag = "AttributeProfile" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -519,9 +504,9 @@ def attribute_profile_from_string(xml_string): class AssertionConsumerService(IndexedEndpointType_): """The urn:oasis:names:tc:SAML:2.0:metadata:AssertionConsumerService - element """ + element""" - c_tag = 'AssertionConsumerService' + c_tag = "AssertionConsumerService" c_namespace = NAMESPACE c_children = IndexedEndpointType_.c_children.copy() c_attributes = IndexedEndpointType_.c_attributes.copy() @@ -530,14 +515,13 @@ class AssertionConsumerService(IndexedEndpointType_): def assertion_consumer_service_from_string(xml_string): - return saml2.create_class_from_xml_string(AssertionConsumerService, - xml_string) + return saml2.create_class_from_xml_string(AssertionConsumerService, xml_string) class ServiceName(LocalizedNameType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:ServiceName element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:ServiceName element""" - c_tag = 'ServiceName' + c_tag = "ServiceName" c_namespace = NAMESPACE c_children = LocalizedNameType_.c_children.copy() c_attributes = LocalizedNameType_.c_attributes.copy() @@ -550,9 +534,9 @@ def service_name_from_string(xml_string): class ServiceDescription(LocalizedNameType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:ServiceDescription element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:ServiceDescription element""" - c_tag = 'ServiceDescription' + c_tag = "ServiceDescription" c_namespace = NAMESPACE c_children = LocalizedNameType_.c_children.copy() c_attributes = LocalizedNameType_.c_attributes.copy() @@ -566,37 +550,48 @@ def service_description_from_string(xml_string): class RequestedAttributeType_(saml.AttributeType_): """The urn:oasis:names:tc:SAML:2.0:metadata:RequestedAttributeType - element """ + element""" - c_tag = 'RequestedAttributeType' + c_tag = "RequestedAttributeType" c_namespace = NAMESPACE c_children = saml.AttributeType_.c_children.copy() c_attributes = saml.AttributeType_.c_attributes.copy() c_child_order = saml.AttributeType_.c_child_order[:] c_cardinality = saml.AttributeType_.c_cardinality.copy() - c_attributes['isRequired'] = ('is_required', 'boolean', False) - - def __init__(self, is_required=None, friendly_name=None, name=None, - name_format=None, attribute_value=None, text=None, - extension_elements=None, extension_attributes=None): - saml.AttributeType_.__init__(self, friendly_name=friendly_name, - name=name, name_format=name_format, - attribute_value=attribute_value, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["isRequired"] = ("is_required", "boolean", False) + + def __init__( + self, + is_required=None, + friendly_name=None, + name=None, + name_format=None, + attribute_value=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + saml.AttributeType_.__init__( + self, + friendly_name=friendly_name, + name=name, + name_format=name_format, + attribute_value=attribute_value, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.is_required = is_required def requested_attribute_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RequestedAttributeType_, - xml_string) + return saml2.create_class_from_xml_string(RequestedAttributeType_, xml_string) class AuthnQueryService(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:AuthnQueryService element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:AuthnQueryService element""" - c_tag = 'AuthnQueryService' + c_tag = "AuthnQueryService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -609,9 +604,9 @@ def authn_query_service_from_string(xml_string): class AuthzService(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:AuthzService element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:AuthzService element""" - c_tag = 'AuthzService' + c_tag = "AuthzService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -624,9 +619,9 @@ def authz_service_from_string(xml_string): class AttributeService(EndpointType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:AttributeService element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:AttributeService element""" - c_tag = 'AttributeService' + c_tag = "AttributeService" c_namespace = NAMESPACE c_children = EndpointType_.c_children.copy() c_attributes = EndpointType_.c_attributes.copy() @@ -639,9 +634,9 @@ def attribute_service_from_string(xml_string): class AffiliateMember(EntityIDType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:AffiliateMember element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:AffiliateMember element""" - c_tag = 'AffiliateMember' + c_tag = "AffiliateMember" c_namespace = NAMESPACE c_children = EntityIDType_.c_children.copy() c_attributes = EntityIDType_.c_attributes.copy() @@ -654,9 +649,9 @@ def affiliate_member_from_string(xml_string): class Extensions(ExtensionsType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:Extensions element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:Extensions element""" - c_tag = 'Extensions' + c_tag = "Extensions" c_namespace = NAMESPACE c_children = ExtensionsType_.c_children.copy() c_attributes = ExtensionsType_.c_attributes.copy() @@ -669,36 +664,40 @@ def extensions_from_string(xml_string): class OrganizationType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:OrganizationType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:OrganizationType element""" - c_tag = 'OrganizationType' + c_tag = "OrganizationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Extensions'] = ( - 'extensions', Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}OrganizationName'] = ( - 'organization_name', [OrganizationName]) - c_cardinality['organization_name'] = {"min": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}OrganizationDisplayName'] = ( - 'organization_display_name', [OrganizationDisplayName]) - c_cardinality['organization_display_name'] = {"min": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}OrganizationURL'] = ( - 'organization_url', [OrganizationURL]) - c_cardinality['organization_url'] = {"min": 1} - c_child_order.extend(['extensions', 'organization_name', - 'organization_display_name', 'organization_url']) - - def __init__(self, extensions=None, organization_name=None, - organization_display_name=None, organization_url=None, - text=None, extension_elements=None, extension_attributes=None): - SamlBase.__init__(self, text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}OrganizationName"] = ("organization_name", [OrganizationName]) + c_cardinality["organization_name"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}OrganizationDisplayName"] = ( + "organization_display_name", + [OrganizationDisplayName], + ) + c_cardinality["organization_display_name"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}OrganizationURL"] = ("organization_url", [OrganizationURL]) + c_cardinality["organization_url"] = {"min": 1} + c_child_order.extend(["extensions", "organization_name", "organization_display_name", "organization_url"]) + + def __init__( + self, + extensions=None, + organization_name=None, + organization_display_name=None, + organization_url=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.extensions = extensions self.organization_name = organization_name or [] self.organization_display_name = organization_display_name or [] @@ -710,35 +709,28 @@ def organization_type__from_string(xml_string): class ContactType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:ContactType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:ContactType element""" - c_tag = 'ContactType' + c_tag = "ContactType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Extensions'] = ( - 'extensions', Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Company'] = ( - 'company', Company) - c_cardinality['company'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}GivenName'] = ( - 'given_name', GivenName) - c_cardinality['given_name'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}SurName'] = ( - 'sur_name', SurName) - c_cardinality['sur_name'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}EmailAddress'] = ( - 'email_address', [EmailAddress]) - c_cardinality['email_address'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}TelephoneNumber'] = ( - 'telephone_number', [TelephoneNumber]) - c_cardinality['telephone_number'] = {"min": 0} - c_attributes['contactType'] = ('contact_type', ContactTypeType_, True) - c_child_order.extend(['extensions', 'company', 'given_name', 'sur_name', - 'email_address', 'telephone_number']) + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Company"] = ("company", Company) + c_cardinality["company"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}GivenName"] = ("given_name", GivenName) + c_cardinality["given_name"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}SurName"] = ("sur_name", SurName) + c_cardinality["sur_name"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}EmailAddress"] = ("email_address", [EmailAddress]) + c_cardinality["email_address"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}TelephoneNumber"] = ("telephone_number", [TelephoneNumber]) + c_cardinality["telephone_number"] = {"min": 0} + c_attributes["contactType"] = ("contact_type", ContactTypeType_, True) + c_child_order.extend(["extensions", "company", "given_name", "sur_name", "email_address", "telephone_number"]) def __init__( self, @@ -753,10 +745,11 @@ def __init__( extension_elements=None, extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.extensions = extensions self.company = company @@ -773,9 +766,9 @@ def contact_type__from_string(xml_string): class AdditionalMetadataLocation(AdditionalMetadataLocationType_): """The urn:oasis:names:tc:SAML:2.0:metadata:AdditionalMetadataLocation - element """ + element""" - c_tag = 'AdditionalMetadataLocation' + c_tag = "AdditionalMetadataLocation" c_namespace = NAMESPACE c_children = AdditionalMetadataLocationType_.c_children.copy() c_attributes = AdditionalMetadataLocationType_.c_attributes.copy() @@ -784,38 +777,36 @@ class AdditionalMetadataLocation(AdditionalMetadataLocationType_): def additional_metadata_location_from_string(xml_string): - return saml2.create_class_from_xml_string(AdditionalMetadataLocation, - xml_string) + return saml2.create_class_from_xml_string(AdditionalMetadataLocation, xml_string) class KeyDescriptorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:KeyDescriptorType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:KeyDescriptorType element""" - c_tag = 'KeyDescriptorType' + c_tag = "KeyDescriptorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ( - 'key_info', ds.KeyInfo) - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}EncryptionMethod'] = ( - 'encryption_method', [EncryptionMethod]) - c_cardinality['encryption_method'] = {"min": 0} - c_attributes['use'] = ('use', KeyTypes_, False) - c_child_order.extend(['key_info', 'encryption_method']) - - def __init__(self, - key_info=None, - encryption_method=None, - use=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyInfo"] = ("key_info", ds.KeyInfo) + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}EncryptionMethod"] = ("encryption_method", [EncryptionMethod]) + c_cardinality["encryption_method"] = {"min": 0} + c_attributes["use"] = ("use", KeyTypes_, False) + c_child_order.extend(["key_info", "encryption_method"]) + + def __init__( + self, + key_info=None, + encryption_method=None, + use=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.key_info = key_info self.encryption_method = encryption_method or [] self.use = use @@ -826,9 +817,9 @@ def key_descriptor_type__from_string(xml_string): class RequestedAttribute(RequestedAttributeType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:RequestedAttribute element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:RequestedAttribute element""" - c_tag = 'RequestedAttribute' + c_tag = "RequestedAttribute" c_namespace = NAMESPACE c_children = RequestedAttributeType_.c_children.copy() c_attributes = RequestedAttributeType_.c_attributes.copy() @@ -841,9 +832,9 @@ def requested_attribute_from_string(xml_string): class Organization(OrganizationType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:Organization element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:Organization element""" - c_tag = 'Organization' + c_tag = "Organization" c_namespace = NAMESPACE c_children = OrganizationType_.c_children.copy() c_attributes = OrganizationType_.c_attributes.copy() @@ -856,9 +847,9 @@ def organization_from_string(xml_string): class ContactPerson(ContactType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:ContactPerson element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:ContactPerson element""" - c_tag = 'ContactPerson' + c_tag = "ContactPerson" c_namespace = NAMESPACE c_children = ContactType_.c_children.copy() c_attributes = ContactType_.c_attributes.copy() @@ -871,9 +862,9 @@ def contact_person_from_string(xml_string): class KeyDescriptor(KeyDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:KeyDescriptor element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:KeyDescriptor element""" - c_tag = 'KeyDescriptor' + c_tag = "KeyDescriptor" c_namespace = NAMESPACE c_children = KeyDescriptorType_.c_children.copy() c_attributes = KeyDescriptorType_.c_attributes.copy() @@ -886,56 +877,50 @@ def key_descriptor_from_string(xml_string): class RoleDescriptorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:RoleDescriptorType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:RoleDescriptorType element""" - c_tag = 'RoleDescriptorType' + c_tag = "RoleDescriptorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Signature'] = ( - 'signature', ds.Signature) - c_cardinality['signature'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Extensions'] = ( - 'extensions', Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}KeyDescriptor'] = ( - 'key_descriptor', [KeyDescriptor]) - c_cardinality['key_descriptor'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Organization'] = ( - 'organization', Organization) - c_cardinality['organization'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}ContactPerson'] = ( - 'contact_person', [ContactPerson]) - c_cardinality['contact_person'] = {"min": 0} - c_attributes['ID'] = ('id', 'ID', False) - c_attributes['validUntil'] = ('valid_until', 'dateTime', False) - c_attributes['cacheDuration'] = ('cache_duration', 'duration', False) - c_attributes['protocolSupportEnumeration'] = ( - 'protocol_support_enumeration', AnyURIListType_, True) - c_attributes['errorURL'] = ('error_url', 'anyURI', False) - c_child_order.extend(['signature', 'extensions', 'key_descriptor', - 'organization', 'contact_person']) - - def __init__(self, - signature=None, - extensions=None, - key_descriptor=None, - organization=None, - contact_person=None, - id=None, - valid_until=None, - cache_duration=None, - protocol_support_enumeration=None, - error_url=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{http://www.w3.org/2000/09/xmldsig#}Signature"] = ("signature", ds.Signature) + c_cardinality["signature"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}KeyDescriptor"] = ("key_descriptor", [KeyDescriptor]) + c_cardinality["key_descriptor"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Organization"] = ("organization", Organization) + c_cardinality["organization"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}ContactPerson"] = ("contact_person", [ContactPerson]) + c_cardinality["contact_person"] = {"min": 0} + c_attributes["ID"] = ("id", "ID", False) + c_attributes["validUntil"] = ("valid_until", "dateTime", False) + c_attributes["cacheDuration"] = ("cache_duration", "duration", False) + c_attributes["protocolSupportEnumeration"] = ("protocol_support_enumeration", AnyURIListType_, True) + c_attributes["errorURL"] = ("error_url", "anyURI", False) + c_child_order.extend(["signature", "extensions", "key_descriptor", "organization", "contact_person"]) + + def __init__( + self, + signature=None, + extensions=None, + key_descriptor=None, + organization=None, + contact_person=None, + id=None, + valid_until=None, + cache_duration=None, + protocol_support_enumeration=None, + error_url=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.signature = signature self.extensions = extensions self.key_descriptor = key_descriptor or [] @@ -949,50 +934,55 @@ def __init__(self, class SSODescriptorType_(RoleDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:SSODescriptorType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:SSODescriptorType element""" - c_tag = 'SSODescriptorType' + c_tag = "SSODescriptorType" c_namespace = NAMESPACE c_children = RoleDescriptorType_.c_children.copy() c_attributes = RoleDescriptorType_.c_attributes.copy() c_child_order = RoleDescriptorType_.c_child_order[:] c_cardinality = RoleDescriptorType_.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}ArtifactResolutionService'] = ( - 'artifact_resolution_service', [ArtifactResolutionService]) - c_cardinality['artifact_resolution_service'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}SingleLogoutService'] = ( - 'single_logout_service', [SingleLogoutService]) - c_cardinality['single_logout_service'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}ManageNameIDService'] = ( - 'manage_name_id_service', [ManageNameIDService]) - c_cardinality['manage_name_id_service'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat'] = ( - 'name_id_format', [NameIDFormat]) - c_cardinality['name_id_format'] = {"min": 0} - c_child_order.extend(['artifact_resolution_service', - 'single_logout_service', 'manage_name_id_service', - 'name_id_format']) + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}ArtifactResolutionService"] = ( + "artifact_resolution_service", + [ArtifactResolutionService], + ) + c_cardinality["artifact_resolution_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}SingleLogoutService"] = ( + "single_logout_service", + [SingleLogoutService], + ) + c_cardinality["single_logout_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}ManageNameIDService"] = ( + "manage_name_id_service", + [ManageNameIDService], + ) + c_cardinality["manage_name_id_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat"] = ("name_id_format", [NameIDFormat]) + c_cardinality["name_id_format"] = {"min": 0} + c_child_order.extend( + ["artifact_resolution_service", "single_logout_service", "manage_name_id_service", "name_id_format"] + ) def __init__( - self, - artifact_resolution_service=None, - single_logout_service=None, - manage_name_id_service=None, - name_id_format=None, - signature=None, - extensions=None, - key_descriptor=None, - organization=None, - contact_person=None, - id=None, - valid_until=None, - cache_duration=None, - protocol_support_enumeration=None, - error_url=None, - text=None, - extension_elements=None, - extension_attributes=None): + self, + artifact_resolution_service=None, + single_logout_service=None, + manage_name_id_service=None, + name_id_format=None, + signature=None, + extensions=None, + key_descriptor=None, + organization=None, + contact_person=None, + id=None, + valid_until=None, + cache_duration=None, + protocol_support_enumeration=None, + error_url=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): RoleDescriptorType_.__init__( self, signature=signature, @@ -1007,7 +997,8 @@ def __init__( error_url=error_url, text=text, extension_elements=extension_elements, - extension_attributes=extension_attributes) + extension_attributes=extension_attributes, + ) self.artifact_resolution_service = artifact_resolution_service or [] self.single_logout_service = single_logout_service or [] self.manage_name_id_service = manage_name_id_service or [] @@ -1015,80 +1006,90 @@ def __init__( class IDPSSODescriptorType_(SSODescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:IDPSSODescriptorType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:IDPSSODescriptorType element""" - c_tag = 'IDPSSODescriptorType' + c_tag = "IDPSSODescriptorType" c_namespace = NAMESPACE c_children = SSODescriptorType_.c_children.copy() c_attributes = SSODescriptorType_.c_attributes.copy() c_child_order = SSODescriptorType_.c_child_order[:] c_cardinality = SSODescriptorType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}SingleSignOnService'] = ( - 'single_sign_on_service', [SingleSignOnService]) - c_cardinality['single_sign_on_service'] = {"min": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}NameIDMappingService'] = ( - 'name_id_mapping_service', [NameIDMappingService]) - c_cardinality['name_id_mapping_service'] = {"min": 0} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService'] = ( - 'assertion_id_request_service', [AssertionIDRequestService]) - c_cardinality['assertion_id_request_service'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}AttributeProfile'] = ( - 'attribute_profile', [AttributeProfile]) - c_cardinality['attribute_profile'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Attribute'] = ( - 'attribute', [saml.Attribute]) - c_cardinality['attribute'] = {"min": 0} - c_attributes['WantAuthnRequestsSigned'] = ( - 'want_authn_requests_signed', 'boolean', False) - c_child_order.extend(['single_sign_on_service', 'name_id_mapping_service', - 'assertion_id_request_service', 'attribute_profile', - 'attribute']) - - def __init__(self, - single_sign_on_service=None, - name_id_mapping_service=None, - assertion_id_request_service=None, - attribute_profile=None, - attribute=None, - want_authn_requests_signed=None, - artifact_resolution_service=None, - single_logout_service=None, - manage_name_id_service=None, - name_id_format=None, - signature=None, - extensions=None, - key_descriptor=None, - organization=None, - contact_person=None, - id=None, - valid_until=None, - cache_duration=None, - protocol_support_enumeration=None, - error_url=None, - text=None, - extension_elements=None, - extension_attributes=None, - want_authn_requests_only_with_valid_cert=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}SingleSignOnService"] = ( + "single_sign_on_service", + [SingleSignOnService], + ) + c_cardinality["single_sign_on_service"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}NameIDMappingService"] = ( + "name_id_mapping_service", + [NameIDMappingService], + ) + c_cardinality["name_id_mapping_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService"] = ( + "assertion_id_request_service", + [AssertionIDRequestService], + ) + c_cardinality["assertion_id_request_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AttributeProfile"] = ("attribute_profile", [AttributeProfile]) + c_cardinality["attribute_profile"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Attribute"] = ("attribute", [saml.Attribute]) + c_cardinality["attribute"] = {"min": 0} + c_attributes["WantAuthnRequestsSigned"] = ("want_authn_requests_signed", "boolean", False) + c_child_order.extend( + [ + "single_sign_on_service", + "name_id_mapping_service", + "assertion_id_request_service", + "attribute_profile", + "attribute", + ] + ) + + def __init__( + self, + single_sign_on_service=None, + name_id_mapping_service=None, + assertion_id_request_service=None, + attribute_profile=None, + attribute=None, + want_authn_requests_signed=None, + artifact_resolution_service=None, + single_logout_service=None, + manage_name_id_service=None, + name_id_format=None, + signature=None, + extensions=None, + key_descriptor=None, + organization=None, + contact_person=None, + id=None, + valid_until=None, + cache_duration=None, + protocol_support_enumeration=None, + error_url=None, + text=None, + extension_elements=None, + extension_attributes=None, + want_authn_requests_only_with_valid_cert=None, ): - SSODescriptorType_.__init__(self, - artifact_resolution_service=artifact_resolution_service, - single_logout_service=single_logout_service, - manage_name_id_service=manage_name_id_service, - name_id_format=name_id_format, - signature=signature, - extensions=extensions, - key_descriptor=key_descriptor, - organization=organization, - contact_person=contact_person, - id=id, - valid_until=valid_until, - cache_duration=cache_duration, - protocol_support_enumeration=protocol_support_enumeration, - error_url=error_url, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SSODescriptorType_.__init__( + self, + artifact_resolution_service=artifact_resolution_service, + single_logout_service=single_logout_service, + manage_name_id_service=manage_name_id_service, + name_id_format=name_id_format, + signature=signature, + extensions=extensions, + key_descriptor=key_descriptor, + organization=organization, + contact_person=contact_person, + id=id, + valid_until=valid_until, + cache_duration=cache_duration, + protocol_support_enumeration=protocol_support_enumeration, + error_url=error_url, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.single_sign_on_service = single_sign_on_service or [] self.name_id_mapping_service = name_id_mapping_service or [] @@ -1105,45 +1106,46 @@ def idpsso_descriptor_type__from_string(xml_string): class AttributeConsumingServiceType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:AttributeConsumingServiceType - element """ + element""" - c_tag = 'AttributeConsumingServiceType' + c_tag = "AttributeConsumingServiceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}ServiceName'] = ( - 'service_name', - [ServiceName]) - c_cardinality['service_name'] = {"min": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}ServiceDescription'] = ( - 'service_description', - [ServiceDescription]) - c_cardinality['service_description'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}RequestedAttribute'] = ( - 'requested_attribute', - [RequestedAttribute]) - c_cardinality['requested_attribute'] = {"min": 1} - c_attributes['index'] = ('index', 'unsignedShort', True) - c_attributes['isDefault'] = ('is_default', 'boolean', False) - c_child_order.extend(['service_name', 'service_description', - 'requested_attribute']) - - def __init__(self, - service_name=None, - service_description=None, - requested_attribute=None, - index=None, - is_default=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}ServiceName"] = ("service_name", [ServiceName]) + c_cardinality["service_name"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}ServiceDescription"] = ( + "service_description", + [ServiceDescription], + ) + c_cardinality["service_description"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}RequestedAttribute"] = ( + "requested_attribute", + [RequestedAttribute], + ) + c_cardinality["requested_attribute"] = {"min": 1} + c_attributes["index"] = ("index", "unsignedShort", True) + c_attributes["isDefault"] = ("is_default", "boolean", False) + c_child_order.extend(["service_name", "service_description", "requested_attribute"]) + + def __init__( + self, + service_name=None, + service_description=None, + requested_attribute=None, + index=None, + is_default=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.service_name = service_name or [] self.service_description = service_description or [] @@ -1153,68 +1155,64 @@ def __init__(self, def attribute_consuming_service_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AttributeConsumingServiceType_, - xml_string) + return saml2.create_class_from_xml_string(AttributeConsumingServiceType_, xml_string) class AuthnAuthorityDescriptorType_(RoleDescriptorType_): """The urn:oasis:names:tc:SAML:2.0:metadata:AuthnAuthorityDescriptorType - element """ + element""" - c_tag = 'AuthnAuthorityDescriptorType' + c_tag = "AuthnAuthorityDescriptorType" c_namespace = NAMESPACE c_children = RoleDescriptorType_.c_children.copy() c_attributes = RoleDescriptorType_.c_attributes.copy() c_child_order = RoleDescriptorType_.c_child_order[:] c_cardinality = RoleDescriptorType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}AuthnQueryService'] = ( - 'authn_query_service', - [AuthnQueryService]) - c_cardinality['authn_query_service'] = {"min": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService'] = ( - 'assertion_id_request_service', - [AssertionIDRequestService]) - c_cardinality['assertion_id_request_service'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat'] = ( - 'name_id_format', - [NameIDFormat]) - c_cardinality['name_id_format'] = {"min": 0} - c_child_order.extend(['authn_query_service', 'assertion_id_request_service', - 'name_id_format']) - - def __init__(self, - authn_query_service=None, - assertion_id_request_service=None, - name_id_format=None, - signature=None, - extensions=None, - key_descriptor=None, - organization=None, - contact_person=None, - id=None, - valid_until=None, - cache_duration=None, - protocol_support_enumeration=None, - error_url=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AuthnQueryService"] = ("authn_query_service", [AuthnQueryService]) + c_cardinality["authn_query_service"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService"] = ( + "assertion_id_request_service", + [AssertionIDRequestService], + ) + c_cardinality["assertion_id_request_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat"] = ("name_id_format", [NameIDFormat]) + c_cardinality["name_id_format"] = {"min": 0} + c_child_order.extend(["authn_query_service", "assertion_id_request_service", "name_id_format"]) + + def __init__( + self, + authn_query_service=None, + assertion_id_request_service=None, + name_id_format=None, + signature=None, + extensions=None, + key_descriptor=None, + organization=None, + contact_person=None, + id=None, + valid_until=None, + cache_duration=None, + protocol_support_enumeration=None, + error_url=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - RoleDescriptorType_.__init__(self, - signature=signature, - extensions=extensions, - key_descriptor=key_descriptor, - organization=organization, - contact_person=contact_person, - id=id, - valid_until=valid_until, - cache_duration=cache_duration, - protocol_support_enumeration=protocol_support_enumeration, - error_url=error_url, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + RoleDescriptorType_.__init__( + self, + signature=signature, + extensions=extensions, + key_descriptor=key_descriptor, + organization=organization, + contact_person=contact_person, + id=id, + valid_until=valid_until, + cache_duration=cache_duration, + protocol_support_enumeration=protocol_support_enumeration, + error_url=error_url, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.authn_query_service = authn_query_service or [] self.assertion_id_request_service = assertion_id_request_service or [] @@ -1222,67 +1220,63 @@ def __init__(self, def authn_authority_descriptor_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnAuthorityDescriptorType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnAuthorityDescriptorType_, xml_string) class PDPDescriptorType_(RoleDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:PDPDescriptorType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:PDPDescriptorType element""" - c_tag = 'PDPDescriptorType' + c_tag = "PDPDescriptorType" c_namespace = NAMESPACE c_children = RoleDescriptorType_.c_children.copy() c_attributes = RoleDescriptorType_.c_attributes.copy() c_child_order = RoleDescriptorType_.c_child_order[:] c_cardinality = RoleDescriptorType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}AuthzService'] = ( - 'authz_service', - [AuthzService]) - c_cardinality['authz_service'] = {"min": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService'] = ( - 'assertion_id_request_service', - [AssertionIDRequestService]) - c_cardinality['assertion_id_request_service'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat'] = ( - 'name_id_format', - [NameIDFormat]) - c_cardinality['name_id_format'] = {"min": 0} - c_child_order.extend(['authz_service', 'assertion_id_request_service', - 'name_id_format']) - - def __init__(self, - authz_service=None, - assertion_id_request_service=None, - name_id_format=None, - signature=None, - extensions=None, - key_descriptor=None, - organization=None, - contact_person=None, - id=None, - valid_until=None, - cache_duration=None, - protocol_support_enumeration=None, - error_url=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AuthzService"] = ("authz_service", [AuthzService]) + c_cardinality["authz_service"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService"] = ( + "assertion_id_request_service", + [AssertionIDRequestService], + ) + c_cardinality["assertion_id_request_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat"] = ("name_id_format", [NameIDFormat]) + c_cardinality["name_id_format"] = {"min": 0} + c_child_order.extend(["authz_service", "assertion_id_request_service", "name_id_format"]) + + def __init__( + self, + authz_service=None, + assertion_id_request_service=None, + name_id_format=None, + signature=None, + extensions=None, + key_descriptor=None, + organization=None, + contact_person=None, + id=None, + valid_until=None, + cache_duration=None, + protocol_support_enumeration=None, + error_url=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - RoleDescriptorType_.__init__(self, - signature=signature, - extensions=extensions, - key_descriptor=key_descriptor, - organization=organization, - contact_person=contact_person, - id=id, - valid_until=valid_until, - cache_duration=cache_duration, - protocol_support_enumeration=protocol_support_enumeration, - error_url=error_url, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + RoleDescriptorType_.__init__( + self, + signature=signature, + extensions=extensions, + key_descriptor=key_descriptor, + organization=organization, + contact_person=contact_person, + id=id, + valid_until=valid_until, + cache_duration=cache_duration, + protocol_support_enumeration=protocol_support_enumeration, + error_url=error_url, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.authz_service = authz_service or [] self.assertion_id_request_service = assertion_id_request_service or [] @@ -1295,72 +1289,67 @@ def pdp_descriptor_type__from_string(xml_string): class AttributeAuthorityDescriptorType_(RoleDescriptorType_): """The urn:oasis:names:tc:SAML:2 - .0:metadata:AttributeAuthorityDescriptorType element """ + .0:metadata:AttributeAuthorityDescriptorType element""" - c_tag = 'AttributeAuthorityDescriptorType' + c_tag = "AttributeAuthorityDescriptorType" c_namespace = NAMESPACE c_children = RoleDescriptorType_.c_children.copy() c_attributes = RoleDescriptorType_.c_attributes.copy() c_child_order = RoleDescriptorType_.c_child_order[:] c_cardinality = RoleDescriptorType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}AttributeService'] = ( - 'attribute_service', - [AttributeService]) - c_cardinality['attribute_service'] = {"min": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService'] = ( - 'assertion_id_request_service', - [AssertionIDRequestService]) - c_cardinality['assertion_id_request_service'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat'] = ( - 'name_id_format', - [NameIDFormat]) - c_cardinality['name_id_format'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}AttributeProfile'] = ( - 'attribute_profile', - [AttributeProfile]) - c_cardinality['attribute_profile'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Attribute'] = ( - 'attribute', - [saml.Attribute]) - c_cardinality['attribute'] = {"min": 0} - c_child_order.extend(['attribute_service', 'assertion_id_request_service', - 'name_id_format', 'attribute_profile', 'attribute']) - - def __init__(self, - attribute_service=None, - assertion_id_request_service=None, - name_id_format=None, - attribute_profile=None, - attribute=None, - signature=None, - extensions=None, - key_descriptor=None, - organization=None, - contact_person=None, - id=None, - valid_until=None, - cache_duration=None, - protocol_support_enumeration=None, - error_url=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AttributeService"] = ("attribute_service", [AttributeService]) + c_cardinality["attribute_service"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AssertionIDRequestService"] = ( + "assertion_id_request_service", + [AssertionIDRequestService], + ) + c_cardinality["assertion_id_request_service"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}NameIDFormat"] = ("name_id_format", [NameIDFormat]) + c_cardinality["name_id_format"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AttributeProfile"] = ("attribute_profile", [AttributeProfile]) + c_cardinality["attribute_profile"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Attribute"] = ("attribute", [saml.Attribute]) + c_cardinality["attribute"] = {"min": 0} + c_child_order.extend( + ["attribute_service", "assertion_id_request_service", "name_id_format", "attribute_profile", "attribute"] + ) + + def __init__( + self, + attribute_service=None, + assertion_id_request_service=None, + name_id_format=None, + attribute_profile=None, + attribute=None, + signature=None, + extensions=None, + key_descriptor=None, + organization=None, + contact_person=None, + id=None, + valid_until=None, + cache_duration=None, + protocol_support_enumeration=None, + error_url=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - RoleDescriptorType_.__init__(self, - signature=signature, - extensions=extensions, - key_descriptor=key_descriptor, - organization=organization, - contact_person=contact_person, - id=id, - valid_until=valid_until, - cache_duration=cache_duration, - protocol_support_enumeration=protocol_support_enumeration, - error_url=error_url, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + RoleDescriptorType_.__init__( + self, + signature=signature, + extensions=extensions, + key_descriptor=key_descriptor, + organization=organization, + contact_person=contact_person, + id=id, + valid_until=valid_until, + cache_duration=cache_duration, + protocol_support_enumeration=protocol_support_enumeration, + error_url=error_url, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.attribute_service = attribute_service or [] self.assertion_id_request_service = assertion_id_request_service or [] @@ -1370,60 +1359,52 @@ def __init__(self, def attribute_authority_descriptor_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AttributeAuthorityDescriptorType_, - xml_string) + return saml2.create_class_from_xml_string(AttributeAuthorityDescriptorType_, xml_string) class AffiliationDescriptorType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:AffiliationDescriptorType - element """ + element""" - c_tag = 'AffiliationDescriptorType' + c_tag = "AffiliationDescriptorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Signature'] = ('signature', - ds.Signature) - c_cardinality['signature'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Extensions'] = ( - 'extensions', - Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}AffiliateMember'] = ( - 'affiliate_member', - [AffiliateMember]) - c_cardinality['affiliate_member'] = {"min": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}KeyDescriptor'] = ( - 'key_descriptor', - [KeyDescriptor]) - c_cardinality['key_descriptor'] = {"min": 0} - c_attributes['affiliationOwnerID'] = ('affiliation_owner_id', EntityIDType_, - True) - c_attributes['validUntil'] = ('valid_until', 'dateTime', False) - c_attributes['cacheDuration'] = ('cache_duration', 'duration', False) - c_attributes['ID'] = ('id', 'ID', False) - c_child_order.extend(['signature', 'extensions', 'affiliate_member', - 'key_descriptor']) - - def __init__(self, - signature=None, - extensions=None, - affiliate_member=None, - key_descriptor=None, - affiliation_owner_id=None, - valid_until=None, - cache_duration=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{http://www.w3.org/2000/09/xmldsig#}Signature"] = ("signature", ds.Signature) + c_cardinality["signature"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AffiliateMember"] = ("affiliate_member", [AffiliateMember]) + c_cardinality["affiliate_member"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}KeyDescriptor"] = ("key_descriptor", [KeyDescriptor]) + c_cardinality["key_descriptor"] = {"min": 0} + c_attributes["affiliationOwnerID"] = ("affiliation_owner_id", EntityIDType_, True) + c_attributes["validUntil"] = ("valid_until", "dateTime", False) + c_attributes["cacheDuration"] = ("cache_duration", "duration", False) + c_attributes["ID"] = ("id", "ID", False) + c_child_order.extend(["signature", "extensions", "affiliate_member", "key_descriptor"]) + + def __init__( + self, + signature=None, + extensions=None, + affiliate_member=None, + key_descriptor=None, + affiliation_owner_id=None, + valid_until=None, + cache_duration=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.signature = signature self.extensions = extensions @@ -1436,14 +1417,13 @@ def __init__(self, def affiliation_descriptor_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AffiliationDescriptorType_, - xml_string) + return saml2.create_class_from_xml_string(AffiliationDescriptorType_, xml_string) class RoleDescriptor(RoleDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:RoleDescriptor element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:RoleDescriptor element""" - c_tag = 'RoleDescriptor' + c_tag = "RoleDescriptor" c_namespace = NAMESPACE c_children = RoleDescriptorType_.c_children.copy() c_attributes = RoleDescriptorType_.c_attributes.copy() @@ -1456,9 +1436,9 @@ def role_descriptor_from_string(xml_string): class IDPSSODescriptor(IDPSSODescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:IDPSSODescriptor element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:IDPSSODescriptor element""" - c_tag = 'IDPSSODescriptor' + c_tag = "IDPSSODescriptor" c_namespace = NAMESPACE c_children = IDPSSODescriptorType_.c_children.copy() c_attributes = IDPSSODescriptorType_.c_attributes.copy() @@ -1472,9 +1452,9 @@ def idpsso_descriptor_from_string(xml_string): class AttributeConsumingService(AttributeConsumingServiceType_): """The urn:oasis:names:tc:SAML:2.0:metadata:AttributeConsumingService - element """ + element""" - c_tag = 'AttributeConsumingService' + c_tag = "AttributeConsumingService" c_namespace = NAMESPACE c_children = AttributeConsumingServiceType_.c_children.copy() c_attributes = AttributeConsumingServiceType_.c_attributes.copy() @@ -1483,15 +1463,14 @@ class AttributeConsumingService(AttributeConsumingServiceType_): def attribute_consuming_service_from_string(xml_string): - return saml2.create_class_from_xml_string(AttributeConsumingService, - xml_string) + return saml2.create_class_from_xml_string(AttributeConsumingService, xml_string) class AuthnAuthorityDescriptor(AuthnAuthorityDescriptorType_): """The urn:oasis:names:tc:SAML:2.0:metadata:AuthnAuthorityDescriptor - element """ + element""" - c_tag = 'AuthnAuthorityDescriptor' + c_tag = "AuthnAuthorityDescriptor" c_namespace = NAMESPACE c_children = AuthnAuthorityDescriptorType_.c_children.copy() c_attributes = AuthnAuthorityDescriptorType_.c_attributes.copy() @@ -1500,14 +1479,13 @@ class AuthnAuthorityDescriptor(AuthnAuthorityDescriptorType_): def authn_authority_descriptor_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnAuthorityDescriptor, - xml_string) + return saml2.create_class_from_xml_string(AuthnAuthorityDescriptor, xml_string) class PDPDescriptor(PDPDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:PDPDescriptor element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:PDPDescriptor element""" - c_tag = 'PDPDescriptor' + c_tag = "PDPDescriptor" c_namespace = NAMESPACE c_children = PDPDescriptorType_.c_children.copy() c_attributes = PDPDescriptorType_.c_attributes.copy() @@ -1521,9 +1499,9 @@ def pdp_descriptor_from_string(xml_string): class AttributeAuthorityDescriptor(AttributeAuthorityDescriptorType_): """The urn:oasis:names:tc:SAML:2.0:metadata:AttributeAuthorityDescriptor - element """ + element""" - c_tag = 'AttributeAuthorityDescriptor' + c_tag = "AttributeAuthorityDescriptor" c_namespace = NAMESPACE c_children = AttributeAuthorityDescriptorType_.c_children.copy() c_attributes = AttributeAuthorityDescriptorType_.c_attributes.copy() @@ -1532,15 +1510,13 @@ class AttributeAuthorityDescriptor(AttributeAuthorityDescriptorType_): def attribute_authority_descriptor_from_string(xml_string): - return saml2.create_class_from_xml_string(AttributeAuthorityDescriptor, - xml_string) + return saml2.create_class_from_xml_string(AttributeAuthorityDescriptor, xml_string) class AffiliationDescriptor(AffiliationDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:AffiliationDescriptor element - """ + """The urn:oasis:names:tc:SAML:2.0:metadata:AffiliationDescriptor element""" - c_tag = 'AffiliationDescriptor' + c_tag = "AffiliationDescriptor" c_namespace = NAMESPACE c_children = AffiliationDescriptorType_.c_children.copy() c_attributes = AffiliationDescriptorType_.c_attributes.copy() @@ -1553,72 +1529,71 @@ def affiliation_descriptor_from_string(xml_string): class SPSSODescriptorType_(SSODescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:SPSSODescriptorType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:SPSSODescriptorType element""" - c_tag = 'SPSSODescriptorType' + c_tag = "SPSSODescriptorType" c_namespace = NAMESPACE c_children = SSODescriptorType_.c_children.copy() c_attributes = SSODescriptorType_.c_attributes.copy() c_child_order = SSODescriptorType_.c_child_order[:] c_cardinality = SSODescriptorType_.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService'] = ( - 'assertion_consumer_service', - [AssertionConsumerService]) - c_cardinality['assertion_consumer_service'] = {"min": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AttributeConsumingService'] = ( - 'attribute_consuming_service', - [AttributeConsumingService]) - c_cardinality['attribute_consuming_service'] = {"min": 0} - c_attributes['AuthnRequestsSigned'] = ('authn_requests_signed', 'boolean', - False) - c_attributes['WantAssertionsSigned'] = ('want_assertions_signed', 'boolean', - False) - c_child_order.extend(['assertion_consumer_service', - 'attribute_consuming_service']) - - def __init__(self, - assertion_consumer_service=None, - attribute_consuming_service=None, - authn_requests_signed=None, - want_assertions_signed=None, - artifact_resolution_service=None, - single_logout_service=None, - manage_name_id_service=None, - name_id_format=None, - signature=None, - extensions=None, - key_descriptor=None, - organization=None, - contact_person=None, - id=None, - valid_until=None, - cache_duration=None, - protocol_support_enumeration=None, - error_url=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AssertionConsumerService"] = ( + "assertion_consumer_service", + [AssertionConsumerService], + ) + c_cardinality["assertion_consumer_service"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AttributeConsumingService"] = ( + "attribute_consuming_service", + [AttributeConsumingService], + ) + c_cardinality["attribute_consuming_service"] = {"min": 0} + c_attributes["AuthnRequestsSigned"] = ("authn_requests_signed", "boolean", False) + c_attributes["WantAssertionsSigned"] = ("want_assertions_signed", "boolean", False) + c_child_order.extend(["assertion_consumer_service", "attribute_consuming_service"]) + + def __init__( + self, + assertion_consumer_service=None, + attribute_consuming_service=None, + authn_requests_signed=None, + want_assertions_signed=None, + artifact_resolution_service=None, + single_logout_service=None, + manage_name_id_service=None, + name_id_format=None, + signature=None, + extensions=None, + key_descriptor=None, + organization=None, + contact_person=None, + id=None, + valid_until=None, + cache_duration=None, + protocol_support_enumeration=None, + error_url=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SSODescriptorType_.__init__(self, - artifact_resolution_service=artifact_resolution_service, - single_logout_service=single_logout_service, - manage_name_id_service=manage_name_id_service, - name_id_format=name_id_format, - signature=signature, - extensions=extensions, - key_descriptor=key_descriptor, - organization=organization, - contact_person=contact_person, - id=id, - valid_until=valid_until, - cache_duration=cache_duration, - protocol_support_enumeration=protocol_support_enumeration, - error_url=error_url, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SSODescriptorType_.__init__( + self, + artifact_resolution_service=artifact_resolution_service, + single_logout_service=single_logout_service, + manage_name_id_service=manage_name_id_service, + name_id_format=name_id_format, + signature=signature, + extensions=extensions, + key_descriptor=key_descriptor, + organization=organization, + contact_person=contact_person, + id=id, + valid_until=valid_until, + cache_duration=cache_duration, + protocol_support_enumeration=protocol_support_enumeration, + error_url=error_url, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.assertion_consumer_service = assertion_consumer_service or [] self.attribute_consuming_service = attribute_consuming_service or [] @@ -1631,9 +1606,9 @@ def spsso_descriptor_type__from_string(xml_string): class SPSSODescriptor(SPSSODescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:SPSSODescriptor element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:SPSSODescriptor element""" - c_tag = 'SPSSODescriptor' + c_tag = "SPSSODescriptor" c_namespace = NAMESPACE c_children = SPSSODescriptorType_.c_children.copy() c_attributes = SPSSODescriptorType_.c_attributes.copy() @@ -1646,102 +1621,98 @@ def spsso_descriptor_from_string(xml_string): class EntityDescriptorType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptorType element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptorType element""" - c_tag = 'EntityDescriptorType' + c_tag = "EntityDescriptorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Signature'] = ('signature', - ds.Signature) - c_cardinality['signature'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Extensions'] = ( - 'extensions', - Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}RoleDescriptor'] = ( - 'role_descriptor', - [RoleDescriptor]) - c_cardinality['role_descriptor'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}IDPSSODescriptor'] = ( - 'idpsso_descriptor', - [IDPSSODescriptor]) - c_cardinality['idpsso_descriptor'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor'] = ( - 'spsso_descriptor', - [SPSSODescriptor]) - c_cardinality['spsso_descriptor'] = {"min": 0} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AuthnAuthorityDescriptor'] = ( - 'authn_authority_descriptor', - [AuthnAuthorityDescriptor]) - c_cardinality['authn_authority_descriptor'] = {"min": 0} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AttributeAuthorityDescriptor']\ - = ( - 'attribute_authority_descriptor', - [AttributeAuthorityDescriptor]) - c_cardinality['attribute_authority_descriptor'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}PDPDescriptor'] = ( - 'pdp_descriptor', - [PDPDescriptor]) - c_cardinality['pdp_descriptor'] = {"min": 0} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AffiliationDescriptor'] = ( - 'affiliation_descriptor', - AffiliationDescriptor) - c_cardinality['affiliation_descriptor'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Organization'] = ( - 'organization', - Organization) - c_cardinality['organization'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}ContactPerson'] = ( - 'contact_person', - [ContactPerson]) - c_cardinality['contact_person'] = {"min": 0} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}AdditionalMetadataLocation'] = ( - 'additional_metadata_location', - [AdditionalMetadataLocation]) - c_cardinality['additional_metadata_location'] = {"min": 0} - c_attributes['entityID'] = ('entity_id', EntityIDType_, True) - c_attributes['validUntil'] = ('valid_until', 'dateTime', False) - c_attributes['cacheDuration'] = ('cache_duration', 'duration', False) - c_attributes['ID'] = ('id', 'ID', False) - c_child_order.extend(['signature', 'extensions', 'role_descriptor', - 'idpsso_descriptor', 'spsso_descriptor', - 'authn_authority_descriptor', - 'attribute_authority_descriptor', 'pdp_descriptor', - 'affiliation_descriptor', 'organization', - 'contact_person', 'additional_metadata_location']) - - def __init__(self, - signature=None, - extensions=None, - role_descriptor=None, - idpsso_descriptor=None, - spsso_descriptor=None, - authn_authority_descriptor=None, - attribute_authority_descriptor=None, - pdp_descriptor=None, - affiliation_descriptor=None, - organization=None, - contact_person=None, - additional_metadata_location=None, - entity_id=None, - valid_until=None, - cache_duration=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{http://www.w3.org/2000/09/xmldsig#}Signature"] = ("signature", ds.Signature) + c_cardinality["signature"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}RoleDescriptor"] = ("role_descriptor", [RoleDescriptor]) + c_cardinality["role_descriptor"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}IDPSSODescriptor"] = ("idpsso_descriptor", [IDPSSODescriptor]) + c_cardinality["idpsso_descriptor"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}SPSSODescriptor"] = ("spsso_descriptor", [SPSSODescriptor]) + c_cardinality["spsso_descriptor"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AuthnAuthorityDescriptor"] = ( + "authn_authority_descriptor", + [AuthnAuthorityDescriptor], + ) + c_cardinality["authn_authority_descriptor"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AttributeAuthorityDescriptor"] = ( + "attribute_authority_descriptor", + [AttributeAuthorityDescriptor], + ) + c_cardinality["attribute_authority_descriptor"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}PDPDescriptor"] = ("pdp_descriptor", [PDPDescriptor]) + c_cardinality["pdp_descriptor"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AffiliationDescriptor"] = ( + "affiliation_descriptor", + AffiliationDescriptor, + ) + c_cardinality["affiliation_descriptor"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Organization"] = ("organization", Organization) + c_cardinality["organization"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}ContactPerson"] = ("contact_person", [ContactPerson]) + c_cardinality["contact_person"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}AdditionalMetadataLocation"] = ( + "additional_metadata_location", + [AdditionalMetadataLocation], + ) + c_cardinality["additional_metadata_location"] = {"min": 0} + c_attributes["entityID"] = ("entity_id", EntityIDType_, True) + c_attributes["validUntil"] = ("valid_until", "dateTime", False) + c_attributes["cacheDuration"] = ("cache_duration", "duration", False) + c_attributes["ID"] = ("id", "ID", False) + c_child_order.extend( + [ + "signature", + "extensions", + "role_descriptor", + "idpsso_descriptor", + "spsso_descriptor", + "authn_authority_descriptor", + "attribute_authority_descriptor", + "pdp_descriptor", + "affiliation_descriptor", + "organization", + "contact_person", + "additional_metadata_location", + ] + ) + + def __init__( + self, + signature=None, + extensions=None, + role_descriptor=None, + idpsso_descriptor=None, + spsso_descriptor=None, + authn_authority_descriptor=None, + attribute_authority_descriptor=None, + pdp_descriptor=None, + affiliation_descriptor=None, + organization=None, + contact_person=None, + additional_metadata_location=None, + entity_id=None, + valid_until=None, + cache_duration=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.signature = signature self.extensions = extensions @@ -1749,8 +1720,7 @@ def __init__(self, self.idpsso_descriptor = idpsso_descriptor or [] self.spsso_descriptor = spsso_descriptor or [] self.authn_authority_descriptor = authn_authority_descriptor or [] - self.attribute_authority_descriptor = attribute_authority_descriptor \ - or [] + self.attribute_authority_descriptor = attribute_authority_descriptor or [] self.pdp_descriptor = pdp_descriptor or [] self.affiliation_descriptor = affiliation_descriptor self.organization = organization @@ -1767,9 +1737,9 @@ def entity_descriptor_type__from_string(xml_string): class EntityDescriptor(EntityDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor element""" - c_tag = 'EntityDescriptor' + c_tag = "EntityDescriptor" c_namespace = NAMESPACE c_children = EntityDescriptorType_.c_children.copy() c_attributes = EntityDescriptorType_.c_attributes.copy() @@ -1784,50 +1754,46 @@ def entity_descriptor_from_string(xml_string): # ['EntitiesDescriptor', 'EntitiesDescriptorType'] class EntitiesDescriptorType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:metadata:EntitiesDescriptorType - element """ + element""" - c_tag = 'EntitiesDescriptorType' + c_tag = "EntitiesDescriptorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Signature'] = ('signature', - ds.Signature) - c_cardinality['signature'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}Extensions'] = ( - 'extensions', - Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:metadata}EntityDescriptor'] = ( - 'entity_descriptor', - [EntityDescriptor]) - c_cardinality['entity_descriptor'] = {"min": 0} - c_cardinality['entities_descriptor'] = {"min": 0} - c_attributes['validUntil'] = ('valid_until', 'dateTime', False) - c_attributes['cacheDuration'] = ('cache_duration', 'duration', False) - c_attributes['ID'] = ('id', 'ID', False) - c_attributes['Name'] = ('name', 'string', False) - c_child_order.extend(['signature', 'extensions', 'entity_descriptor', - 'entities_descriptor']) - - def __init__(self, - signature=None, - extensions=None, - entity_descriptor=None, - entities_descriptor=None, - valid_until=None, - cache_duration=None, - id=None, - name=None, - text=None, - extension_elements=None, - extension_attributes=None, + c_children["{http://www.w3.org/2000/09/xmldsig#}Signature"] = ("signature", ds.Signature) + c_cardinality["signature"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:metadata}EntityDescriptor"] = ("entity_descriptor", [EntityDescriptor]) + c_cardinality["entity_descriptor"] = {"min": 0} + c_cardinality["entities_descriptor"] = {"min": 0} + c_attributes["validUntil"] = ("valid_until", "dateTime", False) + c_attributes["cacheDuration"] = ("cache_duration", "duration", False) + c_attributes["ID"] = ("id", "ID", False) + c_attributes["Name"] = ("name", "string", False) + c_child_order.extend(["signature", "extensions", "entity_descriptor", "entities_descriptor"]) + + def __init__( + self, + signature=None, + extensions=None, + entity_descriptor=None, + entities_descriptor=None, + valid_until=None, + cache_duration=None, + id=None, + name=None, + text=None, + extension_elements=None, + extension_attributes=None, ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, ) self.signature = signature self.extensions = extensions @@ -1840,14 +1806,13 @@ def __init__(self, def entities_descriptor_type__from_string(xml_string): - return saml2.create_class_from_xml_string(EntitiesDescriptorType_, - xml_string) + return saml2.create_class_from_xml_string(EntitiesDescriptorType_, xml_string) class EntitiesDescriptor(EntitiesDescriptorType_): - """The urn:oasis:names:tc:SAML:2.0:metadata:EntitiesDescriptor element """ + """The urn:oasis:names:tc:SAML:2.0:metadata:EntitiesDescriptor element""" - c_tag = 'EntitiesDescriptor' + c_tag = "EntitiesDescriptor" c_namespace = NAMESPACE c_children = EntitiesDescriptorType_.c_children.copy() c_attributes = EntitiesDescriptorType_.c_attributes.copy() @@ -1860,14 +1825,14 @@ def entities_descriptor_from_string(xml_string): # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -EntitiesDescriptorType_.c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}EntitiesDescriptor'] = ( - 'entities_descriptor', - [EntitiesDescriptor]) -EntitiesDescriptor.c_children[ - '{urn:oasis:names:tc:SAML:2.0:metadata}EntitiesDescriptor'] = ( - 'entities_descriptor', - [EntitiesDescriptor]) +EntitiesDescriptorType_.c_children["{urn:oasis:names:tc:SAML:2.0:metadata}EntitiesDescriptor"] = ( + "entities_descriptor", + [EntitiesDescriptor], +) +EntitiesDescriptor.c_children["{urn:oasis:names:tc:SAML:2.0:metadata}EntitiesDescriptor"] = ( + "entities_descriptor", + [EntitiesDescriptor], +) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ELEMENT_FROM_STRING = { @@ -1896,8 +1861,7 @@ def entities_descriptor_from_string(xml_string): TelephoneNumber.c_tag: telephone_number_from_string, ContactTypeType_.c_tag: contact_type_type__from_string, AdditionalMetadataLocation.c_tag: additional_metadata_location_from_string, - AdditionalMetadataLocationType_.c_tag: - additional_metadata_location_type__from_string, + AdditionalMetadataLocationType_.c_tag: additional_metadata_location_type__from_string, RoleDescriptor.c_tag: role_descriptor_from_string, AnyURIListType_.c_tag: any_uri_list_type__from_string, KeyDescriptor.c_tag: key_descriptor_from_string, @@ -1918,23 +1882,19 @@ def entities_descriptor_from_string(xml_string): SPSSODescriptorType_.c_tag: spsso_descriptor_type__from_string, AssertionConsumerService.c_tag: assertion_consumer_service_from_string, AttributeConsumingService.c_tag: attribute_consuming_service_from_string, - AttributeConsumingServiceType_.c_tag: - attribute_consuming_service_type__from_string, + AttributeConsumingServiceType_.c_tag: attribute_consuming_service_type__from_string, ServiceName.c_tag: service_name_from_string, ServiceDescription.c_tag: service_description_from_string, RequestedAttribute.c_tag: requested_attribute_from_string, RequestedAttributeType_.c_tag: requested_attribute_type__from_string, AuthnAuthorityDescriptor.c_tag: authn_authority_descriptor_from_string, - AuthnAuthorityDescriptorType_.c_tag: - authn_authority_descriptor_type__from_string, + AuthnAuthorityDescriptorType_.c_tag: authn_authority_descriptor_type__from_string, AuthnQueryService.c_tag: authn_query_service_from_string, PDPDescriptor.c_tag: pdp_descriptor_from_string, PDPDescriptorType_.c_tag: pdp_descriptor_type__from_string, AuthzService.c_tag: authz_service_from_string, - AttributeAuthorityDescriptor.c_tag: - attribute_authority_descriptor_from_string, - AttributeAuthorityDescriptorType_.c_tag: - attribute_authority_descriptor_type__from_string, + AttributeAuthorityDescriptor.c_tag: attribute_authority_descriptor_from_string, + AttributeAuthorityDescriptorType_.c_tag: attribute_authority_descriptor_type__from_string, AttributeService.c_tag: attribute_service_from_string, AffiliationDescriptor.c_tag: affiliation_descriptor_from_string, AffiliationDescriptorType_.c_tag: affiliation_descriptor_type__from_string, @@ -1942,71 +1902,71 @@ def entities_descriptor_from_string(xml_string): } ELEMENT_BY_TAG = { - 'entityIDType': EntityIDType_, - 'localizedNameType': LocalizedNameType_, - 'localizedURIType': LocalizedURIType_, - 'Extensions': Extensions, - 'ExtensionsType': ExtensionsType_, - 'EndpointType': EndpointType_, - 'IndexedEndpointType': IndexedEndpointType_, - 'EntitiesDescriptor': EntitiesDescriptor, - 'EntitiesDescriptorType': EntitiesDescriptorType_, - 'EntityDescriptor': EntityDescriptor, - 'EntityDescriptorType': EntityDescriptorType_, - 'Organization': Organization, - 'OrganizationType': OrganizationType_, - 'OrganizationName': OrganizationName, - 'OrganizationDisplayName': OrganizationDisplayName, - 'OrganizationURL': OrganizationURL, - 'ContactPerson': ContactPerson, - 'ContactType': ContactType_, - 'Company': Company, - 'GivenName': GivenName, - 'SurName': SurName, - 'EmailAddress': EmailAddress, - 'TelephoneNumber': TelephoneNumber, - 'ContactTypeType': ContactTypeType_, - 'AdditionalMetadataLocation': AdditionalMetadataLocation, - 'AdditionalMetadataLocationType': AdditionalMetadataLocationType_, - 'RoleDescriptor': RoleDescriptor, - 'anyURIListType': AnyURIListType_, - 'KeyDescriptor': KeyDescriptor, - 'KeyDescriptorType': KeyDescriptorType_, - 'KeyTypes': KeyTypes_, - 'EncryptionMethod': EncryptionMethod, - 'ArtifactResolutionService': ArtifactResolutionService, - 'SingleLogoutService': SingleLogoutService, - 'ManageNameIDService': ManageNameIDService, - 'NameIDFormat': NameIDFormat, - 'IDPSSODescriptor': IDPSSODescriptor, - 'IDPSSODescriptorType': IDPSSODescriptorType_, - 'SingleSignOnService': SingleSignOnService, - 'NameIDMappingService': NameIDMappingService, - 'AssertionIDRequestService': AssertionIDRequestService, - 'AttributeProfile': AttributeProfile, - 'SPSSODescriptor': SPSSODescriptor, - 'SPSSODescriptorType': SPSSODescriptorType_, - 'AssertionConsumerService': AssertionConsumerService, - 'AttributeConsumingService': AttributeConsumingService, - 'AttributeConsumingServiceType': AttributeConsumingServiceType_, - 'ServiceName': ServiceName, - 'ServiceDescription': ServiceDescription, - 'RequestedAttribute': RequestedAttribute, - 'RequestedAttributeType': RequestedAttributeType_, - 'AuthnAuthorityDescriptor': AuthnAuthorityDescriptor, - 'AuthnAuthorityDescriptorType': AuthnAuthorityDescriptorType_, - 'AuthnQueryService': AuthnQueryService, - 'PDPDescriptor': PDPDescriptor, - 'PDPDescriptorType': PDPDescriptorType_, - 'AuthzService': AuthzService, - 'AttributeAuthorityDescriptor': AttributeAuthorityDescriptor, - 'AttributeAuthorityDescriptorType': AttributeAuthorityDescriptorType_, - 'AttributeService': AttributeService, - 'AffiliationDescriptor': AffiliationDescriptor, - 'AffiliationDescriptorType': AffiliationDescriptorType_, - 'AffiliateMember': AffiliateMember, - 'RoleDescriptorType': RoleDescriptorType_, - 'SSODescriptorType': SSODescriptorType_, + "entityIDType": EntityIDType_, + "localizedNameType": LocalizedNameType_, + "localizedURIType": LocalizedURIType_, + "Extensions": Extensions, + "ExtensionsType": ExtensionsType_, + "EndpointType": EndpointType_, + "IndexedEndpointType": IndexedEndpointType_, + "EntitiesDescriptor": EntitiesDescriptor, + "EntitiesDescriptorType": EntitiesDescriptorType_, + "EntityDescriptor": EntityDescriptor, + "EntityDescriptorType": EntityDescriptorType_, + "Organization": Organization, + "OrganizationType": OrganizationType_, + "OrganizationName": OrganizationName, + "OrganizationDisplayName": OrganizationDisplayName, + "OrganizationURL": OrganizationURL, + "ContactPerson": ContactPerson, + "ContactType": ContactType_, + "Company": Company, + "GivenName": GivenName, + "SurName": SurName, + "EmailAddress": EmailAddress, + "TelephoneNumber": TelephoneNumber, + "ContactTypeType": ContactTypeType_, + "AdditionalMetadataLocation": AdditionalMetadataLocation, + "AdditionalMetadataLocationType": AdditionalMetadataLocationType_, + "RoleDescriptor": RoleDescriptor, + "anyURIListType": AnyURIListType_, + "KeyDescriptor": KeyDescriptor, + "KeyDescriptorType": KeyDescriptorType_, + "KeyTypes": KeyTypes_, + "EncryptionMethod": EncryptionMethod, + "ArtifactResolutionService": ArtifactResolutionService, + "SingleLogoutService": SingleLogoutService, + "ManageNameIDService": ManageNameIDService, + "NameIDFormat": NameIDFormat, + "IDPSSODescriptor": IDPSSODescriptor, + "IDPSSODescriptorType": IDPSSODescriptorType_, + "SingleSignOnService": SingleSignOnService, + "NameIDMappingService": NameIDMappingService, + "AssertionIDRequestService": AssertionIDRequestService, + "AttributeProfile": AttributeProfile, + "SPSSODescriptor": SPSSODescriptor, + "SPSSODescriptorType": SPSSODescriptorType_, + "AssertionConsumerService": AssertionConsumerService, + "AttributeConsumingService": AttributeConsumingService, + "AttributeConsumingServiceType": AttributeConsumingServiceType_, + "ServiceName": ServiceName, + "ServiceDescription": ServiceDescription, + "RequestedAttribute": RequestedAttribute, + "RequestedAttributeType": RequestedAttributeType_, + "AuthnAuthorityDescriptor": AuthnAuthorityDescriptor, + "AuthnAuthorityDescriptorType": AuthnAuthorityDescriptorType_, + "AuthnQueryService": AuthnQueryService, + "PDPDescriptor": PDPDescriptor, + "PDPDescriptorType": PDPDescriptorType_, + "AuthzService": AuthzService, + "AttributeAuthorityDescriptor": AttributeAuthorityDescriptor, + "AttributeAuthorityDescriptorType": AttributeAuthorityDescriptorType_, + "AttributeService": AttributeService, + "AffiliationDescriptor": AffiliationDescriptor, + "AffiliationDescriptorType": AffiliationDescriptorType_, + "AffiliateMember": AffiliateMember, + "RoleDescriptorType": RoleDescriptorType_, + "SSODescriptorType": SSODescriptorType_, } diff --git a/src/saml2/mdbcache.py b/src/saml2/mdbcache.py index 6da1b498e..20215bb66 100644 --- a/src/saml2/mdbcache.py +++ b/src/saml2/mdbcache.py @@ -1,20 +1,23 @@ #!/usr/bin/env python import logging + from pymongo.mongo_client import MongoClient -__author__ = 'rolandh' -import time +__author__ = "rolandh" + from datetime import datetime +import time from saml2 import time_util from saml2.cache import TooOld from saml2.time_util import TIME_FORMAT + logger = logging.getLogger(__name__) -class Cache(object): +class Cache: def __init__(self, server=None, debug=0, db=None): if server: connection = MongoClient(server) @@ -30,11 +33,10 @@ def __init__(self, server=None, debug=0, db=None): self.debug = debug def delete(self, subject_id): - self._cache.delete_many({'subject_id': subject_id}) + self._cache.delete_many({"subject_id": subject_id}) - def get_identity(self, subject_id, entities=None, - check_not_on_or_after=True): - """ Get all the identity information that has been received and + def get_identity(self, subject_id, entities=None, check_not_on_or_after=True): + """Get all the identity information that has been received and are still valid about the subject. :param subject_id: The identifier of the subject @@ -63,8 +65,7 @@ def get_identity(self, subject_id, entities=None, else: for entity_id in entities: try: - info = self.get(subject_id, entity_id, - check_not_on_or_after) + info = self.get(subject_id, entity_id, check_not_on_or_after) except TooOld: oldees.append(entity_id) continue @@ -79,7 +80,7 @@ def get_identity(self, subject_id, entities=None, return res, oldees def _get_info(self, item, check_not_on_or_after=True): - """ Get session information about a subject gotten from a + """Get session information about a subject gotten from a specified IdP/AA. :param item: Information stored @@ -96,15 +97,14 @@ def _get_info(self, item, check_not_on_or_after=True): return None def get(self, subject_id, entity_id, check_not_on_or_after=True): - res = self._cache.find_one({"subject_id": subject_id, - "entity_id": entity_id}) + res = self._cache.find_one({"subject_id": subject_id, "entity_id": entity_id}) if not res: return {} else: return self._get_info(res, check_not_on_or_after) def set(self, subject_id, entity_id, info, timestamp=0): - """ Stores session information in the cache. Assumes that the subject_id + """Stores session information in the cache. Assumes that the subject_id is unique within the context of the Service Provider. :param subject_id: The subject identifier @@ -114,8 +114,7 @@ def set(self, subject_id, entity_id, info, timestamp=0): :param timestamp: A time after which the assertion is not valid. """ - if isinstance(timestamp, datetime) or isinstance(timestamp, - time.struct_time): + if isinstance(timestamp, datetime) or isinstance(timestamp, time.struct_time): timestamp = time.strftime(TIME_FORMAT, timestamp) doc = { @@ -128,36 +127,34 @@ def set(self, subject_id, entity_id, info, timestamp=0): _ = self._cache.insert_one(doc) def reset(self, subject_id, entity_id): - """ Scrap the assertions received from a IdP or an AA about a special + """Scrap the assertions received from a IdP or an AA about a special subject. :param subject_id: The subjects identifier :param entity_id: The identifier of the entity_id of the assertion :return: """ - self._cache.update({"subject_id": subject_id, "entity_id": entity_id}, - {"$set": {"info": {}, "timestamp": 0}}) + self._cache.update({"subject_id": subject_id, "entity_id": entity_id}, {"$set": {"info": {}, "timestamp": 0}}) def entities(self, subject_id): - """ Returns all the entities of assertions for a subject, disregarding + """Returns all the entities of assertions for a subject, disregarding whether the assertion still is valid or not. :param subject_id: The identifier of the subject :return: A possibly empty list of entity identifiers """ try: - return [i["entity_id"] for i in self._cache.find({"subject_id": - subject_id})] + return [i["entity_id"] for i in self._cache.find({"subject_id": subject_id})] except ValueError: return [] def receivers(self, subject_id): - """ Another name for entities() just to make it more logic in the IdP - scenario """ + """Another name for entities() just to make it more logic in the IdP + scenario""" return self.entities(subject_id) def active(self, subject_id, entity_id): - """ Returns the status of assertions from a specific entity_id. + """Returns the status of assertions from a specific entity_id. :param subject_id: The ID of the subject :param entity_id: The entity ID of the entity_id of the assertion @@ -165,15 +162,14 @@ def active(self, subject_id, entity_id): valid or not. """ - item = self._cache.find_one({"subject_id": subject_id, - "entity_id": entity_id}) + item = self._cache.find_one({"subject_id": subject_id, "entity_id": entity_id}) try: return time_util.not_on_or_after(item["timestamp"]) except TooOld: return False def subjects(self): - """ Return identifiers for all the subjects that are in the cache. + """Return identifiers for all the subjects that are in the cache. :return: list of subject identifiers """ @@ -184,17 +180,14 @@ def subjects(self): def update(self, subject_id, entity_id, ava): """ """ - item = self._cache.find_one({"subject_id": subject_id, - "entity_id": entity_id}) + item = self._cache.find_one({"subject_id": subject_id, "entity_id": entity_id}) info = item["info"] info["ava"].update(ava) - self._cache.update({"subject_id": subject_id, "entity_id": entity_id}, - {"$set": {"info": info}}) + self._cache.update({"subject_id": subject_id, "entity_id": entity_id}, {"$set": {"info": info}}) def valid_to(self, subject_id, entity_id, newtime): """ """ - self._cache.update({"subject_id": subject_id, "entity_id": entity_id}, - {"$set": {"timestamp": newtime}}) + self._cache.update({"subject_id": subject_id, "entity_id": entity_id}, {"$set": {"timestamp": newtime}}) def clear(self): self._cache.delete_many({}) diff --git a/src/saml2/mdie.py b/src/saml2/mdie.py index 1bbe3e8d7..ae81d71fa 100644 --- a/src/saml2/mdie.py +++ b/src/saml2/mdie.py @@ -1,13 +1,13 @@ #!/usr/bin/env python -import six -from saml2 import element_to_extension_element -from saml2 import extension_elements_to_elements from saml2 import ExtensionElement from saml2 import SamlBase +from saml2 import element_to_extension_element +from saml2 import extension_elements_to_elements from saml2 import md -__author__ = 'rolandh' + +__author__ = "rolandh" """ Functions used to import metadata from and export it to a pysaml2 format @@ -25,26 +25,18 @@ def _eval(val, onts, mdb_safe): :param onts: Schemas to be used in the conversion :return: The basic dictionary """ - if isinstance(val, six.string_types): + if isinstance(val, str): val = val.strip() if not val: return None else: return val - elif ( - isinstance(val, dict) - or isinstance(val, SamlBase) - or isinstance(val, ExtensionElement) - ): + elif isinstance(val, dict) or isinstance(val, SamlBase) or isinstance(val, ExtensionElement): return to_dict(val, onts, mdb_safe) elif isinstance(val, list): lv = [] for v in val: - if ( - isinstance(v, dict) - or isinstance(v, SamlBase) - or isinstance(v, ExtensionElement) - ): + if isinstance(v, dict) or isinstance(v, SamlBase) or isinstance(v, ExtensionElement): lv.append(to_dict(v, onts, mdb_safe)) else: lv.append(v) @@ -64,21 +56,18 @@ def to_dict(_dict, onts, mdb_safe=False): """ res = {} if isinstance(_dict, SamlBase): - res["__class__"] = "%s&%s" % (_dict.c_namespace, _dict.c_tag) + res["__class__"] = f"{_dict.c_namespace}&{_dict.c_tag}" for key in _dict.keyswv(): if key in IMP_SKIP: continue val = getattr(_dict, key) if key == "extension_elements": - _eel = extension_elements_to_elements( - val, onts, keep_unmatched=True - ) + _eel = extension_elements_to_elements(val, onts, keep_unmatched=True) _val = [_eval(_v, onts, mdb_safe) for _v in _eel] elif key == "extension_attributes": if mdb_safe: - _val = dict([(k.replace(".", "__"), v) for k, v in - val.items()]) - #_val = {k.replace(".", "__"): v for k, v in val.items()} + _val = {k.replace(".", "__"): v for k, v in val.items()} + # _val = {k.replace(".", "__"): v for k, v in val.items()} else: _val = val else: @@ -96,7 +85,7 @@ def to_dict(_dict, onts, mdb_safe=False): for _val in [_eval(val, onts, mdb_safe)] if _val } - res["__class__"] = "%s&%s" % (_dict.namespace, _dict.tag) + res["__class__"] = f"{_dict.namespace}&{_dict.tag}" else: for key, val in _dict.items(): _val = _eval(val, onts, mdb_safe) @@ -109,6 +98,7 @@ def to_dict(_dict, onts, mdb_safe=False): # From Python dictionary to pysaml2 SAML2 metadata format + def _kwa(val, onts, mdb_safe=False): """ Key word argument conversion @@ -119,13 +109,11 @@ def _kwa(val, onts, mdb_safe=False): :return: A converted dictionary """ if not mdb_safe: - return dict([(k, from_dict(v, onts)) for k, v in val.items() - if k not in EXP_SKIP]) + return {k: from_dict(v, onts) for k, v in val.items() if k not in EXP_SKIP} else: _skip = ["_id"] _skip.extend(EXP_SKIP) - return dict([(k.replace("__", "."), from_dict(v, onts)) for k, v in - val.items() if k not in _skip]) + return {k.replace("__", "."): from_dict(v, onts) for k, v in val.items() if k not in _skip} def from_dict(val, onts, mdb_safe=False): @@ -162,7 +150,7 @@ def from_dict(val, onts, mdb_safe=False): key = key.replace("__", ".") res[key] = from_dict(v, onts) return res - elif isinstance(val, six.string_types): + elif isinstance(val, str): return val elif isinstance(val, list): return [from_dict(v, onts) for v in val] diff --git a/src/saml2/mdstore.py b/src/saml2/mdstore.py index 5fdf83447..2ea9742f0 100644 --- a/src/saml2/mdstore.py +++ b/src/saml2/mdstore.py @@ -1,94 +1,86 @@ -from __future__ import print_function import hashlib +from hashlib import sha1 import importlib +from itertools import chain import json import logging import os -import sys -from itertools import chain -from warnings import warn as _warn -from hashlib import sha1 from os.path import isfile from os.path import join from re import compile as regex_compile +import sys +from warnings import warn as _warn import requests -import six - +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import SAMLError from saml2 import md from saml2 import saml from saml2 import samlp from saml2 import xmldsig from saml2 import xmlenc -from saml2 import SAMLError -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_SOAP -from saml2.httpbase import HTTPBase +from saml2.extension.algsupport import NAMESPACE as NS_ALGSUPPORT +from saml2.extension.algsupport import DigestMethod +from saml2.extension.algsupport import SigningMethod from saml2.extension.idpdisc import BINDING_DISCO from saml2.extension.idpdisc import DiscoveryResponse +from saml2.extension.mdattr import NAMESPACE as NS_MDATTR +from saml2.extension.mdattr import EntityAttributes +from saml2.extension.mdrpi import NAMESPACE as NS_MDRPI +from saml2.extension.mdrpi import RegistrationInfo +from saml2.extension.mdrpi import RegistrationPolicy +from saml2.extension.mdui import NAMESPACE as NS_MDUI +from saml2.extension.mdui import Description +from saml2.extension.mdui import DisplayName +from saml2.extension.mdui import InformationURL +from saml2.extension.mdui import Logo +from saml2.extension.mdui import PrivacyStatementURL +from saml2.extension.mdui import UIInfo +from saml2.extension.shibmd import NAMESPACE as NS_SHIBMD +from saml2.extension.shibmd import Scope +from saml2.httpbase import HTTPBase from saml2.md import NAMESPACE as NS_MD +from saml2.md import ArtifactResolutionService from saml2.md import EntitiesDescriptor from saml2.md import EntityDescriptor -from saml2.md import ArtifactResolutionService from saml2.md import NameIDMappingService from saml2.md import SingleSignOnService from saml2.mdie import to_dict -from saml2.s_utils import UnsupportedBinding from saml2.s_utils import UnknownSystemEntity +from saml2.s_utils import UnsupportedBinding +from saml2.sigver import SignatureError +from saml2.sigver import security_context from saml2.sigver import split_len -from saml2.validate import valid_instance -from saml2.time_util import valid -from saml2.time_util import instant from saml2.time_util import add_duration from saml2.time_util import before +from saml2.time_util import instant from saml2.time_util import str_to_time +from saml2.time_util import valid from saml2.validate import NotValid -from saml2.sigver import SignatureError -from saml2.sigver import security_context -from saml2.extension.mdattr import NAMESPACE as NS_MDATTR -from saml2.extension.mdattr import EntityAttributes -from saml2.extension.algsupport import NAMESPACE as NS_ALGSUPPORT -from saml2.extension.algsupport import SigningMethod, DigestMethod -from saml2.extension.mdui import NAMESPACE as NS_MDUI -from saml2.extension.mdui import UIInfo -from saml2.extension.mdui import DisplayName -from saml2.extension.mdui import Description -from saml2.extension.mdui import InformationURL -from saml2.extension.mdui import PrivacyStatementURL -from saml2.extension.mdui import Logo -from saml2.extension.mdrpi import NAMESPACE as NS_MDRPI -from saml2.extension.mdrpi import RegistrationInfo -from saml2.extension.mdrpi import RegistrationPolicy -from saml2.extension.shibmd import NAMESPACE as NS_SHIBMD -from saml2.extension.shibmd import Scope +from saml2.validate import valid_instance logger = logging.getLogger(__name__) classnames = { - "mdattr_entityattributes": "{ns}&{tag}".format( - ns=NS_MDATTR, tag=EntityAttributes.c_tag - ), - "algsupport_signing_method": "{ns}&{tag}".format(ns=NS_ALGSUPPORT, tag=SigningMethod.c_tag), - "algsupport_digest_method": "{ns}&{tag}".format(ns=NS_ALGSUPPORT, tag=DigestMethod.c_tag), - "mdui_uiinfo": "{ns}&{tag}".format(ns=NS_MDUI, tag=UIInfo.c_tag), - "mdui_uiinfo_display_name": "{ns}&{tag}".format(ns=NS_MDUI, tag=DisplayName.c_tag), - "mdui_uiinfo_description": "{ns}&{tag}".format(ns=NS_MDUI, tag=Description.c_tag), - "mdui_uiinfo_information_url": "{ns}&{tag}".format( - ns=NS_MDUI, tag=InformationURL.c_tag - ), - "mdui_uiinfo_privacy_statement_url": "{ns}&{tag}".format( - ns=NS_MDUI, tag=PrivacyStatementURL.c_tag - ), - "mdui_uiinfo_logo": "{ns}&{tag}".format(ns=NS_MDUI, tag=Logo.c_tag), - "service_artifact_resolution": "{ns}&{tag}".format(ns=NS_MD, tag=ArtifactResolutionService.c_tag), - "service_single_sign_on": "{ns}&{tag}".format(ns=NS_MD, tag=SingleSignOnService.c_tag), - "service_nameid_mapping": "{ns}&{tag}".format(ns=NS_MD, tag=NameIDMappingService.c_tag), - "mdrpi_registration_info": "{ns}&{tag}".format(ns=NS_MDRPI, tag=RegistrationInfo.c_tag), - "mdrpi_registration_policy": "{ns}&{tag}".format(ns=NS_MDRPI, tag=RegistrationPolicy.c_tag), - "shibmd_scope": "{ns}&{tag}".format(ns=NS_SHIBMD, tag=Scope.c_tag) + "mdattr_entityattributes": f"{NS_MDATTR}&{EntityAttributes.c_tag}", + "algsupport_signing_method": f"{NS_ALGSUPPORT}&{SigningMethod.c_tag}", + "algsupport_digest_method": f"{NS_ALGSUPPORT}&{DigestMethod.c_tag}", + "mdui_uiinfo": f"{NS_MDUI}&{UIInfo.c_tag}", + "mdui_uiinfo_display_name": f"{NS_MDUI}&{DisplayName.c_tag}", + "mdui_uiinfo_description": f"{NS_MDUI}&{Description.c_tag}", + "mdui_uiinfo_information_url": f"{NS_MDUI}&{InformationURL.c_tag}", + "mdui_uiinfo_privacy_statement_url": f"{NS_MDUI}&{PrivacyStatementURL.c_tag}", + "mdui_uiinfo_logo": f"{NS_MDUI}&{Logo.c_tag}", + "service_artifact_resolution": f"{NS_MD}&{ArtifactResolutionService.c_tag}", + "service_single_sign_on": f"{NS_MD}&{SingleSignOnService.c_tag}", + "service_nameid_mapping": f"{NS_MD}&{NameIDMappingService.c_tag}", + "mdrpi_registration_info": f"{NS_MDRPI}&{RegistrationInfo.c_tag}", + "mdrpi_registration_policy": f"{NS_MDRPI}&{RegistrationPolicy.c_tag}", + "shibmd_scope": f"{NS_SHIBMD}&{Scope.c_tag}", } ENTITY_CATEGORY = "http://macedir.org/entity-category" @@ -117,7 +109,7 @@ # SP "assertion_response": "assertion_consumer_service", "attribute_response": "attribute_consuming_service", - "discovery_service_request": "discovery_response" + "discovery_service_request": "discovery_response", } @@ -134,14 +126,14 @@ class SourceNotFound(Exception): def load_extensions(): - from saml2 import extension import pkgutil + from saml2 import extension + package = extension - prefix = package.__name__ + "." + prefix = f"{package.__name__}." ext_map = {} - for importer, modname, ispkg in pkgutil.iter_modules(package.__path__, - prefix): + for importer, modname, ispkg in pkgutil.iter_modules(package.__path__, prefix): module = __import__(modname, fromlist="dummy") ext_map[module.NAMESPACE] = module @@ -149,12 +141,7 @@ def load_extensions(): def load_metadata_modules(): - mods = { - saml.NAMESPACE: saml, - md.NAMESPACE: md, - xmldsig.NAMESPACE: xmldsig, - xmlenc.NAMESPACE: xmlenc - } + mods = {saml.NAMESPACE: saml, md.NAMESPACE: md, xmldsig.NAMESPACE: xmldsig, xmlenc.NAMESPACE: xmlenc} mods.update(load_extensions()) return mods @@ -179,7 +166,8 @@ def response_locations(srvs): s["response_location"] for s in srvs if "response_location" in s - if s["__class__"] not in [ + if s["__class__"] + not in [ classnames["service_artifact_resolution"], classnames["service_single_sign_on"], classnames["service_nameid_mapping"], @@ -189,11 +177,7 @@ def response_locations(srvs): def locations(srvs): - values = ( - s["location"] - for s in srvs - if "location" in s - ) + values = (s["location"] for s in srvs if "location" in s) return values @@ -216,14 +200,15 @@ def all_locations(srvs): return values -def attribute_requirement(entity, index=None): +def attribute_requirement(entity_descriptor, index=None): res = {"required": [], "optional": []} - for acs in entity["attribute_consuming_service"]: + acss = entity_descriptor.get("attribute_consuming_service") or [] + for acs in acss: if index is not None and acs["index"] != index: continue - for attr in acs["requested_attribute"]: - if "is_required" in attr and attr["is_required"] == "true": + for attr in (acs.get("requested_attribute") or []): + if attr.get("is_required") == "true": res["required"].append(attr) else: res["optional"].append(attr) @@ -236,9 +221,7 @@ def name(ent, langpref="en"): except KeyError: return None - for info in ["organization_display_name", - "organization_name", - "organization_url"]: + for info in ["organization_display_name", "organization_name", "organization_url"]: try: for item in org[info]: if item["lang"] == langpref: @@ -257,9 +240,8 @@ def repack_cert(cert): return "\n".join([s.strip() for s in part]) -class MetaData(object): - def __init__(self, attrc, metadata='', node_name=None, - check_validity=True, security=None, **kwargs): +class MetaData: + def __init__(self, attrc, metadata="", node_name=None, check_validity=True, security=None, **kwargs): self.attrc = attrc self.metadata = metadata self.entity = None @@ -270,73 +252,73 @@ def __init__(self, attrc, metadata='', node_name=None, self.security = security def items(self): - ''' + """ Returns list of items contained in the storage - ''' + """ raise NotImplementedError def keys(self): - ''' + """ Returns keys (identifiers) of items in storage - ''' + """ raise NotImplementedError def values(self): - ''' + """ Returns values of items in storage - ''' + """ raise NotImplementedError def __len__(self): - ''' + """ Returns number of stored items - ''' + """ raise NotImplementedError def __contains__(self, item): - ''' + """ Returns True if the storage contains item - ''' + """ raise NotImplementedError def __getitem__(self, item): - ''' + """ Returns the item specified by the key - ''' + """ raise NotImplementedError def __setitem__(self, key, value): - ''' + """ Sets a key to a value - ''' + """ raise NotImplementedError def __delitem__(self, key): - ''' + """ Removes key from storage - ''' + """ raise NotImplementedError def do_entity_descriptor(self, entity_descr): - ''' + """ #FIXME - Add description - ''' + """ raise NotImplementedError def parse(self, xmlstr): - ''' + """ #FIXME - Add description - ''' + """ raise NotImplementedError def load(self, *args, **kwargs): - ''' + """ Loads the metadata - ''' + """ self.parse(self.metadata) def service(self, entity_id, typ, service, binding=None): - """ Get me all services with a specified + """Get me all services with a specified entity ID and type, that supports the specified version of binding. :param entity_id: The EntityId @@ -396,7 +378,7 @@ def any2(self, typ, service, binding=None): for entid, item in self.items(): hit = False try: - descr = item['{}sso_descriptor'.format(typ)] + descr = item[f"{typ}sso_descriptor"] except KeyError: continue else: @@ -407,7 +389,7 @@ def any2(self, typ, service, binding=None): continue else: for srv in srvs: - if srv['binding'] == binding: + if srv["binding"] == binding: res[entid] = item hit = True break @@ -426,7 +408,7 @@ def bindings(self, entity_id, typ, service): return self.service(entity_id, typ, service) def attribute_requirement(self, entity_id, index=None): - """ Returns what attributes the SP requires and which are optional + """Returns what attributes the SP requires and which are optional if any such demands are registered in the Metadata. :param entity_id: The entity id of the SP @@ -437,22 +419,33 @@ def attribute_requirement(self, entity_id, index=None): """ raise NotImplementedError + def subject_id_requirement(self, entity_id): + """ + Returns what subject identifier the SP requires if any + + :param entity_id: The entity id of the SP + :type entity_id: str + :return: RequestedAttribute dict or None + :rtype: Optional[dict] + """ + raise NotImplementedError + def dumps(self): return json.dumps(list(self.items()), indent=2) def with_descriptor(self, descriptor): - ''' + """ Returns any entities with the specified descriptor - ''' + """ res = {} - desc = "%s_descriptor" % descriptor + desc = f"{descriptor}_descriptor" for eid, ent in self.items(): if desc in ent: res[eid] = ent return res def __str__(self): - return "%s" % self.items() + return f"{self.items()}" def construct_source_id(self): raise NotImplementedError @@ -484,9 +477,9 @@ def __eq__(self, other): return True def certs(self, entity_id, descriptor, use="signing"): - ''' + """ Returns certificates for the given Entity - ''' + """ ent = self[entity_id] def extract_certs(srvs): @@ -507,25 +500,23 @@ def extract_certs(srvs): if descriptor == "any": res = [] - for descr in ["spsso", "idpsso", "role", "authn_authority", - "attribute_authority", "pdp"]: + for descr in ["spsso", "idpsso", "role", "authn_authority", "attribute_authority", "pdp"]: try: - srvs = ent["%s_descriptor" % descr] + srvs = ent[f"{descr}_descriptor"] except KeyError: continue res.extend(extract_certs(srvs)) else: - srvs = ent["%s_descriptor" % descriptor] + srvs = ent[f"{descriptor}_descriptor"] res = extract_certs(srvs) return res class InMemoryMetaData(MetaData): - def __init__(self, attrc, metadata="", node_name=None, - check_validity=True, security=None, **kwargs): - super(InMemoryMetaData, self).__init__(attrc, metadata=metadata) + def __init__(self, attrc, metadata="", node_name=None, check_validity=True, security=None, **kwargs): + super().__init__(attrc, metadata=metadata) self.entity = {} self.security = security self.node_name = node_name @@ -565,8 +556,7 @@ def do_entity_descriptor(self, entity_descr): if self.check_validity: try: if not valid(entity_descr.valid_until): - logger.error("Entity descriptor (entity id:%s) too old", - entity_descr.entity_id) + logger.error("Entity descriptor (entity id:%s) too old", entity_descr.entity_id) self.to_old.append(entity_descr.entity_id) return except AttributeError: @@ -574,18 +564,16 @@ def do_entity_descriptor(self, entity_descr): # have I seen this entity_id before ? If so if log: ignore it if entity_descr.entity_id in self.entity: - print("Duplicated Entity descriptor (entity id: '%s')" % - entity_descr.entity_id, file=sys.stderr) + print(f"Duplicated Entity descriptor (entity id: '{entity_descr.entity_id}')", file=sys.stderr) return _ent = to_dict(entity_descr, metadata_modules()) flag = 0 # verify support for SAML2 - for descr in ["spsso", "idpsso", "role", "authn_authority", - "attribute_authority", "pdp", "affiliation"]: + for descr in ["spsso", "idpsso", "role", "authn_authority", "attribute_authority", "pdp", "affiliation"]: _res = [] try: - _items = _ent["%s_descriptor" % descr] + _items = _ent[f"{descr}_descriptor"] except KeyError: continue @@ -600,7 +588,7 @@ def do_entity_descriptor(self, entity_descr): _res.append(item) break if not _res: - del _ent["%s_descriptor" % descr] + del _ent[f"{descr}_descriptor"] else: flag += 1 @@ -617,13 +605,13 @@ def parse(self, xmlstr): self.entities_descr = md.entities_descriptor_from_string(xmlstr) except Exception as e: _md_desc = ( - f'metadata file: {self.filename}' - if isinstance(self,MetaDataFile) - else f'remote metadata: {self.url}' + f"metadata file: {self.filename}" + if isinstance(self, MetaDataFile) + else f"remote metadata: {self.url}" if isinstance(self, MetaDataExtern) - else 'metadata' + else "metadata" ) - raise SAMLError(f'Failed to parse {_md_desc}') from e + raise SAMLError(f"Failed to parse {_md_desc}") from e if not self.entities_descr: self.entity_descr = md.entity_descriptor_from_string(xmlstr) @@ -641,8 +629,8 @@ def parse(self, xmlstr): if not valid(self.entities_descr.valid_until): raise TooOld( "Metadata not valid anymore, it's only valid " - "until %s" % ( - self.entities_descr.valid_until,)) + "until %s" % (self.entities_descr.valid_until,) + ) except AttributeError: pass @@ -650,7 +638,7 @@ def parse(self, xmlstr): self.do_entity_descriptor(entity_descr) def service(self, entity_id, typ, service, binding=None): - """ Get me all services with a specified + """Get me all services with a specified entity ID and type, that supports the specified version of binding. :param entity_id: The EntityId @@ -689,24 +677,26 @@ def service(self, entity_id, typ, service, binding=None): return res def attribute_requirement(self, entity_id, index=None): - """ Returns what attributes the SP requires and which are optional + """ + Returns what attributes the SP requires and which are optional if any such demands are registered in the Metadata. + In case the metadata have multiple SPSSODescriptor elements, + the sum of the required and optional attributes is returned. + :param entity_id: The entity id of the SP :param index: which of the attribute consumer services its all about if index=None then return all attributes expected by all attribute_consuming_services. - :return: 2-tuple, list of required and list of optional attributes + :return: dict of required and optional list of attributes """ res = {"required": [], "optional": []} - try: - for sp in self[entity_id]["spsso_descriptor"]: - _res = attribute_requirement(sp, index) - res["required"].extend(_res["required"]) - res["optional"].extend(_res["optional"]) - except KeyError: - return None + sp_descriptors = self[entity_id].get("spsso_descriptor") or [] + for sp_desc in sp_descriptors: + _res = attribute_requirement(sp_desc, index) + res["required"].extend(_res.get("required") or []) + res["optional"].extend(_res.get("optional") or []) return res @@ -717,8 +707,8 @@ def construct_source_id(self): try: for srv in ent[desc]: if "artifact_resolution_service" in srv: - if isinstance(eid, six.string_types): - eid = eid.encode('utf-8') + if isinstance(eid, str): + eid = eid.encode("utf-8") s = sha1(eid) res[s.digest()] = ent except KeyError: @@ -746,9 +736,7 @@ def parse_and_check_signature(self, txt): if self.node_name is not None: try: - self.security.verify_signature( - txt, node_name=self.node_name, cert_file=self.cert - ) + self.security.verify_signature(txt, node_name=self.node_name, cert_file=self.cert) except SignatureError as e: error_context = { "message": "Failed to verify signature", @@ -760,10 +748,8 @@ def parse_and_check_signature(self, txt): def try_verify_signature(node_name): try: - self.security.verify_signature( - txt, node_name=node_name, cert_file=self.cert - ) - except SignatureError as e: + self.security.verify_signature(txt, node_name=node_name, cert_file=self.cert) + except SignatureError: return False else: return True @@ -776,10 +762,7 @@ def try_verify_signature(node_name): ] ] - verified_w_descriptor_name = any( - try_verify_signature(node_name) - for node_name in descriptor_names - ) + verified_w_descriptor_name = any(try_verify_signature(node_name) for node_name in descriptor_names) if not verified_w_descriptor_name: error_context = { "message": "Failed to verify signature", @@ -797,14 +780,14 @@ class MetaDataFile(InMemoryMetaData): """ def __init__(self, attrc, filename=None, cert=None, **kwargs): - super(MetaDataFile, self).__init__(attrc, **kwargs) + super().__init__(attrc, **kwargs) if not filename: - raise SAMLError('No file specified.') + raise SAMLError("No file specified.") self.filename = filename self.cert = cert def get_metadata_content(self): - with open(self.filename, 'rb') as fp: + with open(self.filename, "rb") as fp: return fp.read() def load(self, *args, **kwargs): @@ -818,37 +801,31 @@ class MetaDataLoader(MetaDataFile): The format of the file is the SAML Metadata format. """ - def __init__(self, attrc, loader_callable, cert=None, - security=None, **kwargs): - super(MetaDataLoader, self).__init__(attrc, **kwargs) - self.metadata_provider_callable = self.get_metadata_loader( - loader_callable) + def __init__(self, attrc, loader_callable, cert=None, security=None, **kwargs): + super().__init__(attrc, **kwargs) + self.metadata_provider_callable = self.get_metadata_loader(loader_callable) self.cert = cert self.security = security @staticmethod def get_metadata_loader(func): - if hasattr(func, '__call__'): + if callable(func): return func - i = func.rfind('.') - module, attr = func[:i], func[i + 1:] + i = func.rfind(".") + module, attr = func[:i], func[i + 1 :] try: mod = importlib.import_module(module) except Exception as e: - raise RuntimeError( - 'Cannot find metadata provider function %s: "%s"' % (func, e)) + raise RuntimeError(f'Cannot find metadata provider function {func}: "{e}"') try: metadata_loader = getattr(mod, attr) except AttributeError: - raise RuntimeError( - 'Module "%s" does not define a "%s" metadata loader' % ( - module, attr)) + raise RuntimeError(f'Module "{module}" does not define a "{attr}" metadata loader') - if not hasattr(metadata_loader, '__call__'): - raise RuntimeError( - 'Metadata loader %s.%s must be callable' % (module, attr)) + if not callable(metadata_loader): + raise RuntimeError(f"Metadata loader {module}.{attr} must be callable") return metadata_loader @@ -862,8 +839,7 @@ class MetaDataExtern(InMemoryMetaData): Accessible by HTTP GET. """ - def __init__(self, attrc, url=None, security=None, cert=None, - http=None, **kwargs): + def __init__(self, attrc, url=None, security=None, cert=None, http=None, **kwargs): """ :params attrc: :params url: Location of the metadata @@ -871,9 +847,9 @@ def __init__(self, attrc, url=None, security=None, cert=None, :params cert: CertificMDloaderate used to sign the metadata :params http: """ - super(MetaDataExtern, self).__init__(attrc, **kwargs) + super().__init__(attrc, **kwargs) if not url: - raise SAMLError('URL not specified.') + raise SAMLError("URL not specified.") else: self.url = url @@ -884,7 +860,7 @@ def __init__(self, attrc, url=None, security=None, cert=None, self.http = http def load(self, *args, **kwargs): - """ Imports metadata by the use of HTTP GET. + """Imports metadata by the use of HTTP GET. If the fingerprint is known the file will be checked for compliance before it is imported. """ @@ -893,7 +869,7 @@ def load(self, *args, **kwargs): _txt = response.content return self.parse_and_check_signature(_txt) else: - logger.info("Response status: %s", response.status_code) + logger.error("Response status: %s", response.status_code) raise SourceNotFound(self.url) @@ -904,7 +880,7 @@ class MetaDataMD(InMemoryMetaData): """ def __init__(self, attrc, filename, **kwargs): - super(MetaDataMD, self).__init__(attrc, **kwargs) + super().__init__(attrc, **kwargs) self.filename = filename def load(self, *args, **kwargs): @@ -924,11 +900,19 @@ class MetaDataMDX(InMemoryMetaData): @staticmethod def sha1_entity_transform(entity_id): entity_id_sha1 = hashlib.sha1(entity_id.encode("utf-8")).hexdigest() - transform = "{{sha1}}{digest}".format(digest=entity_id_sha1) + transform = f"{{sha1}}{entity_id_sha1}" return transform - def __init__(self, url=None, security=None, cert=None, - entity_transform=None, freshness_period=None, **kwargs): + def __init__( + self, + url=None, + security=None, + cert=None, + entity_transform=None, + freshness_period=None, + http_client_timeout=None, + **kwargs, + ): """ :params url: mdx service url :params security: SecurityContext() @@ -940,12 +924,13 @@ def __init__(self, url=None, security=None, cert=None, sha1 transformation. :params freshness_period: a duration in the format described at https://www.w3.org/TR/xmlschema-2/#duration + :params http_client_timeout: timeout of http requests """ - super(MetaDataMDX, self).__init__(None, **kwargs) + super().__init__(None, **kwargs) if not url: - raise SAMLError('URL for MDQ server not specified.') + raise SAMLError("URL for MDQ server not specified.") - self.url = url.rstrip('/') + self.url = url.rstrip("/") if entity_transform: self.entity_transform = entity_transform @@ -956,6 +941,7 @@ def __init__(self, url=None, security=None, cert=None, self.security = security self.freshness_period = freshness_period or DEFAULT_FRESHNESS_PERIOD self.expiration_date = {} + self.http_client_timeout = http_client_timeout # We assume that the MDQ server will return a single entity # described by a single element. The protocol @@ -963,33 +949,27 @@ def __init__(self, url=None, security=None, cert=None, # element but we will not currently support # that use case since it is unlikely to be leveraged for most # flows. - self.node_name = "{ns}:{tag}".format( - ns=EntityDescriptor.c_namespace, tag=EntityDescriptor.c_tag - ) + self.node_name = f"{EntityDescriptor.c_namespace}:{EntityDescriptor.c_tag}" def load(self, *args, **kwargs): # Do nothing pass def _fetch_metadata(self, item): - mdx_url = "{url}/entities/{id}".format( - url=self.url, id=self.entity_transform(item) - ) + mdx_url = f"{self.url}/entities/{self.entity_transform(item)}" - response = requests.get(mdx_url, headers={"Accept": SAML_METADATA_CONTENT_TYPE}) + response = requests.get( + mdx_url, headers={"Accept": SAML_METADATA_CONTENT_TYPE}, timeout=self.http_client_timeout + ) if response.status_code != 200: - error_msg = "Fething {item}: Got response status {status}".format( - item=item, status=response.status_code - ) - logger.info(error_msg) + error_msg = f"Fething {item}: Got response status {response.status_code}" + logger.warning(error_msg) raise KeyError(error_msg) _txt = response.content if not self.parse_and_check_signature(_txt): - error_msg = "Fething {item}: invalid signature".format( - item=item, status=response.status_code - ) - logger.info(error_msg) + error_msg = f"Fething {item}: invalid signature" + logger.error(error_msg) raise KeyError(error_msg) curr_time = str_to_time(instant()) @@ -1003,9 +983,9 @@ def __getitem__(self, item): if item not in self.entity: entity = self._fetch_metadata(item) elif not self._is_metadata_fresh(item): - msg = "Metadata for {} have expired; refreshing metadata".format(item) + msg = f"Metadata for {item} have expired; refreshing metadata" logger.info(msg) - old_entity = self.entity.pop(item) + _ = self.entity.pop(item) entity = self._fetch_metadata(item) else: entity = self.entity[item] @@ -1014,15 +994,20 @@ def __getitem__(self, item): def single_sign_on_service(self, entity_id, binding=None, typ="idpsso"): if binding is None: binding = BINDING_HTTP_REDIRECT - return self.service(entity_id, "idpsso_descriptor", - "single_sign_on_service", binding) + return self.service(entity_id, "idpsso_descriptor", "single_sign_on_service", binding) class MetadataStore(MetaData): - def __init__(self, attrc, config, ca_certs=None, - check_validity=True, - disable_ssl_certificate_validation=False, - filter=None): + def __init__( + self, + attrc, + config, + ca_certs=None, + check_validity=True, + disable_ssl_certificate_validation=False, + filter=None, + http_client_timeout=None, + ): """ :params attrc: :params config: Config() @@ -1032,9 +1017,9 @@ def __init__(self, attrc, config, ca_certs=None, MetaData.__init__(self, attrc, check_validity=check_validity) if disable_ssl_certificate_validation: - self.http = HTTPBase(verify=False, ca_bundle=ca_certs) + self.http = HTTPBase(verify=False, ca_bundle=ca_certs, http_client_timeout=http_client_timeout) else: - self.http = HTTPBase(verify=True, ca_bundle=ca_certs) + self.http = HTTPBase(verify=True, ca_bundle=ca_certs, http_client_timeout=http_client_timeout) self.security = security_context(config) self.ii = 0 @@ -1042,6 +1027,7 @@ def __init__(self, attrc, config, ca_certs=None, self.check_validity = check_validity self.filter = filter self.to_old = {} + self.http_client_timeout = http_client_timeout def load(self, *args, **kwargs): if self.filter: @@ -1082,9 +1068,7 @@ def load(self, *args, **kwargs): if "cert" not in kwargs: kwargs["cert"] = "" - _md = MetaDataExtern(self.attrc, - kwargs["url"], self.security, - kwargs["cert"], self.http, **_args) + _md = MetaDataExtern(self.attrc, kwargs["url"], self.security, kwargs["cert"], self.http, **_args) elif typ == "mdfile": key = args[1] _md = MetaDataMD(self.attrc, args[1], **_args) @@ -1092,24 +1076,42 @@ def load(self, *args, **kwargs): key = args[1] _md = MetaDataLoader(self.attrc, args[1], **_args) elif typ == "mdq": - if 'url' in kwargs: - key = kwargs['url'] - url = kwargs['url'] - cert = kwargs.get('cert') - freshness_period = kwargs.get('freshness_period', None) + if "url" in kwargs: + key = kwargs["url"] + url = kwargs["url"] + cert = kwargs.get("cert") + freshness_period = kwargs.get("freshness_period", None) security = self.security - entity_transform = kwargs.get('entity_transform', None) - _md = MetaDataMDX(url, security, cert, entity_transform, - freshness_period=freshness_period) + entity_transform = kwargs.get("entity_transform", None) + _md = MetaDataMDX( + url, + security, + cert, + entity_transform, + freshness_period=freshness_period, + http_client_timeout=self.http_client_timeout, + ) else: key = args[1] url = args[1] - _md = MetaDataMDX(url) + _md = MetaDataMDX(url, http_client_timeout=self.http_client_timeout) else: - raise SAMLError("Unknown metadata type '%s'" % typ) + raise SAMLError(f"Unknown metadata type '{typ}'") _md.load() self.metadata[key] = _md + def reload(self, spec): + # Save the old set of metadata + old_metadata = self.metadata + self.metadata = {} + try: + # Reload the metadata based on the spec + self.imp(spec) + except Exception as e: + # Something went wrong, restore the previous metadata + self.metadata = old_metadata + raise e + def imp(self, spec): # This serves as a backwards compatibility if type(spec) is dict: @@ -1125,33 +1127,29 @@ def imp(self, spec): else: for item in spec: try: - key = item['class'] + key = item["class"] except (KeyError, AttributeError): - raise SAMLError("Misconfiguration in metadata %s" % item) - mod, clas = key.rsplit('.', 1) + raise SAMLError(f"Misconfiguration in metadata {item}") + mod, clas = key.rsplit(".", 1) try: mod = importlib.import_module(mod) MDloader = getattr(mod, clas) except (ImportError, AttributeError): - raise SAMLError("Unknown metadata loader %s" % key) + raise SAMLError(f"Unknown metadata loader {key}") # Separately handle MDExtern if MDloader == MetaDataExtern: - kwargs = { - 'http': self.http, - 'security': self.security - } + kwargs = {"http": self.http, "security": self.security} else: kwargs = {} if self.filter: kwargs["filter"] = self.filter - for key in item['metadata']: + for key in item["metadata"]: # Separately handle MetaDataFile and directory if MDloader == MetaDataFile and os.path.isdir(key[0]): - files = [f for f in os.listdir(key[0]) if - isfile(join(key[0], f))] + files = [f for f in os.listdir(key[0]) if isfile(join(key[0], f))] for fil in files: _fil = join(key[0], fil) _md = MetaDataFile(self.attrc, _fil) @@ -1172,8 +1170,7 @@ def imp(self, spec): def service(self, entity_id, typ, service, binding=None): known_entity = False - logger.debug("service(%s, %s, %s, %s)", entity_id, typ, service, - binding) + logger.debug("service(%s, %s, %s, %s)", entity_id, typ, service, binding) for key, _md in self.metadata.items(): srvs = _md.service(entity_id, typ, service, binding) if srvs: @@ -1228,38 +1225,31 @@ def single_sign_on_service(self, entity_id, binding=None, typ="idpsso"): if binding is None: binding = BINDING_HTTP_REDIRECT - return self.service(entity_id, "idpsso_descriptor", - "single_sign_on_service", binding) + return self.service(entity_id, "idpsso_descriptor", "single_sign_on_service", binding) def name_id_mapping_service(self, entity_id, binding=None, typ="idpsso"): # IDP if binding is None: binding = BINDING_HTTP_REDIRECT - return self.service(entity_id, "idpsso_descriptor", - "name_id_mapping_service", binding) + return self.service(entity_id, "idpsso_descriptor", "name_id_mapping_service", binding) - def authn_query_service(self, entity_id, binding=None, - typ="authn_authority"): + def authn_query_service(self, entity_id, binding=None, typ="authn_authority"): # AuthnAuthority if binding is None: binding = BINDING_SOAP - return self.service(entity_id, "authn_authority_descriptor", - "authn_query_service", binding) + return self.service(entity_id, "authn_authority_descriptor", "authn_query_service", binding) - def attribute_service(self, entity_id, binding=None, - typ="attribute_authority"): + def attribute_service(self, entity_id, binding=None, typ="attribute_authority"): # AttributeAuthority if binding is None: binding = BINDING_HTTP_REDIRECT - return self.service(entity_id, "attribute_authority_descriptor", - "attribute_service", binding) + return self.service(entity_id, "attribute_authority_descriptor", "attribute_service", binding) def authz_service(self, entity_id, binding=None, typ="pdp"): # PDP if binding is None: binding = BINDING_SOAP - return self.service(entity_id, "pdp_descriptor", - "authz_service", binding) + return self.service(entity_id, "pdp_descriptor", "authz_service", binding) def assertion_id_request_service(self, entity_id, binding=None, typ=None): # AuthnAuthority + IDP + PDP + AttributeAuthority @@ -1267,56 +1257,99 @@ def assertion_id_request_service(self, entity_id, binding=None, typ=None): raise AttributeError("Missing type specification") if binding is None: binding = BINDING_SOAP - return self.service(entity_id, "%s_descriptor" % typ, - "assertion_id_request_service", binding) + return self.service(entity_id, f"{typ}_descriptor", "assertion_id_request_service", binding) def single_logout_service(self, entity_id, binding=None, typ=None): # IDP + SP if typ is None: raise AttributeError("Missing type specification") - return self.service(entity_id, "%s_descriptor" % typ, - "single_logout_service", binding) + return self.service(entity_id, f"{typ}_descriptor", "single_logout_service", binding) def manage_name_id_service(self, entity_id, binding=None, typ=None): # IDP + SP if binding is None: binding = BINDING_HTTP_REDIRECT - return self.service(entity_id, "%s_descriptor" % typ, - "manage_name_id_service", binding) + return self.service(entity_id, f"{typ}_descriptor", "manage_name_id_service", binding) def artifact_resolution_service(self, entity_id, binding=None, typ=None): # IDP + SP if binding is None: binding = BINDING_HTTP_REDIRECT - return self.service(entity_id, "%s_descriptor" % typ, - "artifact_resolution_service", binding) + return self.service(entity_id, f"{typ}_descriptor", "artifact_resolution_service", binding) def assertion_consumer_service(self, entity_id, binding=None, _="spsso"): # SP if binding is None: binding = BINDING_HTTP_POST - return self.service(entity_id, "spsso_descriptor", - "assertion_consumer_service", binding) + return self.service(entity_id, "spsso_descriptor", "assertion_consumer_service", binding) def attribute_consuming_service(self, entity_id, binding=None, _="spsso"): # SP if binding is None: binding = BINDING_HTTP_REDIRECT - return self.service(entity_id, "spsso_descriptor", - "attribute_consuming_service", binding) + return self.service(entity_id, "spsso_descriptor", "attribute_consuming_service", binding) def discovery_response(self, entity_id, binding=None, _="spsso"): if binding is None: binding = BINDING_DISCO - return self.ext_service(entity_id, "spsso_descriptor", - "%s&%s" % (DiscoveryResponse.c_namespace, - DiscoveryResponse.c_tag), - binding) + return self.ext_service( + entity_id, + "spsso_descriptor", + f"{DiscoveryResponse.c_namespace}&{DiscoveryResponse.c_tag}", + binding, + ) def attribute_requirement(self, entity_id, index=None): - for _md in self.metadata.values(): - if entity_id in _md: - return _md.attribute_requirement(entity_id, index) + for md_source in self.metadata.values(): + if entity_id in md_source: + return md_source.attribute_requirement(entity_id, index) + + def subject_id_requirement(self, entity_id): + try: + entity_attributes = self.entity_attributes(entity_id) + except KeyError: + return [] + + subject_id_reqs = entity_attributes.get("urn:oasis:names:tc:SAML:profiles:subject-id:req") or [] + subject_id_req = next(iter(subject_id_reqs), None) + if subject_id_req == "any": + return [ + { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:pairwise-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "pairwise-id", + "is_required": "true", + }, + { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:subject-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "subject-id", + "is_required": "true", + } + ] + elif subject_id_req == "pairwise-id": + return [ + { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:pairwise-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "pairwise-id", + "is_required": "true", + } + ] + elif subject_id_req == "subject-id": + return [ + { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:subject-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "subject-id", + "is_required": "true", + } + ] + return [] def keys(self): res = [] @@ -1422,10 +1455,7 @@ def entity_attributes(self, entity_id): if elem["__class__"] != classnames["mdattr_entityattributes"]: continue for attr in elem["attribute"]: - res[attr["name"]] = [ - *res.get(attr["name"], []), - *(v["text"] for v in attr.get("attribute_value", [])) - ] + res[attr["name"]] = [*res.get(attr["name"], []), *(v["text"] for v in attr.get("attribute_value", []))] return res def supported_algorithms(self, entity_id): @@ -1443,19 +1473,16 @@ def supported_algorithms(self, entity_id): :type entity_id: string :rtype: dict """ - res = { - 'digest_methods': [], - 'signing_methods': [] - } + res = {"digest_methods": [], "signing_methods": []} try: ext = self.__getitem__(entity_id)["extensions"] except KeyError: return res for elem in ext["extension_elements"]: if elem["__class__"] == classnames["algsupport_digest_method"]: - res['digest_methods'].append(elem['algorithm']) + res["digest_methods"].append(elem["algorithm"]) elif elem["__class__"] == classnames["algsupport_signing_method"]: - res['signing_methods'].append(elem['algorithm']) + res["signing_methods"].append(elem["algorithm"]) return res def registration_info(self, entity_id): @@ -1486,11 +1513,7 @@ def registration_info(self, entity_id): ext_elems = ext.get("extensions", {}).get("extension_elements", []) reg_info = next( - ( - elem - for elem in ext_elems - if elem["__class__"] == classnames["mdrpi_registration_info"] - ), + (elem for elem in ext_elems if elem["__class__"] == classnames["mdrpi_registration_info"]), {}, ) res = { @@ -1504,6 +1527,29 @@ def registration_info(self, entity_id): } return res + def registration_info_typ(self, entity_id, typ): + try: + md = self.__getitem__(entity_id) + except KeyError: + md = {} + + services_of_type = md.get(typ) or [] + typ_reg_info = ( + { + "registration_authority": elem.get("registration_authority"), + "registration_instant": elem.get("registration_instant"), + "registration_policy": { + policy["lang"]: policy["text"] + for policy in elem.get("registration_policy", []) + if policy.get("__class__") == classnames["mdrpi_registration_policy"] + }, + } + for srv in services_of_type + for elem in srv.get("extensions", {}).get("extension_elements", []) + if elem.get("__class__") == classnames["mdrpi_registration_info"] + ) + return typ_reg_info + def _lookup_elements_by_cls(self, root, cls): elements = ( element @@ -1516,15 +1562,19 @@ def _lookup_elements_by_cls(self, root, cls): return elements def _lookup_elements_by_key(self, root, key): - elements = ( - element - for uiinfo in root - for elements in [uiinfo.get(key, [])] - for element in elements - ) + elements = (element for uiinfo in root for elements in [uiinfo.get(key, [])] for element in elements) return elements def sbibmd_scopes(self, entity_id, typ=None): + warn_msg = ( + "`saml2.mdstore.MetadataStore::sbibmd_scopes` method is deprecated; " + "instead, use `saml2.mdstore.MetadataStore::shibmd_scopes`." + ) + logger.warning(warn_msg) + _warn(warn_msg, DeprecationWarning) + return self.shibmd_scopes(entity_id, typ=typ) + + def shibmd_scopes(self, entity_id, typ=None): try: md = self[entity_id] except KeyError: @@ -1565,11 +1615,7 @@ def mdui_uiinfo(self, entity_id): except KeyError: data = {} - descriptor_names = ( - item - for item in data.keys() - if item.endswith("_descriptor") - ) + descriptor_names = (item for item in data.keys() if item.endswith("_descriptor")) descriptors = ( descriptor for descriptor_name in descriptor_names @@ -1580,38 +1626,22 @@ def mdui_uiinfo(self, entity_id): for descriptor in descriptors for extension in descriptor.get("extensions", {}).get("extension_elements", []) ) - uiinfos = ( - extension - for extension in extensions - if extension.get("__class__") == classnames["mdui_uiinfo"] - ) + uiinfos = (extension for extension in extensions if extension.get("__class__") == classnames["mdui_uiinfo"]) return uiinfos def _mdui_uiinfo_i18n_elements_lookup(self, entity_id, langpref, element_hint, lookup): uiinfos = self.mdui_uiinfo(entity_id) elements = lookup(uiinfos, element_hint) - lang_elements = ( - element - for element in elements - if langpref is None or element.get("lang") == langpref - ) - values = ( - value - for element in lang_elements - for value in [element.get("text")] - ) + lang_elements = (element for element in elements if langpref is None or element.get("lang") == langpref) + values = (value for element in lang_elements for value in [element.get("text")]) return values def mdui_uiinfo_i18n_element_cls(self, entity_id, langpref, element_cls): - values = self._mdui_uiinfo_i18n_elements_lookup( - entity_id, langpref, element_cls, self._lookup_elements_by_cls - ) + values = self._mdui_uiinfo_i18n_elements_lookup(entity_id, langpref, element_cls, self._lookup_elements_by_cls) return values def mdui_uiinfo_i18n_element_key(self, entity_id, langpref, element_key): - values = self._mdui_uiinfo_i18n_elements_lookup( - entity_id, langpref, element_key, self._lookup_elements_by_key - ) + values = self._mdui_uiinfo_i18n_elements_lookup(entity_id, langpref, element_key, self._lookup_elements_by_key) return values def mdui_uiinfo_display_name(self, entity_id, langpref=None): @@ -1657,10 +1687,7 @@ def contact_person_data(self, entity_id, contact_type=None): "contact_type": _contact_type, "given_name": contact.get("given_name", {}).get("text", ""), "email_address": [ - address - for email in contact.get("email_address", {}) - for address in [email.get("text")] - if address + address for email in contact.get("email_address", {}) for address in [email.get("text")] if address ], } for contact in data.get("contact_person", []) @@ -1680,7 +1707,7 @@ def bindings(self, entity_id, typ, service): def __str__(self): _str = ["{"] for key, val in self.metadata.items(): - _str.append("%s: %s" % (key, val)) + _str.append(f"{key}: {val}") _str.append("}") return "\n".join(_str) @@ -1729,12 +1756,11 @@ def dumps(self, format="local"): res = EntitiesDescriptor() for _md in self.metadata.values(): try: - res.entity_descriptor.extend( - _md.entities_descr.entity_descriptor) + res.entity_descriptor.extend(_md.entities_descr.entity_descriptor) except AttributeError: res.entity_descriptor.append(_md.entity_descr) - return "%s" % res + return f"{res}" elif format == "md": # self.items() returns dictitems(), convert that back into a dict return json.dumps(dict(self.items()), indent=2) diff --git a/src/saml2/metadata.py b/src/saml2/metadata.py index e7ab6011d..3961c869f 100644 --- a/src/saml2/metadata.py +++ b/src/saml2/metadata.py @@ -1,36 +1,36 @@ #!/usr/bin/env python + +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import SAMLError +from saml2 import class_name +from saml2 import md +from saml2 import samlp +from saml2 import xmldsig as ds from saml2.algsupport import algorithm_support_in_metadata -from saml2.md import AttributeProfile -from saml2.sigver import security_context +from saml2.attribute_converter import from_local_name +from saml2.cert import read_cert_from_file from saml2.config import Config -from saml2.validate import valid_instance -from saml2.time_util import in_a_while -from saml2.extension import mdui from saml2.extension import idpdisc -from saml2.extension import shibmd from saml2.extension import mdattr +from saml2.extension import mdui +from saml2.extension import shibmd from saml2.extension import sp_type +from saml2.md import AttributeProfile +from saml2.s_utils import factory +from saml2.s_utils import rec_factory +from saml2.s_utils import sid from saml2.saml import NAME_FORMAT_URI -from saml2.saml import AttributeValue from saml2.saml import Attribute -from saml2.attribute_converter import from_local_name -from saml2 import md, SAMLError -from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_SOAP -from saml2 import samlp -from saml2 import class_name - -from saml2 import xmldsig as ds -import six - +from saml2.saml import AttributeValue from saml2.sigver import pre_signature_part +from saml2.sigver import security_context +from saml2.time_util import in_a_while +from saml2.validate import valid_instance -from saml2.s_utils import factory -from saml2.s_utils import rec_factory -from saml2.s_utils import sid -__author__ = 'rolandh' +__author__ = "rolandh" NSPAIR = { "saml2p": "urn:oasis:names:tc:SAML:2.0:protocol", @@ -53,13 +53,13 @@ ORG_ATTR_TRANSL = { "organization_name": ("name", md.OrganizationName), "organization_display_name": ("display_name", md.OrganizationDisplayName), - "organization_url": ("url", md.OrganizationURL) + "organization_url": ("url", md.OrganizationURL), } MDNS = '"urn:oasis:names:tc:SAML:2.0:metadata"' bMDNS = b'"urn:oasis:names:tc:SAML:2.0:metadata"' -XMLNSXS = " xmlns:xs=\"http://www.w3.org/2001/XMLSchema\"" -bXMLNSXS = b" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\"" +XMLNSXS = ' xmlns:xs="http://www.w3.org/2001/XMLSchema"' +bXMLNSXS = b' xmlns:xs="http://www.w3.org/2001/XMLSchema"' def metadata_tostring_fix(desc, nspair, xmlstring=""): @@ -67,17 +67,27 @@ def metadata_tostring_fix(desc, nspair, xmlstring=""): xmlstring = desc.to_string(nspair) try: - if "\"xs:string\"" in xmlstring and XMLNSXS not in xmlstring: + if '"xs:string"' in xmlstring and XMLNSXS not in xmlstring: xmlstring = xmlstring.replace(MDNS, MDNS + XMLNSXS) except TypeError: - if b"\"xs:string\"" in xmlstring and bXMLNSXS not in xmlstring: + if b'"xs:string"' in xmlstring and bXMLNSXS not in xmlstring: xmlstring = xmlstring.replace(bMDNS, bMDNS + bXMLNSXS) return xmlstring -def create_metadata_string(configfile, config=None, valid=None, cert=None, - keyfile=None, mid=None, name=None, sign=None): +def create_metadata_string( + configfile, + config=None, + valid=None, + cert=None, + keyfile=None, + mid=None, + name=None, + sign=None, + sign_alg=None, + digest_alg=None, +): valid_for = 0 nspair = {"xs": "http://www.w3.org/2001/XMLSchema"} # paths = [".", "/opt/local/bin"] @@ -95,17 +105,18 @@ def create_metadata_string(configfile, config=None, valid=None, cert=None, conf = Config() conf.key_file = config.key_file or keyfile conf.cert_file = config.cert_file or cert - conf.debug = 1 conf.xmlsec_binary = config.xmlsec_binary + conf.crypto_backend = config.crypto_backend secc = security_context(conf) + sign_alg = sign_alg or config.signing_algorithm + digest_alg = digest_alg or config.digest_algorithm if mid: - eid, xmldoc = entities_descriptor(eds, valid_for, name, mid, - sign, secc) + eid, xmldoc = entities_descriptor(eds, valid_for, name, mid, sign, secc, sign_alg, digest_alg) else: eid = eds[0] if sign: - eid, xmldoc = sign_entity_descriptor(eid, mid, secc) + eid, xmldoc = sign_entity_descriptor(eid, mid, secc, sign_alg, digest_alg) else: xmldoc = None @@ -142,11 +153,10 @@ def do_organization_info(ava): for dkey, (ckey, klass) in ORG_ATTR_TRANSL.items(): if ckey not in ava: continue - if isinstance(ava[ckey], six.string_types): + if isinstance(ava[ckey], str): setattr(org, dkey, [_localized_name(ava[ckey], klass)]) elif isinstance(ava[ckey], list): - setattr(org, dkey, - [_localized_name(n, klass) for n in ava[ckey]]) + setattr(org, dkey, [_localized_name(n, klass) for n in ava[ckey]]) else: setattr(org, dkey, [_localized_name(ava[ckey], klass)]) return org @@ -174,12 +184,8 @@ def do_key_descriptor(cert=None, enc_cert=None, use="both"): for _cert in cert: kd_list.append( md.KeyDescriptor( - key_info=ds.KeyInfo( - x509_data=ds.X509Data( - x509_certificate=ds.X509Certificate(text=_cert) - ) - ), - use="signing" + key_info=ds.KeyInfo(x509_data=ds.X509Data(x509_certificate=ds.X509Certificate(text=_cert))), + use="signing", ) ) if use in ["both", "encryption"] and enc_cert is not None: @@ -188,32 +194,23 @@ def do_key_descriptor(cert=None, enc_cert=None, use="both"): for _enc_cert in enc_cert: kd_list.append( md.KeyDescriptor( - key_info=ds.KeyInfo( - x509_data=ds.X509Data( - x509_certificate=ds.X509Certificate(text=_enc_cert) - ) - ), - use="encryption" + key_info=ds.KeyInfo(x509_data=ds.X509Data(x509_certificate=ds.X509Certificate(text=_enc_cert))), + use="encryption", ) ) if len(kd_list) == 0 and cert is not None: return md.KeyDescriptor( - key_info=ds.KeyInfo( - x509_data=ds.X509Data( - x509_certificate=ds.X509Certificate(text=cert) - ) - ) + key_info=ds.KeyInfo(x509_data=ds.X509Data(x509_certificate=ds.X509Certificate(text=cert))) ) return kd_list -def do_requested_attribute(attributes, acs, is_required="false", - name_format=NAME_FORMAT_URI): +def do_requested_attribute(attributes, acs, is_required="false", name_format=NAME_FORMAT_URI): lista = [] for attr in attributes: attr = from_local_name(acs, attr, name_format) args = {} - if isinstance(attr, six.string_types): + if isinstance(attr, str): args["name"] = attr else: for key in attr.keyswv(): @@ -226,8 +223,7 @@ def do_requested_attribute(attributes, acs, is_required="false", def do_uiinfo(_uiinfo): uii = mdui.UIInfo() - for attr in ['display_name', 'description', "information_url", - 'privacy_statement_url']: + for attr in ["display_name", "description", "information_url", "privacy_statement_url"]: try: val = _uiinfo[attr] except KeyError: @@ -235,7 +231,7 @@ def do_uiinfo(_uiinfo): aclass = uii.child_class(attr) inst = getattr(uii, attr) - if isinstance(val, six.string_types): + if isinstance(val, str): ainst = aclass(text=val) inst.append(ainst) elif isinstance(val, dict): @@ -245,7 +241,7 @@ def do_uiinfo(_uiinfo): inst.append(ainst) else: for value in val: - if isinstance(value, six.string_types): + if isinstance(value, str): ainst = aclass(text=value) inst.append(ainst) elif isinstance(value, dict): @@ -281,11 +277,11 @@ def do_uiinfo(_uiinfo): _attr = "keywords" val = _uiinfo[_attr] inst = getattr(uii, _attr) - # list of six.string_types, dictionary or list of dictionaries + # list of strings, bytes, dictionary or list of dictionaries if isinstance(val, list): for value in val: keyw = mdui.Keywords() - if isinstance(value, six.string_types): + if isinstance(value, str): keyw.text = value elif isinstance(value, dict): keyw.text = " ".join(value["text"]) @@ -313,8 +309,7 @@ def do_uiinfo(_uiinfo): def do_idpdisc(discovery_response): - return idpdisc.DiscoveryResponse(index="0", location=discovery_response, - binding=idpdisc.NAMESPACE) + return idpdisc.DiscoveryResponse(index="0", location=discovery_response, binding=idpdisc.NAMESPACE) ENDPOINTS = { @@ -337,21 +332,13 @@ def do_idpdisc(discovery_response): "single_logout_service": (md.SingleLogoutService, False), "manage_name_id_service": (md.ManageNameIDService, False), "assertion_id_request_service": (md.AssertionIDRequestService, False), - "attribute_service": (md.AttributeService, False) - }, - "pdp": { - "authz_service": (md.AuthzService, True) + "attribute_service": (md.AttributeService, False), }, - "aq": { - "authn_query_service": (md.AuthnQueryService, True) - } + "pdp": {"authz_service": (md.AuthzService, True)}, + "aq": {"authn_query_service": (md.AuthnQueryService, True)}, } -ENDPOINT_EXT = { - "sp": { - "discovery_response": (idpdisc.DiscoveryResponse, True) - } -} +ENDPOINT_EXT = {"sp": {"discovery_response": (idpdisc.DiscoveryResponse, True)}} DEFAULT_BINDING = { "assertion_consumer_service": BINDING_HTTP_POST, @@ -359,14 +346,13 @@ def do_idpdisc(discovery_response): "single_logout_service": BINDING_HTTP_POST, "attribute_service": BINDING_SOAP, "artifact_resolution_service": BINDING_SOAP, - "authn_query_service": BINDING_SOAP + "authn_query_service": BINDING_SOAP, } def do_extensions(mname, item): try: - _mod = __import__("saml2.extension.%s" % mname, globals(), locals(), - mname) + _mod = __import__(f"saml2.extension.{mname}", globals(), locals(), mname) except ImportError: return None else: @@ -383,11 +369,11 @@ def _do_nameid_format(cls, conf, typ): if not name_id_format: return - if isinstance(name_id_format, six.string_types): + if isinstance(name_id_format, str): name_id_format = [name_id_format] formats = [md.NameIDFormat(text=format) for format in name_id_format] - setattr(cls, "name_id_format", formats) + cls.name_id_format = formats def do_endpoints(conf, endpoints): @@ -398,20 +384,17 @@ def do_endpoints(conf, endpoints): servs = [] i = 1 for args in conf[endpoint]: - if isinstance(args, - six.string_types): # Assume it's the location - args = {"location": args, - "binding": DEFAULT_BINDING[endpoint]} + if isinstance(args, str): # Assume it's the location + args = {"location": args, "binding": DEFAULT_BINDING[endpoint]} elif isinstance(args, tuple) or isinstance(args, list): if len(args) == 2: # (location, binding) args = {"location": args[0], "binding": args[1]} elif len(args) == 3: # (location, binding, index) - args = {"location": args[0], "binding": args[1], - "index": args[2]} + args = {"location": args[0], "binding": args[1], "index": args[2]} if indexed: if "index" not in args: - args["index"] = "%d" % i + args["index"] = f"{int(i)}" i += 1 else: try: @@ -448,14 +431,13 @@ def do_attribute_consuming_service(conf, spsso): if req: requested_attributes.extend( - do_requested_attribute(req, acs, is_required="true", - name_format=req_attr_name_format)) + do_requested_attribute(req, acs, is_required="true", name_format=req_attr_name_format) + ) opt = conf.getattr("optional_attributes", "sp") if opt: - requested_attributes.extend( - do_requested_attribute(opt, acs, name_format=req_attr_name_format)) + requested_attributes.extend(do_requested_attribute(opt, acs, name_format=req_attr_name_format)) try: if conf.description: @@ -485,8 +467,8 @@ def do_attribute_consuming_service(conf, spsso): service_name = [md.ServiceName(text="", lang="en")] ac_serv = md.AttributeConsumingService( - index="1", service_name=service_name, - requested_attribute=requested_attributes) + index="1", service_name=service_name, requested_attribute=requested_attributes + ) if service_description: ac_serv.service_description = service_description @@ -511,8 +493,7 @@ def do_spsso_descriptor(conf, cert=None, enc_cert=None): endps = conf.getattr("endpoints", "sp") if endps: - for (endpoint, instlist) in do_endpoints(endps, - ENDPOINTS["sp"]).items(): + for (endpoint, instlist) in do_endpoints(endps, ENDPOINTS["sp"]).items(): setattr(spsso, endpoint, instlist) ext = do_endpoints(endps, ENDPOINT_EXT["sp"]) @@ -531,8 +512,7 @@ def do_spsso_descriptor(conf, cert=None, enc_cert=None): if cert or enc_cert: metadata_key_usage = conf.metadata_key_usage - spsso.key_descriptor = do_key_descriptor(cert=cert, enc_cert=enc_cert, - use=metadata_key_usage) + spsso.key_descriptor = do_key_descriptor(cert=cert, enc_cert=enc_cert, use=metadata_key_usage) for key in ["want_assertions_signed", "authn_requests_signed"]: try: @@ -540,7 +520,7 @@ def do_spsso_descriptor(conf, cert=None, enc_cert=None): if val is None: setattr(spsso, key, DEFAULT[key]) # default ?! else: - strval = "{0:>s}".format(str(val)) + strval = f"{str(val):>s}" setattr(spsso, key, strval.lower()) except KeyError: setattr(spsso, key, DEFAULTS[key]) @@ -554,10 +534,20 @@ def do_idpsso_descriptor(conf, cert=None, enc_cert=None): idpsso = md.IDPSSODescriptor() idpsso.protocol_support_enumeration = samlp.NAMESPACE + exts = conf.getattr("extensions", "idp") + if exts: + if idpsso.extensions is None: + idpsso.extensions = md.Extensions() + + for key, val in exts.items(): + _ext = do_extensions(key, val) + if _ext: + for _e in _ext: + idpsso.extensions.add_extension_element(_e) + endps = conf.getattr("endpoints", "idp") if endps: - for (endpoint, instlist) in do_endpoints(endps, - ENDPOINTS["idp"]).items(): + for (endpoint, instlist) in do_endpoints(endps, ENDPOINTS["idp"]).items(): setattr(idpsso, endpoint, instlist) _do_nameid_format(idpsso, conf, "idp") @@ -580,8 +570,7 @@ def do_idpsso_descriptor(conf, cert=None, enc_cert=None): idpsso.extensions.add_extension_element(do_uiinfo(ui_info)) if cert or enc_cert: - idpsso.key_descriptor = do_key_descriptor(cert, enc_cert, - use=conf.metadata_key_usage) + idpsso.key_descriptor = do_key_descriptor(cert, enc_cert, use=conf.metadata_key_usage) for key in ["want_authn_requests_signed"]: # "want_authn_requests_only_with_valid_cert"]: @@ -590,10 +579,14 @@ def do_idpsso_descriptor(conf, cert=None, enc_cert=None): if val is None: setattr(idpsso, key, DEFAULT[key]) else: - setattr(idpsso, key, ("%s" % val).lower()) + setattr(idpsso, key, (f"{val}").lower()) except KeyError: setattr(idpsso, key, DEFAULTS[key]) + error_url = conf.getattr("error_url", "idp") + if error_url: + idpsso.error_url = error_url + return idpsso @@ -601,18 +594,27 @@ def do_aa_descriptor(conf, cert=None, enc_cert=None): aad = md.AttributeAuthorityDescriptor() aad.protocol_support_enumeration = samlp.NAMESPACE + exts = conf.getattr("extensions", "aa") + if exts: + if aad.extensions is None: + aad.extensions = md.Extensions() + + for key, val in exts.items(): + _ext = do_extensions(key, val) + if _ext: + for _e in _ext: + aad.extensions.add_extension_element(_e) + endps = conf.getattr("endpoints", "aa") if endps: - for (endpoint, instlist) in do_endpoints(endps, - ENDPOINTS["aa"]).items(): + for (endpoint, instlist) in do_endpoints(endps, ENDPOINTS["aa"]).items(): setattr(aad, endpoint, instlist) _do_nameid_format(aad, conf, "aa") if cert or enc_cert: - aad.key_descriptor = do_key_descriptor(cert, enc_cert, - use=conf.metadata_key_usage) + aad.key_descriptor = do_key_descriptor(cert, enc_cert, use=conf.metadata_key_usage) attributes = conf.getattr("attribute", "aa") if attributes: @@ -631,51 +633,65 @@ def do_aq_descriptor(conf, cert=None, enc_cert=None): aqs = md.AuthnAuthorityDescriptor() aqs.protocol_support_enumeration = samlp.NAMESPACE + exts = conf.getattr("extensions", "aa") + if exts: + if aqs.extensions is None: + aqs.extensions = md.Extensions() + + for key, val in exts.items(): + _ext = do_extensions(key, val) + if _ext: + for _e in _ext: + aqs.extensions.add_extension_element(_e) + endps = conf.getattr("endpoints", "aq") if endps: - for (endpoint, instlist) in do_endpoints(endps, - ENDPOINTS["aq"]).items(): + for (endpoint, instlist) in do_endpoints(endps, ENDPOINTS["aq"]).items(): setattr(aqs, endpoint, instlist) _do_nameid_format(aqs, conf, "aq") if cert or enc_cert: - aqs.key_descriptor = do_key_descriptor(cert, enc_cert, - use=conf.metadata_key_usage) + aqs.key_descriptor = do_key_descriptor(cert, enc_cert, use=conf.metadata_key_usage) return aqs def do_pdp_descriptor(conf, cert=None, enc_cert=None): - """ Create a Policy Decision Point descriptor """ + """Create a Policy Decision Point descriptor""" pdp = md.PDPDescriptor() pdp.protocol_support_enumeration = samlp.NAMESPACE + exts = conf.getattr("extensions", "pdp") + if exts: + if pdp.extensions is None: + pdp.extensions = md.Extensions() + + for key, val in exts.items(): + _ext = do_extensions(key, val) + if _ext: + for _e in _ext: + pdp.extensions.add_extension_element(_e) + endps = conf.getattr("endpoints", "pdp") if endps: - for (endpoint, instlist) in do_endpoints(endps, - ENDPOINTS["pdp"]).items(): + for (endpoint, instlist) in do_endpoints(endps, ENDPOINTS["pdp"]).items(): setattr(pdp, endpoint, instlist) _do_nameid_format(pdp, conf, "pdp") if cert: - pdp.key_descriptor = do_key_descriptor(cert, enc_cert, - use=conf.metadata_key_usage) + pdp.key_descriptor = do_key_descriptor(cert, enc_cert, use=conf.metadata_key_usage) return pdp def _add_attr_to_entity_attributes(extensions, attribute): try: - entity_attributes = next( - el - for el in extensions.extension_elements - if el.tag == mdattr.EntityAttributes.c_tag - ) + entity_attributes = next(el for el in extensions.extension_elements if el.tag == mdattr.EntityAttributes.c_tag) except StopIteration: entity_attributes = mdattr.EntityAttributes(attribute=attribute) extensions.add_extension_element(entity_attributes) @@ -688,14 +704,14 @@ def entity_descriptor(confd): enc_cert = None if confd.cert_file is not None: mycert = [] - mycert.append("".join(read_cert(confd.cert_file))) + mycert.append(read_cert_from_file(confd.cert_file)) if confd.additional_cert_files is not None: for _cert_file in confd.additional_cert_files: - mycert.append("".join(read_cert(_cert_file))) + mycert.append(read_cert_from_file(_cert_file)) if confd.encryption_keypairs is not None: enc_cert = [] for _encryption in confd.encryption_keypairs: - enc_cert.append("".join(read_cert(_encryption["cert_file"]))) + enc_cert.append(read_cert_from_file(_encryption["cert_file"])) entd = md.EntityDescriptor() entd.entity_id = confd.entityid @@ -708,6 +724,17 @@ def entity_descriptor(confd): if confd.contact_person is not None: entd.contact_person = do_contact_persons_info(confd.contact_person) + exts = confd.extensions + if exts: + if not entd.extensions: + entd.extensions = md.Extensions() + + for key, val in exts.items(): + _ext = do_extensions(key, val) + if _ext: + for _e in _ext: + entd.extensions.add_extension_element(_e) + if confd.entity_attributes: if not entd.extensions: entd.extensions = md.Extensions() @@ -716,10 +743,7 @@ def entity_descriptor(confd): name_format=attr.get("format"), name=attr.get("name"), friendly_name=attr.get("friendly_name"), - attribute_value=[ - AttributeValue(text=value) - for value in attr.get("values", []) - ], + attribute_value=[AttributeValue(text=value) for value in attr.get("values", [])], ) for attr in confd.entity_attributes ] @@ -740,18 +764,14 @@ def entity_descriptor(confd): if not entd.extensions: entd.extensions = md.Extensions() ava = [AttributeValue(text=c) for c in confd.entity_category] - attr = Attribute( - attribute_value=ava, name="http://macedir.org/entity-category" - ) + attr = Attribute(attribute_value=ava, name="http://macedir.org/entity-category") _add_attr_to_entity_attributes(entd.extensions, attr) if confd.entity_category_support: if not entd.extensions: entd.extensions = md.Extensions() ava = [AttributeValue(text=c) for c in confd.entity_category_support] - attr = Attribute( - attribute_value=ava, name="http://macedir.org/entity-category-support" - ) + attr = Attribute(attribute_value=ava, name="http://macedir.org/entity-category-support") _add_attr_to_entity_attributes(entd.extensions, attr) for item in algorithm_support_in_metadata(confd.xmlsec_binary): @@ -759,8 +779,8 @@ def entity_descriptor(confd): entd.extensions = md.Extensions() entd.extensions.add_extension_element(item) - conf_sp_type = confd.getattr('sp_type', 'sp') - conf_sp_type_in_md = confd.getattr('sp_type_in_metadata', 'sp') + conf_sp_type = confd.getattr("sp_type", "sp") + conf_sp_type_in_md = confd.getattr("sp_type_in_metadata", "sp") if conf_sp_type and conf_sp_type_in_md is True: if not entd.extensions: entd.extensions = md.Extensions() @@ -769,8 +789,7 @@ def entity_descriptor(confd): serves = confd.serves if not serves: - raise SAMLError( - 'No service type ("sp","idp","aa") provided in the configuration') + raise SAMLError('No service type ("sp","idp","aa") provided in the configuration') if "sp" in serves: confd.context = "sp" @@ -780,21 +799,18 @@ def entity_descriptor(confd): entd.idpsso_descriptor = do_idpsso_descriptor(confd, mycert, enc_cert) if "aa" in serves: confd.context = "aa" - entd.attribute_authority_descriptor = do_aa_descriptor(confd, mycert, - enc_cert) + entd.attribute_authority_descriptor = do_aa_descriptor(confd, mycert, enc_cert) if "pdp" in serves: confd.context = "pdp" entd.pdp_descriptor = do_pdp_descriptor(confd, mycert, enc_cert) if "aq" in serves: confd.context = "aq" - entd.authn_authority_descriptor = do_aq_descriptor(confd, mycert, - enc_cert) + entd.authn_authority_descriptor = do_aq_descriptor(confd, mycert, enc_cert) return entd -def entities_descriptor(eds, valid_for, name, ident, sign, secc, sign_alg=None, - digest_alg=None): +def entities_descriptor(eds, valid_for, name, ident, sign, secc, sign_alg=None, digest_alg=None): entities = md.EntitiesDescriptor(entity_descriptor=eds) if valid_for: entities.valid_until = in_a_while(hours=valid_for) @@ -808,18 +824,14 @@ def entities_descriptor(eds, valid_for, name, ident, sign, secc, sign_alg=None, ident = sid() if not secc.key_file: - raise SAMLError("If you want to do signing you should define " + - "a key to sign with") + raise SAMLError(f"If you want to do signing you should define a key to sign with") if not secc.my_cert: - raise SAMLError("If you want to do signing you should define " + - "where your public key are") + raise SAMLError(f"If you want to do signing you should define where your public key are") - entities.signature = pre_signature_part(ident, secc.my_cert, 1, - sign_alg=sign_alg, - digest_alg=digest_alg) + entities.signature = pre_signature_part(ident, secc.my_cert, 1, sign_alg=sign_alg, digest_alg=digest_alg) entities.id = ident - xmldoc = secc.sign_statement("%s" % entities, class_name(entities)) + xmldoc = secc.sign_statement(f"{entities}", class_name(entities)) entities = md.entities_descriptor_from_string(xmldoc) else: xmldoc = None @@ -841,12 +853,6 @@ def sign_entity_descriptor(edesc, ident, secc, sign_alg=None, digest_alg=None): edesc.signature = pre_signature_part(ident, secc.my_cert, 1, sign_alg=sign_alg, digest_alg=digest_alg) edesc.id = ident - xmldoc = secc.sign_statement("%s" % edesc, class_name(edesc)) + xmldoc = secc.sign_statement(f"{edesc}", class_name(edesc)) edesc = md.entity_descriptor_from_string(xmldoc) return edesc, xmldoc - - -def read_cert(path): - with open(path) as fp: - lines = fp.readlines() - return lines[1:-1] diff --git a/src/saml2/mongo_store.py b/src/saml2/mongo_store.py index 7df1b5655..44175c82f 100644 --- a/src/saml2/mongo_store.py +++ b/src/saml2/mongo_store.py @@ -1,35 +1,33 @@ -import datetime -from hashlib import sha1 import logging +from hashlib import sha1 +from datetime import datetime +from datetime import timezone from pymongo import MongoClient -from pymongo.mongo_replica_set_client import MongoReplicaSetClient -import pymongo.uri_parser import pymongo.errors -from saml2.saml import NAMEID_FORMAT_PERSISTENT +import pymongo.uri_parser from saml2.eptid import Eptid -from saml2.mdstore import InMemoryMetaData -from saml2.mdstore import metadata_modules -from saml2.mdstore import load_metadata_modules -from saml2.s_utils import PolicyError - -from saml2.ident import code_binary from saml2.ident import IdentDB from saml2.ident import Unknown -from saml2.mdie import to_dict +from saml2.ident import code_binary from saml2.mdie import from_dict - -import six +from saml2.mdie import to_dict +from saml2.mdstore import InMemoryMetaData +from saml2.mdstore import load_metadata_modules +from saml2.mdstore import metadata_modules +from saml2.s_utils import PolicyError +from saml2.saml import NAMEID_FORMAT_PERSISTENT -__author__ = 'rolandh' +__author__ = "rolandh" logger = logging.getLogger(__name__) ONTS = load_metadata_modules() MMODS = metadata_modules() + class CorruptDatabase(Exception): pass @@ -39,8 +37,8 @@ def context_match(cfilter, cntx): return True -class SessionStorageMDB(object): - """ Session information is stored in a MongoDB database""" +class SessionStorageMDB: + """Session information is stored in a MongoDB database""" def __init__(self, database="", collection="assertion", **kwargs): db = _mdb_get_database(database, **kwargs) @@ -62,8 +60,7 @@ def store_assertion(self, assertion, to_sign): def get_assertion(self, cid): res = [] for item in self.assertion.find({"assertion_id": cid}): - res.append({"assertion": from_dict(item["assertion"], ONTS, True), - "to_sign": item["to_sign"]}) + res.append({"assertion": from_dict(item["assertion"], ONTS, True), "to_sign": item["to_sign"]}) if len(res) == 1: return res[0] elif res is []: @@ -71,8 +68,7 @@ def get_assertion(self, cid): else: raise SystemError("More then one assertion with the same ID") - def get_assertions_by_subject(self, name_id=None, session_index=None, - requested_context=None): + def get_assertions_by_subject(self, name_id=None, session_index=None, requested_context=None): """ :param name_id: One of name_id or key can be used to get the authn @@ -93,8 +89,7 @@ def get_assertions_by_subject(self, name_id=None, session_index=None, result.append(assertion) break if requested_context: - if context_match(requested_context, - statement.authn_context): + if context_match(requested_context, statement.authn_context): result.append(assertion) break else: @@ -104,11 +99,9 @@ def get_assertions_by_subject(self, name_id=None, session_index=None, def remove_authn_statements(self, name_id): logger.debug("remove authn about: %s", name_id) key = sha1(code_binary(name_id)).hexdigest() - for item in self.assertion.find({"name_id_key": key}): - self.assertion.remove(item["_id"]) + self.assertion.delete_many(filter={"name_id_key": key}) - def get_authn_statements(self, name_id, session_index=None, - requested_context=None): + def get_authn_statements(self, name_id, session_index=None, requested_context=None): """ :param name_id: @@ -116,13 +109,11 @@ def get_authn_statements(self, name_id, session_index=None, :param requested_context: :return: """ - return [k.authn_statement for k in self.get_assertions_by_subject( - name_id, session_index, requested_context)] + return [k.authn_statement for k in self.get_assertions_by_subject(name_id, session_index, requested_context)] class IdentMDB(IdentDB): - def __init__(self, database="", collection="ident", domain="", - name_qualifier=""): + def __init__(self, database="", collection="ident", domain="", name_qualifier=""): IdentDB.__init__(self, None, domain, name_qualifier) self.mdb = MDB(database=database, collection=collection) self.mdb.primary_key = "user_id" @@ -142,8 +133,9 @@ def create_id(self, nformat, name_qualifier="", sp_name_qualifier=""): def store(self, ident, name_id): self.mdb.store(ident, name_id=to_dict(name_id, MMODS, True)) - def find_nameid(self, userid, nformat=None, sp_name_qualifier=None, - name_qualifier=None, sp_provided_id=None, **kwargs): + def find_nameid( + self, userid, nformat=None, sp_name_qualifier=None, name_qualifier=None, sp_provided_id=None, **kwargs + ): # reset passed for compatibility kwargs for next usage kwargs = {} if nformat: @@ -199,7 +191,7 @@ def handle_name_id_mapping_request(self, name_id, name_id_policy): return self.construct_nameid(_id, name_id_policy=name_id_policy) -class MDB(object): +class MDB: primary_key = "mdb" def __init__(self, database, collection, **kwargs): @@ -214,7 +206,7 @@ def store(self, value, **kwargs): doc.update(kwargs) # Add timestamp to all documents to allow external garbage collecting if "created_at" not in doc: - doc["created_at"] = datetime.datetime.utcnow() + doc["created_at"] = datetime.now(timezone.utc) _ = self.db.insert_one(doc) def get(self, value=None, **kwargs): @@ -228,13 +220,11 @@ def get(self, value=None, **kwargs): def remove(self, key=None, **kwargs): if key is None: if kwargs: - for item in self.db.find(kwargs): - self.db.remove(item["_id"]) + self.db.delete_many(filter=kwargs) else: doc = {self.primary_key: key} doc.update(kwargs) - for item in self.db.find(doc): - self.db.remove(item["_id"]) + self.db.delete_many(filter=doc) def keys(self): for item in self.db.find(): @@ -273,38 +263,28 @@ def _mdb_get_database(uri, **kwargs): :params database: name as string or (uri, name) :returns: pymongo database object """ - if not "tz_aware" in kwargs: + if "tz_aware" not in kwargs: # default, but not forced kwargs["tz_aware"] = True connection_factory = MongoClient - _parsed_uri = {} try: _parsed_uri = pymongo.uri_parser.parse_uri(uri) except pymongo.errors.InvalidURI: # assume URI to be just the database name db_name = uri - _conn = MongoClient() - pass + _conn = connection_factory() else: - if "replicaset" in _parsed_uri["options"]: - connection_factory = MongoReplicaSetClient db_name = _parsed_uri.get("database", "pysaml2") _conn = connection_factory(uri, **kwargs) _db = _conn[db_name] - if "username" in _parsed_uri: - _db.authenticate( - _parsed_uri.get("username", None), - _parsed_uri.get("password", None) - ) - return _db -#------------------------------------------------------------------------------ +# ------------------------------------------------------------------------------ class EptidMDB(Eptid): def __init__(self, secret, database="", collection="eptid"): Eptid.__init__(self, secret) @@ -324,20 +304,21 @@ def __setitem__(self, key, value): self.mdb.store(key, **{"eptid": value}) -#------------------------------------------------------------------------------ +# ------------------------------------------------------------------------------ + def protect(dic): res = {} for key, val in dic.items(): key = key.replace(".", "__") - if isinstance(val, six.string_types): + if isinstance(val, str): pass elif isinstance(val, dict): val = protect(val) elif isinstance(val, list): li = [] for va in val: - if isinstance(va, six.string_types): + if isinstance(va, str): pass elif isinstance(va, dict): va = protect(va) @@ -355,14 +336,14 @@ def unprotect(dic): pass else: key = key.replace("__", ".") - if isinstance(val, six.string_types): + if isinstance(val, str): pass elif isinstance(val, dict): val = unprotect(val) elif isinstance(val, list): li = [] for va in val: - if isinstance(va, six.string_types): + if isinstance(va, str): pass elif isinstance(val, dict): va = unprotect(va) @@ -385,7 +366,7 @@ def export_mdstore_to_mongo_db(mds, database, collection, sub_collection=""): class MetadataMDB(InMemoryMetaData): def __init__(self, attrc, database="", collection=""): - super(MetadataMDB, self).__init__(attrc) + super().__init__(attrc) self.mdb = MDB(database, collection) self.mdb.primary_key = "entity_id" @@ -432,7 +413,7 @@ def __getitem__(self, item): elif len(res) == 1: return unprotect(res[0]["entity_description"]) else: - raise CorruptDatabase("More then one document with key %s" % item) + raise CorruptDatabase(f"More then one document with key {item}") def bindings(self, entity_id, typ, service): pass diff --git a/src/saml2/pack.py b/src/saml2/pack.py index 36480743b..cee1cf1c8 100644 --- a/src/saml2/pack.py +++ b/src/saml2/pack.py @@ -8,35 +8,21 @@ """ import base64 -try: - import html -except: - import cgi as html - +import html import logging +from urllib.parse import urlencode +from urllib.parse import urlparse +from xml.etree import ElementTree as ElementTree + +import defusedxml.ElementTree + import saml2 from saml2.s_utils import deflate_and_base64_encode -from saml2.sigver import REQ_ORDER, RESP_ORDER +from saml2.sigver import REQ_ORDER +from saml2.sigver import RESP_ORDER from saml2.xmldsig import SIG_ALLOWED_ALG -import six -from six.moves.urllib.parse import urlencode, urlparse - -try: - from xml.etree import cElementTree as ElementTree - if ElementTree.VERSION < '1.3.0': - # cElementTree has no support for register_namespace - # neither _namespace_map, thus we sacrify performance - # for correctness - from xml.etree import ElementTree -except ImportError: - try: - import cElementTree as ElementTree - except ImportError: - from elementtree import ElementTree -import defusedxml.ElementTree - logger = logging.getLogger(__name__) @@ -72,8 +58,7 @@ def _html_escape(payload): return html.escape(payload, quote=True) -def http_form_post_message(message, location, relay_state="", - typ="SAMLRequest", **kwargs): +def http_form_post_message(message, location, relay_state="", typ="SAMLRequest", **kwargs): """The HTTP POST binding defines a mechanism by which SAML protocol messages may be transmitted within the base64-encoded content of a HTML form control. @@ -83,33 +68,28 @@ def http_form_post_message(message, location, relay_state="", :param relay_state: for preserving and conveying state information :return: A tuple containing header information and a HTML message. """ - if not isinstance(message, six.string_types): + if not isinstance(message, str): message = str(message) - if not isinstance(message, six.binary_type): - message = message.encode('utf-8') + if not isinstance(message, bytes): + message = message.encode("utf-8") if typ == "SAMLRequest" or typ == "SAMLResponse": _msg = base64.b64encode(message) else: _msg = message - _msg = _msg.decode('ascii') + _msg = _msg.decode("ascii") - saml_response_input = HTML_INPUT_ELEMENT_SPEC.format( - name=_html_escape(typ), - val=_html_escape(_msg), - type='hidden') + saml_response_input = HTML_INPUT_ELEMENT_SPEC.format(name=_html_escape(typ), val=_html_escape(_msg), type="hidden") relay_state_input = "" if relay_state: relay_state_input = HTML_INPUT_ELEMENT_SPEC.format( - name='RelayState', - val=_html_escape(relay_state), - type='hidden') + name="RelayState", val=_html_escape(relay_state), type="hidden" + ) response = HTML_FORM_SPEC.format( - saml_response_input=saml_response_input, - relay_state_input=relay_state_input, - action=location) + saml_response_input=saml_response_input, relay_state_input=relay_state_input, action=location + ) return {"headers": [("Content-type", "text/html")], "data": response, "status": 200} @@ -121,24 +101,22 @@ def http_post_message(message, relay_state="", typ="SAMLRequest", **kwargs): :param relay_state: for preserving and conveying state information :return: A tuple containing header information and a HTML message. """ - if not isinstance(message, six.string_types): + if not isinstance(message, str): message = str(message) - if not isinstance(message, six.binary_type): - message = message.encode('utf-8') + if not isinstance(message, bytes): + message = message.encode("utf-8") if typ == "SAMLRequest" or typ == "SAMLResponse": _msg = base64.b64encode(message) else: _msg = message - _msg = _msg.decode('ascii') + _msg = _msg.decode("ascii") part = {typ: _msg} if relay_state: part["RelayState"] = relay_state - return {"headers": [("Content-type", 'application/x-www-form-urlencoded')], - "data": urlencode(part), - "status": 200} + return {"headers": [("Content-type", "application/x-www-form-urlencoded")], "data": urlencode(part), "status": 200} def http_redirect_message( @@ -167,8 +145,8 @@ def http_redirect_message( :return: A tuple containing header information and a HTML message. """ - if not isinstance(message, six.string_types): - message = "%s" % (message,) + if not isinstance(message, str): + message = f"{message}" _order = None if typ in ["SAMLRequest", "SAMLResponse"]: @@ -180,7 +158,7 @@ def http_redirect_message( elif typ == "SAMLart": args = {typ: message} else: - raise Exception("Unknown message type: %s" % typ) + raise Exception(f"Unknown message type: {typ}") if relay_state: args["RelayState"] = relay_state @@ -188,22 +166,20 @@ def http_redirect_message( if sign: # sigalgs, should be one defined in xmldsig if sigalg not in [long_name for short_name, long_name in SIG_ALLOWED_ALG]: - raise Exception( - "Signature algo not in allowed list: {algo}".format(algo=sigalg) - ) + raise Exception(f"Signature algo not in allowed list: {sigalg}") signer = backend.get_signer(sigalg) if sign and sigalg else None if not signer: - raise Exception("Could not init signer fro algo {algo}".format(algo=sigalg)) + raise Exception(f"Could not init signer fro algo {sigalg}") args["SigAlg"] = sigalg string = "&".join(urlencode({k: args[k]}) for k in _order if k in args) - string_enc = string.encode('ascii') + string_enc = string.encode("ascii") args["Signature"] = base64.b64encode(signer.sign(string_enc)) string = urlencode(args) glue_char = "&" if urlparse(location).query else "?" login_url = glue_char.join([location, string]) - headers = [('Location', str(login_url))] + headers = [("Location", str(login_url))] body = [] return {"headers": headers, "data": body, "status": 303} @@ -214,50 +190,50 @@ def http_redirect_message( def make_soap_enveloped_saml_thingy(thingy, header_parts=None): - """ Returns a soap envelope containing a SAML request + """Returns a soap envelope containing a SAML request as a text string. :param thingy: The SAML thingy :return: The SOAP envelope as a string """ - envelope = ElementTree.Element('') - envelope.tag = '{%s}Envelope' % NAMESPACE + envelope = ElementTree.Element("") + envelope.tag = "{%s}Envelope" % NAMESPACE if header_parts: - header = ElementTree.Element('') - header.tag = '{%s}Header' % NAMESPACE + header = ElementTree.Element("") + header.tag = "{%s}Header" % NAMESPACE envelope.append(header) for part in header_parts: # This doesn't work if the headers are signed part.become_child_element_of(header) - body = ElementTree.Element('') - body.tag = '{%s}Body' % NAMESPACE + body = ElementTree.Element("") + body.tag = "{%s}Body" % NAMESPACE envelope.append(body) - if isinstance(thingy, six.string_types): + if isinstance(thingy, str): # remove the first XML version/encoding line - if thingy[0:5].lower() == '", first + 14) - cut2 = _str[first:last + 1] + cut2 = _str[first : last + 1] return _str.replace(cut2, thingy) else: thingy.become_child_element_of(body) @@ -265,15 +241,19 @@ def make_soap_enveloped_saml_thingy(thingy, header_parts=None): def http_soap_message(message): - return {"headers": [("Content-type", "application/soap+xml")], - "data": make_soap_enveloped_saml_thingy(message), - "status": 200} + return { + "headers": [("Content-type", "application/soap+xml")], + "data": make_soap_enveloped_saml_thingy(message), + "status": 200, + } def http_paos(message, extra=None): - return {"headers": [("Content-type", "application/soap+xml")], - "data": make_soap_enveloped_saml_thingy(message, extra), - "status": 200} + return { + "headers": [("Content-type", "application/soap+xml")], + "data": make_soap_enveloped_saml_thingy(message, extra), + "status": 200, + } def parse_soap_enveloped_saml(text, body_class, header_class=None): @@ -286,26 +266,20 @@ def parse_soap_enveloped_saml(text, body_class, header_class=None): envelope_tag = "{%s}Envelope" % NAMESPACE if envelope.tag != envelope_tag: - raise ValueError( - "Invalid envelope tag '{invalid}' should be '{valid}'".format( - invalid=envelope.tag, valid=envelope_tag - ) - ) + raise ValueError(f"Invalid envelope tag '{envelope.tag}' should be '{envelope_tag}'") # print(len(envelope)) body = None header = {} for part in envelope: # print(">",part.tag) - if part.tag == '{%s}Body' % NAMESPACE: + if part.tag == "{%s}Body" % NAMESPACE: for sub in part: try: - body = saml2.create_class_from_element_tree( - body_class, sub) + body = saml2.create_class_from_element_tree(body_class, sub) except Exception: - raise Exception( - "Wrong body type (%s) in SOAP envelope" % sub.tag) - elif part.tag == '{%s}Header' % NAMESPACE: + raise Exception(f"Wrong body type ({sub.tag}) in SOAP envelope") + elif part.tag == "{%s}Header" % NAMESPACE: if not header_class: raise Exception("Header where I didn't expect one") # print("--- HEADER ---") @@ -313,9 +287,8 @@ def parse_soap_enveloped_saml(text, body_class, header_class=None): # print(">>",sub.tag) for klass in header_class: # print("?{%s}%s" % (klass.c_namespace,klass.c_tag)) - if sub.tag == "{%s}%s" % (klass.c_namespace, klass.c_tag): - header[sub.tag] = \ - saml2.create_class_from_element_tree(klass, sub) + if sub.tag == f"{{{klass.c_namespace}}}{klass.c_tag}": + header[sub.tag] = saml2.create_class_from_element_tree(klass, sub) break return body, header @@ -333,9 +306,8 @@ def packager(identifier): try: return PACKING[identifier] except KeyError: - raise Exception("Unknown binding type: %s" % identifier) + raise Exception(f"Unknown binding type: {identifier}") -def factory(binding, message, location, relay_state="", typ="SAMLRequest", - **kwargs): +def factory(binding, message, location, relay_state="", typ="SAMLRequest", **kwargs): return PACKING[binding](message, location, relay_state, typ, **kwargs) diff --git a/src/saml2/population.py b/src/saml2/population.py index 37b363522..ff3928b45 100644 --- a/src/saml2/population.py +++ b/src/saml2/population.py @@ -1,16 +1,15 @@ import logging -import six - from saml2.cache import Cache + logger = logging.getLogger(__name__) -class Population(object): +class Population: def __init__(self, cache=None): if cache: - if isinstance(cache, six.string_types): + if isinstance(cache, str): self.cache = Cache(cache) else: self.cache = cache @@ -24,8 +23,7 @@ def add_information_about_person(self, session_info): session_info = dict(session_info) name_id = session_info["name_id"] issuer = session_info.pop("issuer") - self.cache.set(name_id, issuer, session_info, - session_info["not_on_or_after"]) + self.cache.set(name_id, issuer, session_info, session_info["not_on_or_after"]) return name_id def stale_sources_for_person(self, name_id, sources=None): @@ -60,8 +58,7 @@ def remove_person(self, name_id): def get_entityid(self, name_id, source_id, check_not_on_or_after=True): try: - return self.cache.get(name_id, source_id, check_not_on_or_after)[ - "name_id"] + return self.cache.get(name_id, source_id, check_not_on_or_after)["name_id"] except (KeyError, ValueError): return "" diff --git a/src/saml2/profile/__init__.py b/src/saml2/profile/__init__.py index cf3ef629e..4f337956a 100644 --- a/src/saml2/profile/__init__.py +++ b/src/saml2/profile/__init__.py @@ -1,2 +1,2 @@ -#profile schema descriptions -__author__ = 'rolandh' +# profile schema descriptions +__author__ = "rolandh" diff --git a/src/saml2/profile/ecp.py b/src/saml2/profile/ecp.py index df783994c..300f79807 100644 --- a/src/saml2/profile/ecp.py +++ b/src/saml2/profile/ecp.py @@ -6,162 +6,176 @@ import saml2 from saml2 import SamlBase - from saml2 import saml from saml2 import samlp -#import soapenv as S -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp' + +# import soapenv as S + +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp" + class RequestType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:RequestType element """ + """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:RequestType element""" - c_tag = 'RequestType' + c_tag = "RequestType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Issuer'] = ('issuer', saml.Issuer) - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}IDPList'] = ('idp_list', samlp.IDPList) - c_cardinality['idp_list'] = {"min":0, "max":1} - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand'] = ('must_understand', 'None', True) - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}actor'] = ('actor', 'None', True) - c_attributes['ProviderName'] = ('provider_name', 'string', False) - c_attributes['IsPassive'] = ('is_passive', 'boolean', False) - c_child_order.extend(['issuer', 'idp_list']) - - def __init__(self, - issuer=None, - idp_list=None, - must_understand=None, - actor=None, - provider_name=None, - is_passive=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.issuer=issuer - self.idp_list=idp_list - self.must_understand=must_understand - self.actor=actor - self.provider_name=provider_name - self.is_passive=is_passive + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Issuer"] = ("issuer", saml.Issuer) + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}IDPList"] = ("idp_list", samlp.IDPList) + c_cardinality["idp_list"] = {"min": 0, "max": 1} + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand"] = ("must_understand", "None", True) + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}actor"] = ("actor", "None", True) + c_attributes["ProviderName"] = ("provider_name", "string", False) + c_attributes["IsPassive"] = ("is_passive", "boolean", False) + c_child_order.extend(["issuer", "idp_list"]) + + def __init__( + self, + issuer=None, + idp_list=None, + must_understand=None, + actor=None, + provider_name=None, + is_passive=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.issuer = issuer + self.idp_list = idp_list + self.must_understand = must_understand + self.actor = actor + self.provider_name = provider_name + self.is_passive = is_passive + def request_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestType_, xml_string) class ResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:ResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:ResponseType element""" - c_tag = 'ResponseType' + c_tag = "ResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand'] = ('must_understand', 'None', True) - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}actor'] = ('actor', 'None', True) - c_attributes['AssertionConsumerServiceURL'] = ('assertion_consumer_service_url', 'anyURI', True) - - def __init__(self, - must_understand=None, - actor=None, - assertion_consumer_service_url=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.must_understand=must_understand - self.actor=actor - self.assertion_consumer_service_url=assertion_consumer_service_url + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand"] = ("must_understand", "None", True) + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}actor"] = ("actor", "None", True) + c_attributes["AssertionConsumerServiceURL"] = ("assertion_consumer_service_url", "anyURI", True) + + def __init__( + self, + must_understand=None, + actor=None, + assertion_consumer_service_url=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.must_understand = must_understand + self.actor = actor + self.assertion_consumer_service_url = assertion_consumer_service_url + def response_type__from_string(xml_string): return saml2.create_class_from_xml_string(ResponseType_, xml_string) class RelayStateType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:RelayStateType element """ + """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:RelayStateType element""" - c_tag = 'RelayStateType' + c_tag = "RelayStateType" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand'] = ('must_understand', 'string', True) - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}actor'] = ('actor', 'string', True) - - def __init__(self, - must_understand=None, - actor=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.must_understand=must_understand - self.actor=actor + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand"] = ("must_understand", "string", True) + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}actor"] = ("actor", "string", True) + + def __init__( + self, + must_understand=None, + actor=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.must_understand = must_understand + self.actor = actor + def relay_state_type__from_string(xml_string): return saml2.create_class_from_xml_string(RelayStateType_, xml_string) class Request(RequestType_): - """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:Request element """ + """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:Request element""" - c_tag = 'Request' + c_tag = "Request" c_namespace = NAMESPACE c_children = RequestType_.c_children.copy() c_attributes = RequestType_.c_attributes.copy() c_child_order = RequestType_.c_child_order[:] c_cardinality = RequestType_.c_cardinality.copy() + def request_from_string(xml_string): return saml2.create_class_from_xml_string(Request, xml_string) class Response(ResponseType_): - """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:Response element """ + """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:Response element""" - c_tag = 'Response' + c_tag = "Response" c_namespace = NAMESPACE c_children = ResponseType_.c_children.copy() c_attributes = ResponseType_.c_attributes.copy() c_child_order = ResponseType_.c_child_order[:] c_cardinality = ResponseType_.c_cardinality.copy() + def response_from_string(xml_string): return saml2.create_class_from_xml_string(Response, xml_string) class RelayState(RelayStateType_): - """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:RelayState element """ + """The urn:oasis:names:tc:SAML:2.0:profiles:SSO:ecp:RelayState element""" - c_tag = 'RelayState' + c_tag = "RelayState" c_namespace = NAMESPACE c_children = RelayStateType_.c_children.copy() c_attributes = RelayStateType_.c_attributes.copy() c_child_order = RelayStateType_.c_child_order[:] c_cardinality = RelayStateType_.c_cardinality.copy() + def relay_state_from_string(xml_string): return saml2.create_class_from_xml_string(RelayState, xml_string) @@ -176,15 +190,14 @@ def relay_state_from_string(xml_string): } ELEMENT_BY_TAG = { - 'Request': Request, - 'RequestType': RequestType_, - 'Response': Response, - 'ResponseType': ResponseType_, - 'RelayState': RelayState, - 'RelayStateType': RelayStateType_, + "Request": Request, + "RequestType": RequestType_, + "Response": Response, + "ResponseType": ResponseType_, + "RelayState": RelayState, + "RelayStateType": RelayStateType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/profile/paos.py b/src/saml2/profile/paos.py index f135d6dc3..6dec83fac 100644 --- a/src/saml2/profile/paos.py +++ b/src/saml2/profile/paos.py @@ -7,108 +7,118 @@ import saml2 from saml2 import SamlBase -#import soapenv as S -NAMESPACE = 'urn:liberty:paos:2003-08' +# import soapenv as S + +NAMESPACE = "urn:liberty:paos:2003-08" + class RequestType_(SamlBase): - """The urn:liberty:paos:2003-08:RequestType element """ + """The urn:liberty:paos:2003-08:RequestType element""" - c_tag = 'RequestType' + c_tag = "RequestType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['responseConsumerURL'] = ('response_consumer_url', 'anyURI', True) - c_attributes['service'] = ('service', 'anyURI', True) - c_attributes['messageID'] = ('message_id', 'None', False) - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand'] = ('must_understand', 'None', True) - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}actor'] = ('actor', 'None', True) - - def __init__(self, - response_consumer_url=None, - service=None, - message_id=None, - must_understand=None, - actor=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.response_consumer_url=response_consumer_url - self.service=service - self.message_id=message_id - self.must_understand=must_understand - self.actor=actor + c_attributes["responseConsumerURL"] = ("response_consumer_url", "anyURI", True) + c_attributes["service"] = ("service", "anyURI", True) + c_attributes["messageID"] = ("message_id", "None", False) + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand"] = ("must_understand", "None", True) + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}actor"] = ("actor", "None", True) + + def __init__( + self, + response_consumer_url=None, + service=None, + message_id=None, + must_understand=None, + actor=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.response_consumer_url = response_consumer_url + self.service = service + self.message_id = message_id + self.must_understand = must_understand + self.actor = actor + def request_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestType_, xml_string) class ResponseType_(SamlBase): - """The urn:liberty:paos:2003-08:ResponseType element """ + """The urn:liberty:paos:2003-08:ResponseType element""" - c_tag = 'ResponseType' + c_tag = "ResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['refToMessageID'] = ('ref_to_message_id', 'None', False) - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand'] = ('must_understand', 'None', True) - c_attributes['{http://schemas.xmlsoap.org/soap/envelope/}actor'] = ('actor', 'None', True) - - def __init__(self, - ref_to_message_id=None, - must_understand=None, - actor=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.ref_to_message_id=ref_to_message_id - self.must_understand=must_understand - self.actor=actor + c_attributes["refToMessageID"] = ("ref_to_message_id", "None", False) + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}mustUnderstand"] = ("must_understand", "None", True) + c_attributes["{http://schemas.xmlsoap.org/soap/envelope/}actor"] = ("actor", "None", True) + + def __init__( + self, + ref_to_message_id=None, + must_understand=None, + actor=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.ref_to_message_id = ref_to_message_id + self.must_understand = must_understand + self.actor = actor + def response_type__from_string(xml_string): return saml2.create_class_from_xml_string(ResponseType_, xml_string) class Request(RequestType_): - """The urn:liberty:paos:2003-08:Request element """ + """The urn:liberty:paos:2003-08:Request element""" - c_tag = 'Request' + c_tag = "Request" c_namespace = NAMESPACE c_children = RequestType_.c_children.copy() c_attributes = RequestType_.c_attributes.copy() c_child_order = RequestType_.c_child_order[:] c_cardinality = RequestType_.c_cardinality.copy() + def request_from_string(xml_string): return saml2.create_class_from_xml_string(Request, xml_string) class Response(ResponseType_): - """The urn:liberty:paos:2003-08:Response element """ + """The urn:liberty:paos:2003-08:Response element""" - c_tag = 'Response' + c_tag = "Response" c_namespace = NAMESPACE c_children = ResponseType_.c_children.copy() c_attributes = ResponseType_.c_attributes.copy() c_child_order = ResponseType_.c_child_order[:] c_cardinality = ResponseType_.c_cardinality.copy() + def response_from_string(xml_string): return saml2.create_class_from_xml_string(Response, xml_string) @@ -121,13 +131,12 @@ def response_from_string(xml_string): } ELEMENT_BY_TAG = { - 'Request': Request, - 'RequestType': RequestType_, - 'Response': Response, - 'ResponseType': ResponseType_, + "Request": Request, + "RequestType": RequestType_, + "Response": Response, + "ResponseType": ResponseType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/profile/samlec.py b/src/saml2/profile/samlec.py index b90f6d3d8..8d28e8c4a 100644 --- a/src/saml2/profile/samlec.py +++ b/src/saml2/profile/samlec.py @@ -1,14 +1,14 @@ from saml2 import SamlBase -NAMESPACE = 'urn:ietf:params:xml:ns:samlec' +NAMESPACE = "urn:ietf:params:xml:ns:samlec" class GeneratedKey(SamlBase): - c_tag = 'GeneratedKey' + c_tag = "GeneratedKey" c_namespace = NAMESPACE ELEMENT_BY_TAG = { - 'GeneratedKey': GeneratedKey, + "GeneratedKey": GeneratedKey, } diff --git a/src/saml2/request.py b/src/saml2/request.py index 30462f26d..e013e058c 100644 --- a/src/saml2/request.py +++ b/src/saml2/request.py @@ -1,15 +1,14 @@ import logging -from saml2 import time_util from saml2 import BINDING_HTTP_REDIRECT +from saml2 import time_util from saml2.attribute_converter import to_local -from saml2.s_utils import OtherError - -from saml2.validate import valid_instance -from saml2.validate import NotValid from saml2.response import IncorrectlySigned -from saml2.sigver import verify_redirect_signature +from saml2.s_utils import OtherError from saml2.s_utils import VersionMismatch +from saml2.sigver import verify_redirect_signature +from saml2.validate import NotValid +from saml2.validate import valid_instance logger = logging.getLogger(__name__) @@ -19,9 +18,8 @@ def _dummy(data, **_arg): return "" -class Request(object): - def __init__(self, sec_context, receiver_addrs, attribute_converters=None, - timeslack=0): +class Request: + def __init__(self, sec_context, receiver_addrs, attribute_converters=None, timeslack=0): self.sec = sec_context self.receiver_addrs = receiver_addrs self.timeslack = timeslack @@ -53,8 +51,9 @@ def _loads( ): # own copy self.xmlstr = xmldata[:] - logger.debug("xmlstr: %s, relay_state: %s, sigalg: %s, signature: %s", - self.xmlstr, relay_state, sigalg, signature) + logger.debug( + "xmlstr: %s, relay_state: %s, sigalg: %s, signature: %s", self.xmlstr, relay_state, sigalg, signature + ) sign_redirect = must and binding == BINDING_HTTP_REDIRECT sign_post = must and not sign_redirect @@ -97,7 +96,7 @@ def _loads( logger.info("Request data: %s", xmldata) raise incorrectly_signed - logger.info("Request message: %s", self.message) + logger.debug("Request message: %s", self.message) try: valid_instance(self.message) @@ -108,22 +107,17 @@ def _loads( return self def _do_redirect_sig_check(self, _saml_msg): - issuer = self.message.issuer.text.strip() + issuer = self.sender() certs = self.sec.metadata.certs(issuer, "any", "signing") logger.debug("Certs to verify request sig: %s, _saml_msg: %s", certs, _saml_msg) - verified = any( - verify_redirect_signature(_saml_msg, self.sec.sec_backend, cert) - for cert_name, cert in certs - ) - logger.info("Redirect request signature check: %s", verified) + verified = any(verify_redirect_signature(_saml_msg, self.sec.sec_backend, cert) for cert_name, cert in certs) + logger.debug("Redirect request signature check: %s", verified) return verified def issue_instant_ok(self): - """ Check that the request was issued at a reasonable time """ - upper = time_util.shift_time(time_util.time_in_a_while(days=1), - self.timeslack).timetuple() - lower = time_util.shift_time(time_util.time_a_while_ago(days=1), - - self.timeslack).timetuple() + """Check that the request was issued at a reasonable time""" + upper = time_util.shift_time(time_util.time_in_a_while(days=1), self.timeslack).timetuple() + lower = time_util.shift_time(time_util.time_a_while_ago(days=1), -self.timeslack).timetuple() # print("issue_instant: %s" % self.message.issue_instant) # print("%s < x < %s" % (lower, upper)) issued_at = time_util.str_to_time(self.message.issue_instant) @@ -132,25 +126,36 @@ def issue_instant_ok(self): def _verify(self): valid_version = "2.0" if self.message.version != valid_version: - raise VersionMismatch( - "Invalid version {invalid} should be {valid}".format( - invalid=self.message.version, valid=valid_version - ) - ) + raise VersionMismatch(f"Invalid version {self.message.version} should be {valid_version}") - if self.message.destination and self.receiver_addrs and \ - self.message.destination not in self.receiver_addrs: + if self.message.destination and self.receiver_addrs and self.message.destination not in self.receiver_addrs: logger.error("%s not in %s", self.message.destination, self.receiver_addrs) raise OtherError("Not destined for me!") valid = self.issue_instant_ok() return valid - def loads(self, xmldata, binding, origdoc=None, must=None, - only_valid_cert=False, relay_state=None, sigalg=None, signature=None): - return self._loads(xmldata, binding, origdoc, must, - only_valid_cert=only_valid_cert, relay_state=relay_state, - sigalg=sigalg, signature=signature) + def loads( + self, + xmldata, + binding, + origdoc=None, + must=None, + only_valid_cert=False, + relay_state=None, + sigalg=None, + signature=None, + ): + return self._loads( + xmldata, + binding, + origdoc, + must, + only_valid_cert=only_valid_cert, + relay_state=relay_state, + sigalg=sigalg, + signature=signature, + ) def verify(self): try: @@ -159,7 +164,7 @@ def verify(self): return None def subject_id(self): - """ The name of the subject can be in either of + """The name of the subject can be in either of BaseID, NameID or EncryptedID :return: The identifier if there is one @@ -180,16 +185,14 @@ def subject_id(self): pass def sender(self): - return self.message.issuer.text + return self.message.issuer.text.strip() class LogoutRequest(Request): msgtype = "logout_request" - def __init__(self, sec_context, receiver_addrs, attribute_converters=None, - timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters=None, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_logout_request @property @@ -200,24 +203,20 @@ def issuer(self): class AttributeQuery(Request): msgtype = "attribute_query" - def __init__(self, sec_context, receiver_addrs, attribute_converters=None, - timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters=None, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_attribute_query def attribute(self): - """ Which attributes that are sought for """ + """Which attributes that are sought for""" return [] class AuthnRequest(Request): msgtype = "authn_request" - def __init__(self, sec_context, receiver_addrs, attribute_converters, - timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_authn_request def attributes(self): @@ -227,10 +226,8 @@ def attributes(self): class AuthnQuery(Request): msgtype = "authn_query" - def __init__(self, sec_context, receiver_addrs, attribute_converters, - timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_authn_query def attributes(self): @@ -240,10 +237,8 @@ def attributes(self): class AssertionIDRequest(Request): msgtype = "assertion_id_request" - def __init__(self, sec_context, receiver_addrs, attribute_converters, - timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_assertion_id_request def attributes(self): @@ -253,44 +248,36 @@ def attributes(self): class AuthzDecisionQuery(Request): msgtype = "authz_decision_query" - def __init__(self, sec_context, receiver_addrs, - attribute_converters=None, timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters=None, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_authz_decision_query def action(self): - """ Which action authorization is requested for """ - pass + """Which action authorization is requested for""" def evidence(self): - """ The evidence on which the decision is based """ - pass + """The evidence on which the decision is based""" def resource(self): - """ On which resource the action is expected to occur """ - pass + """On which resource the action is expected to occur""" class NameIDMappingRequest(Request): msgtype = "name_id_mapping_request" - def __init__(self, sec_context, receiver_addrs, attribute_converters, - timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_name_id_mapping_request class ManageNameIDRequest(Request): msgtype = "manage_name_id_request" - def __init__(self, sec_context, receiver_addrs, attribute_converters, - timeslack=0): - Request.__init__(self, sec_context, receiver_addrs, - attribute_converters, timeslack) + def __init__(self, sec_context, receiver_addrs, attribute_converters, timeslack=0): + Request.__init__(self, sec_context, receiver_addrs, attribute_converters, timeslack) self.signature_check = self.sec.correctly_signed_manage_name_id_request + SERVICE2REQUEST = { "single_sign_on_service": AuthnRequest, "attribute_service": AttributeQuery, @@ -299,6 +286,6 @@ def __init__(self, sec_context, receiver_addrs, attribute_converters, "authn_query_service": AuthnQuery, "manage_name_id_service": ManageNameIDRequest, "name_id_mapping_service": NameIDMappingRequest, - #"artifact_resolve_service": ArtifactResolve, - "single_logout_service": LogoutRequest + # "artifact_resolve_service": ArtifactResolve, + "single_logout_service": LogoutRequest, } diff --git a/src/saml2/response.py b/src/saml2/response.py index 432fe5de1..34b883913 100644 --- a/src/saml2/response.py +++ b/src/saml2/response.py @@ -1,11 +1,25 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # import calendar import logging -import six -from saml2.samlp import STATUS_VERSION_MISMATCH +from saml2 import SAMLError +from saml2 import class_name +from saml2 import extension_elements_to_elements +from saml2 import saml +from saml2 import samlp +from saml2 import time_util +from saml2 import xmldsig as ds +from saml2 import xmlenc as xenc +from saml2.attribute_converter import to_local +from saml2.s_utils import RequestVersionTooHigh +from saml2.s_utils import RequestVersionTooLow +from saml2.saml import SCM_BEARER +from saml2.saml import SCM_HOLDER_OF_KEY +from saml2.saml import SCM_SENDER_VOUCHES +from saml2.saml import XSI_TYPE +from saml2.saml import attribute_from_string +from saml2.saml import encrypted_attribute_from_string from saml2.samlp import STATUS_AUTHN_FAILED from saml2.samlp import STATUS_INVALID_ATTR_NAME_OR_VALUE from saml2.samlp import STATUS_INVALID_NAMEID_POLICY @@ -21,41 +35,24 @@ from saml2.samlp import STATUS_REQUEST_VERSION_TOO_HIGH from saml2.samlp import STATUS_REQUEST_VERSION_TOO_LOW from saml2.samlp import STATUS_RESOURCE_NOT_RECOGNIZED +from saml2.samlp import STATUS_RESPONDER from saml2.samlp import STATUS_TOO_MANY_RESPONSES from saml2.samlp import STATUS_UNKNOWN_ATTR_PROFILE from saml2.samlp import STATUS_UNKNOWN_PRINCIPAL from saml2.samlp import STATUS_UNSUPPORTED_BINDING -from saml2.samlp import STATUS_RESPONDER - -from saml2 import xmldsig as ds -from saml2 import xmlenc as xenc - -from saml2 import samlp -from saml2 import class_name -from saml2 import saml -from saml2 import extension_elements_to_elements -from saml2 import SAMLError -from saml2 import time_util - -from saml2.s_utils import RequestVersionTooLow -from saml2.s_utils import RequestVersionTooHigh -from saml2.saml import attribute_from_string, XSI_TYPE -from saml2.saml import SCM_BEARER -from saml2.saml import SCM_HOLDER_OF_KEY -from saml2.saml import SCM_SENDER_VOUCHES -from saml2.saml import encrypted_attribute_from_string -from saml2.sigver import security_context +from saml2.samlp import STATUS_VERSION_MISMATCH from saml2.sigver import DecryptError from saml2.sigver import SignatureError +from saml2.sigver import security_context from saml2.sigver import signed -from saml2.attribute_converter import to_local -from saml2.time_util import str_to_time, later_than - -from saml2.validate import validate_on_or_after -from saml2.validate import validate_before -from saml2.validate import valid_instance -from saml2.validate import valid_address +from saml2.time_util import later_than +from saml2.time_util import str_to_time from saml2.validate import NotValid +from saml2.validate import valid_address +from saml2.validate import valid_instance +from saml2.validate import validate_before +from saml2.validate import validate_on_or_after + logger = logging.getLogger(__name__) @@ -98,6 +95,7 @@ class StatusAuthnFailed(StatusError): class StatusInvalidAttrNameOrValue(StatusError): pass + class StatusInvalidAuthnResponseStatement(StatusError): pass @@ -207,7 +205,7 @@ def _dummy(_): def for_me(conditions, myself): - """ Am I among the intended audiences """ + """Am I among the intended audiences""" if not conditions.audience_restriction: # No audience restriction return True @@ -219,14 +217,21 @@ def for_me(conditions, myself): if audience.text and audience.text.strip() == myself: return True else: - logger.debug("AudienceRestriction - One condition not satisfied: {} != {}".format(audience.text, myself)) + logger.debug(f"AudienceRestriction - One condition not satisfied: {audience.text} != {myself}") logger.debug("AudienceRestrictions not satisfied!") return False -def authn_response(conf, return_addrs, outstanding_queries=None, timeslack=0, - asynchop=True, allow_unsolicited=False, - want_assertions_signed=False, conv_info=None): +def authn_response( + conf, + return_addrs, + outstanding_queries=None, + timeslack=0, + asynchop=True, + allow_unsolicited=False, + want_assertions_signed=False, + conv_info=None, +): sec = security_context(conf) if not timeslack: try: @@ -234,16 +239,22 @@ def authn_response(conf, return_addrs, outstanding_queries=None, timeslack=0, except TypeError: timeslack = 0 - return AuthnResponse(sec, conf.attribute_converters, conf.entityid, - return_addrs, outstanding_queries, timeslack, - asynchop=asynchop, allow_unsolicited=allow_unsolicited, - want_assertions_signed=want_assertions_signed, - conv_info=conv_info) + return AuthnResponse( + sec, + conf.attribute_converters, + conf.entityid, + return_addrs, + outstanding_queries, + timeslack, + asynchop=asynchop, + allow_unsolicited=allow_unsolicited, + want_assertions_signed=want_assertions_signed, + conv_info=conv_info, + ) # comes in over SOAP so synchronous -def attribute_response(conf, return_addrs, timeslack=0, asynchop=False, - test=False, conv_info=None): +def attribute_response(conf, return_addrs, timeslack=0, asynchop=False, test=False, conv_info=None): sec = security_context(conf) if not timeslack: try: @@ -251,16 +262,22 @@ def attribute_response(conf, return_addrs, timeslack=0, asynchop=False, except TypeError: timeslack = 0 - return AttributeResponse(sec, conf.attribute_converters, conf.entityid, - return_addrs, timeslack, asynchop=asynchop, - test=test, conv_info=conv_info) + return AttributeResponse( + sec, + conf.attribute_converters, + conf.entityid, + return_addrs, + timeslack, + asynchop=asynchop, + test=test, + conv_info=conv_info, + ) -class StatusResponse(object): +class StatusResponse: msgtype = "status_response" - def __init__(self, sec_context, return_addrs=None, timeslack=0, - request_id=0, asynchop=True, conv_info=None): + def __init__(self, sec_context, return_addrs=None, timeslack=0, request_id=0, asynchop=True, conv_info=None): self.sec = sec_context self.return_addrs = return_addrs or [] @@ -290,9 +307,9 @@ def _clear(self): def _postamble(self): if not self.response: - logger.error("Response was not correctly signed") + logger.warning("Response was not correctly signed") if self.xmlstr: - logger.info("Response: %s", self.xmlstr) + logger.debug("Response: %s", self.xmlstr) raise IncorrectlySigned() logger.debug("response: %s", self.response) @@ -300,7 +317,7 @@ def _postamble(self): try: valid_instance(self.response) except NotValid as exc: - logger.error("Not valid response: %s", exc.args[0]) + logger.warning("Not valid response: %s", exc.args[0]) self._clear() return self @@ -314,8 +331,7 @@ def load_instance(self, instance): self.response = self.sec.check_signature(instance) except SignatureError: # The response as a whole might be signed or not - self.response = self.sec.check_signature( - instance, samlp.NAMESPACE + ":Response") + self.response = self.sec.check_signature(instance, f"{samlp.NAMESPACE}:Response") else: self.not_signed = True self.response = instance @@ -325,8 +341,8 @@ def load_instance(self, instance): def _loads(self, xmldata, decode=True, origxml=None): # own copy - if isinstance(xmldata, six.binary_type): - self.xmlstr = xmldata[:].decode('utf-8') + if isinstance(xmldata, bytes): + self.xmlstr = xmldata[:].decode("utf-8") else: self.xmlstr = xmldata[:] logger.debug("xmlstr: %s", self.xmlstr) @@ -342,63 +358,50 @@ def _loads(self, xmldata, decode=True, origxml=None): try: self.response = self.signature_check( - xmldata, origdoc=origxml, must=self.require_signature, + xmldata, + origdoc=origxml, + must=self.require_signature, require_response_signature=self.require_response_signature, - **args) + **args, + ) except TypeError: raise except SignatureError: raise except Exception as excp: - logger.exception("EXCEPTION: %s", excp) + logger.exception("EXCEPTION: %s", str(excp)) raise - # print("<", self.response) - return self._postamble() def status_ok(self): status = self.response.status - logger.info("status: %s", status) + logger.debug("status: %s", status) if not status or status.status_code.value == samlp.STATUS_SUCCESS: return True - err_code = ( - status.status_code.status_code.value - if status.status_code.status_code - else None - ) - err_msg = ( - status.status_message.text - if status.status_message - else err_code or "Unknown error" - ) + err_code = status.status_code.status_code.value if status.status_code.status_code else None + err_msg = status.status_message.text if status.status_message else err_code or "Unknown error" err_cls = STATUSCODE2EXCEPTION.get(err_code, StatusError) - msg = "Unsuccessful operation: {status}\n{msg} from {code}".format( - status=status, msg=err_msg, code=err_code - ) - logger.info(msg) + msg = f"Unsuccessful operation: {status}\n{err_msg} from {err_code}" + logger.debug(msg) raise err_cls(msg) def issue_instant_ok(self): - """ Check that the response was issued at a reasonable time """ - upper = time_util.shift_time(time_util.time_in_a_while(days=1), - self.timeslack).timetuple() - lower = time_util.shift_time(time_util.time_a_while_ago(days=1), - -self.timeslack).timetuple() + """Check that the response was issued at a reasonable time""" + upper = time_util.shift_time(time_util.time_in_a_while(days=1), self.timeslack).timetuple() + lower = time_util.shift_time(time_util.time_a_while_ago(days=1), -self.timeslack).timetuple() # print("issue_instant: %s" % self.response.issue_instant) # print("%s < x < %s" % (lower, upper)) issued_at = str_to_time(self.response.issue_instant) return lower < issued_at < upper def _verify(self): - if self.request_id and self.in_response_to and \ - self.in_response_to != self.request_id: - logger.error("Not the id I expected: %s != %s", - self.in_response_to, self.request_id) + if self.request_id and self.in_response_to and self.in_response_to != self.request_id: + logger.error("Not the id I expected: %s != %s", self.in_response_to, self.request_id) return None if self.response.version != "2.0": @@ -409,11 +412,10 @@ def _verify(self): raise RequestVersionTooHigh() if self.asynchop: - if ( - self.response.destination - and self.response.destination not in self.return_addrs - ): - logger.error("destination '%s' not in return addresses '%s'", self.response.destination, self.return_addrs) + if self.response.destination and self.response.destination not in self.return_addrs: + logger.error( + "destination '%s' not in return addresses '%s'", self.response.destination, self.return_addrs + ) return None valid = self.issue_instant_ok() and self.status_ok() @@ -435,63 +437,63 @@ def update(self, mold): self.response = mold.response def issuer(self): - issuer_value = ( - self.response.issuer.text - if self.response.issuer is not None - else "" - ).strip() + issuer_value = (self.response.issuer.text if self.response.issuer is not None else "").strip() return issuer_value class LogoutResponse(StatusResponse): msgtype = "logout_response" - def __init__(self, sec_context, return_addrs=None, timeslack=0, - asynchop=True, conv_info=None): - StatusResponse.__init__(self, sec_context, return_addrs, timeslack, - asynchop=asynchop, conv_info=conv_info) + def __init__(self, sec_context, return_addrs=None, timeslack=0, asynchop=True, conv_info=None): + StatusResponse.__init__(self, sec_context, return_addrs, timeslack, asynchop=asynchop, conv_info=conv_info) self.signature_check = self.sec.correctly_signed_logout_response class NameIDMappingResponse(StatusResponse): msgtype = "name_id_mapping_response" - def __init__(self, sec_context, return_addrs=None, timeslack=0, - request_id=0, asynchop=True, conv_info=None): - StatusResponse.__init__(self, sec_context, return_addrs, timeslack, - request_id, asynchop, conv_info=conv_info) - self.signature_check = self.sec \ - .correctly_signed_name_id_mapping_response + def __init__(self, sec_context, return_addrs=None, timeslack=0, request_id=0, asynchop=True, conv_info=None): + StatusResponse.__init__(self, sec_context, return_addrs, timeslack, request_id, asynchop, conv_info=conv_info) + self.signature_check = self.sec.correctly_signed_name_id_mapping_response class ManageNameIDResponse(StatusResponse): msgtype = "manage_name_id_response" - def __init__(self, sec_context, return_addrs=None, timeslack=0, - request_id=0, asynchop=True, conv_info=None): - StatusResponse.__init__(self, sec_context, return_addrs, timeslack, - request_id, asynchop, conv_info=conv_info) + def __init__(self, sec_context, return_addrs=None, timeslack=0, request_id=0, asynchop=True, conv_info=None): + StatusResponse.__init__(self, sec_context, return_addrs, timeslack, request_id, asynchop, conv_info=conv_info) self.signature_check = self.sec.correctly_signed_manage_name_id_response # ---------------------------------------------------------------------------- + class AuthnResponse(StatusResponse): - """ This is where all the profile compliance is checked. - This one does saml2int compliance. """ + """This is where all the profile compliance is checked. + This one does saml2int compliance.""" + msgtype = "authn_response" - def __init__(self, sec_context, attribute_converters, entity_id, - return_addrs=None, outstanding_queries=None, - timeslack=0, asynchop=True, allow_unsolicited=False, - test=False, allow_unknown_attributes=False, - want_assertions_signed=False, - want_assertions_or_response_signed=False, - want_response_signed=False, - conv_info=None, **kwargs): - - StatusResponse.__init__(self, sec_context, return_addrs, timeslack, - asynchop=asynchop, conv_info=conv_info) + def __init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs=None, + outstanding_queries=None, + timeslack=0, + asynchop=True, + allow_unsolicited=False, + test=False, + allow_unknown_attributes=False, + want_assertions_signed=False, + want_assertions_or_response_signed=False, + want_response_signed=False, + conv_info=None, + **kwargs, + ): + + StatusResponse.__init__(self, sec_context, return_addrs, timeslack, asynchop=asynchop, conv_info=conv_info) self.entity_id = entity_id self.attribute_converters = attribute_converters if outstanding_queries: @@ -532,18 +534,15 @@ def loads(self, xmldata, decode=True, origxml=None): self.came_from = self.outstanding_queries[self.in_response_to] # del self.outstanding_queries[self.in_response_to] try: - if not self.check_subject_confirmation_in_response_to( - self.in_response_to): - raise UnsolicitedResponse( - "Unsolicited response: %s" % self.in_response_to) + if not self.check_subject_confirmation_in_response_to(self.in_response_to): + raise UnsolicitedResponse(f"Unsolicited response: {self.in_response_to}") except AttributeError: pass elif self.allow_unsolicited: # Should check that I haven't seen this before pass else: - raise UnsolicitedResponse( - "Unsolicited response: %s" % self.in_response_to) + raise UnsolicitedResponse(f"Unsolicited response: {self.in_response_to}") return self @@ -559,16 +558,15 @@ def authn_statement_ok(self, optional=False): if optional: return True else: - msg = "Invalid number of AuthnStatement found in Response: {n}".format(n=n_authn_statements) + msg = f"Invalid number of AuthnStatement found in Response: {n_authn_statements}" raise ValueError(msg) authn_statement = self.assertion.authn_statement[0] if authn_statement.session_not_on_or_after: - if validate_on_or_after(authn_statement.session_not_on_or_after, - self.timeslack): + if validate_on_or_after(authn_statement.session_not_on_or_after, self.timeslack): self.session_not_on_or_after = calendar.timegm( - time_util.str_to_time( - authn_statement.session_not_on_or_after)) + time_util.str_to_time(authn_statement.session_not_on_or_after) + ) else: return False return True @@ -594,18 +592,16 @@ def condition_ok(self, lax=False): # if both are present NotBefore must be earlier than NotOnOrAfter if conditions.not_before and conditions.not_on_or_after: - if not later_than(conditions.not_on_or_after, - conditions.not_before): + if not later_than(conditions.not_on_or_after, conditions.not_before): return False try: if conditions.not_on_or_after: - self.not_on_or_after = validate_on_or_after( - conditions.not_on_or_after, self.timeslack) + self.not_on_or_after = validate_on_or_after(conditions.not_on_or_after, self.timeslack) if conditions.not_before: validate_before(conditions.not_before, self.timeslack) except Exception as excp: - logger.error("Exception on conditions: %s", excp) + logger.error("Exception on conditions: %s", str(excp)) if not lax: raise else: @@ -613,13 +609,12 @@ def condition_ok(self, lax=False): if not for_me(conditions, self.entity_id): if not lax: - raise Exception("AudienceRestrictions conditions not satisfied! (Local entity_id=%s)" % self.entity_id) + raise Exception(f"AudienceRestrictions conditions not satisfied! (Local entity_id={self.entity_id})") if conditions.condition: # extra conditions for cond in conditions.condition: try: - if cond.extension_attributes[ - XSI_TYPE] in self.extension_schema: + if cond.extension_attributes[XSI_TYPE] in self.extension_schema: pass else: raise Exception("Unknown condition") @@ -657,13 +652,10 @@ def read_attribute_statement(self, attr_statem): # logger.debug("Converts name format: %s", aconv.name_format) self.decrypt_attributes(attr_statem) - return to_local(self.attribute_converters, attr_statem, - self.allow_unknown_attributes) + return to_local(self.attribute_converters, attr_statem, self.allow_unknown_attributes) def get_identity(self): - """ The assertion can contain zero or more attributeStatements - - """ + """The assertion can contain zero or more attributeStatements""" ava = {} for _assertion in self.assertions: if _assertion.advice: @@ -672,14 +664,15 @@ def get_identity(self): if tmp_assertion.attribute_statement: n_attr_statements = len(tmp_assertion.attribute_statement) if n_attr_statements != 1: - msg = "Invalid number of AuthnStatement found in Response: {n}".format(n=n_attr_statements) + msg = "Invalid number of AuthnStatement found in Response: {n}".format( + n=n_attr_statements + ) raise ValueError(msg) ava.update(self.read_attribute_statement(tmp_assertion.attribute_statement[0])) if _assertion.attribute_statement: - logger.debug("Assertion contains %s attribute statement(s)", - (len(self.assertion.attribute_statement))) + logger.debug("Assertion contains %s attribute statement(s)", (len(self.assertion.attribute_statement))) for _attr_statem in _assertion.attribute_statement: - logger.debug("Attribute Statement: %s" % (_attr_statem,)) + logger.debug(f"Attribute Statement: {_attr_statem}") ava.update(self.read_attribute_statement(_attr_statem)) if not ava: logger.debug("Assertion contains no attribute statements") @@ -705,8 +698,7 @@ def _bearer_confirmed(self, data): if self.asynchop and self.came_from is None: if data.in_response_to: if data.in_response_to in self.outstanding_queries: - self.came_from = self.outstanding_queries[ - data.in_response_to] + self.came_from = self.outstanding_queries[data.in_response_to] # del self.outstanding_queries[data.in_response_to] elif self.allow_unsolicited: pass @@ -715,11 +707,8 @@ def _bearer_confirmed(self, data): # Either in_response_to == None or has a value I don't # recognize logger.debug("in response to: '%s'", data.in_response_to) - logger.info("outstanding queries: %s", - self.outstanding_queries.keys()) - raise Exception( - "Combination of session id and requestURI I don't " - "recall") + logger.info("outstanding queries: %s", self.outstanding_queries.keys()) + raise Exception("Combination of session id and requestURI I don't " "recall") return True def _holder_of_key_confirmed(self, data): @@ -727,26 +716,20 @@ def _holder_of_key_confirmed(self, data): return False has_keyinfo = False - for element in extension_elements_to_elements(data.extension_elements, - [samlp, saml, xenc, ds]): + for element in extension_elements_to_elements(data.extension_elements, [samlp, saml, xenc, ds]): if isinstance(element, ds.KeyInfo): has_keyinfo = True return has_keyinfo def get_subject(self, keys=None): - """ The assertion must contain a Subject - """ + """The assertion must contain a Subject""" if not self.assertion: raise ValueError("Missing assertion") if not self.assertion.subject: - raise ValueError( - "Invalid assertion subject: {subject}".format( - subject=self.assertion.subject - ) - ) + raise ValueError(f"Invalid assertion subject: {self.assertion.subject}") subject = self.assertion.subject subjconf = [] @@ -765,8 +748,7 @@ def get_subject(self, keys=None): elif subject_confirmation.method == SCM_SENDER_VOUCHES: pass else: - raise ValueError("Unknown subject confirmation method: %s" % ( - subject_confirmation.method,)) + raise ValueError(f"Unknown subject confirmation method: {subject_confirmation.method}") _recip = _data.recipient if not _recip or not self.verify_recipient(_recip): @@ -785,9 +767,7 @@ def get_subject(self, keys=None): self.name_id = subject.name_id elif subject.encrypted_id: # decrypt encrypted ID - _name_id_str = self.sec.decrypt_keys( - subject.encrypted_id.encrypted_data.to_string(), keys=keys - ) + _name_id_str = self.sec.decrypt_keys(subject.encrypted_id.encrypted_data.to_string(), keys=keys) _name_id = saml.name_id_from_string(_name_id_str) self.name_id = _name_id @@ -801,7 +781,7 @@ def _assertion(self, assertion, verified=False): :return: True/False depending on if the assertion is sane or not """ - if not hasattr(assertion, 'signature') or not assertion.signature: + if not hasattr(assertion, "signature") or not assertion.signature: logger.debug("unsigned") if self.require_signature: raise SignatureError("Signature missing for assertion") @@ -809,10 +789,10 @@ def _assertion(self, assertion, verified=False): logger.debug("signed") if not verified and self.do_not_verify is False: try: - self.sec.check_signature(assertion, class_name(assertion), - self.xmlstr) + self.sec.check_signature(assertion, class_name(assertion), self.xmlstr) except Exception as exc: - logger.error("correctly_signed_response: %s", exc) + logger.error("The signature on the assertion cannot be verified.") + logger.debug("correctly_signed_response: %s", exc) raise self.assertion = assertion @@ -847,9 +827,8 @@ def _assertion(self, assertion, verified=False): logger.exception("get subject") raise - def decrypt_assertions(self, encrypted_assertions, decr_txt, issuer=None, - verified=False): - """ Moves the decrypted assertion from the encrypted assertion to a + def decrypt_assertions(self, encrypted_assertions, decr_txt, issuer=None, verified=False): + """Moves the decrypted assertion from the encrypted assertion to a list. :param encrypted_assertions: A list of encrypted assertions. @@ -863,21 +842,19 @@ def decrypt_assertions(self, encrypted_assertions, decr_txt, issuer=None, res = [] for encrypted_assertion in encrypted_assertions: if encrypted_assertion.extension_elements: - assertions = extension_elements_to_elements( - encrypted_assertion.extension_elements, [saml, samlp]) + assertions = extension_elements_to_elements(encrypted_assertion.extension_elements, [saml, samlp]) for assertion in assertions: if assertion.signature and not verified: if not self.sec.check_signature( - assertion, origdoc=decr_txt, - node_name=class_name(assertion), issuer=issuer): - logger.error("Failed to verify signature on '%s'", - assertion) + assertion, origdoc=decr_txt, node_name=class_name(assertion), issuer=issuer + ): + logger.error("Failed to verify signature on '%s'", assertion) raise SignatureError() res.append(assertion) return res def find_encrypt_data_assertion(self, enc_assertions): - """ Verifies if a list of encrypted assertions contains encrypted data. + """Verifies if a list of encrypted assertions contains encrypted data. :param enc_assertions: A list of encrypted assertions. :return: True encrypted data exists otherwise false. @@ -887,7 +864,7 @@ def find_encrypt_data_assertion(self, enc_assertions): return True def find_encrypt_data_assertion_list(self, _assertions): - """ Verifies if a list of assertions contains encrypted data in the + """Verifies if a list of assertions contains encrypted data in the advice element. :param _assertions: A list of assertions. @@ -896,13 +873,12 @@ def find_encrypt_data_assertion_list(self, _assertions): for _assertion in _assertions: if _assertion.advice: if _assertion.advice.encrypted_assertion: - res = self.find_encrypt_data_assertion( - _assertion.advice.encrypted_assertion) + res = self.find_encrypt_data_assertion(_assertion.advice.encrypted_assertion) if res: return True def find_encrypt_data(self, resp): - """ Verifies if a saml response contains encrypted assertions with + """Verifies if a saml response contains encrypted assertions with encrypted data. :param resp: A saml response. @@ -916,14 +892,13 @@ def find_encrypt_data(self, resp): for tmp_assertion in resp.assertion: if tmp_assertion.advice: if tmp_assertion.advice.encrypted_assertion: - res = self.find_encrypt_data_assertion( - tmp_assertion.advice.encrypted_assertion) + res = self.find_encrypt_data_assertion(tmp_assertion.advice.encrypted_assertion) if res: return True return False def parse_assertion(self, keys=None): - """ Parse the assertions for a saml response. + """Parse the assertions for a saml response. :param keys: A string representing a RSA key or a list of strings containing RSA keys. @@ -937,11 +912,7 @@ def parse_assertion(self, keys=None): n_assertions = len(self.response.assertion) n_assertions_enc = len(self.response.encrypted_assertion) if n_assertions != 1 and n_assertions_enc != 1 and self.assertion is None: - raise InvalidAssertion( - "Invalid number of assertions in Response: {n}".format( - n=n_assertions+n_assertions_enc - ) - ) + raise InvalidAssertion(f"Invalid number of assertions in Response: {n_assertions + n_assertions_enc}") if self.response.assertion: logger.debug("***Unencrypted assertion***") @@ -960,39 +931,34 @@ def parse_assertion(self, keys=None): decr_text_old = decr_text try: decr_text = self.sec.decrypt_keys(decr_text, keys=keys) - except DecryptError as e: + except DecryptError: continue else: resp = samlp.response_from_string(decr_text) # check and prepare for comparison between str and unicode if type(decr_text_old) != type(decr_text): - if isinstance(decr_text_old, six.binary_type): + if isinstance(decr_text_old, bytes): decr_text_old = decr_text_old.decode("utf-8") else: decr_text_old = decr_text_old.encode("utf-8") - _enc_assertions = self.decrypt_assertions( - resp.encrypted_assertion, decr_text - ) + _enc_assertions = self.decrypt_assertions(resp.encrypted_assertion, decr_text) decr_text_old = None while ( - self.find_encrypt_data(resp) - or self.find_encrypt_data_assertion_list(_enc_assertions) + self.find_encrypt_data(resp) or self.find_encrypt_data_assertion_list(_enc_assertions) ) and decr_text_old != decr_text: decr_text_old = decr_text try: decr_text = self.sec.decrypt_keys(decr_text, keys=keys) - except DecryptError as e: + except DecryptError: continue else: resp = samlp.response_from_string(decr_text) - _enc_assertions = self.decrypt_assertions( - resp.encrypted_assertion, decr_text, verified=True - ) + _enc_assertions = self.decrypt_assertions(resp.encrypted_assertion, decr_text, verified=True) # check and prepare for comparison between str and unicode if type(decr_text_old) != type(decr_text): - if isinstance(decr_text_old, six.binary_type): + if isinstance(decr_text_old, bytes): decr_text_old = decr_text_old.decode("utf-8") else: decr_text_old = decr_text_old.encode("utf-8") @@ -1006,9 +972,8 @@ def parse_assertion(self, keys=None): if tmp_ass.advice and tmp_ass.advice.encrypted_assertion: advice_res = self.decrypt_assertions( - tmp_ass.advice.encrypted_assertion, - decr_text, - tmp_ass.issuer) + tmp_ass.advice.encrypted_assertion, decr_text, tmp_ass.issuer + ) if tmp_ass.advice.assertion: tmp_ass.advice.assertion.extend(advice_res) else: @@ -1036,12 +1001,12 @@ def parse_assertion(self, keys=None): if self.context == "AuthnReq" or self.context == "AttrQuery": self.ava = self.get_identity() - logger.debug("--- AVA: {0}".format(self.ava)) + logger.debug(f"--- AVA: {self.ava}") return True def verify(self, keys=None): - """ Verify that the assertion is syntactically correct and the + """Verify that the assertion is syntactically correct and the signature is correct if present. :param keys: If not the default key file should be used then use one @@ -1051,7 +1016,7 @@ def verify(self, keys=None): try: res = self._verify() except AssertionError as err: - logger.error("Verification error on the response: %s", err) + logger.error("Verification error on the response: %s", str(err)) raise else: if not res: @@ -1067,33 +1032,29 @@ def verify(self, keys=None): return None def session_id(self): - """ Returns the SessionID of the response """ + """Returns the SessionID of the response""" return self.response.in_response_to def id(self): - """ Return the ID of the response """ + """Return the ID of the response""" return self.response.id def authn_info(self): res = [] - for statement in getattr(self.assertion, 'authn_statement', []): + for statement in getattr(self.assertion, "authn_statement", []): authn_instant = getattr(statement, "authn_instant", "") context = statement.authn_context if not context: continue - try: - authn_class = ( - context.authn_context_class_ref.text - or context.authn_context_decl_ref.text - ) - except AttributeError: - authn_class = "" - - authenticating_authorities = getattr( - context, "authenticating_authority", [] + authn_class = ( + getattr(context.authn_context_class_ref, "text", None) + or getattr(context.authn_context_decl_ref, "text", None) + or "" ) + + authenticating_authorities = getattr(context, "authenticating_authority", []) authn_auth = [authority.text for authority in authenticating_authorities] res.append((authn_class, authn_auth, authn_instant)) @@ -1107,7 +1068,7 @@ def authz_decision_info(self): return res def session_info(self): - """ Returns a predefined set of information gleened from the + """Returns a predefined set of information gleened from the response. :returns: Dictionary with information """ @@ -1117,19 +1078,26 @@ def session_info(self): nooa = self.not_on_or_after if self.context == "AuthzQuery": - return {"name_id": self.name_id, "came_from": self.came_from, - "issuer": self.issuer(), "not_on_or_after": nooa, - "authz_decision_info": self.authz_decision_info()} - elif getattr(self.assertion, 'authn_statement', None): + return { + "name_id": self.name_id, + "came_from": self.came_from, + "issuer": self.issuer(), + "not_on_or_after": nooa, + "authz_decision_info": self.authz_decision_info(), + } + elif getattr(self.assertion, "authn_statement", None): authn_statement = self.assertion.authn_statement[0] - return {"ava": self.ava, "name_id": self.name_id, - "came_from": self.came_from, "issuer": self.issuer(), - "not_on_or_after": nooa, "authn_info": self.authn_info(), - "session_index": authn_statement.session_index} + return { + "ava": self.ava, + "name_id": self.name_id, + "came_from": self.came_from, + "issuer": self.issuer(), + "not_on_or_after": nooa, + "authn_info": self.authn_info(), + "session_index": authn_statement.session_index, + } else: - raise StatusInvalidAuthnResponseStatement( - "The Authn Response Statement is not valid" - ) + raise StatusInvalidAuthnResponseStatement("The Authn Response Statement is not valid") def __str__(self): return self.xmlstr @@ -1148,7 +1116,7 @@ def verify_recipient(self, recipient): _info = self.conv_info try: - if recipient == _info['entity_id']: + if recipient == _info["entity_id"]: return True except KeyError: pass @@ -1170,16 +1138,16 @@ def verify_attesting_entity(self, subject_confirmation): """ try: - address = self.conv_info['remote_addr'] + address = self.conv_info["remote_addr"] except KeyError: - address = '0.0.0.0' + address = "0.0.0.0" correct = 0 for subject_conf in subject_confirmation: if subject_conf.subject_confirmation_data is None: correct += 1 # In reality undefined elif subject_conf.subject_confirmation_data.address: - if address == '0.0.0.0': # accept anything + if address == "0.0.0.0": # accept anything correct += 1 elif subject_conf.subject_confirmation_data.address == address: correct += 1 @@ -1195,13 +1163,28 @@ def verify_attesting_entity(self, subject_confirmation): class AuthnQueryResponse(AuthnResponse): msgtype = "authn_query_response" - def __init__(self, sec_context, attribute_converters, entity_id, - return_addrs=None, timeslack=0, asynchop=False, test=False, - conv_info=None): - AuthnResponse.__init__(self, sec_context, attribute_converters, - entity_id, return_addrs, timeslack=timeslack, - asynchop=asynchop, test=test, - conv_info=conv_info) + def __init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs=None, + timeslack=0, + asynchop=False, + test=False, + conv_info=None, + ): + AuthnResponse.__init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs, + timeslack=timeslack, + asynchop=asynchop, + test=test, + conv_info=conv_info, + ) self.entity_id = entity_id self.attribute_converters = attribute_converters self.assertion = None @@ -1214,13 +1197,28 @@ def condition_ok(self, lax=False): # Should I care about conditions ? class AttributeResponse(AuthnResponse): msgtype = "attribute_response" - def __init__(self, sec_context, attribute_converters, entity_id, - return_addrs=None, timeslack=0, asynchop=False, test=False, - conv_info=None): - AuthnResponse.__init__(self, sec_context, attribute_converters, - entity_id, return_addrs, timeslack=timeslack, - asynchop=asynchop, test=test, - conv_info=conv_info) + def __init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs=None, + timeslack=0, + asynchop=False, + test=False, + conv_info=None, + ): + AuthnResponse.__init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs, + timeslack=timeslack, + asynchop=asynchop, + test=test, + conv_info=conv_info, + ) self.entity_id = entity_id self.attribute_converters = attribute_converters self.assertion = None @@ -1228,16 +1226,31 @@ def __init__(self, sec_context, attribute_converters, entity_id, class AuthzResponse(AuthnResponse): - """ A successful response will be in the form of assertions containing + """A successful response will be in the form of assertions containing authorization decision statements.""" + msgtype = "authz_decision_response" - def __init__(self, sec_context, attribute_converters, entity_id, - return_addrs=None, timeslack=0, asynchop=False, - conv_info=None): - AuthnResponse.__init__(self, sec_context, attribute_converters, - entity_id, return_addrs, timeslack=timeslack, - asynchop=asynchop, conv_info=conv_info) + def __init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs=None, + timeslack=0, + asynchop=False, + conv_info=None, + ): + AuthnResponse.__init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs, + timeslack=timeslack, + asynchop=asynchop, + conv_info=conv_info, + ) self.entity_id = entity_id self.attribute_converters = attribute_converters self.assertion = None @@ -1247,23 +1260,48 @@ def __init__(self, sec_context, attribute_converters, entity_id, class ArtifactResponse(AuthnResponse): msgtype = "artifact_response" - def __init__(self, sec_context, attribute_converters, entity_id, - return_addrs=None, timeslack=0, asynchop=False, test=False, - conv_info=None): - AuthnResponse.__init__(self, sec_context, attribute_converters, - entity_id, return_addrs, timeslack=timeslack, - asynchop=asynchop, test=test, - conv_info=conv_info) + def __init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs=None, + timeslack=0, + asynchop=False, + test=False, + conv_info=None, + ): + AuthnResponse.__init__( + self, + sec_context, + attribute_converters, + entity_id, + return_addrs, + timeslack=timeslack, + asynchop=asynchop, + test=test, + conv_info=conv_info, + ) self.entity_id = entity_id self.attribute_converters = attribute_converters self.assertion = None self.context = "ArtifactResolve" -def response_factory(xmlstr, conf, return_addrs=None, outstanding_queries=None, - timeslack=0, decode=True, request_id=0, origxml=None, - asynchop=True, allow_unsolicited=False, - want_assertions_signed=False, conv_info=None): +def response_factory( + xmlstr, + conf, + return_addrs=None, + outstanding_queries=None, + timeslack=0, + decode=True, + request_id=0, + origxml=None, + asynchop=True, + allow_unsolicited=False, + want_assertions_signed=False, + conv_info=None, +): sec_context = security_context(conf) if not timeslack: try: @@ -1275,24 +1313,29 @@ def response_factory(xmlstr, conf, return_addrs=None, outstanding_queries=None, entity_id = conf.entityid extension_schema = conf.extension_schema - response = StatusResponse(sec_context, return_addrs, timeslack, request_id, - asynchop, conv_info=conv_info) + response = StatusResponse(sec_context, return_addrs, timeslack, request_id, asynchop, conv_info=conv_info) try: response.loads(xmlstr, decode, origxml) if response.response.assertion or response.response.encrypted_assertion: authnresp = AuthnResponse( - sec_context, attribute_converters, entity_id, return_addrs, - outstanding_queries, timeslack, asynchop, allow_unsolicited, + sec_context, + attribute_converters, + entity_id, + return_addrs, + outstanding_queries, + timeslack, + asynchop, + allow_unsolicited, extension_schema=extension_schema, want_assertions_signed=want_assertions_signed, - conv_info=conv_info) + conv_info=conv_info, + ) authnresp.update(response) return authnresp except TypeError: response.signature_check = sec_context.correctly_signed_logout_response response.loads(xmlstr, decode, origxml) - logoutresp = LogoutResponse(sec_context, return_addrs, timeslack, - asynchop=asynchop, conv_info=conv_info) + logoutresp = LogoutResponse(sec_context, return_addrs, timeslack, asynchop=asynchop, conv_info=conv_info) logoutresp.update(response) return logoutresp @@ -1303,11 +1346,10 @@ def response_factory(xmlstr, conf, return_addrs=None, outstanding_queries=None, # A class of it's own -class AssertionIDResponse(object): +class AssertionIDResponse: msgtype = "assertion_id_response" - def __init__(self, sec_context, attribute_converters, timeslack=0, - **kwargs): + def __init__(self, sec_context, attribute_converters, timeslack=0, **kwargs): self.sec = sec_context self.timeslack = timeslack @@ -1343,7 +1385,7 @@ def loads(self, xmldata, decode=True, origxml=None): except SignatureError: raise except Exception as excp: - logger.exception("EXCEPTION: %s", excp) + logger.exception("EXCEPTION: %s", str(excp)) raise # print("<", self.response) @@ -1360,9 +1402,9 @@ def verify(self, keys=None): def _postamble(self): if not self.response: - logger.error("Response was not correctly signed") + logger.warning("Response was not correctly signed") if self.xmlstr: - logger.info("Response: %s", self.xmlstr) + logger.debug("Response: %s", self.xmlstr) raise IncorrectlySigned() logger.debug("response: %s", self.response) diff --git a/src/saml2/s2repoze/__init__.py b/src/saml2/s2repoze/__init__.py index 766c3cb1b..1b3570aba 100644 --- a/src/saml2/s2repoze/__init__.py +++ b/src/saml2/s2repoze/__init__.py @@ -1,2 +1 @@ -# -*- coding: utf-8 -*- # Created by Roland Hedberg diff --git a/src/saml2/s2repoze/plugins/__init__.py b/src/saml2/s2repoze/plugins/__init__.py index 40a96afc6..e69de29bb 100644 --- a/src/saml2/s2repoze/plugins/__init__.py +++ b/src/saml2/s2repoze/plugins/__init__.py @@ -1 +0,0 @@ -# -*- coding: utf-8 -*- diff --git a/src/saml2/s2repoze/plugins/challenge_decider.py b/src/saml2/s2repoze/plugins/challenge_decider.py index 70eb89591..141f0349a 100644 --- a/src/saml2/s2repoze/plugins/challenge_decider.py +++ b/src/saml2/s2repoze/plugins/challenge_decider.py @@ -1,12 +1,12 @@ -from paste.request import construct_url -import zope.interface -from repoze.who.interfaces import IRequestClassifier +import re -from paste.httpheaders import REQUEST_METHOD from paste.httpheaders import CONTENT_TYPE +from paste.httpheaders import REQUEST_METHOD from paste.httpheaders import USER_AGENT +from paste.request import construct_url +from repoze.who.interfaces import IRequestClassifier +import zope.interface -import re _DAV_METHODS = ( "OPTIONS", @@ -35,7 +35,7 @@ def my_request_classifier(environ): - """ Returns one of the classifiers 'dav', 'xmlpost', or 'browser', + """Returns one of the classifiers 'dav', 'xmlpost', or 'browser', depending on the imperative logic below""" request_method = REQUEST_METHOD(environ) if request_method in _DAV_METHODS: @@ -65,7 +65,7 @@ def __call__(self, environ, status, _headers): if status.startswith("401 "): return True else: - if environ.has_key("samlsp.pending"): + if "samlsp.pending" in environ: return True uri = environ.get("REQUEST_URI", None) @@ -80,7 +80,7 @@ def __call__(self, environ, status, _headers): # If the user is already authent, whatever happens(except logout), # don't make a challenge - if environ.has_key("repoze.who.identity"): + if "repoze.who.identity" in environ: return False # require a challenge for login diff --git a/src/saml2/s2repoze/plugins/entitlement.py b/src/saml2/s2repoze/plugins/entitlement.py index 12776200f..81bc0cc5f 100644 --- a/src/saml2/s2repoze/plugins/entitlement.py +++ b/src/saml2/s2repoze/plugins/entitlement.py @@ -1,13 +1,12 @@ #!/usr/bin/env python import shelve -from zope.interface import implements - # from repoze.who.interfaces import IChallenger, IIdentifier, IAuthenticator from repoze.who.interfaces import IMetadataProvider +from zope.interface import implements -class EntitlementMetadataProvider(object): +class EntitlementMetadataProvider: implements(IMetadataProvider) @@ -64,13 +63,13 @@ def add_metadata(self, environ, identity): vorg = environ["myapp.vo"] try: ents = user["entitlement"][vorg] - identity["user"] = {"entitlement": ["%s:%s" % (vorg, e) for e in ents]} + identity["user"] = {"entitlement": [f"{vorg}:{e}" for e in ents]} except KeyError: pass except KeyError: res = [] for vorg, ents in user["entitlement"].items(): - res.extend(["%s:%s" % (vorg, e) for e in ents]) + res.extend([f"{vorg}:{e}" for e in ents]) identity["user"] = res diff --git a/src/saml2/s2repoze/plugins/formswithhidden.py b/src/saml2/s2repoze/plugins/formswithhidden.py index 7b8132116..8c120f076 100644 --- a/src/saml2/s2repoze/plugins/formswithhidden.py +++ b/src/saml2/s2repoze/plugins/formswithhidden.py @@ -1,19 +1,17 @@ -from six.moves.urllib.parse import urlencode +from urllib.parse import urlencode +from paste.httpexceptions import HTTPFound from paste.httpheaders import CONTENT_LENGTH from paste.httpheaders import CONTENT_TYPE from paste.httpheaders import LOCATION -from paste.httpexceptions import HTTPFound - +from paste.request import construct_url from paste.request import parse_dict_querystring from paste.request import parse_formvars -from paste.request import construct_url - -from zope.interface import implements - from repoze.who.interfaces import IChallenger from repoze.who.interfaces import IIdentifier from repoze.who.plugins.form import FormPlugin +from zope.interface import implements + _DEFAULT_FORM = """ @@ -94,7 +92,7 @@ def challenge(self, environ, status, app_headers, forget_headers): query = parse_dict_querystring(environ) hidden = [] for key, val in query.items(): - hidden.append(HIDDEN_PRE_LINE % ("_%s_" % key, val)) + hidden.append(HIDDEN_PRE_LINE % (f"_{key}_", val)) logger.info("hidden: %s", hidden) form = self.formbody or _DEFAULT_FORM @@ -115,11 +113,9 @@ def auth_form(environ, start_response): def make_plugin(login_form_qs="__do_login", rememberer_name=None, form=None): if rememberer_name is None: - raise ValueError( - "must include rememberer key (name of another IIdentifier plugin)" - ) + raise ValueError("must include rememberer key (name of another IIdentifier plugin)") if form is not None: - with open(form, "r") as f: + with open(form) as f: form = f.read() plugin = FormHiddenPlugin(login_form_qs, rememberer_name, form) return plugin diff --git a/src/saml2/s2repoze/plugins/ini.py b/src/saml2/s2repoze/plugins/ini.py index 4ef063515..ef36c6f47 100644 --- a/src/saml2/s2repoze/plugins/ini.py +++ b/src/saml2/s2repoze/plugins/ini.py @@ -1,12 +1,11 @@ import ConfigParser -from zope.interface import implements - # from repoze.who.interfaces import IChallenger, IIdentifier, IAuthenticator from repoze.who.interfaces import IMetadataProvider +from zope.interface import implements -class INIMetadataProvider(object): +class INIMetadataProvider: implements(IMetadataProvider) diff --git a/src/saml2/s2repoze/plugins/sp.py b/src/saml2/s2repoze/plugins/sp.py index c230e0f69..7079d96fe 100644 --- a/src/saml2/s2repoze/plugins/sp.py +++ b/src/saml2/s2repoze/plugins/sp.py @@ -5,67 +5,71 @@ WSGI application. """ +from io import StringIO import logging -import sys import platform import shelve +import sys import traceback -import saml2 -import six -from saml2.samlp import Extensions -from saml2 import xmldsig as ds - -from six import StringIO -from six.moves.urllib import parse +from urllib import parse -from paste.httpexceptions import HTTPSeeOther, HTTPRedirection -from paste.httpexceptions import HTTPNotImplemented from paste.httpexceptions import HTTPInternalServerError -from paste.request import parse_dict_querystring +from paste.httpexceptions import HTTPNotImplemented +from paste.httpexceptions import HTTPRedirection +from paste.httpexceptions import HTTPSeeOther from paste.request import construct_url -from saml2.extension.pefim import SPCertEnc -from saml2.httputil import getpath, SeeOther -from saml2.client_base import ECP_SERVICE, MIME_PAOS -from zope.interface import implementer - -from repoze.who.interfaces import IChallenger, IIdentifier, IAuthenticator +from paste.request import parse_dict_querystring +from repoze.who.interfaces import IAuthenticator +from repoze.who.interfaces import IChallenger +from repoze.who.interfaces import IIdentifier from repoze.who.interfaces import IMetadataProvider +from zope.interface import implementer -from saml2 import ecp, BINDING_HTTP_REDIRECT, element_to_extension_element from saml2 import BINDING_HTTP_POST - +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import ecp +from saml2 import element_to_extension_element +from saml2 import xmldsig as ds from saml2.client import Saml2Client -from saml2.ident import code, decode -from saml2.s_utils import sid +from saml2.client_base import ECP_SERVICE +from saml2.client_base import MIME_PAOS from saml2.config import config_factory +from saml2.extension.pefim import SPCertEnc +from saml2.httputil import SeeOther +from saml2.httputil import getpath +from saml2.ident import code +from saml2.ident import decode from saml2.profile import paos +from saml2.s_utils import sid +from saml2.samlp import Extensions + # from saml2.population import Population # from saml2.attribute_resolver import AttributeResolver logger = logging.getLogger(__name__) -PAOS_HEADER_INFO = 'ver="%s";"%s"' % (paos.NAMESPACE, ECP_SERVICE) +PAOS_HEADER_INFO = f'ver="{paos.NAMESPACE}";"{ECP_SERVICE}"' def construct_came_from(environ): - """ The URL that the user used when the process where interupted - for single-sign-on processing. """ + """The URL that the user used when the process where interupted + for single-sign-on processing.""" came_from = environ.get("PATH_INFO") qstr = environ.get("QUERY_STRING", "") if qstr: - came_from += "?" + qstr + came_from += f"?{qstr}" return came_from def exception_trace(tag, exc, log): message = traceback.format_exception(*sys.exc_info()) - log.error("[%s] ExcList: %s" % (tag, "".join(message))) - log.error("[%s] Exception: %s" % (tag, exc)) + log.error(f"[{tag}] ExcList: {''.join(message)}") + log.error(f"[{tag}] Exception: {exc}") -class ECP_response(object): +class ECP_response: code = 200 title = "OK" @@ -74,14 +78,12 @@ def __init__(self, content): # noinspection PyUnusedLocal def __call__(self, environ, start_response): - start_response( - "%s %s" % (self.code, self.title), [("Content-Type", "text/xml")] - ) + start_response(f"{self.code} {self.title}", [("Content-Type", "text/xml")]) return [self.content] @implementer(IChallenger, IIdentifier, IAuthenticator, IMetadataProvider) -class SAML2Plugin(object): +class SAML2Plugin: def __init__( self, rememberer_name, @@ -101,23 +103,17 @@ def __init__( self.cache = cache self.discosrv = discovery self.idp_query_param = idp_query_param - self.logout_endpoints = [ - parse.urlparse(ep).path for ep in config.endpoint("single_logout_service") - ] + self.logout_endpoints = [parse.urlparse(ep).path for ep in config.endpoint("single_logout_service")] try: self.metadata = self.conf.metadata except KeyError: self.metadata = None if sid_store: - self.outstanding_queries = shelve.open( - sid_store, writeback=True, protocol=2 - ) + self.outstanding_queries = shelve.open(sid_store, writeback=True, protocol=2) else: self.outstanding_queries = {} if sid_store_cert: - self.outstanding_certs = shelve.open( - sid_store_cert, writeback=True, protocol=2 - ) + self.outstanding_certs = shelve.open(sid_store_cert, writeback=True, protocol=2) else: self.outstanding_certs = {} @@ -127,12 +123,12 @@ def _get_rememberer(self, environ): rememberer = environ["repoze.who.plugins"][self.rememberer_name] return rememberer - #### IIdentifier #### + # #### IIdentifier #### def remember(self, environ, identity): rememberer = self._get_rememberer(environ) return rememberer.remember(environ, identity) - #### IIdentifier #### + # #### IIdentifier #### def forget(self, environ, identity): rememberer = self._get_rememberer(environ) return rememberer.forget(environ, identity) @@ -166,7 +162,7 @@ def _wayf_redirect(self, came_from): sid_ = sid() self.outstanding_queries[sid_] = came_from logger.info("Redirect to WAYF function: %s", self.wayf) - return -1, HTTPSeeOther(headers=[("Location", "%s?%s" % (self.wayf, sid_))]) + return -1, HTTPSeeOther(headers=[("Location", f"{self.wayf}?{sid_}")]) # noinspection PyUnusedLocal def _pick_idp(self, environ, came_from): @@ -222,7 +218,6 @@ def _pick_idp(self, environ, came_from): break except KeyError: logger.debug("No IdP entity ID in query: %s", query) - pass if idp_entity_id is None: if len(idps) == 1: @@ -245,21 +240,15 @@ def _pick_idp(self, environ, came_from): return self._wayf_redirect(came_from) elif self.discosrv: if query: - idp_entity_id = _cli.parse_discovery_service_response( - query=environ.get("QUERY_STRING") - ) + idp_entity_id = _cli.parse_discovery_service_response(query=environ.get("QUERY_STRING")) else: sid_ = sid() self.outstanding_queries[sid_] = came_from logger.debug("Redirect to Discovery Service function") eid = _cli.config.entityid - ret = _cli.config.getattr("endpoints", "sp")[ - "discovery_response" - ][0][0] - ret += "?sid=%s" % sid_ - loc = _cli.create_discovery_service_request( - self.discosrv, eid, **{"return": ret} - ) + ret = _cli.config.getattr("endpoints", "sp")["discovery_response"][0][0] + ret += f"?sid={sid_}" + loc = _cli.create_discovery_service_request(self.discosrv, eid, **{"return": ret}) return -1, SeeOther(loc) else: @@ -268,7 +257,7 @@ def _pick_idp(self, environ, came_from): logger.info("Chosen IdP: '%s'", idp_entity_id) return 0, idp_entity_id - #### IChallenger #### + # #### IChallenger #### # noinspection PyUnusedLocal def challenge(self, environ, _status, _app_headers, _forget_headers): _cli = self.saml_client @@ -277,7 +266,6 @@ def challenge(self, environ, _status, _app_headers, _forget_headers): name_id = decode(environ["REMOTE_USER"]) _cli = self.saml_client - path_info = environ["PATH_INFO"] if "samlsp.logout" in environ: responses = _cli.global_logout(name_id) @@ -335,14 +323,8 @@ def challenge(self, environ, _status, _app_headers, _forget_headers): if _cli.config.generate_cert_func is not None: cert_str, req_key_str = _cli.config.generate_cert_func() cert = {"cert": cert_str, "key": req_key_str} - spcertenc = SPCertEnc( - x509_data=ds.X509Data( - x509_certificate=ds.X509Certificate(text=cert_str) - ) - ) - extensions = Extensions( - extension_elements=[element_to_extension_element(spcertenc)] - ) + spcertenc = SPCertEnc(x509_data=ds.X509Data(x509_certificate=ds.X509Certificate(text=cert_str))) + extensions = Extensions(extension_elements=[element_to_extension_element(spcertenc)]) if _cli.authn_requests_signed: _sid = sid() @@ -361,7 +343,7 @@ def challenge(self, environ, _status, _app_headers, _forget_headers): sign=False, extensions=extensions, ) - msg_str = "%s" % req + msg_str = f"{req}" _sid = req_id if cert is not None: @@ -377,18 +359,17 @@ def challenge(self, environ, _status, _app_headers, _forget_headers): logger.debug("ht_args: %s", ht_args) except Exception as exc: - logger.exception(exc) - raise Exception("Failed to construct the AuthnRequest: %s" % exc) + logger.exception(f"Failed to construct the AuthnRequest: {str(exc)}") + raise Exception(f"Failed to construct the AuthnRequest: {exc}") try: + path_info = environ.get("PATH_INFO") ret = _cli.config.getattr("endpoints", "sp")["discovery_response"][0][0] - if (environ["PATH_INFO"]) in ret and ret.split(environ["PATH_INFO"])[ - 1 - ] == "": + if path_info in ret and ret.split(path_info)[1] == "": query = parse.parse_qs(environ["QUERY_STRING"]) result_sid = query["sid"][0] came_from = self.outstanding_queries[result_sid] - except: + except Exception: pass # remember the request self.outstanding_queries[_sid] = came_from @@ -426,12 +407,12 @@ def _eval_authn_response(self, environ, post, binding=BINDING_HTTP_POST): ) except Exception as excp: - logger.exception("Exception: %s" % (excp,)) + logger.exception(f"Exception: {excp}") raise session_info = authresp.session_info() except TypeError as excp: - logger.exception("Exception: %s" % (excp,)) + logger.exception(f"Exception: {excp}") return None if session_info["came_from"]: @@ -455,7 +436,7 @@ def do_ecp_response(self, body, environ): return session_info - #### IIdentifier #### + # #### IIdentifier #### def identify(self, environ): """ Tries to do the identification @@ -508,7 +489,7 @@ def identify(self, environ): ) environ["samlsp.pending"] = self._handle_logout(response) return {} - except: + except Exception: import traceback traceback.print_exc() @@ -526,9 +507,7 @@ def identify(self, environ): # check for SAML2 authN response try: if logout: - response = self.saml_client.parse_logout_request_response( - post["SAMLResponse"][0], binding - ) + response = self.saml_client.parse_logout_request_response(post["SAMLResponse"][0], binding) if response: action = self.saml_client.handle_logout_response(response) @@ -540,9 +519,7 @@ def identify(self, environ): environ["samlsp.pending"] = request return {} else: - session_info = self._eval_authn_response( - environ, post, binding=binding - ) + session_info = self._eval_authn_response(environ, post, binding=binding) except Exception as err: environ["s2repoze.saml_error"] = err return {} @@ -572,14 +549,14 @@ def identify(self, environ): # IMetadataProvider def add_metadata(self, environ, identity): - """ Add information to the knowledge I have about the user """ + """Add information to the knowledge I have about the user""" name_id = identity["repoze.who.userid"] - if isinstance(name_id, six.string_types): + if isinstance(name_id, str): try: # Make sure that userids authenticated by another plugin # don't cause problems here. name_id = decode(name_id) - except: + except Exception: pass _cli = self.saml_client @@ -610,10 +587,7 @@ def add_metadata(self, environ, identity): # expanded identity["pysaml2_vo_expanded"] = 1 except KeyError: - logger.exception( - "Failed to do attribute aggregation, " - "missing common attribute" - ) + logger.exception("Failed to do attribute aggregation, " "missing common attribute") logger.debug("[add_metadata] returns: %s", dict(identity)) if not identity["user"]: @@ -629,15 +603,14 @@ def _service_url(environ, qstr=None): url = construct_url(environ) return url - #### IAuthenticatorPlugin #### + # #### IAuthenticatorPlugin #### # noinspection PyUnusedLocal def authenticate(self, environ, identity=None): if identity: if ( identity.get("user") and environ.get("s2repoze.sessioninfo") - and identity.get("user") - == environ.get("s2repoze.sessioninfo").get("ava") + and identity.get("user") == environ.get("s2repoze.sessioninfo").get("ava") ): return identity.get("login") tktuser = identity.get("repoze.who.plugins.auth_tkt.userid", None) @@ -686,7 +659,5 @@ def make_plugin( virtual_organization=virtual_organization, ) - plugin = SAML2Plugin( - remember_name, conf, scl, wayf, cache, sid_store, discovery, idp_query_param - ) + plugin = SAML2Plugin(remember_name, conf, scl, wayf, cache, sid_store, discovery, idp_query_param) return plugin diff --git a/src/saml2/s_utils.py b/src/saml2/s_utils.py index c2e8ef71a..04a19c9ec 100644 --- a/src/saml2/s_utils.py +++ b/src/saml2/s_utils.py @@ -10,11 +10,9 @@ import traceback import zlib -import six - +from saml2 import VERSION from saml2 import saml from saml2 import samlp -from saml2 import VERSION from saml2.time_util import instant @@ -89,9 +87,28 @@ class UnravelError(Exception): Exception: samlp.STATUS_AUTHN_FAILED, } -GENERIC_DOMAINS = ["aero", "asia", "biz", "cat", "com", "coop", "edu", - "gov", "info", "int", "jobs", "mil", "mobi", "museum", - "name", "net", "org", "pro", "tel", "travel"] +GENERIC_DOMAINS = [ + "aero", + "asia", + "biz", + "cat", + "com", + "coop", + "edu", + "gov", + "info", + "int", + "jobs", + "mil", + "mobi", + "museum", + "name", + "net", + "org", + "pro", + "tel", + "travel", +] def valid_email(emailaddress, domains=GENERIC_DOMAINS): @@ -104,8 +121,8 @@ def valid_email(emailaddress, domains=GENERIC_DOMAINS): # Split up email address into parts. try: - localpart, domainname = emailaddress.rsplit('@', 1) - host, toplevel = domainname.rsplit('.', 1) + localpart, domainname = emailaddress.rsplit("@", 1) + host, toplevel = domainname.rsplit(".", 1) except ValueError: return False # Address does not have enough parts. @@ -113,9 +130,9 @@ def valid_email(emailaddress, domains=GENERIC_DOMAINS): if len(toplevel) != 2 and toplevel not in domains: return False # Not a domain name. - for i in '-_.%+.': + for i in "-_.%+.": localpart = localpart.replace(i, "") - for i in '-_.': + for i in "-_.": host = host.replace(i, "") if localpart.isalnum() and host.isalnum(): @@ -125,7 +142,7 @@ def valid_email(emailaddress, domains=GENERIC_DOMAINS): def decode_base64_and_inflate(string): - """ base64 decodes and then inflates according to RFC1951 + """base64 decodes and then inflates according to RFC1951 :param string: a deflated and encoded string :return: the string after decoding and inflating @@ -141,8 +158,8 @@ def deflate_and_base64_encode(string_val): :param string_val: The string to deflate and encode :return: The deflated and encoded string """ - if not isinstance(string_val, six.binary_type): - string_val = string_val.encode('utf-8') + if not isinstance(string_val, bytes): + string_val = string_val.encode("utf-8") return base64.b64encode(zlib.compress(string_val)[2:-4]) @@ -164,8 +181,8 @@ def rndbytes(size=16, alphabet=""): Returns rndstr always as a binary type """ x = rndstr(size, alphabet) - if isinstance(x, six.string_types): - return x.encode('utf-8') + if isinstance(x, str): + return x.encode("utf-8") return x @@ -177,7 +194,7 @@ def sid(): :return: A random string prefix with 'id-' to make it compliant with the NCName specification """ - return "id-" + rndstr(17) + return f"id-{rndstr(17)}" def parse_attribute_map(filenames): @@ -214,51 +231,53 @@ def identity_attribute(form, attribute, forward_map=None): # default is name return attribute.name + # ---------------------------------------------------------------------------- def error_status_factory(info): - if isinstance(info, Exception): + if not isinstance(info, Exception): + (status_code_status_code_value, status_message_text) = info + else: try: exc_val = EXCEPTION2STATUS[info.__class__] except KeyError: exc_val = samlp.STATUS_AUTHN_FAILED + try: - msg = info.args[0] + exc_context = info.args[0] + err_ctx = {"status_message_text": exc_context} if isinstance(exc_context, str) else exc_context except IndexError: - msg = "%s" % info - else: - (exc_val, msg) = info + err_ctx = {"status_message_text": str(info)} - if msg: - status_msg = samlp.StatusMessage(text=msg) - else: - status_msg = None + status_message_text = err_ctx.get("status_message_text") + status_code_status_code_value = err_ctx.get("status_code_status_code_value", exc_val) + + status_msg = samlp.StatusMessage(text=status_message_text) if status_message_text else None status = samlp.Status( status_message=status_msg, status_code=samlp.StatusCode( value=samlp.STATUS_RESPONDER, - status_code=samlp.StatusCode( - value=exc_val))) + status_code=samlp.StatusCode(value=status_code_status_code_value), + ), + ) return status def success_status_factory(): - return samlp.Status(status_code=samlp.StatusCode( - value=samlp.STATUS_SUCCESS)) + return samlp.Status(status_code=samlp.StatusCode(value=samlp.STATUS_SUCCESS)) def status_message_factory(message, code, fro=samlp.STATUS_RESPONDER): return samlp.Status( status_message=samlp.StatusMessage(text=message), - status_code=samlp.StatusCode(value=fro, - status_code=samlp.StatusCode(value=code))) + status_code=samlp.StatusCode(value=fro, status_code=samlp.StatusCode(value=code)), + ) def assertion_factory(**kwargs): - assertion = saml.Assertion(version=VERSION, id=sid(), - issue_instant=instant()) + assertion = saml.Assertion(version=VERSION, id=sid(), issue_instant=instant()) for key, val in kwargs.items(): setattr(assertion, key, val) return assertion @@ -278,6 +297,7 @@ def _attrval(val, typ=""): return attrval + # --- attribute profiles ----- # xmlns:xs="http://www.w3.org/2001/XMLSchema" @@ -285,7 +305,7 @@ def _attrval(val, typ=""): def do_ava(val, typ=""): - if isinstance(val, six.string_types): + if isinstance(val, str): ava = saml.AttributeValue() ava.set_text(val) attrval = [ava] @@ -298,7 +318,7 @@ def do_ava(val, typ=""): elif val is None: attrval = None else: - raise OtherError("strange value type on: %s" % val) + raise OtherError(f"strange value type on: {val}") if typ: for ava in attrval: @@ -313,7 +333,7 @@ def do_attribute(val, typ, key): if attrval: attr.attribute_value = attrval - if isinstance(key, six.string_types): + if isinstance(key, str): attr.name = key elif isinstance(key, tuple): # 3-tuple or 2-tuple try: @@ -323,7 +343,7 @@ def do_attribute(val, typ, key): friendly = "" if name: attr.name = name - if format: + if nformat: attr.name_format = nformat if friendly: attr.friendly_name = friendly @@ -368,14 +388,13 @@ def factory(klass, **kwargs): def signature(secret, parts): - """Generates a signature. All strings are assumed to be utf-8 - """ - if not isinstance(secret, six.binary_type): - secret = secret.encode('utf-8') + """Generates a signature. All strings are assumed to be utf-8""" + if not isinstance(secret, bytes): + secret = secret.encode("utf-8") newparts = [] for part in parts: - if not isinstance(part, six.binary_type): - part = part.encode('utf-8') + if not isinstance(part, bytes): + part = part.encode("utf-8") newparts.append(part) parts = newparts csum = hmac.new(secret, digestmod=hashlib.sha1) @@ -387,7 +406,7 @@ def signature(secret, parts): def verify_signature(secret, parts): - """ Checks that the signature is correct """ + """Checks that the signature is correct""" if signature(secret, parts[:-1]) == parts[-1]: return True else: @@ -398,9 +417,9 @@ def exception_trace(exc): message = traceback.format_exception(*sys.exc_info()) try: - _exc = "Exception: %s" % exc + _exc = f"Exception: {exc}" except UnicodeEncodeError: - _exc = "Exception: %s" % exc.message.encode("utf-8", "replace") + _exc = f"Exception: {exc.message.encode('utf-8', 'replace')}" return {"message": _exc, "content": "".join(message)} diff --git a/src/saml2/saml.py b/src/saml2/saml.py index fa3afbc52..1c01dc16c 100644 --- a/src/saml2/saml.py +++ b/src/saml2/saml.py @@ -15,73 +15,65 @@ import base64 - -from saml2.validate import valid_ipv4, MustValueError -from saml2.validate import valid_ipv6 -from saml2.validate import ShouldValueError -from saml2.validate import valid_domain_name +from datetime import date +from datetime import datetime import saml2 from saml2 import SamlBase - -import six from saml2 import xmldsig as ds from saml2 import xmlenc as xenc +from saml2.validate import MustValueError +from saml2.validate import ShouldValueError +from saml2.validate import valid_domain_name +from saml2.validate import valid_ipv4 +from saml2.validate import valid_ipv6 + # authentication information fields -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion' +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:assertion" # xmlschema definition XSD = "xs" # xmlschema templates and extensions -XS_NAMESPACE = 'http://www.w3.org/2001/XMLSchema' +XS_NAMESPACE = "http://www.w3.org/2001/XMLSchema" # xmlschema-instance, which contains several builtin attributes -XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' +XSI_NAMESPACE = "http://www.w3.org/2001/XMLSchema-instance" # xml soap namespace NS_SOAP_ENC = "http://schemas.xmlsoap.org/soap/encoding/" # type definitions for xmlschemas -XSI_TYPE = '{%s}type' % XSI_NAMESPACE +XSI_TYPE = "{%s}type" % XSI_NAMESPACE # nil type definition for xmlschemas -XSI_NIL = '{%s}nil' % XSI_NAMESPACE +XSI_NIL = "{%s}nil" % XSI_NAMESPACE # idp and sp communicate usually about a subject(NameID) # the format determines the category the subject is in # custom subject -NAMEID_FORMAT_UNSPECIFIED = ( - "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified") +NAMEID_FORMAT_UNSPECIFIED = "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" # subject as email address -NAMEID_FORMAT_EMAILADDRESS = ( - "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress") +NAMEID_FORMAT_EMAILADDRESS = "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" # subject as x509 key -NAMEID_FORMAT_X509SUBJECTNAME = ( - "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName") +NAMEID_FORMAT_X509SUBJECTNAME = "urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName" # subject as windows domain name -NAMEID_FORMAT_WINDOWSDOMAINQUALIFIEDNAME = ( - "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName") +NAMEID_FORMAT_WINDOWSDOMAINQUALIFIEDNAME = "urn:oasis:names:tc:SAML:1.1:nameid-format:WindowsDomainQualifiedName" # subject from a kerberos instance -NAMEID_FORMAT_KERBEROS = ( - "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos") +NAMEID_FORMAT_KERBEROS = "urn:oasis:names:tc:SAML:2.0:nameid-format:kerberos" # subject as name -NAMEID_FORMAT_ENTITY = ( - "urn:oasis:names:tc:SAML:2.0:nameid-format:entity") +NAMEID_FORMAT_ENTITY = "urn:oasis:names:tc:SAML:2.0:nameid-format:entity" # linked subject -NAMEID_FORMAT_PERSISTENT = ( - "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent") +NAMEID_FORMAT_PERSISTENT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" # annonymous subject -NAMEID_FORMAT_TRANSIENT = ( - "urn:oasis:names:tc:SAML:2.0:nameid-format:transient") +NAMEID_FORMAT_TRANSIENT = "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" # subject avaiable in encrypted format -NAMEID_FORMAT_ENCRYPTED = ( - "urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted") +NAMEID_FORMAT_ENCRYPTED = "urn:oasis:names:tc:SAML:2.0:nameid-format:encrypted" # dicc for avaiable formats NAMEID_FORMATS_SAML2 = ( - ('NAMEID_FORMAT_EMAILADDRESS', NAMEID_FORMAT_EMAILADDRESS), - ('NAMEID_FORMAT_ENCRYPTED', NAMEID_FORMAT_ENCRYPTED), - ('NAMEID_FORMAT_ENTITY', NAMEID_FORMAT_ENTITY), - ('NAMEID_FORMAT_PERSISTENT', NAMEID_FORMAT_PERSISTENT), - ('NAMEID_FORMAT_TRANSIENT', NAMEID_FORMAT_TRANSIENT), - ('NAMEID_FORMAT_UNSPECIFIED', NAMEID_FORMAT_UNSPECIFIED), + ("NAMEID_FORMAT_EMAILADDRESS", NAMEID_FORMAT_EMAILADDRESS), + ("NAMEID_FORMAT_ENCRYPTED", NAMEID_FORMAT_ENCRYPTED), + ("NAMEID_FORMAT_ENTITY", NAMEID_FORMAT_ENTITY), + ("NAMEID_FORMAT_PERSISTENT", NAMEID_FORMAT_PERSISTENT), + ("NAMEID_FORMAT_TRANSIENT", NAMEID_FORMAT_TRANSIENT), + ("NAMEID_FORMAT_UNSPECIFIED", NAMEID_FORMAT_UNSPECIFIED), ) # a profile outlines a set of rules describing how to embed SAML assertions. @@ -90,30 +82,27 @@ # https://www.oasis-open.org/committees/download.php/56782/sstc-saml-profiles-errata-2.0-wd-07.pdf # XML based values for SAML attributes -PROFILE_ATTRIBUTE_BASIC = ( - "urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic") +PROFILE_ATTRIBUTE_BASIC = "urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic" # an AuthnRequest is made to initiate authentication # authenticate the request with login credentials AUTHN_PASSWORD = "urn:oasis:names:tc:SAML:2.0:ac:classes:Password" # authenticate the request with login credentials, over tls/https -AUTHN_PASSWORD_PROTECTED = \ - "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" +AUTHN_PASSWORD_PROTECTED = "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport" # attribute statements is key:value metadata shared with your app # custom format -NAME_FORMAT_UNSPECIFIED = ( - "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified") +NAME_FORMAT_UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" # uri format NAME_FORMAT_URI = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri" # XML-based format NAME_FORMAT_BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic" # dicc for avaiable formats NAME_FORMATS_SAML2 = ( - ('NAME_FORMAT_BASIC', NAME_FORMAT_BASIC), - ('NAME_FORMAT_URI', NAME_FORMAT_URI), - ('NAME_FORMAT_UNSPECIFIED', NAME_FORMAT_UNSPECIFIED), + ("NAME_FORMAT_BASIC", NAME_FORMAT_BASIC), + ("NAME_FORMAT_URI", NAME_FORMAT_URI), + ("NAME_FORMAT_UNSPECIFIED", NAME_FORMAT_UNSPECIFIED), ) # the SAML authority's decision can be predetermined by arbitrary context @@ -159,23 +148,19 @@ class AttributeValueBase(SamlBase): - def __init__(self, - text=None, - extension_elements=None, - extension_attributes=None): + def __init__(self, text=None, extension_elements=None, extension_attributes=None): self._extatt = {} - SamlBase.__init__(self, - text=None, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + SamlBase.__init__( + self, text=None, extension_elements=extension_elements, extension_attributes=extension_attributes + ) if self._extatt: self.extension_attributes = self._extatt if text: self.set_text(text) elif not extension_elements: - self.extension_attributes = {XSI_NIL: 'true'} + self.extension_attributes = {XSI_NIL: "true"} elif XSI_TYPE in self.extension_attributes: del self.extension_attributes[XSI_TYPE] @@ -188,13 +173,9 @@ def __setattr__(self, key, value): def verify(self): if not self.text and not self.extension_elements: if not self.extension_attributes: - raise Exception( - "Attribute value base should not have extension attributes" - ) + raise Exception("Attribute value base should not have extension attributes") if self.extension_attributes[XSI_NIL] != "true": - raise Exception( - "Attribute value base should not have extension attributes" - ) + raise Exception("Attribute value base should not have extension attributes") return True else: SamlBase.verify(self) @@ -210,17 +191,17 @@ def set_type(self, typ): except AttributeError: self._extatt[XSI_TYPE] = typ - if typ.startswith('xs:'): + if typ.startswith("xs:"): try: - self.extension_attributes['xmlns:xs'] = XS_NAMESPACE + self.extension_attributes["xmlns:xs"] = XS_NAMESPACE except AttributeError: - self._extatt['xmlns:xs'] = XS_NAMESPACE + self._extatt["xmlns:xs"] = XS_NAMESPACE - if typ.startswith('xsd:'): + if typ.startswith("xsd:"): try: - self.extension_attributes['xmlns:xsd'] = XS_NAMESPACE + self.extension_attributes["xmlns:xsd"] = XS_NAMESPACE except AttributeError: - self._extatt['xmlns:xsd'] = XS_NAMESPACE + self._extatt["xmlns:xsd"] = XS_NAMESPACE def get_type(self): try: @@ -243,20 +224,19 @@ def clear_type(self): def set_text(self, value, base64encode=False): def _wrong_type_value(xsd, value): - msg = 'Type and value do not match: {xsd}:{type}:{value}' + msg = "Type and value do not match: {xsd}:{type}:{value}" msg = msg.format(xsd=xsd, type=type(value), value=value) raise ValueError(msg) - # only work with six.string_types - if isinstance(value, six.binary_type): - value = value.decode('utf-8') + if isinstance(value, bytes): + value = value.decode("utf-8") type_to_xsd = { - str: 'string', - int: 'integer', - float: 'float', - bool: 'boolean', - type(None): '', + str: "string", + int: "integer", + float: "float", + bool: "boolean", + type(None): "", } # entries of xsd-types each declaring: @@ -264,86 +244,90 @@ def _wrong_type_value(xsd, value): # - a function to turn a string into that type # - a function to turn that type into a text-value xsd_types_props = { - 'string': { - 'type': str, - 'to_type': str, - 'to_text': str, + "string": { + "type": str, + "to_type": str, + "to_text": str, }, - 'integer': { - 'type': int, - 'to_type': int, - 'to_text': str, + "integer": { + "type": int, + "to_type": int, + "to_text": str, }, - 'short': { - 'type': int, - 'to_type': int, - 'to_text': str, + "short": { + "type": int, + "to_type": int, + "to_text": str, }, - 'int': { - 'type': int, - 'to_type': int, - 'to_text': str, + "int": { + "type": int, + "to_type": int, + "to_text": str, }, - 'long': { - 'type': int, - 'to_type': int, - 'to_text': str, + "long": { + "type": int, + "to_type": int, + "to_text": str, }, - 'float': { - 'type': float, - 'to_type': float, - 'to_text': str, + "float": { + "type": float, + "to_type": float, + "to_text": str, }, - 'double': { - 'type': float, - 'to_type': float, - 'to_text': str, + "double": { + "type": float, + "to_type": float, + "to_text": str, }, - 'boolean': { - 'type': bool, - 'to_type': lambda x: { - 'true': True, - 'false': False, + "boolean": { + "type": bool, + "to_type": lambda x: { + "true": True, + "false": False, }[str(x).lower()], - 'to_text': lambda x: str(x).lower(), + "to_text": lambda x: str(x).lower(), + }, + "date": { + "type": date, + "to_type": lambda x: datetime.strptime(x, "%Y-%m-%d").date(), + "to_text": str, }, - 'base64Binary': { - 'type': str, - 'to_type': str, - 'to_text': ( - lambda x: base64.encodebytes(x.encode()) if base64encode else x - ), + "base64Binary": { + "type": str, + "to_type": str, + "to_text": (lambda x: base64.encodebytes(x.encode()) if base64encode else x), }, - 'anyType': { - 'type': type(value), - 'to_type': lambda x: x, - 'to_text': lambda x: x, + "anyType": { + "type": type(value), + "to_type": lambda x: x, + "to_text": lambda x: x, }, - '': { - 'type': type(None), - 'to_type': lambda x: None, - 'to_text': lambda x: '', + "": { + "type": type(None), + "to_type": lambda x: None, + "to_text": lambda x: "", }, } - xsd_string = ( - 'base64Binary' if base64encode - else self.get_type() - or type_to_xsd.get(type(value))) + xsd_string = "base64Binary" if base64encode else self.get_type() or type_to_xsd.get(type(value)) xsd_ns, xsd_type = ( - ['', type(None)] if xsd_string is None - else ['', ''] if xsd_string == '' - else [ - XSD if xsd_string in xsd_types_props else '', - xsd_string - ] if ':' not in xsd_string - else xsd_string.split(':', 1)) - - xsd_type_props = xsd_types_props.get(xsd_type, {}) - valid_type = xsd_type_props.get('type', type(None)) - to_type = xsd_type_props.get('to_type', str) - to_text = xsd_type_props.get('to_text', str) + ["", type(None)] + if xsd_string is None + else ["", ""] + if xsd_string == "" + else [XSD if xsd_string in xsd_types_props else "", xsd_string] + if ":" not in xsd_string + else xsd_string.split(":", 1) + ) + + xsd_type_props = xsd_types_props.get(xsd_type) + if not xsd_type_props: + xsd_type_props = xsd_types_props.get("string") + + valid_type = xsd_type_props.get("type", type(None)) + to_type = xsd_type_props.get("to_type", str) + to_text = xsd_type_props.get("to_text", str) # cast to correct type before type-checking if type(value) is str and valid_type is not str: @@ -357,11 +341,8 @@ def _wrong_type_value(xsd, value): _wrong_type_value(xsd=xsd_type, value=value) text = to_text(value) - self.set_type( - '{ns}:{type}'.format(ns=xsd_ns, type=xsd_type) if xsd_ns - else xsd_type if xsd_type - else '') - SamlBase.__setattr__(self, 'text', text) + self.set_type(f"{xsd_ns}:{xsd_type}" if xsd_ns else xsd_type if xsd_type else "") + SamlBase.__setattr__(self, "text", text) return self def harvest_element_tree(self, tree): @@ -375,15 +356,11 @@ def harvest_element_tree(self, tree): # we consider whitespace insignificant # and remove/trim/strip whitespace # and expect to not have actual text content - text = ( - tree.text.strip() - if tree.text and self.extension_elements - else tree.text - ) + text = tree.text.strip() if tree.text and self.extension_elements else tree.text if text: - #print("set_text:", tree.text) + # print("set_text:", tree.text) # clear type - #self.clear_type() + # self.clear_type() self.set_text(text) # if we have added a text node @@ -395,58 +372,55 @@ def harvest_element_tree(self, tree): class BaseIDAbstractType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:BaseIDAbstractType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:BaseIDAbstractType element""" - c_tag = 'BaseIDAbstractType' + c_tag = "BaseIDAbstractType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['NameQualifier'] = ('name_qualifier', 'string', False) - c_attributes['SPNameQualifier'] = ('sp_name_qualifier', 'string', False) - - def __init__(self, - name_qualifier=None, - sp_name_qualifier=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["NameQualifier"] = ("name_qualifier", "string", False) + c_attributes["SPNameQualifier"] = ("sp_name_qualifier", "string", False) + + def __init__( + self, name_qualifier=None, sp_name_qualifier=None, text=None, extension_elements=None, extension_attributes=None + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.name_qualifier = name_qualifier self.sp_name_qualifier = sp_name_qualifier class NameIDType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:NameIDType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:NameIDType element""" - c_tag = 'NameIDType' + c_tag = "NameIDType" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['NameQualifier'] = ('name_qualifier', 'string', False) - c_attributes['SPNameQualifier'] = ('sp_name_qualifier', 'string', False) - c_attributes['Format'] = ('format', 'anyURI', False) - c_attributes['SPProvidedID'] = ('sp_provided_id', 'string', False) - - def __init__(self, - name_qualifier=None, - sp_name_qualifier=None, - format=None, - sp_provided_id=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["NameQualifier"] = ("name_qualifier", "string", False) + c_attributes["SPNameQualifier"] = ("sp_name_qualifier", "string", False) + c_attributes["Format"] = ("format", "anyURI", False) + c_attributes["SPProvidedID"] = ("sp_provided_id", "string", False) + + def __init__( + self, + name_qualifier=None, + sp_name_qualifier=None, + format=None, + sp_provided_id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.name_qualifier = name_qualifier self.sp_name_qualifier = sp_name_qualifier self.format = format @@ -458,34 +432,25 @@ def name_id_type__from_string(xml_string): class EncryptedElementType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedElementType element - """ + """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedElementType element""" - c_tag = 'EncryptedElementType' + c_tag = "EncryptedElementType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}EncryptedData'] = ( - 'encrypted_data', - xenc.EncryptedData) - c_children['{http://www.w3.org/2001/04/xmlenc#}EncryptedKey'] = ( - 'encrypted_key', - [xenc.EncryptedKey]) - c_cardinality['encrypted_key'] = {"min": 0} - c_child_order.extend(['encrypted_data', 'encrypted_key']) - - def __init__(self, - encrypted_data=None, - encrypted_key=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{http://www.w3.org/2001/04/xmlenc#}EncryptedData"] = ("encrypted_data", xenc.EncryptedData) + c_children["{http://www.w3.org/2001/04/xmlenc#}EncryptedKey"] = ("encrypted_key", [xenc.EncryptedKey]) + c_cardinality["encrypted_key"] = {"min": 0} + c_child_order.extend(["encrypted_data", "encrypted_key"]) + + def __init__( + self, encrypted_data=None, encrypted_key=None, text=None, extension_elements=None, extension_attributes=None + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.encrypted_data = encrypted_data self.encrypted_key = encrypted_key or [] @@ -495,9 +460,9 @@ def encrypted_element_type__from_string(xml_string): class EncryptedID(EncryptedElementType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedID element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedID element""" - c_tag = 'EncryptedID' + c_tag = "EncryptedID" c_namespace = NAMESPACE c_children = EncryptedElementType_.c_children.copy() c_attributes = EncryptedElementType_.c_attributes.copy() @@ -510,9 +475,9 @@ def encrypted_id_from_string(xml_string): class Issuer(NameIDType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Issuer element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Issuer element""" - c_tag = 'Issuer' + c_tag = "Issuer" c_namespace = NAMESPACE c_children = NameIDType_.c_children.copy() c_attributes = NameIDType_.c_attributes.copy() @@ -525,11 +490,11 @@ def issuer_from_string(xml_string): class AssertionIDRef(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AssertionIDRef element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AssertionIDRef element""" - c_tag = 'AssertionIDRef' + c_tag = "AssertionIDRef" c_namespace = NAMESPACE - c_value_type = {'base': 'NCName'} + c_value_type = {"base": "NCName"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -541,11 +506,11 @@ def assertion_id_ref_from_string(xml_string): class AssertionURIRef(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AssertionURIRef element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AssertionURIRef element""" - c_tag = 'AssertionURIRef' + c_tag = "AssertionURIRef" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -558,36 +523,36 @@ def assertion_uri_ref_from_string(xml_string): class SubjectConfirmationDataType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationDataType - element """ + element""" - c_tag = 'SubjectConfirmationDataType' + c_tag = "SubjectConfirmationDataType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['NotBefore'] = ('not_before', 'dateTime', False) - c_attributes['NotOnOrAfter'] = ('not_on_or_after', 'dateTime', False) - c_attributes['Recipient'] = ('recipient', 'anyURI', False) - c_attributes['InResponseTo'] = ('in_response_to', 'NCName', False) - c_attributes['Address'] = ('address', 'string', False) - c_any = {"namespace": "##any", "processContents": "lax", "minOccurs": "0", - "maxOccurs": "unbounded"} + c_attributes["NotBefore"] = ("not_before", "dateTime", False) + c_attributes["NotOnOrAfter"] = ("not_on_or_after", "dateTime", False) + c_attributes["Recipient"] = ("recipient", "anyURI", False) + c_attributes["InResponseTo"] = ("in_response_to", "NCName", False) + c_attributes["Address"] = ("address", "string", False) + c_any = {"namespace": "##any", "processContents": "lax", "minOccurs": "0", "maxOccurs": "unbounded"} c_any_attribute = {"namespace": "##other", "processContents": "lax"} - def __init__(self, - not_before=None, - not_on_or_after=None, - recipient=None, - in_response_to=None, - address=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + def __init__( + self, + not_before=None, + not_on_or_after=None, + recipient=None, + in_response_to=None, + address=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.not_before = not_before self.not_on_or_after = not_on_or_after self.recipient = recipient @@ -596,47 +561,39 @@ def __init__(self, def subject_confirmation_data_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SubjectConfirmationDataType_, - xml_string) + return saml2.create_class_from_xml_string(SubjectConfirmationDataType_, xml_string) class KeyInfoConfirmationDataType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:assertion:KeyInfoConfirmationDataType - element """ + element""" - c_tag = 'KeyInfoConfirmationDataType' + c_tag = "KeyInfoConfirmationDataType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ('key_info', - [ds.KeyInfo]) - c_cardinality['key_info'] = {"min": 1} - c_child_order.extend(['key_info']) - - def __init__(self, - key_info=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyInfo"] = ("key_info", [ds.KeyInfo]) + c_cardinality["key_info"] = {"min": 1} + c_child_order.extend(["key_info"]) + + def __init__(self, key_info=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.key_info = key_info or [] def key_info_confirmation_data_type__from_string(xml_string): - return saml2.create_class_from_xml_string(KeyInfoConfirmationDataType_, - xml_string) + return saml2.create_class_from_xml_string(KeyInfoConfirmationDataType_, xml_string) class ConditionAbstractType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:assertion:ConditionAbstractType - element """ + element""" - c_tag = 'ConditionAbstractType' + c_tag = "ConditionAbstractType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -645,11 +602,11 @@ class ConditionAbstractType_(SamlBase): class Audience(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:Audience element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Audience element""" - c_tag = 'Audience' + c_tag = "Audience" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -661,9 +618,9 @@ def audience_from_string(xml_string): class OneTimeUseType_(ConditionAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:OneTimeUseType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:OneTimeUseType element""" - c_tag = 'OneTimeUseType' + c_tag = "OneTimeUseType" c_namespace = NAMESPACE c_children = ConditionAbstractType_.c_children.copy() c_attributes = ConditionAbstractType_.c_attributes.copy() @@ -676,30 +633,23 @@ def one_time_use_type__from_string(xml_string): class ProxyRestrictionType_(ConditionAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:ProxyRestrictionType element - """ + """The urn:oasis:names:tc:SAML:2.0:assertion:ProxyRestrictionType element""" - c_tag = 'ProxyRestrictionType' + c_tag = "ProxyRestrictionType" c_namespace = NAMESPACE c_children = ConditionAbstractType_.c_children.copy() c_attributes = ConditionAbstractType_.c_attributes.copy() c_child_order = ConditionAbstractType_.c_child_order[:] c_cardinality = ConditionAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Audience'] = ('audience', - [Audience]) - c_cardinality['audience'] = {"min": 0} - c_attributes['Count'] = ('count', 'nonNegativeInteger', False) - c_child_order.extend(['audience']) - - def __init__(self, - audience=None, - count=None, - text=None, - extension_elements=None, - extension_attributes=None): + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Audience"] = ("audience", [Audience]) + c_cardinality["audience"] = {"min": 0} + c_attributes["Count"] = ("count", "nonNegativeInteger", False) + c_child_order.extend(["audience"]) + + def __init__(self, audience=None, count=None, text=None, extension_elements=None, extension_attributes=None): ConditionAbstractType_.__init__( - self, text=text, extension_elements=extension_elements, - extension_attributes=extension_attributes) + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.audience = audience or [] self.count = count @@ -709,9 +659,9 @@ def proxy_restriction_type__from_string(xml_string): class EncryptedAssertion(EncryptedElementType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAssertion element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAssertion element""" - c_tag = 'EncryptedAssertion' + c_tag = "EncryptedAssertion" c_namespace = NAMESPACE c_children = EncryptedElementType_.c_children.copy() c_attributes = EncryptedElementType_.c_attributes.copy() @@ -724,10 +674,9 @@ def encrypted_assertion_from_string(xml_string): class StatementAbstractType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:StatementAbstractType element - """ + """The urn:oasis:names:tc:SAML:2.0:assertion:StatementAbstractType element""" - c_tag = 'StatementAbstractType' + c_tag = "StatementAbstractType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -736,27 +685,21 @@ class StatementAbstractType_(SamlBase): class SubjectLocalityType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocalityType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocalityType element""" - c_tag = 'SubjectLocalityType' + c_tag = "SubjectLocalityType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Address'] = ('address', 'string', False) - c_attributes['DNSName'] = ('dns_name', 'string', False) - - def __init__(self, - address=None, - dns_name=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["Address"] = ("address", "string", False) + c_attributes["DNSName"] = ("dns_name", "string", False) + + def __init__(self, address=None, dns_name=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.address = address self.dns_name = dns_name @@ -766,12 +709,11 @@ def subject_locality_type__from_string(xml_string): class AuthnContextClassRef(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextClassRef element - """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextClassRef element""" - c_tag = 'AuthnContextClassRef' + c_tag = "AuthnContextClassRef" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -783,11 +725,11 @@ def authn_context_class_ref_from_string(xml_string): class AuthnContextDeclRef(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextDeclRef element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextDeclRef element""" - c_tag = 'AuthnContextDeclRef' + c_tag = "AuthnContextDeclRef" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -799,11 +741,11 @@ def authn_context_decl_ref_from_string(xml_string): class AuthnContextDecl(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextDecl element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextDecl element""" - c_tag = 'AuthnContextDecl' + c_tag = "AuthnContextDecl" c_namespace = NAMESPACE - c_value_type = {'base': 'anyType'} + c_value_type = {"base": "anyType"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -816,11 +758,11 @@ def authn_context_decl_from_string(xml_string): class AuthenticatingAuthority(SamlBase): """The urn:oasis:names:tc:SAML:2.0:assertion:AuthenticatingAuthority - element """ + element""" - c_tag = 'AuthenticatingAuthority' + c_tag = "AuthenticatingAuthority" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -828,17 +770,15 @@ class AuthenticatingAuthority(SamlBase): def authenticating_authority_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthenticatingAuthority, - xml_string) + return saml2.create_class_from_xml_string(AuthenticatingAuthority, xml_string) class DecisionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:DecisionType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:DecisionType element""" - c_tag = 'DecisionType' + c_tag = "DecisionType" c_namespace = NAMESPACE - c_value_type = {'base': 'string', 'enumeration': ['Permit', 'Deny', - 'Indeterminate']} + c_value_type = {"base": "string", "enumeration": ["Permit", "Deny", "Indeterminate"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -850,26 +790,21 @@ def decision_type__from_string(xml_string): class ActionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:ActionType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:ActionType element""" - c_tag = 'ActionType' + c_tag = "ActionType" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Namespace'] = ('namespace', 'anyURI', True) - - def __init__(self, - namespace=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["Namespace"] = ("namespace", "anyURI", True) + + def __init__(self, namespace=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.namespace = namespace @@ -878,11 +813,11 @@ def action_type__from_string(xml_string): class AttributeValue(AttributeValueBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AttributeValue element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AttributeValue element""" - c_tag = 'AttributeValue' + c_tag = "AttributeValue" c_namespace = NAMESPACE - c_value_type = {'base': 'anyType'} + c_value_type = {"base": "anyType"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -894,9 +829,9 @@ def attribute_value_from_string(xml_string): class EncryptedAttribute(EncryptedElementType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAttribute element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAttribute element""" - c_tag = 'EncryptedAttribute' + c_tag = "EncryptedAttribute" c_namespace = NAMESPACE c_children = EncryptedElementType_.c_children.copy() c_attributes = EncryptedElementType_.c_attributes.copy() @@ -909,9 +844,9 @@ def encrypted_attribute_from_string(xml_string): class BaseID(BaseIDAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:BaseID element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:BaseID element""" - c_tag = 'BaseID' + c_tag = "BaseID" c_namespace = NAMESPACE c_children = BaseIDAbstractType_.c_children.copy() c_attributes = BaseIDAbstractType_.c_attributes.copy() @@ -933,9 +868,9 @@ class NameID(NameIDType_): include: Email address, X.509 subject name, Windows domain qualified name, Kerberos principal name, Entity identifier, Persistent identifier, Transient identifier." - """ + """ - c_tag = 'NameID' + c_tag = "NameID" c_namespace = NAMESPACE c_children = NameIDType_.c_children.copy() c_attributes = NameIDType_.c_attributes.copy() @@ -949,9 +884,9 @@ def name_id_from_string(xml_string): class SubjectConfirmationData(SubjectConfirmationDataType_): """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData - element """ + element""" - c_tag = 'SubjectConfirmationData' + c_tag = "SubjectConfirmationData" c_namespace = NAMESPACE c_children = SubjectConfirmationDataType_.c_children.copy() c_attributes = SubjectConfirmationDataType_.c_attributes.copy() @@ -960,14 +895,13 @@ class SubjectConfirmationData(SubjectConfirmationDataType_): def subject_confirmation_data_from_string(xml_string): - return saml2.create_class_from_xml_string(SubjectConfirmationData, - xml_string) + return saml2.create_class_from_xml_string(SubjectConfirmationData, xml_string) class Condition(ConditionAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Condition element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Condition element""" - c_tag = 'Condition' + c_tag = "Condition" c_namespace = NAMESPACE c_children = ConditionAbstractType_.c_children.copy() c_attributes = ConditionAbstractType_.c_attributes.copy() @@ -981,39 +915,33 @@ def condition_from_string(xml_string): class AudienceRestrictionType_(ConditionAbstractType_): """The urn:oasis:names:tc:SAML:2.0:assertion:AudienceRestrictionType - element """ + element""" - c_tag = 'AudienceRestrictionType' + c_tag = "AudienceRestrictionType" c_namespace = NAMESPACE c_children = ConditionAbstractType_.c_children.copy() c_attributes = ConditionAbstractType_.c_attributes.copy() c_child_order = ConditionAbstractType_.c_child_order[:] c_cardinality = ConditionAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Audience'] = ('audience', - [Audience]) - c_cardinality['audience'] = {"min": 1} - c_child_order.extend(['audience']) - - def __init__(self, - audience=None, - text=None, - extension_elements=None, - extension_attributes=None): + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Audience"] = ("audience", [Audience]) + c_cardinality["audience"] = {"min": 1} + c_child_order.extend(["audience"]) + + def __init__(self, audience=None, text=None, extension_elements=None, extension_attributes=None): ConditionAbstractType_.__init__( - self, text=text, extension_elements=extension_elements, - extension_attributes=extension_attributes) + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.audience = audience or [] def audience_restriction_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AudienceRestrictionType_, - xml_string) + return saml2.create_class_from_xml_string(AudienceRestrictionType_, xml_string) class OneTimeUse(OneTimeUseType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:OneTimeUse element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:OneTimeUse element""" - c_tag = 'OneTimeUse' + c_tag = "OneTimeUse" c_namespace = NAMESPACE c_children = OneTimeUseType_.c_children.copy() c_attributes = OneTimeUseType_.c_attributes.copy() @@ -1026,9 +954,9 @@ def one_time_use_from_string(xml_string): class ProxyRestriction(ProxyRestrictionType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:ProxyRestriction element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:ProxyRestriction element""" - c_tag = 'ProxyRestriction' + c_tag = "ProxyRestriction" c_namespace = NAMESPACE c_children = ProxyRestrictionType_.c_children.copy() c_attributes = ProxyRestrictionType_.c_attributes.copy() @@ -1041,9 +969,9 @@ def proxy_restriction_from_string(xml_string): class Statement(StatementAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Statement element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Statement element""" - c_tag = 'Statement' + c_tag = "Statement" c_namespace = NAMESPACE c_children = StatementAbstractType_.c_children.copy() c_attributes = StatementAbstractType_.c_attributes.copy() @@ -1056,9 +984,9 @@ def statement_from_string(xml_string): class SubjectLocality(SubjectLocalityType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality element""" - c_tag = 'SubjectLocality' + c_tag = "SubjectLocality" c_namespace = NAMESPACE c_children = SubjectLocalityType_.c_children.copy() c_attributes = SubjectLocalityType_.c_attributes.copy() @@ -1083,44 +1011,47 @@ def subject_locality_from_string(xml_string): class AuthnContextType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContextType element""" - c_tag = 'AuthnContextType' + c_tag = "AuthnContextType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextClassRef'] = ( - 'authn_context_class_ref', AuthnContextClassRef) - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextDecl'] = ( - 'authn_context_decl', - AuthnContextDecl) - c_cardinality['authn_context_decl'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextDeclRef'] = ( - 'authn_context_decl_ref', - AuthnContextDeclRef) - c_cardinality['authn_context_decl_ref'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:assertion}AuthenticatingAuthority'] = ( - 'authenticating_authority', [AuthenticatingAuthority]) - c_cardinality['authenticating_authority'] = {"min": 0} - c_child_order.extend(['authn_context_class_ref', 'authn_context_decl', - 'authn_context_decl_ref', 'authenticating_authority']) - - def __init__(self, - authn_context_class_ref=None, - authn_context_decl=None, - authn_context_decl_ref=None, - authenticating_authority=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextClassRef"] = ( + "authn_context_class_ref", + AuthnContextClassRef, + ) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextDecl"] = ("authn_context_decl", AuthnContextDecl) + c_cardinality["authn_context_decl"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextDeclRef"] = ( + "authn_context_decl_ref", + AuthnContextDeclRef, + ) + c_cardinality["authn_context_decl_ref"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthenticatingAuthority"] = ( + "authenticating_authority", + [AuthenticatingAuthority], + ) + c_cardinality["authenticating_authority"] = {"min": 0} + c_child_order.extend( + ["authn_context_class_ref", "authn_context_decl", "authn_context_decl_ref", "authenticating_authority"] + ) + + def __init__( + self, + authn_context_class_ref=None, + authn_context_decl=None, + authn_context_decl_ref=None, + authenticating_authority=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.authn_context_class_ref = authn_context_class_ref self.authn_context_decl = authn_context_decl self.authn_context_decl_ref = authn_context_decl_ref @@ -1128,10 +1059,7 @@ def __init__(self, def verify(self): if self.authn_context_decl and self.authn_context_decl_ref: - raise Exception( - "Invalid Response: " - "Cannot have both and " - ) + raise Exception("Invalid Response: " "Cannot have both and ") return SamlBase.verify(self) @@ -1140,9 +1068,9 @@ def authn_context_type__from_string(xml_string): class Action(ActionType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Action element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Action element""" - c_tag = 'Action' + c_tag = "Action" c_namespace = NAMESPACE c_children = ActionType_.c_children.copy() c_attributes = ActionType_.c_attributes.copy() @@ -1155,36 +1083,35 @@ def action_from_string(xml_string): class AttributeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AttributeType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AttributeType element""" - c_tag = 'AttributeType' + c_tag = "AttributeType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AttributeValue'] = ( - 'attribute_value', - [AttributeValue]) - c_cardinality['attribute_value'] = {"min": 0} - c_attributes['Name'] = ('name', 'string', True) - c_attributes['NameFormat'] = ('name_format', 'anyURI', False) - c_attributes['FriendlyName'] = ('friendly_name', 'string', False) - c_child_order.extend(['attribute_value']) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AttributeValue"] = ("attribute_value", [AttributeValue]) + c_cardinality["attribute_value"] = {"min": 0} + c_attributes["Name"] = ("name", "string", True) + c_attributes["NameFormat"] = ("name_format", "anyURI", False) + c_attributes["FriendlyName"] = ("friendly_name", "string", False) + c_child_order.extend(["attribute_value"]) c_any_attribute = {"namespace": "##other", "processContents": "lax"} - def __init__(self, - attribute_value=None, - name=None, - name_format=NAME_FORMAT_URI, - friendly_name=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + def __init__( + self, + attribute_value=None, + name=None, + name_format=NAME_FORMAT_URI, + friendly_name=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.attribute_value = attribute_value or [] self.name = name self.name_format = name_format @@ -1192,7 +1119,7 @@ def __init__(self, # when consuming such elements, default to NAME_FORMAT_UNSPECIFIED as NameFormat def harvest_element_tree(self, tree): - tree.attrib.setdefault('NameFormat', NAME_FORMAT_UNSPECIFIED) + tree.attrib.setdefault("NameFormat", NAME_FORMAT_UNSPECIFIED) SamlBase.harvest_element_tree(self, tree) @@ -1202,45 +1129,42 @@ def attribute_type__from_string(xml_string): class SubjectConfirmationType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationType - element """ + element""" - c_tag = 'SubjectConfirmationType' + c_tag = "SubjectConfirmationType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}BaseID'] = ('base_id', - BaseID) - c_cardinality['base_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}NameID'] = ('name_id', - NameID) - c_cardinality['name_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID'] = ( - 'encrypted_id', - EncryptedID) - c_cardinality['encrypted_id'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:assertion}SubjectConfirmationData'] = ( - 'subject_confirmation_data', SubjectConfirmationData) - c_cardinality['subject_confirmation_data'] = {"min": 0, "max": 1} - c_attributes['Method'] = ('method', 'anyURI', True) - c_child_order.extend(['base_id', 'name_id', 'encrypted_id', - 'subject_confirmation_data']) - - def __init__(self, - base_id=None, - name_id=None, - encrypted_id=None, - subject_confirmation_data=None, - method=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}BaseID"] = ("base_id", BaseID) + c_cardinality["base_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}NameID"] = ("name_id", NameID) + c_cardinality["name_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID"] = ("encrypted_id", EncryptedID) + c_cardinality["encrypted_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}SubjectConfirmationData"] = ( + "subject_confirmation_data", + SubjectConfirmationData, + ) + c_cardinality["subject_confirmation_data"] = {"min": 0, "max": 1} + c_attributes["Method"] = ("method", "anyURI", True) + c_child_order.extend(["base_id", "name_id", "encrypted_id", "subject_confirmation_data"]) + + def __init__( + self, + base_id=None, + name_id=None, + encrypted_id=None, + subject_confirmation_data=None, + method=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.base_id = base_id self.name_id = name_id self.encrypted_id = encrypted_id @@ -1249,14 +1173,13 @@ def __init__(self, def subject_confirmation_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SubjectConfirmationType_, - xml_string) + return saml2.create_class_from_xml_string(SubjectConfirmationType_, xml_string) class AudienceRestriction(AudienceRestrictionType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:AudienceRestriction element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AudienceRestriction element""" - c_tag = 'AudienceRestriction' + c_tag = "AudienceRestriction" c_namespace = NAMESPACE c_children = AudienceRestrictionType_.c_children.copy() c_attributes = AudienceRestrictionType_.c_attributes.copy() @@ -1269,9 +1192,9 @@ def audience_restriction_from_string(xml_string): class AuthnContext(AuthnContextType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContext element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnContext element""" - c_tag = 'AuthnContext' + c_tag = "AuthnContext" c_namespace = NAMESPACE c_children = AuthnContextType_.c_children.copy() c_attributes = AuthnContextType_.c_attributes.copy() @@ -1284,9 +1207,9 @@ def authn_context_from_string(xml_string): class Attribute(AttributeType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Attribute element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Attribute element""" - c_tag = 'Attribute' + c_tag = "Attribute" c_namespace = NAMESPACE c_children = AttributeType_.c_children.copy() c_attributes = AttributeType_.c_attributes.copy() @@ -1299,9 +1222,9 @@ def attribute_from_string(xml_string): class SubjectConfirmation(SubjectConfirmationType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation element""" - c_tag = 'SubjectConfirmation' + c_tag = "SubjectConfirmation" c_namespace = NAMESPACE c_children = SubjectConfirmationType_.c_children.copy() c_attributes = SubjectConfirmationType_.c_attributes.copy() @@ -1314,49 +1237,44 @@ def subject_confirmation_from_string(xml_string): class ConditionsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:ConditionsType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:ConditionsType element""" - c_tag = 'ConditionsType' + c_tag = "ConditionsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Condition'] = ( - 'condition', - [Condition]) - c_cardinality['condition'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AudienceRestriction'] = ( - 'audience_restriction', - [AudienceRestriction]) - c_cardinality['audience_restriction'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}OneTimeUse'] = ( - 'one_time_use', - [OneTimeUse]) - c_cardinality['one_time_use'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}ProxyRestriction'] = ( - 'proxy_restriction', - [ProxyRestriction]) - c_cardinality['proxy_restriction'] = {"min": 0} - c_attributes['NotBefore'] = ('not_before', 'dateTime', False) - c_attributes['NotOnOrAfter'] = ('not_on_or_after', 'dateTime', False) - c_child_order.extend(['condition', 'audience_restriction', 'one_time_use', - 'proxy_restriction']) - - def __init__(self, - condition=None, - audience_restriction=None, - one_time_use=None, - proxy_restriction=None, - not_before=None, - not_on_or_after=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Condition"] = ("condition", [Condition]) + c_cardinality["condition"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AudienceRestriction"] = ( + "audience_restriction", + [AudienceRestriction], + ) + c_cardinality["audience_restriction"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}OneTimeUse"] = ("one_time_use", [OneTimeUse]) + c_cardinality["one_time_use"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}ProxyRestriction"] = ("proxy_restriction", [ProxyRestriction]) + c_cardinality["proxy_restriction"] = {"min": 0} + c_attributes["NotBefore"] = ("not_before", "dateTime", False) + c_attributes["NotOnOrAfter"] = ("not_on_or_after", "dateTime", False) + c_child_order.extend(["condition", "audience_restriction", "one_time_use", "proxy_restriction"]) + + def __init__( + self, + condition=None, + audience_restriction=None, + one_time_use=None, + proxy_restriction=None, + not_before=None, + not_on_or_after=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.condition = condition or [] self.audience_restriction = audience_restriction or [] self.one_time_use = one_time_use or [] @@ -1380,37 +1298,36 @@ def conditions_type__from_string(xml_string): class AuthnStatementType_(StatementAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnStatementType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnStatementType element""" - c_tag = 'AuthnStatementType' + c_tag = "AuthnStatementType" c_namespace = NAMESPACE c_children = StatementAbstractType_.c_children.copy() c_attributes = StatementAbstractType_.c_attributes.copy() c_child_order = StatementAbstractType_.c_child_order[:] c_cardinality = StatementAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}SubjectLocality'] = ( - 'subject_locality', SubjectLocality) - c_cardinality['subject_locality'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContext'] = ( - 'authn_context', AuthnContext) - c_attributes['AuthnInstant'] = ('authn_instant', 'dateTime', True) - c_attributes['SessionIndex'] = ('session_index', 'string', False) - c_attributes['SessionNotOnOrAfter'] = ('session_not_on_or_after', - 'dateTime', False) - c_child_order.extend(['subject_locality', 'authn_context']) - - def __init__(self, - subject_locality=None, - authn_context=None, - authn_instant=None, - session_index=None, - session_not_on_or_after=None, - text=None, - extension_elements=None, - extension_attributes=None): + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}SubjectLocality"] = ("subject_locality", SubjectLocality) + c_cardinality["subject_locality"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContext"] = ("authn_context", AuthnContext) + c_attributes["AuthnInstant"] = ("authn_instant", "dateTime", True) + c_attributes["SessionIndex"] = ("session_index", "string", False) + c_attributes["SessionNotOnOrAfter"] = ("session_not_on_or_after", "dateTime", False) + c_child_order.extend(["subject_locality", "authn_context"]) + + def __init__( + self, + subject_locality=None, + authn_context=None, + authn_instant=None, + session_index=None, + session_not_on_or_after=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): StatementAbstractType_.__init__( - self, text=text, extension_elements=extension_elements, - extension_attributes=extension_attributes) + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.subject_locality = subject_locality self.authn_context = authn_context self.authn_instant = authn_instant @@ -1424,78 +1341,72 @@ def authn_statement_type__from_string(xml_string): class AttributeStatementType_(StatementAbstractType_): """The urn:oasis:names:tc:SAML:2.0:assertion:AttributeStatementType - element """ + element""" - c_tag = 'AttributeStatementType' + c_tag = "AttributeStatementType" c_namespace = NAMESPACE c_children = StatementAbstractType_.c_children.copy() c_attributes = StatementAbstractType_.c_attributes.copy() c_child_order = StatementAbstractType_.c_child_order[:] c_cardinality = StatementAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Attribute'] = ( - 'attribute', - [Attribute]) - c_cardinality['attribute'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAttribute'] = ( - 'encrypted_attribute', - [EncryptedAttribute]) - c_cardinality['encrypted_attribute'] = {"min": 0} - c_child_order.extend(['attribute', 'encrypted_attribute']) - - def __init__(self, - attribute=None, - encrypted_attribute=None, - text=None, - extension_elements=None, - extension_attributes=None): + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Attribute"] = ("attribute", [Attribute]) + c_cardinality["attribute"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAttribute"] = ( + "encrypted_attribute", + [EncryptedAttribute], + ) + c_cardinality["encrypted_attribute"] = {"min": 0} + c_child_order.extend(["attribute", "encrypted_attribute"]) + + def __init__( + self, attribute=None, encrypted_attribute=None, text=None, extension_elements=None, extension_attributes=None + ): StatementAbstractType_.__init__( - self, text=text, extension_elements=extension_elements, - extension_attributes=extension_attributes) + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.attribute = attribute or [] self.encrypted_attribute = encrypted_attribute or [] def attribute_statement_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AttributeStatementType_, - xml_string) + return saml2.create_class_from_xml_string(AttributeStatementType_, xml_string) class SubjectType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:SubjectType element""" - c_tag = 'SubjectType' + c_tag = "SubjectType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}BaseID'] = ('base_id', - BaseID) - c_cardinality['base_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}NameID'] = ('name_id', - NameID) - c_cardinality['name_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID'] = ( - 'encrypted_id', EncryptedID) - c_cardinality['encrypted_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}SubjectConfirmation'] = ( - 'subject_confirmation', [SubjectConfirmation]) - c_cardinality['subject_confirmation'] = {"min": 0} - c_child_order.extend(['base_id', 'name_id', 'encrypted_id', - 'subject_confirmation']) - - def __init__(self, - base_id=None, - name_id=None, - encrypted_id=None, - subject_confirmation=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}BaseID"] = ("base_id", BaseID) + c_cardinality["base_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}NameID"] = ("name_id", NameID) + c_cardinality["name_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID"] = ("encrypted_id", EncryptedID) + c_cardinality["encrypted_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}SubjectConfirmation"] = ( + "subject_confirmation", + [SubjectConfirmation], + ) + c_cardinality["subject_confirmation"] = {"min": 0} + c_child_order.extend(["base_id", "name_id", "encrypted_id", "subject_confirmation"]) + + def __init__( + self, + base_id=None, + name_id=None, + encrypted_id=None, + subject_confirmation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.base_id = base_id self.name_id = name_id self.encrypted_id = encrypted_id @@ -1507,9 +1418,9 @@ def subject_type__from_string(xml_string): class Conditions(ConditionsType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Conditions element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Conditions element""" - c_tag = 'Conditions' + c_tag = "Conditions" c_namespace = NAMESPACE c_children = ConditionsType_.c_children.copy() c_attributes = ConditionsType_.c_attributes.copy() @@ -1522,9 +1433,9 @@ def conditions_from_string(xml_string): class AuthnStatement(AuthnStatementType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnStatement element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AuthnStatement element""" - c_tag = 'AuthnStatement' + c_tag = "AuthnStatement" c_namespace = NAMESPACE c_children = AuthnStatementType_.c_children.copy() c_attributes = AuthnStatementType_.c_attributes.copy() @@ -1537,9 +1448,9 @@ def authn_statement_from_string(xml_string): class AttributeStatement(AttributeStatementType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:AttributeStatement element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AttributeStatement element""" - c_tag = 'AttributeStatement' + c_tag = "AttributeStatement" c_namespace = NAMESPACE c_children = AttributeStatementType_.c_children.copy() c_attributes = AttributeStatementType_.c_attributes.copy() @@ -1552,9 +1463,9 @@ def attribute_statement_from_string(xml_string): class Subject(SubjectType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Subject element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Subject element""" - c_tag = 'Subject' + c_tag = "Subject" c_namespace = NAMESPACE c_children = SubjectType_.c_children.copy() c_attributes = SubjectType_.c_attributes.copy() @@ -1566,43 +1477,43 @@ def subject_from_string(xml_string): return saml2.create_class_from_xml_string(Subject, xml_string) -#.................. +# .................. # ['AuthzDecisionStatement', 'EvidenceType', 'AdviceType', 'Evidence', # 'Assertion', 'AssertionType', 'AuthzDecisionStatementType', 'Advice'] class EvidenceType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:EvidenceType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:EvidenceType element""" - c_tag = 'EvidenceType' + c_tag = "EvidenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AssertionIDRef'] = ( - 'assertion_id_ref', [AssertionIDRef]) - c_cardinality['assertion_id_ref'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AssertionURIRef'] = ( - 'assertion_uri_ref', [AssertionURIRef]) - c_cardinality['assertion_uri_ref'] = {"min": 0} - c_cardinality['assertion'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAssertion'] = ( - 'encrypted_assertion', [EncryptedAssertion]) - c_cardinality['encrypted_assertion'] = {"min": 0} - c_child_order.extend(['assertion_id_ref', 'assertion_uri_ref', 'assertion', - 'encrypted_assertion']) - - def __init__(self, - assertion_id_ref=None, - assertion_uri_ref=None, - assertion=None, - encrypted_assertion=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AssertionIDRef"] = ("assertion_id_ref", [AssertionIDRef]) + c_cardinality["assertion_id_ref"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AssertionURIRef"] = ("assertion_uri_ref", [AssertionURIRef]) + c_cardinality["assertion_uri_ref"] = {"min": 0} + c_cardinality["assertion"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAssertion"] = ( + "encrypted_assertion", + [EncryptedAssertion], + ) + c_cardinality["encrypted_assertion"] = {"min": 0} + c_child_order.extend(["assertion_id_ref", "assertion_uri_ref", "assertion", "encrypted_assertion"]) + + def __init__( + self, + assertion_id_ref=None, + assertion_uri_ref=None, + assertion=None, + encrypted_assertion=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.assertion_id_ref = assertion_id_ref or [] self.assertion_uri_ref = assertion_uri_ref or [] self.assertion = assertion or [] @@ -1614,9 +1525,9 @@ def evidence_type__from_string(xml_string): class Evidence(EvidenceType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Evidence element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Evidence element""" - c_tag = 'Evidence' + c_tag = "Evidence" c_namespace = NAMESPACE c_children = EvidenceType_.c_children.copy() c_attributes = EvidenceType_.c_attributes.copy() @@ -1630,35 +1541,35 @@ def evidence_from_string(xml_string): class AuthzDecisionStatementType_(StatementAbstractType_): """The urn:oasis:names:tc:SAML:2.0:assertion:AuthzDecisionStatementType - element """ + element""" - c_tag = 'AuthzDecisionStatementType' + c_tag = "AuthzDecisionStatementType" c_namespace = NAMESPACE c_children = StatementAbstractType_.c_children.copy() c_attributes = StatementAbstractType_.c_attributes.copy() c_child_order = StatementAbstractType_.c_child_order[:] c_cardinality = StatementAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Action'] = ( - 'action', [Action]) - c_cardinality['action'] = {"min": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Evidence'] = ( - 'evidence', Evidence) - c_cardinality['evidence'] = {"min": 0, "max": 1} - c_attributes['Resource'] = ('resource', 'anyURI', True) - c_attributes['Decision'] = ('decision', DecisionType_, True) - c_child_order.extend(['action', 'evidence']) - - def __init__(self, - action=None, - evidence=None, - resource=None, - decision=None, - text=None, - extension_elements=None, - extension_attributes=None): + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Action"] = ("action", [Action]) + c_cardinality["action"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Evidence"] = ("evidence", Evidence) + c_cardinality["evidence"] = {"min": 0, "max": 1} + c_attributes["Resource"] = ("resource", "anyURI", True) + c_attributes["Decision"] = ("decision", DecisionType_, True) + c_child_order.extend(["action", "evidence"]) + + def __init__( + self, + action=None, + evidence=None, + resource=None, + decision=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): StatementAbstractType_.__init__( - self, text=text, extension_elements=extension_elements, - extension_attributes=extension_attributes) + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.action = action or [] self.evidence = evidence self.resource = resource @@ -1666,15 +1577,14 @@ def __init__(self, def authz_decision_statement_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthzDecisionStatementType_, - xml_string) + return saml2.create_class_from_xml_string(AuthzDecisionStatementType_, xml_string) class AuthzDecisionStatement(AuthzDecisionStatementType_): """The urn:oasis:names:tc:SAML:2.0:assertion:AuthzDecisionStatement - element """ + element""" - c_tag = 'AuthzDecisionStatement' + c_tag = "AuthzDecisionStatement" c_namespace = NAMESPACE c_children = AuthzDecisionStatementType_.c_children.copy() c_attributes = AuthzDecisionStatementType_.c_attributes.copy() @@ -1683,73 +1593,80 @@ class AuthzDecisionStatement(AuthzDecisionStatementType_): def authz_decision_statement_from_string(xml_string): - return saml2.create_class_from_xml_string(AuthzDecisionStatement, - xml_string) + return saml2.create_class_from_xml_string(AuthzDecisionStatement, xml_string) -#.................. +# .................. # ['Assertion', 'AssertionType', 'AdviceType', 'Advice'] class AssertionType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AssertionType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AssertionType element""" - c_tag = 'AssertionType' + c_tag = "AssertionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Issuer'] = ('issuer', - Issuer) - c_children['{http://www.w3.org/2000/09/xmldsig#}Signature'] = ('signature', - ds.Signature) - c_cardinality['signature'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Subject'] = ('subject', - Subject) - c_cardinality['subject'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Conditions'] = ( - 'conditions', Conditions) - c_cardinality['conditions'] = {"min": 0, "max": 1} - c_cardinality['advice'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Statement'] = ( - 'statement', [Statement]) - c_cardinality['statement'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AuthnStatement'] = ( - 'authn_statement', [AuthnStatement]) - c_cardinality['authn_statement'] = {"min": 0} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:assertion}AuthzDecisionStatement'] = ( - 'authz_decision_statement', [AuthzDecisionStatement]) - c_cardinality['authz_decision_statement'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AttributeStatement'] = ( - 'attribute_statement', [AttributeStatement]) - c_cardinality['attribute_statement'] = {"min": 0} - c_attributes['Version'] = ('version', 'string', True) - c_attributes['ID'] = ('id', 'ID', True) - c_attributes['IssueInstant'] = ('issue_instant', 'dateTime', True) - c_child_order.extend(['issuer', 'signature', 'subject', 'conditions', - 'advice', 'statement', 'authn_statement', - 'authz_decision_statement', 'attribute_statement']) - - def __init__(self, - issuer=None, - signature=None, - subject=None, - conditions=None, - advice=None, - statement=None, - authn_statement=None, - authz_decision_statement=None, - attribute_statement=None, - version=None, - id=None, - issue_instant=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Issuer"] = ("issuer", Issuer) + c_children["{http://www.w3.org/2000/09/xmldsig#}Signature"] = ("signature", ds.Signature) + c_cardinality["signature"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Subject"] = ("subject", Subject) + c_cardinality["subject"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Conditions"] = ("conditions", Conditions) + c_cardinality["conditions"] = {"min": 0, "max": 1} + c_cardinality["advice"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Statement"] = ("statement", [Statement]) + c_cardinality["statement"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthnStatement"] = ("authn_statement", [AuthnStatement]) + c_cardinality["authn_statement"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthzDecisionStatement"] = ( + "authz_decision_statement", + [AuthzDecisionStatement], + ) + c_cardinality["authz_decision_statement"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AttributeStatement"] = ( + "attribute_statement", + [AttributeStatement], + ) + c_cardinality["attribute_statement"] = {"min": 0} + c_attributes["Version"] = ("version", "string", True) + c_attributes["ID"] = ("id", "ID", True) + c_attributes["IssueInstant"] = ("issue_instant", "dateTime", True) + c_child_order.extend( + [ + "issuer", + "signature", + "subject", + "conditions", + "advice", + "statement", + "authn_statement", + "authz_decision_statement", + "attribute_statement", + ] + ) + + def __init__( + self, + issuer=None, + signature=None, + subject=None, + conditions=None, + advice=None, + statement=None, + authn_statement=None, + authz_decision_statement=None, + attribute_statement=None, + version=None, + id=None, + issue_instant=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.issuer = issuer self.signature = signature self.subject = subject @@ -1765,16 +1682,13 @@ def __init__(self, def verify(self): # If no statement MUST contain a subject element - if self.attribute_statement or self.statement or \ - self.authn_statement or self.authz_decision_statement: + if self.attribute_statement or self.statement or self.authn_statement or self.authz_decision_statement: pass elif not self.subject: - raise MustValueError( - "If no statement MUST contain a subject element") + raise MustValueError("If no statement MUST contain a subject element") if self.authn_statement and not self.subject: - raise MustValueError( - "An assertion with an AuthnStatement must contain a Subject") + raise MustValueError("An assertion with an AuthnStatement must contain a Subject") return SamlBase.verify(self) @@ -1784,9 +1698,9 @@ def assertion_type__from_string(xml_string): class Assertion(AssertionType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Assertion element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Assertion element""" - c_tag = 'Assertion' + c_tag = "Assertion" c_namespace = NAMESPACE c_children = AssertionType_.c_children.copy() c_attributes = AssertionType_.c_attributes.copy() @@ -1799,42 +1713,41 @@ def assertion_from_string(xml_string): class AdviceType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:assertion:AdviceType element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:AdviceType element""" - c_tag = 'AdviceType' + c_tag = "AdviceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AssertionIDRef'] = ( - 'assertion_id_ref', [AssertionIDRef]) - c_cardinality['assertion_id_ref'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AssertionURIRef'] = ( - 'assertion_uri_ref', [AssertionURIRef]) - c_cardinality['assertion_uri_ref'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Assertion'] = ( - 'assertion', [Assertion]) - c_cardinality['assertion'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAssertion'] = ( - 'encrypted_assertion', [EncryptedAssertion]) - c_cardinality['encrypted_assertion'] = {"min": 0} - c_child_order.extend(['assertion_id_ref', 'assertion_uri_ref', 'assertion', - 'encrypted_assertion']) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AssertionIDRef"] = ("assertion_id_ref", [AssertionIDRef]) + c_cardinality["assertion_id_ref"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AssertionURIRef"] = ("assertion_uri_ref", [AssertionURIRef]) + c_cardinality["assertion_uri_ref"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Assertion"] = ("assertion", [Assertion]) + c_cardinality["assertion"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAssertion"] = ( + "encrypted_assertion", + [EncryptedAssertion], + ) + c_cardinality["encrypted_assertion"] = {"min": 0} + c_child_order.extend(["assertion_id_ref", "assertion_uri_ref", "assertion", "encrypted_assertion"]) c_any = {"namespace": "##other", "processContents": "lax"} - def __init__(self, - assertion_id_ref=None, - assertion_uri_ref=None, - assertion=None, - encrypted_assertion=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + def __init__( + self, + assertion_id_ref=None, + assertion_uri_ref=None, + assertion=None, + encrypted_assertion=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.assertion_id_ref = assertion_id_ref or [] self.assertion_uri_ref = assertion_uri_ref or [] self.assertion = assertion or [] @@ -1846,9 +1759,9 @@ def advice_type__from_string(xml_string): class Advice(AdviceType_): - """The urn:oasis:names:tc:SAML:2.0:assertion:Advice element """ + """The urn:oasis:names:tc:SAML:2.0:assertion:Advice element""" - c_tag = 'Advice' + c_tag = "Advice" c_namespace = NAMESPACE c_children = AdviceType_.c_children.copy() c_attributes = AdviceType_.c_attributes.copy() @@ -1861,19 +1774,15 @@ def advice_from_string(xml_string): # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -EvidenceType_.c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Assertion'] = ( - 'assertion', [Assertion]) -Evidence.c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Assertion'] = ( - 'assertion', [Assertion]) -AssertionType_.c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Advice'] = ( - 'advice', Advice) -Assertion.c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Advice'] = ( - 'advice', Advice) +EvidenceType_.c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Assertion"] = ("assertion", [Assertion]) +Evidence.c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Assertion"] = ("assertion", [Assertion]) +AssertionType_.c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Advice"] = ("advice", Advice) +Assertion.c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Advice"] = ("advice", Advice) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ AG_IDNameQualifiers = [ - ('NameQualifier', 'string', False), - ('SPNameQualifier', 'string', False), + ("NameQualifier", "string", False), + ("SPNameQualifier", "string", False), ] ELEMENT_FROM_STRING = { @@ -1892,10 +1801,8 @@ def advice_from_string(xml_string): SubjectConfirmation.c_tag: subject_confirmation_from_string, SubjectConfirmationType_.c_tag: subject_confirmation_type__from_string, SubjectConfirmationData.c_tag: subject_confirmation_data_from_string, - SubjectConfirmationDataType_.c_tag: - subject_confirmation_data_type__from_string, - KeyInfoConfirmationDataType_.c_tag: - key_info_confirmation_data_type__from_string, + SubjectConfirmationDataType_.c_tag: subject_confirmation_data_type__from_string, + KeyInfoConfirmationDataType_.c_tag: key_info_confirmation_data_type__from_string, Conditions.c_tag: conditions_from_string, ConditionsType_.c_tag: conditions_type__from_string, Condition.c_tag: condition_from_string, @@ -1921,8 +1828,7 @@ def advice_from_string(xml_string): AuthnContextDecl.c_tag: authn_context_decl_from_string, AuthenticatingAuthority.c_tag: authenticating_authority_from_string, AuthzDecisionStatement.c_tag: authz_decision_statement_from_string, - AuthzDecisionStatementType_.c_tag: - authz_decision_statement_type__from_string, + AuthzDecisionStatementType_.c_tag: authz_decision_statement_type__from_string, DecisionType_.c_tag: decision_type__from_string, Action.c_tag: action_from_string, ActionType_.c_tag: action_type__from_string, @@ -1937,63 +1843,63 @@ def advice_from_string(xml_string): } ELEMENT_BY_TAG = { - 'BaseID': BaseID, - 'NameID': NameID, - 'NameIDType': NameIDType_, - 'EncryptedElementType': EncryptedElementType_, - 'EncryptedID': EncryptedID, - 'Issuer': Issuer, - 'AssertionIDRef': AssertionIDRef, - 'AssertionURIRef': AssertionURIRef, - 'Assertion': Assertion, - 'AssertionType': AssertionType_, - 'Subject': Subject, - 'SubjectType': SubjectType_, - 'SubjectConfirmation': SubjectConfirmation, - 'SubjectConfirmationType': SubjectConfirmationType_, - 'SubjectConfirmationData': SubjectConfirmationData, - 'SubjectConfirmationDataType': SubjectConfirmationDataType_, - 'KeyInfoConfirmationDataType': KeyInfoConfirmationDataType_, - 'Conditions': Conditions, - 'ConditionsType': ConditionsType_, - 'Condition': Condition, - 'AudienceRestriction': AudienceRestriction, - 'AudienceRestrictionType': AudienceRestrictionType_, - 'Audience': Audience, - 'OneTimeUse': OneTimeUse, - 'OneTimeUseType': OneTimeUseType_, - 'ProxyRestriction': ProxyRestriction, - 'ProxyRestrictionType': ProxyRestrictionType_, - 'Advice': Advice, - 'AdviceType': AdviceType_, - 'EncryptedAssertion': EncryptedAssertion, - 'Statement': Statement, - 'AuthnStatement': AuthnStatement, - 'AuthnStatementType': AuthnStatementType_, - 'SubjectLocality': SubjectLocality, - 'SubjectLocalityType': SubjectLocalityType_, - 'AuthnContext': AuthnContext, - 'AuthnContextType': AuthnContextType_, - 'AuthnContextClassRef': AuthnContextClassRef, - 'AuthnContextDeclRef': AuthnContextDeclRef, - 'AuthnContextDecl': AuthnContextDecl, - 'AuthenticatingAuthority': AuthenticatingAuthority, - 'AuthzDecisionStatement': AuthzDecisionStatement, - 'AuthzDecisionStatementType': AuthzDecisionStatementType_, - 'DecisionType': DecisionType_, - 'Action': Action, - 'ActionType': ActionType_, - 'Evidence': Evidence, - 'EvidenceType': EvidenceType_, - 'AttributeStatement': AttributeStatement, - 'AttributeStatementType': AttributeStatementType_, - 'Attribute': Attribute, - 'AttributeType': AttributeType_, - 'AttributeValue': AttributeValue, - 'EncryptedAttribute': EncryptedAttribute, - 'BaseIDAbstractType': BaseIDAbstractType_, - 'ConditionAbstractType': ConditionAbstractType_, - 'StatementAbstractType': StatementAbstractType_, + "BaseID": BaseID, + "NameID": NameID, + "NameIDType": NameIDType_, + "EncryptedElementType": EncryptedElementType_, + "EncryptedID": EncryptedID, + "Issuer": Issuer, + "AssertionIDRef": AssertionIDRef, + "AssertionURIRef": AssertionURIRef, + "Assertion": Assertion, + "AssertionType": AssertionType_, + "Subject": Subject, + "SubjectType": SubjectType_, + "SubjectConfirmation": SubjectConfirmation, + "SubjectConfirmationType": SubjectConfirmationType_, + "SubjectConfirmationData": SubjectConfirmationData, + "SubjectConfirmationDataType": SubjectConfirmationDataType_, + "KeyInfoConfirmationDataType": KeyInfoConfirmationDataType_, + "Conditions": Conditions, + "ConditionsType": ConditionsType_, + "Condition": Condition, + "AudienceRestriction": AudienceRestriction, + "AudienceRestrictionType": AudienceRestrictionType_, + "Audience": Audience, + "OneTimeUse": OneTimeUse, + "OneTimeUseType": OneTimeUseType_, + "ProxyRestriction": ProxyRestriction, + "ProxyRestrictionType": ProxyRestrictionType_, + "Advice": Advice, + "AdviceType": AdviceType_, + "EncryptedAssertion": EncryptedAssertion, + "Statement": Statement, + "AuthnStatement": AuthnStatement, + "AuthnStatementType": AuthnStatementType_, + "SubjectLocality": SubjectLocality, + "SubjectLocalityType": SubjectLocalityType_, + "AuthnContext": AuthnContext, + "AuthnContextType": AuthnContextType_, + "AuthnContextClassRef": AuthnContextClassRef, + "AuthnContextDeclRef": AuthnContextDeclRef, + "AuthnContextDecl": AuthnContextDecl, + "AuthenticatingAuthority": AuthenticatingAuthority, + "AuthzDecisionStatement": AuthzDecisionStatement, + "AuthzDecisionStatementType": AuthzDecisionStatementType_, + "DecisionType": DecisionType_, + "Action": Action, + "ActionType": ActionType_, + "Evidence": Evidence, + "EvidenceType": EvidenceType_, + "AttributeStatement": AttributeStatement, + "AttributeStatementType": AttributeStatementType_, + "Attribute": Attribute, + "AttributeType": AttributeType_, + "AttributeValue": AttributeValue, + "EncryptedAttribute": EncryptedAttribute, + "BaseIDAbstractType": BaseIDAbstractType_, + "ConditionAbstractType": ConditionAbstractType_, + "StatementAbstractType": StatementAbstractType_, } diff --git a/src/saml2/samlp.py b/src/saml2/samlp.py index 36f23f49e..056111daf 100644 --- a/src/saml2/samlp.py +++ b/src/saml2/samlp.py @@ -5,54 +5,43 @@ # import saml2 -from saml2 import saml from saml2 import SamlBase +from saml2 import saml from saml2 import xmldsig as ds -NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:protocol' - -STATUS_SUCCESS = 'urn:oasis:names:tc:SAML:2.0:status:Success' -STATUS_REQUESTER = 'urn:oasis:names:tc:SAML:2.0:status:Requester' -STATUS_RESPONDER = 'urn:oasis:names:tc:SAML:2.0:status:Responder' -STATUS_VERSION_MISMATCH = 'urn:oasis:names:tc:SAML:2.0:status:VersionMismatch' - -STATUS_AUTHN_FAILED = 'urn:oasis:names:tc:SAML:2.0:status:AuthnFailed' -STATUS_INVALID_ATTR_NAME_OR_VALUE = ( - 'urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue') -STATUS_INVALID_NAMEID_POLICY = ( - 'urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy') -STATUS_NO_AUTHN_CONTEXT = 'urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext' -STATUS_NO_AVAILABLE_IDP = 'urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP' -STATUS_NO_PASSIVE = 'urn:oasis:names:tc:SAML:2.0:status:NoPassive' -STATUS_NO_SUPPORTED_IDP = 'urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP' -STATUS_PARTIAL_LOGOUT = 'urn:oasis:names:tc:SAML:2.0:status:PartialLogout' -STATUS_PROXY_COUNT_EXCEEDED = ( - 'urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded') -STATUS_REQUEST_DENIED = 'urn:oasis:names:tc:SAML:2.0:status:RequestDenied' -STATUS_REQUEST_UNSUPPORTED = ( - 'urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported') -STATUS_REQUEST_VERSION_DEPRECATED = ( - 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionDeprecated') -STATUS_REQUEST_VERSION_TOO_HIGH = ( - 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooHigh') -STATUS_REQUEST_VERSION_TOO_LOW = ( - 'urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooLow') -STATUS_RESOURCE_NOT_RECOGNIZED = ( - 'urn:oasis:names:tc:SAML:2.0:status:ResourceNotRecognized') -STATUS_TOO_MANY_RESPONSES = ( - 'urn:oasis:names:tc:SAML:2.0:status:TooManyResponses') -STATUS_UNKNOWN_ATTR_PROFILE = ( - 'urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile') -STATUS_UNKNOWN_PRINCIPAL = ( - 'urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal') -STATUS_UNSUPPORTED_BINDING = ( - 'urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding') + +NAMESPACE = "urn:oasis:names:tc:SAML:2.0:protocol" + +STATUS_SUCCESS = "urn:oasis:names:tc:SAML:2.0:status:Success" +STATUS_REQUESTER = "urn:oasis:names:tc:SAML:2.0:status:Requester" +STATUS_RESPONDER = "urn:oasis:names:tc:SAML:2.0:status:Responder" +STATUS_VERSION_MISMATCH = "urn:oasis:names:tc:SAML:2.0:status:VersionMismatch" + +STATUS_AUTHN_FAILED = "urn:oasis:names:tc:SAML:2.0:status:AuthnFailed" +STATUS_INVALID_ATTR_NAME_OR_VALUE = "urn:oasis:names:tc:SAML:2.0:status:InvalidAttrNameOrValue" +STATUS_INVALID_NAMEID_POLICY = "urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy" +STATUS_NO_AUTHN_CONTEXT = "urn:oasis:names:tc:SAML:2.0:status:NoAuthnContext" +STATUS_NO_AVAILABLE_IDP = "urn:oasis:names:tc:SAML:2.0:status:NoAvailableIDP" +STATUS_NO_PASSIVE = "urn:oasis:names:tc:SAML:2.0:status:NoPassive" +STATUS_NO_SUPPORTED_IDP = "urn:oasis:names:tc:SAML:2.0:status:NoSupportedIDP" +STATUS_PARTIAL_LOGOUT = "urn:oasis:names:tc:SAML:2.0:status:PartialLogout" +STATUS_PROXY_COUNT_EXCEEDED = "urn:oasis:names:tc:SAML:2.0:status:ProxyCountExceeded" +STATUS_REQUEST_DENIED = "urn:oasis:names:tc:SAML:2.0:status:RequestDenied" +STATUS_REQUEST_UNSUPPORTED = "urn:oasis:names:tc:SAML:2.0:status:RequestUnsupported" +STATUS_REQUEST_VERSION_DEPRECATED = "urn:oasis:names:tc:SAML:2.0:status:RequestVersionDeprecated" +STATUS_REQUEST_VERSION_TOO_HIGH = "urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooHigh" +STATUS_REQUEST_VERSION_TOO_LOW = "urn:oasis:names:tc:SAML:2.0:status:RequestVersionTooLow" +STATUS_RESOURCE_NOT_RECOGNIZED = "urn:oasis:names:tc:SAML:2.0:status:ResourceNotRecognized" +STATUS_TOO_MANY_RESPONSES = "urn:oasis:names:tc:SAML:2.0:status:TooManyResponses" +STATUS_UNKNOWN_ATTR_PROFILE = "urn:oasis:names:tc:SAML:2.0:status:UnknownAttrProfile" +STATUS_UNKNOWN_PRINCIPAL = "urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal" +STATUS_UNSUPPORTED_BINDING = "urn:oasis:names:tc:SAML:2.0:status:UnsupportedBinding" class ExtensionsType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:ExtensionsType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ExtensionsType element""" - c_tag = 'ExtensionsType' + c_tag = "ExtensionsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -65,11 +54,11 @@ def extensions_type__from_string(xml_string): class StatusMessage(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:StatusMessage element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:StatusMessage element""" - c_tag = 'StatusMessage' + c_tag = "StatusMessage" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -81,16 +70,15 @@ def status_message_from_string(xml_string): class StatusDetailType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:StatusDetailType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:StatusDetailType element""" - c_tag = 'StatusDetailType' + c_tag = "StatusDetailType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_any = {"namespace": "##any", "processContents": "lax", "minOccurs": "0", - "maxOccurs": "unbounded"} + c_any = {"namespace": "##any", "processContents": "lax", "minOccurs": "0", "maxOccurs": "unbounded"} def status_detail_type__from_string(xml_string): @@ -99,12 +87,11 @@ def status_detail_type__from_string(xml_string): class AuthnContextComparisonType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnContextComparisonType - element """ + element""" - c_tag = 'AuthnContextComparisonType' + c_tag = "AuthnContextComparisonType" c_namespace = NAMESPACE - c_value_type = {'base': 'string', 'enumeration': ['exact', 'minimum', - 'maximum', 'better']} + c_value_type = {"base": "string", "enumeration": ["exact", "minimum", "maximum", "better"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -112,36 +99,37 @@ class AuthnContextComparisonType_(SamlBase): def authn_context_comparison_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthnContextComparisonType_, - xml_string) + return saml2.create_class_from_xml_string(AuthnContextComparisonType_, xml_string) class NameIDPolicyType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDPolicyType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDPolicyType element""" - c_tag = 'NameIDPolicyType' + c_tag = "NameIDPolicyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Format'] = ('format', 'anyURI', False) - c_attributes['SPNameQualifier'] = ('sp_name_qualifier', 'string', False) - c_attributes['AllowCreate'] = ('allow_create', 'boolean', False) - - def __init__(self, - format=None, - sp_name_qualifier=None, - allow_create=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_attributes["Format"] = ("format", "anyURI", False) + c_attributes["SPNameQualifier"] = ("sp_name_qualifier", "string", False) + c_attributes["AllowCreate"] = ("allow_create", "boolean", False) + + def __init__( + self, + format=None, + sp_name_qualifier=None, + allow_create=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.format = format self.sp_name_qualifier = sp_name_qualifier self.allow_create = allow_create @@ -152,11 +140,11 @@ def name_id_policy_type__from_string(xml_string): class RequesterID(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:RequesterID element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:RequesterID element""" - c_tag = 'RequesterID' + c_tag = "RequesterID" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -168,29 +156,24 @@ def requester_id_from_string(xml_string): class IDPEntryType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:IDPEntryType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:IDPEntryType element""" - c_tag = 'IDPEntryType' + c_tag = "IDPEntryType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['ProviderID'] = ('provider_id', 'anyURI', True) - c_attributes['Name'] = ('name', 'string', False) - c_attributes['Loc'] = ('loc', 'anyURI', False) - - def __init__(self, - provider_id=None, - name=None, - loc=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_attributes["ProviderID"] = ("provider_id", "anyURI", True) + c_attributes["Name"] = ("name", "string", False) + c_attributes["Loc"] = ("loc", "anyURI", False) + + def __init__( + self, provider_id=None, name=None, loc=None, text=None, extension_elements=None, extension_attributes=None + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.provider_id = provider_id self.name = name self.loc = loc @@ -201,11 +184,11 @@ def idp_entry_type__from_string(xml_string): class GetComplete(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:GetComplete element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:GetComplete element""" - c_tag = 'GetComplete' + c_tag = "GetComplete" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -217,11 +200,11 @@ def get_complete_from_string(xml_string): class Artifact(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:Artifact element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:Artifact element""" - c_tag = 'Artifact' + c_tag = "Artifact" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -233,11 +216,11 @@ def artifact_from_string(xml_string): class NewID(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:NewID element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:NewID element""" - c_tag = 'NewID' + c_tag = "NewID" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -249,9 +232,9 @@ def new_id_from_string(xml_string): class NewEncryptedID(saml.EncryptedElementType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:NewEncryptedID element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:NewEncryptedID element""" - c_tag = 'NewEncryptedID' + c_tag = "NewEncryptedID" c_namespace = NAMESPACE c_children = saml.EncryptedElementType_.c_children.copy() c_attributes = saml.EncryptedElementType_.c_attributes.copy() @@ -264,9 +247,9 @@ def new_encrypted_id_from_string(xml_string): class TerminateType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:TerminateType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:TerminateType element""" - c_tag = 'TerminateType' + c_tag = "TerminateType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -279,11 +262,11 @@ def terminate_type__from_string(xml_string): class SessionIndex(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:SessionIndex element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:SessionIndex element""" - c_tag = 'SessionIndex' + c_tag = "SessionIndex" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -295,9 +278,9 @@ def session_index_from_string(xml_string): class Extensions(ExtensionsType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:Extensions element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:Extensions element""" - c_tag = 'Extensions' + c_tag = "Extensions" c_namespace = NAMESPACE c_children = ExtensionsType_.c_children.copy() c_attributes = ExtensionsType_.c_attributes.copy() @@ -310,9 +293,9 @@ def extensions_from_string(xml_string): class StatusDetail(StatusDetailType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:StatusDetail element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:StatusDetail element""" - c_tag = 'StatusDetail' + c_tag = "StatusDetail" c_namespace = NAMESPACE c_children = StatusDetailType_.c_children.copy() c_attributes = StatusDetailType_.c_attributes.copy() @@ -325,46 +308,44 @@ def status_detail_from_string(xml_string): class RequestAbstractType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:RequestAbstractType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:RequestAbstractType element""" - c_tag = 'RequestAbstractType' + c_tag = "RequestAbstractType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Issuer'] = ('issuer', - saml.Issuer) - c_cardinality['issuer'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}Signature'] = ('signature', - ds.Signature) - c_cardinality['signature'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}Extensions'] = ( - 'extensions', Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_attributes['ID'] = ('id', 'ID', True) - c_attributes['Version'] = ('version', 'string', True) - c_attributes['IssueInstant'] = ('issue_instant', 'dateTime', True) - c_attributes['Destination'] = ('destination', 'anyURI', False) - c_attributes['Consent'] = ('consent', 'anyURI', False) - c_child_order.extend(['issuer', 'signature', 'extensions']) - - def __init__(self, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Issuer"] = ("issuer", saml.Issuer) + c_cardinality["issuer"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}Signature"] = ("signature", ds.Signature) + c_cardinality["signature"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_attributes["ID"] = ("id", "ID", True) + c_attributes["Version"] = ("version", "string", True) + c_attributes["IssueInstant"] = ("issue_instant", "dateTime", True) + c_attributes["Destination"] = ("destination", "anyURI", False) + c_attributes["Consent"] = ("consent", "anyURI", False) + c_child_order.extend(["issuer", "signature", "extensions"]) + + def __init__( + self, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.issuer = issuer self.signature = signature self.extensions = extensions @@ -380,48 +361,50 @@ class AssertionIDRequestType_(RequestAbstractType_): The urn:oasis:names:tc:SAML:2.0:protocol:AssertionIDRequestType element """ - c_tag = 'AssertionIDRequestType' + c_tag = "AssertionIDRequestType" c_namespace = NAMESPACE c_children = RequestAbstractType_.c_children.copy() c_attributes = RequestAbstractType_.c_attributes.copy() c_child_order = RequestAbstractType_.c_child_order[:] c_cardinality = RequestAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AssertionIDRef'] = ( - 'assertion_id_ref', [saml.AssertionIDRef]) - c_cardinality['assertion_id_ref'] = {"min": 1} - c_child_order.extend(['assertion_id_ref']) - - def __init__(self, - assertion_id_ref=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - RequestAbstractType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AssertionIDRef"] = ("assertion_id_ref", [saml.AssertionIDRef]) + c_cardinality["assertion_id_ref"] = {"min": 1} + c_child_order.extend(["assertion_id_ref"]) + + def __init__( + self, + assertion_id_ref=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + RequestAbstractType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.assertion_id_ref = assertion_id_ref or [] def assertion_id_request_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AssertionIDRequestType_, - xml_string) + return saml2.create_class_from_xml_string(AssertionIDRequestType_, xml_string) class SubjectQueryAbstractType_(RequestAbstractType_): @@ -429,130 +412,135 @@ class SubjectQueryAbstractType_(RequestAbstractType_): The urn:oasis:names:tc:SAML:2.0:protocol:SubjectQueryAbstractType element """ - c_tag = 'SubjectQueryAbstractType' + c_tag = "SubjectQueryAbstractType" c_namespace = NAMESPACE c_children = RequestAbstractType_.c_children.copy() c_attributes = RequestAbstractType_.c_attributes.copy() c_child_order = RequestAbstractType_.c_child_order[:] c_cardinality = RequestAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Subject'] = ( - 'subject', saml.Subject) - c_child_order.extend(['subject']) - - def __init__(self, - subject=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - RequestAbstractType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Subject"] = ("subject", saml.Subject) + c_child_order.extend(["subject"]) + + def __init__( + self, + subject=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + RequestAbstractType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.subject = subject class RequestedAuthnContextType_(SamlBase): """The urn:oasis:names:tc:SAML:2.0:protocol:RequestedAuthnContextType - element """ + element""" - c_tag = 'RequestedAuthnContextType' + c_tag = "RequestedAuthnContextType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextClassRef'] = ( - 'authn_context_class_ref', - [saml.AuthnContextClassRef]) - c_cardinality['authn_context_class_ref'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextDeclRef'] = ( - 'authn_context_decl_ref', - [saml.AuthnContextDeclRef]) - c_cardinality['authn_context_decl_ref'] = {"min": 0} - c_attributes['Comparison'] = ('comparison', AuthnContextComparisonType_, - False) - c_child_order.extend(['authn_context_class_ref', 'authn_context_decl_ref']) - - def __init__(self, - authn_context_class_ref=None, - authn_context_decl_ref=None, - comparison=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextClassRef"] = ( + "authn_context_class_ref", + [saml.AuthnContextClassRef], + ) + c_cardinality["authn_context_class_ref"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}AuthnContextDeclRef"] = ( + "authn_context_decl_ref", + [saml.AuthnContextDeclRef], + ) + c_cardinality["authn_context_decl_ref"] = {"min": 0} + c_attributes["Comparison"] = ("comparison", AuthnContextComparisonType_, False) + c_child_order.extend(["authn_context_class_ref", "authn_context_decl_ref"]) + + def __init__( + self, + authn_context_class_ref=None, + authn_context_decl_ref=None, + comparison=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.authn_context_class_ref = authn_context_class_ref or [] self.authn_context_decl_ref = authn_context_decl_ref or [] self.comparison = comparison def requested_authn_context_type__from_string(xml_string): - return saml2.create_class_from_xml_string(RequestedAuthnContextType_, - xml_string) + return saml2.create_class_from_xml_string(RequestedAuthnContextType_, xml_string) class AttributeQueryType_(SubjectQueryAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AttributeQueryType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AttributeQueryType element""" - c_tag = 'AttributeQueryType' + c_tag = "AttributeQueryType" c_namespace = NAMESPACE c_children = SubjectQueryAbstractType_.c_children.copy() c_attributes = SubjectQueryAbstractType_.c_attributes.copy() c_child_order = SubjectQueryAbstractType_.c_child_order[:] c_cardinality = SubjectQueryAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Attribute'] = ( - 'attribute', - [saml.Attribute]) - c_cardinality['attribute'] = {"min": 0} - c_child_order.extend(['attribute']) - - def __init__(self, - attribute=None, - subject=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - SubjectQueryAbstractType_.__init__(self, - subject=subject, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Attribute"] = ("attribute", [saml.Attribute]) + c_cardinality["attribute"] = {"min": 0} + c_child_order.extend(["attribute"]) + + def __init__( + self, + attribute=None, + subject=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SubjectQueryAbstractType_.__init__( + self, + subject=subject, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.attribute = attribute or [] @@ -562,66 +550,67 @@ def attribute_query_type__from_string(xml_string): class AuthzDecisionQueryType_(SubjectQueryAbstractType_): """The urn:oasis:names:tc:SAML:2.0:protocol:AuthzDecisionQueryType - element """ + element""" - c_tag = 'AuthzDecisionQueryType' + c_tag = "AuthzDecisionQueryType" c_namespace = NAMESPACE c_children = SubjectQueryAbstractType_.c_children.copy() c_attributes = SubjectQueryAbstractType_.c_attributes.copy() c_child_order = SubjectQueryAbstractType_.c_child_order[:] c_cardinality = SubjectQueryAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Action'] = ( - 'action', [saml.Action]) - c_cardinality['action'] = {"min": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Evidence'] = ( - 'evidence', saml.Evidence) - c_cardinality['evidence'] = {"min": 0, "max": 1} - c_attributes['Resource'] = ('resource', 'anyURI', True) - c_child_order.extend(['action', 'evidence']) - - def __init__(self, - action=None, - evidence=None, - resource=None, - subject=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - SubjectQueryAbstractType_.__init__(self, - subject=subject, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Action"] = ("action", [saml.Action]) + c_cardinality["action"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Evidence"] = ("evidence", saml.Evidence) + c_cardinality["evidence"] = {"min": 0, "max": 1} + c_attributes["Resource"] = ("resource", "anyURI", True) + c_child_order.extend(["action", "evidence"]) + + def __init__( + self, + action=None, + evidence=None, + resource=None, + subject=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SubjectQueryAbstractType_.__init__( + self, + subject=subject, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.action = action or [] self.evidence = evidence self.resource = resource def authz_decision_query_type__from_string(xml_string): - return saml2.create_class_from_xml_string(AuthzDecisionQueryType_, - xml_string) + return saml2.create_class_from_xml_string(AuthzDecisionQueryType_, xml_string) class NameIDPolicy(NameIDPolicyType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDPolicy element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDPolicy element""" - c_tag = 'NameIDPolicy' + c_tag = "NameIDPolicy" c_namespace = NAMESPACE c_children = NameIDPolicyType_.c_children.copy() c_attributes = NameIDPolicyType_.c_attributes.copy() @@ -634,9 +623,9 @@ def name_id_policy_from_string(xml_string): class IDPEntry(IDPEntryType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:IDPEntry element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:IDPEntry element""" - c_tag = 'IDPEntry' + c_tag = "IDPEntry" c_namespace = NAMESPACE c_children = IDPEntryType_.c_children.copy() c_attributes = IDPEntryType_.c_attributes.copy() @@ -649,43 +638,46 @@ def idp_entry_from_string(xml_string): class ArtifactResolveType_(RequestAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResolveType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResolveType element""" - c_tag = 'ArtifactResolveType' + c_tag = "ArtifactResolveType" c_namespace = NAMESPACE c_children = RequestAbstractType_.c_children.copy() c_attributes = RequestAbstractType_.c_attributes.copy() c_child_order = RequestAbstractType_.c_child_order[:] c_cardinality = RequestAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}Artifact'] = ('artifact', - Artifact) - c_child_order.extend(['artifact']) - - def __init__(self, - artifact=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - RequestAbstractType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}Artifact"] = ("artifact", Artifact) + c_child_order.extend(["artifact"]) + + def __init__( + self, + artifact=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + RequestAbstractType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.artifact = artifact @@ -694,9 +686,9 @@ def artifact_resolve_type__from_string(xml_string): class Terminate(TerminateType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:Terminate element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:Terminate element""" - c_tag = 'Terminate' + c_tag = "Terminate" c_namespace = NAMESPACE c_children = TerminateType_.c_children.copy() c_attributes = TerminateType_.c_attributes.copy() @@ -709,61 +701,60 @@ def terminate_from_string(xml_string): class LogoutRequestType_(RequestAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequestType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequestType element""" - c_tag = 'LogoutRequestType' + c_tag = "LogoutRequestType" c_namespace = NAMESPACE c_children = RequestAbstractType_.c_children.copy() c_attributes = RequestAbstractType_.c_attributes.copy() c_child_order = RequestAbstractType_.c_child_order[:] c_cardinality = RequestAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}BaseID'] = ( - 'base_id', saml.BaseID) - c_cardinality['base_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}NameID'] = ( - 'name_id', saml.NameID) - c_cardinality['name_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID'] = ( - 'encrypted_id', saml.EncryptedID) - c_cardinality['encrypted_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}SessionIndex'] = ( - 'session_index', [SessionIndex]) - c_cardinality['session_index'] = {"min": 0} - c_attributes['Reason'] = ('reason', 'string', False) - c_attributes['NotOnOrAfter'] = ('not_on_or_after', 'dateTime', False) - c_child_order.extend( - ['base_id', 'name_id', 'encrypted_id', 'session_index']) - - def __init__(self, - base_id=None, - name_id=None, - encrypted_id=None, - session_index=None, - reason=None, - not_on_or_after=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - RequestAbstractType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}BaseID"] = ("base_id", saml.BaseID) + c_cardinality["base_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}NameID"] = ("name_id", saml.NameID) + c_cardinality["name_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID"] = ("encrypted_id", saml.EncryptedID) + c_cardinality["encrypted_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}SessionIndex"] = ("session_index", [SessionIndex]) + c_cardinality["session_index"] = {"min": 0} + c_attributes["Reason"] = ("reason", "string", False) + c_attributes["NotOnOrAfter"] = ("not_on_or_after", "dateTime", False) + c_child_order.extend(["base_id", "name_id", "encrypted_id", "session_index"]) + + def __init__( + self, + base_id=None, + name_id=None, + encrypted_id=None, + session_index=None, + reason=None, + not_on_or_after=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + RequestAbstractType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.base_id = base_id self.name_id = name_id self.encrypted_id = encrypted_id @@ -778,56 +769,55 @@ def logout_request_type__from_string(xml_string): class NameIDMappingRequestType_(RequestAbstractType_): """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingRequestType - element """ + element""" - c_tag = 'NameIDMappingRequestType' + c_tag = "NameIDMappingRequestType" c_namespace = NAMESPACE c_children = RequestAbstractType_.c_children.copy() c_attributes = RequestAbstractType_.c_attributes.copy() c_child_order = RequestAbstractType_.c_child_order[:] c_cardinality = RequestAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}BaseID'] = ( - 'base_id', saml.BaseID) - c_cardinality['base_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}NameID'] = ( - 'name_id', saml.NameID) - c_cardinality['name_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID'] = ( - 'encrypted_id', saml.EncryptedID) - c_cardinality['encrypted_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}NameIDPolicy'] = ( - 'name_id_policy', NameIDPolicy) - c_child_order.extend( - ['base_id', 'name_id', 'encrypted_id', 'name_id_policy']) - - def __init__(self, - base_id=None, - name_id=None, - encrypted_id=None, - name_id_policy=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - RequestAbstractType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}BaseID"] = ("base_id", saml.BaseID) + c_cardinality["base_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}NameID"] = ("name_id", saml.NameID) + c_cardinality["name_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID"] = ("encrypted_id", saml.EncryptedID) + c_cardinality["encrypted_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}NameIDPolicy"] = ("name_id_policy", NameIDPolicy) + c_child_order.extend(["base_id", "name_id", "encrypted_id", "name_id_policy"]) + + def __init__( + self, + base_id=None, + name_id=None, + encrypted_id=None, + name_id_policy=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + RequestAbstractType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.base_id = base_id self.name_id = name_id self.encrypted_id = encrypted_id @@ -835,14 +825,13 @@ def __init__(self, def name_id_mapping_request_type__from_string(xml_string): - return saml2.create_class_from_xml_string(NameIDMappingRequestType_, - xml_string) + return saml2.create_class_from_xml_string(NameIDMappingRequestType_, xml_string) class AssertionIDRequest(AssertionIDRequestType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AssertionIDRequest element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AssertionIDRequest element""" - c_tag = 'AssertionIDRequest' + c_tag = "AssertionIDRequest" c_namespace = NAMESPACE c_children = AssertionIDRequestType_.c_children.copy() c_attributes = AssertionIDRequestType_.c_attributes.copy() @@ -855,9 +844,9 @@ def assertion_id_request_from_string(xml_string): class SubjectQuery(SubjectQueryAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:SubjectQuery element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:SubjectQuery element""" - c_tag = 'SubjectQuery' + c_tag = "SubjectQuery" c_namespace = NAMESPACE c_children = SubjectQueryAbstractType_.c_children.copy() c_attributes = SubjectQueryAbstractType_.c_attributes.copy() @@ -874,7 +863,7 @@ class RequestedAuthnContext(RequestedAuthnContextType_): The urn:oasis:names:tc:SAML:2.0:protocol:RequestedAuthnContext element """ - c_tag = 'RequestedAuthnContext' + c_tag = "RequestedAuthnContext" c_namespace = NAMESPACE c_children = RequestedAuthnContextType_.c_children.copy() c_attributes = RequestedAuthnContextType_.c_attributes.copy() @@ -887,9 +876,9 @@ def requested_authn_context_from_string(xml_string): class AttributeQuery(AttributeQueryType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AttributeQuery element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AttributeQuery element""" - c_tag = 'AttributeQuery' + c_tag = "AttributeQuery" c_namespace = NAMESPACE c_children = AttributeQueryType_.c_children.copy() c_attributes = AttributeQueryType_.c_attributes.copy() @@ -902,9 +891,9 @@ def attribute_query_from_string(xml_string): class AuthzDecisionQuery(AuthzDecisionQueryType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AuthzDecisionQuery element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AuthzDecisionQuery element""" - c_tag = 'AuthzDecisionQuery' + c_tag = "AuthzDecisionQuery" c_namespace = NAMESPACE c_children = AuthzDecisionQueryType_.c_children.copy() c_attributes = AuthzDecisionQueryType_.c_attributes.copy() @@ -917,32 +906,26 @@ def authz_decision_query_from_string(xml_string): class IDPListType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:IDPListType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:IDPListType element""" - c_tag = 'IDPListType' + c_tag = "IDPListType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}IDPEntry'] = ( - 'idp_entry', [IDPEntry]) - c_cardinality['idp_entry'] = {"min": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}GetComplete'] = ( - 'get_complete', GetComplete) - c_cardinality['get_complete'] = {"min": 0, "max": 1} - c_child_order.extend(['idp_entry', 'get_complete']) - - def __init__(self, - idp_entry=None, - get_complete=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}IDPEntry"] = ("idp_entry", [IDPEntry]) + c_cardinality["idp_entry"] = {"min": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}GetComplete"] = ("get_complete", GetComplete) + c_cardinality["get_complete"] = {"min": 0, "max": 1} + c_child_order.extend(["idp_entry", "get_complete"]) + + def __init__( + self, idp_entry=None, get_complete=None, text=None, extension_elements=None, extension_attributes=None + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.idp_entry = idp_entry or [] self.get_complete = get_complete @@ -952,9 +935,9 @@ def idp_list_type__from_string(xml_string): class ArtifactResolve(ArtifactResolveType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResolve element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResolve element""" - c_tag = 'ArtifactResolve' + c_tag = "ArtifactResolve" c_namespace = NAMESPACE c_children = ArtifactResolveType_.c_children.copy() c_attributes = ArtifactResolveType_.c_attributes.copy() @@ -971,62 +954,57 @@ class ManageNameIDRequestType_(RequestAbstractType_): The urn:oasis:names:tc:SAML:2.0:protocol:ManageNameIDRequestType element """ - c_tag = 'ManageNameIDRequestType' + c_tag = "ManageNameIDRequestType" c_namespace = NAMESPACE c_children = RequestAbstractType_.c_children.copy() c_attributes = RequestAbstractType_.c_attributes.copy() c_child_order = RequestAbstractType_.c_child_order[:] c_cardinality = RequestAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}NameID'] = ('name_id', - saml.NameID) - c_cardinality['name_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID'] = ( - 'encrypted_id', - saml.EncryptedID) - c_cardinality['encrypted_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}NewID'] = ('new_id', - NewID) - c_cardinality['new_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}NewEncryptedID'] = ( - 'new_encrypted_id', - NewEncryptedID) - c_cardinality['new_encrypted_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}Terminate'] = ( - 'terminate', - Terminate) - c_cardinality['terminate'] = {"min": 0, "max": 1} - c_child_order.extend(['name_id', 'encrypted_id', 'new_id', - 'new_encrypted_id', 'terminate']) - - def __init__(self, - name_id=None, - encrypted_id=None, - new_id=None, - new_encrypted_id=None, - terminate=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - RequestAbstractType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}NameID"] = ("name_id", saml.NameID) + c_cardinality["name_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID"] = ("encrypted_id", saml.EncryptedID) + c_cardinality["encrypted_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}NewID"] = ("new_id", NewID) + c_cardinality["new_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}NewEncryptedID"] = ("new_encrypted_id", NewEncryptedID) + c_cardinality["new_encrypted_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}Terminate"] = ("terminate", Terminate) + c_cardinality["terminate"] = {"min": 0, "max": 1} + c_child_order.extend(["name_id", "encrypted_id", "new_id", "new_encrypted_id", "terminate"]) + + def __init__( + self, + name_id=None, + encrypted_id=None, + new_id=None, + new_encrypted_id=None, + terminate=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + RequestAbstractType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.name_id = name_id self.encrypted_id = encrypted_id self.new_id = new_id @@ -1035,14 +1013,13 @@ def __init__(self, def manage_name_id_request_type__from_string(xml_string): - return saml2.create_class_from_xml_string(ManageNameIDRequestType_, - xml_string) + return saml2.create_class_from_xml_string(ManageNameIDRequestType_, xml_string) class LogoutRequest(LogoutRequestType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest element""" - c_tag = 'LogoutRequest' + c_tag = "LogoutRequest" c_namespace = NAMESPACE c_children = LogoutRequestType_.c_children.copy() c_attributes = LogoutRequestType_.c_attributes.copy() @@ -1055,9 +1032,9 @@ def logout_request_from_string(xml_string): class NameIDMappingRequest(NameIDMappingRequestType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingRequest element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingRequest element""" - c_tag = 'NameIDMappingRequest' + c_tag = "NameIDMappingRequest" c_namespace = NAMESPACE c_children = NameIDMappingRequestType_.c_children.copy() c_attributes = NameIDMappingRequestType_.c_attributes.copy() @@ -1070,37 +1047,39 @@ def name_id_mapping_request_from_string(xml_string): class AuthnQueryType_(SubjectQueryAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnQueryType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnQueryType element""" - c_tag = 'AuthnQueryType' + c_tag = "AuthnQueryType" c_namespace = NAMESPACE c_children = SubjectQueryAbstractType_.c_children.copy() c_attributes = SubjectQueryAbstractType_.c_attributes.copy() c_child_order = SubjectQueryAbstractType_.c_child_order[:] c_cardinality = SubjectQueryAbstractType_.c_cardinality.copy() - c_children[ - '{urn:oasis:names:tc:SAML:2.0:protocol}RequestedAuthnContext'] = ( - 'requested_authn_context', - RequestedAuthnContext) - c_cardinality['requested_authn_context'] = {"min": 0, "max": 1} - c_attributes['SessionIndex'] = ('session_index', 'string', False) - c_child_order.extend(['requested_authn_context']) - - def __init__(self, - requested_authn_context=None, - session_index=None, - subject=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}RequestedAuthnContext"] = ( + "requested_authn_context", + RequestedAuthnContext, + ) + c_cardinality["requested_authn_context"] = {"min": 0, "max": 1} + c_attributes["SessionIndex"] = ("session_index", "string", False) + c_child_order.extend(["requested_authn_context"]) + + def __init__( + self, + requested_authn_context=None, + session_index=None, + subject=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): SubjectQueryAbstractType_.__init__( self, subject=subject, @@ -1114,7 +1093,8 @@ def __init__(self, consent=consent, text=text, extension_elements=extension_elements, - extension_attributes=extension_attributes) + extension_attributes=extension_attributes, + ) self.requested_authn_context = requested_authn_context self.session_index = session_index @@ -1124,9 +1104,9 @@ def authn_query_type__from_string(xml_string): class IDPList(IDPListType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:IDPList element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:IDPList element""" - c_tag = 'IDPList' + c_tag = "IDPList" c_namespace = NAMESPACE c_children = IDPListType_.c_children.copy() c_attributes = IDPListType_.c_attributes.copy() @@ -1139,9 +1119,9 @@ def idp_list_from_string(xml_string): class ManageNameIDRequest(ManageNameIDRequestType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:ManageNameIDRequest element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ManageNameIDRequest element""" - c_tag = 'ManageNameIDRequest' + c_tag = "ManageNameIDRequest" c_namespace = NAMESPACE c_children = ManageNameIDRequestType_.c_children.copy() c_attributes = ManageNameIDRequestType_.c_attributes.copy() @@ -1154,9 +1134,9 @@ def manage_name_id_request_from_string(xml_string): class AuthnQuery(AuthnQueryType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnQuery element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnQuery element""" - c_tag = 'AuthnQuery' + c_tag = "AuthnQuery" c_namespace = NAMESPACE c_children = AuthnQueryType_.c_children.copy() c_attributes = AuthnQueryType_.c_attributes.copy() @@ -1169,34 +1149,33 @@ def authn_query_from_string(xml_string): class ScopingType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:ScopingType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ScopingType element""" - c_tag = 'ScopingType' + c_tag = "ScopingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}IDPList'] = ( - 'idp_list', IDPList) - c_cardinality['idp_list'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}RequesterID'] = ( - 'requester_id', [RequesterID]) - c_cardinality['requester_id'] = {"min": 0} - c_attributes['ProxyCount'] = ('proxy_count', 'nonNegativeInteger', False) - c_child_order.extend(['idp_list', 'requester_id']) - - def __init__(self, - idp_list=None, - requester_id=None, - proxy_count=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}IDPList"] = ("idp_list", IDPList) + c_cardinality["idp_list"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}RequesterID"] = ("requester_id", [RequesterID]) + c_cardinality["requester_id"] = {"min": 0} + c_attributes["ProxyCount"] = ("proxy_count", "nonNegativeInteger", False) + c_child_order.extend(["idp_list", "requester_id"]) + + def __init__( + self, + idp_list=None, + requester_id=None, + proxy_count=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.idp_list = idp_list self.requester_id = requester_id or [] self.proxy_count = proxy_count @@ -1207,9 +1186,9 @@ def scoping_type__from_string(xml_string): class Scoping(ScopingType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:Scoping element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:Scoping element""" - c_tag = 'Scoping' + c_tag = "Scoping" c_namespace = NAMESPACE c_children = ScopingType_.c_children.copy() c_attributes = ScopingType_.c_attributes.copy() @@ -1222,79 +1201,76 @@ def scoping_from_string(xml_string): class AuthnRequestType_(RequestAbstractType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequestType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequestType element""" - c_tag = 'AuthnRequestType' + c_tag = "AuthnRequestType" c_namespace = NAMESPACE c_children = RequestAbstractType_.c_children.copy() c_attributes = RequestAbstractType_.c_attributes.copy() c_child_order = RequestAbstractType_.c_child_order[:] c_cardinality = RequestAbstractType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Subject'] = ( - 'subject', saml.Subject) - c_cardinality['subject'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}NameIDPolicy'] = ( - 'name_id_policy', NameIDPolicy) - c_cardinality['name_id_policy'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Conditions'] = ( - 'conditions', saml.Conditions) - c_cardinality['conditions'] = {"min": 0, "max": 1} - c_children[ - '{urn:oasis:names:tc:SAML:2.0:protocol}RequestedAuthnContext'] = ( - 'requested_authn_context', RequestedAuthnContext) - c_cardinality['requested_authn_context'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}Scoping'] = ( - 'scoping', Scoping) - c_cardinality['scoping'] = {"min": 0, "max": 1} - c_attributes['ForceAuthn'] = ('force_authn', 'boolean', False) - c_attributes['IsPassive'] = ('is_passive', 'boolean', False) - c_attributes['ProtocolBinding'] = ('protocol_binding', 'anyURI', False) - c_attributes['AssertionConsumerServiceIndex'] = ( - 'assertion_consumer_service_index', 'unsignedShort', False) - c_attributes['AssertionConsumerServiceURL'] = ( - 'assertion_consumer_service_url', 'anyURI', False) - c_attributes['AttributeConsumingServiceIndex'] = ( - 'attribute_consuming_service_index', 'unsignedShort', False) - c_attributes['ProviderName'] = ('provider_name', 'string', False) - c_child_order.extend(['subject', 'name_id_policy', 'conditions', - 'requested_authn_context', 'scoping']) - - def __init__(self, - subject=None, - name_id_policy=None, - conditions=None, - requested_authn_context=None, - scoping=None, - force_authn=None, - is_passive=None, - protocol_binding=None, - assertion_consumer_service_index=None, - assertion_consumer_service_url=None, - attribute_consuming_service_index=None, - provider_name=None, - issuer=None, - signature=None, - extensions=None, - id=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - RequestAbstractType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - id=id, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Subject"] = ("subject", saml.Subject) + c_cardinality["subject"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}NameIDPolicy"] = ("name_id_policy", NameIDPolicy) + c_cardinality["name_id_policy"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Conditions"] = ("conditions", saml.Conditions) + c_cardinality["conditions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}RequestedAuthnContext"] = ( + "requested_authn_context", + RequestedAuthnContext, + ) + c_cardinality["requested_authn_context"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}Scoping"] = ("scoping", Scoping) + c_cardinality["scoping"] = {"min": 0, "max": 1} + c_attributes["ForceAuthn"] = ("force_authn", "boolean", False) + c_attributes["IsPassive"] = ("is_passive", "boolean", False) + c_attributes["ProtocolBinding"] = ("protocol_binding", "anyURI", False) + c_attributes["AssertionConsumerServiceIndex"] = ("assertion_consumer_service_index", "unsignedShort", False) + c_attributes["AssertionConsumerServiceURL"] = ("assertion_consumer_service_url", "anyURI", False) + c_attributes["AttributeConsumingServiceIndex"] = ("attribute_consuming_service_index", "unsignedShort", False) + c_attributes["ProviderName"] = ("provider_name", "string", False) + c_child_order.extend(["subject", "name_id_policy", "conditions", "requested_authn_context", "scoping"]) + + def __init__( + self, + subject=None, + name_id_policy=None, + conditions=None, + requested_authn_context=None, + scoping=None, + force_authn=None, + is_passive=None, + protocol_binding=None, + assertion_consumer_service_index=None, + assertion_consumer_service_url=None, + attribute_consuming_service_index=None, + provider_name=None, + issuer=None, + signature=None, + extensions=None, + id=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + RequestAbstractType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + id=id, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.subject = subject self.name_id_policy = name_id_policy self.conditions = conditions @@ -1305,8 +1281,7 @@ def __init__(self, self.protocol_binding = protocol_binding self.assertion_consumer_service_index = assertion_consumer_service_index self.assertion_consumer_service_url = assertion_consumer_service_url - self.attribute_consuming_service_index = \ - attribute_consuming_service_index + self.attribute_consuming_service_index = attribute_consuming_service_index self.provider_name = provider_name @@ -1315,9 +1290,9 @@ def authn_request_type__from_string(xml_string): class AuthnRequest(AuthnRequestType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest element""" - c_tag = 'AuthnRequest' + c_tag = "AuthnRequest" c_namespace = NAMESPACE c_children = AuthnRequestType_.c_children.copy() c_attributes = AuthnRequestType_.c_attributes.copy() @@ -1330,9 +1305,9 @@ def authn_request_from_string(xml_string): class StatusType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:StatusType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:StatusType element""" - c_tag = 'StatusType' + c_tag = "StatusType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() @@ -1341,25 +1316,24 @@ class StatusType_(SamlBase): # Added further down to avoid undefined references # c_children['{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode'] = ( # 'status_code', StatusCode) - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}StatusMessage'] = ( - 'status_message', StatusMessage) - c_cardinality['status_message'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}StatusDetail'] = ( - 'status_detail', StatusDetail) - c_cardinality['status_detail'] = {"min": 0, "max": 1} - c_child_order.extend(['status_code', 'status_message', 'status_detail']) - - def __init__(self, - status_code=None, - status_message=None, - status_detail=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}StatusMessage"] = ("status_message", StatusMessage) + c_cardinality["status_message"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}StatusDetail"] = ("status_detail", StatusDetail) + c_cardinality["status_detail"] = {"min": 0, "max": 1} + c_child_order.extend(["status_code", "status_message", "status_detail"]) + + def __init__( + self, + status_code=None, + status_message=None, + status_detail=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.status_code = status_code self.status_message = status_message self.status_detail = status_detail @@ -1370,9 +1344,9 @@ def status_type__from_string(xml_string): class Status(StatusType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:Status element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:Status element""" - c_tag = 'Status' + c_tag = "Status" c_namespace = NAMESPACE c_children = StatusType_.c_children.copy() c_attributes = StatusType_.c_attributes.copy() @@ -1385,51 +1359,48 @@ def status_from_string(xml_string): class StatusResponseType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:StatusResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:StatusResponseType element""" - c_tag = 'StatusResponseType' + c_tag = "StatusResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Issuer'] = ( - 'issuer', saml.Issuer) - c_cardinality['issuer'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}Signature'] = ( - 'signature', ds.Signature) - c_cardinality['signature'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}Extensions'] = ( - 'extensions', Extensions) - c_cardinality['extensions'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:protocol}Status'] = ( - 'status', Status) - c_attributes['ID'] = ('id', 'ID', True) - c_attributes['InResponseTo'] = ('in_response_to', 'NCName', False) - c_attributes['Version'] = ('version', 'string', True) - c_attributes['IssueInstant'] = ('issue_instant', 'dateTime', True) - c_attributes['Destination'] = ('destination', 'anyURI', False) - c_attributes['Consent'] = ('consent', 'anyURI', False) - c_child_order.extend(['issuer', 'signature', 'extensions', 'status']) - - def __init__(self, - issuer=None, - signature=None, - extensions=None, - status=None, - id=None, - in_response_to=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Issuer"] = ("issuer", saml.Issuer) + c_cardinality["issuer"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}Signature"] = ("signature", ds.Signature) + c_cardinality["signature"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}Extensions"] = ("extensions", Extensions) + c_cardinality["extensions"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:protocol}Status"] = ("status", Status) + c_attributes["ID"] = ("id", "ID", True) + c_attributes["InResponseTo"] = ("in_response_to", "NCName", False) + c_attributes["Version"] = ("version", "string", True) + c_attributes["IssueInstant"] = ("issue_instant", "dateTime", True) + c_attributes["Destination"] = ("destination", "anyURI", False) + c_attributes["Consent"] = ("consent", "anyURI", False) + c_child_order.extend(["issuer", "signature", "extensions", "status"]) + + def __init__( + self, + issuer=None, + signature=None, + extensions=None, + status=None, + id=None, + in_response_to=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.issuer = issuer self.signature = signature self.extensions = extensions @@ -1447,52 +1418,57 @@ def status_response_type__from_string(xml_string): class ResponseType_(StatusResponseType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:ResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ResponseType element""" - c_tag = 'ResponseType' + c_tag = "ResponseType" c_namespace = NAMESPACE c_children = StatusResponseType_.c_children.copy() c_attributes = StatusResponseType_.c_attributes.copy() c_child_order = StatusResponseType_.c_child_order[:] c_cardinality = StatusResponseType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}Assertion'] = ( - 'assertion', [saml.Assertion]) - c_cardinality['assertion'] = {"min": 0} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAssertion'] = ( - 'encrypted_assertion', [saml.EncryptedAssertion]) - c_cardinality['encrypted_assertion'] = {"min": 0} - c_child_order.extend(['assertion', 'encrypted_assertion']) - - def __init__(self, - assertion=None, - encrypted_assertion=None, - issuer=None, - signature=None, - extensions=None, - status=None, - id=None, - in_response_to=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - StatusResponseType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - status=status, - id=id, - in_response_to=in_response_to, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}Assertion"] = ("assertion", [saml.Assertion]) + c_cardinality["assertion"] = {"min": 0} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedAssertion"] = ( + "encrypted_assertion", + [saml.EncryptedAssertion], + ) + c_cardinality["encrypted_assertion"] = {"min": 0} + c_child_order.extend(["assertion", "encrypted_assertion"]) + + def __init__( + self, + assertion=None, + encrypted_assertion=None, + issuer=None, + signature=None, + extensions=None, + status=None, + id=None, + in_response_to=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + StatusResponseType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + status=status, + id=id, + in_response_to=in_response_to, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.assertion = assertion or [] self.encrypted_assertion = encrypted_assertion or [] @@ -1502,9 +1478,9 @@ def response_type__from_string(xml_string): class ArtifactResponseType_(StatusResponseType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResponseType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResponseType element""" - c_tag = 'ArtifactResponseType' + c_tag = "ArtifactResponseType" c_namespace = NAMESPACE c_children = StatusResponseType_.c_children.copy() c_attributes = StatusResponseType_.c_attributes.copy() @@ -1518,9 +1494,9 @@ def artifact_response_type__from_string(xml_string): class ManageNameIDResponse(StatusResponseType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:ManageNameIDResponse element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ManageNameIDResponse element""" - c_tag = 'ManageNameIDResponse' + c_tag = "ManageNameIDResponse" c_namespace = NAMESPACE c_children = StatusResponseType_.c_children.copy() c_attributes = StatusResponseType_.c_attributes.copy() @@ -1533,9 +1509,9 @@ def manage_name_id_response_from_string(xml_string): class LogoutResponse(StatusResponseType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:LogoutResponse element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:LogoutResponse element""" - c_tag = 'LogoutResponse' + c_tag = "LogoutResponse" c_namespace = NAMESPACE c_children = StatusResponseType_.c_children.copy() c_attributes = StatusResponseType_.c_attributes.copy() @@ -1552,63 +1528,64 @@ class NameIDMappingResponseType_(StatusResponseType_): The urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingResponseType element """ - c_tag = 'NameIDMappingResponseType' + c_tag = "NameIDMappingResponseType" c_namespace = NAMESPACE c_children = StatusResponseType_.c_children.copy() c_attributes = StatusResponseType_.c_attributes.copy() c_child_order = StatusResponseType_.c_child_order[:] c_cardinality = StatusResponseType_.c_cardinality.copy() - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}NameID'] = ( - 'name_id', saml.NameID) - c_cardinality['name_id'] = {"min": 0, "max": 1} - c_children['{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID'] = ( - 'encrypted_id', saml.EncryptedID) - c_cardinality['encrypted_id'] = {"min": 0, "max": 1} - c_child_order.extend(['name_id', 'encrypted_id']) - - def __init__(self, - name_id=None, - encrypted_id=None, - issuer=None, - signature=None, - extensions=None, - status=None, - id=None, - in_response_to=None, - version=None, - issue_instant=None, - destination=None, - consent=None, - text=None, - extension_elements=None, - extension_attributes=None): - StatusResponseType_.__init__(self, - issuer=issuer, - signature=signature, - extensions=extensions, - status=status, - id=id, - in_response_to=in_response_to, - version=version, - issue_instant=issue_instant, - destination=destination, - consent=consent, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}NameID"] = ("name_id", saml.NameID) + c_cardinality["name_id"] = {"min": 0, "max": 1} + c_children["{urn:oasis:names:tc:SAML:2.0:assertion}EncryptedID"] = ("encrypted_id", saml.EncryptedID) + c_cardinality["encrypted_id"] = {"min": 0, "max": 1} + c_child_order.extend(["name_id", "encrypted_id"]) + + def __init__( + self, + name_id=None, + encrypted_id=None, + issuer=None, + signature=None, + extensions=None, + status=None, + id=None, + in_response_to=None, + version=None, + issue_instant=None, + destination=None, + consent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + StatusResponseType_.__init__( + self, + issuer=issuer, + signature=signature, + extensions=extensions, + status=status, + id=id, + in_response_to=in_response_to, + version=version, + issue_instant=issue_instant, + destination=destination, + consent=consent, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.name_id = name_id self.encrypted_id = encrypted_id def name_id_mapping_response_type__from_string(xml_string): - return saml2.create_class_from_xml_string(NameIDMappingResponseType_, - xml_string) + return saml2.create_class_from_xml_string(NameIDMappingResponseType_, xml_string) class Response(ResponseType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:Response element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:Response element""" - c_tag = 'Response' + c_tag = "Response" c_namespace = NAMESPACE c_children = ResponseType_.c_children.copy() c_attributes = ResponseType_.c_attributes.copy() @@ -1621,9 +1598,9 @@ def response_from_string(xml_string): class ArtifactResponse(ArtifactResponseType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResponse element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResponse element""" - c_tag = 'ArtifactResponse' + c_tag = "ArtifactResponse" c_namespace = NAMESPACE c_children = ArtifactResponseType_.c_children.copy() c_attributes = ArtifactResponseType_.c_attributes.copy() @@ -1636,10 +1613,9 @@ def artifact_response_from_string(xml_string): class NameIDMappingResponse(NameIDMappingResponseType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingResponse element - """ + """The urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingResponse element""" - c_tag = 'NameIDMappingResponse' + c_tag = "NameIDMappingResponse" c_namespace = NAMESPACE c_children = NameIDMappingResponseType_.c_children.copy() c_attributes = NameIDMappingResponseType_.c_attributes.copy() @@ -1654,28 +1630,22 @@ def name_id_mapping_response_from_string(xml_string): # .................. # ['StatusCodeType', 'StatusCode'] class StatusCodeType_(SamlBase): - """The urn:oasis:names:tc:SAML:2.0:protocol:StatusCodeType element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:StatusCodeType element""" - c_tag = 'StatusCodeType' + c_tag = "StatusCodeType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_cardinality['status_code'] = {"min": 0, "max": 1} - c_attributes['Value'] = ('value', 'anyURI', True) - c_child_order.extend(['status_code']) - - def __init__(self, - status_code=None, - value=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes) + c_cardinality["status_code"] = {"min": 0, "max": 1} + c_attributes["Value"] = ("value", "anyURI", True) + c_child_order.extend(["status_code"]) + + def __init__(self, status_code=None, value=None, text=None, extension_elements=None, extension_attributes=None): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.status_code = status_code self.value = value @@ -1685,9 +1655,9 @@ def status_code_type__from_string(xml_string): class StatusCode(StatusCodeType_): - """The urn:oasis:names:tc:SAML:2.0:protocol:StatusCode element """ + """The urn:oasis:names:tc:SAML:2.0:protocol:StatusCode element""" - c_tag = 'StatusCode' + c_tag = "StatusCode" c_namespace = NAMESPACE c_children = StatusCodeType_.c_children.copy() c_attributes = StatusCodeType_.c_attributes.copy() @@ -1700,15 +1670,10 @@ def status_code_from_string(xml_string): # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -StatusType_.c_children['{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode'] = ( - 'status_code', StatusCode) -Status.c_children['{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode'] = ( - 'status_code', StatusCode) -StatusCodeType_.c_children[ - '{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode'] = ( - 'status_code', StatusCode) -StatusCode.c_children['{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode'] = ( - 'status_code', StatusCode) +StatusType_.c_children["{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode"] = ("status_code", StatusCode) +Status.c_children["{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode"] = ("status_code", StatusCode) +StatusCodeType_.c_children["{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode"] = ("status_code", StatusCode) +StatusCode.c_children["{urn:oasis:names:tc:SAML:2.0:protocol}StatusCode"] = ("status_code", StatusCode) # ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ELEMENT_FROM_STRING = { @@ -1729,8 +1694,7 @@ def status_code_from_string(xml_string): AuthnQueryType_.c_tag: authn_query_type__from_string, RequestedAuthnContext.c_tag: requested_authn_context_from_string, RequestedAuthnContextType_.c_tag: requested_authn_context_type__from_string, - AuthnContextComparisonType_.c_tag: - authn_context_comparison_type__from_string, + AuthnContextComparisonType_.c_tag: authn_context_comparison_type__from_string, AttributeQuery.c_tag: attribute_query_from_string, AttributeQueryType_.c_tag: attribute_query_type__from_string, AuthzDecisionQuery.c_tag: authz_decision_query_from_string, @@ -1768,69 +1732,68 @@ def status_code_from_string(xml_string): NameIDMappingRequest.c_tag: name_id_mapping_request_from_string, NameIDMappingRequestType_.c_tag: name_id_mapping_request_type__from_string, NameIDMappingResponse.c_tag: name_id_mapping_response_from_string, - NameIDMappingResponseType_.c_tag: - name_id_mapping_response_type__from_string, + NameIDMappingResponseType_.c_tag: name_id_mapping_response_type__from_string, } ELEMENT_BY_TAG = { - 'Extensions': Extensions, - 'ExtensionsType': ExtensionsType_, - 'StatusResponseType': StatusResponseType_, - 'Status': Status, - 'StatusType': StatusType_, - 'StatusCode': StatusCode, - 'StatusCodeType': StatusCodeType_, - 'StatusMessage': StatusMessage, - 'StatusDetail': StatusDetail, - 'StatusDetailType': StatusDetailType_, - 'AssertionIDRequest': AssertionIDRequest, - 'AssertionIDRequestType': AssertionIDRequestType_, - 'SubjectQuery': SubjectQuery, - 'AuthnQuery': AuthnQuery, - 'AuthnQueryType': AuthnQueryType_, - 'RequestedAuthnContext': RequestedAuthnContext, - 'RequestedAuthnContextType': RequestedAuthnContextType_, - 'AuthnContextComparisonType': AuthnContextComparisonType_, - 'AttributeQuery': AttributeQuery, - 'AttributeQueryType': AttributeQueryType_, - 'AuthzDecisionQuery': AuthzDecisionQuery, - 'AuthzDecisionQueryType': AuthzDecisionQueryType_, - 'AuthnRequest': AuthnRequest, - 'AuthnRequestType': AuthnRequestType_, - 'NameIDPolicy': NameIDPolicy, - 'NameIDPolicyType': NameIDPolicyType_, - 'Scoping': Scoping, - 'ScopingType': ScopingType_, - 'RequesterID': RequesterID, - 'IDPList': IDPList, - 'IDPListType': IDPListType_, - 'IDPEntry': IDPEntry, - 'IDPEntryType': IDPEntryType_, - 'GetComplete': GetComplete, - 'Response': Response, - 'ResponseType': ResponseType_, - 'ArtifactResolve': ArtifactResolve, - 'ArtifactResolveType': ArtifactResolveType_, - 'Artifact': Artifact, - 'ArtifactResponse': ArtifactResponse, - 'ArtifactResponseType': ArtifactResponseType_, - 'ManageNameIDRequest': ManageNameIDRequest, - 'ManageNameIDRequestType': ManageNameIDRequestType_, - 'NewID': NewID, - 'NewEncryptedID': NewEncryptedID, - 'Terminate': Terminate, - 'TerminateType': TerminateType_, - 'ManageNameIDResponse': ManageNameIDResponse, - 'LogoutRequest': LogoutRequest, - 'LogoutRequestType': LogoutRequestType_, - 'SessionIndex': SessionIndex, - 'LogoutResponse': LogoutResponse, - 'NameIDMappingRequest': NameIDMappingRequest, - 'NameIDMappingRequestType': NameIDMappingRequestType_, - 'NameIDMappingResponse': NameIDMappingResponse, - 'NameIDMappingResponseType': NameIDMappingResponseType_, - 'RequestAbstractType': RequestAbstractType_, - 'SubjectQueryAbstractType': SubjectQueryAbstractType_, + "Extensions": Extensions, + "ExtensionsType": ExtensionsType_, + "StatusResponseType": StatusResponseType_, + "Status": Status, + "StatusType": StatusType_, + "StatusCode": StatusCode, + "StatusCodeType": StatusCodeType_, + "StatusMessage": StatusMessage, + "StatusDetail": StatusDetail, + "StatusDetailType": StatusDetailType_, + "AssertionIDRequest": AssertionIDRequest, + "AssertionIDRequestType": AssertionIDRequestType_, + "SubjectQuery": SubjectQuery, + "AuthnQuery": AuthnQuery, + "AuthnQueryType": AuthnQueryType_, + "RequestedAuthnContext": RequestedAuthnContext, + "RequestedAuthnContextType": RequestedAuthnContextType_, + "AuthnContextComparisonType": AuthnContextComparisonType_, + "AttributeQuery": AttributeQuery, + "AttributeQueryType": AttributeQueryType_, + "AuthzDecisionQuery": AuthzDecisionQuery, + "AuthzDecisionQueryType": AuthzDecisionQueryType_, + "AuthnRequest": AuthnRequest, + "AuthnRequestType": AuthnRequestType_, + "NameIDPolicy": NameIDPolicy, + "NameIDPolicyType": NameIDPolicyType_, + "Scoping": Scoping, + "ScopingType": ScopingType_, + "RequesterID": RequesterID, + "IDPList": IDPList, + "IDPListType": IDPListType_, + "IDPEntry": IDPEntry, + "IDPEntryType": IDPEntryType_, + "GetComplete": GetComplete, + "Response": Response, + "ResponseType": ResponseType_, + "ArtifactResolve": ArtifactResolve, + "ArtifactResolveType": ArtifactResolveType_, + "Artifact": Artifact, + "ArtifactResponse": ArtifactResponse, + "ArtifactResponseType": ArtifactResponseType_, + "ManageNameIDRequest": ManageNameIDRequest, + "ManageNameIDRequestType": ManageNameIDRequestType_, + "NewID": NewID, + "NewEncryptedID": NewEncryptedID, + "Terminate": Terminate, + "TerminateType": TerminateType_, + "ManageNameIDResponse": ManageNameIDResponse, + "LogoutRequest": LogoutRequest, + "LogoutRequestType": LogoutRequestType_, + "SessionIndex": SessionIndex, + "LogoutResponse": LogoutResponse, + "NameIDMappingRequest": NameIDMappingRequest, + "NameIDMappingRequestType": NameIDMappingRequestType_, + "NameIDMappingResponse": NameIDMappingResponse, + "NameIDMappingResponseType": NameIDMappingResponseType_, + "RequestAbstractType": RequestAbstractType_, + "SubjectQueryAbstractType": SubjectQueryAbstractType_, } @@ -1840,10 +1803,14 @@ def factory(tag, **kwargs): def any_response_from_string(xmlstr): resp = None - for func in [status_response_type__from_string, response_from_string, - artifact_response_from_string, logout_response_from_string, - name_id_mapping_response_from_string, - manage_name_id_response_from_string]: + for func in [ + status_response_type__from_string, + response_from_string, + artifact_response_from_string, + logout_response_from_string, + name_id_mapping_response_from_string, + manage_name_id_response_from_string, + ]: resp = func(xmlstr) if resp: break diff --git a/src/saml2/schema/__init__.py b/src/saml2/schema/__init__.py index 3b031d2bf..169408711 100644 --- a/src/saml2/schema/__init__.py +++ b/src/saml2/schema/__init__.py @@ -1 +1 @@ -__author__ = 'rolandh' +__author__ = "rolandh" diff --git a/src/saml2/schema/soap.py b/src/saml2/schema/soap.py index 8d59b3577..eeb10f802 100644 --- a/src/saml2/schema/soap.py +++ b/src/saml2/schema/soap.py @@ -6,462 +6,496 @@ import saml2 from saml2 import SamlBase - from saml2.schema import wsdl -NAMESPACE = 'http://schemas.xmlsoap.org/wsdl/soap/' + +NAMESPACE = "http://schemas.xmlsoap.org/wsdl/soap/" + class EncodingStyle_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/soap/:encodingStyle element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:encodingStyle element""" - c_tag = 'encodingStyle' + c_tag = "encodingStyle" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def encoding_style__from_string(xml_string): return saml2.create_class_from_xml_string(EncodingStyle_, xml_string) class TStyleChoice_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/soap/:tStyleChoice element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tStyleChoice element""" - c_tag = 'tStyleChoice' + c_tag = "tStyleChoice" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:string', 'enumeration': ['rpc', 'document']} + c_value_type = {"base": "xs:string", "enumeration": ["rpc", "document"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def t_style_choice__from_string(xml_string): return saml2.create_class_from_xml_string(TStyleChoice_, xml_string) class TOperation_(wsdl.TExtensibilityElement_): - """The http://schemas.xmlsoap.org/wsdl/soap/:tOperation element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tOperation element""" - c_tag = 'tOperation' + c_tag = "tOperation" c_namespace = NAMESPACE c_children = wsdl.TExtensibilityElement_.c_children.copy() c_attributes = wsdl.TExtensibilityElement_.c_attributes.copy() c_child_order = wsdl.TExtensibilityElement_.c_child_order[:] c_cardinality = wsdl.TExtensibilityElement_.c_cardinality.copy() - c_attributes['soapAction'] = ('soap_action', 'anyURI', False) - c_attributes['style'] = ('style', TStyleChoice_, False) - - def __init__(self, - soap_action=None, - style=None, - required=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - wsdl.TExtensibilityElement_.__init__(self, - required=required, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.soap_action=soap_action - self.style=style + c_attributes["soapAction"] = ("soap_action", "anyURI", False) + c_attributes["style"] = ("style", TStyleChoice_, False) + + def __init__( + self, + soap_action=None, + style=None, + required=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + wsdl.TExtensibilityElement_.__init__( + self, + required=required, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.soap_action = soap_action + self.style = style + def t_operation__from_string(xml_string): return saml2.create_class_from_xml_string(TOperation_, xml_string) class UseChoice_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/soap/:useChoice element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:useChoice element""" - c_tag = 'useChoice' + c_tag = "useChoice" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:string', 'enumeration': ['literal', 'encoded']} + c_value_type = {"base": "xs:string", "enumeration": ["literal", "encoded"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def use_choice__from_string(xml_string): return saml2.create_class_from_xml_string(UseChoice_, xml_string) class TFaultRes_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/soap/:tFaultRes element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tFaultRes element""" - c_tag = 'tFaultRes' + c_tag = "tFaultRes" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['{http://schemas.xmlsoap.org/wsdl/}required'] = ('required', 'None', False) - c_attributes['parts'] = ('parts', 'NMTOKENS', False) - c_attributes['encodingStyle'] = ('encoding_style', EncodingStyle_, False) - c_attributes['use'] = ('use', UseChoice_, False) - c_attributes['namespace'] = ('namespace', 'anyURI', False) - - def __init__(self, - required=None, - parts=None, - encoding_style=None, - use=None, - namespace=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.required=required - self.parts=parts - self.encoding_style=encoding_style - self.use=use - self.namespace=namespace + c_attributes["{http://schemas.xmlsoap.org/wsdl/}required"] = ("required", "None", False) + c_attributes["parts"] = ("parts", "NMTOKENS", False) + c_attributes["encodingStyle"] = ("encoding_style", EncodingStyle_, False) + c_attributes["use"] = ("use", UseChoice_, False) + c_attributes["namespace"] = ("namespace", "anyURI", False) + + def __init__( + self, + required=None, + parts=None, + encoding_style=None, + use=None, + namespace=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.required = required + self.parts = parts + self.encoding_style = encoding_style + self.use = use + self.namespace = namespace class TFault_(TFaultRes_): - """The http://schemas.xmlsoap.org/wsdl/soap/:tFault element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tFault element""" - c_tag = 'tFault' + c_tag = "tFault" c_namespace = NAMESPACE c_children = TFaultRes_.c_children.copy() c_attributes = TFaultRes_.c_attributes.copy() c_child_order = TFaultRes_.c_child_order[:] c_cardinality = TFaultRes_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', True) - - def __init__(self, - name=None, - required=None, - parts=None, - encoding_style=None, - use=None, - namespace=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TFaultRes_.__init__(self, - required=required, - parts=parts, - encoding_style=encoding_style, - use=use, - namespace=namespace, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name + c_attributes["name"] = ("name", "NCName", True) + + def __init__( + self, + name=None, + required=None, + parts=None, + encoding_style=None, + use=None, + namespace=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TFaultRes_.__init__( + self, + required=required, + parts=parts, + encoding_style=encoding_style, + use=use, + namespace=namespace, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + def t_fault__from_string(xml_string): return saml2.create_class_from_xml_string(TFault_, xml_string) class THeaderFault_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/soap/:tHeaderFault element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tHeaderFault element""" - c_tag = 'tHeaderFault' + c_tag = "tHeaderFault" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['message'] = ('message', 'QName', True) - c_attributes['part'] = ('part', 'NMTOKEN', True) - c_attributes['use'] = ('use', UseChoice_, True) - c_attributes['encodingStyle'] = ('encoding_style', EncodingStyle_, False) - c_attributes['namespace'] = ('namespace', 'anyURI', False) - - def __init__(self, - message=None, - part=None, - use=None, - encoding_style=None, - namespace=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.message=message - self.part=part - self.use=use - self.encoding_style=encoding_style - self.namespace=namespace + c_attributes["message"] = ("message", "QName", True) + c_attributes["part"] = ("part", "NMTOKEN", True) + c_attributes["use"] = ("use", UseChoice_, True) + c_attributes["encodingStyle"] = ("encoding_style", EncodingStyle_, False) + c_attributes["namespace"] = ("namespace", "anyURI", False) + + def __init__( + self, + message=None, + part=None, + use=None, + encoding_style=None, + namespace=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.message = message + self.part = part + self.use = use + self.encoding_style = encoding_style + self.namespace = namespace + def t_header_fault__from_string(xml_string): return saml2.create_class_from_xml_string(THeaderFault_, xml_string) class TAddress_(wsdl.TExtensibilityElement_): - """The http://schemas.xmlsoap.org/wsdl/soap/:tAddress element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tAddress element""" - c_tag = 'tAddress' + c_tag = "tAddress" c_namespace = NAMESPACE c_children = wsdl.TExtensibilityElement_.c_children.copy() c_attributes = wsdl.TExtensibilityElement_.c_attributes.copy() c_child_order = wsdl.TExtensibilityElement_.c_child_order[:] c_cardinality = wsdl.TExtensibilityElement_.c_cardinality.copy() - c_attributes['location'] = ('location', 'anyURI', True) - - def __init__(self, - location=None, - required=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - wsdl.TExtensibilityElement_.__init__(self, - required=required, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.location=location + c_attributes["location"] = ("location", "anyURI", True) + + def __init__( + self, + location=None, + required=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + wsdl.TExtensibilityElement_.__init__( + self, + required=required, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.location = location + def t_address__from_string(xml_string): return saml2.create_class_from_xml_string(TAddress_, xml_string) class TBinding_(wsdl.TExtensibilityElement_): - """The http://schemas.xmlsoap.org/wsdl/soap/:tBinding element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tBinding element""" - c_tag = 'tBinding' + c_tag = "tBinding" c_namespace = NAMESPACE c_children = wsdl.TExtensibilityElement_.c_children.copy() c_attributes = wsdl.TExtensibilityElement_.c_attributes.copy() c_child_order = wsdl.TExtensibilityElement_.c_child_order[:] c_cardinality = wsdl.TExtensibilityElement_.c_cardinality.copy() - c_attributes['transport'] = ('transport', 'anyURI', True) - c_attributes['style'] = ('style', TStyleChoice_, False) - - def __init__(self, - transport=None, - style=None, - required=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - wsdl.TExtensibilityElement_.__init__(self, - required=required, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.transport=transport - self.style=style + c_attributes["transport"] = ("transport", "anyURI", True) + c_attributes["style"] = ("style", TStyleChoice_, False) + + def __init__( + self, + transport=None, + style=None, + required=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + wsdl.TExtensibilityElement_.__init__( + self, + required=required, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.transport = transport + self.style = style + def t_binding__from_string(xml_string): return saml2.create_class_from_xml_string(TBinding_, xml_string) class Operation(TOperation_): - """The http://schemas.xmlsoap.org/wsdl/soap/:operation element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:operation element""" - c_tag = 'operation' + c_tag = "operation" c_namespace = NAMESPACE c_children = TOperation_.c_children.copy() c_attributes = TOperation_.c_attributes.copy() c_child_order = TOperation_.c_child_order[:] c_cardinality = TOperation_.c_cardinality.copy() + def operation_from_string(xml_string): return saml2.create_class_from_xml_string(Operation, xml_string) class TBody_(wsdl.TExtensibilityElement_): - """The http://schemas.xmlsoap.org/wsdl/soap/:tBody element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tBody element""" - c_tag = 'tBody' + c_tag = "tBody" c_namespace = NAMESPACE c_children = wsdl.TExtensibilityElement_.c_children.copy() c_attributes = wsdl.TExtensibilityElement_.c_attributes.copy() c_child_order = wsdl.TExtensibilityElement_.c_child_order[:] c_cardinality = wsdl.TExtensibilityElement_.c_cardinality.copy() - c_attributes['parts'] = ('parts', 'NMTOKENS', False) - c_attributes['encodingStyle'] = ('encoding_style', EncodingStyle_, False) - c_attributes['use'] = ('use', UseChoice_, False) - c_attributes['namespace'] = ('namespace', 'anyURI', False) - - def __init__(self, - parts=None, - encoding_style=None, - use=None, - namespace=None, - required=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - wsdl.TExtensibilityElement_.__init__(self, - required=required, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.parts=parts - self.encoding_style=encoding_style - self.use=use - self.namespace=namespace + c_attributes["parts"] = ("parts", "NMTOKENS", False) + c_attributes["encodingStyle"] = ("encoding_style", EncodingStyle_, False) + c_attributes["use"] = ("use", UseChoice_, False) + c_attributes["namespace"] = ("namespace", "anyURI", False) + + def __init__( + self, + parts=None, + encoding_style=None, + use=None, + namespace=None, + required=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + wsdl.TExtensibilityElement_.__init__( + self, + required=required, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.parts = parts + self.encoding_style = encoding_style + self.use = use + self.namespace = namespace + def t_body__from_string(xml_string): return saml2.create_class_from_xml_string(TBody_, xml_string) class Fault(TFault_): - """The http://schemas.xmlsoap.org/wsdl/soap/:fault element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:fault element""" - c_tag = 'fault' + c_tag = "fault" c_namespace = NAMESPACE c_children = TFault_.c_children.copy() c_attributes = TFault_.c_attributes.copy() c_child_order = TFault_.c_child_order[:] c_cardinality = TFault_.c_cardinality.copy() + def fault_from_string(xml_string): return saml2.create_class_from_xml_string(Fault, xml_string) class Headerfault(THeaderFault_): - """The http://schemas.xmlsoap.org/wsdl/soap/:headerfault element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:headerfault element""" - c_tag = 'headerfault' + c_tag = "headerfault" c_namespace = NAMESPACE c_children = THeaderFault_.c_children.copy() c_attributes = THeaderFault_.c_attributes.copy() c_child_order = THeaderFault_.c_child_order[:] c_cardinality = THeaderFault_.c_cardinality.copy() + def headerfault_from_string(xml_string): return saml2.create_class_from_xml_string(Headerfault, xml_string) class Address(TAddress_): - """The http://schemas.xmlsoap.org/wsdl/soap/:address element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:address element""" - c_tag = 'address' + c_tag = "address" c_namespace = NAMESPACE c_children = TAddress_.c_children.copy() c_attributes = TAddress_.c_attributes.copy() c_child_order = TAddress_.c_child_order[:] c_cardinality = TAddress_.c_cardinality.copy() + def address_from_string(xml_string): return saml2.create_class_from_xml_string(Address, xml_string) class Binding(TBinding_): - """The http://schemas.xmlsoap.org/wsdl/soap/:binding element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:binding element""" - c_tag = 'binding' + c_tag = "binding" c_namespace = NAMESPACE c_children = TBinding_.c_children.copy() c_attributes = TBinding_.c_attributes.copy() c_child_order = TBinding_.c_child_order[:] c_cardinality = TBinding_.c_cardinality.copy() + def binding_from_string(xml_string): return saml2.create_class_from_xml_string(Binding, xml_string) class Body(TBody_): - """The http://schemas.xmlsoap.org/wsdl/soap/:body element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:body element""" - c_tag = 'body' + c_tag = "body" c_namespace = NAMESPACE c_children = TBody_.c_children.copy() c_attributes = TBody_.c_attributes.copy() c_child_order = TBody_.c_child_order[:] c_cardinality = TBody_.c_cardinality.copy() + def body_from_string(xml_string): return saml2.create_class_from_xml_string(Body, xml_string) class THeader_(wsdl.TExtensibilityElement_): - """The http://schemas.xmlsoap.org/wsdl/soap/:tHeader element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:tHeader element""" - c_tag = 'tHeader' + c_tag = "tHeader" c_namespace = NAMESPACE c_children = wsdl.TExtensibilityElement_.c_children.copy() c_attributes = wsdl.TExtensibilityElement_.c_attributes.copy() c_child_order = wsdl.TExtensibilityElement_.c_child_order[:] c_cardinality = wsdl.TExtensibilityElement_.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/soap/}headerfault'] = ('headerfault', [Headerfault]) - c_cardinality['headerfault'] = {"min":0} - c_attributes['message'] = ('message', 'QName', True) - c_attributes['part'] = ('part', 'NMTOKEN', True) - c_attributes['use'] = ('use', UseChoice_, True) - c_attributes['encodingStyle'] = ('encoding_style', EncodingStyle_, False) - c_attributes['namespace'] = ('namespace', 'anyURI', False) - c_child_order.extend(['headerfault']) - - def __init__(self, - headerfault=None, - message=None, - part=None, - use=None, - encoding_style=None, - namespace=None, - required=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - wsdl.TExtensibilityElement_.__init__(self, - required=required, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.headerfault=headerfault or [] - self.message=message - self.part=part - self.use=use - self.encoding_style=encoding_style - self.namespace=namespace + c_children["{http://schemas.xmlsoap.org/wsdl/soap/}headerfault"] = ("headerfault", [Headerfault]) + c_cardinality["headerfault"] = {"min": 0} + c_attributes["message"] = ("message", "QName", True) + c_attributes["part"] = ("part", "NMTOKEN", True) + c_attributes["use"] = ("use", UseChoice_, True) + c_attributes["encodingStyle"] = ("encoding_style", EncodingStyle_, False) + c_attributes["namespace"] = ("namespace", "anyURI", False) + c_child_order.extend(["headerfault"]) + + def __init__( + self, + headerfault=None, + message=None, + part=None, + use=None, + encoding_style=None, + namespace=None, + required=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + wsdl.TExtensibilityElement_.__init__( + self, + required=required, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.headerfault = headerfault or [] + self.message = message + self.part = part + self.use = use + self.encoding_style = encoding_style + self.namespace = namespace + def t_header__from_string(xml_string): return saml2.create_class_from_xml_string(THeader_, xml_string) class Header(THeader_): - """The http://schemas.xmlsoap.org/wsdl/soap/:header element """ + """The http://schemas.xmlsoap.org/wsdl/soap/:header element""" - c_tag = 'header' + c_tag = "header" c_namespace = NAMESPACE c_children = THeader_.c_children.copy() c_attributes = THeader_.c_attributes.copy() c_child_order = THeader_.c_child_order[:] c_cardinality = THeader_.c_cardinality.copy() + def header_from_string(xml_string): return saml2.create_class_from_xml_string(Header, xml_string) AG_tBodyAttributes = [ - ('encodingStyle', EncodingStyle_, False), - ('use', UseChoice_, False), - ('namespace', 'anyURI', False), + ("encodingStyle", EncodingStyle_, False), + ("use", UseChoice_, False), + ("namespace", "anyURI", False), ] AG_tHeaderAttributes = [ - ('message', 'QName', True), - ('part', 'NMTOKEN', True), - ('use', UseChoice_, True), - ('encodingStyle', EncodingStyle_, False), - ('namespace', 'anyURI', False), + ("message", "QName", True), + ("part", "NMTOKEN", True), + ("use", UseChoice_, True), + ("encodingStyle", EncodingStyle_, False), + ("namespace", "anyURI", False), ] ELEMENT_FROM_STRING = { @@ -485,27 +519,26 @@ def header_from_string(xml_string): } ELEMENT_BY_TAG = { - 'encodingStyle': EncodingStyle_, - 'binding': Binding, - 'tBinding': TBinding_, - 'tStyleChoice': TStyleChoice_, - 'operation': Operation, - 'tOperation': TOperation_, - 'body': Body, - 'tBody': TBody_, - 'useChoice': UseChoice_, - 'fault': Fault, - 'tFault': TFault_, - 'header': Header, - 'tHeader': THeader_, - 'headerfault': Headerfault, - 'tHeaderFault': THeaderFault_, - 'address': Address, - 'tAddress': TAddress_, - 'tFaultRes': TFaultRes_, + "encodingStyle": EncodingStyle_, + "binding": Binding, + "tBinding": TBinding_, + "tStyleChoice": TStyleChoice_, + "operation": Operation, + "tOperation": TOperation_, + "body": Body, + "tBody": TBody_, + "useChoice": UseChoice_, + "fault": Fault, + "tFault": TFault_, + "header": Header, + "tHeader": THeader_, + "headerfault": Headerfault, + "tHeaderFault": THeaderFault_, + "address": Address, + "tAddress": TAddress_, + "tFaultRes": TFaultRes_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/schema/soapenv.py b/src/saml2/schema/soapenv.py index f7aec7664..8b5416703 100644 --- a/src/saml2/schema/soapenv.py +++ b/src/saml2/schema/soapenv.py @@ -7,252 +7,272 @@ import saml2 from saml2 import SamlBase -NAMESPACE = 'http://schemas.xmlsoap.org/soap/envelope/' + +NAMESPACE = "http://schemas.xmlsoap.org/soap/envelope/" + class Header_(SamlBase): - """The http://schemas.xmlsoap.org/soap/envelope/:Header element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Header element""" - c_tag = 'Header' + c_tag = "Header" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def header__from_string(xml_string): return saml2.create_class_from_xml_string(Header_, xml_string) class Body_(SamlBase): - """The http://schemas.xmlsoap.org/soap/envelope/:Body element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Body element""" - c_tag = 'Body' + c_tag = "Body" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def body__from_string(xml_string): return saml2.create_class_from_xml_string(Body_, xml_string) class EncodingStyle_(SamlBase): - """The http://schemas.xmlsoap.org/soap/envelope/:encodingStyle element """ + """The http://schemas.xmlsoap.org/soap/envelope/:encodingStyle element""" - c_tag = 'encodingStyle' + c_tag = "encodingStyle" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def encoding_style__from_string(xml_string): return saml2.create_class_from_xml_string(EncodingStyle_, xml_string) class Fault_faultcode(SamlBase): - c_tag = 'faultcode' + c_tag = "faultcode" c_namespace = NAMESPACE - c_value_type = {'base': 'QName'} + c_value_type = {"base": "QName"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def fault_faultcode_from_string(xml_string): return saml2.create_class_from_xml_string(Fault_faultcode, xml_string) class Fault_faultstring(SamlBase): - c_tag = 'faultstring' + c_tag = "faultstring" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def fault_faultstring_from_string(xml_string): return saml2.create_class_from_xml_string(Fault_faultstring, xml_string) class Fault_faultactor(SamlBase): - c_tag = 'faultactor' + c_tag = "faultactor" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def fault_faultactor_from_string(xml_string): return saml2.create_class_from_xml_string(Fault_faultactor, xml_string) class Detail_(SamlBase): - """The http://schemas.xmlsoap.org/soap/envelope/:detail element """ + """The http://schemas.xmlsoap.org/soap/envelope/:detail element""" - c_tag = 'detail' + c_tag = "detail" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def detail__from_string(xml_string): return saml2.create_class_from_xml_string(Detail_, xml_string) class Envelope_(SamlBase): - """The http://schemas.xmlsoap.org/soap/envelope/:Envelope element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Envelope element""" - c_tag = 'Envelope' + c_tag = "Envelope" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/soap/envelope/}Header'] = ('header', Header_) - c_cardinality['header'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/soap/envelope/}Body'] = ('body', Body_) - c_child_order.extend(['header', 'body']) - - def __init__(self, - header=None, - body=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.header=header - self.body=body + c_children["{http://schemas.xmlsoap.org/soap/envelope/}Header"] = ("header", Header_) + c_cardinality["header"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/soap/envelope/}Body"] = ("body", Body_) + c_child_order.extend(["header", "body"]) + + def __init__( + self, + header=None, + body=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.header = header + self.body = body + def envelope__from_string(xml_string): return saml2.create_class_from_xml_string(Envelope_, xml_string) class Header(Header_): - """The http://schemas.xmlsoap.org/soap/envelope/:Header element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Header element""" - c_tag = 'Header' + c_tag = "Header" c_namespace = NAMESPACE c_children = Header_.c_children.copy() c_attributes = Header_.c_attributes.copy() c_child_order = Header_.c_child_order[:] c_cardinality = Header_.c_cardinality.copy() + def header_from_string(xml_string): return saml2.create_class_from_xml_string(Header, xml_string) class Body(Body_): - """The http://schemas.xmlsoap.org/soap/envelope/:Body element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Body element""" - c_tag = 'Body' + c_tag = "Body" c_namespace = NAMESPACE c_children = Body_.c_children.copy() c_attributes = Body_.c_attributes.copy() c_child_order = Body_.c_child_order[:] c_cardinality = Body_.c_cardinality.copy() + def body_from_string(xml_string): return saml2.create_class_from_xml_string(Body, xml_string) class Fault_detail(Detail_): - c_tag = 'detail' + c_tag = "detail" c_namespace = NAMESPACE c_children = Detail_.c_children.copy() c_attributes = Detail_.c_attributes.copy() c_child_order = Detail_.c_child_order[:] c_cardinality = Detail_.c_cardinality.copy() + def fault_detail_from_string(xml_string): return saml2.create_class_from_xml_string(Fault_detail, xml_string) class Fault_(SamlBase): - """The http://schemas.xmlsoap.org/soap/envelope/:Fault element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Fault element""" - c_tag = 'Fault' + c_tag = "Fault" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/soap/envelope/}faultcode'] = ('faultcode', Fault_faultcode) - c_children['{http://schemas.xmlsoap.org/soap/envelope/}faultstring'] = ('faultstring', Fault_faultstring) - c_children['{http://schemas.xmlsoap.org/soap/envelope/}faultactor'] = ('faultactor', Fault_faultactor) - c_cardinality['faultactor'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/soap/envelope/}detail'] = ('detail', Fault_detail) - c_cardinality['detail'] = {"min":0, "max":1} - c_child_order.extend(['faultcode', 'faultstring', 'faultactor', 'detail']) - - def __init__(self, - faultcode=None, - faultstring=None, - faultactor=None, - detail=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.faultcode=faultcode - self.faultstring=faultstring - self.faultactor=faultactor - self.detail=detail + c_children["{http://schemas.xmlsoap.org/soap/envelope/}faultcode"] = ("faultcode", Fault_faultcode) + c_children["{http://schemas.xmlsoap.org/soap/envelope/}faultstring"] = ("faultstring", Fault_faultstring) + c_children["{http://schemas.xmlsoap.org/soap/envelope/}faultactor"] = ("faultactor", Fault_faultactor) + c_cardinality["faultactor"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/soap/envelope/}detail"] = ("detail", Fault_detail) + c_cardinality["detail"] = {"min": 0, "max": 1} + c_child_order.extend(["faultcode", "faultstring", "faultactor", "detail"]) + + def __init__( + self, + faultcode=None, + faultstring=None, + faultactor=None, + detail=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.faultcode = faultcode + self.faultstring = faultstring + self.faultactor = faultactor + self.detail = detail + def fault__from_string(xml_string): return saml2.create_class_from_xml_string(Fault_, xml_string) class Envelope(Envelope_): - """The http://schemas.xmlsoap.org/soap/envelope/:Envelope element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Envelope element""" - c_tag = 'Envelope' + c_tag = "Envelope" c_namespace = NAMESPACE c_children = Envelope_.c_children.copy() c_attributes = Envelope_.c_attributes.copy() c_child_order = Envelope_.c_child_order[:] c_cardinality = Envelope_.c_cardinality.copy() + def envelope_from_string(xml_string): return saml2.create_class_from_xml_string(Envelope, xml_string) class Fault(Fault_): - """The http://schemas.xmlsoap.org/soap/envelope/:Fault element """ + """The http://schemas.xmlsoap.org/soap/envelope/:Fault element""" - c_tag = 'Fault' + c_tag = "Fault" c_namespace = NAMESPACE c_children = Fault_.c_children.copy() c_attributes = Fault_.c_attributes.copy() c_child_order = Fault_.c_child_order[:] c_cardinality = Fault_.c_cardinality.copy() + def fault_from_string(xml_string): return saml2.create_class_from_xml_string(Fault, xml_string) -#.................. +# .................. # [] AG_encodingStyle = [ - ('encodingStyle', '', False), + ("encodingStyle", "", False), ] ELEMENT_FROM_STRING = { @@ -272,22 +292,21 @@ def fault_from_string(xml_string): } ELEMENT_BY_TAG = { - 'Envelope': Envelope, - 'Envelope': Envelope_, - 'Header': Header, - 'Header': Header_, - 'Body': Body, - 'Body': Body_, - 'encodingStyle': EncodingStyle_, - 'Fault': Fault, - 'Fault': Fault_, - 'detail': Detail_, - 'faultcode': Fault_faultcode, - 'faultstring': Fault_faultstring, - 'faultactor': Fault_faultactor, + # "Envelope": Envelope, + "Envelope": Envelope_, + # "Header": Header, + "Header": Header_, + # "Body": Body, + "Body": Body_, + "encodingStyle": EncodingStyle_, + # "Fault": Fault, + "Fault": Fault_, + "detail": Detail_, + "faultcode": Fault_faultcode, + "faultstring": Fault_faultstring, + "faultactor": Fault_faultactor, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/schema/wsdl.py b/src/saml2/schema/wsdl.py index 8cae5ceb9..54e377e2a 100644 --- a/src/saml2/schema/wsdl.py +++ b/src/saml2/schema/wsdl.py @@ -1,5 +1,3 @@ -#!!!! 'NoneType' object has no attribute 'py_class' -#!!!! 'NoneType' object has no attribute 'py_class' #!/usr/bin/env python # @@ -10,69 +8,75 @@ from saml2 import SamlBase -NAMESPACE = 'http://schemas.xmlsoap.org/wsdl/' +NAMESPACE = "http://schemas.xmlsoap.org/wsdl/" + class TDocumentation_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/:tDocumentation element """ + """The http://schemas.xmlsoap.org/wsdl/:tDocumentation element""" - c_tag = 'tDocumentation' + c_tag = "tDocumentation" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def t_documentation__from_string(xml_string): return saml2.create_class_from_xml_string(TDocumentation_, xml_string) class TDocumented_documentation(TDocumentation_): - c_tag = 'documentation' + c_tag = "documentation" c_namespace = NAMESPACE c_children = TDocumentation_.c_children.copy() c_attributes = TDocumentation_.c_attributes.copy() c_child_order = TDocumentation_.c_child_order[:] c_cardinality = TDocumentation_.c_cardinality.copy() + def t_documented_documentation_from_string(xml_string): return saml2.create_class_from_xml_string(TDocumented_documentation, xml_string) class TDocumented_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/:tDocumented element """ + """The http://schemas.xmlsoap.org/wsdl/:tDocumented element""" - c_tag = 'tDocumented' + c_tag = "tDocumented" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/}documentation'] = ('documentation', TDocumented_documentation) - c_cardinality['documentation'] = {"min":0, "max":1} - c_child_order.extend(['documentation']) - - def __init__(self, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.documentation=documentation + c_children["{http://schemas.xmlsoap.org/wsdl/}documentation"] = ("documentation", TDocumented_documentation) + c_cardinality["documentation"] = {"min": 0, "max": 1} + c_child_order.extend(["documentation"]) + + def __init__( + self, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.documentation = documentation + def t_documented__from_string(xml_string): return saml2.create_class_from_xml_string(TDocumented_, xml_string) class TExtensibleAttributesDocumented_(TDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tExtensibleAttributesDocumented element """ + """The http://schemas.xmlsoap.org/wsdl/:tExtensibleAttributesDocumented element""" - c_tag = 'tExtensibleAttributesDocumented' + c_tag = "tExtensibleAttributesDocumented" c_namespace = NAMESPACE c_children = TDocumented_.c_children.copy() c_attributes = TDocumented_.c_attributes.copy() @@ -81,9 +85,9 @@ class TExtensibleAttributesDocumented_(TDocumented_): class TExtensibleDocumented_(TDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tExtensibleDocumented element """ + """The http://schemas.xmlsoap.org/wsdl/:tExtensibleDocumented element""" - c_tag = 'tExtensibleDocumented' + c_tag = "tExtensibleDocumented" c_namespace = NAMESPACE c_children = TDocumented_.c_children.copy() c_attributes = TDocumented_.c_attributes.copy() @@ -92,242 +96,264 @@ class TExtensibleDocumented_(TDocumented_): class TImport_(TExtensibleAttributesDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tImport element """ + """The http://schemas.xmlsoap.org/wsdl/:tImport element""" - c_tag = 'tImport' + c_tag = "tImport" c_namespace = NAMESPACE c_children = TExtensibleAttributesDocumented_.c_children.copy() c_attributes = TExtensibleAttributesDocumented_.c_attributes.copy() c_child_order = TExtensibleAttributesDocumented_.c_child_order[:] c_cardinality = TExtensibleAttributesDocumented_.c_cardinality.copy() - c_attributes['namespace'] = ('namespace', 'anyURI', True) - c_attributes['location'] = ('location', 'anyURI', True) - - def __init__(self, - namespace=None, - location=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleAttributesDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.namespace=namespace - self.location=location + c_attributes["namespace"] = ("namespace", "anyURI", True) + c_attributes["location"] = ("location", "anyURI", True) + + def __init__( + self, + namespace=None, + location=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleAttributesDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.namespace = namespace + self.location = location + def t_import__from_string(xml_string): return saml2.create_class_from_xml_string(TImport_, xml_string) class TTypes_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tTypes element """ + """The http://schemas.xmlsoap.org/wsdl/:tTypes element""" - c_tag = 'tTypes' + c_tag = "tTypes" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() + def t_types__from_string(xml_string): return saml2.create_class_from_xml_string(TTypes_, xml_string) class TPart_(TExtensibleAttributesDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tPart element """ + """The http://schemas.xmlsoap.org/wsdl/:tPart element""" - c_tag = 'tPart' + c_tag = "tPart" c_namespace = NAMESPACE c_children = TExtensibleAttributesDocumented_.c_children.copy() c_attributes = TExtensibleAttributesDocumented_.c_attributes.copy() c_child_order = TExtensibleAttributesDocumented_.c_child_order[:] c_cardinality = TExtensibleAttributesDocumented_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', True) - c_attributes['element'] = ('element', 'QName', False) - c_attributes['type'] = ('type', 'QName', False) - - def __init__(self, - name=None, - element=None, - type=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleAttributesDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name - self.element=element - self.type=type + c_attributes["name"] = ("name", "NCName", True) + c_attributes["element"] = ("element", "QName", False) + c_attributes["type"] = ("type", "QName", False) + + def __init__( + self, + name=None, + element=None, + type=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleAttributesDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + self.element = element + self.type = type + def t_part__from_string(xml_string): return saml2.create_class_from_xml_string(TPart_, xml_string) class TOperation_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tOperation element """ + """The http://schemas.xmlsoap.org/wsdl/:tOperation element""" - c_tag = 'tOperation' + c_tag = "tOperation" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', True) - c_attributes['parameterOrder'] = ('parameter_order', 'NMTOKENS', False) - - def __init__(self, - name=None, - parameter_order=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name - self.parameter_order=parameter_order + c_attributes["name"] = ("name", "NCName", True) + c_attributes["parameterOrder"] = ("parameter_order", "NMTOKENS", False) + + def __init__( + self, + name=None, + parameter_order=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + self.parameter_order = parameter_order + def t_operation__from_string(xml_string): return saml2.create_class_from_xml_string(TOperation_, xml_string) class TParam_(TExtensibleAttributesDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tParam element """ + """The http://schemas.xmlsoap.org/wsdl/:tParam element""" - c_tag = 'tParam' + c_tag = "tParam" c_namespace = NAMESPACE c_children = TExtensibleAttributesDocumented_.c_children.copy() c_attributes = TExtensibleAttributesDocumented_.c_attributes.copy() c_child_order = TExtensibleAttributesDocumented_.c_child_order[:] c_cardinality = TExtensibleAttributesDocumented_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', False) - c_attributes['message'] = ('message', 'QName', True) - - def __init__(self, - name=None, - message=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleAttributesDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name - self.message=message + c_attributes["name"] = ("name", "NCName", False) + c_attributes["message"] = ("message", "QName", True) + + def __init__( + self, + name=None, + message=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleAttributesDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + self.message = message + def t_param__from_string(xml_string): return saml2.create_class_from_xml_string(TParam_, xml_string) class TFault_(TExtensibleAttributesDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tFault element """ + """The http://schemas.xmlsoap.org/wsdl/:tFault element""" - c_tag = 'tFault' + c_tag = "tFault" c_namespace = NAMESPACE c_children = TExtensibleAttributesDocumented_.c_children.copy() c_attributes = TExtensibleAttributesDocumented_.c_attributes.copy() c_child_order = TExtensibleAttributesDocumented_.c_child_order[:] c_cardinality = TExtensibleAttributesDocumented_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', True) - c_attributes['message'] = ('message', 'QName', True) - - def __init__(self, - name=None, - message=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleAttributesDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name - self.message=message + c_attributes["name"] = ("name", "NCName", True) + c_attributes["message"] = ("message", "QName", True) + + def __init__( + self, + name=None, + message=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleAttributesDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + self.message = message + def t_fault__from_string(xml_string): return saml2.create_class_from_xml_string(TFault_, xml_string) class TBindingOperationMessage_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tBindingOperationMessage element """ + """The http://schemas.xmlsoap.org/wsdl/:tBindingOperationMessage element""" - c_tag = 'tBindingOperationMessage' + c_tag = "tBindingOperationMessage" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', False) - - def __init__(self, - name=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name + c_attributes["name"] = ("name", "NCName", False) + + def __init__( + self, + name=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + def t_binding_operation_message__from_string(xml_string): return saml2.create_class_from_xml_string(TBindingOperationMessage_, xml_string) class TBindingOperationFault_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tBindingOperationFault element """ + """The http://schemas.xmlsoap.org/wsdl/:tBindingOperationFault element""" - c_tag = 'tBindingOperationFault' + c_tag = "tBindingOperationFault" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', True) - - def __init__(self, - name=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name + c_attributes["name"] = ("name", "NCName", True) + + def __init__( + self, + name=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + def t_binding_operation_fault__from_string(xml_string): return saml2.create_class_from_xml_string(TBindingOperationFault_, xml_string) @@ -335,215 +361,232 @@ def t_binding_operation_fault__from_string(xml_string): class TBindingOperation_input(TBindingOperationMessage_): - c_tag = 'input' + c_tag = "input" c_namespace = NAMESPACE c_children = TBindingOperationMessage_.c_children.copy() c_attributes = TBindingOperationMessage_.c_attributes.copy() c_child_order = TBindingOperationMessage_.c_child_order[:] c_cardinality = TBindingOperationMessage_.c_cardinality.copy() + def t_binding_operation_input_from_string(xml_string): return saml2.create_class_from_xml_string(TBindingOperation_input, xml_string) class TBindingOperation_output(TBindingOperationMessage_): - c_tag = 'output' + c_tag = "output" c_namespace = NAMESPACE c_children = TBindingOperationMessage_.c_children.copy() c_attributes = TBindingOperationMessage_.c_attributes.copy() c_child_order = TBindingOperationMessage_.c_child_order[:] c_cardinality = TBindingOperationMessage_.c_cardinality.copy() + def t_binding_operation_output_from_string(xml_string): return saml2.create_class_from_xml_string(TBindingOperation_output, xml_string) class TBindingOperation_fault(TBindingOperationFault_): - c_tag = 'fault' + c_tag = "fault" c_namespace = NAMESPACE c_children = TBindingOperationFault_.c_children.copy() c_attributes = TBindingOperationFault_.c_attributes.copy() c_child_order = TBindingOperationFault_.c_child_order[:] c_cardinality = TBindingOperationFault_.c_cardinality.copy() + def t_binding_operation_fault_from_string(xml_string): return saml2.create_class_from_xml_string(TBindingOperation_fault, xml_string) class TBindingOperation_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tBindingOperation element """ + """The http://schemas.xmlsoap.org/wsdl/:tBindingOperation element""" - c_tag = 'tBindingOperation' + c_tag = "tBindingOperation" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/}input'] = ('input', TBindingOperation_input) - c_cardinality['input'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/wsdl/}output'] = ('output', TBindingOperation_output) - c_cardinality['output'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/wsdl/}fault'] = ('fault', [TBindingOperation_fault]) - c_cardinality['fault'] = {"min":0} - c_attributes['name'] = ('name', 'NCName', True) - c_child_order.extend(['input', 'output', 'fault']) - - def __init__(self, - input=None, - output=None, - fault=None, - name=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.input=input - self.output=output - self.fault=fault or [] - self.name=name + c_children["{http://schemas.xmlsoap.org/wsdl/}input"] = ("input", TBindingOperation_input) + c_cardinality["input"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/wsdl/}output"] = ("output", TBindingOperation_output) + c_cardinality["output"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/wsdl/}fault"] = ("fault", [TBindingOperation_fault]) + c_cardinality["fault"] = {"min": 0} + c_attributes["name"] = ("name", "NCName", True) + c_child_order.extend(["input", "output", "fault"]) + + def __init__( + self, + input=None, + output=None, + fault=None, + name=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.input = input + self.output = output + self.fault = fault or [] + self.name = name + def t_binding_operation__from_string(xml_string): return saml2.create_class_from_xml_string(TBindingOperation_, xml_string) class TPort_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tPort element """ + """The http://schemas.xmlsoap.org/wsdl/:tPort element""" - c_tag = 'tPort' + c_tag = "tPort" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_attributes['name'] = ('name', 'NCName', True) - c_attributes['binding'] = ('binding', 'QName', True) - - def __init__(self, - name=None, - binding=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name - self.binding=binding + c_attributes["name"] = ("name", "NCName", True) + c_attributes["binding"] = ("binding", "QName", True) + + def __init__( + self, + name=None, + binding=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + self.binding = binding + def t_port__from_string(xml_string): return saml2.create_class_from_xml_string(TPort_, xml_string) class TExtensibilityElement_(SamlBase): - """The http://schemas.xmlsoap.org/wsdl/:tExtensibilityElement element """ + """The http://schemas.xmlsoap.org/wsdl/:tExtensibilityElement element""" - c_tag = 'tExtensibilityElement' + c_tag = "tExtensibilityElement" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['required'] = ('required', 'None', False) - - def __init__(self, - required=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.required=required + c_attributes["required"] = ("required", "None", False) + + def __init__( + self, + required=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.required = required class Import(TImport_): - """The http://schemas.xmlsoap.org/wsdl/:import element """ + """The http://schemas.xmlsoap.org/wsdl/:import element""" - c_tag = 'import' + c_tag = "import" c_namespace = NAMESPACE c_children = TImport_.c_children.copy() c_attributes = TImport_.c_attributes.copy() c_child_order = TImport_.c_child_order[:] c_cardinality = TImport_.c_cardinality.copy() + def import_from_string(xml_string): return saml2.create_class_from_xml_string(Import, xml_string) class Types(TTypes_): - """The http://schemas.xmlsoap.org/wsdl/:types element """ + """The http://schemas.xmlsoap.org/wsdl/:types element""" - c_tag = 'types' + c_tag = "types" c_namespace = NAMESPACE c_children = TTypes_.c_children.copy() c_attributes = TTypes_.c_attributes.copy() c_child_order = TTypes_.c_child_order[:] c_cardinality = TTypes_.c_cardinality.copy() + def types_from_string(xml_string): return saml2.create_class_from_xml_string(Types, xml_string) class TMessage_part(TPart_): - c_tag = 'part' + c_tag = "part" c_namespace = NAMESPACE c_children = TPart_.c_children.copy() c_attributes = TPart_.c_attributes.copy() c_child_order = TPart_.c_child_order[:] c_cardinality = TPart_.c_cardinality.copy() + def t_message_part_from_string(xml_string): return saml2.create_class_from_xml_string(TMessage_part, xml_string) class TMessage_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tMessage element """ + """The http://schemas.xmlsoap.org/wsdl/:tMessage element""" - c_tag = 'tMessage' + c_tag = "tMessage" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/}part'] = ('part', [TMessage_part]) - c_cardinality['part'] = {"min":0} - c_attributes['name'] = ('name', 'NCName', True) - c_child_order.extend(['part']) - - def __init__(self, - part=None, - name=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.part=part or [] - self.name=name + c_children["{http://schemas.xmlsoap.org/wsdl/}part"] = ("part", [TMessage_part]) + c_cardinality["part"] = {"min": 0} + c_attributes["name"] = ("name", "NCName", True) + c_child_order.extend(["part"]) + + def __init__( + self, + part=None, + name=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.part = part or [] + self.name = name + def t_message__from_string(xml_string): return saml2.create_class_from_xml_string(TMessage_, xml_string) @@ -551,47 +594,51 @@ def t_message__from_string(xml_string): class TPortType_operation(TOperation_): - c_tag = 'operation' + c_tag = "operation" c_namespace = NAMESPACE c_children = TOperation_.c_children.copy() c_attributes = TOperation_.c_attributes.copy() c_child_order = TOperation_.c_child_order[:] c_cardinality = TOperation_.c_cardinality.copy() + def t_port_type_operation_from_string(xml_string): return saml2.create_class_from_xml_string(TPortType_operation, xml_string) class TPortType_(TExtensibleAttributesDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tPortType element """ + """The http://schemas.xmlsoap.org/wsdl/:tPortType element""" - c_tag = 'tPortType' + c_tag = "tPortType" c_namespace = NAMESPACE c_children = TExtensibleAttributesDocumented_.c_children.copy() c_attributes = TExtensibleAttributesDocumented_.c_attributes.copy() c_child_order = TExtensibleAttributesDocumented_.c_child_order[:] c_cardinality = TExtensibleAttributesDocumented_.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/}operation'] = ('operation', [TPortType_operation]) - c_cardinality['operation'] = {"min":0} - c_attributes['name'] = ('name', 'NCName', True) - c_child_order.extend(['operation']) - - def __init__(self, - operation=None, - name=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleAttributesDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.operation=operation or [] - self.name=name + c_children["{http://schemas.xmlsoap.org/wsdl/}operation"] = ("operation", [TPortType_operation]) + c_cardinality["operation"] = {"min": 0} + c_attributes["name"] = ("name", "NCName", True) + c_child_order.extend(["operation"]) + + def __init__( + self, + operation=None, + name=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleAttributesDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.operation = operation or [] + self.name = name + def t_port_type__from_string(xml_string): return saml2.create_class_from_xml_string(TPortType_, xml_string) @@ -599,50 +646,54 @@ def t_port_type__from_string(xml_string): class TBinding_operation(TBindingOperation_): - c_tag = 'operation' + c_tag = "operation" c_namespace = NAMESPACE c_children = TBindingOperation_.c_children.copy() c_attributes = TBindingOperation_.c_attributes.copy() c_child_order = TBindingOperation_.c_child_order[:] c_cardinality = TBindingOperation_.c_cardinality.copy() + def t_binding_operation_from_string(xml_string): return saml2.create_class_from_xml_string(TBinding_operation, xml_string) class TBinding_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tBinding element """ + """The http://schemas.xmlsoap.org/wsdl/:tBinding element""" - c_tag = 'tBinding' + c_tag = "tBinding" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/}operation'] = ('operation', [TBinding_operation]) - c_cardinality['operation'] = {"min":0} - c_attributes['name'] = ('name', 'NCName', True) - c_attributes['type'] = ('type', 'QName', True) - c_child_order.extend(['operation']) - - def __init__(self, - operation=None, - name=None, - type=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.operation=operation or [] - self.name=name - self.type=type + c_children["{http://schemas.xmlsoap.org/wsdl/}operation"] = ("operation", [TBinding_operation]) + c_cardinality["operation"] = {"min": 0} + c_attributes["name"] = ("name", "NCName", True) + c_attributes["type"] = ("type", "QName", True) + c_child_order.extend(["operation"]) + + def __init__( + self, + operation=None, + name=None, + type=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.operation = operation or [] + self.name = name + self.type = type + def t_binding__from_string(xml_string): return saml2.create_class_from_xml_string(TBinding_, xml_string) @@ -650,181 +701,193 @@ def t_binding__from_string(xml_string): class TService_port(TPort_): - c_tag = 'port' + c_tag = "port" c_namespace = NAMESPACE c_children = TPort_.c_children.copy() c_attributes = TPort_.c_attributes.copy() c_child_order = TPort_.c_child_order[:] c_cardinality = TPort_.c_cardinality.copy() + def t_service_port_from_string(xml_string): return saml2.create_class_from_xml_string(TService_port, xml_string) class TService_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tService element """ + """The http://schemas.xmlsoap.org/wsdl/:tService element""" - c_tag = 'tService' + c_tag = "tService" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/}port'] = ('port', [TService_port]) - c_cardinality['port'] = {"min":0} - c_attributes['name'] = ('name', 'NCName', True) - c_child_order.extend(['port']) - - def __init__(self, - port=None, - name=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.port=port or [] - self.name=name + c_children["{http://schemas.xmlsoap.org/wsdl/}port"] = ("port", [TService_port]) + c_cardinality["port"] = {"min": 0} + c_attributes["name"] = ("name", "NCName", True) + c_child_order.extend(["port"]) + + def __init__( + self, + port=None, + name=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.port = port or [] + self.name = name + def t_service__from_string(xml_string): return saml2.create_class_from_xml_string(TService_, xml_string) class Message(TMessage_): - """The http://schemas.xmlsoap.org/wsdl/:message element """ + """The http://schemas.xmlsoap.org/wsdl/:message element""" - c_tag = 'message' + c_tag = "message" c_namespace = NAMESPACE c_children = TMessage_.c_children.copy() c_attributes = TMessage_.c_attributes.copy() c_child_order = TMessage_.c_child_order[:] c_cardinality = TMessage_.c_cardinality.copy() + def message_from_string(xml_string): return saml2.create_class_from_xml_string(Message, xml_string) class PortType(TPortType_): - """The http://schemas.xmlsoap.org/wsdl/:portType element """ + """The http://schemas.xmlsoap.org/wsdl/:portType element""" - c_tag = 'portType' + c_tag = "portType" c_namespace = NAMESPACE c_children = TPortType_.c_children.copy() c_attributes = TPortType_.c_attributes.copy() c_child_order = TPortType_.c_child_order[:] c_cardinality = TPortType_.c_cardinality.copy() + def port_type_from_string(xml_string): return saml2.create_class_from_xml_string(PortType, xml_string) class Binding(TBinding_): - """The http://schemas.xmlsoap.org/wsdl/:binding element """ + """The http://schemas.xmlsoap.org/wsdl/:binding element""" - c_tag = 'binding' + c_tag = "binding" c_namespace = NAMESPACE c_children = TBinding_.c_children.copy() c_attributes = TBinding_.c_attributes.copy() c_child_order = TBinding_.c_child_order[:] c_cardinality = TBinding_.c_cardinality.copy() + def binding_from_string(xml_string): return saml2.create_class_from_xml_string(Binding, xml_string) class Service(TService_): - """The http://schemas.xmlsoap.org/wsdl/:service element """ + """The http://schemas.xmlsoap.org/wsdl/:service element""" - c_tag = 'service' + c_tag = "service" c_namespace = NAMESPACE c_children = TService_.c_children.copy() c_attributes = TService_.c_attributes.copy() c_child_order = TService_.c_child_order[:] c_cardinality = TService_.c_cardinality.copy() + def service_from_string(xml_string): return saml2.create_class_from_xml_string(Service, xml_string) class TDefinitions_(TExtensibleDocumented_): - """The http://schemas.xmlsoap.org/wsdl/:tDefinitions element """ + """The http://schemas.xmlsoap.org/wsdl/:tDefinitions element""" - c_tag = 'tDefinitions' + c_tag = "tDefinitions" c_namespace = NAMESPACE c_children = TExtensibleDocumented_.c_children.copy() c_attributes = TExtensibleDocumented_.c_attributes.copy() c_child_order = TExtensibleDocumented_.c_child_order[:] c_cardinality = TExtensibleDocumented_.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/wsdl/}import'] = ('import', Import) - c_cardinality['import'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/wsdl/}types'] = ('types', Types) - c_cardinality['types'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/wsdl/}message'] = ('message', Message) - c_cardinality['message'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/wsdl/}portType'] = ('port_type', PortType) - c_cardinality['port_type'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/wsdl/}binding'] = ('binding', Binding) - c_cardinality['binding'] = {"min":0, "max":1} - c_children['{http://schemas.xmlsoap.org/wsdl/}service'] = ('service', Service) - c_cardinality['service'] = {"min":0, "max":1} - c_attributes['targetNamespace'] = ('target_namespace', 'anyURI', False) - c_attributes['name'] = ('name', 'NCName', False) - c_child_order.extend(['import', 'types', 'message', 'port_type', 'binding', 'service']) - - def __init__(self, - import_=None, - types=None, - message=None, - port_type=None, - binding=None, - service=None, - target_namespace=None, - name=None, - documentation=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - TExtensibleDocumented_.__init__(self, - documentation=documentation, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.import_=import_ - self.types=types - self.message=message - self.port_type=port_type - self.binding=binding - self.service=service - self.target_namespace=target_namespace - self.name=name + c_children["{http://schemas.xmlsoap.org/wsdl/}import"] = ("import", Import) + c_cardinality["import"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/wsdl/}types"] = ("types", Types) + c_cardinality["types"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/wsdl/}message"] = ("message", Message) + c_cardinality["message"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/wsdl/}portType"] = ("port_type", PortType) + c_cardinality["port_type"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/wsdl/}binding"] = ("binding", Binding) + c_cardinality["binding"] = {"min": 0, "max": 1} + c_children["{http://schemas.xmlsoap.org/wsdl/}service"] = ("service", Service) + c_cardinality["service"] = {"min": 0, "max": 1} + c_attributes["targetNamespace"] = ("target_namespace", "anyURI", False) + c_attributes["name"] = ("name", "NCName", False) + c_child_order.extend(["import", "types", "message", "port_type", "binding", "service"]) + + def __init__( + self, + import_=None, + types=None, + message=None, + port_type=None, + binding=None, + service=None, + target_namespace=None, + name=None, + documentation=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + TExtensibleDocumented_.__init__( + self, + documentation=documentation, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.import_ = import_ + self.types = types + self.message = message + self.port_type = port_type + self.binding = binding + self.service = service + self.target_namespace = target_namespace + self.name = name + def t_definitions__from_string(xml_string): return saml2.create_class_from_xml_string(TDefinitions_, xml_string) class Definitions(TDefinitions_): - """The http://schemas.xmlsoap.org/wsdl/:definitions element """ + """The http://schemas.xmlsoap.org/wsdl/:definitions element""" - c_tag = 'definitions' + c_tag = "definitions" c_namespace = NAMESPACE c_children = TDefinitions_.c_children.copy() c_attributes = TDefinitions_.c_attributes.copy() c_child_order = TDefinitions_.c_child_order[:] c_cardinality = TDefinitions_.c_cardinality.copy() + def definitions_from_string(xml_string): return saml2.create_class_from_xml_string(Definitions, xml_string) -#.................. +# .................. # [] ELEMENT_FROM_STRING = { TDocumentation_.c_tag: t_documentation__from_string, @@ -861,43 +924,42 @@ def definitions_from_string(xml_string): } ELEMENT_BY_TAG = { - 'tDocumentation': TDocumentation_, - 'tDocumented': TDocumented_, - 'definitions': Definitions, - 'tDefinitions': TDefinitions_, - 'tImport': TImport_, - 'tTypes': TTypes_, - 'tMessage': TMessage_, - 'tPart': TPart_, - 'tPortType': TPortType_, - 'tOperation': TOperation_, - 'tParam': TParam_, - 'tFault': TFault_, - 'tBinding': TBinding_, - 'tBindingOperationMessage': TBindingOperationMessage_, - 'tBindingOperationFault': TBindingOperationFault_, - 'tBindingOperation': TBindingOperation_, - 'tService': TService_, - 'tPort': TPort_, - 'documentation': TDocumented_documentation, - 'input': TBindingOperation_input, - 'output': TBindingOperation_output, - 'fault': TBindingOperation_fault, - 'import': Import, - 'types': Types, - 'part': TMessage_part, - 'operation': TPortType_operation, - 'port': TService_port, - 'message': Message, - 'portType': PortType, - 'binding': Binding, - 'service': Service, - 'tExtensibleAttributesDocumented': TExtensibleAttributesDocumented_, - 'tExtensibleDocumented': TExtensibleDocumented_, - 'tExtensibilityElement': TExtensibilityElement_, + "tDocumentation": TDocumentation_, + "tDocumented": TDocumented_, + "definitions": Definitions, + "tDefinitions": TDefinitions_, + "tImport": TImport_, + "tTypes": TTypes_, + "tMessage": TMessage_, + "tPart": TPart_, + "tPortType": TPortType_, + "tOperation": TOperation_, + "tParam": TParam_, + "tFault": TFault_, + "tBinding": TBinding_, + "tBindingOperationMessage": TBindingOperationMessage_, + "tBindingOperationFault": TBindingOperationFault_, + "tBindingOperation": TBindingOperation_, + "tService": TService_, + "tPort": TPort_, + "documentation": TDocumented_documentation, + "input": TBindingOperation_input, + "output": TBindingOperation_output, + "fault": TBindingOperation_fault, + "import": Import, + "types": Types, + "part": TMessage_part, + "operation": TPortType_operation, + "port": TService_port, + "message": Message, + "portType": PortType, + "binding": Binding, + "service": Service, + "tExtensibleAttributesDocumented": TExtensibleAttributesDocumented_, + "tExtensibleDocumented": TExtensibleDocumented_, + "tExtensibilityElement": TExtensibilityElement_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/sdb.py b/src/saml2/sdb.py index 01c69aea2..df9613a42 100644 --- a/src/saml2/sdb.py +++ b/src/saml2/sdb.py @@ -1,6 +1,5 @@ -import logging - from hashlib import sha1 +import logging from saml2.ident import code_binary @@ -12,11 +11,12 @@ def context_match(cfilter, cntx): # TODO return True + # The key to the stored authn statement is placed encrypted in the cookie -class SessionStorage(object): - """ In memory storage of session information """ +class SessionStorage: + """In memory storage of session information""" def __init__(self): self.db = {"assertion": {}, "authn": {}} @@ -34,8 +34,7 @@ def store_assertion(self, assertion, to_sign): def get_assertion(self, cid): return self.assertion[cid] - def get_authn_statements(self, name_id, session_index=None, - requested_context=None): + def get_authn_statements(self, name_id, session_index=None, requested_context=None): """ :param name_id: @@ -56,8 +55,7 @@ def get_authn_statements(self, name_id, session_index=None, if statement.session_index != session_index: continue if requested_context: - if not context_match(requested_context, - statement[0].authn_context): + if not context_match(requested_context, statement[0].authn_context): continue result.append(statement) diff --git a/src/saml2/server.py b/src/saml2/server.py index 3a12211a4..ca2b312d7 100644 --- a/src/saml2/server.py +++ b/src/saml2/server.py @@ -1,54 +1,48 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """Contains classes and functions that a SAML2.0 Identity provider (IdP) or attribute authority (AA) may use to conclude its tasks. """ -import logging - import importlib -import dbm +import logging import shelve -import six import threading +from dbm import error as DbmError -import saml2.cryptography.symmetric -from saml2 import saml -from saml2 import element_to_extension_element -from saml2 import class_name from saml2 import BINDING_HTTP_REDIRECT -from saml2.argtree import add_path, is_set - +from saml2 import class_name +from saml2 import element_to_extension_element +from saml2 import saml +from saml2.argtree import add_path +from saml2.argtree import is_set +from saml2.assertion import Assertion +from saml2.assertion import Policy +from saml2.assertion import filter_attribute_value_assertions +from saml2.assertion import restriction_from_attribute_spec +import saml2.cryptography.symmetric from saml2.entity import Entity from saml2.eptid import Eptid from saml2.eptid import EptidShelve -from saml2.samlp import NameIDMappingResponse -from saml2.sdb import SessionStorage -from saml2.schema import soapenv - -from saml2.request import AuthnRequest +from saml2.ident import IdentDB +from saml2.ident import decode +from saml2.profile import ecp from saml2.request import AssertionIDRequest from saml2.request import AttributeQuery -from saml2.request import NameIDMappingRequest -from saml2.request import AuthzDecisionQuery from saml2.request import AuthnQuery - +from saml2.request import AuthnRequest +from saml2.request import AuthzDecisionQuery +from saml2.request import NameIDMappingRequest from saml2.s_utils import MissingValue -from saml2.s_utils import rndstr from saml2.s_utils import Unknown - +from saml2.s_utils import rndstr +from saml2.samlp import NameIDMappingResponse +from saml2.schema import soapenv +from saml2.sdb import SessionStorage +from saml2.sigver import CertificateError from saml2.sigver import pre_signature_part from saml2.sigver import signed_instance_factory -from saml2.sigver import CertificateError -from saml2.assertion import Assertion -from saml2.assertion import Policy -from saml2.assertion import restriction_from_attribute_spec -from saml2.assertion import filter_attribute_value_assertions - -from saml2.ident import IdentDB, decode -from saml2.profile import ecp logger = logging.getLogger(__name__) @@ -57,24 +51,19 @@ "authn_auth": "authn_auth", "class_ref": "authn_class", "authn_instant": "authn_instant", - "subject_locality": "subject_locality" + "subject_locality": "subject_locality", } def _shelve_compat(name, *args, **kwargs): try: return shelve.open(name, *args, **kwargs) - except dbm.error[0]: - # Python 3 whichdb needs to try .db to determine type - if name.endswith('.db'): - name = name.rsplit('.db', 1)[0] - return shelve.open(name, *args, **kwargs) - else: - raise + except DbmError: + return shelve.open(name.removesuffix(".db"), *args, **kwargs) class Server(Entity): - """ A class that does things that IdPs or AAs do """ + """A class that does things that IdPs or AAs do""" def __init__( self, @@ -113,19 +102,20 @@ def choose_session_storage(self): _spec = self.config.getattr("session_storage", "idp") if not _spec: return SessionStorage() - elif isinstance(_spec, six.string_types): + elif isinstance(_spec, str): if _spec.lower() == "memory": return SessionStorage() else: # Should be tuple typ, data = _spec if typ.lower() == "mongodb": from saml2.mongo_store import SessionStorageMDB + return SessionStorageMDB(database=data, collection="session") raise NotImplementedError("No such storage type implemented") def init_config(self, stype="idp"): - """ Remaining init of the server configuration + """Remaining init of the server configuration :param stype: The type of Server ("idp"/"aa") """ @@ -139,7 +129,7 @@ def init_config(self, stype="idp"): typ = "" if not dbspec: idb = {} - elif isinstance(dbspec, six.string_types): + elif isinstance(dbspec, str): idb = _shelve_compat(dbspec, writeback=True, protocol=2) else: # database spec is a a 2-tuple (type, address) # print(>> sys.stderr, "DBSPEC: %s" % (dbspec,)) @@ -148,14 +138,16 @@ def init_config(self, stype="idp"): idb = _shelve_compat(addr, writeback=True, protocol=2) elif typ == "memcached": import memcache + idb = memcache.Client(addr) elif typ == "dict": # in-memory dictionary idb = {} elif typ == "mongodb": from saml2.mongo_store import IdentMDB + self.ident = IdentMDB(database=addr, collection="ident") elif typ == "identdb": - mod, clas = addr.rsplit('.', 1) + mod, clas = addr.rsplit(".", 1) mod = importlib.import_module(mod) self.ident = getattr(mod, clas)() @@ -164,8 +156,7 @@ def init_config(self, stype="idp"): elif idb is not None: self.ident = IdentDB(idb) elif dbspec: - raise Exception("Couldn't open identity database: %s" % - (dbspec,)) + raise Exception(f"Couldn't open identity database: {dbspec}") try: _domain = self.config.getattr("domain", "idp") @@ -185,8 +176,8 @@ def init_config(self, stype="idp"): self.eptid = EptidShelve(secret, addr) elif typ == "mongodb": from saml2.mongo_store import EptidMDB - self.eptid = EptidMDB(secret, database=addr, - collection="eptid") + + self.eptid = EptidMDB(secret, database=addr, collection="eptid") else: self.eptid = Eptid(secret) except Exception: @@ -194,7 +185,7 @@ def init_config(self, stype="idp"): raise def wants(self, sp_entity_id, index=None): - """ Returns what attributes the SP requires and which are optional + """Returns what attributes the SP requires and which are optional if any such demands are registered in the Metadata. :param sp_entity_id: The entity id of the SP @@ -225,8 +216,9 @@ def verify_assertion_consumer_service(self, request): # ------------------------------------------------------------------------- - def parse_authn_request(self, enc_request, binding=BINDING_HTTP_REDIRECT, - relay_state=None, sigalg=None, signature=None): + def parse_authn_request( + self, enc_request, binding=BINDING_HTTP_REDIRECT, relay_state=None, sigalg=None, signature=None + ): """Parse a Authentication Request :param enc_request: The request in its transport format @@ -238,99 +230,109 @@ def parse_authn_request(self, enc_request, binding=BINDING_HTTP_REDIRECT, :return: A request instance """ - return self._parse_request(enc_request, AuthnRequest, - "single_sign_on_service", binding, - relay_state=relay_state, sigalg=sigalg, - signature=signature) + return self._parse_request( + enc_request, + AuthnRequest, + "single_sign_on_service", + binding, + relay_state=relay_state, + sigalg=sigalg, + signature=signature, + ) def parse_attribute_query(self, xml_string, binding): - """ Parse an attribute query + """Parse an attribute query :param xml_string: The Attribute Query as an XML string :param binding: Which binding that was used for the request :return: A query instance """ - return self._parse_request(xml_string, AttributeQuery, - "attribute_service", binding) + return self._parse_request(xml_string, AttributeQuery, "attribute_service", binding) def parse_authz_decision_query(self, xml_string, binding): - """ Parse an authorization decision query + """Parse an authorization decision query :param xml_string: The Authz decision Query as an XML string :param binding: Which binding that was used when receiving this query :return: Query instance """ - return self._parse_request(xml_string, AuthzDecisionQuery, - "authz_service", binding) + return self._parse_request(xml_string, AuthzDecisionQuery, "authz_service", binding) def parse_assertion_id_request(self, xml_string, binding): - """ Parse an assertion id query + """Parse an assertion id query :param xml_string: The AssertionIDRequest as an XML string :param binding: Which binding that was used when receiving this request :return: Query instance """ - return self._parse_request(xml_string, AssertionIDRequest, - "assertion_id_request_service", binding) + return self._parse_request(xml_string, AssertionIDRequest, "assertion_id_request_service", binding) def parse_authn_query(self, xml_string, binding): - """ Parse an authn query + """Parse an authn query :param xml_string: The AuthnQuery as an XML string :param binding: Which binding that was used when receiving this query :return: Query instance """ - return self._parse_request(xml_string, AuthnQuery, - "authn_query_service", binding) + return self._parse_request(xml_string, AuthnQuery, "authn_query_service", binding) def parse_name_id_mapping_request(self, xml_string, binding): - """ Parse a nameid mapping request + """Parse a nameid mapping request :param xml_string: The NameIDMappingRequest as an XML string :param binding: Which binding that was used when receiving this request :return: Query instance """ - return self._parse_request(xml_string, NameIDMappingRequest, - "name_id_mapping_service", binding) + return self._parse_request(xml_string, NameIDMappingRequest, "name_id_mapping_service", binding) @staticmethod def update_farg(in_response_to, consumer_url, farg=None): if not farg: - farg = add_path( - {}, - ['assertion', 'subject', 'subject_confirmation', 'method', - saml.SCM_BEARER]) + farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', in_response_to]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "in_response_to", in_response_to], + ) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', consumer_url]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "recipient", consumer_url], + ) else: - if not is_set(farg, - ['assertion', 'subject', 'subject_confirmation', - 'method']): - add_path(farg, - ['assertion', 'subject', 'subject_confirmation', - 'method', saml.SCM_BEARER]) - if not is_set(farg, - ['assertion', 'subject', 'subject_confirmation', - 'subject_confirmation_data', 'in_response_to']): - add_path(farg, - ['assertion', 'subject', 'subject_confirmation', - 'subject_confirmation_data', 'in_response_to', - in_response_to]) - if not is_set(farg, ['assertion', 'subject', 'subject_confirmation', - 'subject_confirmation_data', 'recipient']): - add_path(farg, - ['assertion', 'subject', 'subject_confirmation', - 'subject_confirmation_data', 'recipient', - consumer_url]) + if not is_set(farg, ["assertion", "subject", "subject_confirmation", "method"]): + add_path(farg, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) + if not is_set( + farg, ["assertion", "subject", "subject_confirmation", "subject_confirmation_data", "in_response_to"] + ): + add_path( + farg, + [ + "assertion", + "subject", + "subject_confirmation", + "subject_confirmation_data", + "in_response_to", + in_response_to, + ], + ) + if not is_set( + farg, ["assertion", "subject", "subject_confirmation", "subject_confirmation_data", "recipient"] + ): + add_path( + farg, + [ + "assertion", + "subject", + "subject_confirmation", + "subject_confirmation_data", + "recipient", + consumer_url, + ], + ) return farg def setup_assertion( @@ -394,29 +396,42 @@ def setup_assertion( if authn: # expected to be a dictionary # Would like to use dict comprehension but ... - authn_args = dict( - [(AUTHN_DICT_MAP[k], v) for k, v in authn.items() if - k in AUTHN_DICT_MAP]) + authn_args = {AUTHN_DICT_MAP[k]: v for k, v in authn.items() if k in AUTHN_DICT_MAP} authn_args.update(kwargs) assertion = ast.construct( - sp_entity_id, self.config.attribute_converters, policy, - issuer=_issuer, farg=farg['assertion'], name_id=name_id, + sp_entity_id, + self.config.attribute_converters, + policy, + issuer=_issuer, + farg=farg["assertion"], + name_id=name_id, session_not_on_or_after=session_not_on_or_after, - **authn_args) + **authn_args, + ) elif authn_statement: # Got a complete AuthnStatement assertion = ast.construct( - sp_entity_id, self.config.attribute_converters, policy, - issuer=_issuer, authn_statem=authn_statement, - farg=farg['assertion'], name_id=name_id, - **kwargs) + sp_entity_id, + self.config.attribute_converters, + policy, + issuer=_issuer, + authn_statem=authn_statement, + farg=farg["assertion"], + name_id=name_id, + **kwargs, + ) else: assertion = ast.construct( - sp_entity_id, self.config.attribute_converters, policy, - issuer=_issuer, farg=farg['assertion'], name_id=name_id, + sp_entity_id, + self.config.attribute_converters, + policy, + issuer=_issuer, + farg=farg["assertion"], + name_id=name_id, session_not_on_or_after=session_not_on_or_after, - **kwargs) + **kwargs, + ) return assertion # XXX DONE calls pre_signature_part @@ -447,7 +462,7 @@ def _authn_response( farg=None, session_not_on_or_after=None, ): - """ Create a response. A layer of indirection. + """Create a response. A layer of indirection. :param in_response_to: The session identifier of the request :param consumer_url: The URL which should receive the response @@ -497,12 +512,34 @@ def _authn_response( encrypted_advice_attributes = True encrypt_assertion_self_contained = True assertion_attributes = self.setup_assertion( - None, sp_entity_id, None, None, None, policy, None, None, - identity, best_effort, sign_response, farg=farg) + None, + sp_entity_id, + None, + None, + None, + policy, + None, + None, + identity, + best_effort, + sign_response, + farg=farg, + ) assertion = self.setup_assertion( - authn, sp_entity_id, in_response_to, consumer_url, name_id, - policy, _issuer, authn_statement, [], True, sign_response, - farg=farg, session_not_on_or_after=session_not_on_or_after) + authn, + sp_entity_id, + in_response_to, + consumer_url, + name_id, + policy, + _issuer, + authn_statement, + [], + True, + sign_response, + farg=farg, + session_not_on_or_after=session_not_on_or_after, + ) assertion.advice = saml.Advice() # assertion.advice.assertion_id_ref.append(saml.AssertionIDRef()) @@ -510,10 +547,20 @@ def _authn_response( assertion.advice.assertion.append(assertion_attributes) else: assertion = self.setup_assertion( - authn, sp_entity_id, in_response_to, consumer_url, name_id, - policy, _issuer, authn_statement, identity, True, - sign_response, farg=farg, - session_not_on_or_after=session_not_on_or_after) + authn, + sp_entity_id, + in_response_to, + consumer_url, + name_id, + policy, + _issuer, + authn_statement, + identity, + True, + sign_response, + farg=farg, + session_not_on_or_after=session_not_on_or_after, + ) to_sign = [] if not encrypt_assertion: @@ -533,7 +580,7 @@ def _authn_response( ) to_sign.append((class_name(assertion), assertion.id)) - if (self.support_AssertionIDRequest() or self.support_AuthnQuery()): + if self.support_AssertionIDRequest() or self.support_AuthnQuery(): self.session_db.store_assertion(assertion, to_sign) return self._response( @@ -577,7 +624,7 @@ def create_attribute_response( farg=None, **kwargs, ): - """ Create an attribute assertion response. + """Create an attribute assertion response. :param identity: A dictionary with attributes and values that are expected to be the bases for the assertion in the response. @@ -621,9 +668,13 @@ def create_attribute_response( ast = filter_attribute_value_assertions(ast, restr) assertion = ast.construct( - sp_entity_id, self.config.attribute_converters, policy, - issuer=_issuer, name_id=name_id, - farg=farg['assertion']) + sp_entity_id, + self.config.attribute_converters, + policy, + issuer=_issuer, + name_id=name_id, + farg=farg["assertion"], + ) return self._response( in_response_to, @@ -640,9 +691,7 @@ def create_attribute_response( **kwargs, ) - def gather_authn_response_args( - self, sp_entity_id, name_id_policy, userid, **kwargs - ): + def gather_authn_response_args(self, sp_entity_id, name_id_policy, userid, **kwargs): kwargs["policy"] = kwargs.get("release_policy") # collect args and return them @@ -650,33 +699,26 @@ def gather_authn_response_args( # XXX will be passed to _authn_response param_defaults = { - 'policy': None, - 'best_effort': False, - 'sign_assertion': False, - 'sign_response': False, - 'encrypt_assertion': False, - 'encrypt_assertion_self_contained': True, - 'encrypted_advice_attributes': False, - 'encrypt_cert_advice': None, - 'encrypt_cert_assertion': None, + "policy": None, + "best_effort": False, + "sign_assertion": False, + "sign_response": False, + "encrypt_assertion": False, + "encrypt_assertion_self_contained": True, + "encrypted_advice_attributes": False, + "encrypt_cert_advice": None, + "encrypt_cert_assertion": None, # need to be named sign_alg and digest_alg } for param, val_default in param_defaults.items(): val_kw = kwargs.get(param) val_config = self.config.getattr(param, "idp") - args[param] = ( - val_kw - if val_kw is not None - else val_config - if val_config is not None - else val_default - ) + args[param] = val_kw if val_kw is not None else val_config if val_config is not None else val_default for arg, attr, eca, pefim in [ - ('encrypted_advice_attributes', 'verify_encrypt_cert_advice', - 'encrypt_cert_advice', kwargs["pefim"]), - ('encrypt_assertion', 'verify_encrypt_cert_assertion', - 'encrypt_cert_assertion', False)]: + ("encrypted_advice_attributes", "verify_encrypt_cert_advice", "encrypt_cert_advice", kwargs["pefim"]), + ("encrypt_assertion", "verify_encrypt_cert_assertion", "encrypt_cert_assertion", False), + ]: if args[arg] or pefim: _enc_cert = self.config.getattr(attr, "idp") @@ -684,19 +726,16 @@ def gather_authn_response_args( if _enc_cert is not None: if kwargs[eca] is None: raise CertificateError( - "No SPCertEncType certificate for encryption " - "contained in authentication " - "request.") + "No SPCertEncType certificate for encryption " "contained in authentication " "request." + ) if not _enc_cert(kwargs[eca]): - raise CertificateError( - "Invalid certificate for encryption!") + raise CertificateError("Invalid certificate for encryption!") - if 'name_id' not in kwargs or not kwargs['name_id']: + if "name_id" not in kwargs or not kwargs["name_id"]: nid_formats = [] for _sp in self.metadata[sp_entity_id]["spsso_descriptor"]: if "name_id_format" in _sp: - nid_formats.extend([n["text"] for n in - _sp["name_id_format"]]) + nid_formats.extend([n["text"] for n in _sp["name_id_format"]]) try: snq = name_id_policy.sp_name_qualifier except AttributeError: @@ -715,16 +754,14 @@ def gather_authn_response_args( _nids = self.ident.find_nameid(userid, **kwa) # either none or one if _nids: - args['name_id'] = _nids[0] + args["name_id"] = _nids[0] else: - args['name_id'] = self.ident.construct_nameid( - userid, args['policy'], sp_entity_id, name_id_policy) - logger.debug("construct_nameid: %s => %s", userid, - args['name_id']) + args["name_id"] = self.ident.construct_nameid(userid, args["policy"], sp_entity_id, name_id_policy) + logger.debug("construct_nameid: %s => %s", userid, args["name_id"]) else: - args['name_id'] = kwargs['name_id'] + args["name_id"] = kwargs["name_id"] - for param in ['status', 'farg']: + for param in ["status", "farg"]: try: args[param] = kwargs[param] except KeyError: @@ -757,7 +794,7 @@ def create_authn_response( session_not_on_or_after=None, **kwargs, ): - """ Constructs an AuthenticationResponse + """Constructs an AuthenticationResponse :param identity: Information about an user :param in_response_to: The identifier of the authentication request @@ -803,7 +840,7 @@ def create_authn_response( pefim=pefim, **kwargs, ) - except IOError as exc: + except OSError as exc: response = self.create_error_response( in_response_to, destination=destination, @@ -879,9 +916,7 @@ def create_authn_request_response( # XXX DONE calls pre_signature_part # XXX DONE idp create > [...] - def create_assertion_id_request_response( - self, assertion_id, sign=None, sign_alg=None, digest_alg=None, **kwargs - ): + def create_assertion_id_request_response(self, assertion_id, sign=None, sign_alg=None, digest_alg=None, **kwargs): try: (assertion, to_sign) = self.session_db.get_assertion(assertion_id) except KeyError: @@ -938,14 +973,12 @@ def create_name_id_mapping_response( ms_args = self.message_args() - _resp = NameIDMappingResponse( - name_id, encrypted_id, in_response_to=in_response_to, **ms_args - ) + _resp = NameIDMappingResponse(name_id, encrypted_id, in_response_to=in_response_to, **ms_args) if sign_response: return self.sign(_resp, sign_alg=sign_alg, digest_alg=digest_alg) else: - logger.info("Message: %s", _resp) + logger.debug("Message: %s", _resp) return _resp # XXX DONE idp create > _response @@ -972,9 +1005,7 @@ def create_authn_query_response( margs = self.message_args() asserts = [ saml.Assertion(authn_statement=statement, subject=subject, **margs) - for statement in self.session_db.get_authn_statements( - subject.name_id, session_index, requested_context - ) + for statement in self.session_db.get_authn_statements(subject.name_id, session_index, requested_context) ] if asserts: @@ -1044,7 +1075,7 @@ def create_ecp_authn_request_response( sign_response, sign_assertion, sign_alg=sign_alg, - digest_alg=digest_alg + digest_alg=digest_alg, ) body = soapenv.Body() body.extension_elements = [element_to_extension_element(response)] diff --git a/src/saml2/sigver.py b/src/saml2/sigver.py index af93c42db..738ac04b1 100644 --- a/src/saml2/sigver.py +++ b/src/saml2/sigver.py @@ -3,78 +3,71 @@ """ import base64 -import datetime -import dateutil import hashlib import itertools import logging import os import re -import six -import sys -from uuid import uuid4 as gen_random_key -from time import mktime -from tempfile import NamedTemporaryFile -from subprocess import Popen +from datetime import datetime +from datetime import timezone +from importlib.resources import files as _resource_files from subprocess import PIPE - -# importlib.resources was introduced in python 3.7 -# files API from importlib.resources introduced in python 3.9 -if sys.version_info[:2] >= (3, 9): - from importlib.resources import files as _resource_files -else: - from importlib_resources import files as _resource_files +from subprocess import Popen +from tempfile import NamedTemporaryFile +from time import mktime +from urllib import parse +from uuid import uuid4 as gen_random_key from OpenSSL import crypto +import dateutil -import pytz - -from six.moves.urllib import parse - -import saml2.cryptography.asymmetric -import saml2.cryptography.pki -import saml2.xmldsig as ds -import saml2.data.templates as _data_template -from saml2 import samlp +from saml2 import ExtensionElement from saml2 import SamlBase from saml2 import SAMLError -from saml2 import extension_elements_to_elements from saml2 import class_name +from saml2 import extension_elements_to_elements from saml2 import saml -from saml2 import ExtensionElement +from saml2 import samlp +from saml2.cert import CertificateError from saml2.cert import OpenSSLWrapper +from saml2.cert import read_cert_from_file +import saml2.cryptography.asymmetric +import saml2.cryptography.pki +import saml2.data.templates as _data_template from saml2.extension import pefim from saml2.extension.pefim import SPCertEnc -from saml2.saml import EncryptedAssertion from saml2.s_utils import Unsupported +from saml2.saml import EncryptedAssertion from saml2.time_util import str_to_time +from saml2.xml.schema import XMLSchemaError +from saml2.xml.schema import validate as validate_doc_with_schema from saml2.xmldsig import ALLOWED_CANONICALIZATIONS from saml2.xmldsig import ALLOWED_TRANSFORMS -from saml2.xmldsig import TRANSFORM_C14N -from saml2.xmldsig import TRANSFORM_ENVELOPED from saml2.xmldsig import SIG_RSA_SHA1 from saml2.xmldsig import SIG_RSA_SHA224 from saml2.xmldsig import SIG_RSA_SHA256 from saml2.xmldsig import SIG_RSA_SHA384 from saml2.xmldsig import SIG_RSA_SHA512 -from saml2.xmlenc import EncryptionMethod -from saml2.xmlenc import EncryptedKey +from saml2.xmldsig import TRANSFORM_C14N +from saml2.xmldsig import TRANSFORM_ENVELOPED +import saml2.xmldsig as ds from saml2.xmlenc import CipherData from saml2.xmlenc import CipherValue from saml2.xmlenc import EncryptedData -from saml2.xml.schema import node_to_schema -from saml2.xml.schema import XMLSchemaError +from saml2.xmlenc import EncryptedKey +from saml2.xmlenc import EncryptionMethod logger = logging.getLogger(__name__) -SIG = '{{{ns}#}}{attribute}'.format(ns=ds.NAMESPACE, attribute='Signature') +SIG = f"{{{ds.NAMESPACE}#}}Signature" # RSA_1_5 is considered deprecated -RSA_1_5 = 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' -TRIPLE_DES_CBC = 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' +RSA_1_5 = "http://www.w3.org/2001/04/xmlenc#rsa-1_5" +TRIPLE_DES_CBC = "http://www.w3.org/2001/04/xmlenc#tripledes-cbc" RSA_OAEP_MGF1P = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" + class SigverError(SAMLError): pass @@ -105,26 +98,16 @@ class SignatureError(XmlsecError): class BadSignature(SigverError): """The signature is invalid.""" - pass - - -class CertificateError(SigverError): - pass def get_pem_wrapped_unwrapped(cert): begin_cert = "-----BEGIN CERTIFICATE-----\n" end_cert = "\n-----END CERTIFICATE-----\n" - unwrapped_cert = re.sub(f'{begin_cert}|{end_cert}', '', cert) - wrapped_cert = f'{begin_cert}{unwrapped_cert}{end_cert}' + unwrapped_cert = re.sub(f"{begin_cert}|{end_cert}", "", cert) + wrapped_cert = f"{begin_cert}{unwrapped_cert}{end_cert}" return wrapped_cert, unwrapped_cert -def read_file(*args, **kwargs): - with open(*args, **kwargs) as handler: - return handler.read() - - def rm_xmltag(statement): XMLTAG = "" PREFIX1 = "" @@ -137,16 +120,16 @@ def rm_xmltag(statement): _t = statement.startswith(XMLTAG) if _t: - statement = statement[len(XMLTAG):] - if statement[0] == '\n': + statement = statement[len(XMLTAG) :] + if statement[0] == "\n": statement = statement[1:] elif statement.startswith(PREFIX1): - statement = statement[len(PREFIX1):] - if statement[0] == '\n': + statement = statement[len(PREFIX1) :] + if statement[0] == "\n": statement = statement[1:] elif statement.startswith(PREFIX2): - statement = statement[len(PREFIX2):] - if statement[0] == '\n': + statement = statement[len(PREFIX2) :] + if statement[0] == "\n": statement = statement[1:] return statement @@ -183,12 +166,12 @@ def get_xmlsec_binary(paths=None): :return: full name of the xmlsec1 binary found. If no binaries are found then an exception is raised. """ - if os.name == 'posix': - bin_name = ['xmlsec1'] - elif os.name == 'nt': - bin_name = ['xmlsec.exe', 'xmlsec1.exe'] + if os.name == "posix": + bin_name = ["xmlsec1"] + elif os.name == "nt": + bin_name = ["xmlsec.exe", "xmlsec1.exe"] else: # Default !? - bin_name = ['xmlsec1'] + bin_name = ["xmlsec1"] if paths: for bname in bin_name: @@ -200,7 +183,7 @@ def get_xmlsec_binary(paths=None): except OSError: pass - for path in os.environ['PATH'].split(os.pathsep): + for path in os.environ["PATH"].split(os.pathsep): for bname in bin_name: fil = os.path.join(path, bname) try: @@ -209,7 +192,7 @@ def get_xmlsec_binary(paths=None): except OSError: pass - raise SigverError('Cannot find {binary}'.format(binary=bin_name)) + raise SigverError(f"Cannot find {bin_name}") def _get_xmlsec_cryptobackend(path=None, search_paths=None, delete_tmpfiles=True): @@ -223,13 +206,12 @@ def _get_xmlsec_cryptobackend(path=None, search_paths=None, delete_tmpfiles=True return CryptoBackendXmlSec1(path, delete_tmpfiles=delete_tmpfiles) -NODE_NAME = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' -ENC_NODE_NAME = 'urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAssertion' -ENC_KEY_CLASS = 'EncryptedKey' +NODE_NAME = "urn:oasis:names:tc:SAML:2.0:assertion:Assertion" +ENC_NODE_NAME = "urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAssertion" +ENC_KEY_CLASS = "EncryptedKey" -def _make_vals(val, klass, seccont, klass_inst=None, prop=None, part=False, - base64encode=False, elements_to_sign=None): +def _make_vals(val, klass, seccont, klass_inst=None, prop=None, part=False, base64encode=False, elements_to_sign=None): """ Creates a class instance with a specified value, the specified class instance may be a value on a property in a defined class instance. @@ -246,23 +228,14 @@ class instance may be a value on a property in a defined class instance. cinst = None if isinstance(val, dict): - cinst = _instance(klass, val, seccont, base64encode=base64encode, - elements_to_sign=elements_to_sign) + cinst = _instance(klass, val, seccont, base64encode=base64encode, elements_to_sign=elements_to_sign) else: try: cinst = klass().set_text(val) except ValueError: if not part: cis = [ - _make_vals( - sval, - klass, - seccont, - klass_inst, - prop, - True, - base64encode, - elements_to_sign) + _make_vals(sval, klass, seccont, klass_inst, prop, True, base64encode, elements_to_sign) for sval in val ] setattr(klass_inst, prop, cis) @@ -289,31 +262,35 @@ def _instance(klass, ava, seccont, base64encode=False, elements_to_sign=None): else: setattr(instance, prop, ava[prop]) - if 'text' in ava: - instance.set_text(ava['text'], base64encode) + if "text" in ava: + instance.set_text(ava["text"], base64encode) for prop, klassdef in instance.c_children.values(): if prop in ava: if isinstance(klassdef, list): # means there can be a list of values - _make_vals(ava[prop], klassdef[0], seccont, instance, prop, - base64encode=base64encode, - elements_to_sign=elements_to_sign) + _make_vals( + ava[prop], + klassdef[0], + seccont, + instance, + prop, + base64encode=base64encode, + elements_to_sign=elements_to_sign, + ) else: - cis = _make_vals(ava[prop], klassdef, seccont, instance, prop, - True, base64encode, elements_to_sign) + cis = _make_vals(ava[prop], klassdef, seccont, instance, prop, True, base64encode, elements_to_sign) setattr(instance, prop, cis) - if 'extension_elements' in ava: - for item in ava['extension_elements']: - instance.extension_elements.append( - ExtensionElement(item['tag']).loadd(item)) + if "extension_elements" in ava: + for item in ava["extension_elements"]: + instance.extension_elements.append(ExtensionElement(item["tag"]).loadd(item)) - if 'extension_attributes' in ava: - for key, val in ava['extension_attributes'].items(): + if "extension_attributes" in ava: + for key, val in ava["extension_attributes"].items(): instance.extension_attributes[key] = val - if 'signature' in ava: + if "signature" in ava: elements_to_sign.append((class_name(instance), instance.id)) return instance @@ -337,13 +314,11 @@ def signed_instance_factory(instance, seccont, elements_to_sign=None): return instance signed_xml = instance - if not isinstance(instance, six.string_types): + if not isinstance(instance, str): signed_xml = instance.to_string() for (node_name, nodeid) in elements_to_sign: - signed_xml = seccont.sign_statement( - signed_xml, node_name=node_name, node_id=nodeid - ) + signed_xml = seccont.sign_statement(signed_xml, node_name=node_name, node_id=nodeid) return signed_xml @@ -366,9 +341,7 @@ def make_temp(content, suffix="", decode=True, delete_tmpfiles=True): close the file) and filename (which is for instance needed by the xmlsec function). """ - content_encoded = ( - content.encode("utf-8") if not isinstance(content, six.binary_type) else content - ) + content_encoded = content.encode("utf-8") if not isinstance(content, bytes) else content content_raw = base64.b64decode(content_encoded) if decode else content_encoded ntf = NamedTemporaryFile(suffix=suffix, delete=delete_tmpfiles) ntf.write(content_raw) @@ -377,15 +350,15 @@ def make_temp(content, suffix="", decode=True, delete_tmpfiles=True): def split_len(seq, length): - return [seq[i:i + length] for i in range(0, len(seq), length)] + return [seq[i : i + length] for i in range(0, len(seq), length)] -M2_TIME_FORMAT = '%b %d %H:%M:%S %Y' +M2_TIME_FORMAT = "%b %d %H:%M:%S %Y" def to_time(_time): - if not _time.endswith(' GMT'): - raise ValueError('Time does not end with GMT') + if not _time.endswith(" GMT"): + raise ValueError("Time does not end with GMT") _time = _time[:-4] return mktime(str_to_time(_time, M2_TIME_FORMAT)) @@ -404,7 +377,7 @@ def active_cert(key): except AttributeError: return False - now = pytz.UTC.localize(datetime.datetime.utcnow()) + now = datetime.now(timezone.utc) valid_from = dateutil.parser.parse(cert.get_notBefore()) valid_to = dateutil.parser.parse(cert.get_notAfter()) active = not cert.has_expired() and valid_from <= now < valid_to @@ -412,7 +385,7 @@ def active_cert(key): def cert_from_key_info(key_info, ignore_age=False): - """ Get all X509 certs from a KeyInfo instance. Care is taken to make sure + """Get all X509 certs from a KeyInfo instance. Care is taken to make sure that the certs are continues sequences of bytes. All certificates appearing in an X509Data element MUST relate to the @@ -426,17 +399,16 @@ def cert_from_key_info(key_info, ignore_age=False): for x509_data in key_info.x509_data: x509_certificate = x509_data.x509_certificate cert = x509_certificate.text.strip() - cert = '\n'.join(split_len(''.join([s.strip() for s in - cert.split()]), 64)) + cert = "\n".join(split_len("".join([s.strip() for s in cert.split()]), 64)) if ignore_age or active_cert(cert): res.append(cert) else: - logger.info('Inactive cert') + logger.info("Inactive cert") return res def cert_from_key_info_dict(key_info, ignore_age=False): - """ Get all X509 certs from a KeyInfo dictionary. Care is taken to make sure + """Get all X509 certs from a KeyInfo dictionary. Care is taken to make sure that the certs are continues sequences of bytes. All certificates appearing in an X509Data element MUST relate to the @@ -447,31 +419,29 @@ def cert_from_key_info_dict(key_info, ignore_age=False): :return: A possibly empty list of certs in their text representation """ res = [] - if 'x509_data' not in key_info: + if "x509_data" not in key_info: return res - for x509_data in key_info['x509_data']: - x509_certificate = x509_data['x509_certificate'] - cert = x509_certificate['text'].strip() - cert = '\n'.join(split_len(''.join( - [s.strip() for s in cert.split()]), 64)) + for x509_data in key_info["x509_data"]: + x509_certificate = x509_data["x509_certificate"] + cert = x509_certificate["text"].strip() + cert = "\n".join(split_len("".join([s.strip() for s in cert.split()]), 64)) if ignore_age or active_cert(cert): res.append(cert) else: - logger.info('Inactive cert') + logger.info("Inactive cert") return res def cert_from_instance(instance): - """ Find certificates that are part of an instance + """Find certificates that are part of an instance :param instance: An instance :return: possible empty list of certificates """ if instance.signature: if instance.signature.key_info: - return cert_from_key_info(instance.signature.key_info, - ignore_age=True) + return cert_from_key_info(instance.signature.key_info, ignore_age=True) return [] @@ -481,31 +451,35 @@ def extract_rsa_key_from_x509_cert(pem): def pem_format(key): - return os.linesep.join([ - '-----BEGIN CERTIFICATE-----', - key, - '-----END CERTIFICATE-----' - ]).encode('ascii') + return os.linesep.join(["-----BEGIN CERTIFICATE-----", key, "-----END CERTIFICATE-----"]).encode("ascii") def import_rsa_key_from_file(filename): - data = read_file(filename, 'rb') - key = saml2.cryptography.asymmetric.load_pem_private_key(data, None) + with open(filename, "rb") as fd: + data = fd.read() + key = saml2.cryptography.asymmetric.load_pem_private_key(data) return key -def parse_xmlsec_output(output): - """ Parse the output from xmlsec to try to find out if the +def parse_xmlsec_verify_output(output, version=None): + """Parse the output from xmlsec to try to find out if the command was successfull or not. :param output: The output from Popen :return: A boolean; True if the command was a success otherwise False """ - for line in output.splitlines(): - if line == 'OK': - return True - elif line == 'FAIL': - raise XmlsecError(output) + if version is None or version < (1, 3): + for line in output.splitlines(): + if line == "OK": + return True + elif line == "FAIL": + raise XmlsecError(output) + else: + for line in output.splitlines(): + if line == 'Verification status: OK': + return True + elif line == 'Verification status: FAILED': + raise XmlsecError(output) raise XmlsecError(output) @@ -513,7 +487,7 @@ def sha1_digest(msg): return hashlib.sha1(msg).digest() -class Signer(object): +class Signer: """Abstract base class for signing algorithms.""" def __init__(self, key): @@ -534,12 +508,10 @@ def __init__(self, digest, key=None): self.digest = digest def sign(self, msg, key=None): - return saml2.cryptography.asymmetric.key_sign( - key or self.key, msg, self.digest) + return saml2.cryptography.asymmetric.key_sign(key or self.key, msg, self.digest) def verify(self, msg, sig, key=None): - return saml2.cryptography.asymmetric.key_verify( - key or self.key, sig, msg, self.digest) + return saml2.cryptography.asymmetric.key_verify(key or self.key, sig, msg, self.digest) SIGNER_ALGS = { @@ -551,19 +523,19 @@ def verify(self, msg, sig, key=None): } REQ_ORDER = [ - 'SAMLRequest', - 'RelayState', - 'SigAlg', + "SAMLRequest", + "RelayState", + "SigAlg", ] RESP_ORDER = [ - 'SAMLResponse', - 'RelayState', - 'SigAlg', + "SAMLResponse", + "RelayState", + "SigAlg", ] -class RSACrypto(object): +class RSACrypto: def __init__(self, key): self.key = key @@ -591,93 +563,45 @@ def verify_redirect_signature(saml_msg, crypto, cert=None, sigkey=None): """ try: - signer = crypto.get_signer(saml_msg['SigAlg'], sigkey) + signer = crypto.get_signer(saml_msg["SigAlg"], sigkey) except KeyError: - raise Unsupported('Signature algorithm: {alg}'.format(alg=saml_msg['SigAlg'])) + raise Unsupported(f"Signature algorithm: {saml_msg['SigAlg']}") else: - if saml_msg['SigAlg'] in SIGNER_ALGS: - if 'SAMLRequest' in saml_msg: + if saml_msg["SigAlg"] in SIGNER_ALGS: + if "SAMLRequest" in saml_msg: _order = REQ_ORDER - elif 'SAMLResponse' in saml_msg: + elif "SAMLResponse" in saml_msg: _order = RESP_ORDER else: - raise Unsupported( - 'Verifying signature on something that should not be signed' - ) + raise Unsupported("Verifying signature on something that should not be signed") _args = saml_msg.copy() - del _args['Signature'] # everything but the signature - string = '&'.join( - [ - parse.urlencode({k: _args[k]}) - for k in _order - if k in _args - ] - ).encode('ascii') + del _args["Signature"] # everything but the signature + string = "&".join([parse.urlencode({k: _args[k]}) for k in _order if k in _args]).encode("ascii") if cert: _key = extract_rsa_key_from_x509_cert(pem_format(cert)) else: _key = sigkey - _sign = base64.b64decode(saml_msg['Signature']) + _sign = base64.b64decode(saml_msg["Signature"]) return bool(signer.verify(string, _sign, _key)) -def make_str(txt): - if isinstance(txt, six.string_types): - return txt - else: - return txt.decode() - - -def read_cert_from_file(cert_file, cert_type): - """ Reads a certificate from a file. The assumption is that there is - only one certificate in the file - - :param cert_file: The name of the file - :param cert_type: The certificate type - :return: A base64 encoded certificate as a string or the empty string - """ - - if not cert_file: - return '' - - if cert_type == 'pem': - _a = read_file(cert_file, 'rb').decode() - _b = _a.replace('\r\n', '\n') - lines = _b.split('\n') - - for pattern in ( - '-----BEGIN CERTIFICATE-----', - '-----BEGIN PUBLIC KEY-----'): - if pattern in lines: - lines = lines[lines.index(pattern) + 1:] - break - else: - raise CertificateError('Strange beginning of PEM file') - - for pattern in ( - '-----END CERTIFICATE-----', - '-----END PUBLIC KEY-----'): - if pattern in lines: - lines = lines[:lines.index(pattern)] - break - else: - raise CertificateError('Strange end of PEM file') - return make_str(''.join(lines).encode()) - - if cert_type in ['der', 'cer', 'crt']: - data = read_file(cert_file, 'rb') - _cert = base64.b64encode(data) - return make_str(_cert) - - -class CryptoBackend(object): +class CryptoBackend: + @property def version(self): raise NotImplementedError() + @property + def version_nums(self): + try: + vns = tuple(int(t) for t in self.version.split(".")) + except ValueError: + vns = (0, 0, 0) + return vns + def encrypt(self, text, recv_key, template, key_type): raise NotImplementedError() @@ -694,10 +618,7 @@ def validate_signature(self, enctext, cert_file, cert_type, node_name, node_id): raise NotImplementedError() -ASSERT_XPATH = ''.join([ - '/*[local-name()=\'{name}\']'.format(name=n) - for n in ['Response', 'EncryptedAssertion', 'Assertion'] -]) +ASSERT_XPATH = "".join([f"/*[local-name()='{n}']" for n in ["Response", "EncryptedAssertion", "Assertion"]]) class CryptoBackendXmlSec1(CryptoBackend): @@ -710,26 +631,27 @@ class CryptoBackendXmlSec1(CryptoBackend): def __init__(self, xmlsec_binary, delete_tmpfiles=True, **kwargs): CryptoBackend.__init__(self, **kwargs) - if not isinstance(xmlsec_binary, six.string_types): + if not isinstance(xmlsec_binary, str): raise ValueError("xmlsec_binary should be of type string") self.xmlsec = xmlsec_binary self.delete_tmpfiles = delete_tmpfiles try: - self.non_xml_crypto = RSACrypto(kwargs['rsa_key']) + self.non_xml_crypto = RSACrypto(kwargs["rsa_key"]) except KeyError: pass + @property def version(self): - com_list = [self.xmlsec, '--version'] + com_list = [self.xmlsec, "--version"] pof = Popen(com_list, stderr=PIPE, stdout=PIPE) content, _ = pof.communicate() - content = content.decode('ascii') + content = content.decode("ascii") try: - return content.split(' ')[1] + return content.split(" ")[1] except IndexError: - return '' + return "0.0.0" - def encrypt(self, text, recv_key, template, session_key_type, xpath=''): + def encrypt(self, text, recv_key, template, session_key_type, xpath=""): """ :param text: The text to be compiled @@ -740,27 +662,30 @@ def encrypt(self, text, recv_key, template, session_key_type, xpath=''): :param xpath: What should be encrypted :return: """ - logger.debug('Encryption input len: %d', len(text)) + logger.debug("Encryption input len: %d", len(text)) tmp = make_temp(text, decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, - '--encrypt', - '--pubkey-cert-pem', recv_key, - '--session-key', session_key_type, - '--xml-data', tmp.name, + "--encrypt", + "--pubkey-cert-pem", + recv_key, + "--session-key", + session_key_type, + "--xml-data", + tmp.name, ] if xpath: - com_list.extend(['--node-xpath', xpath]) + com_list.extend(["--node-xpath", xpath]) try: (_stdout, _stderr, output) = self._run_xmlsec(com_list, [template]) except XmlsecError as e: - six.raise_from(EncryptError(com_list), e) + raise EncryptError(com_list) from e return output - def encrypt_assertion(self, statement, enc_key, template, key_type='des-192', node_xpath=None, node_id=None): + def encrypt_assertion(self, statement, enc_key, template, key_type="des-192", node_xpath=None, node_id=None): """ Will encrypt an assertion @@ -774,34 +699,34 @@ def encrypt_assertion(self, statement, enc_key, template, key_type='des-192', no if isinstance(statement, SamlBase): statement = pre_encrypt_assertion(statement) - tmp = make_temp(str(statement), - decode=False, - delete_tmpfiles=self.delete_tmpfiles) - tmp2 = make_temp(str(template), - decode=False, - delete_tmpfiles=self.delete_tmpfiles) + tmp = make_temp(str(statement), decode=False, delete_tmpfiles=self.delete_tmpfiles) + tmp2 = make_temp(str(template), decode=False, delete_tmpfiles=self.delete_tmpfiles) if not node_xpath: node_xpath = ASSERT_XPATH com_list = [ self.xmlsec, - '--encrypt', - '--pubkey-cert-pem', enc_key, - '--session-key', key_type, - '--xml-data', tmp.name, - '--node-xpath', node_xpath, + "--encrypt", + "--pubkey-cert-pem", + enc_key, + "--session-key", + key_type, + "--xml-data", + tmp.name, + "--node-xpath", + node_xpath, ] if node_id: - com_list.extend(['--node-id', node_id]) + com_list.extend(["--node-id", node_id]) try: (_stdout, _stderr, output) = self._run_xmlsec(com_list, [tmp2.name]) except XmlsecError as e: - six.raise_from(EncryptError(com_list), e) + raise EncryptError(com_list) from e - return output.decode('utf-8') + return output.decode("utf-8") def decrypt(self, enctext, key_file): """ @@ -811,22 +736,24 @@ def decrypt(self, enctext, key_file): :return: The decrypted document """ - logger.debug('Decrypt input len: %d', len(enctext)) + logger.debug("Decrypt input len: %d", len(enctext)) tmp = make_temp(enctext, decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, - '--decrypt', - '--privkey-pem', key_file, - '--id-attr:Id', ENC_KEY_CLASS, + "--decrypt", + "--privkey-pem", + key_file, + "--id-attr:Id", + ENC_KEY_CLASS, ] try: (_stdout, _stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: - six.raise_from(DecryptError(com_list), e) + raise DecryptError(com_list) from e - return output.decode('utf-8') + return output.decode("utf-8") def sign_statement(self, statement, node_name, key_file, node_id): """ @@ -841,25 +768,24 @@ def sign_statement(self, statement, node_name, key_file, node_id): if isinstance(statement, SamlBase): statement = str(statement) - tmp = make_temp(statement, - suffix=".xml", - decode=False, - delete_tmpfiles=self.delete_tmpfiles) + tmp = make_temp(statement, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, - '--sign', - '--privkey-pem', key_file, - '--id-attr:ID', node_name, + "--sign", + "--privkey-pem", + key_file, + "--id-attr:ID", + node_name, ] if node_id: - com_list.extend(['--node-id', node_id]) + com_list.extend(["--node-id", node_id]) try: (stdout, stderr, output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: - raise SignatureError(com_list) + raise SignatureError(com_list) from e # this does not work if --store-signatures is used if output: @@ -879,32 +805,33 @@ def validate_signature(self, signedtext, cert_file, cert_type, node_name, node_i :param node_id: The identifier of the node :return: Boolean True if the signature was correct otherwise False. """ - if not isinstance(signedtext, six.binary_type): - signedtext = signedtext.encode('utf-8') + if not isinstance(signedtext, bytes): + signedtext = signedtext.encode("utf-8") - tmp = make_temp(signedtext, - suffix=".xml", - decode=False, - delete_tmpfiles=self.delete_tmpfiles) + tmp = make_temp(signedtext, suffix=".xml", decode=False, delete_tmpfiles=self.delete_tmpfiles) com_list = [ self.xmlsec, - '--verify', - '--enabled-reference-uris', 'empty,same-doc', - '--enabled-key-data', 'raw-x509-cert', - '--pubkey-cert-{type}'.format(type=cert_type), cert_file, - '--id-attr:ID', node_name, + "--verify", + "--enabled-reference-uris", + "empty,same-doc", + "--enabled-key-data", + "raw-x509-cert", + f"--pubkey-cert-{cert_type}", + cert_file, + "--id-attr:ID", + node_name, ] if node_id: - com_list.extend(['--node-id', node_id]) + com_list.extend(["--node-id", node_id]) try: (_stdout, stderr, _output) = self._run_xmlsec(com_list, [tmp.name]) except XmlsecError as e: - six.raise_from(SignatureError(com_list), e) + raise SignatureError(com_list) from e - return parse_xmlsec_output(stderr) + return parse_xmlsec_verify_output(stderr, self.version_nums) def _run_xmlsec(self, com_list, extra_args): """ @@ -914,11 +841,13 @@ def _run_xmlsec(self, com_list, extra_args): key-value parameters :result: Whatever xmlsec wrote to an --output temporary file """ - with NamedTemporaryFile(suffix='.xml') as ntf: - com_list.extend(['--output', ntf.name]) + with NamedTemporaryFile(suffix=".xml") as ntf: + com_list.extend(["--output", ntf.name]) + if self.version_nums >= (1, 3): + com_list.extend(['--lax-key-search']) com_list += extra_args - logger.debug('xmlsec command: %s', ' '.join(com_list)) + logger.debug("xmlsec command: %s", " ".join(com_list)) pof = Popen(com_list, stderr=PIPE, stdout=PIPE) p_out, p_err = pof.communicate() @@ -926,9 +855,7 @@ def _run_xmlsec(self, com_list, extra_args): p_err = p_err.decode() if pof.returncode != 0: - errmsg = "returncode={code}\nerror={err}\noutput={out}".format( - code=pof.returncode, err=p_err, out=p_out - ) + errmsg = f"returncode={pof.returncode}\nerror={p_err}\noutput={p_out}" logger.error(errmsg) raise XmlsecError(errmsg) @@ -952,10 +879,13 @@ class CryptoBackendXMLSecurity(CryptoBackend): def __init__(self): CryptoBackend.__init__(self) + @property def version(self): - # XXX if XMLSecurity.__init__ included a __version__, that would be - # better than static 0.0 here. - return 'XMLSecurity 0.0' + try: + import xmlsec + return xmlsec.__version__ + except (ImportError, AttributeError): + return "0.0.0" def sign_statement(self, statement, node_name, key_file, node_id): """ @@ -970,13 +900,13 @@ def sign_statement(self, statement, node_name, key_file, node_id): 'pkcs11://' URI or PEM data :returns: Signed XML as string """ - import xmlsec import lxml.etree + import xmlsec xml = xmlsec.parse_xml(statement) signed = xmlsec.sign(xml, key_file) signed_str = lxml.etree.tostring(signed, xml_declaration=False, encoding="UTF-8") - if not isinstance(signed_str, six.string_types): + if not isinstance(signed_str, str): signed_str = signed_str.decode("utf-8") return signed_str @@ -993,10 +923,11 @@ def validate_signature(self, signedtext, cert_file, cert_type, node_name, node_i :param cert_type: string, must be 'pem' for now :returns: True on successful validation, False otherwise """ - if cert_type != 'pem': - raise Unsupported('Only PEM certs supported here') + if cert_type != "pem": + raise Unsupported("Only PEM certs supported here") import xmlsec + xml = xmlsec.parse_xml(signedtext) try: @@ -1006,7 +937,7 @@ def validate_signature(self, signedtext, cert_file, cert_type, node_name, node_i def security_context(conf): - """ Creates a security context based on the configuration + """Creates a security context based on the configuration :param conf: The configuration, this is a Config instance :return: A SecurityContext instance @@ -1021,7 +952,7 @@ def security_context(conf): sec_backend = None - if conf.crypto_backend == 'xmlsec1': + if conf.crypto_backend == "xmlsec1": xmlsec_binary = conf.xmlsec_binary if not xmlsec_binary: @@ -1034,74 +965,68 @@ def security_context(conf): # verify that xmlsec is where it's supposed to be if not os.path.exists(xmlsec_binary): # if not os.access(, os.F_OK): - err_msg = 'xmlsec binary not found: {binary}' + err_msg = "xmlsec binary not found: {binary}" err_msg = err_msg.format(binary=xmlsec_binary) raise SigverError(err_msg) - crypto = _get_xmlsec_cryptobackend(xmlsec_binary, - delete_tmpfiles=conf.delete_tmpfiles) + crypto = _get_xmlsec_cryptobackend(xmlsec_binary, delete_tmpfiles=conf.delete_tmpfiles) - _file_name = conf.getattr('key_file', '') + _file_name = conf.getattr("key_file", "") if _file_name: try: rsa_key = import_rsa_key_from_file(_file_name) except Exception as err: - logger.error('Cannot import key from {file}: {err_msg}'.format( - file=_file_name, err_msg=err)) + logger.error(f"Cannot import key from {_file_name}: {err}") raise else: sec_backend = RSACrypto(rsa_key) - elif conf.crypto_backend == 'XMLSecurity': + elif conf.crypto_backend == "XMLSecurity": # new and somewhat untested pyXMLSecurity crypto backend. crypto = CryptoBackendXMLSecurity() else: - err_msg = 'Unknown crypto_backend {backend}' + err_msg = "Unknown crypto_backend {backend}" err_msg = err_msg.format(backend=conf.crypto_backend) raise SigverError(err_msg) enc_key_files = [] if conf.encryption_keypairs is not None: for _encryption_keypair in conf.encryption_keypairs: - if 'key_file' in _encryption_keypair: - enc_key_files.append(_encryption_keypair['key_file']) + if "key_file" in _encryption_keypair: + enc_key_files.append(_encryption_keypair["key_file"]) return SecurityContext( - crypto, - conf.key_file, - cert_file=conf.cert_file, - metadata=metadata, - only_use_keys_in_metadata=conf.only_use_keys_in_metadata, - cert_handler_extra_class=conf.cert_handler_extra_class, - generate_cert_info=conf.generate_cert_info, - tmp_cert_file=conf.tmp_cert_file, - tmp_key_file=conf.tmp_key_file, - validate_certificate=conf.validate_certificate, - enc_key_files=enc_key_files, - encryption_keypairs=conf.encryption_keypairs, - sec_backend=sec_backend, - delete_tmpfiles=conf.delete_tmpfiles) + crypto, + conf.key_file, + cert_file=conf.cert_file, + metadata=metadata, + only_use_keys_in_metadata=conf.only_use_keys_in_metadata, + cert_handler_extra_class=conf.cert_handler_extra_class, + generate_cert_info=conf.generate_cert_info, + tmp_cert_file=conf.tmp_cert_file, + tmp_key_file=conf.tmp_key_file, + validate_certificate=conf.validate_certificate, + enc_key_files=enc_key_files, + encryption_keypairs=conf.encryption_keypairs, + sec_backend=sec_backend, + delete_tmpfiles=conf.delete_tmpfiles, + ) def encrypt_cert_from_item(item): _encrypt_cert = None try: try: - _elem = extension_elements_to_elements( - item.extensions.extension_elements, [pefim, ds]) - except: - _elem = extension_elements_to_elements( - item.extension_elements[0].children, - [pefim, ds]) + _elem = extension_elements_to_elements(item.extensions.extension_elements, [pefim, ds]) + except Exception: + _elem = extension_elements_to_elements(item.extension_elements[0].children, [pefim, ds]) for _tmp_elem in _elem: if isinstance(_tmp_elem, SPCertEnc): for _tmp_key_info in _tmp_elem.key_info: - if _tmp_key_info.x509_data is not None and len( - _tmp_key_info.x509_data) > 0: - _encrypt_cert = _tmp_key_info.x509_data[ - 0].x509_certificate.text + if _tmp_key_info.x509_data is not None and len(_tmp_key_info.x509_data) > 0: + _encrypt_cert = _tmp_key_info.x509_data[0].x509_certificate.text break - except Exception as _exception: + except Exception: pass if _encrypt_cert is not None: @@ -1110,37 +1035,39 @@ def encrypt_cert_from_item(item): return _encrypt_cert -class CertHandlerExtra(object): +class CertHandlerExtra: def __init__(self): pass def use_generate_cert_func(self): - raise Exception('use_generate_cert_func function must be implemented') + raise Exception("use_generate_cert_func function must be implemented") - def generate_cert(self, generate_cert_info, root_cert_string, - root_key_string): - raise Exception('generate_cert function must be implemented') + def generate_cert(self, generate_cert_info, root_cert_string, root_key_string): + raise Exception("generate_cert function must be implemented") # Excepts to return (cert_string, key_string) def use_validate_cert_func(self): - raise Exception('use_validate_cert_func function must be implemented') + raise Exception("use_validate_cert_func function must be implemented") def validate_cert(self, cert_str, root_cert_string, root_key_string): - raise Exception('validate_cert function must be implemented') + raise Exception("validate_cert function must be implemented") # Excepts to return True/False -class CertHandler(object): +class CertHandler: def __init__( - self, - security_context, - cert_file=None, cert_type='pem', - key_file=None, key_type='pem', - generate_cert_info=None, - cert_handler_extra_class=None, - tmp_cert_file=None, - tmp_key_file=None, - verify_cert=False): + self, + security_context, + cert_file=None, + cert_type="pem", + key_file=None, + key_type="pem", + generate_cert_info=None, + cert_handler_extra_class=None, + tmp_cert_file=None, + tmp_key_file=None, + verify_cert=False, + ): """ Initiates the class for handling certificates. Enables the certificates to either be a single certificate as base functionality or makes it @@ -1164,19 +1091,18 @@ def __init__( # validated. self._last_cert_verified = None self._last_validated_cert = None - if cert_type == 'pem' and key_type == 'pem': + if cert_type == "pem" and key_type == "pem": self._verify_cert = verify_cert is True self._security_context = security_context self._osw = OpenSSLWrapper() if key_file and os.path.isfile(key_file): self._key_str = self._osw.read_str_from_file(key_file, key_type) else: - self._key_str = '' + self._key_str = "" if cert_file and os.path.isfile(cert_file): - self._cert_str = self._osw.read_str_from_file(cert_file, - cert_type) + self._cert_str = self._osw.read_str_from_file(cert_file, cert_type) else: - self._cert_str = '' + self._cert_str = "" self._tmp_cert_str = self._cert_str self._tmp_key_str = self._key_str @@ -1185,11 +1111,13 @@ def __init__( self._cert_info = None self._generate_cert_func_active = False - if generate_cert_info is not None \ - and len(self._cert_str) > 0 \ - and len(self._key_str) > 0 \ - and tmp_key_file is not None \ - and tmp_cert_file is not None: + if ( + generate_cert_info is not None + and len(self._cert_str) > 0 + and len(self._key_str) > 0 + and tmp_key_file is not None + and tmp_cert_file is not None + ): self._generate_cert = True self._cert_info = generate_cert_info self._cert_handler_extra_class = cert_handler_extra_class @@ -1197,17 +1125,15 @@ def __init__( def verify_cert(self, cert_file): if self._verify_cert: if cert_file and os.path.isfile(cert_file): - cert_str = self._osw.read_str_from_file(cert_file, 'pem') + cert_str = self._osw.read_str_from_file(cert_file, "pem") else: return False self._last_validated_cert = cert_str - if self._cert_handler_extra_class is not None and \ - self._cert_handler_extra_class.use_validate_cert_func(): - self._cert_handler_extra_class.validate_cert( - cert_str, self._cert_str, self._key_str) + if self._cert_handler_extra_class is not None and self._cert_handler_extra_class.use_validate_cert_func(): + self._cert_handler_extra_class.validate_cert(cert_str, self._cert_str, self._key_str) else: valid, mess = self._osw.verify(self._cert_str, cert_str) - logger.info('CertHandler.verify_cert: %s', mess) + logger.info("CertHandler.verify_cert: %s", mess) return valid return True @@ -1219,54 +1145,57 @@ def update_cert(self, active=False, client_crt=None): if client_crt is not None: self._tmp_cert_str = client_crt # No private key for signing - self._tmp_key_str = '' - elif self._cert_handler_extra_class is not None and \ - self._cert_handler_extra_class.use_generate_cert_func(): - (self._tmp_cert_str, self._tmp_key_str) = \ - self._cert_handler_extra_class.generate_cert( - self._cert_info, self._cert_str, self._key_str) + self._tmp_key_str = "" + elif self._cert_handler_extra_class is not None and self._cert_handler_extra_class.use_generate_cert_func(): + (self._tmp_cert_str, self._tmp_key_str) = self._cert_handler_extra_class.generate_cert( + self._cert_info, self._cert_str, self._key_str + ) else: - self._tmp_cert_str, self._tmp_key_str = self._osw \ - .create_certificate(self._cert_info, request=True) + self._tmp_cert_str, self._tmp_key_str = self._osw.create_certificate(self._cert_info, request=True) self._tmp_cert_str = self._osw.create_cert_signed_certificate( - self._cert_str, self._key_str, self._tmp_cert_str) - valid, mess = self._osw.verify(self._cert_str, - self._tmp_cert_str) + self._cert_str, self._key_str, self._tmp_cert_str + ) + valid, mess = self._osw.verify(self._cert_str, self._tmp_cert_str) self._osw.write_str_to_file(self._tmp_cert_file, self._tmp_cert_str) self._osw.write_str_to_file(self._tmp_key_file, self._tmp_key_str) self._security_context.key_file = self._tmp_key_file self._security_context.cert_file = self._tmp_cert_file - self._security_context.key_type = 'pem' - self._security_context.cert_type = 'pem' + self._security_context.key_type = "pem" + self._security_context.cert_type = "pem" self._security_context.my_cert = read_cert_from_file( - self._security_context.cert_file, - self._security_context.cert_type) + self._security_context.cert_file, self._security_context.cert_type + ) # How to get a rsa pub key fingerprint from a certificate # openssl x509 -inform pem -noout -in server.crt -pubkey > publickey.pem # openssl rsa -inform pem -noout -in publickey.pem -pubin -modulus -class SecurityContext(object): +class SecurityContext: my_cert = None def __init__( - self, - crypto, - key_file='', key_type='pem', - cert_file='', cert_type='pem', - metadata=None, - template='', - encrypt_key_type='des-192', - only_use_keys_in_metadata=False, - cert_handler_extra_class=None, - generate_cert_info=None, - tmp_cert_file=None, tmp_key_file=None, - validate_certificate=None, - enc_key_files=None, enc_key_type='pem', - encryption_keypairs=None, - enc_cert_type='pem', - sec_backend=None, - delete_tmpfiles=True): + self, + crypto, + key_file="", + key_type="pem", + cert_file="", + cert_type="pem", + metadata=None, + template="", + encrypt_key_type="des-192", + only_use_keys_in_metadata=False, + cert_handler_extra_class=None, + generate_cert_info=None, + tmp_cert_file=None, + tmp_key_file=None, + validate_certificate=None, + enc_key_files=None, + enc_key_type="pem", + encryption_keypairs=None, + enc_cert_type="pem", + sec_backend=None, + delete_tmpfiles=True, + ): if not isinstance(crypto, CryptoBackend): raise ValueError("crypto should be of type CryptoBackend") @@ -1295,14 +1224,17 @@ def __init__( self.my_cert = read_cert_from_file(cert_file, cert_type) self.cert_handler = CertHandler( - self, - cert_file, cert_type, - key_file, key_type, - generate_cert_info, - cert_handler_extra_class, - tmp_cert_file, - tmp_key_file, - validate_certificate) + self, + cert_file, + cert_type, + key_file, + key_type, + generate_cert_info, + cert_handler_extra_class, + tmp_cert_file, + tmp_key_file, + validate_certificate, + ) self.cert_handler.update_cert(True) @@ -1319,10 +1251,10 @@ def __init__( self.delete_tmpfiles = delete_tmpfiles def correctly_signed(self, xml, must=False): - logger.debug('verify correct signature') + logger.debug("verify correct signature") return self.correctly_signed_response(xml, must) - def encrypt(self, text, recv_key='', template='', key_type=''): + def encrypt(self, text, recv_key="", template="", key_type=""): """ xmlsec encrypt --pubkey-pem pub-userkey.pem --session-key aes128-cbc --xml-data doc-plain.xml @@ -1341,7 +1273,7 @@ def encrypt(self, text, recv_key='', template='', key_type=''): return self.crypto.encrypt(text, recv_key, template, key_type) - def encrypt_assertion(self, statement, enc_key, template, key_type='des-192', node_xpath=None): + def encrypt_assertion(self, statement, enc_key, template, key_type="des-192", node_xpath=None): """ Will encrypt an assertion @@ -1351,11 +1283,10 @@ def encrypt_assertion(self, statement, enc_key, template, key_type='des-192', no :param key_type: The type of session key to use. :return: The encrypted text """ - return self.crypto.encrypt_assertion( - statement, enc_key, template, key_type, node_xpath) + return self.crypto.encrypt_assertion(statement, enc_key, template, key_type, node_xpath) def decrypt_keys(self, enctext, keys=None): - """ Decrypting an encrypted text by the use of a private key. + """Decrypting an encrypted text by the use of a private key. :param enctext: The encrypted text as a string :param keys: Keys to try to decrypt enctext with @@ -1367,25 +1298,15 @@ def decrypt_keys(self, enctext, keys=None): keys = [keys] keys_filtered = (key for key in keys if key) - keys_encoded = ( - key.encode("ascii") if not isinstance(key, six.binary_type) else key - for key in keys_filtered - ) - key_files = list( - make_temp(key, decode=False, delete_tmpfiles=self.delete_tmpfiles) - for key in keys_encoded - ) + keys_encoded = (key.encode("ascii") if not isinstance(key, bytes) else key for key in keys_filtered) + key_files = list(make_temp(key, decode=False, delete_tmpfiles=self.delete_tmpfiles) for key in keys_encoded) key_file_names = list(tmp.name for tmp in key_files) - try: - dectext = self.decrypt(enctext, key_file=key_file_names) - except DecryptError as e: - raise - else: - return dectext + dectext = self.decrypt(enctext, key_file=key_file_names) + return dectext def decrypt(self, enctext, key_file=None): - """ Decrypting an encrypted text by the use of a private key. + """Decrypting an encrypted text by the use of a private key. :param enctext: The encrypted text as a string :return: The decrypted text @@ -1393,13 +1314,11 @@ def decrypt(self, enctext, key_file=None): if not isinstance(key_file, list): key_file = [key_file] - key_files = [ - key for key in itertools.chain(key_file, self.enc_key_files) if key - ] + key_files = [key for key in itertools.chain(key_file, self.enc_key_files) if key] for key_file in key_files: try: dectext = self.crypto.decrypt(enctext, key_file) - except XmlsecError as e: + except XmlsecError: continue else: if dectext: @@ -1409,8 +1328,8 @@ def decrypt(self, enctext, key_file=None): errmsg = errmsg.format(keys=key_files) raise DecryptError(errmsg) - def verify_signature(self, signedtext, cert_file=None, cert_type='pem', node_name=NODE_NAME, node_id=None): - """ Verifies the signature of a XML document. + def verify_signature(self, signedtext, cert_file=None, cert_type="pem", node_name=NODE_NAME, node_id=None): + """Verifies the signature of a XML document. :param signedtext: The XML document as a string :param cert_file: The public key that was used to sign the document @@ -1433,7 +1352,9 @@ def verify_signature(self, signedtext, cert_file=None, cert_type='pem', node_nam node_id=node_id, ) - def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, must=False, only_valid_cert=False, issuer=None): + def _check_signature( + self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, must=False, only_valid_cert=False, issuer=None + ): try: _issuer = item.issuer.text.strip() except AttributeError: @@ -1448,18 +1369,15 @@ def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, # More trust in certs from metadata then certs in the XML document if self.metadata: try: - _certs = self.metadata.certs(_issuer, 'any', 'signing') + _certs = self.metadata.certs(_issuer, "any", "signing") except KeyError: _certs = [] certs = [] for cert_name, cert in _certs: - if isinstance(cert, six.string_types): + if isinstance(cert, str): content = pem_format(cert) - tmp = make_temp(content, - suffix=".pem", - decode=False, - delete_tmpfiles=self.delete_tmpfiles) + tmp = make_temp(content, suffix=".pem", decode=False, delete_tmpfiles=self.delete_tmpfiles) certs.append(tmp) else: certs.append(cert) @@ -1467,34 +1385,19 @@ def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, certs = [] if not certs and not self.only_use_keys_in_metadata: - logger.debug('==== Certs from instance ====') + logger.debug("==== Certs from instance ====") certs = [ - make_temp(content=pem_format(cert), - suffix=".pem", - decode=False, - delete_tmpfiles=self.delete_tmpfiles) + make_temp(content=pem_format(cert), suffix=".pem", decode=False, delete_tmpfiles=self.delete_tmpfiles) for cert in cert_from_instance(item) ] else: - logger.debug('==== Certs from metadata ==== %s: %s ====', _issuer, certs) + logger.debug("==== Certs from metadata ==== %s: %s ====", _issuer, certs) if not certs: raise MissingKey(_issuer) - # validate XML with the appropriate schema try: - _schema = node_to_schema[node_name] - except KeyError as e: - error_context = { - "message": "Signature verification failed. Unknown node type.", - "issuer": _issuer, - "type": node_name, - "document": decoded_xml, - } - raise SignatureError(error_context) from e - - try: - _schema.validate(str(item)) + validate_doc_with_schema(str(item)) except XMLSchemaError as e: error_context = { "message": "Signature verification failed. Invalid document format.", @@ -1517,9 +1420,8 @@ def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, signed_info = item.signature.signed_info references = signed_info.reference signatures_must_have_a_single_reference_element = len(references) == 1 - the_Reference_element_must_have_a_URI_attribute = ( - signatures_must_have_a_single_reference_element - and hasattr(references[0], "uri") + the_Reference_element_must_have_a_URI_attribute = signatures_must_have_a_single_reference_element and hasattr( + references[0], "uri" ) the_URI_attribute_contains_an_anchor = ( the_Reference_element_must_have_a_URI_attribute @@ -1527,15 +1429,12 @@ def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, and len(references[0].uri) > 1 ) the_anchor_points_to_the_enclosing_element_ID_attribute = ( - the_URI_attribute_contains_an_anchor - and references[0].uri == "#{id}".format(id=item.id) + the_URI_attribute_contains_an_anchor and references[0].uri == f"#{item.id}" ) # SAML implementations SHOULD use Exclusive Canonicalization, # with or without comments - canonicalization_method_is_c14n = ( - signed_info.canonicalization_method.algorithm in ALLOWED_CANONICALIZATIONS - ) + canonicalization_method_is_c14n = signed_info.canonicalization_method.algorithm in ALLOWED_CANONICALIZATIONS # Signatures in SAML messages SHOULD NOT contain transforms other than the # - enveloped signature transform @@ -1543,25 +1442,19 @@ def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, # - or the exclusive canonicalization transforms # (with the identifier http://www.w3.org/2001/10/xml-exc-c14n# # or http://www.w3.org/2001/10/xml-exc-c14n#WithComments). - transform_algos = [ - transform.algorithm - for transform in references[0].transforms.transform - ] + transform_algos = [transform.algorithm for transform in references[0].transforms.transform] tranform_algos_valid = ALLOWED_TRANSFORMS.intersection(transform_algos) transform_algos_n = len(transform_algos) tranform_algos_valid_n = len(tranform_algos_valid) the_number_of_transforms_is_one_or_two = ( - signatures_must_have_a_single_reference_element - and 1 <= transform_algos_n <= 2 + signatures_must_have_a_single_reference_element and 1 <= transform_algos_n <= 2 ) all_transform_algs_are_allowed = ( - the_number_of_transforms_is_one_or_two - and transform_algos_n == tranform_algos_valid_n + the_number_of_transforms_is_one_or_two and transform_algos_n == tranform_algos_valid_n ) the_enveloped_signature_transform_is_defined = ( - the_number_of_transforms_is_one_or_two - and TRANSFORM_ENVELOPED in transform_algos + the_number_of_transforms_is_one_or_two and TRANSFORM_ENVELOPED in transform_algos ) # The element is not defined for use with SAML signatures, @@ -1571,26 +1464,16 @@ def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, object_element_is_not_present = not item.signature.object validators = { - "signatures must have a single reference element": ( - signatures_must_have_a_single_reference_element - ), - "the Reference element must have a URI attribute": ( - the_Reference_element_must_have_a_URI_attribute - ), - "the URI attribute contains an anchor": ( - the_URI_attribute_contains_an_anchor - ), + "signatures must have a single reference element": (signatures_must_have_a_single_reference_element), + "the Reference element must have a URI attribute": (the_Reference_element_must_have_a_URI_attribute), + "the URI attribute contains an anchor": (the_URI_attribute_contains_an_anchor), "the anchor points to the enclosing element ID attribute": ( the_anchor_points_to_the_enclosing_element_ID_attribute ), "canonicalization method is c14n": canonicalization_method_is_c14n, - "the number of transforms is one or two": ( - the_number_of_transforms_is_one_or_two - ), + "the number of transforms is one or two": (the_number_of_transforms_is_one_or_two), "all transform algs are allowed": all_transform_algs_are_allowed, - "the enveloped signature transform is defined": ( - the_enveloped_signature_transform_is_defined - ), + "the enveloped signature transform is defined": (the_enveloped_signature_transform_is_defined), "object element is not present": object_element_is_not_present, } if not all(validators.values()): @@ -1620,17 +1503,16 @@ def _check_signature(self, decoded_xml, item, node_name=NODE_NAME, origdoc=None, verified = True break except XmlsecError as exc: - logger.error('check_sig: %s', exc) - pass + logger.error("check_sig: %s", str(exc)) except Exception as exc: - logger.error('check_sig: %s', exc) + logger.error("check_sig: %s", str(exc)) raise if verified or only_valid_cert: if not self.cert_handler.verify_cert(last_pem_file): - raise CertificateError('Invalid certificate!') + raise CertificateError("Invalid certificate!") else: - raise SignatureError('Failed to verify signature') + raise SignatureError("Failed to verify signature") return item @@ -1664,77 +1546,95 @@ def correctly_signed_message(self, decoded_xml, msgtype, must=False, origdoc=Non :return: """ - attr = '{type}_from_string'.format(type=msgtype) + attr = f"{msgtype}_from_string" _func = getattr(saml, attr, None) _func = getattr(samlp, attr, _func) msg = _func(decoded_xml) if not msg: - raise TypeError('Not a {type}'.format(type=msgtype)) + raise TypeError(f"Not a {msgtype}") if not msg.signature: if must: - err_msg = 'Required signature missing on {type}' + err_msg = "Required signature missing on {type}" err_msg = err_msg.format(type=msgtype) raise SignatureError(err_msg) else: return msg return self._check_signature( - decoded_xml, - msg, - class_name(msg), - origdoc, - must=must, - only_valid_cert=only_valid_cert) + decoded_xml, msg, class_name(msg), origdoc, must=must, only_valid_cert=only_valid_cert + ) def correctly_signed_authn_request(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'authn_request', must, origdoc, only_valid_cert=only_valid_cert) + return self.correctly_signed_message( + decoded_xml, "authn_request", must, origdoc, only_valid_cert=only_valid_cert + ) def correctly_signed_authn_query(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'authn_query', must, origdoc, only_valid_cert) + return self.correctly_signed_message(decoded_xml, "authn_query", must, origdoc, only_valid_cert) def correctly_signed_logout_request(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'logout_request', must, origdoc, only_valid_cert) + return self.correctly_signed_message(decoded_xml, "logout_request", must, origdoc, only_valid_cert) def correctly_signed_logout_response(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'logout_response', must, origdoc, only_valid_cert) + return self.correctly_signed_message(decoded_xml, "logout_response", must, origdoc, only_valid_cert) def correctly_signed_attribute_query(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'attribute_query', must, origdoc, only_valid_cert) + return self.correctly_signed_message(decoded_xml, "attribute_query", must, origdoc, only_valid_cert) - def correctly_signed_authz_decision_query(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'authz_decision_query', must, origdoc, only_valid_cert) + def correctly_signed_authz_decision_query( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "authz_decision_query", must, origdoc, only_valid_cert) - def correctly_signed_authz_decision_response(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'authz_decision_response', must, origdoc, only_valid_cert) + def correctly_signed_authz_decision_response( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "authz_decision_response", must, origdoc, only_valid_cert) - def correctly_signed_name_id_mapping_request(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'name_id_mapping_request', must, origdoc, only_valid_cert) + def correctly_signed_name_id_mapping_request( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "name_id_mapping_request", must, origdoc, only_valid_cert) - def correctly_signed_name_id_mapping_response(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'name_id_mapping_response', must, origdoc, only_valid_cert) + def correctly_signed_name_id_mapping_response( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "name_id_mapping_response", must, origdoc, only_valid_cert) def correctly_signed_artifact_request(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'artifact_request', must, origdoc, only_valid_cert) - - def correctly_signed_artifact_response(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'artifact_response', must, origdoc, only_valid_cert) - - def correctly_signed_manage_name_id_request(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'manage_name_id_request', must, origdoc, only_valid_cert) - - def correctly_signed_manage_name_id_response(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'manage_name_id_response', must, origdoc, only_valid_cert) - - def correctly_signed_assertion_id_request(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'assertion_id_request', must, origdoc, only_valid_cert) - - def correctly_signed_assertion_id_response(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs): - return self.correctly_signed_message(decoded_xml, 'assertion', must, origdoc, only_valid_cert) - - def correctly_signed_response(self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, require_response_signature=False, **kwargs): - """ Check if a instance is correctly signed, if we have metadata for + return self.correctly_signed_message(decoded_xml, "artifact_request", must, origdoc, only_valid_cert) + + def correctly_signed_artifact_response( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "artifact_response", must, origdoc, only_valid_cert) + + def correctly_signed_manage_name_id_request( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "manage_name_id_request", must, origdoc, only_valid_cert) + + def correctly_signed_manage_name_id_response( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "manage_name_id_response", must, origdoc, only_valid_cert) + + def correctly_signed_assertion_id_request( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "assertion_id_request", must, origdoc, only_valid_cert) + + def correctly_signed_assertion_id_response( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, **kwargs + ): + return self.correctly_signed_message(decoded_xml, "assertion", must, origdoc, only_valid_cert) + + def correctly_signed_response( + self, decoded_xml, must=False, origdoc=None, only_valid_cert=False, require_response_signature=False, **kwargs + ): + """Check if a instance is correctly signed, if we have metadata for the IdP that sent the info use that, if not use the key that are in the message if any. @@ -1748,21 +1648,20 @@ def correctly_signed_response(self, decoded_xml, must=False, origdoc=None, only_ response = samlp.any_response_from_string(decoded_xml) if not response: - raise TypeError('Not a Response') + raise TypeError("Not a Response") if response.signature: - if 'do_not_verify' in kwargs: + if "do_not_verify" in kwargs: pass else: - self._check_signature(decoded_xml, response, - class_name(response), origdoc) + self._check_signature(decoded_xml, response, class_name(response), origdoc) elif require_response_signature: - raise SignatureError('Signature missing for response') + raise SignatureError("Signature missing for response") return response def sign_statement_using_xmlsec(self, statement, **kwargs): - """ Deprecated function. See sign_statement(). """ + """Deprecated function. See sign_statement().""" return self.sign_statement(statement, **kwargs) def sign_statement(self, statement, node_name, key=None, key_file=None, node_id=None): @@ -1798,11 +1697,10 @@ def sign_assertion(self, statement, **kwargs): :param statement: The statement to be signed :return: The signed statement """ - return self.sign_statement( - statement, class_name(saml.Assertion()), **kwargs) + return self.sign_statement(statement, class_name(saml.Assertion()), **kwargs) def sign_attribute_query_using_xmlsec(self, statement, **kwargs): - """ Deprecated function. See sign_attribute_query(). """ + """Deprecated function. See sign_attribute_query().""" return self.sign_attribute_query(statement, **kwargs) def sign_attribute_query(self, statement, **kwargs): @@ -1813,8 +1711,7 @@ def sign_attribute_query(self, statement, **kwargs): :param statement: The statement to be signed :return: The signed statement """ - return self.sign_statement( - statement, class_name(samlp.AttributeQuery()), **kwargs) + return self.sign_statement(statement, class_name(samlp.AttributeQuery()), **kwargs) def multiple_signatures(self, statement, to_sign, key=None, key_file=None, sign_alg=None, digest_alg=None): """ @@ -1886,27 +1783,21 @@ def pre_signature_part( digest_method = ds.DigestMethod(algorithm=digest_alg) reference = ds.Reference( - uri='#{id}'.format(id=ident), - digest_value=ds.DigestValue(), - transforms=transforms, - digest_method=digest_method) + uri=f"#{ident}", digest_value=ds.DigestValue(), transforms=transforms, digest_method=digest_method + ) signed_info = ds.SignedInfo( - signature_method=signature_method, - canonicalization_method=canonicalization_method, - reference=reference) + signature_method=signature_method, canonicalization_method=canonicalization_method, reference=reference + ) - signature = ds.Signature( - signed_info=signed_info, - signature_value=ds.SignatureValue()) + signature = ds.Signature(signed_info=signed_info, signature_value=ds.SignatureValue()) if identifier: - signature.id = 'Signature{n}'.format(n=identifier) + signature.id = f"Signature{identifier}" # XXX remove - do not embed the cert if public_key: - x509_data = ds.X509Data( - x509_certificate=[ds.X509Certificate(text=public_key)]) + x509_data = ds.X509Data(x509_certificate=[ds.X509Certificate(text=public_key)]) key_info = ds.KeyInfo(x509_data=x509_data) signature.key_info = key_info @@ -1950,36 +1841,28 @@ def pre_encryption_part( encrypted_data_id=None, encrypt_cert=None, ): - ek_id = encrypted_key_id or "EK_{id}".format(id=gen_random_key()) - ed_id = encrypted_data_id or "ED_{id}".format(id=gen_random_key()) + ek_id = encrypted_key_id or f"EK_{gen_random_key()}" + ed_id = encrypted_data_id or f"ED_{gen_random_key()}" msg_encryption_method = EncryptionMethod(algorithm=msg_enc) key_encryption_method = EncryptionMethod(algorithm=key_enc) - x509_data = ( - ds.X509Data(x509_certificate=ds.X509Certificate(text=encrypt_cert)) - if encrypt_cert - else None - ) + x509_data = ds.X509Data(x509_certificate=ds.X509Certificate(text=encrypt_cert)) if encrypt_cert else None key_name = ds.KeyName(text=key_name) if key_name else None - key_info = ( - ds.KeyInfo(key_name=key_name, x509_data=x509_data) - if key_name or x509_data - else None - ) + key_info = ds.KeyInfo(key_name=key_name, x509_data=x509_data) if key_name or x509_data else None encrypted_key = EncryptedKey( id=ek_id, encryption_method=key_encryption_method, key_info=key_info, - cipher_data=CipherData(cipher_value=CipherValue(text='')), + cipher_data=CipherData(cipher_value=CipherValue(text="")), ) key_info = ds.KeyInfo(encrypted_key=encrypted_key) encrypted_data = EncryptedData( id=ed_id, - type='http://www.w3.org/2001/04/xmlenc#Element', + type="http://www.w3.org/2001/04/xmlenc#Element", encryption_method=msg_encryption_method, key_info=key_info, - cipher_data=CipherData(cipher_value=CipherValue(text='')), + cipher_data=CipherData(cipher_value=CipherValue(text="")), ) return encrypted_data @@ -2002,14 +1885,14 @@ def pre_encrypt_assertion(response): return response -if __name__ == '__main__': +if __name__ == "__main__": import argparse parser = argparse.ArgumentParser() - parser.add_argument('-s', '--list-sigalgs', dest='listsigalgs', - action='store_true', - help='List implemented signature algorithms') + parser.add_argument( + "-s", "--list-sigalgs", dest="listsigalgs", action="store_true", help="List implemented signature algorithms" + ) args = parser.parse_args() if args.listsigalgs: - print('\n'.join([key for key, value in SIGNER_ALGS.items()])) + print("\n".join([key for key, value in SIGNER_ALGS.items()])) diff --git a/src/saml2/soap.py b/src/saml2/soap.py index 94af4f1f4..b8015a6a5 100644 --- a/src/saml2/soap.py +++ b/src/saml2/soap.py @@ -1,5 +1,4 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """ @@ -7,21 +6,14 @@ """ import logging import re +from xml.etree import ElementTree as ElementTree + +import defusedxml.ElementTree from saml2 import create_class_from_element_tree from saml2.samlp import NAMESPACE as SAMLP_NAMESPACE from saml2.schema import soapenv -try: - from xml.etree import cElementTree as ElementTree -except ImportError: - try: - import cElementTree as ElementTree - except ImportError: - #noinspection PyUnresolvedReferences - from elementtree import ElementTree -import defusedxml.ElementTree - logger = logging.getLogger(__name__) @@ -35,98 +27,95 @@ class WrongMessageType(Exception): def parse_soap_enveloped_saml_response(text): - tags = ['{%s}Response' % SAMLP_NAMESPACE, - '{%s}LogoutResponse' % SAMLP_NAMESPACE] + tags = ["{%s}Response" % SAMLP_NAMESPACE, "{%s}LogoutResponse" % SAMLP_NAMESPACE] return parse_soap_enveloped_saml_thingy(text, tags) def parse_soap_enveloped_saml_logout_response(text): - tags = ['{%s}Response' % SAMLP_NAMESPACE, - '{%s}LogoutResponse' % SAMLP_NAMESPACE] + tags = ["{%s}Response" % SAMLP_NAMESPACE, "{%s}LogoutResponse" % SAMLP_NAMESPACE] return parse_soap_enveloped_saml_thingy(text, tags) def parse_soap_enveloped_saml_attribute_query(text): - expected_tag = '{%s}AttributeQuery' % SAMLP_NAMESPACE + expected_tag = "{%s}AttributeQuery" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_attribute_response(text): - tags = ['{%s}Response' % SAMLP_NAMESPACE, - '{%s}AttributeResponse' % SAMLP_NAMESPACE] + tags = ["{%s}Response" % SAMLP_NAMESPACE, "{%s}AttributeResponse" % SAMLP_NAMESPACE] return parse_soap_enveloped_saml_thingy(text, tags) def parse_soap_enveloped_saml_logout_request(text): - expected_tag = '{%s}LogoutRequest' % SAMLP_NAMESPACE + expected_tag = "{%s}LogoutRequest" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_authn_request(text): - expected_tag = '{%s}AuthnRequest' % SAMLP_NAMESPACE + expected_tag = "{%s}AuthnRequest" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_artifact_resolve(text): - expected_tag = '{%s}ArtifactResolve' % SAMLP_NAMESPACE + expected_tag = "{%s}ArtifactResolve" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_artifact_response(text): - expected_tag = '{%s}ArtifactResponse' % SAMLP_NAMESPACE + expected_tag = "{%s}ArtifactResponse" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_name_id_mapping_request(text): - expected_tag = '{%s}NameIDMappingRequest' % SAMLP_NAMESPACE + expected_tag = "{%s}NameIDMappingRequest" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_name_id_mapping_response(text): - expected_tag = '{%s}NameIDMappingResponse' % SAMLP_NAMESPACE + expected_tag = "{%s}NameIDMappingResponse" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_manage_name_id_request(text): - expected_tag = '{%s}ManageNameIDRequest' % SAMLP_NAMESPACE + expected_tag = "{%s}ManageNameIDRequest" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_manage_name_id_response(text): - expected_tag = '{%s}ManageNameIDResponse' % SAMLP_NAMESPACE + expected_tag = "{%s}ManageNameIDResponse" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_assertion_id_request(text): - expected_tag = '{%s}AssertionIDRequest' % SAMLP_NAMESPACE + expected_tag = "{%s}AssertionIDRequest" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_assertion_id_response(text): - tags = ['{%s}Response' % SAMLP_NAMESPACE, - '{%s}AssertionIDResponse' % SAMLP_NAMESPACE] + tags = ["{%s}Response" % SAMLP_NAMESPACE, "{%s}AssertionIDResponse" % SAMLP_NAMESPACE] return parse_soap_enveloped_saml_thingy(text, tags) def parse_soap_enveloped_saml_authn_query(text): - expected_tag = '{%s}AuthnQuery' % SAMLP_NAMESPACE + expected_tag = "{%s}AuthnQuery" % SAMLP_NAMESPACE return parse_soap_enveloped_saml_thingy(text, [expected_tag]) def parse_soap_enveloped_saml_authn_query_response(text): - tags = ['{%s}Response' % SAMLP_NAMESPACE] + tags = ["{%s}Response" % SAMLP_NAMESPACE] return parse_soap_enveloped_saml_thingy(text, tags) def parse_soap_enveloped_saml_authn_response(text): - tags = ['{%s}Response' % SAMLP_NAMESPACE] + tags = ["{%s}Response" % SAMLP_NAMESPACE] return parse_soap_enveloped_saml_thingy(text, tags) -#def parse_soap_enveloped_saml_logout_response(text): +# def parse_soap_enveloped_saml_logout_response(text): # expected_tag = '{%s}LogoutResponse' % SAMLP_NAMESPACE # return parse_soap_enveloped_saml_thingy(text, [expected_tag]) + def parse_soap_enveloped_saml_thingy(text, expected_tags): """Parses a SOAP enveloped SAML thing and returns the thing as a string. @@ -139,23 +128,17 @@ def parse_soap_enveloped_saml_thingy(text, expected_tags): envelope_tag = "{%s}Envelope" % soapenv.NAMESPACE if envelope.tag != envelope_tag: - raise ValueError( - "Invalid envelope tag '{invalid}' should be '{valid}'".format( - invalid=envelope.tag, valid=envelope_tag - ) - ) + raise ValueError(f"Invalid envelope tag '{envelope.tag}' should be '{envelope_tag}'") if len(envelope) < 1: raise Exception("No items in envelope.") body = None for part in envelope: - if part.tag == '{%s}Body' % soapenv.NAMESPACE: + if part.tag == "{%s}Body" % soapenv.NAMESPACE: n_children = len(part) if n_children != 1: - raise Exception( - "Expected a single child element, found {n}".format(n=n_children) - ) + raise Exception(f"Expected a single child element, found {n_children}") body = part break @@ -166,8 +149,7 @@ def parse_soap_enveloped_saml_thingy(text, expected_tags): if saml_part.tag in expected_tags: return ElementTree.tostring(saml_part, encoding="UTF-8") else: - raise WrongMessageType("Was '%s' expected one of %s" % (saml_part.tag, - expected_tags)) + raise WrongMessageType(f"Was '{saml_part.tag}' expected one of {expected_tags}") NS_AND_TAG = re.compile(r"\{([^}]+)\}(.*)") @@ -183,7 +165,7 @@ def instanciate_class(item, modules): return create_class_from_element_tree(target, item) except KeyError: continue - raise Exception("Unknown class: ns='%s', tag='%s'" % (ns, tag)) + raise Exception(f"Unknown class: ns='{ns}', tag='{tag}'") def class_instances_from_soap_enveloped_saml_thingies(text, modules): @@ -197,15 +179,11 @@ def class_instances_from_soap_enveloped_saml_thingies(text, modules): try: envelope = defusedxml.ElementTree.fromstring(text) except Exception as exc: - raise XmlParseError("%s" % exc) + raise XmlParseError(f"{exc}") envelope_tag = "{%s}Envelope" % soapenv.NAMESPACE if envelope.tag != envelope_tag: - raise ValueError( - "Invalid envelope tag '{invalid}' should be '{valid}'".format( - invalid=envelope.tag, valid=envelope_tag - ) - ) + raise ValueError(f"Invalid envelope tag '{envelope.tag}' should be '{envelope_tag}'") if len(envelope) < 1: raise Exception("No items in envelope.") @@ -213,7 +191,7 @@ def class_instances_from_soap_enveloped_saml_thingies(text, modules): env = {"header": [], "body": None} for part in envelope: - if part.tag == '{%s}Body' % soapenv.NAMESPACE: + if part.tag == "{%s}Body" % soapenv.NAMESPACE: if len(envelope) < 1: raise Exception("No items in envelope part.") env["body"] = instanciate_class(part[0], modules) @@ -233,15 +211,11 @@ def open_soap_envelope(text): try: envelope = defusedxml.ElementTree.fromstring(text) except Exception as exc: - raise XmlParseError("%s" % exc) + raise XmlParseError(f"{exc}") envelope_tag = "{%s}Envelope" % soapenv.NAMESPACE if envelope.tag != envelope_tag: - raise ValueError( - "Invalid envelope tag '{invalid}' should be '{valid}'".format( - invalid=envelope.tag, valid=envelope_tag - ) - ) + raise ValueError(f"Invalid envelope tag '{envelope.tag}' should be '{envelope_tag}'") if len(envelope) < 1: raise Exception("No items in envelope.") @@ -249,7 +223,7 @@ def open_soap_envelope(text): content = {"header": [], "body": None} for part in envelope: - if part.tag == '{%s}Body' % soapenv.NAMESPACE: + if part.tag == "{%s}Body" % soapenv.NAMESPACE: if len(envelope) < 1: raise Exception("No items in envelope part.") content["body"] = ElementTree.tostring(part[0], encoding="UTF-8") @@ -262,7 +236,7 @@ def open_soap_envelope(text): def make_soap_enveloped_saml_thingy(thingy, headers=None): - """ Returns a soap envelope containing a SAML request + """Returns a soap envelope containing a SAML request as a text string. :param thingy: The SAML thingy @@ -278,11 +252,11 @@ def make_soap_enveloped_saml_thingy(thingy, headers=None): soap_envelope.body = soapenv.Body() soap_envelope.body.add_extension_element(thingy) - return "%s" % soap_envelope + return f"{soap_envelope}" def soap_fault(message=None, actor=None, code=None, detail=None): - """ Create a SOAP Fault message + """Create a SOAP Fault message :param message: Human readable error message :param actor: Who discovered the error @@ -308,4 +282,4 @@ def soap_fault(message=None, actor=None, code=None, detail=None): detail=_detail, ) - return "%s" % fault + return f"{fault}" diff --git a/src/saml2/time_util.py b/src/saml2/time_util.py index 9eb4cec0a..86ad711d8 100644 --- a/src/saml2/time_util.py +++ b/src/saml2/time_util.py @@ -1,31 +1,28 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """ Implements some usefull functions when dealing with validity of different types of information. """ -from __future__ import print_function import calendar import re -import time import sys - -from datetime import timedelta +import time from datetime import datetime -import six +from datetime import timezone +from datetime import timedelta + TIME_FORMAT = "%Y-%m-%dT%H:%M:%SZ" -TIME_FORMAT_WITH_FRAGMENT = re.compile( - r"^(\d{4,4}-\d{2,2}-\d{2,2}T\d{2,2}:\d{2,2}:\d{2,2})(\.\d*)?Z?$") +TIME_FORMAT_WITH_FRAGMENT = re.compile(r"^(\d{4,4}-\d{2,2}-\d{2,2}T\d{2,2}:\d{2,2}:\d{2,2})(\.\d*)?Z?$") # --------------------------------------------------------------------------- # I'm sure this is implemented somewhere else can't find it now though, so I # made an attempt. -#Implemented according to -#http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/ -#adding-durations-to-dateTimes +# Implemented according to +# http://www.w3.org/TR/2001/REC-xmlschema-2-20010502/ +# adding-durations-to-dateTimes def f_quotient(arg0, arg1, arg2=0): @@ -55,28 +52,28 @@ def maximum_day_in_month_for(year, month): ("T", None), ("H", "tm_hour"), ("M", "tm_min"), - ("S", "tm_sec") + ("S", "tm_sec"), ] def parse_duration(duration): # (-)PnYnMnDTnHnMnS index = 0 - if duration[0] == '-': - sign = '-' + if duration[0] == "-": + sign = "-" index += 1 else: - sign = '+' + sign = "+" if duration[index] != "P": - raise ValueError('Parse Duration is not valid.') + raise ValueError("Parse Duration is not valid.") index += 1 - dic = dict([(typ, 0) for (code, typ) in D_FORMAT if typ]) + dic = {typ: 0 for (code, typ) in D_FORMAT if typ} dlen = len(duration) for code, typ in D_FORMAT: - #print(duration[index:], code) - if duration[index] == '-': + # print(duration[index:], code) + if duration[index] == "-": raise ValueError("Negation not allowed on individual items") if code == "T": if duration[index] == "T": @@ -90,7 +87,7 @@ def parse_duration(duration): else: try: mod = duration[index:].index(code) - _val = duration[index:index + mod] + _val = duration[index : index + mod] try: dic[typ] = int(_val) except ValueError: @@ -108,8 +105,7 @@ def parse_duration(duration): else: raise Exception("Not a float") else: - raise ValueError( - "Fraction not allowed on other than smallest value") + raise ValueError("Fraction not allowed on other than smallest value") index = mod + index + 1 except ValueError: dic[typ] = 0 @@ -124,12 +120,12 @@ def add_duration(tid, duration): (sign, dur) = parse_duration(duration) - if sign == '+': - #Months + if sign == "+": + # Months temp = tid.tm_mon + dur["tm_mon"] month = modulo(temp, 1, 13) carry = f_quotient(temp, 1, 13) - #Years + # Years year = tid.tm_year + dur["tm_year"] + carry # seconds temp = tid.tm_sec + dur["tm_sec"] @@ -164,41 +160,36 @@ def add_duration(tid, duration): month = modulo(temp, 1, 13) year += f_quotient(temp, 1, 13) - return time.localtime(time.mktime((year, month, days, hour, minutes, - secs, 0, 0, -1))) + return time.localtime(time.mktime((year, month, days, hour, minutes, secs, 0, 0, -1))) else: pass + # --------------------------------------------------------------------------- -def time_in_a_while(days=0, seconds=0, microseconds=0, milliseconds=0, - minutes=0, hours=0, weeks=0): +def time_in_a_while(days=0, seconds=0, microseconds=0, milliseconds=0, minutes=0, hours=0, weeks=0): """ format of timedelta: timedelta([days[, seconds[, microseconds[, milliseconds[, minutes[, hours[, weeks]]]]]]]) :return: UTC time """ - delta = timedelta(days, seconds, microseconds, milliseconds, - minutes, hours, weeks) - return datetime.utcnow() + delta + delta = timedelta(days, seconds, microseconds, milliseconds, minutes, hours, weeks) + return datetime.now(timezone.utc) + delta -def time_a_while_ago(days=0, seconds=0, microseconds=0, milliseconds=0, - minutes=0, hours=0, weeks=0): +def time_a_while_ago(days=0, seconds=0, microseconds=0, milliseconds=0, minutes=0, hours=0, weeks=0): """ format of timedelta: timedelta([days[, seconds[, microseconds[, milliseconds[, minutes[, hours[, weeks]]]]]]]) """ - delta = timedelta(days, seconds, microseconds, milliseconds, - minutes, hours, weeks) - return datetime.utcnow() - delta + delta = timedelta(days, seconds, microseconds, milliseconds, minutes, hours, weeks) + return datetime.now(timezone.utc) - delta -def in_a_while(days=0, seconds=0, microseconds=0, milliseconds=0, - minutes=0, hours=0, weeks=0, format=TIME_FORMAT): +def in_a_while(days=0, seconds=0, microseconds=0, milliseconds=0, minutes=0, hours=0, weeks=0, format=TIME_FORMAT): """ format of timedelta: timedelta([days[, seconds[, microseconds[, milliseconds[, @@ -207,20 +198,18 @@ def in_a_while(days=0, seconds=0, microseconds=0, milliseconds=0, if format is None: format = TIME_FORMAT - return time_in_a_while(days, seconds, microseconds, milliseconds, - minutes, hours, weeks).strftime(format) + return time_in_a_while(days, seconds, microseconds, milliseconds, minutes, hours, weeks).strftime(format) + +def a_while_ago(days=0, seconds=0, microseconds=0, milliseconds=0, minutes=0, hours=0, weeks=0, format=TIME_FORMAT): + return time_a_while_ago(days, seconds, microseconds, milliseconds, minutes, hours, weeks).strftime(format) -def a_while_ago(days=0, seconds=0, microseconds=0, milliseconds=0, - minutes=0, hours=0, weeks=0, format=TIME_FORMAT): - return time_a_while_ago(days, seconds, microseconds, milliseconds, - minutes, hours, weeks).strftime(format) # --------------------------------------------------------------------------- def shift_time(dtime, shift): - """ Adds/deletes an integer amount of seconds from a datetime specification + """Adds/deletes an integer amount of seconds from a datetime specification :param dtime: The datatime specification :param shift: The wanted time shift (+/-) @@ -228,6 +217,7 @@ def shift_time(dtime, shift): """ return dtime + timedelta(seconds=shift) + # --------------------------------------------------------------------------- @@ -246,9 +236,9 @@ def str_to_time(timestr, format=TIME_FORMAT): try: elem = TIME_FORMAT_WITH_FRAGMENT.match(timestr) except Exception as exc: - print("Exception: %s on %s" % (exc, timestr), file=sys.stderr) + print(f"Exception: {exc} on {timestr}", file=sys.stderr) raise - then = time.strptime(elem.groups()[0] + "Z", TIME_FORMAT) + then = time.strptime(f"{elem.groups()[0]}Z", TIME_FORMAT) return time.gmtime(calendar.timegm(then)) @@ -259,17 +249,19 @@ def instant(format=TIME_FORMAT, time_stamp=0): else: return time.strftime(format, time.gmtime()) + # --------------------------------------------------------------------------- def utc_now(): return calendar.timegm(time.gmtime()) + # --------------------------------------------------------------------------- def before(point): - """ True if current time is before point datetime specification. + """True if current time is before point datetime specification. NOTE: If point is specified it is supposed to be in local time. Not UTC/GMT !! This is because that is what gmtime() expects. @@ -277,7 +269,7 @@ def before(point): if not point: return True - if isinstance(point, six.string_types): + if isinstance(point, str): point = str_to_time(point) elif isinstance(point, int): point = time.gmtime(point) @@ -286,7 +278,7 @@ def before(point): def after(point): - """ True if current time is after or equal to point datetime specification.""" + """True if current time is after or equal to point datetime specification.""" if not point: return True else: @@ -308,13 +300,13 @@ def utc_time_sans_frac(): def later_than(after, before): - """ True if then is later or equal to that """ - if isinstance(after, six.string_types): + """True if then is later or equal to that""" + if isinstance(after, str): after = str_to_time(after) elif isinstance(after, int): after = time.gmtime(after) - if isinstance(before, six.string_types): + if isinstance(before, str): before = str_to_time(before) elif isinstance(before, int): before = time.gmtime(before) diff --git a/src/saml2/tools/make_metadata.py b/src/saml2/tools/make_metadata.py new file mode 100644 index 000000000..ffb653018 --- /dev/null +++ b/src/saml2/tools/make_metadata.py @@ -0,0 +1,83 @@ +#!/usr/bin/env python +import argparse +import os +import sys + +from saml2.config import Config +from saml2.metadata import entities_descriptor +from saml2.metadata import entity_descriptor +from saml2.metadata import metadata_tostring_fix +from saml2.metadata import sign_entity_descriptor +from saml2.sigver import security_context +from saml2.validate import valid_instance + + +# ============================================================================= +# Script that creates a SAML2 metadata file from a pysaml2 entity configuration +# file +# ============================================================================= + + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("-v", dest="valid", help="How long, in days, the metadata is valid from the time of creation") + parser.add_argument("-c", dest="cert", help="certificate") + parser.add_argument("-e", dest="ed", action="store_true", help="Wrap the whole thing in an EntitiesDescriptor") + parser.add_argument("-i", dest="id", help="The ID of the entities descriptor") + parser.add_argument("-k", dest="keyfile", help="A file with a key to sign the metadata with") + parser.add_argument("-n", dest="name", default="") + parser.add_argument("-p", dest="path", help="path to the configuration file") + parser.add_argument("-s", dest="sign", action="store_true", help="sign the metadata") + parser.add_argument("-x", dest="xmlsec", help="xmlsec binaries to be used for the signing") + parser.add_argument("-w", dest="wellknown", help="Use wellknown namespace prefixes") + parser.add_argument(dest="config", nargs="+") + args = parser.parse_args() + + valid_for = 0 + nspair = {"xs": "http://www.w3.org/2001/XMLSchema"} + # paths = [".", "/opt/local/bin"] + + if args.valid: + # translate into hours + valid_for = int(args.valid) * 24 + + eds = [] + for filespec in args.config: + bas, fil = os.path.split(filespec) + if bas != "": + sys.path.insert(0, bas) + if fil.endswith(".py"): + fil = fil[:-3] + cnf = Config().load_file(fil) + if valid_for: + cnf.valid_for = valid_for + eds.append(entity_descriptor(cnf)) + + conf = Config() + conf.key_file = args.keyfile + conf.cert_file = args.cert + conf.debug = 1 + conf.xmlsec_binary = args.xmlsec + secc = security_context(conf) + + if args.id: + desc, xmldoc = entities_descriptor(eds, valid_for, args.name, args.id, args.sign, secc) + valid_instance(desc) + xmldoc = metadata_tostring_fix(desc, nspair, xmldoc) + print(xmldoc.decode("utf-8")) + else: + for eid in eds: + if args.sign: + assert conf.key_file + assert conf.cert_file + eid, xmldoc = sign_entity_descriptor(eid, args.id, secc) + else: + xmldoc = None + + valid_instance(eid) + xmldoc = metadata_tostring_fix(eid, nspair, xmldoc) + print(xmldoc.decode("utf-8")) + + +if __name__ == "__main__": + main() diff --git a/src/saml2/tools/mdexport.py b/src/saml2/tools/mdexport.py new file mode 100644 index 000000000..247a2a2d9 --- /dev/null +++ b/src/saml2/tools/mdexport.py @@ -0,0 +1,54 @@ +#!/usr/bin/env python +import argparse + +from saml2.attribute_converter import ac_factory +from saml2.httpbase import HTTPBase +from saml2.mdstore import MetaDataExtern +from saml2.mdstore import MetaDataFile +from saml2.sigver import SecurityContext +from saml2.sigver import _get_xmlsec_cryptobackend + + +__author__ = "rolandh" + +""" +A script that imports and verifies metadata and then dumps it in a basic +dictionary format. +""" + + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("-t", dest="type") + parser.add_argument("-u", dest="url") + parser.add_argument("-c", dest="cert") + parser.add_argument("-a", dest="attrsmap") + parser.add_argument("-o", dest="output") + parser.add_argument("-x", dest="xmlsec") + parser.add_argument(dest="item") + args = parser.parse_args() + + metad = None + + if args.type == "local": + metad = MetaDataFile(args.item, args.item) + elif args.type == "external": + ATTRCONV = ac_factory(args.attrsmap) + httpc = HTTPBase() + crypto = _get_xmlsec_cryptobackend(args.xmlsec) + sc = SecurityContext(crypto) + metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc) + + if metad is not None: + metad.load() + txt = metad.dumps() + if args.output: + f = open(args.output, "w") + f.write(txt) + f.close() + else: + print(txt) + + +if __name__ == "__main__": + main() diff --git a/tools/mdexport_test.py b/src/saml2/tools/mdexport_test.py old mode 100755 new mode 100644 similarity index 65% rename from tools/mdexport_test.py rename to src/saml2/tools/mdexport_test.py index c8b4e49f4..fdee38a73 --- a/tools/mdexport_test.py +++ b/src/saml2/tools/mdexport_test.py @@ -15,16 +15,10 @@ "swamid": { "url": "https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2", "cert": "kalmar2.pem", - "type": "external" + "type": "external", }, - "incommon": { - "file": "InCommon-metadata.xml", - "type": "local" - }, - "test": { - "file": "mdtest.xml", - "type": "local" - } + "incommon": {"file": "InCommon-metadata.xml", "type": "local"}, + "test": {"file": "mdtest.xml", "type": "local"}, } @@ -36,13 +30,12 @@ def main(): if item["type"] == "local": metad = MetaDataFile(sys.argv[1], item["file"]) elif item["type"] == "external": - metad = MetaDataExtern(sys.argv[1], item["url"], - "/opt/local/bin/xmlsec1", item["cert"]) + metad = MetaDataExtern(sys.argv[1], item["url"], "/opt/local/bin/xmlsec1", item["cert"]) if metad: metad.load() print(metad.dumps()) -if __name__ == '__main__': +if __name__ == "__main__": main() diff --git a/src/saml2/tools/mdimport.py b/src/saml2/tools/mdimport.py new file mode 100644 index 000000000..ad5a3a81e --- /dev/null +++ b/src/saml2/tools/mdimport.py @@ -0,0 +1,32 @@ +#!/usr/bin/env python +import time + +from saml2.attribute_converter import ac_factory +from saml2.mdstore import MetaDataFile +from saml2.mdstore import MetaDataMD + + +__author__ = "rolandh" + + +def main(): + start = time.time() + for i in range(1, 10): + mdmd = MetaDataMD(ac_factory("../tests/attributemaps"), "swamid2.md") + mdmd.load() + + _ = mdmd.keys() + + print(time.time() - start) + + start = time.time() + for i in range(1, 10): + mdf = MetaDataFile(ac_factory("../tests/attributemaps"), "../tests/swamid-2.0.xml") + mdf.load() + _ = mdf.keys() + + print(time.time() - start) + + +if __name__ == "__main__": + main() diff --git a/src/saml2/tools/merge_metadata.py b/src/saml2/tools/merge_metadata.py new file mode 100644 index 000000000..79f88d4b3 --- /dev/null +++ b/src/saml2/tools/merge_metadata.py @@ -0,0 +1,78 @@ +#!/usr/bin/env python +import argparse + +from saml2.attribute_converter import ac_factory +from saml2.httpbase import HTTPBase +from saml2.mdstore import MetaDataExtern +from saml2.mdstore import MetaDataFile +from saml2.mdstore import MetadataStore +from saml2.sigver import SecurityContext +from saml2.sigver import _get_xmlsec_cryptobackend + + +__author__ = "rolandh" + +""" +A script that imports and verifies metadata. +""" + + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("-a", dest="attrsmap") + parser.add_argument("-o", dest="output", default="local") + parser.add_argument("-x", dest="xmlsec") + parser.add_argument("-i", dest="ignore_valid", action="store_true") + parser.add_argument(dest="conf") + args = parser.parse_args() + + metad = None + + # config file format + # + # local + # remote + # + # for instance + # + # local metadata_sp_1.xml + # local InCommon-metadata.xml + # remote https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2 kalmar2.pem + # + + ATTRCONV = ac_factory(args.attrsmap) + + mds = MetadataStore(None, None) + + for line in open(args.conf).readlines(): + line = line.strip() + if len(line) == 0: + continue + elif line[0] == "#": + continue + spec = line.split(" ") + + if args.ignore_valid: + kwargs = {"check_validity": False} + else: + kwargs = {} + + if spec[0] == "local": + metad = MetaDataFile(spec[1], spec[1], **kwargs) + elif spec[0] == "remote": + ATTRCONV = ac_factory(args.attrsmap) + httpc = HTTPBase() + crypto = _get_xmlsec_cryptobackend(args.xmlsec) + sc = SecurityContext(crypto, key_type="", cert_type="") + metad = MetaDataExtern(ATTRCONV, spec[1], sc, cert=spec[2], http=httpc, **kwargs) + + if metad is not None: + metad.load() + + mds.metadata[spec[1]] = metad + + print(mds.dumps(args.output)) + + +if __name__ == "__main__": + main() diff --git a/tools/parse_xsd2.py b/src/saml2/tools/parse_xsd2.py old mode 100755 new mode 100644 similarity index 74% rename from tools/parse_xsd2.py rename to src/saml2/tools/parse_xsd2.py index 0fc252a3c..5129dd349 --- a/tools/parse_xsd2.py +++ b/src/saml2/tools/parse_xsd2.py @@ -1,96 +1,103 @@ #!/usr/bin/env python -import re -import time +import errno import getopt -import imp +import importlib +import re import sys +import time import types -import errno -import six + __version__ = 0.5 -from xml.etree import cElementTree as ElementTree +from xml.etree import ElementTree as ElementTree + -INDENT = 4*" " +INDENT = 4 * " " DEBUG = False XMLSCHEMA = "http://www.w3.org/2001/XMLSchema" -XML_NAMESPACE = 'http://www.w3.org/XML/1998/namespace' +XML_NAMESPACE = "http://www.w3.org/XML/1998/namespace" + +CLASS_PROP = [ + ("c_children", ".copy()"), + ("c_attributes", ".copy()"), + ("c_child_order", "[:]"), + ("c_cardinality", ".copy()"), +] -CLASS_PROP = [("c_children", ".copy()"), - ("c_attributes", ".copy()"), - ("c_child_order", "[:]"), - ("c_cardinality", ".copy()")] - BASE_ELEMENT = ["text", "extension_elements", "extension_attributes"] - + + class MissingPrerequisite(Exception): pass + def sd_copy(arg): try: return arg.copy() except AttributeError: return {} - + + # ------------------------------------------------------------------------ + def class_pyify(ref): - return ref.replace("-","_") + return ref.replace("-", "_") + -PROTECTED_KEYWORDS = ["import", "def", "if", "else", "return", "for", - "while", "not", "try", "except", "in"] +PROTECTED_KEYWORDS = ["import", "def", "if", "else", "return", "for", "while", "not", "try", "except", "in"] def def_init(imports, attributes): - indent = INDENT+INDENT - indent3 = INDENT+INDENT+INDENT - line = ["%sdef __init__(self," % INDENT] + indent = INDENT + INDENT + indent3 = INDENT + INDENT + INDENT + line = [f"{INDENT}def __init__(self,"] for elem in attributes: if elem[0] in PROTECTED_KEYWORDS: - _name = elem[0] +"_" + _name = elem[0] + "_" else: _name = elem[0] if elem[2]: - line.append("%s%s='%s'," % (indent3, _name, elem[2])) + line.append(f"{indent3}{_name}='{elem[2]}',") else: - line.append("%s%s=%s," % (indent3, _name, elem[2])) + line.append(f"{indent3}{_name}={elem[2]},") for _, elems in imports.items(): for elem in elems: if elem in PROTECTED_KEYWORDS: - _name = elem +"_" + _name = elem + "_" else: _name = elem - line.append("%s%s=None," % (indent3, _name)) + line.append(f"{indent3}{_name}=None,") - line.append("%stext=None," % indent3) - line.append("%sextension_elements=None," % indent3) - line.append("%sextension_attributes=None," % indent3) - line.append("%s):" % indent) + line.append(f"{indent3}text=None,") + line.append(f"{indent3}extension_elements=None,") + line.append(f"{indent3}extension_attributes=None,") + line.append(f"{indent}):") return line - + def base_init(imports): line = [] - indent4 = INDENT+INDENT+INDENT+INDENT + indent4 = INDENT + INDENT + INDENT + INDENT if not imports: - line.append("%sSamlBase.__init__(self, " % (INDENT+INDENT)) + line.append(f"{INDENT + INDENT}SamlBase.__init__(self, ") for attr in BASE_ELEMENT: if attr in PROTECTED_KEYWORDS: _name = attr + "_" else: _name = attr - line.append("%s%s=%s," % (indent4, _name, _name)) - line.append("%s)" % indent4) + line.append(f"{indent4}{_name}={_name},") + line.append(f"{indent4})") else: # TODO have to keep apart which properties come from which superior for sup, elems in imports.items(): - line.append("%s%s.__init__(self, " % (INDENT+INDENT, sup)) + line.append(f"{INDENT + INDENT}{sup}.__init__(self, ") lattr = elems[:] lattr.extend(BASE_ELEMENT) for attr in lattr: @@ -98,26 +105,26 @@ def base_init(imports): _name = attr + "_" else: _name = attr - line.append("%s%s=%s," % (indent4, _name, _name)) - line.append("%s)" % indent4) + line.append(f"{indent4}{_name}={_name},") + line.append(f"{indent4})") return line - + def initialize(attributes): - indent = INDENT+INDENT + indent = INDENT + INDENT line = [] for prop, val, _default in attributes: if prop in PROTECTED_KEYWORDS: - _name = prop +"_" + _name = prop + "_" else: _name = prop if val in PROTECTED_KEYWORDS: - _vname = val +"_" + _vname = val + "_" else: _vname = val - - line.append("%sself.%s=%s" % (indent, _name, _vname)) + + line.append(f"{indent}self.{_name}={_vname}") return line @@ -127,7 +134,7 @@ def _mod_typ(prop): except ValueError: typ = prop.type mod = None - except TypeError: # No type property + except TypeError: # No type property try: (mod, typ) = prop.ref except ValueError: @@ -136,7 +143,7 @@ def _mod_typ(prop): else: typ = prop.ref mod = None - + return mod, typ @@ -153,13 +160,13 @@ def _mod_cname(prop, cdict): cname = cdict[class_pyify(typ)].class_name else: cname = typ - + return mod, cname def leading_uppercase(string): try: - return string[0].upper()+string[1:] + return string[0].upper() + string[1:] except IndexError: return string except TypeError: @@ -168,7 +175,7 @@ def leading_uppercase(string): def leading_lowercase(string): try: - return string[0].lower()+string[1:] + return string[0].lower() + string[1:] except IndexError: return string except TypeError: @@ -186,6 +193,7 @@ def rm_duplicates(properties): keys.append(prop.name) return clist + # def rm_duplicates(lista): # res = [] # for item in lista: @@ -199,9 +207,9 @@ def klass_namn(obj): return obj.class_name else: return obj.name - -class PyObj(object): + +class PyObj: def __init__(self, name=None, pyname=None, root=None): self.name = name self.done = False @@ -212,7 +220,7 @@ def __init__(self, name=None, pyname=None, root=None): self.properties = ([], []) self.abstract = False self.class_name = "" - + if pyname: self.pyname = pyname elif name: @@ -221,33 +229,31 @@ def __init__(self, name=None, pyname=None, root=None): self.pyname = name self.type = None - + def child_spec(self, target_namespace, prop, mod, typ, lista): if mod: namesp = external_namespace(self.root.modul[mod]) - pkey = '{%s}%s' % (namesp, prop.name) - typ = "%s.%s" % (mod, typ) + pkey = f"{{{namesp}}}{prop.name}" + typ = f"{mod}.{typ}" else: - pkey = '{%s}%s' % (target_namespace, prop.name) + pkey = f"{{{target_namespace}}}{prop.name}" if lista: - return "c_children['%s'] = ('%s', [%s])" % ( - pkey, prop.pyname, typ) + return f"c_children['{pkey}'] = ('{prop.pyname}', [{typ}])" else: - return "c_children['%s'] = ('%s', %s)" % ( - pkey, prop.pyname, typ) - + return f"c_children['{pkey}'] = ('{prop.pyname}', {typ})" + def knamn(self, sup, cdict): cname = cdict[sup].class_name if not cname: - (namesp, tag) = cdict[sup].name.split('.') + (namesp, tag) = cdict[sup].name.split(".") if namesp: ctag = self.root.modul[namesp].factory(tag).__class__.__name__ - cname = '%s.%s' % (namesp, ctag) + cname = f"{namesp}.{ctag}" else: cname = tag + "_" return cname - + def _do_properties(self, line, cdict, ignore, target_namespace): args = [] child = [] @@ -256,11 +262,10 @@ def _do_properties(self, line, cdict, ignore, target_namespace): (own, inh) = self.properties except AttributeError: (own, inh) = ([], []) - + for prop in own: if isinstance(prop, PyAttribute): - line.append("%sc_attributes['%s'] = %s" % (INDENT, - prop.name, prop.spec())) + line.append(f"{INDENT}c_attributes['{prop.name}'] = {prop.spec()}") if prop.fixed: args.append((prop.pyname, prop.fixed, None)) else: @@ -268,47 +273,40 @@ def _do_properties(self, line, cdict, ignore, target_namespace): args.append((prop.pyname, prop.pyname, prop.default)) else: args.append((prop.pyname, prop.pyname, None)) - + elif isinstance(prop, PyElement): (mod, cname) = _mod_cname(prop, cdict) - + if prop.max == "unbounded": lista = True - pmax = 0 # just has to be different from 1 + pmax = 0 # just has to be different from 1 else: pmax = int(prop.max) lista = False - + if prop.name in ignore: pass else: - line.append("%s%s" % (INDENT, self.child_spec( - target_namespace, prop, - mod, cname, - lista))) + line.append(f"{INDENT}{self.child_spec(target_namespace, prop, mod, cname, lista)}") - pmin = int(getattr(prop, 'min', 1)) + pmin = int(getattr(prop, "min", 1)) if pmax == 1 and pmin == 1: pass elif prop.max == "unbounded": - line.append( "%sc_cardinality['%s'] = {\"min\":%s}" % ( - INDENT, prop.pyname, pmin)) + line.append(f"{INDENT}c_cardinality['{prop.pyname}'] = {{\"min\":{pmin}}}") else: - line.append( - "%sc_cardinality['%s'] = {\"min\":%s, \"max\":%d}" % ( - INDENT, prop.pyname, pmin, pmax)) + line.append('%sc_cardinality[\'%s\'] = {"min":%s, "max":%d}' % (INDENT, prop.pyname, pmin, pmax)) child.append(prop.pyname) if lista: - args.append((prop.pyname, "%s or []" % (prop.pyname,), - None)) + args.append((prop.pyname, f"{prop.pyname} or []", None)) else: args.append((prop.pyname, prop.pyname, None)) - + return args, child, inh - + def _superiors(self, cdict): imps = {} @@ -318,17 +316,17 @@ def _superiors(self, cdict): for sup in superior: klass = self.knamn(sup, cdict) sups.append(klass) - + imps[klass] = [] for cla in cdict[sup].properties[0]: - if cla.pyname and cla.pyname not in imps[klass]: + if cla.pyname and cla.pyname not in imps[klass]: imps[klass].append(cla.pyname) except AttributeError: superior = [] sups = [] - + return superior, sups, imps - + def class_definition(self, target_namespace, cdict=None, ignore=None): line = [] @@ -339,48 +337,41 @@ def class_definition(self, target_namespace, cdict=None, ignore=None): (superior, sups, imps) = self._superiors(cdict) c_name = klass_namn(self) - + if not superior: - line.append("class %s(SamlBase):" % (c_name,)) + line.append(f"class {c_name}(SamlBase):") else: - line.append("class %s(%s):" % (c_name, ",".join(sups))) + line.append(f"class {c_name}({','.join(sups)}):") - if hasattr(self, 'scoped'): + if hasattr(self, "scoped"): pass else: - line.append("%s\"\"\"The %s:%s element \"\"\"" % (INDENT, - target_namespace, - self.name)) + line.append(f'{INDENT}"""The {target_namespace}:{self.name} element """') line.append("") - line.append("%sc_tag = '%s'" % (INDENT, self.name)) - line.append("%sc_namespace = NAMESPACE" % (INDENT,)) + line.append(f"{INDENT}c_tag = '{self.name}'") + line.append(f"{INDENT}c_namespace = NAMESPACE") try: if self.value_type: - if isinstance(self.value_type, six.string_types): - line.append("%sc_value_type = '%s'" % (INDENT, - self.value_type)) + if isinstance(self.value_type, str): + line.append(f"{INDENT}c_value_type = '{self.value_type}'") else: - line.append("%sc_value_type = %s" % (INDENT, - self.value_type)) + line.append(f"{INDENT}c_value_type = {self.value_type}") except AttributeError: pass if not superior: for var, cps in CLASS_PROP: - line.append("%s%s = SamlBase.%s%s" % (INDENT, var, var, cps)) + line.append(f"{INDENT}{var} = SamlBase.{var}{cps}") else: for sup in sups: for var, cps in CLASS_PROP: - line.append("%s%s = %s.%s%s" % (INDENT, var, sup, var, - cps)) + line.append(f"{INDENT}{var} = {sup}.{var}{cps}") + + (args, child, inh) = self._do_properties(line, cdict, ignore, target_namespace) - (args, child, inh) = self._do_properties(line, cdict, ignore, - target_namespace) - if child: - line.append("%sc_child_order.extend([%s])" % (INDENT, - "'"+"', '".join(child)+"'")) - + line.append("{}c_child_order.extend([{}])".format(INDENT, "'" + "', '".join(child) + "'")) + if args: if inh: cname = self.knamn(self.superior[0], cdict) @@ -389,26 +380,25 @@ def class_definition(self, target_namespace, cdict=None, ignore=None): line.extend(def_init(imps, args)) line.extend(base_init(imps)) line.extend(initialize(args)) - + line.append("") if not self.abstract or not self.class_name.endswith("_"): - line.append("def %s_from_string(xml_string):" % pyify( - self.class_name)) - line.append( - "%sreturn saml2.create_class_from_xml_string(%s, xml_string)" % ( - INDENT, self.class_name)) + line.append(f"def {pyify(self.class_name)}_from_string(xml_string):") + line.append(f"{INDENT}return saml2.create_class_from_xml_string({self.class_name}, xml_string)") line.append("") - + self.done = True return "\n".join(line) - + + def prepend(add, orig): # return a list which is the lists concatenated with the second list first res = [add] if orig: res.extend(orig) return res - + + def pyobj_factory(name, value_type, elms=None): pyobj = PyObj(name, pyify(name)) pyobj.value_type = value_type @@ -417,6 +407,7 @@ def pyobj_factory(name, value_type, elms=None): elms.append(pyobj) return pyobj + def pyelement_factory(name, value_type, elms=None): obj = PyElement(name, pyify(name)) obj.value_type = value_type @@ -424,7 +415,8 @@ def pyelement_factory(name, value_type, elms=None): if name not in [c.name for c in elms]: elms.append(obj) return obj - + + def expand_groups(properties, cdict): res = [] for prop in properties: @@ -434,14 +426,15 @@ def expand_groups(properties, cdict): res.extend(cdict[cname].properties[0]) else: res.append(prop) - + return res - + + class PyElement(PyObj): def __init__(self, name=None, pyname=None, root=None, parent=""): PyObj.__init__(self, name, pyname, root) if parent: - self.class_name = "%s_%s" % (leading_uppercase(parent), self.name) + self.class_name = f"{leading_uppercase(parent)}_{self.name}" else: self.class_name = leading_uppercase(self.name) self.ref = None @@ -449,7 +442,7 @@ def __init__(self, name=None, pyname=None, root=None, parent=""): self.max = 1 self.definition = None self.orig = None - + # def prereq(self, prop): # prtext = prop.text(target_namespace, cdict) # if prtext == None: @@ -457,7 +450,7 @@ def __init__(self, name=None, pyname=None, root=None, parent=""): # else: # prop.done = True # return prtext - + def undefined(self, cdict): try: (mod, typ) = self.type @@ -467,7 +460,7 @@ def undefined(self, cdict): return [cdict[cname]], [] except ValueError: pass - except TypeError: # could be a ref then or a PyObj instance + except TypeError: # could be a ref then or a PyObj instance if isinstance(self.type, PyType): return self.type.undefined(cdict) elif isinstance(self.ref, tuple): @@ -477,7 +470,7 @@ def undefined(self, cdict): if not cdict[cname].done: return [cdict[cname]], [] return [], [] - + def _local_class(self, typ, cdict, child, target_namespace, ignore): if typ in cdict and not cdict[typ].done: raise MissingPrerequisite(typ) @@ -488,32 +481,29 @@ def _local_class(self, typ, cdict, child, target_namespace, ignore): except AttributeError: self.orig["superior"] = [] self.superior = [typ] - req = self.class_definition(target_namespace, cdict, - ignore) + req = self.class_definition(target_namespace, cdict, ignore) if not child: req = [req] - - if not hasattr(self, 'scoped'): + + if not hasattr(self, "scoped"): cdict[self.name] = self cdict[self.name].done = True if child: cdict[self.name].local = True self.type = (None, self.name) - + return req - - def _external_class(self, mod, typ, cdict, child, target_namespace, - ignore): + + def _external_class(self, mod, typ, cdict, child, target_namespace, ignore): # Will raise exception if class can't be found cname = self.root.modul[mod].factory(typ).__class__.__name__ - imp_name = "%s.%s" % (mod, cname) - + imp_name = f"{mod}.{cname}" + if imp_name not in cdict: - # create import object so I can get the properties from it + # create import object so I can get the properties from it # later impo = pyelement_factory(imp_name, None, None) - impo.properties = [_import_attrs(self.root.modul[mod], typ, - self.root),[]] + impo.properties = [_import_attrs(self.root.modul[mod], typ, self.root), []] impo.class_name = imp_name cdict[imp_name] = impo impo.done = True @@ -521,11 +511,10 @@ def _external_class(self, mod, typ, cdict, child, target_namespace, impo.local = True # and now for this object self.superior = [imp_name] - text = self.class_definition(target_namespace, cdict, - ignore=ignore) - + text = self.class_definition(target_namespace, cdict, ignore=ignore) + return text - + def text(self, target_namespace, cdict, child=True, ignore=None): if ignore is None: ignore = [] @@ -538,20 +527,17 @@ def text(self, target_namespace, cdict, child=True, ignore=None): try: (mod, typ) = self.type if not mod: - req = self._local_class(typ, cdict, child, - target_namespace, ignore) + req = self._local_class(typ, cdict, child, target_namespace, ignore) else: - text = self._external_class(mod, typ, cdict, child, - target_namespace, ignore) - except ValueError: # Simple type element + text = self._external_class(mod, typ, cdict, child, target_namespace, ignore) + except ValueError: # Simple type element if self.type: - text = self.class_definition(target_namespace, cdict, - ignore=ignore) + text = self.class_definition(target_namespace, cdict, ignore=ignore) if child: self.local = True self.done = True - - except TypeError: # could be a ref then or a PyObj instance + + except TypeError: # could be a ref then or a PyObj instance if isinstance(self.type, PyObj): pyobj = self.type pyobj.name = self.name @@ -562,47 +548,46 @@ def text(self, target_namespace, cdict, child=True, ignore=None): elif isinstance(self.ref, tuple): (mod, typ) = self.ref if mod: - #self.superior = ["%s.%s" % (mod, typ)] + # self.superior = ["%s.%s" % (mod, typ)] if verify_import(self.root.modul[mod], typ): return req, text else: - raise Exception( - "Import attempted on %s from %s module failed - wasn't there" % ( - typ,mod)) + raise Exception(f"Import attempted on {typ} from {mod} module failed - wasn't there") elif not child: self.superior = [typ] - text = self.class_definition(target_namespace, cdict, - ignore=ignore) + text = self.class_definition(target_namespace, cdict, ignore=ignore) else: if not cdict[class_pyify(self.ref)].done: raise MissingPrerequisite(self.ref) - + self.done = True return req, text - + + def _do(obj, target_namespace, cdict, prep): try: (req, text) = obj.text(target_namespace, cdict) except MissingPrerequisite: return [], None - + if text is None: if req: - #prep = prepend(req, prep) + # prep = prepend(req, prep) prep.append(req) return prep, None else: obj.done = True if req: - if isinstance(req, six.string_types): + if isinstance(req, str): prep.append(req) else: prep.extend(req) if text: - #prep = prepend(text, prep) + # prep = prepend(text, prep) prep.append(text) return prep + def reqursive_superior(supc, cdict): properties = supc.properties[0] for sup in supc.superior: @@ -612,12 +597,12 @@ def reqursive_superior(supc, cdict): else: properties.extend(reqursive_superior(rsup, cdict)) return properties - + + class PyType(PyObj): - def __init__(self, name=None, pyname=None, root=None, superior=None, - internal=True, namespace=None): + def __init__(self, name=None, pyname=None, root=None, superior=None, internal=True, namespace=None): PyObj.__init__(self, name, pyname, root) - self.class_name = leading_uppercase(self.name + '_') + self.class_name = leading_uppercase(self.name + "_") self.properties = ([], []) if superior: self.superior = [superior] @@ -627,10 +612,8 @@ def __init__(self, name=None, pyname=None, root=None, superior=None, self.internal = internal self.namespace = namespace - def text(self, target_namespace, cdict, _child=True, ignore=None, - _session=None): - if not self.properties and not self.type \ - and not self.superior: + def text(self, target_namespace, cdict, _child=True, ignore=None, _session=None): + if not self.properties and not self.type and not self.superior: self.done = True return [], self.class_definition(target_namespace, cdict) @@ -642,32 +625,30 @@ def text(self, target_namespace, cdict, _child=True, ignore=None, try: supc = cdict[sup] except KeyError: - (mod, typ) = sup.split('.') + (mod, typ) = sup.split(".") supc = pyobj_factory(sup, None, None) if mod: - supc.properties = [_import_attrs(self.root.modul[mod], - typ, self.root),[]] + supc.properties = [_import_attrs(self.root.modul[mod], typ, self.root), []] cdict[sup] = supc supc.done = True - + if not supc.done: res = _do(supc, target_namespace, cdict, req) if isinstance(res, tuple): return res - + if not self.properties[1]: inherited_properties = reqursive_superior(supc, cdict) - + if inherited_properties: - self.properties = (self.properties[0], - rm_duplicates(inherited_properties)) - + self.properties = (self.properties[0], rm_duplicates(inherited_properties)) + (own, inh) = self.properties own = rm_duplicates(expand_groups(own, cdict)) self.properties = (own, inh) for prop in own: - if not prop.name: # Ignore - continue + if not prop.name: # Ignore + continue if not prop.done: if prop.name in ignore: continue @@ -690,9 +671,9 @@ def text(self, target_namespace, cdict, _child=True, ignore=None, res = (req, None) if isinstance(res, tuple): return res - + return req, self.class_definition(target_namespace, cdict, ignore) - + def undefined(self, cdict): undef = ([], []) @@ -703,17 +684,17 @@ def undefined(self, cdict): (own, _) = self.properties for prop in own: - if not prop.name: # Ignore - continue + if not prop.name: # Ignore + continue if isinstance(prop, PyAttribute): continue if not prop.done: undef[1].append(prop) return undef + class PyAttribute(PyObj): - def __init__(self, name=None, pyname=None, root=None, external=False, - namespace="", required=False, typ=""): + def __init__(self, name=None, pyname=None, root=None, external=False, namespace="", required=False, typ=""): PyObj.__init__(self, name, pyname, root) self.required = required @@ -728,54 +709,55 @@ def text(self, _target_namespace, cdict, _child=True): if isinstance(self.type, PyObj): if not cdict[self.type.name].done: raise MissingPrerequisite(self.type.name) - - return [], [] # Means this elements definition is empty - + + return [], [] # Means this elements definition is empty + def spec(self): if isinstance(self.type, PyObj): - return "('%s', %s, %s)" % (self.pyname, self.type.class_name, - self.required) + return f"('{self.pyname}', {self.type.class_name}, {self.required})" else: if self.type: - return "('%s', '%s', %s)" % (self.pyname, self.type, - self.required) + return f"('{self.pyname}', '{self.type}', {self.required})" else: - return "('%s', '%s', %s)" % (self.pyname, self.base, - self.required) - + return f"('{self.pyname}', '{self.base}', {self.required})" + + class PyAny(PyObj): def __init__(self, name=None, pyname=None, _external=False, _namespace=""): PyObj.__init__(self, name, pyname) self.done = True -class PyAttributeGroup(object): + +class PyAttributeGroup: def __init__(self, name, root): self.name = name self.root = root self.properties = [] -class PyGroup(object): + +class PyGroup: def __init__(self, name, root): self.name = name self.root = root self.properties = [] self.done = False self.ref = [] - + def text(self, _target_namespace, _dict, _child, _ignore): return [], [] - + def undefined(self, _cdict): undef = ([], []) (own, _) = self.properties for prop in own: - if not prop.name: # Ignore - continue + if not prop.name: # Ignore + continue if not prop.done: undef[1].append(prop) return undef - + + # ----------------------------------------------------------------------------- def verify_import(modul, tag): try: @@ -783,14 +765,17 @@ def verify_import(modul, tag): return True except Exception: return False - + + def external_namespace(modul): return modul.NAMESPACE + def _import_attrs(modul, tag, top): obj = modul.factory(tag) - properties = [PyAttribute(key, val[0], top, True, obj.c_namespace, val[2], - val[1]) for key,val in obj.c_attributes.items()] + properties = [ + PyAttribute(key, val[0], top, True, obj.c_namespace, val[2], val[1]) for key, val in obj.c_attributes.items() + ] for child in obj.c_child_order: for key, val in obj.c_children.items(): (pyn, mul) = val @@ -799,31 +784,34 @@ def _import_attrs(modul, tag, top): mul = mul[0] maximum = "unbounded" if pyn == child: - cpy = PyElement(name=mul.c_tag, pyname=pyn, root=top) - # internal=False, ns=obj.c_namespace) + cpy = PyElement(name=mul.c_tag, pyname=pyn, root=top) + # internal=False, ns=obj.c_namespace) cpy.max = maximum properties.append(cpy) return properties + # ------------------------------------------------------------------------ + def _spec(elem): try: name = elem.name except AttributeError: name = "anonymous" - txt = "%s" % name + txt = f"{name}" try: - txt += " ref: %s" % elem.ref + txt += f" ref: {elem.ref}" except AttributeError: try: - txt += " type: %s" % elem.type + txt += f" type: {elem.type}" except AttributeError: pass return txt - + + # def _klass(elem, _namespace, sup, top): # if elem.name in top.py_elements: # return None @@ -833,12 +821,13 @@ def _spec(elem): # if sup != "SamlBase": # kl.superior.append(sup) # return kl - + + def _do_from_string(name): print - print("def %s_from_string(xml_string):" % pyify(name)) - print("%sreturn saml2.create_class_from_xml_string(%s, xml_string)" % ( - INDENT, name)) + print(f"def {pyify(name)}_from_string(xml_string):") + print(f"{INDENT}return saml2.create_class_from_xml_string({name}, xml_string)") + def _namespace_and_tag(obj, param, top): try: @@ -851,10 +840,12 @@ def _namespace_and_tag(obj, param, top): # tag = obj.name return namespace, tag - + + # ----------------------------------------------------------------------------- -class Simple(object): + +class Simple: def __init__(self, elem): self.default = None self.fixed = None @@ -865,7 +856,7 @@ def __init__(self, elem): self.ref = None self.scoped = False self.itemType = None - + for attribute, value in iter(elem.attrib.items()): self.__setattr__(attribute, value) @@ -879,25 +870,25 @@ def collect(self, top, sup, argv=None, parent=""): def repr(self, _top=None, _sup=None, _argv=None, _child=True, _parent=""): return None - + def elements(self, _top): return [] - + class Any(Simple): - def repr(self, _top=None, _sup=None, _argv=None, _child=True, _parent=""): return PyAny() - -class AnyAttribute(Simple): + +class AnyAttribute(Simple): def repr(self, _top=None, _sup=None, _argv=None, _child=True, _parent=""): return PyAny() + class Attribute(Simple): def repr(self, top=None, sup=None, _argv=None, _child=True, _parent=""): # default, fixed, use, type - + if DEBUG: print("#ATTR", self.__dict__) @@ -910,26 +901,26 @@ def repr(self, top=None, sup=None, _argv=None, _child=True, _parent=""): if namespace in self.xmlns_map: if self.xmlns_map[namespace] == top.target_namespace: name = tag - else : + else: external = True - name = "{%s}%s" % (self.xmlns_map[namespace], tag) + name = f"{{{self.xmlns_map[namespace]}}}{tag}" else: if namespace == "xml": - name = "{%s}%s" % (XML_NAMESPACE, tag) + name = f"{{{XML_NAMESPACE}}}{tag}" except AttributeError: name = self.name pyname = pyify(name) ref = False - except ValueError: # self.ref exists but does not split into two parts + except ValueError: # self.ref exists but does not split into two parts ref = True if "" == top.target_namespace: name = self.ref pyname = pyify(name) - else: # referering to what - raise Exception("Strange reference: %s" % self.ref) - + else: # referering to what + raise Exception(f"Strange reference: {self.ref}") + objekt = PyAttribute(name, pyname, external=external, root=top) - + # Initial declaration if not ref: try: @@ -945,10 +936,10 @@ def repr(self, top=None, sup=None, _argv=None, _child=True, _parent=""): objekt.type = self.type except ValueError: if self.xmlns_map[""] == top.target_namespace: - ctyp = get_type_def(self.type.replace("-","_"), top.parts) + ctyp = get_type_def(self.type.replace("-", "_"), top.parts) if not ctyp.py_class: ctyp.repr(top, sup) - objekt.type = ctyp.py_class + objekt.type = ctyp.py_class else: objekt.type = self.type except AttributeError: @@ -958,66 +949,80 @@ def repr(self, top=None, sup=None, _argv=None, _child=True, _parent=""): objekt.required = True except AttributeError: pass - + # in init try: objekt.default = self.default except AttributeError: pass - + # attr def try: objekt.fixed = self.fixed except AttributeError: pass - + if DEBUG: - print("#--ATTR py_attr:%s" % (objekt,)) - + print(f"#--ATTR py_attr:{objekt}") + return objekt - + + class Enumeration(Simple): pass - + + class Union(Simple): pass - + + class Import(Simple): pass - + + class Documentation(Simple): pass - + + class MaxLength(Simple): pass + class Length(Simple): pass - + + class MinInclusive(Simple): pass - + + class MaxInclusive(Simple): pass + class MinExclusive(Simple): pass + class MaxExclusive(Simple): pass - + + class List(Simple): pass + class Include(Simple): pass # ----------------------------------------------------------------------------- + def sequence(elem): return [evaluate(child.tag, child) for child in elem] + def name_or_ref(elem, top): try: (namespace, name) = _namespace_and_tag(elem, elem.ref, top) @@ -1028,7 +1033,8 @@ def name_or_ref(elem, top): except AttributeError: return elem.name -class Complex(object): + +class Complex: def __init__(self, elem): self.value_of = "" self.parts = [] @@ -1046,7 +1052,7 @@ def __init__(self, elem): self.base = None self.scoped = False self.abstract = False - + for attribute, value in iter(elem.attrib.items()): self.__setattr__(attribute, value) @@ -1057,9 +1063,9 @@ def __init__(self, elem): pass self.do_child(elem) - + try: - self.name = self.name.replace("-","_") + self.name = self.name.replace("-", "_") except AttributeError: pass @@ -1072,19 +1078,19 @@ def _extend(self, top, sup, argv=None, parent="", base=""): own[0].base = base self._own.extend(own) self._inherited.extend(inh) - + def collect(self, top, sup, argv=None, parent=""): if self._own or self._inherited: return self._own, self._inherited - + if DEBUG: print(self.__dict__) - print("#-- %d parts" % len(self.parts)) - + print(f"#-- {len(self.parts)} parts") + self._extend(top, sup, argv, parent) - + return self._own, self._inherited - + def do_child(self, elem): for child in elem: self.parts.append(evaluate(child.tag, child)) @@ -1116,9 +1122,10 @@ def significant_parts(self): continue else: res.append(p) - + return res - + + def min_max(cls, objekt, argv): try: objekt.max = argv["maxOccurs"] @@ -1133,11 +1140,11 @@ def min_max(cls, objekt, argv): objekt.min = cls.minOccurs except (KeyError, TypeError): objekt.min = cls.minOccurs - - + + class Element(Complex): def __str__(self): - return "%s" % (self.__dict__,) + return f"{self.__dict__}" def klass(self, top): xns = None @@ -1163,9 +1170,9 @@ def klass(self, top): return namespace, name, ctyp, xns, ref def collect(self, top, sup, argv=None, parent=""): - """ means this element is part of a larger object, hence a property of - that object """ - + """means this element is part of a larger object, hence a property of + that object""" + try: argv_copy = sd_copy(argv) return [self.repr(top, sup, argv_copy, parent=parent)], [] @@ -1173,37 +1180,36 @@ def collect(self, top, sup, argv=None, parent=""): print("#!!!!", exc) return [], [] - def elements(self, top): + def elements(self, top): (_namespace, name, ctyp, xns, _) = self.klass(top) if ctyp: return ctyp.elements(top) elif xns: - return ["%s.%s" % (xns, name)] + return [f"{xns}.{name}"] else: return [] def repr(self, top=None, sup=None, argv=None, child=True, parent=""): - # + # if self.py_class: return self.py_class - + try: myname = self.name except AttributeError: myname = "" if DEBUG: - print("#Element.repr '%s' (child=%s) [%s]" % - (myname, child, self._generated)) + print(f"#Element.repr '{myname}' (child={child}) [{self._generated}]") self.py_class = objekt = PyElement(myname, root=top) min_max(self, objekt, argv) - + try: (namespace, superkl) = _namespace_and_tag(self, self.ref, top) # internal or external reference @@ -1211,9 +1217,9 @@ def repr(self, top=None, sup=None, argv=None, child=True, parent=""): objekt.name = superkl objekt.pyname = pyify(superkl) if self.xmlns_map[namespace] == top.target_namespace: - objekt.ref = superkl + objekt.ref = superkl else: - objekt.ref = (namespace, superkl) + objekt.ref = (namespace, superkl) except AttributeError as exc: if DEBUG: print("#===>", exc) @@ -1238,34 +1244,28 @@ def repr(self, top=None, sup=None, argv=None, child=True, parent=""): # neither type nor reference, definitely local if hasattr(self, "parts"): if len(self.parts) == 1: - if isinstance(self.parts[0], ComplexType) or \ - isinstance(self.parts[0], SimpleType): + if isinstance(self.parts[0], ComplexType) or isinstance(self.parts[0], SimpleType): self.parts[0].name = self.name - objekt.type = self.parts[0].repr(top, sup, - parent=self.name) + objekt.type = self.parts[0].repr(top, sup, parent=self.name) objekt.scoped = True - elif len(self.parts) == 2:# One child might be Annotation + elif len(self.parts) == 2: # One child might be Annotation if isinstance(self.parts[0], Annotation): self.parts[1].name = self.name - objekt.type = self.parts[1].repr(top, sup, - parent=self.name) + objekt.type = self.parts[1].repr(top, sup, parent=self.name) objekt.scoped = True elif isinstance(self.parts[1], Annotation): self.parts[0].name = self.name - objekt.type = self.parts[0].repr(top, sup, - parent=self.name) + objekt.type = self.parts[0].repr(top, sup, parent=self.name) objekt.scoped = True else: if DEBUG: print("$", self) - raise + raise if parent: - objekt.class_name = "%s_%s" % ( - leading_uppercase(parent), - objekt.name) + objekt.class_name = f"{leading_uppercase(parent)}_{objekt.name}" objekt.scoped = True - + return objekt @@ -1273,7 +1273,7 @@ class SimpleType(Complex): def repr(self, top=None, _sup=None, _argv=None, _child=True, parent=""): if self.py_class: return self.py_class - + obj = PyType(self.name, root=top) try: if len(self.parts) == 1: @@ -1282,35 +1282,32 @@ def repr(self, top=None, _sup=None, _argv=None, _child=True, parent=""): if part.parts: if isinstance(part.parts[0], Enumeration): lista = [p.value for p in part.parts] - obj.value_type = {"base":part.base, - "enumeration":lista} + obj.value_type = {"base": part.base, "enumeration": lista} elif isinstance(part.parts[0], MaxLength): - obj.value_type = {"base":part.base, - "maxlen":part.parts[0].value} + obj.value_type = {"base": part.base, "maxlen": part.parts[0].value} elif isinstance(part.parts[0], Length): - obj.value_type = {"base":part.base, - "len":part.parts[0].value} + obj.value_type = {"base": part.base, "len": part.parts[0].value} else: - obj.value_type = {"base":part.base} + obj.value_type = {"base": part.base} elif isinstance(part, List): if part.itemType: - obj.value_type = {"base":"list", "member":part.itemType} + obj.value_type = {"base": "list", "member": part.itemType} except ValueError: pass - + self.py_class = obj return obj - + class Sequence(Complex): def collect(self, top, sup, argv=None, parent=""): argv_copy = sd_copy(argv) for key, val in self.__dict__.items(): - if key not in ['xmlns_map'] and not key.startswith("_"): + if key not in ["xmlns_map"] and not key.startswith("_"): argv_copy[key] = val - + if DEBUG: - print("#Sequence: %s" % argv) + print(f"#Sequence: {argv}") return Complex.collect(self, top, sup, argv_copy, parent) @@ -1334,26 +1331,26 @@ class Extension(Complex): def collect(self, top, sup, argv=None, parent=""): if self._own or self._inherited: return self._own, self._inherited - + if DEBUG: print("#!!!", self.__dict__) try: base = self.base (namespace, tag) = _namespace_and_tag(self, base, top) - + if self.xmlns_map[namespace] == top.target_namespace: cti = get_type_def(tag, top.parts) if not cti.py_class: cti.repr(top, sup) - #print("#EXT..",ct._collection) + # print("#EXT..",ct._collection) self._inherited = cti.py_class.properties[0][:] self._inherited.extend(cti.py_class.properties[1]) - elif self.xmlns_map[namespace] == XMLSCHEMA: + elif self.xmlns_map[namespace] == XMLSCHEMA: base = tag else: iattr = _import_attrs(top.modul[namespace], tag, top) - #print("#EXT..-", ia) + # print("#EXT..-", ia) self._inherited = iattr except (AttributeError, ValueError): base = None @@ -1362,43 +1359,44 @@ def collect(self, top, sup, argv=None, parent=""): return self._own, self._inherited + class Choice(Complex): def collect(self, top, sup, argv=None, parent=""): argv_copy = sd_copy(argv) for key, val in self.__dict__.items(): - if key not in ['xmlns_map'] and not key.startswith("_"): + if key not in ["xmlns_map"] and not key.startswith("_"): argv_copy[key] = val # A choice means each element may not be part of the choice argv_copy["minOccurs"] = 0 - + if DEBUG: - print("#Choice: %s" % argv) + print(f"#Choice: {argv}") return Complex.collect(self, top, sup, argv_copy, parent=parent) + class Restriction(Complex): pass # if isinstance(self.parts[0], Enumeration): # values = [enum.value for enum in self.parts] + class ComplexType(Complex): def repr(self, top=None, sup=None, _argv=None, _child=True, parent=""): if self.py_class: return self.py_class - + # looking for a pattern here significant_parts = self.significant_parts() value_type = "" if len(significant_parts) == 1: - if isinstance(significant_parts[0], ComplexContent) or \ - isinstance(significant_parts[0], SimpleContent): + if isinstance(significant_parts[0], ComplexContent) or isinstance(significant_parts[0], SimpleContent): cci = significant_parts[0] if len(cci.parts) == 1: if isinstance(cci.parts[0], Extension): ext = cci.parts[0] - (namespace, name) = _namespace_and_tag(ext, ext.base, - top) + (namespace, name) = _namespace_and_tag(ext, ext.base, top) if ext.xmlns_map[namespace] == top.target_namespace: new_sup = name @@ -1409,70 +1407,70 @@ def repr(self, top=None, sup=None, _argv=None, _child=True, parent=""): new_sup = None value_type = name else: - new_sup = "%s.%s" % (namespace, name) - - #print("#Superior: %s" % new_sup) + new_sup = f"{namespace}.{name}" + + # print("#Superior: %s" % new_sup) if new_sup: sup = new_sup else: - #print("#>>", self.parts[0].__class__) + # print("#>>", self.parts[0].__class__) pass - + try: - self.py_class = PyType(self.name, superior=sup, - namespace=top.target_namespace, root=top) - except AttributeError: # No name - self.py_class = PyType("", superior=sup, - namespace=top.target_namespace, root=top) + self.py_class = PyType(self.name, superior=sup, namespace=top.target_namespace, root=top) + except AttributeError: # No name + self.py_class = PyType("", superior=sup, namespace=top.target_namespace, root=top) try: self.py_class.abstract = self.abstract except AttributeError: pass - + if value_type: self.py_class.value_type = {"base": value_type} - + try: if not parent: try: parent = self.name except AttributeError: parent = "" - + self.py_class.properties = self.collect(top, sup, parent=parent) except ValueError: pass - - return self.py_class - + + return self.py_class + + class Annotation(Complex): pass + class All(Complex): pass + class Group(Complex): def collect(self, top, sup, argv=None, parent=""): - """ means this element is part of a larger object, hence a property of - that object """ - + """means this element is part of a larger object, hence a property of + that object""" + try: - #objekt = PyGroup("", root=top) + # objekt = PyGroup("", root=top) (namespace, tag) = _namespace_and_tag(self, self.ref, top) - + try: if self.xmlns_map[namespace] == top.target_namespace: cti = get_type_def(tag, top.parts) try: return cti.py_class.properties except ValueError: - return cti.collect(top, sup) + return cti.collect(top, sup) else: - raise Exception( - "Reference to group in other XSD file, not supported") + raise Exception("Reference to group in other XSD file, not supported") except KeyError: - raise Exception("Missing namespace definition") + raise Exception("Missing namespace definition") except AttributeError as exc: print("#!!!!", exc) return [], [] @@ -1484,24 +1482,28 @@ def repr(self, top=None, sup=None, argv=None, _child=True, parent=""): self.py_class = objekt = PyGroup(self.name, root=top) min_max(self, objekt, argv) - + try: self._extend(top, sup, argv) objekt.properties = (self._own, self._inherited) except ValueError: pass - + return objekt + class Unique(Complex): pass + class Selector(Complex): pass + class Field(Complex): pass + class AttributeGroup(Complex): def collect(self, top, sup, argv=None, parent=""): try: @@ -1512,9 +1514,9 @@ def collect(self, top, sup, argv=None, parent=""): except AttributeError: if self._own or self._inherited: return self._own, self._inherited - + argv_copy = sd_copy(argv) - + for prop in self.parts: if isinstance(prop, Attribute): self._own.append(prop.repr(top, sup, argv_copy, parent)) @@ -1524,29 +1526,28 @@ def collect(self, top, sup, argv=None, parent=""): def repr(self, top=None, sup=None, _argv=None, _child=True, parent=""): if self.py_class: return self.py_class - + self.py_class = PyAttributeGroup(self.name, root=top) try: self.py_class.properties = self.collect(top, sup) except ValueError: pass - - return self.py_class + + return self.py_class + def pyify_0(name): res = "" - match = re.match( - r"^(([A-Z])[a-z]+)(([A-Z])[a-z]+)?(([A-Z])[a-z]+)?(([A-Z])[a-z]+)?", - name) + match = re.match(r"^(([A-Z])[a-z]+)(([A-Z])[a-z]+)?(([A-Z])[a-z]+)?(([A-Z])[a-z]+)?", name) res += match.group(1).lower() for num in range(3, len(match.groups()), 2): try: - res += "_"+match.group(num+1).lower()+match.group(num)[1:] + res += "_" + match.group(num + 1).lower() + match.group(num)[1:] except AttributeError: break - - res = res.replace("-","_") + + res = res.replace("-", "_") if res in ["class"]: res += "_" return res @@ -1555,7 +1556,7 @@ def pyify_0(name): def pyify(name): # AssertionIDRef res = [] - + upc = [] pre = "" for char in name: @@ -1566,14 +1567,14 @@ def pyify(name): else: if upc: if len(upc) == 1: - res.append(pre+upc[0].lower()) + res.append(pre + upc[0].lower()) else: if pre: res.append(pre) for uch in upc[:-1]: res.append(uch.lower()) - res.append("_"+upc[-1].lower()) - + res.append("_" + upc[-1].lower()) + upc = [] res.append(char) pre = "_" @@ -1581,12 +1582,12 @@ def pyify(name): if len(upc) == len(name): return name.lower() else: - res.append("_"+("".join(upc).lower())) - + res.append("_" + ("".join(upc).lower())) + return "".join(res) -def get_type_def( typ, defs): +def get_type_def(typ, defs): for cdef in defs: try: if cdef.name == typ: @@ -1594,28 +1595,28 @@ def get_type_def( typ, defs): except AttributeError: pass return None - + def sort_elements(els): res = [] - + diff = False for key, val in els.items(): if not val: res.append(key) del els[key] diff = True - + res.sort() while diff: diff = False for key, val in els.items(): - pres = [v for v in val if v not in res and ':' not in v] + pres = [v for v in val if v not in res and ":" not in v] els[key] = pres if pres != val: diff = True - #print(els) + # print(els) partres = [] for key, val in els.items(): if not val: @@ -1624,7 +1625,7 @@ def sort_elements(els): diff = True partres.sort() res.extend(partres) - + return res, els @@ -1633,18 +1634,18 @@ def output(elem, target_namespace, eldict, ignore=None): if ignore is None: ignore = [] - + try: (preps, text) = elem.text(target_namespace, eldict, False, ignore) except TypeError: return done except MissingPrerequisite: return done - + for prep in preps: if prep: done = 1 - if isinstance(prep, six.string_types): + if isinstance(prep, str): print(prep) else: for item in prep: @@ -1657,23 +1658,26 @@ def output(elem, target_namespace, eldict, ignore=None): elem.done = True print(text) print() - + return done - + def intro(): - print("""#!/usr/bin/env python + print( + f"""#!/usr/bin/env python # -# Generated %s by parse_xsd.py version %s. +# Generated {time.ctime()} by parse_xsd.py version {__version__}. # import saml2 from saml2 import SamlBase -""" % (time.ctime(), __version__)) +""" + ) + + +# NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#' -#NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#' - def block_items(objekt, block, eldict): if objekt not in block: @@ -1682,14 +1686,13 @@ def block_items(objekt, block, eldict): block.append(objekt.type) block.append(objekt) if isinstance(objekt, PyType): - others = [p for p in eldict.values() if isinstance(p, - PyElement) and p.type[1] == objekt.name] + others = [p for p in eldict.values() if isinstance(p, PyElement) and p.type[1] == objekt.name] for item in others: if item not in block: block.append(item) return block - + def find_parent(elm, eldict): if isinstance(elm, PyElement): if elm.type: @@ -1706,12 +1709,11 @@ def find_parent(elm, eldict): if sup.done: return elm return find_parent(sup, eldict) - + return elm - -class Schema(Complex): +class Schema(Complex): def __init__(self, elem, impo, add, modul, defs): Complex.__init__(self, elem) self.impo = impo @@ -1739,14 +1741,12 @@ def _mk_list(self, objekt, alla, eldict): else: lista = False - spec = objekt.child_spec(self.target_namespace, - prop, mod, cname, - lista) - lines = ["%s.%s" % (objekt.class_name, spec)] + spec = objekt.child_spec(self.target_namespace, prop, mod, cname, lista) + lines = [f"{objekt.class_name}.{spec}"] tup.append((prop, lines, spec)) - + return tup - + def adjust(self, eldict, block): udict = {} for elem in self.elems: @@ -1793,8 +1793,7 @@ def adjust(self, eldict, block): for sup in sups: if sup.name == ref: for tup in tups: - tup[1].append("%s.%s" % (objekt.class_name, - tup[2])) + tup[1].append(f"{objekt.class_name}.{tup[2]}") break else: pass @@ -1813,7 +1812,7 @@ def adjust(self, eldict, block): alla.append(elem) tup = self._mk_list(parent, alla, eldict) res = (parent, tup) - + if res[0]: break else: @@ -1832,7 +1831,7 @@ def _do(self, eldict): undone += 1 not_done += output(elem, self.target_namespace, eldict) return undone - + def _element_from_string(self): print("ELEMENT_FROM_STRING = {") for elem in self.elems: @@ -1840,11 +1839,10 @@ def _element_from_string(self): continue if elem.abstract: continue - print("%s%s.c_tag: %s_from_string," % (INDENT, elem.class_name, - pyify(elem.class_name))) + print(f"{INDENT}{elem.class_name}.c_tag: {pyify(elem.class_name)}_from_string,") print("}") print() - + def _element_by_tag(self): print("ELEMENT_BY_TAG = {") listed = [] @@ -1854,52 +1852,52 @@ def _element_by_tag(self): if elem.abstract: continue lcen = elem.name - print("%s'%s': %s," % (INDENT, lcen, elem.class_name)) + print(f"{INDENT}'{lcen}': {elem.class_name},") listed.append(lcen) for elem in self.elems: if isinstance(elem, PyAttribute) or isinstance(elem, PyGroup): continue lcen = elem.name if elem.abstract and lcen not in listed: - print("%s'%s': %s," % (INDENT, lcen, elem.class_name)) + print(f"{INDENT}'{lcen}': {elem.class_name},") listed.append(lcen) print("}") print - + def out(self): for part in self.parts: if isinstance(part, Import): continue if part is None: continue - + elem = part.repr(self, "", {}, False) if elem: if isinstance(elem, PyAttributeGroup): self.attrgrp.append(elem) else: self.elems.append(elem) - + eldict = {} for elem in self.elems: eldict[elem.name] = elem - #print(eldict.keys()) - + # print(eldict.keys()) + intro() for modul in self.add: - print("from %s import *" % modul) + print(f"from {modul} import *") for _namespace, (mod, namn) in self.impo.items(): if namn: - print("import %s as %s" % (mod, namn)) - print( ) - print("NAMESPACE = '%s'" % self.target_namespace) + print(f"import {mod} as {namn}") + print() + print(f"NAMESPACE = '{self.target_namespace}'") print for defs in self.defs: print(defs) print - + exceptions = [] block = [] while self._do(eldict): @@ -1917,40 +1915,36 @@ def out(self): block = block_items(objekt, block, eldict) if exceptions: - print("#", 70*'+') + print("#", 70 * "+") for line in exceptions: print(line) - print("#", 70*'+') + print("#", 70 * "+") print - + for attrgrp in self.attrgrp: - print("AG_%s = [" % attrgrp.name) + print(f"AG_{attrgrp.name} = [") for prop in attrgrp.properties[0]: if isinstance(prop.type, PyObj): - print("%s('%s', %s_, %s)," % (INDENT, prop.name, - prop.type.name, - prop.required)) + print(f"{INDENT}('{prop.name}', {prop.type.name}_, {prop.required}),") else: - print("%s('%s', '%s', %s)," % (INDENT, prop.name, - prop.type, prop.required)) + print(f"{INDENT}('{prop.name}', '{prop.type}', {prop.required}),") print("]") print() - - self._element_from_string() + + self._element_from_string() self._element_by_tag() print print("def factory(tag, **kwargs):") print(" return ELEMENT_BY_TAG[tag](**kwargs)") print - - + + # ----------------------------------------------------------------------------- -NAMESPACE_BASE = ["http://www.w3.org/2001/XMLSchema", - "http://www.w3.org/2000/10/XMLSchema"] +NAMESPACE_BASE = ["http://www.w3.org/2001/XMLSchema", "http://www.w3.org/2000/10/XMLSchema"] -_MAP = { +_MAP = { "element": Element, "complexType": ComplexType, "sequence": Sequence, @@ -1964,8 +1958,8 @@ def out(self): "enumeration": Enumeration, "import": Import, "annotation": Annotation, - "attributeGroup":AttributeGroup, - "attribute":Attribute, + "attributeGroup": AttributeGroup, + "attribute": Attribute, "choice": Choice, "complexContent": ComplexContent, "documentation": Documentation, @@ -1978,25 +1972,26 @@ def out(self): "field": Field, "key": Key, "include": Include, - "redefine": Redefine - } - + "redefine": Redefine, +} + ELEMENTFUNCTION = {} for nsp in NAMESPACE_BASE: for nskey, func in _MAP.items(): - ELEMENTFUNCTION["{%s}%s" % (nsp, nskey)] = func + ELEMENTFUNCTION[f"{{{nsp}}}{nskey}"] = func + - def evaluate(typ, elem): try: return ELEMENTFUNCTION[typ](elem) except KeyError: print("Unknown type", typ) - - + + NS_MAP = "xmlns_map" + def parse_nsmap(fil): events = "start", "start-ns", "end-ns" @@ -2015,40 +2010,15 @@ def parse_nsmap(fil): return ElementTree.ElementTree(root) + def usage(): print("Usage: parse_xsd [-i ] xsd.file > module.py") - -def recursive_find_module(name, path=None): - parts = name.split(".") - - mod_a = None - for part in parts: - #print("$$", part, path) - try: - (fil, pathname, desc) = imp.find_module(part, path) - except ImportError: - raise - mod_a = imp.load_module(name, fil, pathname, desc) - sys.modules[name] = mod_a - path = mod_a.__path__ - - return mod_a def get_mod(name, path=None): - try: - mod_a = sys.modules[name] - if not isinstance(mod_a, types.ModuleType): - raise KeyError - except KeyError: - try: - (fil, pathname, desc) = imp.find_module(name, path) - mod_a = imp.load_module(name, fil, pathname, desc) - except ImportError: - if "." in name: - mod_a = recursive_find_module(name, path) - else: - raise + mod_a = sys.modules.get(name) + if not mod_a or not isinstance(mod_a, types.ModuleType): + mod_a = importlib.import_module(name, path) sys.modules[name] = mod_a return mod_a @@ -2059,6 +2029,7 @@ def recursive_add_xmlns_map(_sch, base): if isinstance(_part, Complex): recursive_add_xmlns_map(_part, base) + def find_and_replace(base, mods): base.xmlns_map = mods.xmlns_map recursive_add_xmlns_map(base, mods) @@ -2079,14 +2050,15 @@ def find_and_replace(base, mods): base.parts.extend(mods.parts) return base + def read_schema(doc, add, defs, impo, modul, ignore, sdir): for path in sdir: - fil = "%s%s" % (path, doc) + fil = f"{path}{doc}" try: fp = open(fil) fp.close() break - except IOError as e: + except OSError as e: if e.errno == errno.EACCES: continue else: @@ -2109,24 +2081,22 @@ def read_schema(doc, add, defs, impo, modul, ignore, sdir): elif namespace in ignore: continue else: - raise Exception("Undefined namespace: %s" % namespace) + raise Exception(f"Undefined namespace: {namespace}") - _schema = Schema(tree._root, impo, add, modul, defs) + _schema = Schema(tree._root, impo, add, modul, defs) _included_parts = [] _remove_parts = [] _replace = [] for part in _schema.parts: if isinstance(part, Include): - _sch = read_schema(part.schemaLocation, add, defs, impo, modul, - ignore, sdir) + _sch = read_schema(part.schemaLocation, add, defs, impo, modul, ignore, sdir) # Add namespace information recursive_add_xmlns_map(_sch, _schema) _included_parts.extend(_sch.parts) _remove_parts.append(part) elif isinstance(part, Redefine): # This is the schema that is going to be redefined - _redef = read_schema(part.schemaLocation, add, defs, impo, modul, - ignore, sdir) + _redef = read_schema(part.schemaLocation, add, defs, impo, modul, ignore, sdir) # so find and replace # Use the schema to be redefined as starting point _replacement = find_and_replace(_redef, part) @@ -2141,13 +2111,14 @@ def read_schema(doc, add, defs, impo, modul, ignore, sdir): _schema.parts.extend(med) return _schema -def main(argv): + +def main(): + argv = sys.argv[1:] try: - opts, args = getopt.getopt(argv, "a:d:hi:I:s:", - ["add=", "help", "import=", "defs="]) + opts, args = getopt.getopt(argv, "a:d:hi:I:s:", ["add=", "help", "import=", "defs="]) except getopt.GetoptError as err: # print help information and exit: - print(str(err)) # will print something like "option -a not recognized" + print(str(err)) # will print something like "option -a not recognized" usage() sys.exit(2) @@ -2169,13 +2140,13 @@ def main(argv): elif opt in ("-s", "--schemadir"): sdir.append(arg) elif opt in ("-i", "--import"): - mod = get_mod(arg, ['.']) + mod = get_mod(arg, ["."]) modul[mod.NAMESPACE] = mod impo[mod.NAMESPACE] = [arg, None] elif opt in ("-I", "--ignore"): ignore.append(arg) else: - assert False, "unhandled option" + raise Exception(f"unhandled option {opt}") if not args: print("No XSD-file specified") @@ -2183,8 +2154,9 @@ def main(argv): sys.exit(2) schema = read_schema(args[0], add, defs, impo, modul, ignore, sdir) - #print(schema.__dict__) + # print(schema.__dict__) schema.out() -if __name__ == "__main__": - main(sys.argv[1:]) + +if __name__ == "__main__": + main() diff --git a/tools/sync_attrmaps.py b/src/saml2/tools/sync_attrmaps.py old mode 100755 new mode 100644 similarity index 73% rename from tools/sync_attrmaps.py rename to src/saml2/tools/sync_attrmaps.py index 4f0d3b673..1a3743de0 --- a/tools/sync_attrmaps.py +++ b/src/saml2/tools/sync_attrmaps.py @@ -1,10 +1,11 @@ #!/usr/bin/env python from importlib import import_module -import sys import os +import sys + -__author__ = 'roland' +__author__ = "roland" def load(head, tail): @@ -36,7 +37,7 @@ def intcmp(s1, s2): return 0 -class AMap(object): +class AMap: def __init__(self, head, tail, indent=4 * " "): self.mod = load(head, tail) self.variable = {} @@ -58,15 +59,14 @@ def sync(self): try: assert self.mod.MAP["to"][val] == key except KeyError: # missing value - print("# Added %s=%s" % (self.mod.MAP["to"][val], key)) + print(f"# Added {self.mod.MAP['to'][val]}={key}") self.mod.MAP["to"][val] = key except AssertionError: - raise Exception("Mismatch key:%s '%s' != '%s'" % ( - key, val, self.mod.MAP["to"][val])) + raise Exception(f"Mismatch key:{key} '{val}' != '{self.mod.MAP['to'][val]}'") for val in self.mod.MAP["to"].values(): if val not in self.mod.MAP["fro"]: - print("# Missing URN '%s'" % val) + print(f"# Missing URN '{val}'") def do_fro(self): txt = ["%s'fro': {" % self.indent] @@ -74,12 +74,11 @@ def do_fro(self): _fro = self.mod.MAP["fro"] for var in self.vars: _v = self.variable[var] - li = [k[len(_v):] for k in _fro.keys() if k.startswith(_v)] + li = [k[len(_v) :] for k in _fro.keys() if k.startswith(_v)] li.sort(intcmp) for item in li: - txt.append("%s%s+'%s': '%s'," % (i2, var, item, - _fro[_v + item])) - txt.append('%s},' % self.indent) + txt.append(f"{i2}{var}+'{item}': '{_fro[_v + item]}',") + txt.append("%s}," % self.indent) return txt def do_to(self): @@ -88,29 +87,27 @@ def do_to(self): _to = self.mod.MAP["to"] _keys = _to.keys() _keys.sort() - invmap = dict([(v, k) for k, v in self.variable.items()]) + invmap = {v: k for k, v in self.variable.items()} for key in _keys: val = _to[key] for _urn, _name in invmap.items(): if val.startswith(_urn): - txt.append("%s'%s': %s+'%s'," % (i2, key, _name, - val[len(_urn):])) + txt.append(f"{i2}'{key}': {_name}+'{val[len(_urn) :]}',") - txt.append('%s}' % self.indent) + txt.append("%s}" % self.indent) return txt def __str__(self): self.sync() text = [] for key in self.vars: - text.append("%s = '%s'" % (key, self.variable[key])) + text.append(f"{key} = '{self.variable[key]}'") text.extend(["", ""]) text.append("MAP = {") - text.append("%s'identifier': '%s'," % (self.indent, - self.mod.MAP["identifier"])) + text.append(f"{self.indent}'identifier': '{self.mod.MAP['identifier']}',") text.extend(self.do_fro()) text.extend(self.do_to()) @@ -125,7 +122,7 @@ def __str__(self): directory, fname = os.path.split(_name) amap = AMap(directory, fname, 4 * " ") f = open(_name, "w") - f.write("%s" % amap) + f.write(f"{amap}") f.close() elif os.path.isdir(_name): for fname in os.listdir(_name): @@ -136,5 +133,5 @@ def __str__(self): print(10 * "=" + fname + 10 * "=") amap = AMap(_name, fname, 4 * " ") f = open(fname, "w") - f.write("%s" % amap) + f.write(f"{amap}") f.close() diff --git a/tools/update_metadata.sh b/src/saml2/tools/update_metadata.sh similarity index 100% rename from tools/update_metadata.sh rename to src/saml2/tools/update_metadata.sh diff --git a/src/saml2/tools/verify_metadata.py b/src/saml2/tools/verify_metadata.py new file mode 100644 index 000000000..7e3ef9701 --- /dev/null +++ b/src/saml2/tools/verify_metadata.py @@ -0,0 +1,59 @@ +#!/usr/bin/env python + +import argparse + +from saml2.attribute_converter import ac_factory +from saml2.httpbase import HTTPBase +from saml2.mdstore import MetaDataExtern +from saml2.mdstore import MetaDataFile +from saml2.sigver import SecurityContext +from saml2.sigver import _get_xmlsec_cryptobackend + + +__author__ = "rolandh" + +""" +A script that imports and verifies metadata. +""" + + +def main(): + parser = argparse.ArgumentParser() + parser.add_argument("-t", dest="type") + parser.add_argument("-u", dest="url") + parser.add_argument("-c", dest="cert") + parser.add_argument("-a", dest="attrsmap") + parser.add_argument("-o", dest="output") + parser.add_argument("-x", dest="xmlsec") + parser.add_argument("-i", dest="ignore_valid", action="store_true") + parser.add_argument(dest="item") + args = parser.parse_args() + + metad = None + + if args.ignore_valid: + kwargs = {"check_validity": False} + else: + kwargs = {} + + if args.type == "local": + if args.cert and args.xmlsec: + crypto = _get_xmlsec_cryptobackend(args.xmlsec) + sc = SecurityContext(crypto) + metad = MetaDataFile(args.item, args.item, cert=args.cert, security=sc, **kwargs) + else: + metad = MetaDataFile(args.item, args.item, **kwargs) + elif args.type == "external": + ATTRCONV = ac_factory(args.attrsmap) + httpc = HTTPBase() + crypto = _get_xmlsec_cryptobackend(args.xmlsec) + sc = SecurityContext(crypto) + metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc, **kwargs) + + if metad: + metad.load() + print("OK") + + +if __name__ == "__main__": + main() diff --git a/src/saml2/userinfo/__init__.py b/src/saml2/userinfo/__init__.py index 4521e04bb..1415d300d 100644 --- a/src/saml2/userinfo/__init__.py +++ b/src/saml2/userinfo/__init__.py @@ -3,8 +3,8 @@ import copy -class UserInfo(object): - """ Read only interface to a user info store """ +class UserInfo: + """Read only interface to a user info store""" def __init__(self): pass @@ -14,7 +14,7 @@ def __call__(self, **kwargs): class UserInfoDB(UserInfo): - """ Read only interface to a user info store """ + """Read only interface to a user info store""" def __init__(self, db=None): self.db = db @@ -52,4 +52,3 @@ def __call__(self, userid, user_info_claims=None, **kwargs): return self.filter(self.db[userid], user_info_claims) except KeyError: return {} - diff --git a/src/saml2/userinfo/ldapinfo.py b/src/saml2/userinfo/ldapinfo.py index 17b0905a8..085c9102f 100644 --- a/src/saml2/userinfo/ldapinfo.py +++ b/src/saml2/userinfo/ldapinfo.py @@ -1,11 +1,13 @@ import ldap from ldap import SCOPE_SUBTREE + from saml2.userinfo import UserInfo class UserInfoLDAP(UserInfo): - def __init__(self, uri, base, filter_pattern, scope=SCOPE_SUBTREE, - tls=False, user="", passwd="", attr=None, attrsonly=False): + def __init__( + self, uri, base, filter_pattern, scope=SCOPE_SUBTREE, tls=False, user="", passwd="", attr=None, attrsonly=False + ): UserInfo.__init__(self) self.ldapuri = uri self.base = base @@ -18,8 +20,9 @@ def __init__(self, uri, base, filter_pattern, scope=SCOPE_SUBTREE, self.ld.protocol_version = ldap.VERSION3 self.ld.simple_bind_s(user, passwd) - def __call__(self, userid, base="", filter_pattern="", scope=SCOPE_SUBTREE, - tls=False, attr=None, attrsonly=False, **kwargs): + def __call__( + self, userid, base="", filter_pattern="", scope=SCOPE_SUBTREE, tls=False, attr=None, attrsonly=False, **kwargs + ): if filter_pattern: _filter = filter_pattern % userid @@ -34,4 +37,4 @@ def __call__(self, userid, base="", filter_pattern="", scope=SCOPE_SUBTREE, res = self.ld.search_s(*arg) # should only be one entry and the information per entry is # the tuple (dn, ava) - return res[0][1] \ No newline at end of file + return res[0][1] diff --git a/src/saml2/validate.py b/src/saml2/validate.py index 334b3d149..51a41b992 100644 --- a/src/saml2/validate.py +++ b/src/saml2/validate.py @@ -1,17 +1,18 @@ -import calendar -from six.moves.urllib.parse import urlparse -import re -import struct import base64 -import time +import calendar from ipaddress import AddressValueError from ipaddress import IPv4Address from ipaddress import IPv6Address +import re +import struct +import time +from urllib.parse import urlparse from saml2 import time_util -XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' -XSI_NIL = '{%s}nil' % XSI_NAMESPACE + +XSI_NAMESPACE = "http://www.w3.org/2001/XMLSchema-instance" +XSI_NIL = "{%s}nil" % XSI_NAMESPACE # --------------------------------------------------------- @@ -38,6 +39,7 @@ class ResponseLifetimeExceed(Exception): class ToEarly(Exception): pass + # --------------------- validators ------------------------------------- # @@ -46,7 +48,7 @@ class ToEarly(Exception): def valid_ncname(name): match = NCNAME.match(name) - #if not match: # hack for invalid authnRequest/ID from meteor saml lib + # if not match: # hack for invalid authnRequest/ID from meteor saml lib # raise NotValid("NCName") return True @@ -94,10 +96,11 @@ def validate_on_or_after(not_on_or_after, slack): now = time_util.utc_now() nooa = calendar.timegm(time_util.str_to_time(not_on_or_after)) if now > nooa + slack: - now_str=time.strftime('%Y-%m-%dT%H:%M:%SZ', time.gmtime(now)) + now_str = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime(now)) raise ResponseLifetimeExceed( - "Can't use response, too old (now=%s + slack=%d > " \ - "not_on_or_after=%s" % (now_str, slack, not_on_or_after)) + "Can't use response, too old (now=%s + slack=%d > " + "not_on_or_after=%s" % (now_str, slack, not_on_or_after) + ) return nooa else: return False @@ -108,9 +111,8 @@ def validate_before(not_before, slack): now = time_util.utc_now() nbefore = calendar.timegm(time_util.str_to_time(not_before)) if nbefore > now + slack: - now_str = time.strftime('%Y-%m-%dT%H:%M:%SZ', time.gmtime(now)) - raise ToEarly("Can't use response yet: (now=%s + slack=%d) " - "<= notbefore=%s" % (now_str, slack, not_before)) + now_str = time.strftime("%Y-%m-%dT%H:%M:%SZ", time.gmtime(now)) + raise ToEarly(f"Can't use response yet: (now={now_str} + slack={int(slack)}) <= notbefore={not_before}") return True @@ -158,7 +160,7 @@ def valid_duration(val): def valid_string(val): - """ Expects unicode + """Expects unicode Char ::= #x9 | #xA | #xD | [#x20-#xD7FF] | [#xE000-#xFFFD] | [#x10000-#x10FFFF] """ @@ -231,9 +233,9 @@ def valid_base64(val): def valid_qname(val): - """ A qname is either - NCName or - NCName ':' NCName + """A qname is either + NCName or + NCName ':' NCName """ try: @@ -244,7 +246,7 @@ def valid_qname(val): def valid_anytype(val): - """ Goes through all known type validators + """Goes through all known type validators :param val: The value to validate :return: True is value is valid otherwise an exception is raised @@ -263,6 +265,7 @@ def valid_anytype(val): raise NotValid("AnyType") + # ----------------------------------------------------------------------------- VALIDATOR = { @@ -328,12 +331,10 @@ def _valid_instance(instance, val): try: val.verify() except NotValid as exc: - raise NotValid("Class '%s' instance: %s" % ( - instance.__class__.__name__, exc.args[0])) + raise NotValid(f"Class '{instance.__class__.__name__}' instance: {exc.args[0]}") except OutsideCardinality as exc: - raise NotValid( - "Class '%s' instance cardinality error: %s" % ( - instance.__class__.__name__, exc.args[0])) + raise NotValid(f"Class '{instance.__class__.__name__}' instance cardinality error: {exc.args[0]}") + ERROR_TEXT = "Wrong type of value '%s' on attribute '%s' expected it to be %s" @@ -349,17 +350,15 @@ def valid_instance(instance): if instclass.c_value_type and instance.text: try: - validate_value_type(instance.text.strip(), - instclass.c_value_type) + validate_value_type(instance.text.strip(), instclass.c_value_type) except NotValid as exc: - raise NotValid("Class '%s' instance: %s" % (class_name, - exc.args[0])) + raise NotValid(f"Class '{class_name}' instance: {exc.args[0]}") for (name, typ, required) in instclass.c_attributes.values(): - value = getattr(instance, name, '') + value = getattr(instance, name, "") if required and not value: - txt = "Required value on property '%s' missing" % name - raise MustValueError("Class '%s' instance: %s" % (class_name, txt)) + txt = f"Required value on property '{name}' missing" + raise MustValueError(f"Class '{class_name}' instance: {txt}") if value: try: @@ -374,10 +373,10 @@ def valid_instance(instance): valid(typ, value) except (NotValid, ValueError) as exc: txt = ERROR_TEXT % (value, name, exc.args[0]) - raise NotValid("Class '%s' instance: %s" % (class_name, txt)) + raise NotValid(f"Class '{class_name}' instance: {txt}") for (name, _spec) in instclass.c_children.values(): - value = getattr(instance, name, '') + value = getattr(instance, name, "") try: _card = instclass.c_cardinality[name] @@ -393,7 +392,7 @@ def valid_instance(instance): _cmin = _cmax = _card = None if value: - #_has_val = True + # _has_val = True if isinstance(value, list): _list = True vlen = len(value) @@ -403,15 +402,9 @@ def valid_instance(instance): if _card: if _cmin is not None and _cmin > vlen: - raise NotValid( - "Class '%s' instance cardinality error: %s" % ( - class_name, "less then min (%s<%s)" % (vlen, - _cmin))) + raise NotValid(f"Class '{class_name}' instance cardinality error: less then min ({vlen}<{_cmin})") if _cmax is not None and vlen > _cmax: - raise NotValid( - "Class '%s' instance cardinality error: %s" % ( - class_name, "more then max (%s>%s)" % (vlen, - _cmax))) + raise NotValid(f"Class '{class_name}' instance cardinality error: more then max ({vlen}>{_cmax})") if _list: for val in value: @@ -421,16 +414,12 @@ def valid_instance(instance): _valid_instance(instance, value) else: if _cmin: - raise NotValid( - "Class '%s' instance cardinality error: %s" % ( - class_name, "too few values on %s" % name)) + raise NotValid(f"Class '{class_name}' instance cardinality error: too few values on {name}") return True def valid_domain_name(dns_name): - m = re.match( - r"^[a-z0-9]+([-.]{ 1 }[a-z0-9]+).[a-z]{2,5}(:[0-9]{1,5})?(\/.)?$", - dns_name, re.I) + m = re.match(r"^[a-z0-9]+([-.]{ 1 }[a-z0-9]+).[a-z]{2,5}(:[0-9]{1,5})?(\/.)?$", dns_name, re.I) if not m: raise ValueError("Not a proper domain name") diff --git a/src/saml2/version.py b/src/saml2/version.py index 9b87aa116..8ef1c21e5 100644 --- a/src/saml2/version.py +++ b/src/saml2/version.py @@ -1,11 +1,9 @@ -import pkg_resources as _pkg_resources +from importlib.metadata import version as _resolve_package_version def _parse_version(): - data = _pkg_resources.get_distribution('pysaml2') - value = _pkg_resources.parse_version(data.version) + value = _resolve_package_version("pysaml2") return value -version_info = _parse_version() -version = str(version_info) +version = _parse_version() diff --git a/src/saml2/virtual_org.py b/src/saml2/virtual_org.py index 3f66442c6..d5d8dcbac 100644 --- a/src/saml2/virtual_org.py +++ b/src/saml2/virtual_org.py @@ -1,11 +1,13 @@ import logging + from saml2.attribute_resolver import AttributeResolver from saml2.saml import NAMEID_FORMAT_PERSISTENT + logger = logging.getLogger(__name__) -class VirtualOrg(object): +class VirtualOrg: def __init__(self, sp, vorg, cnf): self.sp = sp # The parent SP client instance self._name = vorg @@ -40,8 +42,7 @@ def members_to_ask(self, name_id): vo_members.append(member) # Remove the ones I have cached data from about this subject - vo_members = [m for m in vo_members if not self.sp.users.cache.active( - name_id, m)] + vo_members = [m for m in vo_members if not self.sp.users.cache.active(name_id, m)] logger.info("VO members (not cached): %s", vo_members) return vo_members @@ -59,8 +60,7 @@ def get_common_identifier(self, name_id): def do_aggregation(self, name_id): - logger.info("** Do VO aggregation **\nSubjectID: %s, VO:%s", - name_id, self._name) + logger.info("** Do VO aggregation **\nSubjectID: %s, VO:%s", name_id, self._name) to_ask = self.members_to_ask(name_id) if to_ask: @@ -68,8 +68,7 @@ def do_aggregation(self, name_id): resolver = AttributeResolver(self.sp) # extends returns a list of session_infos - for session_info in resolver.extend( - com_identifier, self.sp.config.entityid, to_ask): + for session_info in resolver.extend(com_identifier, self.sp.config.entityid, to_ask): _ = self._cache_session(session_info) logger.info(">Issuers: %s", self.sp.users.issuers_of_info(name_id)) diff --git a/src/saml2/ws/__init__.py b/src/saml2/ws/__init__.py index 16f3a7968..c09b22136 100644 --- a/src/saml2/ws/__init__.py +++ b/src/saml2/ws/__init__.py @@ -1 +1 @@ -__author__ = 'roland' +__author__ = "roland" diff --git a/src/saml2/ws/wsaddr.py b/src/saml2/ws/wsaddr.py index fe41e57aa..2ded19b35 100644 --- a/src/saml2/ws/wsaddr.py +++ b/src/saml2/ws/wsaddr.py @@ -8,457 +8,511 @@ from saml2 import SamlBase -NAMESPACE = 'http://www.w3.org/2005/08/addressing' +NAMESPACE = "http://www.w3.org/2005/08/addressing" + class ReferenceParametersType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:ReferenceParametersType element """ + """The http://www.w3.org/2005/08/addressing:ReferenceParametersType element""" - c_tag = 'ReferenceParametersType' + c_tag = "ReferenceParametersType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def reference_parameters_type__from_string(xml_string): return saml2.create_class_from_xml_string(ReferenceParametersType_, xml_string) class MetadataType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:MetadataType element """ + """The http://www.w3.org/2005/08/addressing:MetadataType element""" - c_tag = 'MetadataType' + c_tag = "MetadataType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def metadata_type__from_string(xml_string): return saml2.create_class_from_xml_string(MetadataType_, xml_string) class RelationshipTypeOpenEnum_(SamlBase): - """The http://www.w3.org/2005/08/addressing:RelationshipTypeOpenEnum element """ + """The http://www.w3.org/2005/08/addressing:RelationshipTypeOpenEnum element""" - c_tag = 'RelationshipTypeOpenEnum' + c_tag = "RelationshipTypeOpenEnum" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def relationship_type_open_enum__from_string(xml_string): return saml2.create_class_from_xml_string(RelationshipTypeOpenEnum_, xml_string) + class RelationshipType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:RelationshipType element """ + """The http://www.w3.org/2005/08/addressing:RelationshipType element""" - c_tag = 'RelationshipType' + c_tag = "RelationshipType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:anyURI', 'enumeration': ['http://www.w3.org/2005/08/addressing/reply']} + c_value_type = {"base": "xs:anyURI", "enumeration": ["http://www.w3.org/2005/08/addressing/reply"]} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def relationship_type__from_string(xml_string): return saml2.create_class_from_xml_string(RelationshipType_, xml_string) class AttributedURIType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:AttributedURIType element """ + """The http://www.w3.org/2005/08/addressing:AttributedURIType element""" - c_tag = 'AttributedURIType' + c_tag = "AttributedURIType" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def attributed_uri_type__from_string(xml_string): return saml2.create_class_from_xml_string(AttributedURIType_, xml_string) class FaultCodesOpenEnumType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:FaultCodesOpenEnumType element """ + """The http://www.w3.org/2005/08/addressing:FaultCodesOpenEnumType element""" - c_tag = 'FaultCodesOpenEnumType' + c_tag = "FaultCodesOpenEnumType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def fault_codes_open_enum_type__from_string(xml_string): return saml2.create_class_from_xml_string(FaultCodesOpenEnumType_, xml_string) class FaultCodesType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:FaultCodesType element """ + """The http://www.w3.org/2005/08/addressing:FaultCodesType element""" - c_tag = 'FaultCodesType' + c_tag = "FaultCodesType" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:QName', 'enumeration': ['tns:InvalidAddressingHeader', 'tns:InvalidAddress', 'tns:InvalidEPR', 'tns:InvalidCardinality', 'tns:MissingAddressInEPR', 'tns:DuplicateMessageID', 'tns:ActionMismatch', 'tns:MessageAddressingHeaderRequired', 'tns:DestinationUnreachable', 'tns:ActionNotSupported', 'tns:EndpointUnavailable']} + c_value_type = { + "base": "xs:QName", + "enumeration": [ + "tns:InvalidAddressingHeader", + "tns:InvalidAddress", + "tns:InvalidEPR", + "tns:InvalidCardinality", + "tns:MissingAddressInEPR", + "tns:DuplicateMessageID", + "tns:ActionMismatch", + "tns:MessageAddressingHeaderRequired", + "tns:DestinationUnreachable", + "tns:ActionNotSupported", + "tns:EndpointUnavailable", + ], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def fault_codes_type__from_string(xml_string): return saml2.create_class_from_xml_string(FaultCodesType_, xml_string) class AttributedUnsignedLongType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:AttributedUnsignedLongType element """ + """The http://www.w3.org/2005/08/addressing:AttributedUnsignedLongType element""" - c_tag = 'AttributedUnsignedLongType' + c_tag = "AttributedUnsignedLongType" c_namespace = NAMESPACE - c_value_type = {'base': 'unsignedLong'} + c_value_type = {"base": "unsignedLong"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def attributed_unsigned_long_type__from_string(xml_string): return saml2.create_class_from_xml_string(AttributedUnsignedLongType_, xml_string) class AttributedQNameType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:AttributedQNameType element """ + """The http://www.w3.org/2005/08/addressing:AttributedQNameType element""" - c_tag = 'AttributedQNameType' + c_tag = "AttributedQNameType" c_namespace = NAMESPACE - c_value_type = {'base': 'QName'} + c_value_type = {"base": "QName"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def attributed_q_name_type__from_string(xml_string): return saml2.create_class_from_xml_string(AttributedQNameType_, xml_string) class ProblemIRI(AttributedURIType_): - """The http://www.w3.org/2005/08/addressing:ProblemIRI element """ + """The http://www.w3.org/2005/08/addressing:ProblemIRI element""" - c_tag = 'ProblemIRI' + c_tag = "ProblemIRI" c_namespace = NAMESPACE c_children = AttributedURIType_.c_children.copy() c_attributes = AttributedURIType_.c_attributes.copy() c_child_order = AttributedURIType_.c_child_order[:] c_cardinality = AttributedURIType_.c_cardinality.copy() + def problem_iri_from_string(xml_string): return saml2.create_class_from_xml_string(ProblemIRI, xml_string) class EndpointReferenceType_Address(AttributedURIType_): - c_tag = 'Address' + c_tag = "Address" c_namespace = NAMESPACE c_children = AttributedURIType_.c_children.copy() c_attributes = AttributedURIType_.c_attributes.copy() c_child_order = AttributedURIType_.c_child_order[:] c_cardinality = AttributedURIType_.c_cardinality.copy() + def endpoint_reference_type__address_from_string(xml_string): return saml2.create_class_from_xml_string(EndpointReferenceType_Address, xml_string) class ReferenceParameters(ReferenceParametersType_): - """The http://www.w3.org/2005/08/addressing:ReferenceParameters element """ + """The http://www.w3.org/2005/08/addressing:ReferenceParameters element""" - c_tag = 'ReferenceParameters' + c_tag = "ReferenceParameters" c_namespace = NAMESPACE c_children = ReferenceParametersType_.c_children.copy() c_attributes = ReferenceParametersType_.c_attributes.copy() c_child_order = ReferenceParametersType_.c_child_order[:] c_cardinality = ReferenceParametersType_.c_cardinality.copy() + def reference_parameters_from_string(xml_string): return saml2.create_class_from_xml_string(ReferenceParameters, xml_string) class Metadata(MetadataType_): - """The http://www.w3.org/2005/08/addressing:Metadata element """ + """The http://www.w3.org/2005/08/addressing:Metadata element""" - c_tag = 'Metadata' + c_tag = "Metadata" c_namespace = NAMESPACE c_children = MetadataType_.c_children.copy() c_attributes = MetadataType_.c_attributes.copy() c_child_order = MetadataType_.c_child_order[:] c_cardinality = MetadataType_.c_cardinality.copy() + def metadata_from_string(xml_string): return saml2.create_class_from_xml_string(Metadata, xml_string) class MessageID(AttributedURIType_): - """The http://www.w3.org/2005/08/addressing:MessageID element """ + """The http://www.w3.org/2005/08/addressing:MessageID element""" - c_tag = 'MessageID' + c_tag = "MessageID" c_namespace = NAMESPACE c_children = AttributedURIType_.c_children.copy() c_attributes = AttributedURIType_.c_attributes.copy() c_child_order = AttributedURIType_.c_child_order[:] c_cardinality = AttributedURIType_.c_cardinality.copy() + def message_id_from_string(xml_string): return saml2.create_class_from_xml_string(MessageID, xml_string) class RelatesToType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:RelatesToType element """ + """The http://www.w3.org/2005/08/addressing:RelatesToType element""" - c_tag = 'RelatesToType' + c_tag = "RelatesToType" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['RelationshipType'] = ('relationship_type', RelationshipTypeOpenEnum_, False) - - def __init__(self, - relationship_type='http://www.w3.org/2005/08/addressing/reply', - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.relationship_type=relationship_type + c_attributes["RelationshipType"] = ("relationship_type", RelationshipTypeOpenEnum_, False) + + def __init__( + self, + relationship_type="http://www.w3.org/2005/08/addressing/reply", + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.relationship_type = relationship_type + def relates_to_type__from_string(xml_string): return saml2.create_class_from_xml_string(RelatesToType_, xml_string) class To(AttributedURIType_): - """The http://www.w3.org/2005/08/addressing:To element """ + """The http://www.w3.org/2005/08/addressing:To element""" - c_tag = 'To' + c_tag = "To" c_namespace = NAMESPACE c_children = AttributedURIType_.c_children.copy() c_attributes = AttributedURIType_.c_attributes.copy() c_child_order = AttributedURIType_.c_child_order[:] c_cardinality = AttributedURIType_.c_cardinality.copy() + def to_from_string(xml_string): return saml2.create_class_from_xml_string(To, xml_string) class Action(AttributedURIType_): - """The http://www.w3.org/2005/08/addressing:Action element """ + """The http://www.w3.org/2005/08/addressing:Action element""" - c_tag = 'Action' + c_tag = "Action" c_namespace = NAMESPACE c_children = AttributedURIType_.c_children.copy() c_attributes = AttributedURIType_.c_attributes.copy() c_child_order = AttributedURIType_.c_child_order[:] c_cardinality = AttributedURIType_.c_cardinality.copy() + def action_from_string(xml_string): return saml2.create_class_from_xml_string(Action, xml_string) class RetryAfter(AttributedUnsignedLongType_): - """The http://www.w3.org/2005/08/addressing:RetryAfter element """ + """The http://www.w3.org/2005/08/addressing:RetryAfter element""" - c_tag = 'RetryAfter' + c_tag = "RetryAfter" c_namespace = NAMESPACE c_children = AttributedUnsignedLongType_.c_children.copy() c_attributes = AttributedUnsignedLongType_.c_attributes.copy() c_child_order = AttributedUnsignedLongType_.c_child_order[:] c_cardinality = AttributedUnsignedLongType_.c_cardinality.copy() + def retry_after_from_string(xml_string): return saml2.create_class_from_xml_string(RetryAfter, xml_string) class ProblemHeaderQName(AttributedQNameType_): - """The http://www.w3.org/2005/08/addressing:ProblemHeaderQName element """ + """The http://www.w3.org/2005/08/addressing:ProblemHeaderQName element""" - c_tag = 'ProblemHeaderQName' + c_tag = "ProblemHeaderQName" c_namespace = NAMESPACE c_children = AttributedQNameType_.c_children.copy() c_attributes = AttributedQNameType_.c_attributes.copy() c_child_order = AttributedQNameType_.c_child_order[:] c_cardinality = AttributedQNameType_.c_cardinality.copy() + def problem_header_q_name_from_string(xml_string): return saml2.create_class_from_xml_string(ProblemHeaderQName, xml_string) class ProblemActionType_SoapAction(SamlBase): - c_tag = 'SoapAction' + c_tag = "SoapAction" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def problem_action_type__soap_action_from_string(xml_string): return saml2.create_class_from_xml_string(ProblemActionType_SoapAction, xml_string) class ProblemActionType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:ProblemActionType element """ + """The http://www.w3.org/2005/08/addressing:ProblemActionType element""" - c_tag = 'ProblemActionType' + c_tag = "ProblemActionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2005/08/addressing}Action'] = ('action', Action) - c_cardinality['action'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2005/08/addressing}SoapAction'] = ('soap_action', ProblemActionType_SoapAction) - c_cardinality['soap_action'] = {"min":0, "max":1} - c_child_order.extend(['action', 'soap_action']) - - def __init__(self, - action=None, - soap_action=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.action=action - self.soap_action=soap_action + c_children["{http://www.w3.org/2005/08/addressing}Action"] = ("action", Action) + c_cardinality["action"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2005/08/addressing}SoapAction"] = ("soap_action", ProblemActionType_SoapAction) + c_cardinality["soap_action"] = {"min": 0, "max": 1} + c_child_order.extend(["action", "soap_action"]) + + def __init__( + self, + action=None, + soap_action=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.action = action + self.soap_action = soap_action + def problem_action_type__from_string(xml_string): return saml2.create_class_from_xml_string(ProblemActionType_, xml_string) class EndpointReferenceType_(SamlBase): - """The http://www.w3.org/2005/08/addressing:EndpointReferenceType element """ + """The http://www.w3.org/2005/08/addressing:EndpointReferenceType element""" - c_tag = 'EndpointReferenceType' + c_tag = "EndpointReferenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2005/08/addressing}Address'] = ('address', EndpointReferenceType_Address) - c_children['{http://www.w3.org/2005/08/addressing}ReferenceParameters'] = ('reference_parameters', ReferenceParameters) - c_cardinality['reference_parameters'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2005/08/addressing}Metadata'] = ('metadata', Metadata) - c_cardinality['metadata'] = {"min":0, "max":1} - c_child_order.extend(['address', 'reference_parameters', 'metadata']) - - def __init__(self, - address=None, - reference_parameters=None, - metadata=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.address=address - self.reference_parameters=reference_parameters - self.metadata=metadata + c_children["{http://www.w3.org/2005/08/addressing}Address"] = ("address", EndpointReferenceType_Address) + c_children["{http://www.w3.org/2005/08/addressing}ReferenceParameters"] = ( + "reference_parameters", + ReferenceParameters, + ) + c_cardinality["reference_parameters"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2005/08/addressing}Metadata"] = ("metadata", Metadata) + c_cardinality["metadata"] = {"min": 0, "max": 1} + c_child_order.extend(["address", "reference_parameters", "metadata"]) + + def __init__( + self, + address=None, + reference_parameters=None, + metadata=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.address = address + self.reference_parameters = reference_parameters + self.metadata = metadata + def endpoint_reference_type__from_string(xml_string): return saml2.create_class_from_xml_string(EndpointReferenceType_, xml_string) class RelatesTo(RelatesToType_): - """The http://www.w3.org/2005/08/addressing:RelatesTo element """ + """The http://www.w3.org/2005/08/addressing:RelatesTo element""" - c_tag = 'RelatesTo' + c_tag = "RelatesTo" c_namespace = NAMESPACE c_children = RelatesToType_.c_children.copy() c_attributes = RelatesToType_.c_attributes.copy() c_child_order = RelatesToType_.c_child_order[:] c_cardinality = RelatesToType_.c_cardinality.copy() + def relates_to_from_string(xml_string): return saml2.create_class_from_xml_string(RelatesTo, xml_string) class ReplyTo(EndpointReferenceType_): - """The http://www.w3.org/2005/08/addressing:ReplyTo element """ + """The http://www.w3.org/2005/08/addressing:ReplyTo element""" - c_tag = 'ReplyTo' + c_tag = "ReplyTo" c_namespace = NAMESPACE c_children = EndpointReferenceType_.c_children.copy() c_attributes = EndpointReferenceType_.c_attributes.copy() c_child_order = EndpointReferenceType_.c_child_order[:] c_cardinality = EndpointReferenceType_.c_cardinality.copy() + def reply_to_from_string(xml_string): return saml2.create_class_from_xml_string(ReplyTo, xml_string) class From(EndpointReferenceType_): - """The http://www.w3.org/2005/08/addressing:From element """ + """The http://www.w3.org/2005/08/addressing:From element""" - c_tag = 'From' + c_tag = "From" c_namespace = NAMESPACE c_children = EndpointReferenceType_.c_children.copy() c_attributes = EndpointReferenceType_.c_attributes.copy() c_child_order = EndpointReferenceType_.c_child_order[:] c_cardinality = EndpointReferenceType_.c_cardinality.copy() + def from_from_string(xml_string): return saml2.create_class_from_xml_string(From, xml_string) class FaultTo(EndpointReferenceType_): - """The http://www.w3.org/2005/08/addressing:FaultTo element """ + """The http://www.w3.org/2005/08/addressing:FaultTo element""" - c_tag = 'FaultTo' + c_tag = "FaultTo" c_namespace = NAMESPACE c_children = EndpointReferenceType_.c_children.copy() c_attributes = EndpointReferenceType_.c_attributes.copy() c_child_order = EndpointReferenceType_.c_child_order[:] c_cardinality = EndpointReferenceType_.c_cardinality.copy() + def fault_to_from_string(xml_string): return saml2.create_class_from_xml_string(FaultTo, xml_string) class ProblemAction(ProblemActionType_): - """The http://www.w3.org/2005/08/addressing:ProblemAction element """ + """The http://www.w3.org/2005/08/addressing:ProblemAction element""" - c_tag = 'ProblemAction' + c_tag = "ProblemAction" c_namespace = NAMESPACE c_children = ProblemActionType_.c_children.copy() c_attributes = ProblemActionType_.c_attributes.copy() c_child_order = ProblemActionType_.c_child_order[:] c_cardinality = ProblemActionType_.c_cardinality.copy() + def problem_action_from_string(xml_string): return saml2.create_class_from_xml_string(ProblemAction, xml_string) class EndpointReference(EndpointReferenceType_): - """The http://www.w3.org/2005/08/addressing:EndpointReference element """ + """The http://www.w3.org/2005/08/addressing:EndpointReference element""" - c_tag = 'EndpointReference' + c_tag = "EndpointReference" c_namespace = NAMESPACE c_children = EndpointReferenceType_.c_children.copy() c_attributes = EndpointReferenceType_.c_attributes.copy() c_child_order = EndpointReferenceType_.c_child_order[:] c_cardinality = EndpointReferenceType_.c_cardinality.copy() + def endpoint_reference_from_string(xml_string): return saml2.create_class_from_xml_string(EndpointReference, xml_string) @@ -495,37 +549,36 @@ def endpoint_reference_from_string(xml_string): } ELEMENT_BY_TAG = { - 'EndpointReference': EndpointReference, - 'EndpointReferenceType': EndpointReferenceType_, - 'ReferenceParameters': ReferenceParameters, - 'ReferenceParametersType': ReferenceParametersType_, - 'Metadata': Metadata, - 'MetadataType': MetadataType_, - 'MessageID': MessageID, - 'RelatesTo': RelatesTo, - 'RelatesToType': RelatesToType_, - 'RelationshipTypeOpenEnum': RelationshipTypeOpenEnum_, - 'RelationshipType': RelationshipType_, - 'ReplyTo': ReplyTo, - 'From': From, - 'FaultTo': FaultTo, - 'To': To, - 'Action': Action, - 'AttributedURIType': AttributedURIType_, - 'FaultCodesOpenEnumType': FaultCodesOpenEnumType_, - 'FaultCodesType': FaultCodesType_, - 'RetryAfter': RetryAfter, - 'AttributedUnsignedLongType': AttributedUnsignedLongType_, - 'ProblemHeaderQName': ProblemHeaderQName, - 'AttributedQNameType': AttributedQNameType_, - 'ProblemIRI': ProblemIRI, - 'ProblemAction': ProblemAction, - 'ProblemActionType': ProblemActionType_, - 'Address': EndpointReferenceType_Address, - 'SoapAction': ProblemActionType_SoapAction, + "EndpointReference": EndpointReference, + "EndpointReferenceType": EndpointReferenceType_, + "ReferenceParameters": ReferenceParameters, + "ReferenceParametersType": ReferenceParametersType_, + "Metadata": Metadata, + "MetadataType": MetadataType_, + "MessageID": MessageID, + "RelatesTo": RelatesTo, + "RelatesToType": RelatesToType_, + "RelationshipTypeOpenEnum": RelationshipTypeOpenEnum_, + "RelationshipType": RelationshipType_, + "ReplyTo": ReplyTo, + "From": From, + "FaultTo": FaultTo, + "To": To, + "Action": Action, + "AttributedURIType": AttributedURIType_, + "FaultCodesOpenEnumType": FaultCodesOpenEnumType_, + "FaultCodesType": FaultCodesType_, + "RetryAfter": RetryAfter, + "AttributedUnsignedLongType": AttributedUnsignedLongType_, + "ProblemHeaderQName": ProblemHeaderQName, + "AttributedQNameType": AttributedQNameType_, + "ProblemIRI": ProblemIRI, + "ProblemAction": ProblemAction, + "ProblemActionType": ProblemActionType_, + "Address": EndpointReferenceType_Address, + "SoapAction": ProblemActionType_SoapAction, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/ws/wspol.py b/src/saml2/ws/wspol.py index c7dbbe560..7f26795b1 100644 --- a/src/saml2/ws/wspol.py +++ b/src/saml2/ws/wspol.py @@ -7,213 +7,241 @@ import saml2 from saml2 import SamlBase -from saml2.ws import wssec as wsse -from saml2.ws import wsutil as wsu -NAMESPACE = 'http://schemas.xmlsoap.org/ws/2004/09/policy' +NAMESPACE = "http://schemas.xmlsoap.org/ws/2004/09/policy" + class PolicyReference(SamlBase): - """The http://schemas.xmlsoap.org/ws/2004/09/policy:PolicyReference element """ + """The http://schemas.xmlsoap.org/ws/2004/09/policy:PolicyReference element""" - c_tag = 'PolicyReference' + c_tag = "PolicyReference" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['URI'] = ('uri', 'anyURI', True) - c_attributes['Digest'] = ('digest', 'base64Binary', False) - c_attributes['DigestAlgorithm'] = ('digest_algorithm', 'anyURI', False) - - def __init__(self, - uri=None, - digest=None, - digest_algorithm='http://schemas.xmlsoap.org/ws/2004/09/policy/Sha1Exc', - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.uri=uri - self.digest=digest - self.digest_algorithm=digest_algorithm + c_attributes["URI"] = ("uri", "anyURI", True) + c_attributes["Digest"] = ("digest", "base64Binary", False) + c_attributes["DigestAlgorithm"] = ("digest_algorithm", "anyURI", False) + + def __init__( + self, + uri=None, + digest=None, + digest_algorithm="http://schemas.xmlsoap.org/ws/2004/09/policy/Sha1Exc", + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.uri = uri + self.digest = digest + self.digest_algorithm = digest_algorithm + def policy_reference_from_string(xml_string): return saml2.create_class_from_xml_string(PolicyReference, xml_string) class AppliesTo(SamlBase): - """The http://schemas.xmlsoap.org/ws/2004/09/policy:AppliesTo element """ + """The http://schemas.xmlsoap.org/ws/2004/09/policy:AppliesTo element""" - c_tag = 'AppliesTo' + c_tag = "AppliesTo" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def applies_to_from_string(xml_string): return saml2.create_class_from_xml_string(AppliesTo, xml_string) class PolicyAttachment(SamlBase): - """The http://schemas.xmlsoap.org/ws/2004/09/policy:PolicyAttachment element """ + """The http://schemas.xmlsoap.org/ws/2004/09/policy:PolicyAttachment element""" - c_tag = 'PolicyAttachment' + c_tag = "PolicyAttachment" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}AppliesTo'] = ('applies_to', AppliesTo) - c_cardinality['policy'] = {"min":0} - c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}PolicyReference'] = ('policy_reference', [PolicyReference]) - c_cardinality['policy_reference'] = {"min":0} - c_child_order.extend(['applies_to', 'policy', 'policy_reference']) - - def __init__(self, - applies_to=None, - policy=None, - policy_reference=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.applies_to=applies_to - self.policy=policy or [] - self.policy_reference=policy_reference or [] + c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}AppliesTo"] = ("applies_to", AppliesTo) + c_cardinality["policy"] = {"min": 0} + c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}PolicyReference"] = ( + "policy_reference", + [PolicyReference], + ) + c_cardinality["policy_reference"] = {"min": 0} + c_child_order.extend(["applies_to", "policy", "policy_reference"]) + + def __init__( + self, + applies_to=None, + policy=None, + policy_reference=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.applies_to = applies_to + self.policy = policy or [] + self.policy_reference = policy_reference or [] + def policy_attachment_from_string(xml_string): return saml2.create_class_from_xml_string(PolicyAttachment, xml_string) class OperatorContentType_(SamlBase): - """The http://schemas.xmlsoap.org/ws/2004/09/policy:OperatorContentType element """ + """The http://schemas.xmlsoap.org/ws/2004/09/policy:OperatorContentType element""" - c_tag = 'OperatorContentType' + c_tag = "OperatorContentType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_cardinality['policy'] = {"min":0} - c_cardinality['all'] = {"min":0} - c_cardinality['exactly_one'] = {"min":0} - c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}PolicyReference'] = ('policy_reference', [PolicyReference]) - c_cardinality['policy_reference'] = {"min":0} - c_child_order.extend(['policy', 'all', 'exactly_one', 'policy_reference']) - - def __init__(self, - policy=None, - all=None, - exactly_one=None, - policy_reference=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.policy=policy or [] - self.all=all or [] - self.exactly_one=exactly_one or [] - self.policy_reference=policy_reference or [] + c_cardinality["policy"] = {"min": 0} + c_cardinality["all"] = {"min": 0} + c_cardinality["exactly_one"] = {"min": 0} + c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}PolicyReference"] = ( + "policy_reference", + [PolicyReference], + ) + c_cardinality["policy_reference"] = {"min": 0} + c_child_order.extend(["policy", "all", "exactly_one", "policy_reference"]) + + def __init__( + self, + policy=None, + all=None, + exactly_one=None, + policy_reference=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.policy = policy or [] + self.all = all or [] + self.exactly_one = exactly_one or [] + self.policy_reference = policy_reference or [] + def operator_content_type__from_string(xml_string): return saml2.create_class_from_xml_string(OperatorContentType_, xml_string) class Policy(OperatorContentType_): - """The http://schemas.xmlsoap.org/ws/2004/09/policy:Policy element """ + """The http://schemas.xmlsoap.org/ws/2004/09/policy:Policy element""" - c_tag = 'Policy' + c_tag = "Policy" c_namespace = NAMESPACE c_children = OperatorContentType_.c_children.copy() c_attributes = OperatorContentType_.c_attributes.copy() c_child_order = OperatorContentType_.c_child_order[:] c_cardinality = OperatorContentType_.c_cardinality.copy() - c_attributes['Name'] = ('name', 'anyURI', False) - c_attributes['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id'] = ('Id', 'tns:OperatorContentType', False) - - def __init__(self, - name=None, - Id=None, - policy=None, - all=None, - exactly_one=None, - policy_reference=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - OperatorContentType_.__init__(self, - policy=policy, - all=all, - exactly_one=exactly_one, - policy_reference=policy_reference, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.name=name - self.Id=Id + c_attributes["Name"] = ("name", "anyURI", False) + c_attributes["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id"] = ( + "Id", + "tns:OperatorContentType", + False, + ) + + def __init__( + self, + name=None, + Id=None, + policy=None, + all=None, + exactly_one=None, + policy_reference=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + OperatorContentType_.__init__( + self, + policy=policy, + all=all, + exactly_one=exactly_one, + policy_reference=policy_reference, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.name = name + self.Id = Id + def policy_from_string(xml_string): return saml2.create_class_from_xml_string(Policy, xml_string) class All(OperatorContentType_): - """The http://schemas.xmlsoap.org/ws/2004/09/policy:All element """ + """The http://schemas.xmlsoap.org/ws/2004/09/policy:All element""" - c_tag = 'All' + c_tag = "All" c_namespace = NAMESPACE c_children = OperatorContentType_.c_children.copy() c_attributes = OperatorContentType_.c_attributes.copy() c_child_order = OperatorContentType_.c_child_order[:] c_cardinality = OperatorContentType_.c_cardinality.copy() + def all_from_string(xml_string): return saml2.create_class_from_xml_string(All, xml_string) class ExactlyOne(OperatorContentType_): - """The http://schemas.xmlsoap.org/ws/2004/09/policy:ExactlyOne element """ + """The http://schemas.xmlsoap.org/ws/2004/09/policy:ExactlyOne element""" - c_tag = 'ExactlyOne' + c_tag = "ExactlyOne" c_namespace = NAMESPACE c_children = OperatorContentType_.c_children.copy() c_attributes = OperatorContentType_.c_attributes.copy() c_child_order = OperatorContentType_.c_child_order[:] c_cardinality = OperatorContentType_.c_cardinality.copy() + def exactly_one_from_string(xml_string): return saml2.create_class_from_xml_string(ExactlyOne, xml_string) -PolicyAttachment.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy'] = ('policy', [Policy]) -OperatorContentType_.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy'] = ('policy', [Policy]) -Policy.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy'] = ('policy', [Policy]) -ExactlyOne.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy'] = ('policy', [Policy]) -All.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy'] = ('policy', [Policy]) -OperatorContentType_.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}All'] = ('all', [All]) -Policy.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}All'] = ('all', [All]) -ExactlyOne.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}All'] = ('all', [All]) -All.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}All'] = ('all', [All]) -OperatorContentType_.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne'] = ('exactly_one', [ExactlyOne]) -Policy.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne'] = ('exactly_one', [ExactlyOne]) -ExactlyOne.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne'] = ('exactly_one', [ExactlyOne]) -All.c_children['{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne'] = ('exactly_one', [ExactlyOne]) + +PolicyAttachment.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy"] = ("policy", [Policy]) +OperatorContentType_.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy"] = ("policy", [Policy]) +Policy.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy"] = ("policy", [Policy]) +ExactlyOne.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy"] = ("policy", [Policy]) +All.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}Policy"] = ("policy", [Policy]) +OperatorContentType_.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}All"] = ("all", [All]) +Policy.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}All"] = ("all", [All]) +ExactlyOne.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}All"] = ("all", [All]) +All.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}All"] = ("all", [All]) +OperatorContentType_.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne"] = ( + "exactly_one", + [ExactlyOne], +) +Policy.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne"] = ("exactly_one", [ExactlyOne]) +ExactlyOne.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne"] = ("exactly_one", [ExactlyOne]) +All.c_children["{http://schemas.xmlsoap.org/ws/2004/09/policy}ExactlyOne"] = ("exactly_one", [ExactlyOne]) ELEMENT_FROM_STRING = { Policy.c_tag: policy_from_string, @@ -226,16 +254,15 @@ def exactly_one_from_string(xml_string): } ELEMENT_BY_TAG = { - 'Policy': Policy, - 'All': All, - 'ExactlyOne': ExactlyOne, - 'OperatorContentType': OperatorContentType_, - 'PolicyReference': PolicyReference, - 'PolicyAttachment': PolicyAttachment, - 'AppliesTo': AppliesTo, + "Policy": Policy, + "All": All, + "ExactlyOne": ExactlyOne, + "OperatorContentType": OperatorContentType_, + "PolicyReference": PolicyReference, + "PolicyAttachment": PolicyAttachment, + "AppliesTo": AppliesTo, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/ws/wssec.py b/src/saml2/ws/wssec.py index 7a1c47289..ac27385ca 100644 --- a/src/saml2/ws/wssec.py +++ b/src/saml2/ws/wssec.py @@ -7,485 +7,565 @@ import saml2 from saml2 import SamlBase -from saml2 import xmldsig as ds -from saml2.schema import soapenv -from saml2.ws import wsutil as wsu -NAMESPACE = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' +NAMESPACE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" + class AttributedString_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:AttributedString element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:AttributedString element""" - c_tag = 'AttributedString' + c_tag = "AttributedString" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id'] = ('Id', 'string', False) - - def __init__(self, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.Id=Id + c_attributes["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id"] = ( + "Id", + "string", + False, + ) + + def __init__( + self, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.Id = Id + def attributed_string__from_string(xml_string): return saml2.create_class_from_xml_string(AttributedString_, xml_string) + class PasswordString_(AttributedString_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:PasswordString element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:PasswordString element""" - c_tag = 'PasswordString' + c_tag = "PasswordString" c_namespace = NAMESPACE c_children = AttributedString_.c_children.copy() c_attributes = AttributedString_.c_attributes.copy() c_child_order = AttributedString_.c_child_order[:] c_cardinality = AttributedString_.c_cardinality.copy() - c_attributes['Type'] = ('type', 'anyURI', False) - - def __init__(self, - type=None, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - AttributedString_.__init__(self, - Id=Id, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.type=type + c_attributes["Type"] = ("type", "anyURI", False) + + def __init__( + self, + type=None, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + AttributedString_.__init__( + self, + Id=Id, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.type = type + def password_string__from_string(xml_string): return saml2.create_class_from_xml_string(PasswordString_, xml_string) + class EncodedString_(AttributedString_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:EncodedString element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:EncodedString element""" - c_tag = 'EncodedString' + c_tag = "EncodedString" c_namespace = NAMESPACE c_children = AttributedString_.c_children.copy() c_attributes = AttributedString_.c_attributes.copy() c_child_order = AttributedString_.c_child_order[:] c_cardinality = AttributedString_.c_cardinality.copy() - c_attributes['EncodingType'] = ('encoding_type', 'anyURI', False) - - def __init__(self, - encoding_type=None, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - AttributedString_.__init__(self, - Id=Id, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.encoding_type=encoding_type + c_attributes["EncodingType"] = ("encoding_type", "anyURI", False) + + def __init__( + self, + encoding_type=None, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + AttributedString_.__init__( + self, + Id=Id, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.encoding_type = encoding_type + def encoded_string__from_string(xml_string): return saml2.create_class_from_xml_string(EncodedString_, xml_string) + class UsernameTokenType_Username(AttributedString_): - c_tag = 'Username' + c_tag = "Username" c_namespace = NAMESPACE c_children = AttributedString_.c_children.copy() c_attributes = AttributedString_.c_attributes.copy() c_child_order = AttributedString_.c_child_order[:] c_cardinality = AttributedString_.c_cardinality.copy() + def username_token_type__username_from_string(xml_string): return saml2.create_class_from_xml_string(UsernameTokenType_Username, xml_string) + class UsernameTokenType_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:UsernameTokenType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:UsernameTokenType element""" - c_tag = 'UsernameTokenType' + c_tag = "UsernameTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Username'] = ('username', UsernameTokenType_Username) - c_attributes['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id'] = ('Id', 'None', False) - c_child_order.extend(['username']) - - def __init__(self, - username=None, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.username=username - self.Id=Id + c_children["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Username"] = ( + "username", + UsernameTokenType_Username, + ) + c_attributes["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id"] = ( + "Id", + "None", + False, + ) + c_child_order.extend(["username"]) + + def __init__( + self, + username=None, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.username = username + self.Id = Id + def username_token_type__from_string(xml_string): return saml2.create_class_from_xml_string(UsernameTokenType_, xml_string) + class BinarySecurityTokenType_(EncodedString_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:BinarySecurityTokenType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:BinarySecurityTokenType element""" - c_tag = 'BinarySecurityTokenType' + c_tag = "BinarySecurityTokenType" c_namespace = NAMESPACE c_children = EncodedString_.c_children.copy() c_attributes = EncodedString_.c_attributes.copy() c_child_order = EncodedString_.c_child_order[:] c_cardinality = EncodedString_.c_cardinality.copy() - c_attributes['ValueType'] = ('value_type', 'anyURI', False) - - def __init__(self, - value_type=None, - encoding_type=None, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - EncodedString_.__init__(self, - encoding_type=encoding_type, - Id=Id, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.value_type=value_type + c_attributes["ValueType"] = ("value_type", "anyURI", False) + + def __init__( + self, + value_type=None, + encoding_type=None, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + EncodedString_.__init__( + self, + encoding_type=encoding_type, + Id=Id, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.value_type = value_type + def binary_security_token_type__from_string(xml_string): return saml2.create_class_from_xml_string(BinarySecurityTokenType_, xml_string) + class KeyIdentifierType_(EncodedString_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:KeyIdentifierType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:KeyIdentifierType element""" - c_tag = 'KeyIdentifierType' + c_tag = "KeyIdentifierType" c_namespace = NAMESPACE c_children = EncodedString_.c_children.copy() c_attributes = EncodedString_.c_attributes.copy() c_child_order = EncodedString_.c_child_order[:] c_cardinality = EncodedString_.c_cardinality.copy() - c_attributes['ValueType'] = ('value_type', 'anyURI', False) - - def __init__(self, - value_type=None, - encoding_type=None, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - EncodedString_.__init__(self, - encoding_type=encoding_type, - Id=Id, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.value_type=value_type + c_attributes["ValueType"] = ("value_type", "anyURI", False) + + def __init__( + self, + value_type=None, + encoding_type=None, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + EncodedString_.__init__( + self, + encoding_type=encoding_type, + Id=Id, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.value_type = value_type + def key_identifier_type__from_string(xml_string): return saml2.create_class_from_xml_string(KeyIdentifierType_, xml_string) + class TUsage_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:tUsage element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:tUsage element""" - c_tag = 'tUsage' + c_tag = "tUsage" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def t_usage__from_string(xml_string): return saml2.create_class_from_xml_string(TUsage_, xml_string) + class ReferenceType_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:ReferenceType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:ReferenceType element""" - c_tag = 'ReferenceType' + c_tag = "ReferenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['URI'] = ('uri', 'anyURI', False) - c_attributes['ValueType'] = ('value_type', 'anyURI', False) - - def __init__(self, - uri=None, - value_type=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.uri=uri - self.value_type=value_type + c_attributes["URI"] = ("uri", "anyURI", False) + c_attributes["ValueType"] = ("value_type", "anyURI", False) + + def __init__( + self, + uri=None, + value_type=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.uri = uri + self.value_type = value_type + def reference_type__from_string(xml_string): return saml2.create_class_from_xml_string(ReferenceType_, xml_string) + class EmbeddedType_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:EmbeddedType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:EmbeddedType element""" - c_tag = 'EmbeddedType' + c_tag = "EmbeddedType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['ValueType'] = ('value_type', 'anyURI', False) - - def __init__(self, - value_type=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.value_type=value_type + c_attributes["ValueType"] = ("value_type", "anyURI", False) + + def __init__( + self, + value_type=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.value_type = value_type + def embedded_type__from_string(xml_string): return saml2.create_class_from_xml_string(EmbeddedType_, xml_string) + class SecurityTokenReferenceType_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:SecurityTokenReferenceType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:SecurityTokenReferenceType element""" - c_tag = 'SecurityTokenReferenceType' + c_tag = "SecurityTokenReferenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id'] = ('Id', 'None', False) - c_attributes['Usage'] = ('Usage', 'None', False) - - def __init__(self, - Id=None, - Usage=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.Id=Id - self.Usage=Usage + c_attributes["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Id"] = ( + "Id", + "None", + False, + ) + c_attributes["Usage"] = ("Usage", "None", False) + + def __init__( + self, + Id=None, + Usage=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.Id = Id + self.Usage = Usage + def security_token_reference_type__from_string(xml_string): return saml2.create_class_from_xml_string(SecurityTokenReferenceType_, xml_string) + class SecurityHeaderType_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:SecurityHeaderType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:SecurityHeaderType element""" - c_tag = 'SecurityHeaderType' + c_tag = "SecurityHeaderType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def security_header_type__from_string(xml_string): return saml2.create_class_from_xml_string(SecurityHeaderType_, xml_string) + class TransformationParametersType_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:TransformationParametersType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:TransformationParametersType element""" - c_tag = 'TransformationParametersType' + c_tag = "TransformationParametersType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def transformation_parameters_type__from_string(xml_string): return saml2.create_class_from_xml_string(TransformationParametersType_, xml_string) + class UsernameToken(UsernameTokenType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:UsernameToken element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:UsernameToken element""" - c_tag = 'UsernameToken' + c_tag = "UsernameToken" c_namespace = NAMESPACE c_children = UsernameTokenType_.c_children.copy() c_attributes = UsernameTokenType_.c_attributes.copy() c_child_order = UsernameTokenType_.c_child_order[:] c_cardinality = UsernameTokenType_.c_cardinality.copy() + def username_token_from_string(xml_string): return saml2.create_class_from_xml_string(UsernameToken, xml_string) + class BinarySecurityToken(BinarySecurityTokenType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:BinarySecurityToken element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:BinarySecurityToken element""" - c_tag = 'BinarySecurityToken' + c_tag = "BinarySecurityToken" c_namespace = NAMESPACE c_children = BinarySecurityTokenType_.c_children.copy() c_attributes = BinarySecurityTokenType_.c_attributes.copy() c_child_order = BinarySecurityTokenType_.c_child_order[:] c_cardinality = BinarySecurityTokenType_.c_cardinality.copy() + def binary_security_token_from_string(xml_string): return saml2.create_class_from_xml_string(BinarySecurityToken, xml_string) class Reference(ReferenceType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Reference element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Reference element""" - c_tag = 'Reference' + c_tag = "Reference" c_namespace = NAMESPACE c_children = ReferenceType_.c_children.copy() c_attributes = ReferenceType_.c_attributes.copy() c_child_order = ReferenceType_.c_child_order[:] c_cardinality = ReferenceType_.c_cardinality.copy() + def reference_from_string(xml_string): return saml2.create_class_from_xml_string(Reference, xml_string) class Embedded(EmbeddedType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Embedded element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Embedded element""" - c_tag = 'Embedded' + c_tag = "Embedded" c_namespace = NAMESPACE c_children = EmbeddedType_.c_children.copy() c_attributes = EmbeddedType_.c_attributes.copy() c_child_order = EmbeddedType_.c_child_order[:] c_cardinality = EmbeddedType_.c_cardinality.copy() + def embedded_from_string(xml_string): return saml2.create_class_from_xml_string(Embedded, xml_string) class KeyIdentifier(KeyIdentifierType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:KeyIdentifier element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:KeyIdentifier element""" - c_tag = 'KeyIdentifier' + c_tag = "KeyIdentifier" c_namespace = NAMESPACE c_children = KeyIdentifierType_.c_children.copy() c_attributes = KeyIdentifierType_.c_attributes.copy() c_child_order = KeyIdentifierType_.c_child_order[:] c_cardinality = KeyIdentifierType_.c_cardinality.copy() + def key_identifier_from_string(xml_string): return saml2.create_class_from_xml_string(KeyIdentifier, xml_string) class SecurityTokenReference(SecurityTokenReferenceType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:SecurityTokenReference element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:SecurityTokenReference element""" - c_tag = 'SecurityTokenReference' + c_tag = "SecurityTokenReference" c_namespace = NAMESPACE c_children = SecurityTokenReferenceType_.c_children.copy() c_attributes = SecurityTokenReferenceType_.c_attributes.copy() c_child_order = SecurityTokenReferenceType_.c_child_order[:] c_cardinality = SecurityTokenReferenceType_.c_cardinality.copy() + def security_token_reference_from_string(xml_string): return saml2.create_class_from_xml_string(SecurityTokenReference, xml_string) class Security(SecurityHeaderType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Security element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Security element""" - c_tag = 'Security' + c_tag = "Security" c_namespace = NAMESPACE c_children = SecurityHeaderType_.c_children.copy() c_attributes = SecurityHeaderType_.c_attributes.copy() c_child_order = SecurityHeaderType_.c_child_order[:] c_cardinality = SecurityHeaderType_.c_cardinality.copy() + def security_from_string(xml_string): return saml2.create_class_from_xml_string(Security, xml_string) class TransformationParameters(TransformationParametersType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:TransformationParameters element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:TransformationParameters element""" - c_tag = 'TransformationParameters' + c_tag = "TransformationParameters" c_namespace = NAMESPACE c_children = TransformationParametersType_.c_children.copy() c_attributes = TransformationParametersType_.c_attributes.copy() c_child_order = TransformationParametersType_.c_child_order[:] c_cardinality = TransformationParametersType_.c_cardinality.copy() + def transformation_parameters_from_string(xml_string): return saml2.create_class_from_xml_string(TransformationParameters, xml_string) class Password(PasswordString_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Password element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Password element""" - c_tag = 'Password' + c_tag = "Password" c_namespace = NAMESPACE c_children = PasswordString_.c_children.copy() c_attributes = PasswordString_.c_attributes.copy() c_child_order = PasswordString_.c_child_order[:] c_cardinality = PasswordString_.c_cardinality.copy() + def password_from_string(xml_string): return saml2.create_class_from_xml_string(Password, xml_string) class Nonce(EncodedString_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Nonce element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:Nonce element""" - c_tag = 'Nonce' + c_tag = "Nonce" c_namespace = NAMESPACE c_children = EncodedString_.c_children.copy() c_attributes = EncodedString_.c_attributes.copy() c_child_order = EncodedString_.c_child_order[:] c_cardinality = EncodedString_.c_cardinality.copy() + def nonce_from_string(xml_string): return saml2.create_class_from_xml_string(Nonce, xml_string) class FaultcodeEnum_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:FaultcodeEnum element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd:FaultcodeEnum element""" - c_tag = 'FaultcodeEnum' + c_tag = "FaultcodeEnum" c_namespace = NAMESPACE - c_value_type = {'base': 'xsd:QName', 'enumeration': ['wsse:UnsupportedSecurityToken', 'wsse:UnsupportedAlgorithm', 'wsse:InvalidSecurity', 'wsse:InvalidSecurityToken', 'wsse:FailedAuthentication', 'wsse:FailedCheck', 'wsse:SecurityTokenUnavailable']} + c_value_type = { + "base": "xsd:QName", + "enumeration": [ + "wsse:UnsupportedSecurityToken", + "wsse:UnsupportedAlgorithm", + "wsse:InvalidSecurity", + "wsse:InvalidSecurityToken", + "wsse:FailedAuthentication", + "wsse:FailedCheck", + "wsse:SecurityTokenUnavailable", + ], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def faultcode_enum__from_string(xml_string): return saml2.create_class_from_xml_string(FaultcodeEnum_, xml_string) -#.................. -('#', []) +# .................. +("#", []) ELEMENT_FROM_STRING = { AttributedString_.c_tag: attributed_string__from_string, PasswordString_.c_tag: password_string__from_string, @@ -514,33 +594,32 @@ def faultcode_enum__from_string(xml_string): } ELEMENT_BY_TAG = { - 'AttributedString': AttributedString_, - 'PasswordString': PasswordString_, - 'EncodedString': EncodedString_, - 'UsernameTokenType': UsernameTokenType_, - 'BinarySecurityTokenType': BinarySecurityTokenType_, - 'KeyIdentifierType': KeyIdentifierType_, - 'tUsage': TUsage_, - 'ReferenceType': ReferenceType_, - 'EmbeddedType': EmbeddedType_, - 'SecurityTokenReferenceType': SecurityTokenReferenceType_, - 'SecurityHeaderType': SecurityHeaderType_, - 'TransformationParametersType': TransformationParametersType_, - 'UsernameToken': UsernameToken, - 'BinarySecurityToken': BinarySecurityToken, - 'Reference': Reference, - 'Embedded': Embedded, - 'KeyIdentifier': KeyIdentifier, - 'SecurityTokenReference': SecurityTokenReference, - 'Security': Security, - 'TransformationParameters': TransformationParameters, - 'Password': Password, - 'Nonce': Nonce, - 'FaultcodeEnum': FaultcodeEnum_, - 'Username': UsernameTokenType_Username, + "AttributedString": AttributedString_, + "PasswordString": PasswordString_, + "EncodedString": EncodedString_, + "UsernameTokenType": UsernameTokenType_, + "BinarySecurityTokenType": BinarySecurityTokenType_, + "KeyIdentifierType": KeyIdentifierType_, + "tUsage": TUsage_, + "ReferenceType": ReferenceType_, + "EmbeddedType": EmbeddedType_, + "SecurityTokenReferenceType": SecurityTokenReferenceType_, + "SecurityHeaderType": SecurityHeaderType_, + "TransformationParametersType": TransformationParametersType_, + "UsernameToken": UsernameToken, + "BinarySecurityToken": BinarySecurityToken, + "Reference": Reference, + "Embedded": Embedded, + "KeyIdentifier": KeyIdentifier, + "SecurityTokenReference": SecurityTokenReference, + "Security": Security, + "TransformationParameters": TransformationParameters, + "Password": Password, + "Nonce": Nonce, + "FaultcodeEnum": FaultcodeEnum_, + "Username": UsernameTokenType_Username, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/ws/wstrust.py b/src/saml2/ws/wstrust.py index eb8c944ca..7152a5d78 100644 --- a/src/saml2/ws/wstrust.py +++ b/src/saml2/ws/wstrust.py @@ -6,228 +6,269 @@ import saml2 from saml2 import SamlBase - from saml2.ws import wsaddr as wsa from saml2.ws import wssec as wsse from saml2.ws import wsutil as wsu -from saml2.ws import wspol as wsp -NAMESPACE = 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/' + +NAMESPACE = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/" + class RequestSecurityTokenType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenType element""" - c_tag = 'RequestSecurityTokenType' + c_tag = "RequestSecurityTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Context'] = ('context', 'anyURI', False) - - def __init__(self, - context=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.context=context + c_attributes["Context"] = ("context", "anyURI", False) + + def __init__( + self, + context=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.context = context + def request_security_token_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenType_, xml_string) class TokenType(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:TokenType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:TokenType element""" - c_tag = 'TokenType' + c_tag = "TokenType" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def token_type_from_string(xml_string): return saml2.create_class_from_xml_string(TokenType, xml_string) class RequestTypeOpenEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestTypeOpenEnum element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestTypeOpenEnum element""" - c_tag = 'RequestTypeOpenEnum' + c_tag = "RequestTypeOpenEnum" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def request_type_open_enum__from_string(xml_string): return saml2.create_class_from_xml_string(RequestTypeOpenEnum_, xml_string) class RequestTypeEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestTypeEnum element """ - - c_tag = 'RequestTypeEnum' - c_namespace = NAMESPACE - c_value_type = {'base': 'xs:anyURI', 'enumeration': ['http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/Renew', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/Cancel', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/STSCancel', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate']} + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestTypeEnum element""" + + c_tag = "RequestTypeEnum" + c_namespace = NAMESPACE + c_value_type = { + "base": "xs:anyURI", + "enumeration": [ + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Renew", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Cancel", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/STSCancel", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate", + ], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def request_type_enum__from_string(xml_string): return saml2.create_class_from_xml_string(RequestTypeEnum_, xml_string) class RequestSecurityTokenResponseType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponseType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponseType element""" - c_tag = 'RequestSecurityTokenResponseType' + c_tag = "RequestSecurityTokenResponseType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Context'] = ('context', 'anyURI', False) - - def __init__(self, - context=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.context=context + c_attributes["Context"] = ("context", "anyURI", False) + + def __init__( + self, + context=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.context = context + def request_security_token_response_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenResponseType_, xml_string) class RequestedSecurityTokenType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedSecurityTokenType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedSecurityTokenType element""" - c_tag = 'RequestedSecurityTokenType' + c_tag = "RequestedSecurityTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def requested_security_token_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestedSecurityTokenType_, xml_string) class BinarySecretTypeEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecretTypeEnum element """ - - c_tag = 'BinarySecretTypeEnum' - c_namespace = NAMESPACE - c_value_type = {'base': 'xs:anyURI', 'enumeration': ['http://docs.oasis-open.org/ws-sx/ws-trust/200512/AsymmetricKey', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce']} + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecretTypeEnum element""" + + c_tag = "BinarySecretTypeEnum" + c_namespace = NAMESPACE + c_value_type = { + "base": "xs:anyURI", + "enumeration": [ + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/AsymmetricKey", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/Nonce", + ], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def binary_secret_type_enum__from_string(xml_string): return saml2.create_class_from_xml_string(BinarySecretTypeEnum_, xml_string) class BinarySecretTypeOpenEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecretTypeOpenEnum element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecretTypeOpenEnum element""" - c_tag = 'BinarySecretTypeOpenEnum' + c_tag = "BinarySecretTypeOpenEnum" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def binary_secret_type_open_enum__from_string(xml_string): return saml2.create_class_from_xml_string(BinarySecretTypeOpenEnum_, xml_string) class ClaimsType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ClaimsType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ClaimsType element""" - c_tag = 'ClaimsType' + c_tag = "ClaimsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Dialect'] = ('dialect', 'anyURI', False) - - def __init__(self, - dialect=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.dialect=dialect + c_attributes["Dialect"] = ("dialect", "anyURI", False) + + def __init__( + self, + dialect=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.dialect = dialect + def claims_type__from_string(xml_string): return saml2.create_class_from_xml_string(ClaimsType_, xml_string) class EntropyType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EntropyType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EntropyType element""" - c_tag = 'EntropyType' + c_tag = "EntropyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def entropy_type__from_string(xml_string): return saml2.create_class_from_xml_string(EntropyType_, xml_string) class LifetimeType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:LifetimeType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:LifetimeType element""" - c_tag = 'LifetimeType' + c_tag = "LifetimeType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Created'] = ('created', wsu.Created) - c_cardinality['created'] = {"min":0, "max":1} - c_children['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Expires'] = ('expires', wsu.Expires) - c_cardinality['expires'] = {"min":0, "max":1} - c_child_order.extend(['created', 'expires']) - - def __init__(self, - created=None, - expires=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.created=created - self.expires=expires + c_children["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Created"] = ( + "created", + wsu.Created, + ) + c_cardinality["created"] = {"min": 0, "max": 1} + c_children["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Expires"] = ( + "expires", + wsu.Expires, + ) + c_cardinality["expires"] = {"min": 0, "max": 1} + c_child_order.extend(["created", "expires"]) + + def __init__( + self, + created=None, + expires=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.created = created + self.expires = expires + def lifetime_type__from_string(xml_string): return saml2.create_class_from_xml_string(LifetimeType_, xml_string) @@ -235,1369 +276,1505 @@ def lifetime_type__from_string(xml_string): class RequestSecurityTokenCollectionType_RequestSecurityToken(RequestSecurityTokenType_): - c_tag = 'RequestSecurityToken' + c_tag = "RequestSecurityToken" c_namespace = NAMESPACE c_children = RequestSecurityTokenType_.c_children.copy() c_attributes = RequestSecurityTokenType_.c_attributes.copy() c_child_order = RequestSecurityTokenType_.c_child_order[:] c_cardinality = RequestSecurityTokenType_.c_cardinality.copy() + def request_security_token_collection_type__request_security_token_from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenCollectionType_RequestSecurityToken, xml_string) class RequestSecurityTokenCollectionType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenCollectionType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenCollectionType element""" - c_tag = 'RequestSecurityTokenCollectionType' + c_tag = "RequestSecurityTokenCollectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}RequestSecurityToken'] = ('request_security_token', [RequestSecurityTokenCollectionType_RequestSecurityToken]) - c_cardinality['request_security_token'] = {"min":2} - c_child_order.extend(['request_security_token']) - - def __init__(self, - request_security_token=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.request_security_token=request_security_token or [] + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}RequestSecurityToken"] = ( + "request_security_token", + [RequestSecurityTokenCollectionType_RequestSecurityToken], + ) + c_cardinality["request_security_token"] = {"min": 2} + c_child_order.extend(["request_security_token"]) + + def __init__( + self, + request_security_token=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.request_security_token = request_security_token or [] + def request_security_token_collection_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenCollectionType_, xml_string) class ComputedKeyEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKeyEnum element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKeyEnum element""" - c_tag = 'ComputedKeyEnum' + c_tag = "ComputedKeyEnum" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:anyURI', 'enumeration': ['http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/HASH']} + c_value_type = { + "base": "xs:anyURI", + "enumeration": [ + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/PSHA1", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/CK/HASH", + ], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def computed_key_enum__from_string(xml_string): return saml2.create_class_from_xml_string(ComputedKeyEnum_, xml_string) class ComputedKeyOpenEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKeyOpenEnum element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKeyOpenEnum element""" - c_tag = 'ComputedKeyOpenEnum' + c_tag = "ComputedKeyOpenEnum" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def computed_key_open_enum__from_string(xml_string): return saml2.create_class_from_xml_string(ComputedKeyOpenEnum_, xml_string) class RequestedReferenceType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedReferenceType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedReferenceType element""" - c_tag = 'RequestedReferenceType' + c_tag = "RequestedReferenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}SecurityTokenReference'] = ('security_token_reference', wsse.SecurityTokenReference) - c_child_order.extend(['security_token_reference']) - - def __init__(self, - security_token_reference=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.security_token_reference=security_token_reference + c_children[ + "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}SecurityTokenReference" + ] = ("security_token_reference", wsse.SecurityTokenReference) + c_child_order.extend(["security_token_reference"]) + + def __init__( + self, + security_token_reference=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.security_token_reference = security_token_reference + def requested_reference_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestedReferenceType_, xml_string) class RequestedProofTokenType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedProofTokenType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedProofTokenType element""" - c_tag = 'RequestedProofTokenType' + c_tag = "RequestedProofTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def requested_proof_token_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestedProofTokenType_, xml_string) class RenewTargetType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RenewTargetType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RenewTargetType element""" - c_tag = 'RenewTargetType' + c_tag = "RenewTargetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def renew_target_type__from_string(xml_string): return saml2.create_class_from_xml_string(RenewTargetType_, xml_string) class AllowPostdatingType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AllowPostdatingType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AllowPostdatingType element""" - c_tag = 'AllowPostdatingType' + c_tag = "AllowPostdatingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def allow_postdating_type__from_string(xml_string): return saml2.create_class_from_xml_string(AllowPostdatingType_, xml_string) class RenewingType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RenewingType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RenewingType element""" - c_tag = 'RenewingType' + c_tag = "RenewingType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Allow'] = ('allow', 'boolean', False) - c_attributes['OK'] = ('ok', 'boolean', False) - - def __init__(self, - allow=None, - ok=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.allow=allow - self.ok=ok + c_attributes["Allow"] = ("allow", "boolean", False) + c_attributes["OK"] = ("ok", "boolean", False) + + def __init__( + self, + allow=None, + ok=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.allow = allow + self.ok = ok + def renewing_type__from_string(xml_string): return saml2.create_class_from_xml_string(RenewingType_, xml_string) class CancelTargetType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CancelTargetType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CancelTargetType element""" - c_tag = 'CancelTargetType' + c_tag = "CancelTargetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def cancel_target_type__from_string(xml_string): return saml2.create_class_from_xml_string(CancelTargetType_, xml_string) class RequestedTokenCancelledType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedTokenCancelledType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedTokenCancelledType element""" - c_tag = 'RequestedTokenCancelledType' + c_tag = "RequestedTokenCancelledType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def requested_token_cancelled_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestedTokenCancelledType_, xml_string) class ValidateTargetType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ValidateTargetType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ValidateTargetType element""" - c_tag = 'ValidateTargetType' + c_tag = "ValidateTargetType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def validate_target_type__from_string(xml_string): return saml2.create_class_from_xml_string(ValidateTargetType_, xml_string) class StatusCodeEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:StatusCodeEnum element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:StatusCodeEnum element""" - c_tag = 'StatusCodeEnum' + c_tag = "StatusCodeEnum" c_namespace = NAMESPACE - c_value_type = {'base': 'xs:anyURI', 'enumeration': ['http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/invalid']} + c_value_type = { + "base": "xs:anyURI", + "enumeration": [ + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/valid", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/status/invalid", + ], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def status_code_enum__from_string(xml_string): return saml2.create_class_from_xml_string(StatusCodeEnum_, xml_string) class StatusCodeOpenEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:StatusCodeOpenEnum element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:StatusCodeOpenEnum element""" - c_tag = 'StatusCodeOpenEnum' + c_tag = "StatusCodeOpenEnum" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def status_code_open_enum__from_string(xml_string): return saml2.create_class_from_xml_string(StatusCodeOpenEnum_, xml_string) class Challenge(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Challenge element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Challenge element""" - c_tag = 'Challenge' + c_tag = "Challenge" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def challenge_from_string(xml_string): return saml2.create_class_from_xml_string(Challenge, xml_string) class BinaryExchangeType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinaryExchangeType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinaryExchangeType element""" - c_tag = 'BinaryExchangeType' + c_tag = "BinaryExchangeType" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['ValueType'] = ('value_type', 'anyURI', True) - c_attributes['EncodingType'] = ('encoding_type', 'anyURI', True) - - def __init__(self, - value_type=None, - encoding_type=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.value_type=value_type - self.encoding_type=encoding_type + c_attributes["ValueType"] = ("value_type", "anyURI", True) + c_attributes["EncodingType"] = ("encoding_type", "anyURI", True) + + def __init__( + self, + value_type=None, + encoding_type=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.value_type = value_type + self.encoding_type = encoding_type + def binary_exchange_type__from_string(xml_string): return saml2.create_class_from_xml_string(BinaryExchangeType_, xml_string) class RequestKETType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestKETType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestKETType element""" - c_tag = 'RequestKETType' + c_tag = "RequestKETType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def request_ket_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestKETType_, xml_string) class KeyExchangeTokenType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyExchangeTokenType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyExchangeTokenType element""" - c_tag = 'KeyExchangeTokenType' + c_tag = "KeyExchangeTokenType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def key_exchange_token_type__from_string(xml_string): return saml2.create_class_from_xml_string(KeyExchangeTokenType_, xml_string) class CombinedHash(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CombinedHash element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CombinedHash element""" - c_tag = 'CombinedHash' + c_tag = "CombinedHash" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def combined_hash_from_string(xml_string): return saml2.create_class_from_xml_string(CombinedHash, xml_string) class OnBehalfOfType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:OnBehalfOfType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:OnBehalfOfType element""" - c_tag = 'OnBehalfOfType' + c_tag = "OnBehalfOfType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def on_behalf_of_type__from_string(xml_string): return saml2.create_class_from_xml_string(OnBehalfOfType_, xml_string) class Issuer(wsa.EndpointReferenceType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Issuer element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Issuer element""" - c_tag = 'Issuer' + c_tag = "Issuer" c_namespace = NAMESPACE c_children = wsa.EndpointReferenceType_.c_children.copy() c_attributes = wsa.EndpointReferenceType_.c_attributes.copy() c_child_order = wsa.EndpointReferenceType_.c_child_order[:] c_cardinality = wsa.EndpointReferenceType_.c_cardinality.copy() + def issuer_from_string(xml_string): return saml2.create_class_from_xml_string(Issuer, xml_string) class AuthenticationType(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AuthenticationType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AuthenticationType element""" - c_tag = 'AuthenticationType' + c_tag = "AuthenticationType" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def authentication_type_from_string(xml_string): return saml2.create_class_from_xml_string(AuthenticationType, xml_string) class KeyTypeEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyTypeEnum element """ - - c_tag = 'KeyTypeEnum' - c_namespace = NAMESPACE - c_value_type = {'base': 'xs:anyURI', 'enumeration': ['http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey', 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey', 'http://docs.oasis-open.org/wssx/wstrust/200512/Bearer']} + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyTypeEnum element""" + + c_tag = "KeyTypeEnum" + c_namespace = NAMESPACE + c_value_type = { + "base": "xs:anyURI", + "enumeration": [ + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey", + "http://docs.oasis-open.org/ws-sx/ws-trust/200512/SymmetricKey", + "http://docs.oasis-open.org/wssx/wstrust/200512/Bearer", + ], + } c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def key_type_enum__from_string(xml_string): return saml2.create_class_from_xml_string(KeyTypeEnum_, xml_string) class KeyTypeOpenEnum_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyTypeOpenEnum element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyTypeOpenEnum element""" - c_tag = 'KeyTypeOpenEnum' + c_tag = "KeyTypeOpenEnum" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def key_type_open_enum__from_string(xml_string): return saml2.create_class_from_xml_string(KeyTypeOpenEnum_, xml_string) class KeySize(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeySize element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeySize element""" - c_tag = 'KeySize' + c_tag = "KeySize" c_namespace = NAMESPACE - c_value_type = {'base': 'unsignedInt'} + c_value_type = {"base": "unsignedInt"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def key_size_from_string(xml_string): return saml2.create_class_from_xml_string(KeySize, xml_string) class SignatureAlgorithm(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignatureAlgorithm element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignatureAlgorithm element""" - c_tag = 'SignatureAlgorithm' + c_tag = "SignatureAlgorithm" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def signature_algorithm_from_string(xml_string): return saml2.create_class_from_xml_string(SignatureAlgorithm, xml_string) class EncryptionAlgorithm(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EncryptionAlgorithm element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EncryptionAlgorithm element""" - c_tag = 'EncryptionAlgorithm' + c_tag = "EncryptionAlgorithm" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def encryption_algorithm_from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionAlgorithm, xml_string) class CanonicalizationAlgorithm(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CanonicalizationAlgorithm element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CanonicalizationAlgorithm element""" - c_tag = 'CanonicalizationAlgorithm' + c_tag = "CanonicalizationAlgorithm" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def canonicalization_algorithm_from_string(xml_string): return saml2.create_class_from_xml_string(CanonicalizationAlgorithm, xml_string) class ComputedKeyAlgorithm(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKeyAlgorithm element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKeyAlgorithm element""" - c_tag = 'ComputedKeyAlgorithm' + c_tag = "ComputedKeyAlgorithm" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def computed_key_algorithm_from_string(xml_string): return saml2.create_class_from_xml_string(ComputedKeyAlgorithm, xml_string) class EncryptionType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EncryptionType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EncryptionType element""" - c_tag = 'EncryptionType' + c_tag = "EncryptionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def encryption_type__from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionType_, xml_string) class ProofEncryptionType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ProofEncryptionType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ProofEncryptionType element""" - c_tag = 'ProofEncryptionType' + c_tag = "ProofEncryptionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def proof_encryption_type__from_string(xml_string): return saml2.create_class_from_xml_string(ProofEncryptionType_, xml_string) class UseKeyType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:UseKeyType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:UseKeyType element""" - c_tag = 'UseKeyType' + c_tag = "UseKeyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Sig'] = ('sig', 'anyURI', False) - - def __init__(self, - sig=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.sig=sig + c_attributes["Sig"] = ("sig", "anyURI", False) + + def __init__( + self, + sig=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.sig = sig + def use_key_type__from_string(xml_string): return saml2.create_class_from_xml_string(UseKeyType_, xml_string) class KeyWrapAlgorithm(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyWrapAlgorithm element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyWrapAlgorithm element""" - c_tag = 'KeyWrapAlgorithm' + c_tag = "KeyWrapAlgorithm" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def key_wrap_algorithm_from_string(xml_string): return saml2.create_class_from_xml_string(KeyWrapAlgorithm, xml_string) class SignWith(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignWith element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignWith element""" - c_tag = 'SignWith' + c_tag = "SignWith" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def sign_with_from_string(xml_string): return saml2.create_class_from_xml_string(SignWith, xml_string) class EncryptWith(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EncryptWith element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:EncryptWith element""" - c_tag = 'EncryptWith' + c_tag = "EncryptWith" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def encrypt_with_from_string(xml_string): return saml2.create_class_from_xml_string(EncryptWith, xml_string) class DelegateToType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:DelegateToType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:DelegateToType element""" - c_tag = 'DelegateToType' + c_tag = "DelegateToType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def delegate_to_type__from_string(xml_string): return saml2.create_class_from_xml_string(DelegateToType_, xml_string) class Forwardable(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Forwardable element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Forwardable element""" - c_tag = 'Forwardable' + c_tag = "Forwardable" c_namespace = NAMESPACE - c_value_type = {'base': 'boolean'} + c_value_type = {"base": "boolean"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def forwardable_from_string(xml_string): return saml2.create_class_from_xml_string(Forwardable, xml_string) class Delegatable(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Delegatable element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Delegatable element""" - c_tag = 'Delegatable' + c_tag = "Delegatable" c_namespace = NAMESPACE - c_value_type = {'base': 'boolean'} + c_value_type = {"base": "boolean"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def delegatable_from_string(xml_string): return saml2.create_class_from_xml_string(Delegatable, xml_string) class ParticipantType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ParticipantType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ParticipantType element""" - c_tag = 'ParticipantType' + c_tag = "ParticipantType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def participant_type__from_string(xml_string): return saml2.create_class_from_xml_string(ParticipantType_, xml_string) class RequestSecurityToken(RequestSecurityTokenType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityToken element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityToken element""" - c_tag = 'RequestSecurityToken' + c_tag = "RequestSecurityToken" c_namespace = NAMESPACE c_children = RequestSecurityTokenType_.c_children.copy() c_attributes = RequestSecurityTokenType_.c_attributes.copy() c_child_order = RequestSecurityTokenType_.c_child_order[:] c_cardinality = RequestSecurityTokenType_.c_cardinality.copy() + def request_security_token_from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityToken, xml_string) class RequestType(RequestTypeOpenEnum_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestType element""" - c_tag = 'RequestType' + c_tag = "RequestType" c_namespace = NAMESPACE c_children = RequestTypeOpenEnum_.c_children.copy() c_attributes = RequestTypeOpenEnum_.c_attributes.copy() c_child_order = RequestTypeOpenEnum_.c_child_order[:] c_cardinality = RequestTypeOpenEnum_.c_cardinality.copy() + def request_type_from_string(xml_string): return saml2.create_class_from_xml_string(RequestType, xml_string) class RequestSecurityTokenResponse(RequestSecurityTokenResponseType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponse element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponse element""" - c_tag = 'RequestSecurityTokenResponse' + c_tag = "RequestSecurityTokenResponse" c_namespace = NAMESPACE c_children = RequestSecurityTokenResponseType_.c_children.copy() c_attributes = RequestSecurityTokenResponseType_.c_attributes.copy() c_child_order = RequestSecurityTokenResponseType_.c_child_order[:] c_cardinality = RequestSecurityTokenResponseType_.c_cardinality.copy() + def request_security_token_response_from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenResponse, xml_string) class RequestedSecurityToken(RequestedSecurityTokenType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedSecurityToken element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedSecurityToken element""" - c_tag = 'RequestedSecurityToken' + c_tag = "RequestedSecurityToken" c_namespace = NAMESPACE c_children = RequestedSecurityTokenType_.c_children.copy() c_attributes = RequestedSecurityTokenType_.c_attributes.copy() c_child_order = RequestedSecurityTokenType_.c_child_order[:] c_cardinality = RequestedSecurityTokenType_.c_cardinality.copy() + def requested_security_token_from_string(xml_string): return saml2.create_class_from_xml_string(RequestedSecurityToken, xml_string) class BinarySecretType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecretType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecretType element""" - c_tag = 'BinarySecretType' + c_tag = "BinarySecretType" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Type'] = ('type', BinarySecretTypeOpenEnum_, False) - - def __init__(self, - type=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.type=type + c_attributes["Type"] = ("type", BinarySecretTypeOpenEnum_, False) + + def __init__( + self, + type=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.type = type + def binary_secret_type__from_string(xml_string): return saml2.create_class_from_xml_string(BinarySecretType_, xml_string) class Claims(ClaimsType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Claims element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Claims element""" - c_tag = 'Claims' + c_tag = "Claims" c_namespace = NAMESPACE c_children = ClaimsType_.c_children.copy() c_attributes = ClaimsType_.c_attributes.copy() c_child_order = ClaimsType_.c_child_order[:] c_cardinality = ClaimsType_.c_cardinality.copy() + def claims_from_string(xml_string): return saml2.create_class_from_xml_string(Claims, xml_string) class Entropy(EntropyType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Entropy element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Entropy element""" - c_tag = 'Entropy' + c_tag = "Entropy" c_namespace = NAMESPACE c_children = EntropyType_.c_children.copy() c_attributes = EntropyType_.c_attributes.copy() c_child_order = EntropyType_.c_child_order[:] c_cardinality = EntropyType_.c_cardinality.copy() + def entropy_from_string(xml_string): return saml2.create_class_from_xml_string(Entropy, xml_string) class Lifetime(LifetimeType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Lifetime element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Lifetime element""" - c_tag = 'Lifetime' + c_tag = "Lifetime" c_namespace = NAMESPACE c_children = LifetimeType_.c_children.copy() c_attributes = LifetimeType_.c_attributes.copy() c_child_order = LifetimeType_.c_child_order[:] c_cardinality = LifetimeType_.c_cardinality.copy() + def lifetime_from_string(xml_string): return saml2.create_class_from_xml_string(Lifetime, xml_string) class RequestSecurityTokenCollection(RequestSecurityTokenCollectionType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenCollection element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenCollection element""" - c_tag = 'RequestSecurityTokenCollection' + c_tag = "RequestSecurityTokenCollection" c_namespace = NAMESPACE c_children = RequestSecurityTokenCollectionType_.c_children.copy() c_attributes = RequestSecurityTokenCollectionType_.c_attributes.copy() c_child_order = RequestSecurityTokenCollectionType_.c_child_order[:] c_cardinality = RequestSecurityTokenCollectionType_.c_cardinality.copy() + def request_security_token_collection_from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenCollection, xml_string) class RequestSecurityTokenResponseCollectionType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponseCollectionType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponseCollectionType element""" - c_tag = 'RequestSecurityTokenResponseCollectionType' + c_tag = "RequestSecurityTokenResponseCollectionType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}RequestSecurityTokenResponse'] = ('request_security_token_response', [RequestSecurityTokenResponse]) - c_cardinality['request_security_token_response'] = {"min":1} - c_child_order.extend(['request_security_token_response']) - - def __init__(self, - request_security_token_response=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.request_security_token_response=request_security_token_response or [] + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}RequestSecurityTokenResponse"] = ( + "request_security_token_response", + [RequestSecurityTokenResponse], + ) + c_cardinality["request_security_token_response"] = {"min": 1} + c_child_order.extend(["request_security_token_response"]) + + def __init__( + self, + request_security_token_response=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.request_security_token_response = request_security_token_response or [] + def request_security_token_response_collection_type__from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenResponseCollectionType_, xml_string) class ComputedKey(ComputedKeyOpenEnum_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKey element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ComputedKey element""" - c_tag = 'ComputedKey' + c_tag = "ComputedKey" c_namespace = NAMESPACE c_children = ComputedKeyOpenEnum_.c_children.copy() c_attributes = ComputedKeyOpenEnum_.c_attributes.copy() c_child_order = ComputedKeyOpenEnum_.c_child_order[:] c_cardinality = ComputedKeyOpenEnum_.c_cardinality.copy() + def computed_key_from_string(xml_string): return saml2.create_class_from_xml_string(ComputedKey, xml_string) class RequestedAttachedReference(RequestedReferenceType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedAttachedReference element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedAttachedReference element""" - c_tag = 'RequestedAttachedReference' + c_tag = "RequestedAttachedReference" c_namespace = NAMESPACE c_children = RequestedReferenceType_.c_children.copy() c_attributes = RequestedReferenceType_.c_attributes.copy() c_child_order = RequestedReferenceType_.c_child_order[:] c_cardinality = RequestedReferenceType_.c_cardinality.copy() + def requested_attached_reference_from_string(xml_string): return saml2.create_class_from_xml_string(RequestedAttachedReference, xml_string) class RequestedUnattachedReference(RequestedReferenceType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedUnattachedReference element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedUnattachedReference element""" - c_tag = 'RequestedUnattachedReference' + c_tag = "RequestedUnattachedReference" c_namespace = NAMESPACE c_children = RequestedReferenceType_.c_children.copy() c_attributes = RequestedReferenceType_.c_attributes.copy() c_child_order = RequestedReferenceType_.c_child_order[:] c_cardinality = RequestedReferenceType_.c_cardinality.copy() + def requested_unattached_reference_from_string(xml_string): return saml2.create_class_from_xml_string(RequestedUnattachedReference, xml_string) class RequestedProofToken(RequestedProofTokenType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedProofToken element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedProofToken element""" - c_tag = 'RequestedProofToken' + c_tag = "RequestedProofToken" c_namespace = NAMESPACE c_children = RequestedProofTokenType_.c_children.copy() c_attributes = RequestedProofTokenType_.c_attributes.copy() c_child_order = RequestedProofTokenType_.c_child_order[:] c_cardinality = RequestedProofTokenType_.c_cardinality.copy() + def requested_proof_token_from_string(xml_string): return saml2.create_class_from_xml_string(RequestedProofToken, xml_string) class IssuedTokens(RequestSecurityTokenResponseCollectionType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:IssuedTokens element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:IssuedTokens element""" - c_tag = 'IssuedTokens' + c_tag = "IssuedTokens" c_namespace = NAMESPACE c_children = RequestSecurityTokenResponseCollectionType_.c_children.copy() c_attributes = RequestSecurityTokenResponseCollectionType_.c_attributes.copy() c_child_order = RequestSecurityTokenResponseCollectionType_.c_child_order[:] c_cardinality = RequestSecurityTokenResponseCollectionType_.c_cardinality.copy() + def issued_tokens_from_string(xml_string): return saml2.create_class_from_xml_string(IssuedTokens, xml_string) class RenewTarget(RenewTargetType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RenewTarget element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RenewTarget element""" - c_tag = 'RenewTarget' + c_tag = "RenewTarget" c_namespace = NAMESPACE c_children = RenewTargetType_.c_children.copy() c_attributes = RenewTargetType_.c_attributes.copy() c_child_order = RenewTargetType_.c_child_order[:] c_cardinality = RenewTargetType_.c_cardinality.copy() + def renew_target_from_string(xml_string): return saml2.create_class_from_xml_string(RenewTarget, xml_string) class AllowPostdating(AllowPostdatingType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AllowPostdating element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AllowPostdating element""" - c_tag = 'AllowPostdating' + c_tag = "AllowPostdating" c_namespace = NAMESPACE c_children = AllowPostdatingType_.c_children.copy() c_attributes = AllowPostdatingType_.c_attributes.copy() c_child_order = AllowPostdatingType_.c_child_order[:] c_cardinality = AllowPostdatingType_.c_cardinality.copy() + def allow_postdating_from_string(xml_string): return saml2.create_class_from_xml_string(AllowPostdating, xml_string) class Renewing(RenewingType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Renewing element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Renewing element""" - c_tag = 'Renewing' + c_tag = "Renewing" c_namespace = NAMESPACE c_children = RenewingType_.c_children.copy() c_attributes = RenewingType_.c_attributes.copy() c_child_order = RenewingType_.c_child_order[:] c_cardinality = RenewingType_.c_cardinality.copy() + def renewing_from_string(xml_string): return saml2.create_class_from_xml_string(Renewing, xml_string) class CancelTarget(CancelTargetType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CancelTarget element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:CancelTarget element""" - c_tag = 'CancelTarget' + c_tag = "CancelTarget" c_namespace = NAMESPACE c_children = CancelTargetType_.c_children.copy() c_attributes = CancelTargetType_.c_attributes.copy() c_child_order = CancelTargetType_.c_child_order[:] c_cardinality = CancelTargetType_.c_cardinality.copy() + def cancel_target_from_string(xml_string): return saml2.create_class_from_xml_string(CancelTarget, xml_string) class RequestedTokenCancelled(RequestedTokenCancelledType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedTokenCancelled element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestedTokenCancelled element""" - c_tag = 'RequestedTokenCancelled' + c_tag = "RequestedTokenCancelled" c_namespace = NAMESPACE c_children = RequestedTokenCancelledType_.c_children.copy() c_attributes = RequestedTokenCancelledType_.c_attributes.copy() c_child_order = RequestedTokenCancelledType_.c_child_order[:] c_cardinality = RequestedTokenCancelledType_.c_cardinality.copy() + def requested_token_cancelled_from_string(xml_string): return saml2.create_class_from_xml_string(RequestedTokenCancelled, xml_string) class ValidateTarget(ValidateTargetType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ValidateTarget element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ValidateTarget element""" - c_tag = 'ValidateTarget' + c_tag = "ValidateTarget" c_namespace = NAMESPACE c_children = ValidateTargetType_.c_children.copy() c_attributes = ValidateTargetType_.c_attributes.copy() c_child_order = ValidateTargetType_.c_child_order[:] c_cardinality = ValidateTargetType_.c_cardinality.copy() + def validate_target_from_string(xml_string): return saml2.create_class_from_xml_string(ValidateTarget, xml_string) class StatusType_Code(StatusCodeOpenEnum_): - c_tag = 'Code' + c_tag = "Code" c_namespace = NAMESPACE c_children = StatusCodeOpenEnum_.c_children.copy() c_attributes = StatusCodeOpenEnum_.c_attributes.copy() c_child_order = StatusCodeOpenEnum_.c_child_order[:] c_cardinality = StatusCodeOpenEnum_.c_cardinality.copy() + def status_type__code_from_string(xml_string): return saml2.create_class_from_xml_string(StatusType_Code, xml_string) class StatusType_Reason(SamlBase): - c_tag = 'Reason' + c_tag = "Reason" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def status_type__reason_from_string(xml_string): return saml2.create_class_from_xml_string(StatusType_Reason, xml_string) class StatusType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:StatusType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:StatusType element""" - c_tag = 'StatusType' + c_tag = "StatusType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Code'] = ('code', StatusType_Code) - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Reason'] = ('reason', StatusType_Reason) - c_cardinality['reason'] = {"min":0, "max":1} - c_child_order.extend(['code', 'reason']) - - def __init__(self, - code=None, - reason=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.code=code - self.reason=reason + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Code"] = ("code", StatusType_Code) + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Reason"] = ("reason", StatusType_Reason) + c_cardinality["reason"] = {"min": 0, "max": 1} + c_child_order.extend(["code", "reason"]) + + def __init__( + self, + code=None, + reason=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.code = code + self.reason = reason + def status_type__from_string(xml_string): return saml2.create_class_from_xml_string(StatusType_, xml_string) class SignChallengeType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignChallengeType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignChallengeType element""" - c_tag = 'SignChallengeType' + c_tag = "SignChallengeType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Challenge'] = ('challenge', Challenge) - c_child_order.extend(['challenge']) - - def __init__(self, - challenge=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.challenge=challenge + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Challenge"] = ("challenge", Challenge) + c_child_order.extend(["challenge"]) + + def __init__( + self, + challenge=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.challenge = challenge + def sign_challenge_type__from_string(xml_string): return saml2.create_class_from_xml_string(SignChallengeType_, xml_string) class BinaryExchange(BinaryExchangeType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinaryExchange element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinaryExchange element""" - c_tag = 'BinaryExchange' + c_tag = "BinaryExchange" c_namespace = NAMESPACE c_children = BinaryExchangeType_.c_children.copy() c_attributes = BinaryExchangeType_.c_attributes.copy() c_child_order = BinaryExchangeType_.c_child_order[:] c_cardinality = BinaryExchangeType_.c_cardinality.copy() + def binary_exchange_from_string(xml_string): return saml2.create_class_from_xml_string(BinaryExchange, xml_string) class RequestKET(RequestKETType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestKET element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestKET element""" - c_tag = 'RequestKET' + c_tag = "RequestKET" c_namespace = NAMESPACE c_children = RequestKETType_.c_children.copy() c_attributes = RequestKETType_.c_attributes.copy() c_child_order = RequestKETType_.c_child_order[:] c_cardinality = RequestKETType_.c_cardinality.copy() + def request_ket_from_string(xml_string): return saml2.create_class_from_xml_string(RequestKET, xml_string) class KeyExchangeToken(KeyExchangeTokenType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyExchangeToken element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyExchangeToken element""" - c_tag = 'KeyExchangeToken' + c_tag = "KeyExchangeToken" c_namespace = NAMESPACE c_children = KeyExchangeTokenType_.c_children.copy() c_attributes = KeyExchangeTokenType_.c_attributes.copy() c_child_order = KeyExchangeTokenType_.c_child_order[:] c_cardinality = KeyExchangeTokenType_.c_cardinality.copy() + def key_exchange_token_from_string(xml_string): return saml2.create_class_from_xml_string(KeyExchangeToken, xml_string) class AuthenticatorType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AuthenticatorType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:AuthenticatorType element""" - c_tag = 'AuthenticatorType' + c_tag = "AuthenticatorType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}CombinedHash'] = ('combined_hash', CombinedHash) - c_cardinality['combined_hash'] = {"min":0, "max":1} - c_child_order.extend(['combined_hash']) - - def __init__(self, - combined_hash=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.combined_hash=combined_hash + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}CombinedHash"] = ("combined_hash", CombinedHash) + c_cardinality["combined_hash"] = {"min": 0, "max": 1} + c_child_order.extend(["combined_hash"]) + + def __init__( + self, + combined_hash=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.combined_hash = combined_hash + def authenticator_type__from_string(xml_string): return saml2.create_class_from_xml_string(AuthenticatorType_, xml_string) class OnBehalfOf(OnBehalfOfType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:OnBehalfOf element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:OnBehalfOf element""" - c_tag = 'OnBehalfOf' + c_tag = "OnBehalfOf" c_namespace = NAMESPACE c_children = OnBehalfOfType_.c_children.copy() c_attributes = OnBehalfOfType_.c_attributes.copy() c_child_order = OnBehalfOfType_.c_child_order[:] c_cardinality = OnBehalfOfType_.c_cardinality.copy() + def on_behalf_of_from_string(xml_string): return saml2.create_class_from_xml_string(OnBehalfOf, xml_string) class KeyType(KeyTypeOpenEnum_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:KeyType element""" - c_tag = 'KeyType' + c_tag = "KeyType" c_namespace = NAMESPACE c_children = KeyTypeOpenEnum_.c_children.copy() c_attributes = KeyTypeOpenEnum_.c_attributes.copy() c_child_order = KeyTypeOpenEnum_.c_child_order[:] c_cardinality = KeyTypeOpenEnum_.c_cardinality.copy() + def key_type_from_string(xml_string): return saml2.create_class_from_xml_string(KeyType, xml_string) class Encryption(EncryptionType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Encryption element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Encryption element""" - c_tag = 'Encryption' + c_tag = "Encryption" c_namespace = NAMESPACE c_children = EncryptionType_.c_children.copy() c_attributes = EncryptionType_.c_attributes.copy() c_child_order = EncryptionType_.c_child_order[:] c_cardinality = EncryptionType_.c_cardinality.copy() + def encryption_from_string(xml_string): return saml2.create_class_from_xml_string(Encryption, xml_string) class ProofEncryption(ProofEncryptionType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ProofEncryption element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ProofEncryption element""" - c_tag = 'ProofEncryption' + c_tag = "ProofEncryption" c_namespace = NAMESPACE c_children = ProofEncryptionType_.c_children.copy() c_attributes = ProofEncryptionType_.c_attributes.copy() c_child_order = ProofEncryptionType_.c_child_order[:] c_cardinality = ProofEncryptionType_.c_cardinality.copy() + def proof_encryption_from_string(xml_string): return saml2.create_class_from_xml_string(ProofEncryption, xml_string) class UseKey(UseKeyType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:UseKey element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:UseKey element""" - c_tag = 'UseKey' + c_tag = "UseKey" c_namespace = NAMESPACE c_children = UseKeyType_.c_children.copy() c_attributes = UseKeyType_.c_attributes.copy() c_child_order = UseKeyType_.c_child_order[:] c_cardinality = UseKeyType_.c_cardinality.copy() + def use_key_from_string(xml_string): return saml2.create_class_from_xml_string(UseKey, xml_string) class DelegateTo(DelegateToType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:DelegateTo element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:DelegateTo element""" - c_tag = 'DelegateTo' + c_tag = "DelegateTo" c_namespace = NAMESPACE c_children = DelegateToType_.c_children.copy() c_attributes = DelegateToType_.c_attributes.copy() c_child_order = DelegateToType_.c_child_order[:] c_cardinality = DelegateToType_.c_cardinality.copy() + def delegate_to_from_string(xml_string): return saml2.create_class_from_xml_string(DelegateTo, xml_string) class ParticipantsType_Primary(ParticipantType_): - c_tag = 'Primary' + c_tag = "Primary" c_namespace = NAMESPACE c_children = ParticipantType_.c_children.copy() c_attributes = ParticipantType_.c_attributes.copy() c_child_order = ParticipantType_.c_child_order[:] c_cardinality = ParticipantType_.c_cardinality.copy() + def participants_type__primary_from_string(xml_string): return saml2.create_class_from_xml_string(ParticipantsType_Primary, xml_string) class ParticipantsType_Participant(ParticipantType_): - c_tag = 'Participant' + c_tag = "Participant" c_namespace = NAMESPACE c_children = ParticipantType_.c_children.copy() c_attributes = ParticipantType_.c_attributes.copy() c_child_order = ParticipantType_.c_child_order[:] c_cardinality = ParticipantType_.c_cardinality.copy() + def participants_type__participant_from_string(xml_string): return saml2.create_class_from_xml_string(ParticipantsType_Participant, xml_string) class ParticipantsType_(SamlBase): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ParticipantsType element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:ParticipantsType element""" - c_tag = 'ParticipantsType' + c_tag = "ParticipantsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Primary'] = ('primary', ParticipantsType_Primary) - c_cardinality['primary'] = {"min":0, "max":1} - c_children['{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Participant'] = ('participant', [ParticipantsType_Participant]) - c_cardinality['participant'] = {"min":0} - c_child_order.extend(['primary', 'participant']) - - def __init__(self, - primary=None, - participant=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.primary=primary - self.participant=participant or [] + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Primary"] = ("primary", ParticipantsType_Primary) + c_cardinality["primary"] = {"min": 0, "max": 1} + c_children["{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Participant"] = ( + "participant", + [ParticipantsType_Participant], + ) + c_cardinality["participant"] = {"min": 0} + c_child_order.extend(["primary", "participant"]) + + def __init__( + self, + primary=None, + participant=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.primary = primary + self.participant = participant or [] + def participants_type__from_string(xml_string): return saml2.create_class_from_xml_string(ParticipantsType_, xml_string) class BinarySecret(BinarySecretType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecret element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:BinarySecret element""" - c_tag = 'BinarySecret' + c_tag = "BinarySecret" c_namespace = NAMESPACE c_children = BinarySecretType_.c_children.copy() c_attributes = BinarySecretType_.c_attributes.copy() c_child_order = BinarySecretType_.c_child_order[:] c_cardinality = BinarySecretType_.c_cardinality.copy() + def binary_secret_from_string(xml_string): return saml2.create_class_from_xml_string(BinarySecret, xml_string) class RequestSecurityTokenResponseCollection(RequestSecurityTokenResponseCollectionType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponseCollection element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:RequestSecurityTokenResponseCollection element""" - c_tag = 'RequestSecurityTokenResponseCollection' + c_tag = "RequestSecurityTokenResponseCollection" c_namespace = NAMESPACE c_children = RequestSecurityTokenResponseCollectionType_.c_children.copy() c_attributes = RequestSecurityTokenResponseCollectionType_.c_attributes.copy() c_child_order = RequestSecurityTokenResponseCollectionType_.c_child_order[:] c_cardinality = RequestSecurityTokenResponseCollectionType_.c_cardinality.copy() + def request_security_token_response_collection_from_string(xml_string): return saml2.create_class_from_xml_string(RequestSecurityTokenResponseCollection, xml_string) class Status(StatusType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Status element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Status element""" - c_tag = 'Status' + c_tag = "Status" c_namespace = NAMESPACE c_children = StatusType_.c_children.copy() c_attributes = StatusType_.c_attributes.copy() c_child_order = StatusType_.c_child_order[:] c_cardinality = StatusType_.c_cardinality.copy() + def status_from_string(xml_string): return saml2.create_class_from_xml_string(Status, xml_string) class SignChallenge(SignChallengeType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignChallenge element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignChallenge element""" - c_tag = 'SignChallenge' + c_tag = "SignChallenge" c_namespace = NAMESPACE c_children = SignChallengeType_.c_children.copy() c_attributes = SignChallengeType_.c_attributes.copy() c_child_order = SignChallengeType_.c_child_order[:] c_cardinality = SignChallengeType_.c_cardinality.copy() + def sign_challenge_from_string(xml_string): return saml2.create_class_from_xml_string(SignChallenge, xml_string) class SignChallengeResponse(SignChallengeType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignChallengeResponse element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:SignChallengeResponse element""" - c_tag = 'SignChallengeResponse' + c_tag = "SignChallengeResponse" c_namespace = NAMESPACE c_children = SignChallengeType_.c_children.copy() c_attributes = SignChallengeType_.c_attributes.copy() c_child_order = SignChallengeType_.c_child_order[:] c_cardinality = SignChallengeType_.c_cardinality.copy() + def sign_challenge_response_from_string(xml_string): return saml2.create_class_from_xml_string(SignChallengeResponse, xml_string) class Authenticator(AuthenticatorType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Authenticator element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Authenticator element""" - c_tag = 'Authenticator' + c_tag = "Authenticator" c_namespace = NAMESPACE c_children = AuthenticatorType_.c_children.copy() c_attributes = AuthenticatorType_.c_attributes.copy() c_child_order = AuthenticatorType_.c_child_order[:] c_cardinality = AuthenticatorType_.c_cardinality.copy() + def authenticator_from_string(xml_string): return saml2.create_class_from_xml_string(Authenticator, xml_string) class Participants(ParticipantsType_): - """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Participants element """ + """The http://docs.oasis-open.org/ws-sx/ws-trust/200512/:Participants element""" - c_tag = 'Participants' + c_tag = "Participants" c_namespace = NAMESPACE c_children = ParticipantsType_.c_children.copy() c_attributes = ParticipantsType_.c_attributes.copy() c_child_order = ParticipantsType_.c_child_order[:] c_cardinality = ParticipantsType_.c_cardinality.copy() + def participants_from_string(xml_string): return saml2.create_class_from_xml_string(Participants, xml_string) @@ -1700,103 +1877,102 @@ def participants_from_string(xml_string): } ELEMENT_BY_TAG = { - 'RequestSecurityToken': RequestSecurityToken, - 'RequestSecurityTokenType': RequestSecurityTokenType_, - 'TokenType': TokenType, - 'RequestType': RequestType, - 'RequestTypeOpenEnum': RequestTypeOpenEnum_, - 'RequestTypeEnum': RequestTypeEnum_, - 'RequestSecurityTokenResponse': RequestSecurityTokenResponse, - 'RequestSecurityTokenResponseType': RequestSecurityTokenResponseType_, - 'RequestedSecurityToken': RequestedSecurityToken, - 'RequestedSecurityTokenType': RequestedSecurityTokenType_, - 'BinarySecret': BinarySecret, - 'BinarySecretType': BinarySecretType_, - 'BinarySecretTypeEnum': BinarySecretTypeEnum_, - 'BinarySecretTypeOpenEnum': BinarySecretTypeOpenEnum_, - 'Claims': Claims, - 'ClaimsType': ClaimsType_, - 'Entropy': Entropy, - 'EntropyType': EntropyType_, - 'Lifetime': Lifetime, - 'LifetimeType': LifetimeType_, - 'RequestSecurityTokenCollection': RequestSecurityTokenCollection, - 'RequestSecurityTokenCollectionType': RequestSecurityTokenCollectionType_, - 'RequestSecurityTokenResponseCollection': RequestSecurityTokenResponseCollection, - 'RequestSecurityTokenResponseCollectionType': RequestSecurityTokenResponseCollectionType_, - 'ComputedKey': ComputedKey, - 'ComputedKeyEnum': ComputedKeyEnum_, - 'ComputedKeyOpenEnum': ComputedKeyOpenEnum_, - 'RequestedAttachedReference': RequestedAttachedReference, - 'RequestedUnattachedReference': RequestedUnattachedReference, - 'RequestedReferenceType': RequestedReferenceType_, - 'RequestedProofToken': RequestedProofToken, - 'RequestedProofTokenType': RequestedProofTokenType_, - 'IssuedTokens': IssuedTokens, - 'RenewTarget': RenewTarget, - 'RenewTargetType': RenewTargetType_, - 'AllowPostdating': AllowPostdating, - 'AllowPostdatingType': AllowPostdatingType_, - 'Renewing': Renewing, - 'RenewingType': RenewingType_, - 'CancelTarget': CancelTarget, - 'CancelTargetType': CancelTargetType_, - 'RequestedTokenCancelled': RequestedTokenCancelled, - 'RequestedTokenCancelledType': RequestedTokenCancelledType_, - 'ValidateTarget': ValidateTarget, - 'ValidateTargetType': ValidateTargetType_, - 'Status': Status, - 'StatusType': StatusType_, - 'StatusCodeEnum': StatusCodeEnum_, - 'StatusCodeOpenEnum': StatusCodeOpenEnum_, - 'SignChallenge': SignChallenge, - 'SignChallengeResponse': SignChallengeResponse, - 'SignChallengeType': SignChallengeType_, - 'Challenge': Challenge, - 'BinaryExchange': BinaryExchange, - 'BinaryExchangeType': BinaryExchangeType_, - 'RequestKET': RequestKET, - 'RequestKETType': RequestKETType_, - 'KeyExchangeToken': KeyExchangeToken, - 'KeyExchangeTokenType': KeyExchangeTokenType_, - 'Authenticator': Authenticator, - 'AuthenticatorType': AuthenticatorType_, - 'CombinedHash': CombinedHash, - 'OnBehalfOf': OnBehalfOf, - 'OnBehalfOfType': OnBehalfOfType_, - 'Issuer': Issuer, - 'AuthenticationType': AuthenticationType, - 'KeyType': KeyType, - 'KeyTypeEnum': KeyTypeEnum_, - 'KeyTypeOpenEnum': KeyTypeOpenEnum_, - 'KeySize': KeySize, - 'SignatureAlgorithm': SignatureAlgorithm, - 'EncryptionAlgorithm': EncryptionAlgorithm, - 'CanonicalizationAlgorithm': CanonicalizationAlgorithm, - 'ComputedKeyAlgorithm': ComputedKeyAlgorithm, - 'Encryption': Encryption, - 'EncryptionType': EncryptionType_, - 'ProofEncryption': ProofEncryption, - 'ProofEncryptionType': ProofEncryptionType_, - 'UseKey': UseKey, - 'UseKeyType': UseKeyType_, - 'KeyWrapAlgorithm': KeyWrapAlgorithm, - 'SignWith': SignWith, - 'EncryptWith': EncryptWith, - 'DelegateTo': DelegateTo, - 'DelegateToType': DelegateToType_, - 'Forwardable': Forwardable, - 'Delegatable': Delegatable, - 'Participants': Participants, - 'ParticipantsType': ParticipantsType_, - 'ParticipantType': ParticipantType_, - 'Code': StatusType_Code, - 'Reason': StatusType_Reason, - 'Primary': ParticipantsType_Primary, - 'Participant': ParticipantsType_Participant, + "RequestSecurityToken": RequestSecurityToken, + "RequestSecurityTokenType": RequestSecurityTokenType_, + "TokenType": TokenType, + "RequestType": RequestType, + "RequestTypeOpenEnum": RequestTypeOpenEnum_, + "RequestTypeEnum": RequestTypeEnum_, + "RequestSecurityTokenResponse": RequestSecurityTokenResponse, + "RequestSecurityTokenResponseType": RequestSecurityTokenResponseType_, + "RequestedSecurityToken": RequestedSecurityToken, + "RequestedSecurityTokenType": RequestedSecurityTokenType_, + "BinarySecret": BinarySecret, + "BinarySecretType": BinarySecretType_, + "BinarySecretTypeEnum": BinarySecretTypeEnum_, + "BinarySecretTypeOpenEnum": BinarySecretTypeOpenEnum_, + "Claims": Claims, + "ClaimsType": ClaimsType_, + "Entropy": Entropy, + "EntropyType": EntropyType_, + "Lifetime": Lifetime, + "LifetimeType": LifetimeType_, + "RequestSecurityTokenCollection": RequestSecurityTokenCollection, + "RequestSecurityTokenCollectionType": RequestSecurityTokenCollectionType_, + "RequestSecurityTokenResponseCollection": RequestSecurityTokenResponseCollection, + "RequestSecurityTokenResponseCollectionType": RequestSecurityTokenResponseCollectionType_, + "ComputedKey": ComputedKey, + "ComputedKeyEnum": ComputedKeyEnum_, + "ComputedKeyOpenEnum": ComputedKeyOpenEnum_, + "RequestedAttachedReference": RequestedAttachedReference, + "RequestedUnattachedReference": RequestedUnattachedReference, + "RequestedReferenceType": RequestedReferenceType_, + "RequestedProofToken": RequestedProofToken, + "RequestedProofTokenType": RequestedProofTokenType_, + "IssuedTokens": IssuedTokens, + "RenewTarget": RenewTarget, + "RenewTargetType": RenewTargetType_, + "AllowPostdating": AllowPostdating, + "AllowPostdatingType": AllowPostdatingType_, + "Renewing": Renewing, + "RenewingType": RenewingType_, + "CancelTarget": CancelTarget, + "CancelTargetType": CancelTargetType_, + "RequestedTokenCancelled": RequestedTokenCancelled, + "RequestedTokenCancelledType": RequestedTokenCancelledType_, + "ValidateTarget": ValidateTarget, + "ValidateTargetType": ValidateTargetType_, + "Status": Status, + "StatusType": StatusType_, + "StatusCodeEnum": StatusCodeEnum_, + "StatusCodeOpenEnum": StatusCodeOpenEnum_, + "SignChallenge": SignChallenge, + "SignChallengeResponse": SignChallengeResponse, + "SignChallengeType": SignChallengeType_, + "Challenge": Challenge, + "BinaryExchange": BinaryExchange, + "BinaryExchangeType": BinaryExchangeType_, + "RequestKET": RequestKET, + "RequestKETType": RequestKETType_, + "KeyExchangeToken": KeyExchangeToken, + "KeyExchangeTokenType": KeyExchangeTokenType_, + "Authenticator": Authenticator, + "AuthenticatorType": AuthenticatorType_, + "CombinedHash": CombinedHash, + "OnBehalfOf": OnBehalfOf, + "OnBehalfOfType": OnBehalfOfType_, + "Issuer": Issuer, + "AuthenticationType": AuthenticationType, + "KeyType": KeyType, + "KeyTypeEnum": KeyTypeEnum_, + "KeyTypeOpenEnum": KeyTypeOpenEnum_, + "KeySize": KeySize, + "SignatureAlgorithm": SignatureAlgorithm, + "EncryptionAlgorithm": EncryptionAlgorithm, + "CanonicalizationAlgorithm": CanonicalizationAlgorithm, + "ComputedKeyAlgorithm": ComputedKeyAlgorithm, + "Encryption": Encryption, + "EncryptionType": EncryptionType_, + "ProofEncryption": ProofEncryption, + "ProofEncryptionType": ProofEncryptionType_, + "UseKey": UseKey, + "UseKeyType": UseKeyType_, + "KeyWrapAlgorithm": KeyWrapAlgorithm, + "SignWith": SignWith, + "EncryptWith": EncryptWith, + "DelegateTo": DelegateTo, + "DelegateToType": DelegateToType_, + "Forwardable": Forwardable, + "Delegatable": Delegatable, + "Participants": Participants, + "ParticipantsType": ParticipantsType_, + "ParticipantType": ParticipantType_, + "Code": StatusType_Code, + "Reason": StatusType_Reason, + "Primary": ParticipantsType_Primary, + "Participant": ParticipantsType_Participant, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/ws/wsutil.py b/src/saml2/ws/wsutil.py index 3f93565b0..1af160c0f 100644 --- a/src/saml2/ws/wsutil.py +++ b/src/saml2/ws/wsutil.py @@ -7,155 +7,183 @@ import saml2 from saml2 import SamlBase -NAMESPACE = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd' + +NAMESPACE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" + class TTimestampFault_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:tTimestampFault element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:tTimestampFault element""" - c_tag = 'tTimestampFault' + c_tag = "tTimestampFault" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def t_timestamp_fault__from_string(xml_string): return saml2.create_class_from_xml_string(TTimestampFault_, xml_string) + class AttributedDateTime_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:AttributedDateTime element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:AttributedDateTime element""" - c_tag = 'AttributedDateTime' + c_tag = "AttributedDateTime" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Id'] = ('Id', 'anyURI', False) - - def __init__(self, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.Id=Id + c_attributes["Id"] = ("Id", "anyURI", False) + + def __init__( + self, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.Id = Id + def attributed_date_time__from_string(xml_string): return saml2.create_class_from_xml_string(AttributedDateTime_, xml_string) + class AttributedURI_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:AttributedURI element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:AttributedURI element""" - c_tag = 'AttributedURI' + c_tag = "AttributedURI" c_namespace = NAMESPACE - c_value_type = {'base': 'anyURI'} + c_value_type = {"base": "anyURI"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Id'] = ('Id', 'anyURI', False) - - def __init__(self, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.Id=Id + c_attributes["Id"] = ("Id", "anyURI", False) + + def __init__( + self, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.Id = Id + def attributed_ur_i__from_string(xml_string): return saml2.create_class_from_xml_string(AttributedURI_, xml_string) + class Expires(AttributedDateTime_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:Expires element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:Expires element""" - c_tag = 'Expires' + c_tag = "Expires" c_namespace = NAMESPACE c_children = AttributedDateTime_.c_children.copy() c_attributes = AttributedDateTime_.c_attributes.copy() c_child_order = AttributedDateTime_.c_child_order[:] c_cardinality = AttributedDateTime_.c_cardinality.copy() + def expires_from_string(xml_string): return saml2.create_class_from_xml_string(Expires, xml_string) + class Created(AttributedDateTime_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:Created element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:Created element""" - c_tag = 'Created' + c_tag = "Created" c_namespace = NAMESPACE c_children = AttributedDateTime_.c_children.copy() c_attributes = AttributedDateTime_.c_attributes.copy() c_child_order = AttributedDateTime_.c_child_order[:] c_cardinality = AttributedDateTime_.c_cardinality.copy() + def created_from_string(xml_string): return saml2.create_class_from_xml_string(Created, xml_string) + class TimestampType_(SamlBase): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:TimestampType element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:TimestampType element""" - c_tag = 'TimestampType' + c_tag = "TimestampType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Created'] = ('created', Created) - c_cardinality['created'] = {"min":0, "max":1} - c_children['{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Expires'] = ('expires', Expires) - c_cardinality['expires'] = {"min":0, "max":1} - c_attributes['Id'] = ('Id', 'anyURI', False) - c_child_order.extend(['created', 'expires']) - - def __init__(self, - created=None, - expires=None, - Id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.created=created - self.expires=expires - self.Id=Id + c_children["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Created"] = ( + "created", + Created, + ) + c_cardinality["created"] = {"min": 0, "max": 1} + c_children["{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Expires"] = ( + "expires", + Expires, + ) + c_cardinality["expires"] = {"min": 0, "max": 1} + c_attributes["Id"] = ("Id", "anyURI", False) + c_child_order.extend(["created", "expires"]) + + def __init__( + self, + created=None, + expires=None, + Id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.created = created + self.expires = expires + self.Id = Id + def timestamp_type__from_string(xml_string): return saml2.create_class_from_xml_string(TimestampType_, xml_string) + class Timestamp(TimestampType_): - """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:Timestamp element """ + """The http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd:Timestamp element""" - c_tag = 'Timestamp' + c_tag = "Timestamp" c_namespace = NAMESPACE c_children = TimestampType_.c_children.copy() c_attributes = TimestampType_.c_attributes.copy() c_child_order = TimestampType_.c_child_order[:] c_cardinality = TimestampType_.c_cardinality.copy() + def timestamp_from_string(xml_string): return saml2.create_class_from_xml_string(Timestamp, xml_string) -#.................. + +# .................. AG_commonAtts = [ - ('Id', '', False), + ("Id", "", False), ] ELEMENT_FROM_STRING = { @@ -169,16 +197,15 @@ def timestamp_from_string(xml_string): } ELEMENT_BY_TAG = { - 'tTimestampFault': TTimestampFault_, - 'AttributedDateTime': AttributedDateTime_, - 'AttributedURI': AttributedURI_, - 'TimestampType': TimestampType_, - 'Timestamp': Timestamp, - 'Expires': Expires, - 'Created': Created, + "tTimestampFault": TTimestampFault_, + "AttributedDateTime": AttributedDateTime_, + "AttributedURI": AttributedURI_, + "TimestampType": TimestampType_, + "Timestamp": Timestamp, + "Expires": Expires, + "Created": Created, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2/xml/schema/__init__.py b/src/saml2/xml/schema/__init__.py index 5ef5a8e83..e003dfc09 100644 --- a/src/saml2/xml/schema/__init__.py +++ b/src/saml2/xml/schema/__init__.py @@ -1,23 +1,52 @@ -import sys - -# importlib.resources was introduced in python 3.7 -# files API from importlib.resources introduced in python 3.9 -if sys.version_info[:2] >= (3, 9): - from importlib.resources import files as _resource_files -else: - from importlib_resources import files as _resource_files +from importlib.resources import files as _resource_files from xmlschema import XMLSchema as _XMLSchema -from xmlschema.exceptions import XMLSchemaException as XMLSchemaError +from xmlschema.exceptions import XMLSchemaException as _XMLSchemaException import saml2.data.schemas as _data_schemas -def _create_xml_schema_validator(source, **kwargs): +class XMLSchemaError(Exception): + """Generic error raised when the schema does not validate with a document""" + + +def _create_xml_schema_validator(source=None, **kwargs): + schema_resources = _resource_files(_data_schemas) + path_schema_xml = str(schema_resources.joinpath("xml.xsd")) + path_schema_envelope = str(schema_resources.joinpath("envelope.xsd")) + path_schema_xenc = str(schema_resources.joinpath("xenc-schema.xsd")) + path_schema_xenc_11 = str(schema_resources.joinpath("xenc-schema-11.xsd")) + path_schema_xmldsig_core = str(schema_resources.joinpath("xmldsig-core-schema.xsd")) + path_schema_saml_assertion = str(schema_resources.joinpath("saml-schema-assertion-2.0.xsd")) + path_schema_saml_metadata = str(schema_resources.joinpath("saml-schema-metadata-2.0.xsd")) + path_schema_saml_protocol = str(schema_resources.joinpath("saml-schema-protocol-2.0.xsd")) + path_schema_eidas_metadata_servicelist = str(schema_resources.joinpath("eidas-schema-metadata-servicelist.xsd")) + path_schema_eidas_saml_extensions = str(schema_resources.joinpath("eidas-schema-saml-extensions.xsd")) + path_schema_eidas_attribute_naturalperson = str( + schema_resources.joinpath("eidas-schema-attribute-naturalperson.xsd") + ) + path_schema_eidas_attribute_legalperson = str(schema_resources.joinpath("eidas-schema-attribute-legalperson.xsd")) + + source = source if source else path_schema_saml_protocol + locations = { + "http://www.w3.org/XML/1998/namespace": path_schema_xml, + "http://schemas.xmlsoap.org/soap/envelope/": path_schema_envelope, + "http://www.w3.org/2001/04/xmlenc#": path_schema_xenc, + "http://www.w3.org/2009/xmlenc11#": path_schema_xenc_11, + "http://www.w3.org/2000/09/xmldsig#": path_schema_xmldsig_core, + "urn:oasis:names:tc:SAML:2.0:assertion": path_schema_saml_assertion, + "urn:oasis:names:tc:SAML:2.0:metadata": path_schema_saml_metadata, + "urn:oasis:names:tc:SAML:2.0:protocol": path_schema_saml_protocol, + "http://eidas.europa.eu/metadata/servicelist": path_schema_eidas_metadata_servicelist, + "http://eidas.europa.eu/saml-extensions": path_schema_eidas_saml_extensions, + "http://eidas.europa.eu/attributes/naturalperson": path_schema_eidas_attribute_naturalperson, + "http://eidas.europa.eu/attributes/legalperson": path_schema_eidas_attribute_legalperson, + } + kwargs = { **kwargs, "validation": "strict", - "locations": _locations, + "locations": locations, "base_url": source, "allow": "sandbox", "use_fallback": False, @@ -25,54 +54,22 @@ def _create_xml_schema_validator(source, **kwargs): return _XMLSchema(source, **kwargs) -_schema_resources = _resource_files(_data_schemas) -_path_schema_xml = str(_schema_resources.joinpath("xml.xsd")) -_path_schema_envelope = str(_schema_resources.joinpath("envelope.xsd")) -_path_schema_xenc = str(_schema_resources.joinpath("xenc-schema.xsd")) -_path_schema_xmldsig_core = str(_schema_resources.joinpath("xmldsig-core-schema.xsd")) -_path_schema_saml_assertion = str( - _schema_resources.joinpath("saml-schema-assertion-2.0.xsd") -) -_path_schema_saml_metadata = str( - _schema_resources.joinpath("saml-schema-metadata-2.0.xsd") -) -_path_schema_saml_protocol = str( - _schema_resources.joinpath("saml-schema-protocol-2.0.xsd") -) - -_locations = { - "http://www.w3.org/XML/1998/namespace": _path_schema_xml, - "http://schemas.xmlsoap.org/soap/envelope/": _path_schema_envelope, - "http://www.w3.org/2001/04/xmlenc#": _path_schema_xenc, - "http://www.w3.org/2000/09/xmldsig#": _path_schema_xmldsig_core, - "urn:oasis:names:tc:SAML:2.0:assertion": _path_schema_saml_assertion, - "urn:oasis:names:tc:SAML:2.0:metadata": _path_schema_saml_metadata, - "urn:oasis:names:tc:SAML:2.0:protocol": _path_schema_saml_protocol, -} +_schema_validator_default = _create_xml_schema_validator() -schema_saml_assertion = _create_xml_schema_validator(_path_schema_saml_assertion) -schema_saml_metadata = _create_xml_schema_validator(_path_schema_saml_metadata) -schema_saml_protocol = _create_xml_schema_validator(_path_schema_saml_protocol) -node_to_schema = { - # AssertionType - "urn:oasis:names:tc:SAML:2.0:assertion:Assertion": schema_saml_assertion, - # EntitiesDescriptorType - "urn:oasis:names:tc:SAML:2.0:metadata:EntitiesDescriptor": schema_saml_metadata, - # EntityDescriptorType - "urn:oasis:names:tc:SAML:2.0:metadata:EntityDescriptor": schema_saml_metadata, - # RequestAbstractType - "urn:oasis:names:tc:SAML:2.0:protocol:AssertionIDRequest": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:SubjectQuery": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:AuthnRequest": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResolve": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:ManageNameIDRequest": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:LogoutRequest": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingRequest": schema_saml_protocol, - # StatusResponseType - "urn:oasis:names:tc:SAML:2.0:protocol:Response": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:ArtifactResponse": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:ManageNameIDResponse": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:LogoutResponse": schema_saml_protocol, - "urn:oasis:names:tc:SAML:2.0:protocol:NameIDMappingResponse": schema_saml_protocol, -} +def validate(doc, validator=None): + validator = _schema_validator_default if validator is None else validator + try: + validator.validate(doc) + except _XMLSchemaException as e: + error_context = { + "doc": doc, + "error": str(e), + } + raise XMLSchemaError(error_context) from e + except Exception as e: + error_context = { + "doc": doc, + "error": str(e), + } + raise XMLSchemaError(error_context) from e diff --git a/src/saml2/xmldsig/__init__.py b/src/saml2/xmldsig/__init__.py index 4177601fc..85f892632 100644 --- a/src/saml2/xmldsig/__init__.py +++ b/src/saml2/xmldsig/__init__.py @@ -7,57 +7,62 @@ import saml2 from saml2 import SamlBase -NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#' -ENCODING_BASE64 = 'http://www.w3.org/2000/09/xmldsig#base64' +NAMESPACE = "http://www.w3.org/2000/09/xmldsig#" + +ENCODING_BASE64 = "http://www.w3.org/2000/09/xmldsig#base64" # digest and signature algorithms (not implemented = commented out) -DIGEST_MD5 = 'http://www.w3.org/2001/04/xmldsig-more#md5' # test framework +DIGEST_MD5 = "http://www.w3.org/2001/04/xmldsig-more#md5" # test framework # only! -DIGEST_SHA1 = 'http://www.w3.org/2000/09/xmldsig#sha1' -DIGEST_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#sha224' -DIGEST_SHA256 = 'http://www.w3.org/2001/04/xmlenc#sha256' -DIGEST_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#sha384' -DIGEST_SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512' -DIGEST_RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160' +DIGEST_SHA1 = "http://www.w3.org/2000/09/xmldsig#sha1" +DIGEST_SHA224 = "http://www.w3.org/2001/04/xmldsig-more#sha224" +DIGEST_SHA256 = "http://www.w3.org/2001/04/xmlenc#sha256" +DIGEST_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#sha384" +DIGEST_SHA512 = "http://www.w3.org/2001/04/xmlenc#sha512" +DIGEST_RIPEMD160 = "http://www.w3.org/2001/04/xmlenc#ripemd160" digest_default = DIGEST_SHA1 -DIGEST_ALLOWED_ALG = (('DIGEST_SHA1', DIGEST_SHA1), - ('DIGEST_SHA224', DIGEST_SHA224), - ('DIGEST_SHA256', DIGEST_SHA256), - ('DIGEST_SHA384', DIGEST_SHA384), - ('DIGEST_SHA512', DIGEST_SHA512), - ('DIGEST_RIPEMD160', DIGEST_RIPEMD160)) -DIGEST_AVAIL_ALG = DIGEST_ALLOWED_ALG + (('DIGEST_MD5', DIGEST_MD5),) - -SIG_DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1' -SIG_DSA_SHA256 = 'http://www.w3.org/2009/xmldsig11#dsa-sha256' -SIG_ECDSA_SHA1 = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1' -SIG_ECDSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224' -SIG_ECDSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256' -SIG_ECDSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384' -SIG_ECDSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512' -SIG_RSA_MD5 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-md5' # test framework -SIG_RSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1' -SIG_RSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha224' -SIG_RSA_SHA256 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' -SIG_RSA_SHA384 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha384' -SIG_RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512' -SIG_RSA_RIPEMD160 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160' +DIGEST_ALLOWED_ALG = ( + ("DIGEST_SHA1", DIGEST_SHA1), + ("DIGEST_SHA224", DIGEST_SHA224), + ("DIGEST_SHA256", DIGEST_SHA256), + ("DIGEST_SHA384", DIGEST_SHA384), + ("DIGEST_SHA512", DIGEST_SHA512), + ("DIGEST_RIPEMD160", DIGEST_RIPEMD160), +) +DIGEST_AVAIL_ALG = DIGEST_ALLOWED_ALG + (("DIGEST_MD5", DIGEST_MD5),) + +SIG_DSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#dsa-sha1" +SIG_DSA_SHA256 = "http://www.w3.org/2009/xmldsig11#dsa-sha256" +SIG_ECDSA_SHA1 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1" +SIG_ECDSA_SHA224 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha224" +SIG_ECDSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256" +SIG_ECDSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha384" +SIG_ECDSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha512" +SIG_RSA_MD5 = "http://www.w3.org/2001/04/xmldsig-more#rsa-md5" # test framework +SIG_RSA_SHA1 = "http://www.w3.org/2000/09/xmldsig#rsa-sha1" +SIG_RSA_SHA224 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha224" +SIG_RSA_SHA256 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" +SIG_RSA_SHA384 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha384" +SIG_RSA_SHA512 = "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" +SIG_RSA_RIPEMD160 = "http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160" sig_default = SIG_RSA_SHA1 -SIG_ALLOWED_ALG = (('SIG_RSA_SHA1', SIG_RSA_SHA1), - ('SIG_RSA_SHA224', SIG_RSA_SHA224), - ('SIG_RSA_SHA256', SIG_RSA_SHA256), - ('SIG_RSA_SHA384', SIG_RSA_SHA384), - ('SIG_RSA_SHA512', SIG_RSA_SHA512)) -SIG_AVAIL_ALG = SIG_ALLOWED_ALG + (('SIG_RSA_MD5', SIG_RSA_MD5),) - -MAC_SHA1 = 'http://www.w3.org/2000/09/xmldsig#hmac-sha1' - -TRANSFORM_XSLT = 'http://www.w3.org/TR/1999/REC-xslt-19991116' -TRANSFORM_XPATH = 'http://www.w3.org/TR/1999/REC-xpath-19991116' -TRANSFORM_ENVELOPED = 'http://www.w3.org/2000/09/xmldsig#enveloped-signature' -TRANSFORM_C14N = 'http://www.w3.org/2001/10/xml-exc-c14n#' -TRANSFORM_C14N_WITH_COMMENTS = 'http://www.w3.org/2001/10/xml-exc-c14n#WithComments' +SIG_ALLOWED_ALG = ( + ("SIG_RSA_SHA1", SIG_RSA_SHA1), + ("SIG_RSA_SHA224", SIG_RSA_SHA224), + ("SIG_RSA_SHA256", SIG_RSA_SHA256), + ("SIG_RSA_SHA384", SIG_RSA_SHA384), + ("SIG_RSA_SHA512", SIG_RSA_SHA512), +) +SIG_AVAIL_ALG = SIG_ALLOWED_ALG + (("SIG_RSA_MD5", SIG_RSA_MD5),) + +MAC_SHA1 = "http://www.w3.org/2000/09/xmldsig#hmac-sha1" + +TRANSFORM_XSLT = "http://www.w3.org/TR/1999/REC-xslt-19991116" +TRANSFORM_XPATH = "http://www.w3.org/TR/1999/REC-xpath-19991116" +TRANSFORM_ENVELOPED = "http://www.w3.org/2000/09/xmldsig#enveloped-signature" +TRANSFORM_C14N = "http://www.w3.org/2001/10/xml-exc-c14n#" +TRANSFORM_C14N_WITH_COMMENTS = "http://www.w3.org/2001/10/xml-exc-c14n#WithComments" ALLOWED_CANONICALIZATIONS = { TRANSFORM_C14N, @@ -69,8 +74,9 @@ TRANSFORM_C14N_WITH_COMMENTS, } -class DefaultSignature(object): - class _DefaultSignature(object): + +class DefaultSignature: + class _DefaultSignature: def __init__(self, sign_alg=None, digest_alg=None): if sign_alg is None: self.sign_alg = sig_default @@ -83,6 +89,7 @@ def __init__(self, sign_alg=None, digest_alg=None): def __str__(self): return repr(self) + self.sign_alg + instance = None def __init__(self, sign_alg=None, digest_alg=None): @@ -100,11 +107,11 @@ def get_digest_alg(self): class CryptoBinary_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:CryptoBinary element """ + """The http://www.w3.org/2000/09/xmldsig#:CryptoBinary element""" - c_tag = 'CryptoBinary' + c_tag = "CryptoBinary" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -116,28 +123,30 @@ def crypto_binary__from_string(xml_string): class SignatureValueType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:SignatureValueType element """ + """The http://www.w3.org/2000/09/xmldsig#:SignatureValueType element""" - c_tag = 'SignatureValueType' + c_tag = "SignatureValueType" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Id'] = ('id', 'ID', False) - - def __init__(self, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_attributes["Id"] = ("id", "ID", False) + + def __init__( + self, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.id = id @@ -147,39 +156,40 @@ def signature_value_type__from_string(xml_string): class CanonicalizationMethodType_(SamlBase): """The http://www.w3.org/2000/09/xmldsig#:CanonicalizationMethodType - element """ + element""" - c_tag = 'CanonicalizationMethodType' + c_tag = "CanonicalizationMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - - def __init__(self, - algorithm=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + + def __init__( + self, + algorithm=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.algorithm = algorithm def canonicalization_method_type__from_string(xml_string): - return saml2.create_class_from_xml_string(CanonicalizationMethodType_, - xml_string) + return saml2.create_class_from_xml_string(CanonicalizationMethodType_, xml_string) class TransformType_XPath(SamlBase): - c_tag = 'XPath' + c_tag = "XPath" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -191,32 +201,33 @@ def transform_type__x_path_from_string(xml_string): class TransformType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:TransformType element """ + """The http://www.w3.org/2000/09/xmldsig#:TransformType element""" - c_tag = 'TransformType' + c_tag = "TransformType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}XPath'] = ( - 'x_path', [TransformType_XPath]) - c_cardinality['x_path'] = {"min": 0} - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - c_child_order.extend(['x_path']) - - def __init__(self, - x_path=None, - algorithm=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}XPath"] = ("x_path", [TransformType_XPath]) + c_cardinality["x_path"] = {"min": 0} + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + c_child_order.extend(["x_path"]) + + def __init__( + self, + x_path=None, + algorithm=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.x_path = x_path or [] self.algorithm = algorithm @@ -226,27 +237,29 @@ def transform_type__from_string(xml_string): class DigestMethodType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:DigestMethodType element """ + """The http://www.w3.org/2000/09/xmldsig#:DigestMethodType element""" - c_tag = 'DigestMethodType' + c_tag = "DigestMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - - def __init__(self, - algorithm=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + + def __init__( + self, + algorithm=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.algorithm = algorithm @@ -255,11 +268,11 @@ def digest_method_type__from_string(xml_string): class DigestValueType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:DigestValueType element """ + """The http://www.w3.org/2000/09/xmldsig#:DigestValueType element""" - c_tag = 'DigestValueType' + c_tag = "DigestValueType" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -271,11 +284,11 @@ def digest_value_type__from_string(xml_string): class KeyName(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:KeyName element """ + """The http://www.w3.org/2000/09/xmldsig#:KeyName element""" - c_tag = 'KeyName' + c_tag = "KeyName" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -287,11 +300,11 @@ def key_name_from_string(xml_string): class MgmtData(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:MgmtData element """ + """The http://www.w3.org/2000/09/xmldsig#:MgmtData element""" - c_tag = 'MgmtData' + c_tag = "MgmtData" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -303,9 +316,9 @@ def mgmt_data_from_string(xml_string): class X509IssuerName(SamlBase): - c_tag = 'X509IssuerName' + c_tag = "X509IssuerName" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -317,9 +330,9 @@ def x509_issuer_name_from_string(xml_string): class X509SerialNumber(SamlBase): - c_tag = 'X509SerialNumber' + c_tag = "X509SerialNumber" c_namespace = NAMESPACE - c_value_type = {'base': 'integer'} + c_value_type = {"base": "integer"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -331,32 +344,32 @@ def x509_serial_number_from_string(xml_string): class X509IssuerSerialType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:X509IssuerSerialType element """ + """The http://www.w3.org/2000/09/xmldsig#:X509IssuerSerialType element""" - c_tag = 'X509IssuerSerialType' + c_tag = "X509IssuerSerialType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}X509IssuerName'] = ( - 'x509_issuer_name', X509IssuerName) - c_children['{http://www.w3.org/2000/09/xmldsig#}X509SerialNumber'] = ( - 'x509_serial_number', X509SerialNumber) - c_child_order.extend(['x509_issuer_name', 'x509_serial_number']) - - def __init__(self, - x509_issuer_name=None, - x509_serial_number=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}X509IssuerName"] = ("x509_issuer_name", X509IssuerName) + c_children["{http://www.w3.org/2000/09/xmldsig#}X509SerialNumber"] = ("x509_serial_number", X509SerialNumber) + c_child_order.extend(["x509_issuer_name", "x509_serial_number"]) + + def __init__( + self, + x509_issuer_name=None, + x509_serial_number=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.x509_issuer_name = x509_issuer_name self.x509_serial_number = x509_serial_number @@ -366,9 +379,9 @@ def x509_issuer_serial_type__from_string(xml_string): class PGPKeyID(SamlBase): - c_tag = 'PGPKeyID' + c_tag = "PGPKeyID" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -380,9 +393,9 @@ def pgp_key_id_from_string(xml_string): class PGPKeyPacket(SamlBase): - c_tag = 'PGPKeyPacket' + c_tag = "PGPKeyPacket" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -394,33 +407,33 @@ def pgp_key_packet_from_string(xml_string): class PGPDataType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:PGPDataType element """ + """The http://www.w3.org/2000/09/xmldsig#:PGPDataType element""" - c_tag = 'PGPDataType' + c_tag = "PGPDataType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}PGPKeyID'] = ( - 'pgp_key_id', PGPKeyID) - c_children['{http://www.w3.org/2000/09/xmldsig#}PGPKeyPacket'] = ( - 'pgp_key_packet', PGPKeyPacket) - c_cardinality['pgp_key_packet'] = {"min": 0, "max": 1} - c_child_order.extend(['pgp_key_id', 'pgp_key_packet']) - - def __init__(self, - pgp_key_id=None, - pgp_key_packet=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}PGPKeyID"] = ("pgp_key_id", PGPKeyID) + c_children["{http://www.w3.org/2000/09/xmldsig#}PGPKeyPacket"] = ("pgp_key_packet", PGPKeyPacket) + c_cardinality["pgp_key_packet"] = {"min": 0, "max": 1} + c_child_order.extend(["pgp_key_id", "pgp_key_packet"]) + + def __init__( + self, + pgp_key_id=None, + pgp_key_packet=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.pgp_key_id = pgp_key_id self.pgp_key_packet = pgp_key_packet @@ -430,9 +443,9 @@ def pgp_data_type__from_string(xml_string): class SPKISexp(SamlBase): - c_tag = 'SPKISexp' + c_tag = "SPKISexp" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -444,30 +457,31 @@ def spki_sexp_from_string(xml_string): class SPKIDataType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:SPKIDataType element """ + """The http://www.w3.org/2000/09/xmldsig#:SPKIDataType element""" - c_tag = 'SPKIDataType' + c_tag = "SPKIDataType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}SPKISexp'] = ('spki_sexp', - [SPKISexp]) - c_cardinality['spki_sexp'] = {"min": 1} - c_child_order.extend(['spki_sexp']) - - def __init__(self, - spki_sexp=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}SPKISexp"] = ("spki_sexp", [SPKISexp]) + c_cardinality["spki_sexp"] = {"min": 1} + c_child_order.extend(["spki_sexp"]) + + def __init__( + self, + spki_sexp=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.spki_sexp = spki_sexp or [] @@ -476,31 +490,33 @@ def spki_data_type__from_string(xml_string): class ObjectType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:ObjectType element """ + """The http://www.w3.org/2000/09/xmldsig#:ObjectType element""" - c_tag = 'ObjectType' + c_tag = "ObjectType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Id'] = ('id', 'ID', False) - c_attributes['MimeType'] = ('mime_type', 'string', False) - c_attributes['Encoding'] = ('encoding', 'anyURI', False) - - def __init__(self, - id=None, - mime_type=None, - encoding=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_attributes["Id"] = ("id", "ID", False) + c_attributes["MimeType"] = ("mime_type", "string", False) + c_attributes["Encoding"] = ("encoding", "anyURI", False) + + def __init__( + self, + id=None, + mime_type=None, + encoding=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.id = id self.mime_type = mime_type self.encoding = encoding @@ -511,44 +527,45 @@ def object_type__from_string(xml_string): class SignaturePropertyType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:SignaturePropertyType element """ + """The http://www.w3.org/2000/09/xmldsig#:SignaturePropertyType element""" - c_tag = 'SignaturePropertyType' + c_tag = "SignaturePropertyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Target'] = ('target', 'anyURI', True) - c_attributes['Id'] = ('id', 'ID', False) - - def __init__(self, - target=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_attributes["Target"] = ("target", "anyURI", True) + c_attributes["Id"] = ("id", "ID", False) + + def __init__( + self, + target=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.target = target self.id = id def signature_property_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SignaturePropertyType_, - xml_string) + return saml2.create_class_from_xml_string(SignaturePropertyType_, xml_string) class HMACOutputLengthType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:HMACOutputLengthType element """ + """The http://www.w3.org/2000/09/xmldsig#:HMACOutputLengthType element""" - c_tag = 'HMACOutputLengthType' + c_tag = "HMACOutputLengthType" c_namespace = NAMESPACE - c_value_type = {'base': 'integer'} + c_value_type = {"base": "integer"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -560,7 +577,7 @@ def hmac_output_length_type__from_string(xml_string): class P(CryptoBinary_): - c_tag = 'P' + c_tag = "P" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -573,7 +590,7 @@ def p_from_string(xml_string): class Q(CryptoBinary_): - c_tag = 'Q' + c_tag = "Q" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -586,7 +603,7 @@ def q_from_string(xml_string): class G(CryptoBinary_): - c_tag = 'G' + c_tag = "G" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -599,7 +616,7 @@ def g_from_string(xml_string): class Y(CryptoBinary_): - c_tag = 'Y' + c_tag = "Y" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -612,7 +629,7 @@ def y_from_string(xml_string): class J(CryptoBinary_): - c_tag = 'J' + c_tag = "J" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -625,7 +642,7 @@ def j_from_string(xml_string): class Seed(CryptoBinary_): - c_tag = 'Seed' + c_tag = "Seed" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -638,7 +655,7 @@ def seed_from_string(xml_string): class PgenCounter(CryptoBinary_): - c_tag = 'PgenCounter' + c_tag = "PgenCounter" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -651,47 +668,48 @@ def pgen_counter_from_string(xml_string): class DSAKeyValueType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:DSAKeyValueType element """ + """The http://www.w3.org/2000/09/xmldsig#:DSAKeyValueType element""" - c_tag = 'DSAKeyValueType' + c_tag = "DSAKeyValueType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}P'] = ('p', P) - c_cardinality['p'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}Q'] = ('q', Q) - c_cardinality['q'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}G'] = ('g', G) - c_cardinality['g'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}Y'] = ('y', Y) - c_children['{http://www.w3.org/2000/09/xmldsig#}J'] = ('j', J) - c_cardinality['j'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}Seed'] = ('seed', Seed) - c_cardinality['seed'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}PgenCounter'] = ( - 'pgen_counter', PgenCounter) - c_cardinality['pgen_counter'] = {"min": 0, "max": 1} - c_child_order.extend(['p', 'q', 'g', 'y', 'j', 'seed', 'pgen_counter']) - - def __init__(self, - p=None, - q=None, - g=None, - y=None, - j=None, - seed=None, - pgen_counter=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}P"] = ("p", P) + c_cardinality["p"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}Q"] = ("q", Q) + c_cardinality["q"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}G"] = ("g", G) + c_cardinality["g"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}Y"] = ("y", Y) + c_children["{http://www.w3.org/2000/09/xmldsig#}J"] = ("j", J) + c_cardinality["j"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}Seed"] = ("seed", Seed) + c_cardinality["seed"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}PgenCounter"] = ("pgen_counter", PgenCounter) + c_cardinality["pgen_counter"] = {"min": 0, "max": 1} + c_child_order.extend(["p", "q", "g", "y", "j", "seed", "pgen_counter"]) + + def __init__( + self, + p=None, + q=None, + g=None, + y=None, + j=None, + seed=None, + pgen_counter=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.p = p self.q = q self.g = g @@ -706,7 +724,7 @@ def dsa_key_value_type__from_string(xml_string): class Modulus(CryptoBinary_): - c_tag = 'Modulus' + c_tag = "Modulus" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -719,7 +737,7 @@ def modulus_from_string(xml_string): class Exponent(CryptoBinary_): - c_tag = 'Exponent' + c_tag = "Exponent" c_namespace = NAMESPACE c_children = CryptoBinary_.c_children.copy() c_attributes = CryptoBinary_.c_attributes.copy() @@ -732,32 +750,32 @@ def exponent_from_string(xml_string): class RSAKeyValueType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:RSAKeyValueType element """ + """The http://www.w3.org/2000/09/xmldsig#:RSAKeyValueType element""" - c_tag = 'RSAKeyValueType' + c_tag = "RSAKeyValueType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Modulus'] = ('modulus', - Modulus) - c_children['{http://www.w3.org/2000/09/xmldsig#}Exponent'] = ('exponent', - Exponent) - c_child_order.extend(['modulus', 'exponent']) - - def __init__(self, - modulus=None, - exponent=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}Modulus"] = ("modulus", Modulus) + c_children["{http://www.w3.org/2000/09/xmldsig#}Exponent"] = ("exponent", Exponent) + c_child_order.extend(["modulus", "exponent"]) + + def __init__( + self, + modulus=None, + exponent=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.modulus = modulus self.exponent = exponent @@ -767,9 +785,9 @@ def rsa_key_value_type__from_string(xml_string): class SignatureValue(SignatureValueType_): - """The http://www.w3.org/2000/09/xmldsig#:SignatureValue element """ + """The http://www.w3.org/2000/09/xmldsig#:SignatureValue element""" - c_tag = 'SignatureValue' + c_tag = "SignatureValue" c_namespace = NAMESPACE c_children = SignatureValueType_.c_children.copy() c_attributes = SignatureValueType_.c_attributes.copy() @@ -782,9 +800,9 @@ def signature_value_from_string(xml_string): class CanonicalizationMethod(CanonicalizationMethodType_): - """The http://www.w3.org/2000/09/xmldsig#:CanonicalizationMethod element """ + """The http://www.w3.org/2000/09/xmldsig#:CanonicalizationMethod element""" - c_tag = 'CanonicalizationMethod' + c_tag = "CanonicalizationMethod" c_namespace = NAMESPACE c_children = CanonicalizationMethodType_.c_children.copy() c_attributes = CanonicalizationMethodType_.c_attributes.copy() @@ -793,12 +811,11 @@ class CanonicalizationMethod(CanonicalizationMethodType_): def canonicalization_method_from_string(xml_string): - return saml2.create_class_from_xml_string(CanonicalizationMethod, - xml_string) + return saml2.create_class_from_xml_string(CanonicalizationMethod, xml_string) class HMACOutputLength(HMACOutputLengthType_): - c_tag = 'HMACOutputLength' + c_tag = "HMACOutputLength" c_namespace = NAMESPACE c_children = HMACOutputLengthType_.c_children.copy() c_attributes = HMACOutputLengthType_.c_attributes.copy() @@ -811,32 +828,33 @@ def hmac_output_length_from_string(xml_string): class SignatureMethodType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:SignatureMethodType element """ + """The http://www.w3.org/2000/09/xmldsig#:SignatureMethodType element""" - c_tag = 'SignatureMethodType' + c_tag = "SignatureMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}HMACOutputLength'] = ( - 'hmac_output_length', HMACOutputLength) - c_cardinality['hmac_output_length'] = {"min": 0, "max": 1} - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - c_child_order.extend(['hmac_output_length']) - - def __init__(self, - hmac_output_length=None, - algorithm=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}HMACOutputLength"] = ("hmac_output_length", HMACOutputLength) + c_cardinality["hmac_output_length"] = {"min": 0, "max": 1} + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + c_child_order.extend(["hmac_output_length"]) + + def __init__( + self, + hmac_output_length=None, + algorithm=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.hmac_output_length = hmac_output_length self.algorithm = algorithm @@ -846,9 +864,9 @@ def signature_method_type__from_string(xml_string): class Transform(TransformType_): - """The http://www.w3.org/2000/09/xmldsig#:Transform element """ + """The http://www.w3.org/2000/09/xmldsig#:Transform element""" - c_tag = 'Transform' + c_tag = "Transform" c_namespace = NAMESPACE c_children = TransformType_.c_children.copy() c_attributes = TransformType_.c_attributes.copy() @@ -861,9 +879,9 @@ def transform_from_string(xml_string): class DigestMethod(DigestMethodType_): - """The http://www.w3.org/2000/09/xmldsig#:DigestMethod element """ + """The http://www.w3.org/2000/09/xmldsig#:DigestMethod element""" - c_tag = 'DigestMethod' + c_tag = "DigestMethod" c_namespace = NAMESPACE c_children = DigestMethodType_.c_children.copy() c_attributes = DigestMethodType_.c_attributes.copy() @@ -876,9 +894,9 @@ def digest_method_from_string(xml_string): class DigestValue(DigestValueType_): - """The http://www.w3.org/2000/09/xmldsig#:DigestValue element """ + """The http://www.w3.org/2000/09/xmldsig#:DigestValue element""" - c_tag = 'DigestValue' + c_tag = "DigestValue" c_namespace = NAMESPACE c_children = DigestValueType_.c_children.copy() c_attributes = DigestValueType_.c_attributes.copy() @@ -891,7 +909,7 @@ def digest_value_from_string(xml_string): class X509IssuerSerial(X509IssuerSerialType_): - c_tag = 'X509IssuerSerial' + c_tag = "X509IssuerSerial" c_namespace = NAMESPACE c_children = X509IssuerSerialType_.c_children.copy() c_attributes = X509IssuerSerialType_.c_attributes.copy() @@ -904,9 +922,9 @@ def x509_issuer_serial_from_string(xml_string): class X509SKI(SamlBase): - c_tag = 'X509SKI' + c_tag = "X509SKI" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -918,9 +936,9 @@ def x509_ski_from_string(xml_string): class X509SubjectName(SamlBase): - c_tag = 'X509SubjectName' + c_tag = "X509SubjectName" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -932,9 +950,9 @@ def x509_subject_name_from_string(xml_string): class X509Certificate(SamlBase): - c_tag = 'X509Certificate' + c_tag = "X509Certificate" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -946,9 +964,9 @@ def x509_certificate_from_string(xml_string): class X509CRL(SamlBase): - c_tag = 'X509CRL' + c_tag = "X509CRL" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] @@ -960,50 +978,43 @@ def x509_crl_from_string(xml_string): class X509DataType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:X509DataType element """ + """The http://www.w3.org/2000/09/xmldsig#:X509DataType element""" - c_tag = 'X509DataType' + c_tag = "X509DataType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}X509IssuerSerial'] = ( - 'x509_issuer_serial', - X509IssuerSerial) - c_cardinality['x509_issuer_serial'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}X509SKI'] = ('x509_ski', - X509SKI) - c_cardinality['x509_ski'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}X509SubjectName'] = ( - 'x509_subject_name', - X509SubjectName) - c_cardinality['x509_subject_name'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}X509Certificate'] = ( - 'x509_certificate', - X509Certificate) - c_cardinality['x509_certificate'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}X509CRL'] = ('x509_crl', - X509CRL) - c_cardinality['x509_crl'] = {"min": 0, "max": 1} - c_child_order.extend(['x509_issuer_serial', 'x509_ski', 'x509_subject_name', - 'x509_certificate', 'x509_crl']) - - def __init__(self, - x509_issuer_serial=None, - x509_ski=None, - x509_subject_name=None, - x509_certificate=None, - x509_crl=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}X509IssuerSerial"] = ("x509_issuer_serial", X509IssuerSerial) + c_cardinality["x509_issuer_serial"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}X509SKI"] = ("x509_ski", X509SKI) + c_cardinality["x509_ski"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}X509SubjectName"] = ("x509_subject_name", X509SubjectName) + c_cardinality["x509_subject_name"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}X509Certificate"] = ("x509_certificate", X509Certificate) + c_cardinality["x509_certificate"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}X509CRL"] = ("x509_crl", X509CRL) + c_cardinality["x509_crl"] = {"min": 0, "max": 1} + c_child_order.extend(["x509_issuer_serial", "x509_ski", "x509_subject_name", "x509_certificate", "x509_crl"]) + + def __init__( + self, + x509_issuer_serial=None, + x509_ski=None, + x509_subject_name=None, + x509_certificate=None, + x509_crl=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.x509_issuer_serial = x509_issuer_serial self.x509_ski = x509_ski self.x509_subject_name = x509_subject_name @@ -1016,9 +1027,9 @@ def x509_data_type__from_string(xml_string): class PGPData(PGPDataType_): - """The http://www.w3.org/2000/09/xmldsig#:PGPData element """ + """The http://www.w3.org/2000/09/xmldsig#:PGPData element""" - c_tag = 'PGPData' + c_tag = "PGPData" c_namespace = NAMESPACE c_children = PGPDataType_.c_children.copy() c_attributes = PGPDataType_.c_attributes.copy() @@ -1031,9 +1042,9 @@ def pgp_data_from_string(xml_string): class SPKIData(SPKIDataType_): - """The http://www.w3.org/2000/09/xmldsig#:SPKIData element """ + """The http://www.w3.org/2000/09/xmldsig#:SPKIData element""" - c_tag = 'SPKIData' + c_tag = "SPKIData" c_namespace = NAMESPACE c_children = SPKIDataType_.c_children.copy() c_attributes = SPKIDataType_.c_attributes.copy() @@ -1046,9 +1057,9 @@ def spki_data_from_string(xml_string): class Object(ObjectType_): - """The http://www.w3.org/2000/09/xmldsig#:Object element """ + """The http://www.w3.org/2000/09/xmldsig#:Object element""" - c_tag = 'Object' + c_tag = "Object" c_namespace = NAMESPACE c_children = ObjectType_.c_children.copy() c_attributes = ObjectType_.c_attributes.copy() @@ -1061,9 +1072,9 @@ def object_from_string(xml_string): class SignatureProperty(SignaturePropertyType_): - """The http://www.w3.org/2000/09/xmldsig#:SignatureProperty element """ + """The http://www.w3.org/2000/09/xmldsig#:SignatureProperty element""" - c_tag = 'SignatureProperty' + c_tag = "SignatureProperty" c_namespace = NAMESPACE c_children = SignaturePropertyType_.c_children.copy() c_attributes = SignaturePropertyType_.c_attributes.copy() @@ -1076,9 +1087,9 @@ def signature_property_from_string(xml_string): class DSAKeyValue(DSAKeyValueType_): - """The http://www.w3.org/2000/09/xmldsig#:DSAKeyValue element """ + """The http://www.w3.org/2000/09/xmldsig#:DSAKeyValue element""" - c_tag = 'DSAKeyValue' + c_tag = "DSAKeyValue" c_namespace = NAMESPACE c_children = DSAKeyValueType_.c_children.copy() c_attributes = DSAKeyValueType_.c_attributes.copy() @@ -1091,9 +1102,9 @@ def dsa_key_value_from_string(xml_string): class RSAKeyValue(RSAKeyValueType_): - """The http://www.w3.org/2000/09/xmldsig#:RSAKeyValue element """ + """The http://www.w3.org/2000/09/xmldsig#:RSAKeyValue element""" - c_tag = 'RSAKeyValue' + c_tag = "RSAKeyValue" c_namespace = NAMESPACE c_children = RSAKeyValueType_.c_children.copy() c_attributes = RSAKeyValueType_.c_attributes.copy() @@ -1106,9 +1117,9 @@ def rsa_key_value_from_string(xml_string): class SignatureMethod(SignatureMethodType_): - """The http://www.w3.org/2000/09/xmldsig#:SignatureMethod element """ + """The http://www.w3.org/2000/09/xmldsig#:SignatureMethod element""" - c_tag = 'SignatureMethod' + c_tag = "SignatureMethod" c_namespace = NAMESPACE c_children = SignatureMethodType_.c_children.copy() c_attributes = SignatureMethodType_.c_attributes.copy() @@ -1121,30 +1132,31 @@ def signature_method_from_string(xml_string): class TransformsType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:TransformsType element """ + """The http://www.w3.org/2000/09/xmldsig#:TransformsType element""" - c_tag = 'TransformsType' + c_tag = "TransformsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Transform'] = ('transform', - [Transform]) - c_cardinality['transform'] = {"min": 1} - c_child_order.extend(['transform']) - - def __init__(self, - transform=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}Transform"] = ("transform", [Transform]) + c_cardinality["transform"] = {"min": 1} + c_child_order.extend(["transform"]) + + def __init__( + self, + transform=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.transform = transform or [] @@ -1153,34 +1165,34 @@ def transforms_type__from_string(xml_string): class KeyValueType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:KeyValueType element """ + """The http://www.w3.org/2000/09/xmldsig#:KeyValueType element""" - c_tag = 'KeyValueType' + c_tag = "KeyValueType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}DSAKeyValue'] = ( - 'dsa_key_value', DSAKeyValue) - c_cardinality['dsa_key_value'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}RSAKeyValue'] = ( - 'rsa_key_value', RSAKeyValue) - c_cardinality['rsa_key_value'] = {"min": 0, "max": 1} - c_child_order.extend(['dsa_key_value', 'rsa_key_value']) - - def __init__(self, - dsa_key_value=None, - rsa_key_value=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}DSAKeyValue"] = ("dsa_key_value", DSAKeyValue) + c_cardinality["dsa_key_value"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}RSAKeyValue"] = ("rsa_key_value", RSAKeyValue) + c_cardinality["rsa_key_value"] = {"min": 0, "max": 1} + c_child_order.extend(["dsa_key_value", "rsa_key_value"]) + + def __init__( + self, + dsa_key_value=None, + rsa_key_value=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.dsa_key_value = dsa_key_value self.rsa_key_value = rsa_key_value @@ -1190,9 +1202,9 @@ def key_value_type__from_string(xml_string): class X509Data(X509DataType_): - """The http://www.w3.org/2000/09/xmldsig#:X509Data element """ + """The http://www.w3.org/2000/09/xmldsig#:X509Data element""" - c_tag = 'X509Data' + c_tag = "X509Data" c_namespace = NAMESPACE c_children = X509DataType_.c_children.copy() c_attributes = X509DataType_.c_attributes.copy() @@ -1205,46 +1217,45 @@ def x509_data_from_string(xml_string): class SignaturePropertiesType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:SignaturePropertiesType element - """ + """The http://www.w3.org/2000/09/xmldsig#:SignaturePropertiesType element""" - c_tag = 'SignaturePropertiesType' + c_tag = "SignaturePropertiesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}SignatureProperty'] = ( - 'signature_property', [SignatureProperty]) - c_cardinality['signature_property'] = {"min": 1} - c_attributes['Id'] = ('id', 'ID', False) - c_child_order.extend(['signature_property']) - - def __init__(self, - signature_property=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}SignatureProperty"] = ("signature_property", [SignatureProperty]) + c_cardinality["signature_property"] = {"min": 1} + c_attributes["Id"] = ("id", "ID", False) + c_child_order.extend(["signature_property"]) + + def __init__( + self, + signature_property=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.signature_property = signature_property or [] self.id = id def signature_properties_type__from_string(xml_string): - return saml2.create_class_from_xml_string(SignaturePropertiesType_, - xml_string) + return saml2.create_class_from_xml_string(SignaturePropertiesType_, xml_string) class Transforms(TransformsType_): - """The http://www.w3.org/2000/09/xmldsig#:Transforms element """ + """The http://www.w3.org/2000/09/xmldsig#:Transforms element""" - c_tag = 'Transforms' + c_tag = "Transforms" c_namespace = NAMESPACE c_children = TransformsType_.c_children.copy() c_attributes = TransformsType_.c_attributes.copy() @@ -1257,9 +1268,9 @@ def transforms_from_string(xml_string): class KeyValue(KeyValueType_): - """The http://www.w3.org/2000/09/xmldsig#:KeyValue element """ + """The http://www.w3.org/2000/09/xmldsig#:KeyValue element""" - c_tag = 'KeyValue' + c_tag = "KeyValue" c_namespace = NAMESPACE c_children = KeyValueType_.c_children.copy() c_attributes = KeyValueType_.c_attributes.copy() @@ -1272,34 +1283,35 @@ def key_value_from_string(xml_string): class RetrievalMethodType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:RetrievalMethodType element """ + """The http://www.w3.org/2000/09/xmldsig#:RetrievalMethodType element""" - c_tag = 'RetrievalMethodType' + c_tag = "RetrievalMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Transforms'] = ( - 'transforms', Transforms) - c_cardinality['transforms'] = {"min": 0, "max": 1} - c_attributes['URI'] = ('uri', 'anyURI', False) - c_attributes['Type'] = ('type', 'anyURI', False) - c_child_order.extend(['transforms']) - - def __init__(self, - transforms=None, - uri=None, - type=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}Transforms"] = ("transforms", Transforms) + c_cardinality["transforms"] = {"min": 0, "max": 1} + c_attributes["URI"] = ("uri", "anyURI", False) + c_attributes["Type"] = ("type", "anyURI", False) + c_child_order.extend(["transforms"]) + + def __init__( + self, + transforms=None, + uri=None, + type=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.transforms = transforms self.uri = uri self.type = type @@ -1310,9 +1322,9 @@ def retrieval_method_type__from_string(xml_string): class SignatureProperties(SignaturePropertiesType_): - """The http://www.w3.org/2000/09/xmldsig#:SignatureProperties element """ + """The http://www.w3.org/2000/09/xmldsig#:SignatureProperties element""" - c_tag = 'SignatureProperties' + c_tag = "SignatureProperties" c_namespace = NAMESPACE c_children = SignaturePropertiesType_.c_children.copy() c_attributes = SignaturePropertiesType_.c_attributes.copy() @@ -1325,42 +1337,41 @@ def signature_properties_from_string(xml_string): class ReferenceType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:ReferenceType element """ + """The http://www.w3.org/2000/09/xmldsig#:ReferenceType element""" - c_tag = 'ReferenceType' + c_tag = "ReferenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Transforms'] = ( - 'transforms', Transforms) - c_cardinality['transforms'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}DigestMethod'] = ( - 'digest_method', DigestMethod) - c_children['{http://www.w3.org/2000/09/xmldsig#}DigestValue'] = ( - 'digest_value', DigestValue) - c_attributes['Id'] = ('id', 'ID', False) - c_attributes['URI'] = ('uri', 'anyURI', False) - c_attributes['Type'] = ('type', 'anyURI', False) - c_child_order.extend(['transforms', 'digest_method', 'digest_value']) - - def __init__(self, - transforms=None, - digest_method=None, - digest_value=None, - id=None, - uri=None, - type=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}Transforms"] = ("transforms", Transforms) + c_cardinality["transforms"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}DigestMethod"] = ("digest_method", DigestMethod) + c_children["{http://www.w3.org/2000/09/xmldsig#}DigestValue"] = ("digest_value", DigestValue) + c_attributes["Id"] = ("id", "ID", False) + c_attributes["URI"] = ("uri", "anyURI", False) + c_attributes["Type"] = ("type", "anyURI", False) + c_child_order.extend(["transforms", "digest_method", "digest_value"]) + + def __init__( + self, + transforms=None, + digest_method=None, + digest_value=None, + id=None, + uri=None, + type=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.transforms = transforms self.digest_method = digest_method self.digest_value = digest_value @@ -1374,9 +1385,9 @@ def reference_type__from_string(xml_string): class RetrievalMethod(RetrievalMethodType_): - """The http://www.w3.org/2000/09/xmldsig#:RetrievalMethod element """ + """The http://www.w3.org/2000/09/xmldsig#:RetrievalMethod element""" - c_tag = 'RetrievalMethod' + c_tag = "RetrievalMethod" c_namespace = NAMESPACE c_children = RetrievalMethodType_.c_children.copy() c_attributes = RetrievalMethodType_.c_attributes.copy() @@ -1389,9 +1400,9 @@ def retrieval_method_from_string(xml_string): class Reference(ReferenceType_): - """The http://www.w3.org/2000/09/xmldsig#:Reference element """ + """The http://www.w3.org/2000/09/xmldsig#:Reference element""" - c_tag = 'Reference' + c_tag = "Reference" c_namespace = NAMESPACE c_children = ReferenceType_.c_children.copy() c_attributes = ReferenceType_.c_attributes.copy() @@ -1407,62 +1418,63 @@ def reference_from_string(xml_string): class KeyInfoType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:KeyInfoType element """ + """The http://www.w3.org/2000/09/xmldsig#:KeyInfoType element""" - c_tag = 'KeyInfoType' + c_tag = "KeyInfoType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyName'] = ('key_name', - [KeyName]) - c_cardinality['key_name'] = {"min": 0} - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyValue'] = ('key_value', - [KeyValue]) - c_cardinality['key_value'] = {"min": 0} - c_children['{http://www.w3.org/2000/09/xmldsig#}RetrievalMethod'] = ( - 'retrieval_method', [RetrievalMethod]) - c_cardinality['retrieval_method'] = {"min": 0} - c_children['{http://www.w3.org/2000/09/xmldsig#}X509Data'] = ('x509_data', - [X509Data]) - c_cardinality['x509_data'] = {"min": 0} - c_children['{http://www.w3.org/2000/09/xmldsig#}PGPData'] = ('pgp_data', - [PGPData]) - c_cardinality['pgp_data'] = {"min": 0} - c_children['{http://www.w3.org/2000/09/xmldsig#}SPKIData'] = ('spki_data', - [SPKIData]) - c_cardinality['spki_data'] = {"min": 0} - c_children['{http://www.w3.org/2000/09/xmldsig#}MgmtData'] = ('mgmt_data', - [MgmtData]) - c_cardinality['mgmt_data'] = {"min": 0} - c_children['{http://www.w3.org/2000/09/xmlenc#}EncryptedKey'] = ( - 'encrypted_key', None) - c_cardinality['key_info'] = {"min": 0, "max": 1} - - c_attributes['Id'] = ('id', 'ID', False) - c_child_order.extend(['key_name', 'key_value', 'retrieval_method', - 'x509_data', 'pgp_data', 'spki_data', 'mgmt_data', - 'encrypted_key']) - - def __init__(self, - key_name=None, - key_value=None, - retrieval_method=None, - x509_data=None, - pgp_data=None, - spki_data=None, - mgmt_data=None, - encrypted_key=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyName"] = ("key_name", [KeyName]) + c_cardinality["key_name"] = {"min": 0} + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyValue"] = ("key_value", [KeyValue]) + c_cardinality["key_value"] = {"min": 0} + c_children["{http://www.w3.org/2000/09/xmldsig#}RetrievalMethod"] = ("retrieval_method", [RetrievalMethod]) + c_cardinality["retrieval_method"] = {"min": 0} + c_children["{http://www.w3.org/2000/09/xmldsig#}X509Data"] = ("x509_data", [X509Data]) + c_cardinality["x509_data"] = {"min": 0} + c_children["{http://www.w3.org/2000/09/xmldsig#}PGPData"] = ("pgp_data", [PGPData]) + c_cardinality["pgp_data"] = {"min": 0} + c_children["{http://www.w3.org/2000/09/xmldsig#}SPKIData"] = ("spki_data", [SPKIData]) + c_cardinality["spki_data"] = {"min": 0} + c_children["{http://www.w3.org/2000/09/xmldsig#}MgmtData"] = ("mgmt_data", [MgmtData]) + c_cardinality["mgmt_data"] = {"min": 0} + c_children["{http://www.w3.org/2000/09/xmlenc#}EncryptedKey"] = ("encrypted_key", None) + c_cardinality["key_info"] = {"min": 0, "max": 1} + + c_attributes["Id"] = ("id", "ID", False) + c_child_order.extend( + [ + "key_name", + "key_value", + "retrieval_method", + "x509_data", + "pgp_data", + "spki_data", + "mgmt_data", + "encrypted_key", + ] + ) + + def __init__( + self, + key_name=None, + key_value=None, + retrieval_method=None, + x509_data=None, + pgp_data=None, + spki_data=None, + mgmt_data=None, + encrypted_key=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, text=text, extension_elements=extension_elements, extension_attributes=extension_attributes + ) self.key_name = key_name or [] self.key_value = key_value or [] self.retrieval_method = retrieval_method or [] @@ -1479,32 +1491,33 @@ def key_info_type__from_string(xml_string): class ManifestType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:ManifestType element """ + """The http://www.w3.org/2000/09/xmldsig#:ManifestType element""" - c_tag = 'ManifestType' + c_tag = "ManifestType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Reference'] = ('reference', - [Reference]) - c_cardinality['reference'] = {"min": 1} - c_attributes['Id'] = ('id', 'ID', False) - c_child_order.extend(['reference']) - - def __init__(self, - reference=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}Reference"] = ("reference", [Reference]) + c_cardinality["reference"] = {"min": 1} + c_attributes["Id"] = ("id", "ID", False) + c_child_order.extend(["reference"]) + + def __init__( + self, + reference=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.reference = reference or [] self.id = id @@ -1514,39 +1527,40 @@ def manifest_type__from_string(xml_string): class SignedInfoType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:SignedInfoType element """ + """The http://www.w3.org/2000/09/xmldsig#:SignedInfoType element""" - c_tag = 'SignedInfoType' + c_tag = "SignedInfoType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}CanonicalizationMethod'] = ( - 'canonicalization_method', CanonicalizationMethod) - c_children['{http://www.w3.org/2000/09/xmldsig#}SignatureMethod'] = ( - 'signature_method', SignatureMethod) - c_children['{http://www.w3.org/2000/09/xmldsig#}Reference'] = ('reference', - [Reference]) - c_cardinality['reference'] = {"min": 1} - c_attributes['Id'] = ('id', 'ID', False) - c_child_order.extend(['canonicalization_method', 'signature_method', - 'reference']) - - def __init__(self, - canonicalization_method=None, - signature_method=None, - reference=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}CanonicalizationMethod"] = ( + "canonicalization_method", + CanonicalizationMethod, + ) + c_children["{http://www.w3.org/2000/09/xmldsig#}SignatureMethod"] = ("signature_method", SignatureMethod) + c_children["{http://www.w3.org/2000/09/xmldsig#}Reference"] = ("reference", [Reference]) + c_cardinality["reference"] = {"min": 1} + c_attributes["Id"] = ("id", "ID", False) + c_child_order.extend(["canonicalization_method", "signature_method", "reference"]) + + def __init__( + self, + canonicalization_method=None, + signature_method=None, + reference=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.canonicalization_method = canonicalization_method self.signature_method = signature_method self.reference = reference or [] @@ -1558,9 +1572,9 @@ def signed_info_type__from_string(xml_string): class KeyInfo(KeyInfoType_): - """The http://www.w3.org/2000/09/xmldsig#:KeyInfo element """ + """The http://www.w3.org/2000/09/xmldsig#:KeyInfo element""" - c_tag = 'KeyInfo' + c_tag = "KeyInfo" c_namespace = NAMESPACE c_children = KeyInfoType_.c_children.copy() c_attributes = KeyInfoType_.c_attributes.copy() @@ -1573,9 +1587,9 @@ def key_info_from_string(xml_string): class Manifest(ManifestType_): - """The http://www.w3.org/2000/09/xmldsig#:Manifest element """ + """The http://www.w3.org/2000/09/xmldsig#:Manifest element""" - c_tag = 'Manifest' + c_tag = "Manifest" c_namespace = NAMESPACE c_children = ManifestType_.c_children.copy() c_attributes = ManifestType_.c_attributes.copy() @@ -1588,9 +1602,9 @@ def manifest_from_string(xml_string): class SignedInfo(SignedInfoType_): - """The http://www.w3.org/2000/09/xmldsig#:SignedInfo element """ + """The http://www.w3.org/2000/09/xmldsig#:SignedInfo element""" - c_tag = 'SignedInfo' + c_tag = "SignedInfo" c_namespace = NAMESPACE c_children = SignedInfoType_.c_children.copy() c_attributes = SignedInfoType_.c_attributes.copy() @@ -1603,43 +1617,40 @@ def signed_info_from_string(xml_string): class SignatureType_(SamlBase): - """The http://www.w3.org/2000/09/xmldsig#:SignatureType element """ + """The http://www.w3.org/2000/09/xmldsig#:SignatureType element""" - c_tag = 'SignatureType' + c_tag = "SignatureType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}SignedInfo'] = ( - 'signed_info', SignedInfo) - c_children['{http://www.w3.org/2000/09/xmldsig#}SignatureValue'] = ( - 'signature_value', SignatureValue) - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ('key_info', - KeyInfo) - c_cardinality['key_info'] = {"min": 0, "max": 1} - c_children['{http://www.w3.org/2000/09/xmldsig#}Object'] = ('object', - [Object]) - c_cardinality['object'] = {"min": 0} - c_attributes['Id'] = ('id', 'ID', False) - c_child_order.extend(['signed_info', 'signature_value', 'key_info', - 'object']) - - def __init__(self, - signed_info=None, - signature_value=None, - key_info=None, - object=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) + c_children["{http://www.w3.org/2000/09/xmldsig#}SignedInfo"] = ("signed_info", SignedInfo) + c_children["{http://www.w3.org/2000/09/xmldsig#}SignatureValue"] = ("signature_value", SignatureValue) + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyInfo"] = ("key_info", KeyInfo) + c_cardinality["key_info"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}Object"] = ("object", [Object]) + c_cardinality["object"] = {"min": 0} + c_attributes["Id"] = ("id", "ID", False) + c_child_order.extend(["signed_info", "signature_value", "key_info", "object"]) + + def __init__( + self, + signed_info=None, + signature_value=None, + key_info=None, + object=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) self.signed_info = signed_info self.signature_value = signature_value self.key_info = key_info @@ -1652,9 +1663,9 @@ def signature_type__from_string(xml_string): class Signature(SignatureType_): - """The http://www.w3.org/2000/09/xmldsig#:Signature element """ + """The http://www.w3.org/2000/09/xmldsig#:Signature element""" - c_tag = 'Signature' + c_tag = "Signature" c_namespace = NAMESPACE c_children = SignatureType_.c_children.copy() c_attributes = SignatureType_.c_attributes.copy() @@ -1675,8 +1686,7 @@ def signature_from_string(xml_string): SignedInfo.c_tag: signed_info_from_string, SignedInfoType_.c_tag: signed_info_type__from_string, CanonicalizationMethod.c_tag: canonicalization_method_from_string, - CanonicalizationMethodType_.c_tag: - canonicalization_method_type__from_string, + CanonicalizationMethodType_.c_tag: canonicalization_method_type__from_string, SignatureMethod.c_tag: signature_method_from_string, SignatureMethodType_.c_tag: signature_method_type__from_string, Reference.c_tag: reference_from_string, @@ -1741,76 +1751,76 @@ def signature_from_string(xml_string): } ELEMENT_BY_TAG = { - 'CryptoBinary': CryptoBinary_, - 'Signature': Signature, - 'SignatureType': SignatureType_, - 'SignatureValue': SignatureValue, - 'SignatureValueType': SignatureValueType_, - 'SignedInfo': SignedInfo, - 'SignedInfoType': SignedInfoType_, - 'CanonicalizationMethod': CanonicalizationMethod, - 'CanonicalizationMethodType': CanonicalizationMethodType_, - 'SignatureMethod': SignatureMethod, - 'SignatureMethodType': SignatureMethodType_, - 'Reference': Reference, - 'ReferenceType': ReferenceType_, - 'Transforms': Transforms, - 'TransformsType': TransformsType_, - 'Transform': Transform, - 'TransformType': TransformType_, - 'DigestMethod': DigestMethod, - 'DigestMethodType': DigestMethodType_, - 'DigestValue': DigestValue, - 'DigestValueType': DigestValueType_, - 'KeyInfo': KeyInfo, - 'KeyInfoType': KeyInfoType_, - 'KeyName': KeyName, - 'MgmtData': MgmtData, - 'KeyValue': KeyValue, - 'KeyValueType': KeyValueType_, - 'RetrievalMethod': RetrievalMethod, - 'RetrievalMethodType': RetrievalMethodType_, - 'X509Data': X509Data, - 'X509DataType': X509DataType_, - 'X509IssuerSerialType': X509IssuerSerialType_, - 'PGPData': PGPData, - 'PGPDataType': PGPDataType_, - 'SPKIData': SPKIData, - 'SPKIDataType': SPKIDataType_, - 'Object': Object, - 'ObjectType': ObjectType_, - 'Manifest': Manifest, - 'ManifestType': ManifestType_, - 'SignatureProperties': SignatureProperties, - 'SignaturePropertiesType': SignaturePropertiesType_, - 'SignatureProperty': SignatureProperty, - 'SignaturePropertyType': SignaturePropertyType_, - 'HMACOutputLengthType': HMACOutputLengthType_, - 'DSAKeyValue': DSAKeyValue, - 'DSAKeyValueType': DSAKeyValueType_, - 'RSAKeyValue': RSAKeyValue, - 'RSAKeyValueType': RSAKeyValueType_, - 'XPath': TransformType_XPath, - 'X509IssuerName': X509IssuerName, - 'X509SerialNumber': X509SerialNumber, - 'PGPKeyID': PGPKeyID, - 'PGPKeyPacket': PGPKeyPacket, - 'SPKISexp': SPKISexp, - 'P': P, - 'Q': Q, - 'G': G, - 'Y': Y, - 'J': J, - 'Seed': Seed, - 'PgenCounter': PgenCounter, - 'Modulus': Modulus, - 'Exponent': Exponent, - 'HMACOutputLength': HMACOutputLength, - 'X509IssuerSerial': X509IssuerSerial, - 'X509SKI': X509SKI, - 'X509SubjectName': X509SubjectName, - 'X509Certificate': X509Certificate, - 'X509CRL': X509CRL, + "CryptoBinary": CryptoBinary_, + "Signature": Signature, + "SignatureType": SignatureType_, + "SignatureValue": SignatureValue, + "SignatureValueType": SignatureValueType_, + "SignedInfo": SignedInfo, + "SignedInfoType": SignedInfoType_, + "CanonicalizationMethod": CanonicalizationMethod, + "CanonicalizationMethodType": CanonicalizationMethodType_, + "SignatureMethod": SignatureMethod, + "SignatureMethodType": SignatureMethodType_, + "Reference": Reference, + "ReferenceType": ReferenceType_, + "Transforms": Transforms, + "TransformsType": TransformsType_, + "Transform": Transform, + "TransformType": TransformType_, + "DigestMethod": DigestMethod, + "DigestMethodType": DigestMethodType_, + "DigestValue": DigestValue, + "DigestValueType": DigestValueType_, + "KeyInfo": KeyInfo, + "KeyInfoType": KeyInfoType_, + "KeyName": KeyName, + "MgmtData": MgmtData, + "KeyValue": KeyValue, + "KeyValueType": KeyValueType_, + "RetrievalMethod": RetrievalMethod, + "RetrievalMethodType": RetrievalMethodType_, + "X509Data": X509Data, + "X509DataType": X509DataType_, + "X509IssuerSerialType": X509IssuerSerialType_, + "PGPData": PGPData, + "PGPDataType": PGPDataType_, + "SPKIData": SPKIData, + "SPKIDataType": SPKIDataType_, + "Object": Object, + "ObjectType": ObjectType_, + "Manifest": Manifest, + "ManifestType": ManifestType_, + "SignatureProperties": SignatureProperties, + "SignaturePropertiesType": SignaturePropertiesType_, + "SignatureProperty": SignatureProperty, + "SignaturePropertyType": SignaturePropertyType_, + "HMACOutputLengthType": HMACOutputLengthType_, + "DSAKeyValue": DSAKeyValue, + "DSAKeyValueType": DSAKeyValueType_, + "RSAKeyValue": RSAKeyValue, + "RSAKeyValueType": RSAKeyValueType_, + "XPath": TransformType_XPath, + "X509IssuerName": X509IssuerName, + "X509SerialNumber": X509SerialNumber, + "PGPKeyID": PGPKeyID, + "PGPKeyPacket": PGPKeyPacket, + "SPKISexp": SPKISexp, + "P": P, + "Q": Q, + "G": G, + "Y": Y, + "J": J, + "Seed": Seed, + "PgenCounter": PgenCounter, + "Modulus": Modulus, + "Exponent": Exponent, + "HMACOutputLength": HMACOutputLength, + "X509IssuerSerial": X509IssuerSerial, + "X509SKI": X509SKI, + "X509SubjectName": X509SubjectName, + "X509Certificate": X509Certificate, + "X509CRL": X509CRL, } diff --git a/src/saml2/xmlenc/__init__.py b/src/saml2/xmlenc/__init__.py index 2fd0756a1..3f06bc94c 100644 --- a/src/saml2/xmlenc/__init__.py +++ b/src/saml2/xmlenc/__init__.py @@ -8,62 +8,69 @@ from saml2 import SamlBase from saml2 import xmldsig as ds -NAMESPACE = 'http://www.w3.org/2001/04/xmlenc#' + +NAMESPACE = "http://www.w3.org/2001/04/xmlenc#" + class KeySizeType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:KeySizeType element """ + """The http://www.w3.org/2001/04/xmlenc#:KeySizeType element""" - c_tag = 'KeySizeType' + c_tag = "KeySizeType" c_namespace = NAMESPACE - c_value_type = {'base': 'integer'} + c_value_type = {"base": "integer"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def key_size_type__from_string(xml_string): return saml2.create_class_from_xml_string(KeySizeType_, xml_string) class CipherValue(SamlBase): - c_tag = 'CipherValue' + c_tag = "CipherValue" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def cipher_value_from_string(xml_string): return saml2.create_class_from_xml_string(CipherValue, xml_string) class TransformsType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:TransformsType element """ + """The http://www.w3.org/2001/04/xmlenc#:TransformsType element""" - c_tag = 'TransformsType' + c_tag = "TransformsType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2000/09/xmldsig#}Transform'] = ('transform', [ds.Transform]) - c_cardinality['transform'] = {"min":1} - c_child_order.extend(['transform']) - - def __init__(self, - transform=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.transform=transform or [] + c_children["{http://www.w3.org/2000/09/xmldsig#}Transform"] = ("transform", [ds.Transform]) + c_cardinality["transform"] = {"min": 1} + c_child_order.extend(["transform"]) + + def __init__( + self, + transform=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.transform = transform or [] + def transforms_type__from_string(xml_string): return saml2.create_class_from_xml_string(TransformsType_, xml_string) @@ -71,139 +78,151 @@ def transforms_type__from_string(xml_string): class KA_Nonce(SamlBase): - c_tag = 'KA_Nonce' + c_tag = "KA_Nonce" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def k_a__nonce_from_string(xml_string): return saml2.create_class_from_xml_string(KA_Nonce, xml_string) class OriginatorKeyInfo(ds.KeyInfo): - c_tag = 'OriginatorKeyInfo' + c_tag = "OriginatorKeyInfo" c_namespace = NAMESPACE c_children = ds.KeyInfo.c_children.copy() c_attributes = ds.KeyInfo.c_attributes.copy() c_child_order = ds.KeyInfo.c_child_order[:] c_cardinality = ds.KeyInfo.c_cardinality.copy() + def originator_key_info_from_string(xml_string): return saml2.create_class_from_xml_string(OriginatorKeyInfo, xml_string) class RecipientKeyInfo(ds.KeyInfo): - c_tag = 'RecipientKeyInfo' + c_tag = "RecipientKeyInfo" c_namespace = NAMESPACE c_children = ds.KeyInfo.c_children.copy() c_attributes = ds.KeyInfo.c_attributes.copy() c_child_order = ds.KeyInfo.c_child_order[:] c_cardinality = ds.KeyInfo.c_cardinality.copy() + def recipient_key_info_from_string(xml_string): return saml2.create_class_from_xml_string(RecipientKeyInfo, xml_string) class AgreementMethodType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:AgreementMethodType element """ + """The http://www.w3.org/2001/04/xmlenc#:AgreementMethodType element""" - c_tag = 'AgreementMethodType' + c_tag = "AgreementMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}KA_Nonce'] = ('k_a__nonce', KA_Nonce) - c_cardinality['k_a__nonce'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2001/04/xmlenc#}OriginatorKeyInfo'] = ('originator_key_info', OriginatorKeyInfo) - c_cardinality['originator_key_info'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2001/04/xmlenc#}RecipientKeyInfo'] = ('recipient_key_info', RecipientKeyInfo) - c_cardinality['recipient_key_info'] = {"min":0, "max":1} - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - c_child_order.extend(['k_a__nonce', 'originator_key_info', 'recipient_key_info']) - - def __init__(self, - k_a__nonce=None, - originator_key_info=None, - recipient_key_info=None, - algorithm=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.k_a__nonce=k_a__nonce - self.originator_key_info=originator_key_info - self.recipient_key_info=recipient_key_info - self.algorithm=algorithm + c_children["{http://www.w3.org/2001/04/xmlenc#}KA_Nonce"] = ("k_a__nonce", KA_Nonce) + c_cardinality["k_a__nonce"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2001/04/xmlenc#}OriginatorKeyInfo"] = ("originator_key_info", OriginatorKeyInfo) + c_cardinality["originator_key_info"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2001/04/xmlenc#}RecipientKeyInfo"] = ("recipient_key_info", RecipientKeyInfo) + c_cardinality["recipient_key_info"] = {"min": 0, "max": 1} + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + c_child_order.extend(["k_a__nonce", "originator_key_info", "recipient_key_info"]) + + def __init__( + self, + k_a__nonce=None, + originator_key_info=None, + recipient_key_info=None, + algorithm=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.k_a__nonce = k_a__nonce + self.originator_key_info = originator_key_info + self.recipient_key_info = recipient_key_info + self.algorithm = algorithm + def agreement_method_type__from_string(xml_string): return saml2.create_class_from_xml_string(AgreementMethodType_, xml_string) class ReferenceType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:ReferenceType element """ + """The http://www.w3.org/2001/04/xmlenc#:ReferenceType element""" - c_tag = 'ReferenceType' + c_tag = "ReferenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['URI'] = ('uri', 'anyURI', True) - - def __init__(self, - uri=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.uri=uri + c_attributes["URI"] = ("uri", "anyURI", True) + + def __init__( + self, + uri=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.uri = uri + def reference_type__from_string(xml_string): return saml2.create_class_from_xml_string(ReferenceType_, xml_string) class EncryptionPropertyType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:EncryptionPropertyType element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptionPropertyType element""" - c_tag = 'EncryptionPropertyType' + c_tag = "EncryptionPropertyType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_attributes['Target'] = ('target', 'anyURI', False) - c_attributes['Id'] = ('id', 'ID', False) - - def __init__(self, - target=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.target=target - self.id=id + c_attributes["Target"] = ("target", "anyURI", False) + c_attributes["Id"] = ("id", "ID", False) + + def __init__( + self, + target=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.target = target + self.id = id + def encryption_property_type__from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionPropertyType_, xml_string) @@ -211,63 +230,68 @@ def encryption_property_type__from_string(xml_string): class KeySize(KeySizeType_): - c_tag = 'KeySize' + c_tag = "KeySize" c_namespace = NAMESPACE c_children = KeySizeType_.c_children.copy() c_attributes = KeySizeType_.c_attributes.copy() c_child_order = KeySizeType_.c_child_order[:] c_cardinality = KeySizeType_.c_cardinality.copy() + def key_size_from_string(xml_string): return saml2.create_class_from_xml_string(KeySize, xml_string) class OAEPparams(SamlBase): - c_tag = 'OAEPparams' + c_tag = "OAEPparams" c_namespace = NAMESPACE - c_value_type = {'base': 'base64Binary'} + c_value_type = {"base": "base64Binary"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def oae_pparams_from_string(xml_string): return saml2.create_class_from_xml_string(OAEPparams, xml_string) class EncryptionMethodType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:EncryptionMethodType element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptionMethodType element""" - c_tag = 'EncryptionMethodType' + c_tag = "EncryptionMethodType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}KeySize'] = ('key_size', KeySize) - c_cardinality['key_size'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2001/04/xmlenc#}OAEPparams'] = ('oae_pparams', OAEPparams) - c_cardinality['oae_pparams'] = {"min":0, "max":1} - c_attributes['Algorithm'] = ('algorithm', 'anyURI', True) - c_child_order.extend(['key_size', 'oae_pparams']) - - def __init__(self, - key_size=None, - oae_pparams=None, - algorithm=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.key_size=key_size - self.oae_pparams=oae_pparams - self.algorithm=algorithm + c_children["{http://www.w3.org/2001/04/xmlenc#}KeySize"] = ("key_size", KeySize) + c_cardinality["key_size"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2001/04/xmlenc#}OAEPparams"] = ("oae_pparams", OAEPparams) + c_cardinality["oae_pparams"] = {"min": 0, "max": 1} + c_attributes["Algorithm"] = ("algorithm", "anyURI", True) + c_child_order.extend(["key_size", "oae_pparams"]) + + def __init__( + self, + key_size=None, + oae_pparams=None, + algorithm=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.key_size = key_size + self.oae_pparams = oae_pparams + self.algorithm = algorithm + def encryption_method_type__from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionMethodType_, xml_string) @@ -275,45 +299,49 @@ def encryption_method_type__from_string(xml_string): class Transforms(TransformsType_): - c_tag = 'Transforms' + c_tag = "Transforms" c_namespace = NAMESPACE c_children = TransformsType_.c_children.copy() c_attributes = TransformsType_.c_attributes.copy() c_child_order = TransformsType_.c_child_order[:] c_cardinality = TransformsType_.c_cardinality.copy() + def transforms_from_string(xml_string): return saml2.create_class_from_xml_string(Transforms, xml_string) class CipherReferenceType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:CipherReferenceType element """ + """The http://www.w3.org/2001/04/xmlenc#:CipherReferenceType element""" - c_tag = 'CipherReferenceType' + c_tag = "CipherReferenceType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}Transforms'] = ('transforms', Transforms) - c_cardinality['transforms'] = {"min":0, "max":1} - c_attributes['URI'] = ('uri', 'anyURI', True) - c_child_order.extend(['transforms']) - - def __init__(self, - transforms=None, - uri=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.transforms=transforms - self.uri=uri + c_children["{http://www.w3.org/2001/04/xmlenc#}Transforms"] = ("transforms", Transforms) + c_cardinality["transforms"] = {"min": 0, "max": 1} + c_attributes["URI"] = ("uri", "anyURI", True) + c_child_order.extend(["transforms"]) + + def __init__( + self, + transforms=None, + uri=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.transforms = transforms + self.uri = uri + def cipher_reference_type__from_string(xml_string): return saml2.create_class_from_xml_string(CipherReferenceType_, xml_string) @@ -321,376 +349,403 @@ def cipher_reference_type__from_string(xml_string): class EncryptionMethod(EncryptionMethodType_): - c_tag = 'EncryptionMethod' + c_tag = "EncryptionMethod" c_namespace = NAMESPACE c_children = EncryptionMethodType_.c_children.copy() c_attributes = EncryptionMethodType_.c_attributes.copy() c_child_order = EncryptionMethodType_.c_child_order[:] c_cardinality = EncryptionMethodType_.c_cardinality.copy() + def encryption_method_from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionMethod, xml_string) - class AgreementMethod(AgreementMethodType_): - """The http://www.w3.org/2001/04/xmlenc#:AgreementMethod element """ + """The http://www.w3.org/2001/04/xmlenc#:AgreementMethod element""" - c_tag = 'AgreementMethod' + c_tag = "AgreementMethod" c_namespace = NAMESPACE c_children = AgreementMethodType_.c_children.copy() c_attributes = AgreementMethodType_.c_attributes.copy() c_child_order = AgreementMethodType_.c_child_order[:] c_cardinality = AgreementMethodType_.c_cardinality.copy() + def agreement_method_from_string(xml_string): return saml2.create_class_from_xml_string(AgreementMethod, xml_string) class DataReference(ReferenceType_): - c_tag = 'DataReference' + c_tag = "DataReference" c_namespace = NAMESPACE c_children = ReferenceType_.c_children.copy() c_attributes = ReferenceType_.c_attributes.copy() c_child_order = ReferenceType_.c_child_order[:] c_cardinality = ReferenceType_.c_cardinality.copy() + def data_reference_from_string(xml_string): return saml2.create_class_from_xml_string(DataReference, xml_string) class KeyReference(ReferenceType_): - c_tag = 'KeyReference' + c_tag = "KeyReference" c_namespace = NAMESPACE c_children = ReferenceType_.c_children.copy() c_attributes = ReferenceType_.c_attributes.copy() c_child_order = ReferenceType_.c_child_order[:] c_cardinality = ReferenceType_.c_cardinality.copy() + def key_reference_from_string(xml_string): return saml2.create_class_from_xml_string(KeyReference, xml_string) class ReferenceList(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:ReferenceList element """ + """The http://www.w3.org/2001/04/xmlenc#:ReferenceList element""" - c_tag = 'ReferenceList' + c_tag = "ReferenceList" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}DataReference'] = ('data_reference', [DataReference]) - c_cardinality['data_reference'] = {"min":0} - c_children['{http://www.w3.org/2001/04/xmlenc#}KeyReference'] = ('key_reference', [KeyReference]) - c_cardinality['key_reference'] = {"min":0} - c_child_order.extend(['data_reference', 'key_reference']) - - def __init__(self, - data_reference=None, - key_reference=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.data_reference=data_reference or [] - self.key_reference=key_reference or [] + c_children["{http://www.w3.org/2001/04/xmlenc#}DataReference"] = ("data_reference", [DataReference]) + c_cardinality["data_reference"] = {"min": 0} + c_children["{http://www.w3.org/2001/04/xmlenc#}KeyReference"] = ("key_reference", [KeyReference]) + c_cardinality["key_reference"] = {"min": 0} + c_child_order.extend(["data_reference", "key_reference"]) + + def __init__( + self, + data_reference=None, + key_reference=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.data_reference = data_reference or [] + self.key_reference = key_reference or [] + def reference_list_from_string(xml_string): return saml2.create_class_from_xml_string(ReferenceList, xml_string) class EncryptionProperty(EncryptionPropertyType_): - """The http://www.w3.org/2001/04/xmlenc#:EncryptionProperty element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptionProperty element""" - c_tag = 'EncryptionProperty' + c_tag = "EncryptionProperty" c_namespace = NAMESPACE c_children = EncryptionPropertyType_.c_children.copy() c_attributes = EncryptionPropertyType_.c_attributes.copy() c_child_order = EncryptionPropertyType_.c_child_order[:] c_cardinality = EncryptionPropertyType_.c_cardinality.copy() + def encryption_property_from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionProperty, xml_string) class CipherReference(CipherReferenceType_): - """The http://www.w3.org/2001/04/xmlenc#:CipherReference element """ + """The http://www.w3.org/2001/04/xmlenc#:CipherReference element""" - c_tag = 'CipherReference' + c_tag = "CipherReference" c_namespace = NAMESPACE c_children = CipherReferenceType_.c_children.copy() c_attributes = CipherReferenceType_.c_attributes.copy() c_child_order = CipherReferenceType_.c_child_order[:] c_cardinality = CipherReferenceType_.c_cardinality.copy() + def cipher_reference_from_string(xml_string): return saml2.create_class_from_xml_string(CipherReference, xml_string) class EncryptionPropertiesType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:EncryptionPropertiesType element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptionPropertiesType element""" - c_tag = 'EncryptionPropertiesType' + c_tag = "EncryptionPropertiesType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}EncryptionProperty'] = ('encryption_property', [EncryptionProperty]) - c_cardinality['encryption_property'] = {"min":1} - c_attributes['Id'] = ('id', 'ID', False) - c_child_order.extend(['encryption_property']) - - def __init__(self, - encryption_property=None, - id=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.encryption_property=encryption_property or [] - self.id=id + c_children["{http://www.w3.org/2001/04/xmlenc#}EncryptionProperty"] = ("encryption_property", [EncryptionProperty]) + c_cardinality["encryption_property"] = {"min": 1} + c_attributes["Id"] = ("id", "ID", False) + c_child_order.extend(["encryption_property"]) + + def __init__( + self, + encryption_property=None, + id=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.encryption_property = encryption_property or [] + self.id = id + def encryption_properties_type__from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionPropertiesType_, xml_string) class CipherDataType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:CipherDataType element """ + """The http://www.w3.org/2001/04/xmlenc#:CipherDataType element""" - c_tag = 'CipherDataType' + c_tag = "CipherDataType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}CipherValue'] = ('cipher_value', CipherValue) - c_cardinality['cipher_value'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2001/04/xmlenc#}CipherReference'] = ('cipher_reference', CipherReference) - c_cardinality['cipher_reference'] = {"min":0, "max":1} - c_child_order.extend(['cipher_value', 'cipher_reference']) - - def __init__(self, - cipher_value=None, - cipher_reference=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.cipher_value=cipher_value - self.cipher_reference=cipher_reference + c_children["{http://www.w3.org/2001/04/xmlenc#}CipherValue"] = ("cipher_value", CipherValue) + c_cardinality["cipher_value"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2001/04/xmlenc#}CipherReference"] = ("cipher_reference", CipherReference) + c_cardinality["cipher_reference"] = {"min": 0, "max": 1} + c_child_order.extend(["cipher_value", "cipher_reference"]) + + def __init__( + self, + cipher_value=None, + cipher_reference=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.cipher_value = cipher_value + self.cipher_reference = cipher_reference + def cipher_data_type__from_string(xml_string): return saml2.create_class_from_xml_string(CipherDataType_, xml_string) class EncryptionProperties(EncryptionPropertiesType_): - """The http://www.w3.org/2001/04/xmlenc#:EncryptionProperties element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptionProperties element""" - c_tag = 'EncryptionProperties' + c_tag = "EncryptionProperties" c_namespace = NAMESPACE c_children = EncryptionPropertiesType_.c_children.copy() c_attributes = EncryptionPropertiesType_.c_attributes.copy() c_child_order = EncryptionPropertiesType_.c_child_order[:] c_cardinality = EncryptionPropertiesType_.c_cardinality.copy() + def encryption_properties_from_string(xml_string): return saml2.create_class_from_xml_string(EncryptionProperties, xml_string) class CipherData(CipherDataType_): - """The http://www.w3.org/2001/04/xmlenc#:CipherData element """ + """The http://www.w3.org/2001/04/xmlenc#:CipherData element""" - c_tag = 'CipherData' + c_tag = "CipherData" c_namespace = NAMESPACE c_children = CipherDataType_.c_children.copy() c_attributes = CipherDataType_.c_attributes.copy() c_child_order = CipherDataType_.c_child_order[:] c_cardinality = CipherDataType_.c_cardinality.copy() + def cipher_data_from_string(xml_string): return saml2.create_class_from_xml_string(CipherData, xml_string) class EncryptedType_(SamlBase): - """The http://www.w3.org/2001/04/xmlenc#:EncryptedType element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptedType element""" - c_tag = 'EncryptedType' + c_tag = "EncryptedType" c_namespace = NAMESPACE c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}EncryptionMethod'] = ('encryption_method', EncryptionMethod) - c_cardinality['encryption_method'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2000/09/xmldsig#}KeyInfo'] = ('key_info', ds.KeyInfo) - c_cardinality['key_info'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2001/04/xmlenc#}CipherData'] = ('cipher_data', CipherData) - c_children['{http://www.w3.org/2001/04/xmlenc#}EncryptionProperties'] = ('encryption_properties', EncryptionProperties) - c_cardinality['encryption_properties'] = {"min":0, "max":1} - c_attributes['Id'] = ('id', 'ID', False) - c_attributes['Type'] = ('type', 'anyURI', False) - c_attributes['MimeType'] = ('mime_type', 'string', False) - c_attributes['Encoding'] = ('encoding', 'anyURI', False) - c_child_order.extend(['encryption_method', 'key_info', 'cipher_data', 'encryption_properties']) - - def __init__(self, - encryption_method=None, - key_info=None, - cipher_data=None, - encryption_properties=None, - id=None, - type=None, - mime_type=None, - encoding=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - SamlBase.__init__(self, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.encryption_method=encryption_method - self.key_info=key_info - self.cipher_data=cipher_data - self.encryption_properties=encryption_properties - self.id=id - self.type=type - self.mime_type=mime_type - self.encoding=encoding + c_children["{http://www.w3.org/2001/04/xmlenc#}EncryptionMethod"] = ("encryption_method", EncryptionMethod) + c_cardinality["encryption_method"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2000/09/xmldsig#}KeyInfo"] = ("key_info", ds.KeyInfo) + c_cardinality["key_info"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2001/04/xmlenc#}CipherData"] = ("cipher_data", CipherData) + c_children["{http://www.w3.org/2001/04/xmlenc#}EncryptionProperties"] = ( + "encryption_properties", + EncryptionProperties, + ) + c_cardinality["encryption_properties"] = {"min": 0, "max": 1} + c_attributes["Id"] = ("id", "ID", False) + c_attributes["Type"] = ("type", "anyURI", False) + c_attributes["MimeType"] = ("mime_type", "string", False) + c_attributes["Encoding"] = ("encoding", "anyURI", False) + c_child_order.extend(["encryption_method", "key_info", "cipher_data", "encryption_properties"]) + + def __init__( + self, + encryption_method=None, + key_info=None, + cipher_data=None, + encryption_properties=None, + id=None, + type=None, + mime_type=None, + encoding=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + SamlBase.__init__( + self, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.encryption_method = encryption_method + self.key_info = key_info + self.cipher_data = cipher_data + self.encryption_properties = encryption_properties + self.id = id + self.type = type + self.mime_type = mime_type + self.encoding = encoding class EncryptedDataType_(EncryptedType_): - """The http://www.w3.org/2001/04/xmlenc#:EncryptedDataType element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptedDataType element""" - c_tag = 'EncryptedDataType' + c_tag = "EncryptedDataType" c_namespace = NAMESPACE c_children = EncryptedType_.c_children.copy() c_attributes = EncryptedType_.c_attributes.copy() c_child_order = EncryptedType_.c_child_order[:] c_cardinality = EncryptedType_.c_cardinality.copy() + def encrypted_data_type__from_string(xml_string): return saml2.create_class_from_xml_string(EncryptedDataType_, xml_string) class CarriedKeyName(SamlBase): - c_tag = 'CarriedKeyName' + c_tag = "CarriedKeyName" c_namespace = NAMESPACE - c_value_type = {'base': 'string'} + c_value_type = {"base": "string"} c_children = SamlBase.c_children.copy() c_attributes = SamlBase.c_attributes.copy() c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() + def carried_key_name_from_string(xml_string): return saml2.create_class_from_xml_string(CarriedKeyName, xml_string) class EncryptedKeyType_(EncryptedType_): - """The http://www.w3.org/2001/04/xmlenc#:EncryptedKeyType element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptedKeyType element""" - c_tag = 'EncryptedKeyType' + c_tag = "EncryptedKeyType" c_namespace = NAMESPACE c_children = EncryptedType_.c_children.copy() c_attributes = EncryptedType_.c_attributes.copy() c_child_order = EncryptedType_.c_child_order[:] c_cardinality = EncryptedType_.c_cardinality.copy() - c_children['{http://www.w3.org/2001/04/xmlenc#}ReferenceList'] = ('reference_list', ReferenceList) - c_cardinality['reference_list'] = {"min":0, "max":1} - c_children['{http://www.w3.org/2001/04/xmlenc#}CarriedKeyName'] = ('carried_key_name', CarriedKeyName) - c_cardinality['carried_key_name'] = {"min":0, "max":1} - c_attributes['Recipient'] = ('recipient', 'string', False) - c_child_order.extend(['reference_list', 'carried_key_name']) - - def __init__(self, - reference_list=None, - carried_key_name=None, - recipient=None, - encryption_method=None, - key_info=None, - cipher_data=None, - encryption_properties=None, - id=None, - type=None, - mime_type=None, - encoding=None, - text=None, - extension_elements=None, - extension_attributes=None, - ): - EncryptedType_.__init__(self, - encryption_method=encryption_method, - key_info=key_info, - cipher_data=cipher_data, - encryption_properties=encryption_properties, - id=id, - type=type, - mime_type=mime_type, - encoding=encoding, - text=text, - extension_elements=extension_elements, - extension_attributes=extension_attributes, - ) - self.reference_list=reference_list - self.carried_key_name=carried_key_name - self.recipient=recipient + c_children["{http://www.w3.org/2001/04/xmlenc#}ReferenceList"] = ("reference_list", ReferenceList) + c_cardinality["reference_list"] = {"min": 0, "max": 1} + c_children["{http://www.w3.org/2001/04/xmlenc#}CarriedKeyName"] = ("carried_key_name", CarriedKeyName) + c_cardinality["carried_key_name"] = {"min": 0, "max": 1} + c_attributes["Recipient"] = ("recipient", "string", False) + c_child_order.extend(["reference_list", "carried_key_name"]) + + def __init__( + self, + reference_list=None, + carried_key_name=None, + recipient=None, + encryption_method=None, + key_info=None, + cipher_data=None, + encryption_properties=None, + id=None, + type=None, + mime_type=None, + encoding=None, + text=None, + extension_elements=None, + extension_attributes=None, + ): + EncryptedType_.__init__( + self, + encryption_method=encryption_method, + key_info=key_info, + cipher_data=cipher_data, + encryption_properties=encryption_properties, + id=id, + type=type, + mime_type=mime_type, + encoding=encoding, + text=text, + extension_elements=extension_elements, + extension_attributes=extension_attributes, + ) + self.reference_list = reference_list + self.carried_key_name = carried_key_name + self.recipient = recipient + def encrypted_key_type__from_string(xml_string): return saml2.create_class_from_xml_string(EncryptedKeyType_, xml_string) class EncryptedData(EncryptedDataType_): - """The http://www.w3.org/2001/04/xmlenc#:EncryptedData element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptedData element""" - c_tag = 'EncryptedData' + c_tag = "EncryptedData" c_namespace = NAMESPACE c_children = EncryptedDataType_.c_children.copy() c_attributes = EncryptedDataType_.c_attributes.copy() c_child_order = EncryptedDataType_.c_child_order[:] c_cardinality = EncryptedDataType_.c_cardinality.copy() + def encrypted_data_from_string(xml_string): return saml2.create_class_from_xml_string(EncryptedData, xml_string) class EncryptedKey(EncryptedKeyType_): - """The http://www.w3.org/2001/04/xmlenc#:EncryptedKey element """ + """The http://www.w3.org/2001/04/xmlenc#:EncryptedKey element""" - c_tag = 'EncryptedKey' + c_tag = "EncryptedKey" c_namespace = NAMESPACE c_children = EncryptedKeyType_.c_children.copy() c_attributes = EncryptedKeyType_.c_attributes.copy() c_child_order = EncryptedKeyType_.c_child_order[:] c_cardinality = EncryptedKeyType_.c_cardinality.copy() + def encrypted_key_from_string(xml_string): return saml2.create_class_from_xml_string(EncryptedKey, xml_string) -ds.KeyInfo.c_children['{http://www.w3.org/2000/09/xmlenc#}EncryptedKey'] = ( - 'encrypted_key', - EncryptedKey) + +ds.KeyInfo.c_children["{http://www.w3.org/2000/09/xmlenc#}EncryptedKey"] = ("encrypted_key", EncryptedKey) ELEMENT_FROM_STRING = { @@ -727,40 +782,39 @@ def encrypted_key_from_string(xml_string): } ELEMENT_BY_TAG = { - 'EncryptionMethodType': EncryptionMethodType_, - 'KeySizeType': KeySizeType_, - 'CipherData': CipherData, - 'CipherDataType': CipherDataType_, - 'CipherReference': CipherReference, - 'CipherReferenceType': CipherReferenceType_, - 'TransformsType': TransformsType_, - 'EncryptedData': EncryptedData, - 'EncryptedDataType': EncryptedDataType_, - 'EncryptedKey': EncryptedKey, - 'EncryptedKeyType': EncryptedKeyType_, - 'AgreementMethod': AgreementMethod, - 'AgreementMethodType': AgreementMethodType_, - 'ReferenceList': ReferenceList, - 'ReferenceType': ReferenceType_, - 'EncryptionProperties': EncryptionProperties, - 'EncryptionPropertiesType': EncryptionPropertiesType_, - 'EncryptionProperty': EncryptionProperty, - 'EncryptionPropertyType': EncryptionPropertyType_, - 'CipherValue': CipherValue, - 'KA_Nonce': KA_Nonce, - 'OriginatorKeyInfo': OriginatorKeyInfo, - 'RecipientKeyInfo': RecipientKeyInfo, - 'KeySize': KeySize, - 'OAEPparams': OAEPparams, - 'Transforms': Transforms, - 'EncryptionMethod': EncryptionMethod, - 'DataReference': DataReference, - 'KeyReference': KeyReference, - 'CarriedKeyName': CarriedKeyName, - 'EncryptedType': EncryptedType_, + "EncryptionMethodType": EncryptionMethodType_, + "KeySizeType": KeySizeType_, + "CipherData": CipherData, + "CipherDataType": CipherDataType_, + "CipherReference": CipherReference, + "CipherReferenceType": CipherReferenceType_, + "TransformsType": TransformsType_, + "EncryptedData": EncryptedData, + "EncryptedDataType": EncryptedDataType_, + "EncryptedKey": EncryptedKey, + "EncryptedKeyType": EncryptedKeyType_, + "AgreementMethod": AgreementMethod, + "AgreementMethodType": AgreementMethodType_, + "ReferenceList": ReferenceList, + "ReferenceType": ReferenceType_, + "EncryptionProperties": EncryptionProperties, + "EncryptionPropertiesType": EncryptionPropertiesType_, + "EncryptionProperty": EncryptionProperty, + "EncryptionPropertyType": EncryptionPropertyType_, + "CipherValue": CipherValue, + "KA_Nonce": KA_Nonce, + "OriginatorKeyInfo": OriginatorKeyInfo, + "RecipientKeyInfo": RecipientKeyInfo, + "KeySize": KeySize, + "OAEPparams": OAEPparams, + "Transforms": Transforms, + "EncryptionMethod": EncryptionMethod, + "DataReference": DataReference, + "KeyReference": KeyReference, + "CarriedKeyName": CarriedKeyName, + "EncryptedType": EncryptedType_, } def factory(tag, **kwargs): return ELEMENT_BY_TAG[tag](**kwargs) - diff --git a/src/saml2test/__init__.py b/src/saml2test/__init__.py index a4812f962..e4f1d6bf6 100644 --- a/src/saml2test/__init__.py +++ b/src/saml2test/__init__.py @@ -1,16 +1,19 @@ import logging +import socket +from subprocess import PIPE +from subprocess import Popen +import sys import time import traceback + import requests -import sys -import socket -from subprocess import Popen, PIPE from saml2test.check import CRITICAL + logger = logging.getLogger(__name__) -__author__ = 'rolandh' +__author__ = "rolandh" class FatalError(Exception): @@ -53,11 +56,11 @@ def start_script(path, *args): def stop_script_by_name(name): - import subprocess - import signal import os + import signal + import subprocess - p = subprocess.Popen(['ps', '-A'], stdout=subprocess.PIPE) + p = subprocess.Popen(["ps", "-A"], stdout=subprocess.PIPE) out, err = p.communicate() for line in out.splitlines(): @@ -67,8 +70,8 @@ def stop_script_by_name(name): def stop_script_by_pid(pid): - import signal import os + import signal os.kill(pid, signal.SIGKILL) @@ -85,13 +88,12 @@ def exception_trace(tag, exc, log=None): message = traceback.format_exception(*sys.exc_info()) try: - _exc = "Exception: %s" % exc + _exc = f"Exception: {exc}" except UnicodeEncodeError: - _exc = "Exception: %s" % exc.message.encode("utf-8", "replace") + _exc = f"Exception: {exc.message.encode('utf-8', 'replace')}" return {"status": CRITICAL, "message": _exc, "content": "".join(message)} def ip_addresses(): - return [ip for ip in socket.gethostbyname_ex(socket.gethostname())[2] - if not ip.startswith("127.")] \ No newline at end of file + return [ip for ip in socket.gethostbyname_ex(socket.gethostname())[2] if not ip.startswith("127.")] diff --git a/src/saml2test/check.py b/src/saml2test/check.py index 710937140..158397fb5 100644 --- a/src/saml2test/check.py +++ b/src/saml2test/check.py @@ -1,29 +1,28 @@ import inspect import json -import six -__author__ = 'rolandh' -import traceback +__author__ = "rolandh" + import sys +import traceback + INFORMATION = 0 OK = 1 WARNING = 2 -ERROR = 3 # an error condition in the test target -CRITICAL = 4 # an error condition in the test driver +ERROR = 3 # an error condition in the test target +CRITICAL = 4 # an error condition in the test driver INTERACTION = 5 -STATUSCODE = ["INFORMATION", "OK", "WARNING", "ERROR", "CRITICAL", - "INTERACTION"] +STATUSCODE = ["INFORMATION", "OK", "WARNING", "ERROR", "CRITICAL", "INTERACTION"] CONT_JSON = "application/json" CONT_JWT = "application/jwt" -class Check(object): - """ General test - """ +class Check: + """General test""" cid = "check" msg = "OK" @@ -46,16 +45,11 @@ def __call__(self, conv=None, output=None): def response(self, **kwargs): try: - name = " ".join( - [s.strip() for s in self.__doc__.strip().split("\n")]) + name = " ".join([s.strip() for s in self.__doc__.strip().split("\n")]) except AttributeError: name = "" - res = { - "id": self.cid, - "status": self._status, - "name": name - } + res = {"id": self.cid, "status": self._status, "name": name} if self._message: res["message"] = self._message @@ -92,7 +86,7 @@ def _func(self, conv=None): self._status = self.status _msg = conv.last_content - if isinstance(_msg, six.string_types): + if isinstance(_msg, str): self._message = _msg else: self._message = _msg.to_dict() @@ -105,6 +99,7 @@ class CheckErrorResponse(ExpectedError): Checks that the HTTP response status is outside the 200 or 300 range or that an JSON encoded error message has been received """ + cid = "check-error-response" msg = "OP error" @@ -128,12 +123,13 @@ class VerifyBadRequestResponse(ExpectedError): Verifies that the test target returned a 400 Bad Request response containing a an error message. """ + cid = "verify-bad-request-response" msg = "OP error" def _func(self, conv): _response = conv.last_response - _content = conv.last_content + # _content = conv.last_content res = {} if _response.status_code == 400: pass @@ -168,7 +164,7 @@ def _func(self, conv): try: assert item["error"] in self._kwargs["error"] except AssertionError: - self._message = "Wrong type of error, got %s" % item["error"] + self._message = f"Wrong type of error, got {item['error']}" self._status = self.status return {} @@ -178,6 +174,7 @@ class WrapException(CriticalError): """ A runtime exception """ + cid = "exception" msg = "Test tool exception" @@ -188,7 +185,8 @@ def _func(self, conv=None): class Other(CriticalError): - """ Other error """ + """Other error""" + msg = "Other error" @@ -196,18 +194,19 @@ class CheckSpHttpResponseOK(Error): """ Checks that the SP's HTTP response status is within the 200 or 300 range """ + cid = "check-sp-http-response-ok" msg = "SP error OK" def _func(self, conv): _response = conv.last_response - _content = conv.last_response.content + # _content = conv.last_response.content res = {} if _response.status_code >= 400: self._status = self.status self._message = self.msg - #res["content"] = _content #too big + charset converstion needed + # res["content"] = _content #too big + charset converstion needed res["url"] = conv.position res["http_status"] = _response.status_code @@ -215,21 +214,22 @@ def _func(self, conv): class CheckSpHttpResponse500(Error): - """ Checks that the SP's HTTP response status is >= 500. This is useful - to check if the SP correctly flags errors such as an invalid signature + """Checks that the SP's HTTP response status is >= 500. This is useful + to check if the SP correctly flags errors such as an invalid signature """ + cid = "check-sp-http-response-500" msg = "SP does not return a HTTP 5xx status when it shold do so." def _func(self, conv): _response = conv.last_response - _content = conv.last_response.content + # _content = conv.last_response.content res = {} if _response.status_code < 500: self._status = self.status self._message = self.msg - #res["content"] = _content #too big + charset converstion needed + # res["content"] = _content #too big + charset converstion needed res["url"] = conv.position res["http_status"] = _response.status_code @@ -237,8 +237,8 @@ def _func(self, conv): class MissingRedirect(CriticalError): - """ At this point in the flow a redirect back to the client was expected. - """ + """At this point in the flow a redirect back to the client was expected.""" + cid = "missing-redirect" msg = "Expected redirect to the RP, got something else" @@ -248,7 +248,8 @@ def _func(self, conv=None): class Parse(CriticalError): - """ Parsing the response """ + """Parsing the response""" + cid = "response-parse" errmsg = "Parse error" @@ -256,7 +257,7 @@ def _func(self, conv=None): if conv.exception: self._status = self.status err = conv.exception - self._message = "%s: %s" % (err.__class__.__name__, err) + self._message = f"{err.__class__.__name__}: {err}" else: _rmsg = conv.response_message cname = _rmsg.type() @@ -264,15 +265,13 @@ def _func(self, conv=None): self._status = self.status self._message = ( "Didn't get a response of the type I expected:", - " '%s' instead of '%s', content:'%s'" % ( - cname, conv.response_type, _rmsg)) - return { - "response_type": conv.response_type, - "url": conv.position - } + f" '{cname}' instead of '{conv.response_type}', content:'{_rmsg}'", + ) + return {"response_type": conv.response_type, "url": conv.position} return {} + def factory(cid, classes): if len(classes) == 0: for name, obj in inspect.getmembers(sys.modules[__name__]): diff --git a/src/saml2test/interaction.py b/src/saml2test/interaction.py index 119d12894..16378ffc5 100644 --- a/src/saml2test/interaction.py +++ b/src/saml2test/interaction.py @@ -1,15 +1,15 @@ -__author__ = 'rohe0002' +__author__ = "rohe0002" import json import logging -import six -from urlparse import urlparse from bs4 import BeautifulSoup - from mechanize import ParseResponseEx -from mechanize._form import ControlNotFoundError, AmbiguityError +from mechanize._form import AmbiguityError +from mechanize._form import ControlNotFoundError from mechanize._form import ListControl +from urlparse import urlparse + logger = logging.getLogger(__name__) @@ -35,11 +35,12 @@ def NoneFunc(): return None -class RResponse(): +class RResponse: """ A Response class that behaves in the way that mechanize expects it. Links to a requests.Response """ + def __init__(self, resp): self._resp = resp self.index = 0 @@ -80,17 +81,17 @@ def read(self, size=0): if self._len == self.index: part = None elif self._len - self.index < size: - part = self.text[self.index:] + part = self.text[self.index :] self.index = self._len else: - part = self.text[self.index:self.index + size] + part = self.text[self.index : self.index + size] self.index += size return part else: return self.text -class Interaction(object): +class Interaction: def __init__(self, httpc, interactions=None): self.httpc = httpc self.interactions = interactions @@ -121,8 +122,7 @@ def pick_interaction(self, _base="", content="", req=None): _match += 1 else: _c = _bs.title.contents - if isinstance(_c, list) and not isinstance( - _c, six.string_types): + if isinstance(_c, list) and not isinstance(_c, str): for _line in _c: if val in _line: _match += 1 @@ -155,9 +155,9 @@ def pick_form(self, response, url=None, **kwargs): if not forms: raise FlowException(content=response.text, url=url) - #if len(forms) == 1: + # if len(forms) == 1: # return forms[0] - #else: + # else: _form = None # ignore the first form, because I use ParseResponseEx which adds @@ -182,7 +182,7 @@ def pick_form(self, response, url=None, **kwargs): _default = _ava["value"] try: orig_val = form[prop] - if isinstance(orig_val, six.string_types): + if isinstance(orig_val, str): if orig_val == _default: _form = form elif _default in orig_val: @@ -242,8 +242,7 @@ def do_click(self, form, **kwargs): url = request._Request__original if form.method == "POST": - return self.httpc.send(url, "POST", data=request.data, - headers=headers) + return self.httpc.send(url, "POST", data=request.data, headers=headers) else: return self.httpc.send(url, "GET", headers=headers) @@ -263,7 +262,7 @@ def select_form(self, orig_response, **kwargs): _url = kwargs["location"] form = self.pick_form(response, _url, **kwargs) - #form.backwards_compatible = False + # form.backwards_compatible = False if not form: raise Exception("Can't pick a form !!") @@ -286,12 +285,11 @@ def select_form(self, orig_response, **kwargs): raise if form.action in kwargs["conv"].my_endpoints(): - return {"SAMLResponse": form["SAMLResponse"], - "RelayState": form["RelayState"]} + return {"SAMLResponse": form["SAMLResponse"], "RelayState": form["RelayState"]} return self.do_click(form, **kwargs) - #noinspection PyUnusedLocal + # noinspection PyUnusedLocal def chose(self, orig_response, path, **kwargs): """ Sends a HTTP GET to a url given by the present url and the given @@ -310,13 +308,13 @@ def chose(self, orig_response, path, **kwargs): _url = kwargs["location"] part = urlparse(_url) - url = "%s://%s%s" % (part[0], part[1], path) + url = f"{part[0]}://{part[1]}{path}" else: url = path logger.info("GET %s", url) return self.httpc.send(url, "GET") - #return resp, "" + # return resp, "" def post_form(self, orig_response, **kwargs): """ @@ -334,20 +332,19 @@ def post_form(self, orig_response, **kwargs): return self.do_click(form, **kwargs) - #noinspection PyUnusedLocal + # noinspection PyUnusedLocal def parse(self, orig_response, **kwargs): # content is a form from which I get the SAMLResponse response = RResponse(orig_response) form = self.pick_form(response, **kwargs) - #form.backwards_compatible = False + # form.backwards_compatible = False if not form: raise InteractionNeeded("Can't pick a form !!") - return {"SAMLResponse": form["SAMLResponse"], - "RelayState": form["RelayState"]} + return {"SAMLResponse": form["SAMLResponse"], "RelayState": form["RelayState"]} - #noinspection PyUnusedLocal + # noinspection PyUnusedLocal def interaction(self, args): _type = args["type"] if _type == "form": @@ -359,10 +356,11 @@ def interaction(self, args): else: return NoneFunc + # ======================================================================== -class Action(object): +class Action: def __init__(self, args): self.args = args or {} self.request = None @@ -370,7 +368,7 @@ def __init__(self, args): def update(self, dic): self.args.update(dic) - #noinspection PyUnusedLocal + # noinspection PyUnusedLocal def post_op(self, result, conv, args): pass diff --git a/src/saml2test/opfunc.py b/src/saml2test/opfunc.py index 51c86ddb2..51b01b0cd 100644 --- a/src/saml2test/opfunc.py +++ b/src/saml2test/opfunc.py @@ -1,14 +1,14 @@ -import logging import json -import six - -from urlparse import urlparse +import logging from mechanize import ParseResponseEx -from mechanize._form import ControlNotFoundError, AmbiguityError +from mechanize._form import AmbiguityError +from mechanize._form import ControlNotFoundError from mechanize._form import ListControl +from urlparse import urlparse -__author__ = 'rohe0002' + +__author__ = "rohe0002" logger = logging.getLogger(__name__) @@ -24,9 +24,9 @@ def __str__(self): return json.dumps(self.__dict__) -class DResponse(): - """ A Response class that behaves in the way that mechanize expects it - """ +class DResponse: + """A Response class that behaves in the way that mechanize expects it""" + def __init__(self, **kwargs): self.status = 200 # default self.index = 0 @@ -73,10 +73,10 @@ def read(self, size=0): if self._len == self.index: part = None elif self._len - self.index < size: - part = self._message[self.index:] + part = self._message[self.index :] self.index = self._len else: - part = self._message[self.index:self.index + size] + part = self._message[self.index : self.index + size] self.index += size return part else: @@ -113,8 +113,7 @@ def do_request(client, url, method, body="", headers=None): logger.info("--> BODY: %s", body) logger.info("--> Headers: %s", headers) - response = client.http_request(url, method=method, data=body, - headers=headers) + response = client.http_request(url, method=method, data=body, headers=headers) logger.info("<-- RESPONSE: %s", response) logger.info("<-- CONTENT: %s", response.text) @@ -138,9 +137,9 @@ def pick_form(response, content, url=None, **kwargs): if not forms: raise FlowException(content=content, url=url) - #if len(forms) == 1: + # if len(forms) == 1: # return forms[0] - #else: + # else: _form = None # ignore the first form for now @@ -164,7 +163,7 @@ def pick_form(response, content, url=None, **kwargs): _default = _ava["value"] try: orig_val = form[prop] - if isinstance(orig_val, six.string_types): + if isinstance(orig_val, str): if orig_val == _default: _form = form elif _default in orig_val: @@ -213,9 +212,7 @@ def do_click(client, form, **kwargs): else: _nr += 1 except ControlNotFoundError: - raise Exception("No submit control with the name='%s' and " - "value='%s' could be found" % (_name, - _val)) + raise Exception(f"No submit control with the name='{_name}' and value='{_val}' could be found") else: request = form.click() @@ -251,7 +248,7 @@ def select_form(client, orig_response, content, **kwargs): response.write(content) form = pick_form(response, content, _url, **kwargs) - #form.backwards_compatible = False + # form.backwards_compatible = False if not form: raise Exception("Can't pick a form !!") @@ -276,7 +273,7 @@ def select_form(client, orig_response, content, **kwargs): return do_click(client, form, **kwargs) -#noinspection PyUnusedLocal +# noinspection PyUnusedLocal def chose(client, orig_response, content, path, **kwargs): """ Sends a HTTP GET to a url given by the present url and the given @@ -295,7 +292,7 @@ def chose(client, orig_response, content, path, **kwargs): _url = kwargs["location"] part = urlparse(_url) - url = "%s://%s%s" % (part[0], part[1], path) + url = f"{part[0]}://{part[1]}{path}" else: url = path @@ -335,10 +332,11 @@ def interaction(args): else: return NoneFunc + # ======================================================================== -class Operation(object): +class Operation: def __init__(self, conv, args=None, features=None): if args: self.function = interaction(args) @@ -352,7 +350,7 @@ def __init__(self, conv, args=None, features=None): def update(self, dic): self.args.update(dic) - #noinspection PyUnusedLocal + # noinspection PyUnusedLocal def post_op(self, result, environ, args): pass diff --git a/src/saml2test/status.py b/src/saml2test/status.py index 4f5ba8406..40f3a1239 100644 --- a/src/saml2test/status.py +++ b/src/saml2test/status.py @@ -1,4 +1,4 @@ -__author__ = 'rolandh' +__author__ = "rolandh" INFORMATION = 0 OK = 1 @@ -7,5 +7,4 @@ CRITICAL = 4 INTERACTION = 5 -STATUSCODE = ["INFORMATION", "OK", "WARNING", "ERROR", "CRITICAL", - "INTERACTION"] +STATUSCODE = ["INFORMATION", "OK", "WARNING", "ERROR", "CRITICAL", "INTERACTION"] diff --git a/src/saml2test/tool.py b/src/saml2test/tool.py index da96c3362..fa600955f 100644 --- a/src/saml2test/tool.py +++ b/src/saml2test/tool.py @@ -1,34 +1,45 @@ -import cookielib +import logging import sys import traceback -import logging + +import cookielib from urlparse import parse_qs -import six -from saml2test.opfunc import Operation -from saml2test import CheckError, FatalError -from saml2test.check import ExpectedError, ERROR -from saml2test.interaction import Interaction +from saml2test import CheckError +from saml2test import FatalError +from saml2test import OperationError +from saml2test.check import ERROR +from saml2test.check import ExpectedError from saml2test.interaction import Action +from saml2test.interaction import Interaction from saml2test.interaction import InteractionNeeded -from saml2test.status import STATUSCODE +from saml2test.opfunc import Operation from saml2test.status import INTERACTION -from saml2test import OperationError +from saml2test.status import STATUSCODE -__author__ = 'rolandh' + +__author__ = "rolandh" logger = logging.getLogger(__name__) -class Conversation(object): +class Conversation: """ :ivar response: The received HTTP messages :ivar protocol_response: List of the received protocol messages """ - def __init__(self, client, config, interaction, - check_factory=None, msg_factory=None, - features=None, verbose=False, expect_exception=None): + def __init__( + self, + client, + config, + interaction, + check_factory=None, + msg_factory=None, + features=None, + verbose=False, + expect_exception=None, + ): self.client = client self.client_config = config self.test_output = [] @@ -38,9 +49,7 @@ def __init__(self, client, config, interaction, self.msg_factory = msg_factory self.expect_exception = expect_exception - self.cjar = {"browser": cookielib.CookieJar(), - "rp": cookielib.CookieJar(), - "service": cookielib.CookieJar()} + self.cjar = {"browser": cookielib.CookieJar(), "rp": cookielib.CookieJar(), "service": cookielib.CookieJar()} self.protocol_response = [] self.last_response = None @@ -65,7 +74,7 @@ def check_severity(self, stat): raise CheckError def do_check(self, test, **kwargs): - if isinstance(test, six.string_types): + if isinstance(test, str): chk = self.check_factory(test)(**kwargs) else: chk = test(**kwargs) @@ -78,7 +87,7 @@ def err_check(self, test, err=None, bryt=True): chk = self.check_factory(test)() chk(self, self.test_output) if bryt: - e = FatalError("%s" % err) + e = FatalError(f"{err}") e.trace = "".join(traceback.format_exception(*sys.exc_info())) raise e @@ -116,8 +125,7 @@ def intermit(self): else: rdseq.append(url) if len(rdseq) > 8: - raise FatalError( - "Too long sequence of redirects: %s" % rdseq) + raise FatalError(f"Too long sequence of redirects: {rdseq}") logger.info("HTTP %d Location: %s", _response.status_code, url) # If back to me @@ -145,7 +153,7 @@ def intermit(self): logger.info("GET %s", url) _response = self.client.send(url, "GET") except Exception as err: - raise FatalError("%s" % err) + raise FatalError(f"{err}") content = _response.text logger.info("<-- CONTENT: %s", content) @@ -166,15 +174,13 @@ def intermit(self): _spec = self.interaction.pick_interaction(_base, content) except InteractionNeeded: self.position = url - cnt = content.replace("\n", '').replace("\t", '').replace("\r", - '') + cnt = content.replace("\n", "").replace("\t", "").replace("\r", "") logger.error("URL: %s", url) logger.error("Page Content: %s", cnt) raise except KeyError: self.position = url - cnt = content.replace("\n", '').replace("\t", '').replace("\r", - '') + cnt = content.replace("\n", "").replace("\t", "").replace("\r", "") logger.error("URL: %s", url) logger.error("Page Content: %s", cnt) self.err_check("interaction-needed") @@ -183,11 +189,14 @@ def intermit(self): _same_actions += 1 if _same_actions >= 3: self.test_output.append( - {"status": ERROR, - "message": "Interaction loop detection", - #"id": "exception", - #"name": "interaction needed", - "url": self.position}) + { + "status": ERROR, + "message": "Interaction loop detection", + # "id": "exception", + # "name": "interaction needed", + "url": self.position, + } + ) raise OperationError() else: _last_action = _spec @@ -200,8 +209,7 @@ def intermit(self): _op = Action(_spec["control"]) try: - _response = _op(self.client, self, url, _response, content, - self.features) + _response = _op(self.client, self, url, _response, content, self.features) if isinstance(_response, dict): self.last_response = _response self.last_content = _response @@ -215,11 +223,14 @@ def intermit(self): txt = "Got status code '%s', error: %s" logger.error(txt, _response.status_code, content) self.test_output.append( - {"status": ERROR, - "message": txt % (_response.status_code, content), - #"id": "exception", - #"name": "interaction needed", - "url": self.position}) + { + "status": ERROR, + "message": txt % (_response.status_code, content), + # "id": "exception", + # "name": "interaction needed", + "url": self.position, + } + ) raise OperationError() except (FatalError, InteractionNeeded, OperationError): raise @@ -289,19 +300,22 @@ def do_sequence(self, oper): try: self.do_query() except InteractionNeeded: - cnt = self.last_content.replace("\n", '').replace( - "\t", '').replace("\r", '') - self.test_output.append({"status": INTERACTION, - "message": cnt, - "id": "exception", - "name": "interaction needed", - "url": self.position}) + cnt = self.last_content.replace("\n", "").replace("\t", "").replace("\r", "") + self.test_output.append( + { + "status": INTERACTION, + "message": cnt, + "id": "exception", + "name": "interaction needed", + "url": self.position, + } + ) break - except (FatalError, OperationError): - raise - except Exception as err: - #self.err_check("exception", err) - raise + # except (FatalError, OperationError): + # raise + # except Exception as err: + # self.err_check("exception", err) + # raise try: self.test_sequence(oper["tests"]["post"]) diff --git a/src/utility/metadata.py b/src/utility/metadata.py index bf1c4a183..ab6d30f25 100644 --- a/src/utility/metadata.py +++ b/src/utility/metadata.py @@ -1,11 +1,15 @@ -import os.path, sys, time, urllib -from time import strftime import logging +import os.path +import time +from time import strftime +import urllib + -__author__ = 'rhoerbe' +__author__ = "rhoerbe" logger = logging.getLogger(__name__) + def fetch_metadata(url, path, maxage=600): """ :param url: metadata remote location @@ -19,18 +23,18 @@ def fetch_metadata(url, path, maxage=600): logger.debug("metadata file %s not found", path) elif (os.path.getmtime(path) + maxage) < time.time(): fetch = True - logger.debug("metadata file %s from %s is more than %s s old", - path, - strftime("%Y-%m-%d %H:%M:%S", time.localtime(os.path.getmtime(path))), - maxage) + logger.debug( + "metadata file %s from %s is more than %s s old", + path, + strftime("%Y-%m-%d %H:%M:%S", time.localtime(os.path.getmtime(path))), + maxage, + ) else: logger.debug("metadata file %s is less than %s s old", path, maxage) if fetch: - f=urllib.URLopener() + f = urllib.URLopener() try: f.retrieve(url, path) logger.debug("downloaded metadata from %s into %s", url, path) - except: - logger.debug("downloaded metadata from %s failed: %s", - url, sys.exc_info()[0]) - + except Exception as e: + logger.debug("downloaded metadata from %s failed: %s", url, str(e)) diff --git a/tests/_test_80_p11_backend.py b/tests/_test_80_p11_backend.py index bdbb4fa6a..ea0ef4b4f 100644 --- a/tests/_test_80_p11_backend.py +++ b/tests/_test_80_p11_backend.py @@ -8,23 +8,26 @@ # -nocrypt # -__author__ = 'leifj' # based on p11_test from pyXMLSecurity +__author__ = "leifj" # based on p11_test from pyXMLSecurity import logging import os -import traceback import subprocess import tempfile -import pytest +import traceback + from pathutils import full_path -from saml2 import sigver from saml2 import class_name -from saml2 import time_util from saml2 import saml -from saml2.s_utils import factory, do_attribute_statement +from saml2 import sigver +from saml2 import time_util +from saml2.s_utils import do_attribute_statement +from saml2.s_utils import factory + + +# xmlsec = pytest.importorskip("xmlsec") -#xmlsec = pytest.importorskip("xmlsec") def _find_alts(alts): for a in alts: @@ -36,26 +39,27 @@ def _find_alts(alts): PUB_KEY = full_path("test.pem") PRIV_KEY = full_path("test.key.p8") -P11_MODULES = ['/usr/lib/libsofthsm.so', '/usr/lib/softhsm/libsofthsm.so'] +P11_MODULES = ["/usr/lib/libsofthsm.so", "/usr/lib/softhsm/libsofthsm.so"] P11_MODULE = _find_alts(P11_MODULES) -P11_ENGINE = '/usr/lib/engines/engine_pkcs11.so' +P11_ENGINE = "/usr/lib/engines/engine_pkcs11.so" def _eq(l1, l2): return set(l1) == set(l2) -class FakeConfig(): +class FakeConfig: """ Configuration parameters for signature validation test cases. """ - def __init__(self, pub_key = PUB_KEY): + + def __init__(self, pub_key=PUB_KEY): self.xmlsec_binary = None - self.crypto_backend = 'XMLSecurity' + self.crypto_backend = "XMLSecurity" self.only_use_keys_in_metadata = False self.metadata = None self.cert_file = pub_key - self.key_file = "pkcs11://%s:0/test?pin=secret1" % P11_MODULE + self.key_file = f"pkcs11://{P11_MODULE}:0/test?pin=secret1" self.debug = False self.cert_handler_extra_class = None self.generate_cert_info = False @@ -66,8 +70,7 @@ def __init__(self, pub_key = PUB_KEY): self.delete_tmpfiles = True -class TestPKCS11(): - +class TestPKCS11: def __init__(self): self.private_keyspec = None self.public_keyspec = None @@ -89,73 +92,83 @@ def setup_class(self): logging.debug("Generating softhsm.conf") with open(self.softhsm_conf, "w") as f: - f.write("#Generated by pysaml2 cryptobackend test\n0:%s\n" % self.softhsm_db) + f.write(f"#Generated by pysaml2 cryptobackend test\n0:{self.softhsm_db}\n") logging.debug("Initializing the token") - self._p(['softhsm', - '--slot', '0', - '--label', 'test', - '--init-token', - '--pin', 'secret1', - '--so-pin', 'secret2']) - - logging.debug("Importing test key {!r} into SoftHSM".format(PRIV_KEY)) - self._p(['softhsm', - '--slot', '0', - '--label', 'test', - '--import', PRIV_KEY, - '--id', 'a1b2', - '--pin', 'secret1', - '--so-pin', 'secret2']) + self._p( + ["softhsm", "--slot", "0", "--label", "test", "--init-token", "--pin", "secret1", "--so-pin", "secret2"] + ) + + logging.debug(f"Importing test key {PRIV_KEY!r} into SoftHSM") + self._p( + [ + "softhsm", + "--slot", + "0", + "--label", + "test", + "--import", + PRIV_KEY, + "--id", + "a1b2", + "--pin", + "secret1", + "--so-pin", + "secret2", + ] + ) logging.debug("Transforming PEM certificate to DER") - self._p(['openssl', 'x509', - '-inform', 'PEM', - '-outform', 'DER', - '-in', PUB_KEY, - '-out', self.signer_cert_der]) + self._p( + ["openssl", "x509", "-inform", "PEM", "-outform", "DER", "-in", PUB_KEY, "-out", self.signer_cert_der] + ) logging.debug("Importing certificate into token") - self._p(['pkcs11-tool', - '--module', P11_MODULE, - '-l', - '--slot', '0', - '--id', 'a1b2', - '--label', 'test', - '-y', 'cert', - '-w', self.signer_cert_der, - '--pin', 'secret1']) + self._p( + [ + "pkcs11-tool", + "--module", + P11_MODULE, + "-l", + "--slot", + "0", + "--id", + "a1b2", + "--label", + "test", + "-y", + "cert", + "-w", + self.signer_cert_der, + "--pin", + "secret1", + ] + ) # list contents of SoftHSM - self._p(['pkcs11-tool', - '--module', P11_MODULE, - '-l', - '--pin', 'secret1', '-O']) - self._p(['pkcs11-tool', - '--module', P11_MODULE, - '-l', - '--pin', 'secret1', '-T']) - self._p(['pkcs11-tool', - '--module', P11_MODULE, - '-l', - '--pin', 'secret1', '-L']) - self.sec = sigver.security_context(FakeConfig(pub_key = PUB_KEY)) - self._assertion = factory(saml.Assertion, - version="2.0", - id="11111", - issue_instant="2009-10-30T13:20:28Z", - signature=sigver.pre_signature_part("11111", self.sec.my_cert, 1), - attribute_statement=do_attribute_statement( - {("", "", "surName"): ("Foo", ""), - ("", "", "givenName"): ("Bar", ""), - }) - ) + self._p(["pkcs11-tool", "--module", P11_MODULE, "-l", "--pin", "secret1", "-O"]) + self._p(["pkcs11-tool", "--module", P11_MODULE, "-l", "--pin", "secret1", "-T"]) + self._p(["pkcs11-tool", "--module", P11_MODULE, "-l", "--pin", "secret1", "-L"]) + self.sec = sigver.security_context(FakeConfig(pub_key=PUB_KEY)) + self._assertion = factory( + saml.Assertion, + version="2.0", + id="11111", + issue_instant="2009-10-30T13:20:28Z", + signature=sigver.pre_signature_part("11111", self.sec.my_cert, 1), + attribute_statement=do_attribute_statement( + { + ("", "", "surName"): ("Foo", ""), + ("", "", "givenName"): ("Bar", ""), + } + ), + ) self.configured = True except Exception as ex: print("-" * 64) traceback.print_exc() print("-" * 64) - logging.warning("PKCS11 tests disabled: unable to initialize test token: %s" % ex) + logging.warning(f"PKCS11 tests disabled: unable to initialize test token: {ex}") raise def teardown_class(self): @@ -176,11 +189,11 @@ def _tf(self): def _p(self, args): env = {} if self.softhsm_conf is not None: - env['SOFTHSM_CONF'] = self.softhsm_conf - #print("env SOFTHSM_CONF=%s " % softhsm_conf +" ".join(args)) - logging.debug("Environment {!r}".format(env)) - logging.debug("Executing {!r}".format(args)) - args = ['ls'] + env["SOFTHSM_CONF"] = self.softhsm_conf + # print("env SOFTHSM_CONF=%s " % softhsm_conf +" ".join(args)) + logging.debug(f"Environment {env!r}") + logging.debug(f"Executing {args!r}") + args = ["ls"] proc = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, env=env) out, err = proc.communicate() if err is not None and len(err) > 0: @@ -189,27 +202,26 @@ def _p(self, args): logging.debug(out) rv = proc.wait() if rv: - raise RuntimeError("command exited with code != 0: %d" % rv) + raise RuntimeError(f"command exited with code != 0: {int(rv)}") def test_SAML_sign_with_pkcs11(self): """ Test signing a SAML assertion using PKCS#11 and then verifying it. """ - os.environ['SOFTHSM_CONF'] = self.softhsm_conf + os.environ["SOFTHSM_CONF"] = self.softhsm_conf ass = self._assertion print(ass) - sign_ass = self.sec.sign_assertion("%s" % ass, node_id=ass.id) - #print(sign_ass) + sign_ass = self.sec.sign_assertion(f"{ass}", node_id=ass.id) + # print(sign_ass) sass = saml.assertion_from_string(sign_ass) - #print(sass) - assert _eq(sass.keyswv(), ['attribute_statement', 'issue_instant', - 'version', 'signature', 'id']) + # print(sass) + assert _eq(sass.keyswv(), ["attribute_statement", "issue_instant", "version", "signature", "id"]) assert sass.version == "2.0" assert sass.id == "11111" assert time_util.str_to_time(sass.issue_instant) - print("Crypto version : %s" % (self.sec.crypto.version())) + print(f"Crypto version : {self.sec.crypto.version()}") item = self.sec.check_signature(sass, class_name(sass), sign_ass) diff --git a/tests/aa_conf.py b/tests/aa_conf.py index fbeaff146..480591190 100644 --- a/tests/aa_conf.py +++ b/tests/aa_conf.py @@ -1,48 +1,51 @@ +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import NAME_FORMAT_URI + -from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, NAME_FORMAT_URI BASE = "http://localhost:8089/" from pathutils import full_path -CONFIG={ - "service":{ - "aa":{ - "endpoints" : { - "attribute_service" : [(BASE + "as", BINDING_HTTP_REDIRECT)], - "single_logout_service": [(BASE+"slo", BINDING_SOAP)] +CONFIG = { + "service": { + "aa": { + "endpoints": { + "attribute_service": [(f"{BASE}as", BINDING_HTTP_REDIRECT)], + "single_logout_service": [(f"{BASE}slo", BINDING_SOAP)], }, "release_policy": { "default": { - "lifetime": {"minutes":15}, - "attribute_restrictions": None, # means all I have + "lifetime": {"minutes": 15}, + "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI, }, }, "subject_data": full_path("aa.db"), } }, - "entityid" : BASE+ "aa", - "name" : "Rolands AA", - "debug" : 1, - "key_file" : full_path("test.key"), - "cert_file" : full_path("test.pem"), - #"xmlsec_binary" : None, + "entityid": f"{BASE}aa", + "name": "Rolands AA", + "debug": 1, + "key_file": full_path("test.key"), + "cert_file": full_path("test.pem"), + # "xmlsec_binary" : None, "metadata": { "local": [full_path("metadata.xml"), full_path("vo_metadata.xml")], }, - "attribute_map_dir" : full_path("attributemaps"), + "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", - "display_name": [("Exempel AB","se"),("Example Co.","en")], - "url":"http://www.example.com/roland", + "display_name": [("Exempel AB", "se"), ("Example Co.", "en")], + "url": "http://www.example.com/roland", }, - "contact_person": [{ - "given_name":"John", - "sur_name": "Smith", - "email_address": ["john.smith@example.com"], - "contact_type": "technical", + "contact_person": [ + { + "given_name": "John", + "sur_name": "Smith", + "email_address": ["john.smith@example.com"], + "contact_type": "technical", }, ], } - diff --git a/tests/attribute_statement_data.py b/tests/attribute_statement_data.py index dae085f10..e15bcdd20 100644 --- a/tests/attribute_statement_data.py +++ b/tests/attribute_statement_data.py @@ -1,5 +1,4 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- """Testdata for attribute converters """ diff --git a/tests/attributemaps/basic.py b/tests/attributemaps/basic.py index 9311d5471..a6a65743d 100644 --- a/tests/attributemaps/basic.py +++ b/tests/attributemaps/basic.py @@ -1,326 +1,325 @@ - MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:basic", "fro": { - 'urn:mace:dir:attribute-def:aRecord': 'aRecord', - 'urn:mace:dir:attribute-def:aliasedEntryName': 'aliasedEntryName', - 'urn:mace:dir:attribute-def:aliasedObjectName': 'aliasedObjectName', - 'urn:mace:dir:attribute-def:associatedDomain': 'associatedDomain', - 'urn:mace:dir:attribute-def:associatedName': 'associatedName', - 'urn:mace:dir:attribute-def:audio': 'audio', - 'urn:mace:dir:attribute-def:authorityRevocationList': 'authorityRevocationList', - 'urn:mace:dir:attribute-def:buildingName': 'buildingName', - 'urn:mace:dir:attribute-def:businessCategory': 'businessCategory', - 'urn:mace:dir:attribute-def:c': 'c', - 'urn:mace:dir:attribute-def:cACertificate': 'cACertificate', - 'urn:mace:dir:attribute-def:cNAMERecord': 'cNAMERecord', - 'urn:mace:dir:attribute-def:carLicense': 'carLicense', - 'urn:mace:dir:attribute-def:certificateRevocationList': 'certificateRevocationList', - 'urn:mace:dir:attribute-def:cn': 'cn', - 'urn:mace:dir:attribute-def:co': 'co', - 'urn:mace:dir:attribute-def:commonName': 'commonName', - 'urn:mace:dir:attribute-def:countryName': 'countryName', - 'urn:mace:dir:attribute-def:crossCertificatePair': 'crossCertificatePair', - 'urn:mace:dir:attribute-def:dITRedirect': 'dITRedirect', - 'urn:mace:dir:attribute-def:dSAQuality': 'dSAQuality', - 'urn:mace:dir:attribute-def:dc': 'dc', - 'urn:mace:dir:attribute-def:deltaRevocationList': 'deltaRevocationList', - 'urn:mace:dir:attribute-def:departmentNumber': 'departmentNumber', - 'urn:mace:dir:attribute-def:description': 'description', - 'urn:mace:dir:attribute-def:destinationIndicator': 'destinationIndicator', - 'urn:mace:dir:attribute-def:displayName': 'displayName', - 'urn:mace:dir:attribute-def:distinguishedName': 'distinguishedName', - 'urn:mace:dir:attribute-def:dmdName': 'dmdName', - 'urn:mace:dir:attribute-def:dnQualifier': 'dnQualifier', - 'urn:mace:dir:attribute-def:documentAuthor': 'documentAuthor', - 'urn:mace:dir:attribute-def:documentIdentifier': 'documentIdentifier', - 'urn:mace:dir:attribute-def:documentLocation': 'documentLocation', - 'urn:mace:dir:attribute-def:documentPublisher': 'documentPublisher', - 'urn:mace:dir:attribute-def:documentTitle': 'documentTitle', - 'urn:mace:dir:attribute-def:documentVersion': 'documentVersion', - 'urn:mace:dir:attribute-def:domainComponent': 'domainComponent', - 'urn:mace:dir:attribute-def:drink': 'drink', - 'urn:mace:dir:attribute-def:eduOrgHomePageURI': 'eduOrgHomePageURI', - 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI': 'eduOrgIdentityAuthNPolicyURI', - 'urn:mace:dir:attribute-def:eduOrgLegalName': 'eduOrgLegalName', - 'urn:mace:dir:attribute-def:eduOrgSuperiorURI': 'eduOrgSuperiorURI', - 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI': 'eduOrgWhitePagesURI', - 'urn:mace:dir:attribute-def:eduPersonAffiliation': 'eduPersonAffiliation', - 'urn:mace:dir:attribute-def:eduPersonEntitlement': 'eduPersonEntitlement', - 'urn:mace:dir:attribute-def:eduPersonNickname': 'eduPersonNickname', - 'urn:mace:dir:attribute-def:eduPersonOrgDN': 'eduPersonOrgDN', - 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN': 'eduPersonOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation': 'eduPersonPrimaryAffiliation', - 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN': 'eduPersonPrimaryOrgUnitDN', - 'urn:mace:dir:attribute-def:eduPersonPrincipalName': 'eduPersonPrincipalName', - 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation': 'eduPersonScopedAffiliation', - 'urn:mace:dir:attribute-def:eduPersonTargetedID': 'eduPersonTargetedID', - 'urn:mace:dir:attribute-def:email': 'email', - 'urn:mace:dir:attribute-def:emailAddress': 'emailAddress', - 'urn:mace:dir:attribute-def:employeeNumber': 'employeeNumber', - 'urn:mace:dir:attribute-def:employeeType': 'employeeType', - 'urn:mace:dir:attribute-def:enhancedSearchGuide': 'enhancedSearchGuide', - 'urn:mace:dir:attribute-def:facsimileTelephoneNumber': 'facsimileTelephoneNumber', - 'urn:mace:dir:attribute-def:favouriteDrink': 'favouriteDrink', - 'urn:mace:dir:attribute-def:fax': 'fax', - 'urn:mace:dir:attribute-def:federationFeideSchemaVersion': 'federationFeideSchemaVersion', - 'urn:mace:dir:attribute-def:friendlyCountryName': 'friendlyCountryName', - 'urn:mace:dir:attribute-def:generationQualifier': 'generationQualifier', - 'urn:mace:dir:attribute-def:givenName': 'givenName', - 'urn:mace:dir:attribute-def:gn': 'gn', - 'urn:mace:dir:attribute-def:homePhone': 'homePhone', - 'urn:mace:dir:attribute-def:homePostalAddress': 'homePostalAddress', - 'urn:mace:dir:attribute-def:homeTelephoneNumber': 'homeTelephoneNumber', - 'urn:mace:dir:attribute-def:host': 'host', - 'urn:mace:dir:attribute-def:houseIdentifier': 'houseIdentifier', - 'urn:mace:dir:attribute-def:info': 'info', - 'urn:mace:dir:attribute-def:initials': 'initials', - 'urn:mace:dir:attribute-def:internationaliSDNNumber': 'internationaliSDNNumber', - 'urn:mace:dir:attribute-def:janetMailbox': 'janetMailbox', - 'urn:mace:dir:attribute-def:jpegPhoto': 'jpegPhoto', - 'urn:mace:dir:attribute-def:knowledgeInformation': 'knowledgeInformation', - 'urn:mace:dir:attribute-def:l': 'l', - 'urn:mace:dir:attribute-def:labeledURI': 'labeledURI', - 'urn:mace:dir:attribute-def:localityName': 'localityName', - 'urn:mace:dir:attribute-def:mDRecord': 'mDRecord', - 'urn:mace:dir:attribute-def:mXRecord': 'mXRecord', - 'urn:mace:dir:attribute-def:mail': 'mail', - 'urn:mace:dir:attribute-def:mailPreferenceOption': 'mailPreferenceOption', - 'urn:mace:dir:attribute-def:manager': 'manager', - 'urn:mace:dir:attribute-def:member': 'member', - 'urn:mace:dir:attribute-def:mobile': 'mobile', - 'urn:mace:dir:attribute-def:mobileTelephoneNumber': 'mobileTelephoneNumber', - 'urn:mace:dir:attribute-def:nSRecord': 'nSRecord', - 'urn:mace:dir:attribute-def:name': 'name', - 'urn:mace:dir:attribute-def:norEduOrgAcronym': 'norEduOrgAcronym', - 'urn:mace:dir:attribute-def:norEduOrgNIN': 'norEduOrgNIN', - 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion': 'norEduOrgSchemaVersion', - 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier': 'norEduOrgUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber': 'norEduOrgUniqueNumber', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier': 'norEduOrgUnitUniqueIdentifier', - 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber': 'norEduOrgUnitUniqueNumber', - 'urn:mace:dir:attribute-def:norEduPersonBirthDate': 'norEduPersonBirthDate', - 'urn:mace:dir:attribute-def:norEduPersonLIN': 'norEduPersonLIN', - 'urn:mace:dir:attribute-def:norEduPersonNIN': 'norEduPersonNIN', - 'urn:mace:dir:attribute-def:o': 'o', - 'urn:mace:dir:attribute-def:objectClass': 'objectClass', - 'urn:mace:dir:attribute-def:organizationName': 'organizationName', - 'urn:mace:dir:attribute-def:organizationalStatus': 'organizationalStatus', - 'urn:mace:dir:attribute-def:organizationalUnitName': 'organizationalUnitName', - 'urn:mace:dir:attribute-def:otherMailbox': 'otherMailbox', - 'urn:mace:dir:attribute-def:ou': 'ou', - 'urn:mace:dir:attribute-def:owner': 'owner', - 'urn:mace:dir:attribute-def:pager': 'pager', - 'urn:mace:dir:attribute-def:pagerTelephoneNumber': 'pagerTelephoneNumber', - 'urn:mace:dir:attribute-def:personalSignature': 'personalSignature', - 'urn:mace:dir:attribute-def:personalTitle': 'personalTitle', - 'urn:mace:dir:attribute-def:photo': 'photo', - 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName': 'physicalDeliveryOfficeName', - 'urn:mace:dir:attribute-def:pkcs9email': 'pkcs9email', - 'urn:mace:dir:attribute-def:postOfficeBox': 'postOfficeBox', - 'urn:mace:dir:attribute-def:postalAddress': 'postalAddress', - 'urn:mace:dir:attribute-def:postalCode': 'postalCode', - 'urn:mace:dir:attribute-def:preferredDeliveryMethod': 'preferredDeliveryMethod', - 'urn:mace:dir:attribute-def:preferredLanguage': 'preferredLanguage', - 'urn:mace:dir:attribute-def:presentationAddress': 'presentationAddress', - 'urn:mace:dir:attribute-def:protocolInformation': 'protocolInformation', - 'urn:mace:dir:attribute-def:pseudonym': 'pseudonym', - 'urn:mace:dir:attribute-def:registeredAddress': 'registeredAddress', - 'urn:mace:dir:attribute-def:rfc822Mailbox': 'rfc822Mailbox', - 'urn:mace:dir:attribute-def:roleOccupant': 'roleOccupant', - 'urn:mace:dir:attribute-def:roomNumber': 'roomNumber', - 'urn:mace:dir:attribute-def:sOARecord': 'sOARecord', - 'urn:mace:dir:attribute-def:searchGuide': 'searchGuide', - 'urn:mace:dir:attribute-def:secretary': 'secretary', - 'urn:mace:dir:attribute-def:seeAlso': 'seeAlso', - 'urn:mace:dir:attribute-def:serialNumber': 'serialNumber', - 'urn:mace:dir:attribute-def:singleLevelQuality': 'singleLevelQuality', - 'urn:mace:dir:attribute-def:sn': 'sn', - 'urn:mace:dir:attribute-def:st': 'st', - 'urn:mace:dir:attribute-def:stateOrProvinceName': 'stateOrProvinceName', - 'urn:mace:dir:attribute-def:street': 'street', - 'urn:mace:dir:attribute-def:streetAddress': 'streetAddress', - 'urn:mace:dir:attribute-def:subtreeMaximumQuality': 'subtreeMaximumQuality', - 'urn:mace:dir:attribute-def:subtreeMinimumQuality': 'subtreeMinimumQuality', - 'urn:mace:dir:attribute-def:supportedAlgorithms': 'supportedAlgorithms', - 'urn:mace:dir:attribute-def:supportedApplicationContext': 'supportedApplicationContext', - 'urn:mace:dir:attribute-def:surname': 'surname', - 'urn:mace:dir:attribute-def:telephoneNumber': 'telephoneNumber', - 'urn:mace:dir:attribute-def:teletexTerminalIdentifier': 'teletexTerminalIdentifier', - 'urn:mace:dir:attribute-def:telexNumber': 'telexNumber', - 'urn:mace:dir:attribute-def:textEncodedORAddress': 'textEncodedORAddress', - 'urn:mace:dir:attribute-def:title': 'title', - 'urn:mace:dir:attribute-def:uid': 'uid', - 'urn:mace:dir:attribute-def:uniqueIdentifier': 'uniqueIdentifier', - 'urn:mace:dir:attribute-def:uniqueMember': 'uniqueMember', - 'urn:mace:dir:attribute-def:userCertificate': 'userCertificate', - 'urn:mace:dir:attribute-def:userClass': 'userClass', - 'urn:mace:dir:attribute-def:userPKCS12': 'userPKCS12', - 'urn:mace:dir:attribute-def:userPassword': 'userPassword', - 'urn:mace:dir:attribute-def:userSMIMECertificate': 'userSMIMECertificate', - 'urn:mace:dir:attribute-def:userid': 'userid', - 'urn:mace:dir:attribute-def:x121Address': 'x121Address', - 'urn:mace:dir:attribute-def:x500UniqueIdentifier': 'x500UniqueIdentifier', - }, + "urn:mace:dir:attribute-def:aRecord": "aRecord", + "urn:mace:dir:attribute-def:aliasedEntryName": "aliasedEntryName", + "urn:mace:dir:attribute-def:aliasedObjectName": "aliasedObjectName", + "urn:mace:dir:attribute-def:associatedDomain": "associatedDomain", + "urn:mace:dir:attribute-def:associatedName": "associatedName", + "urn:mace:dir:attribute-def:audio": "audio", + "urn:mace:dir:attribute-def:authorityRevocationList": "authorityRevocationList", + "urn:mace:dir:attribute-def:buildingName": "buildingName", + "urn:mace:dir:attribute-def:businessCategory": "businessCategory", + "urn:mace:dir:attribute-def:c": "c", + "urn:mace:dir:attribute-def:cACertificate": "cACertificate", + "urn:mace:dir:attribute-def:cNAMERecord": "cNAMERecord", + "urn:mace:dir:attribute-def:carLicense": "carLicense", + "urn:mace:dir:attribute-def:certificateRevocationList": "certificateRevocationList", + "urn:mace:dir:attribute-def:cn": "cn", + "urn:mace:dir:attribute-def:co": "co", + "urn:mace:dir:attribute-def:commonName": "commonName", + "urn:mace:dir:attribute-def:countryName": "countryName", + "urn:mace:dir:attribute-def:crossCertificatePair": "crossCertificatePair", + "urn:mace:dir:attribute-def:dITRedirect": "dITRedirect", + "urn:mace:dir:attribute-def:dSAQuality": "dSAQuality", + "urn:mace:dir:attribute-def:dc": "dc", + "urn:mace:dir:attribute-def:deltaRevocationList": "deltaRevocationList", + "urn:mace:dir:attribute-def:departmentNumber": "departmentNumber", + "urn:mace:dir:attribute-def:description": "description", + "urn:mace:dir:attribute-def:destinationIndicator": "destinationIndicator", + "urn:mace:dir:attribute-def:displayName": "displayName", + "urn:mace:dir:attribute-def:distinguishedName": "distinguishedName", + "urn:mace:dir:attribute-def:dmdName": "dmdName", + "urn:mace:dir:attribute-def:dnQualifier": "dnQualifier", + "urn:mace:dir:attribute-def:documentAuthor": "documentAuthor", + "urn:mace:dir:attribute-def:documentIdentifier": "documentIdentifier", + "urn:mace:dir:attribute-def:documentLocation": "documentLocation", + "urn:mace:dir:attribute-def:documentPublisher": "documentPublisher", + "urn:mace:dir:attribute-def:documentTitle": "documentTitle", + "urn:mace:dir:attribute-def:documentVersion": "documentVersion", + "urn:mace:dir:attribute-def:domainComponent": "domainComponent", + "urn:mace:dir:attribute-def:drink": "drink", + "urn:mace:dir:attribute-def:eduOrgHomePageURI": "eduOrgHomePageURI", + "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI": "eduOrgIdentityAuthNPolicyURI", + "urn:mace:dir:attribute-def:eduOrgLegalName": "eduOrgLegalName", + "urn:mace:dir:attribute-def:eduOrgSuperiorURI": "eduOrgSuperiorURI", + "urn:mace:dir:attribute-def:eduOrgWhitePagesURI": "eduOrgWhitePagesURI", + "urn:mace:dir:attribute-def:eduPersonAffiliation": "eduPersonAffiliation", + "urn:mace:dir:attribute-def:eduPersonEntitlement": "eduPersonEntitlement", + "urn:mace:dir:attribute-def:eduPersonNickname": "eduPersonNickname", + "urn:mace:dir:attribute-def:eduPersonOrgDN": "eduPersonOrgDN", + "urn:mace:dir:attribute-def:eduPersonOrgUnitDN": "eduPersonOrgUnitDN", + "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation": "eduPersonPrimaryAffiliation", + "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN": "eduPersonPrimaryOrgUnitDN", + "urn:mace:dir:attribute-def:eduPersonPrincipalName": "eduPersonPrincipalName", + "urn:mace:dir:attribute-def:eduPersonScopedAffiliation": "eduPersonScopedAffiliation", + "urn:mace:dir:attribute-def:eduPersonTargetedID": "eduPersonTargetedID", + "urn:mace:dir:attribute-def:email": "email", + "urn:mace:dir:attribute-def:emailAddress": "emailAddress", + "urn:mace:dir:attribute-def:employeeNumber": "employeeNumber", + "urn:mace:dir:attribute-def:employeeType": "employeeType", + "urn:mace:dir:attribute-def:enhancedSearchGuide": "enhancedSearchGuide", + "urn:mace:dir:attribute-def:facsimileTelephoneNumber": "facsimileTelephoneNumber", + "urn:mace:dir:attribute-def:favouriteDrink": "favouriteDrink", + "urn:mace:dir:attribute-def:fax": "fax", + "urn:mace:dir:attribute-def:federationFeideSchemaVersion": "federationFeideSchemaVersion", + "urn:mace:dir:attribute-def:friendlyCountryName": "friendlyCountryName", + "urn:mace:dir:attribute-def:generationQualifier": "generationQualifier", + "urn:mace:dir:attribute-def:givenName": "givenName", + "urn:mace:dir:attribute-def:gn": "gn", + "urn:mace:dir:attribute-def:homePhone": "homePhone", + "urn:mace:dir:attribute-def:homePostalAddress": "homePostalAddress", + "urn:mace:dir:attribute-def:homeTelephoneNumber": "homeTelephoneNumber", + "urn:mace:dir:attribute-def:host": "host", + "urn:mace:dir:attribute-def:houseIdentifier": "houseIdentifier", + "urn:mace:dir:attribute-def:info": "info", + "urn:mace:dir:attribute-def:initials": "initials", + "urn:mace:dir:attribute-def:internationaliSDNNumber": "internationaliSDNNumber", + "urn:mace:dir:attribute-def:janetMailbox": "janetMailbox", + "urn:mace:dir:attribute-def:jpegPhoto": "jpegPhoto", + "urn:mace:dir:attribute-def:knowledgeInformation": "knowledgeInformation", + "urn:mace:dir:attribute-def:l": "l", + "urn:mace:dir:attribute-def:labeledURI": "labeledURI", + "urn:mace:dir:attribute-def:localityName": "localityName", + "urn:mace:dir:attribute-def:mDRecord": "mDRecord", + "urn:mace:dir:attribute-def:mXRecord": "mXRecord", + "urn:mace:dir:attribute-def:mail": "mail", + "urn:mace:dir:attribute-def:mailPreferenceOption": "mailPreferenceOption", + "urn:mace:dir:attribute-def:manager": "manager", + "urn:mace:dir:attribute-def:member": "member", + "urn:mace:dir:attribute-def:mobile": "mobile", + "urn:mace:dir:attribute-def:mobileTelephoneNumber": "mobileTelephoneNumber", + "urn:mace:dir:attribute-def:nSRecord": "nSRecord", + "urn:mace:dir:attribute-def:name": "name", + "urn:mace:dir:attribute-def:norEduOrgAcronym": "norEduOrgAcronym", + "urn:mace:dir:attribute-def:norEduOrgNIN": "norEduOrgNIN", + "urn:mace:dir:attribute-def:norEduOrgSchemaVersion": "norEduOrgSchemaVersion", + "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier": "norEduOrgUniqueIdentifier", + "urn:mace:dir:attribute-def:norEduOrgUniqueNumber": "norEduOrgUniqueNumber", + "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier": "norEduOrgUnitUniqueIdentifier", + "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber": "norEduOrgUnitUniqueNumber", + "urn:mace:dir:attribute-def:norEduPersonBirthDate": "norEduPersonBirthDate", + "urn:mace:dir:attribute-def:norEduPersonLIN": "norEduPersonLIN", + "urn:mace:dir:attribute-def:norEduPersonNIN": "norEduPersonNIN", + "urn:mace:dir:attribute-def:o": "o", + "urn:mace:dir:attribute-def:objectClass": "objectClass", + "urn:mace:dir:attribute-def:organizationName": "organizationName", + "urn:mace:dir:attribute-def:organizationalStatus": "organizationalStatus", + "urn:mace:dir:attribute-def:organizationalUnitName": "organizationalUnitName", + "urn:mace:dir:attribute-def:otherMailbox": "otherMailbox", + "urn:mace:dir:attribute-def:ou": "ou", + "urn:mace:dir:attribute-def:owner": "owner", + "urn:mace:dir:attribute-def:pager": "pager", + "urn:mace:dir:attribute-def:pagerTelephoneNumber": "pagerTelephoneNumber", + "urn:mace:dir:attribute-def:personalSignature": "personalSignature", + "urn:mace:dir:attribute-def:personalTitle": "personalTitle", + "urn:mace:dir:attribute-def:photo": "photo", + "urn:mace:dir:attribute-def:physicalDeliveryOfficeName": "physicalDeliveryOfficeName", + "urn:mace:dir:attribute-def:pkcs9email": "pkcs9email", + "urn:mace:dir:attribute-def:postOfficeBox": "postOfficeBox", + "urn:mace:dir:attribute-def:postalAddress": "postalAddress", + "urn:mace:dir:attribute-def:postalCode": "postalCode", + "urn:mace:dir:attribute-def:preferredDeliveryMethod": "preferredDeliveryMethod", + "urn:mace:dir:attribute-def:preferredLanguage": "preferredLanguage", + "urn:mace:dir:attribute-def:presentationAddress": "presentationAddress", + "urn:mace:dir:attribute-def:protocolInformation": "protocolInformation", + "urn:mace:dir:attribute-def:pseudonym": "pseudonym", + "urn:mace:dir:attribute-def:registeredAddress": "registeredAddress", + "urn:mace:dir:attribute-def:rfc822Mailbox": "rfc822Mailbox", + "urn:mace:dir:attribute-def:roleOccupant": "roleOccupant", + "urn:mace:dir:attribute-def:roomNumber": "roomNumber", + "urn:mace:dir:attribute-def:sOARecord": "sOARecord", + "urn:mace:dir:attribute-def:searchGuide": "searchGuide", + "urn:mace:dir:attribute-def:secretary": "secretary", + "urn:mace:dir:attribute-def:seeAlso": "seeAlso", + "urn:mace:dir:attribute-def:serialNumber": "serialNumber", + "urn:mace:dir:attribute-def:singleLevelQuality": "singleLevelQuality", + "urn:mace:dir:attribute-def:sn": "sn", + "urn:mace:dir:attribute-def:st": "st", + "urn:mace:dir:attribute-def:stateOrProvinceName": "stateOrProvinceName", + "urn:mace:dir:attribute-def:street": "street", + "urn:mace:dir:attribute-def:streetAddress": "streetAddress", + "urn:mace:dir:attribute-def:subtreeMaximumQuality": "subtreeMaximumQuality", + "urn:mace:dir:attribute-def:subtreeMinimumQuality": "subtreeMinimumQuality", + "urn:mace:dir:attribute-def:supportedAlgorithms": "supportedAlgorithms", + "urn:mace:dir:attribute-def:supportedApplicationContext": "supportedApplicationContext", + "urn:mace:dir:attribute-def:surname": "surname", + "urn:mace:dir:attribute-def:telephoneNumber": "telephoneNumber", + "urn:mace:dir:attribute-def:teletexTerminalIdentifier": "teletexTerminalIdentifier", + "urn:mace:dir:attribute-def:telexNumber": "telexNumber", + "urn:mace:dir:attribute-def:textEncodedORAddress": "textEncodedORAddress", + "urn:mace:dir:attribute-def:title": "title", + "urn:mace:dir:attribute-def:uid": "uid", + "urn:mace:dir:attribute-def:uniqueIdentifier": "uniqueIdentifier", + "urn:mace:dir:attribute-def:uniqueMember": "uniqueMember", + "urn:mace:dir:attribute-def:userCertificate": "userCertificate", + "urn:mace:dir:attribute-def:userClass": "userClass", + "urn:mace:dir:attribute-def:userPKCS12": "userPKCS12", + "urn:mace:dir:attribute-def:userPassword": "userPassword", + "urn:mace:dir:attribute-def:userSMIMECertificate": "userSMIMECertificate", + "urn:mace:dir:attribute-def:userid": "userid", + "urn:mace:dir:attribute-def:x121Address": "x121Address", + "urn:mace:dir:attribute-def:x500UniqueIdentifier": "x500UniqueIdentifier", + }, "to": { - 'aRecord': 'urn:mace:dir:attribute-def:aRecord', - 'aliasedEntryName': 'urn:mace:dir:attribute-def:aliasedEntryName', - 'aliasedObjectName': 'urn:mace:dir:attribute-def:aliasedObjectName', - 'associatedDomain': 'urn:mace:dir:attribute-def:associatedDomain', - 'associatedName': 'urn:mace:dir:attribute-def:associatedName', - 'audio': 'urn:mace:dir:attribute-def:audio', - 'authorityRevocationList': 'urn:mace:dir:attribute-def:authorityRevocationList', - 'buildingName': 'urn:mace:dir:attribute-def:buildingName', - 'businessCategory': 'urn:mace:dir:attribute-def:businessCategory', - 'c': 'urn:mace:dir:attribute-def:c', - 'cACertificate': 'urn:mace:dir:attribute-def:cACertificate', - 'cNAMERecord': 'urn:mace:dir:attribute-def:cNAMERecord', - 'carLicense': 'urn:mace:dir:attribute-def:carLicense', - 'certificateRevocationList': 'urn:mace:dir:attribute-def:certificateRevocationList', - 'cn': 'urn:mace:dir:attribute-def:cn', - 'co': 'urn:mace:dir:attribute-def:co', - 'commonName': 'urn:mace:dir:attribute-def:commonName', - 'countryName': 'urn:mace:dir:attribute-def:countryName', - 'crossCertificatePair': 'urn:mace:dir:attribute-def:crossCertificatePair', - 'dITRedirect': 'urn:mace:dir:attribute-def:dITRedirect', - 'dSAQuality': 'urn:mace:dir:attribute-def:dSAQuality', - 'dc': 'urn:mace:dir:attribute-def:dc', - 'deltaRevocationList': 'urn:mace:dir:attribute-def:deltaRevocationList', - 'departmentNumber': 'urn:mace:dir:attribute-def:departmentNumber', - 'description': 'urn:mace:dir:attribute-def:description', - 'destinationIndicator': 'urn:mace:dir:attribute-def:destinationIndicator', - 'displayName': 'urn:mace:dir:attribute-def:displayName', - 'distinguishedName': 'urn:mace:dir:attribute-def:distinguishedName', - 'dmdName': 'urn:mace:dir:attribute-def:dmdName', - 'dnQualifier': 'urn:mace:dir:attribute-def:dnQualifier', - 'documentAuthor': 'urn:mace:dir:attribute-def:documentAuthor', - 'documentIdentifier': 'urn:mace:dir:attribute-def:documentIdentifier', - 'documentLocation': 'urn:mace:dir:attribute-def:documentLocation', - 'documentPublisher': 'urn:mace:dir:attribute-def:documentPublisher', - 'documentTitle': 'urn:mace:dir:attribute-def:documentTitle', - 'documentVersion': 'urn:mace:dir:attribute-def:documentVersion', - 'domainComponent': 'urn:mace:dir:attribute-def:domainComponent', - 'drink': 'urn:mace:dir:attribute-def:drink', - 'eduOrgHomePageURI': 'urn:mace:dir:attribute-def:eduOrgHomePageURI', - 'eduOrgIdentityAuthNPolicyURI': 'urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI', - 'eduOrgLegalName': 'urn:mace:dir:attribute-def:eduOrgLegalName', - 'eduOrgSuperiorURI': 'urn:mace:dir:attribute-def:eduOrgSuperiorURI', - 'eduOrgWhitePagesURI': 'urn:mace:dir:attribute-def:eduOrgWhitePagesURI', - 'eduPersonAffiliation': 'urn:mace:dir:attribute-def:eduPersonAffiliation', - 'eduPersonEntitlement': 'urn:mace:dir:attribute-def:eduPersonEntitlement', - 'eduPersonNickname': 'urn:mace:dir:attribute-def:eduPersonNickname', - 'eduPersonOrgDN': 'urn:mace:dir:attribute-def:eduPersonOrgDN', - 'eduPersonOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN', - 'eduPersonPrimaryAffiliation': 'urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation', - 'eduPersonPrimaryOrgUnitDN': 'urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN', - 'eduPersonPrincipalName': 'urn:mace:dir:attribute-def:eduPersonPrincipalName', - 'eduPersonScopedAffiliation': 'urn:mace:dir:attribute-def:eduPersonScopedAffiliation', - 'eduPersonTargetedID': 'urn:mace:dir:attribute-def:eduPersonTargetedID', - 'email': 'urn:mace:dir:attribute-def:email', - 'emailAddress': 'urn:mace:dir:attribute-def:emailAddress', - 'employeeNumber': 'urn:mace:dir:attribute-def:employeeNumber', - 'employeeType': 'urn:mace:dir:attribute-def:employeeType', - 'enhancedSearchGuide': 'urn:mace:dir:attribute-def:enhancedSearchGuide', - 'facsimileTelephoneNumber': 'urn:mace:dir:attribute-def:facsimileTelephoneNumber', - 'favouriteDrink': 'urn:mace:dir:attribute-def:favouriteDrink', - 'fax': 'urn:mace:dir:attribute-def:fax', - 'federationFeideSchemaVersion': 'urn:mace:dir:attribute-def:federationFeideSchemaVersion', - 'friendlyCountryName': 'urn:mace:dir:attribute-def:friendlyCountryName', - 'generationQualifier': 'urn:mace:dir:attribute-def:generationQualifier', - 'givenName': 'urn:mace:dir:attribute-def:givenName', - 'gn': 'urn:mace:dir:attribute-def:gn', - 'homePhone': 'urn:mace:dir:attribute-def:homePhone', - 'homePostalAddress': 'urn:mace:dir:attribute-def:homePostalAddress', - 'homeTelephoneNumber': 'urn:mace:dir:attribute-def:homeTelephoneNumber', - 'host': 'urn:mace:dir:attribute-def:host', - 'houseIdentifier': 'urn:mace:dir:attribute-def:houseIdentifier', - 'info': 'urn:mace:dir:attribute-def:info', - 'initials': 'urn:mace:dir:attribute-def:initials', - 'internationaliSDNNumber': 'urn:mace:dir:attribute-def:internationaliSDNNumber', - 'janetMailbox': 'urn:mace:dir:attribute-def:janetMailbox', - 'jpegPhoto': 'urn:mace:dir:attribute-def:jpegPhoto', - 'knowledgeInformation': 'urn:mace:dir:attribute-def:knowledgeInformation', - 'l': 'urn:mace:dir:attribute-def:l', - 'labeledURI': 'urn:mace:dir:attribute-def:labeledURI', - 'localityName': 'urn:mace:dir:attribute-def:localityName', - 'mDRecord': 'urn:mace:dir:attribute-def:mDRecord', - 'mXRecord': 'urn:mace:dir:attribute-def:mXRecord', - 'mail': 'urn:mace:dir:attribute-def:mail', - 'mailPreferenceOption': 'urn:mace:dir:attribute-def:mailPreferenceOption', - 'manager': 'urn:mace:dir:attribute-def:manager', - 'member': 'urn:mace:dir:attribute-def:member', - 'mobile': 'urn:mace:dir:attribute-def:mobile', - 'mobileTelephoneNumber': 'urn:mace:dir:attribute-def:mobileTelephoneNumber', - 'nSRecord': 'urn:mace:dir:attribute-def:nSRecord', - 'name': 'urn:mace:dir:attribute-def:name', - 'norEduOrgAcronym': 'urn:mace:dir:attribute-def:norEduOrgAcronym', - 'norEduOrgNIN': 'urn:mace:dir:attribute-def:norEduOrgNIN', - 'norEduOrgSchemaVersion': 'urn:mace:dir:attribute-def:norEduOrgSchemaVersion', - 'norEduOrgUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier', - 'norEduOrgUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUniqueNumber', - 'norEduOrgUnitUniqueIdentifier': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier', - 'norEduOrgUnitUniqueNumber': 'urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber', - 'norEduPersonBirthDate': 'urn:mace:dir:attribute-def:norEduPersonBirthDate', - 'norEduPersonLIN': 'urn:mace:dir:attribute-def:norEduPersonLIN', - 'norEduPersonNIN': 'urn:mace:dir:attribute-def:norEduPersonNIN', - 'o': 'urn:mace:dir:attribute-def:o', - 'objectClass': 'urn:mace:dir:attribute-def:objectClass', - 'organizationName': 'urn:mace:dir:attribute-def:organizationName', - 'organizationalStatus': 'urn:mace:dir:attribute-def:organizationalStatus', - 'organizationalUnitName': 'urn:mace:dir:attribute-def:organizationalUnitName', - 'otherMailbox': 'urn:mace:dir:attribute-def:otherMailbox', - 'ou': 'urn:mace:dir:attribute-def:ou', - 'owner': 'urn:mace:dir:attribute-def:owner', - 'pager': 'urn:mace:dir:attribute-def:pager', - 'pagerTelephoneNumber': 'urn:mace:dir:attribute-def:pagerTelephoneNumber', - 'personalSignature': 'urn:mace:dir:attribute-def:personalSignature', - 'personalTitle': 'urn:mace:dir:attribute-def:personalTitle', - 'photo': 'urn:mace:dir:attribute-def:photo', - 'physicalDeliveryOfficeName': 'urn:mace:dir:attribute-def:physicalDeliveryOfficeName', - 'pkcs9email': 'urn:mace:dir:attribute-def:pkcs9email', - 'postOfficeBox': 'urn:mace:dir:attribute-def:postOfficeBox', - 'postalAddress': 'urn:mace:dir:attribute-def:postalAddress', - 'postalCode': 'urn:mace:dir:attribute-def:postalCode', - 'preferredDeliveryMethod': 'urn:mace:dir:attribute-def:preferredDeliveryMethod', - 'preferredLanguage': 'urn:mace:dir:attribute-def:preferredLanguage', - 'presentationAddress': 'urn:mace:dir:attribute-def:presentationAddress', - 'protocolInformation': 'urn:mace:dir:attribute-def:protocolInformation', - 'pseudonym': 'urn:mace:dir:attribute-def:pseudonym', - 'registeredAddress': 'urn:mace:dir:attribute-def:registeredAddress', - 'rfc822Mailbox': 'urn:mace:dir:attribute-def:rfc822Mailbox', - 'roleOccupant': 'urn:mace:dir:attribute-def:roleOccupant', - 'roomNumber': 'urn:mace:dir:attribute-def:roomNumber', - 'sOARecord': 'urn:mace:dir:attribute-def:sOARecord', - 'searchGuide': 'urn:mace:dir:attribute-def:searchGuide', - 'secretary': 'urn:mace:dir:attribute-def:secretary', - 'seeAlso': 'urn:mace:dir:attribute-def:seeAlso', - 'serialNumber': 'urn:mace:dir:attribute-def:serialNumber', - 'singleLevelQuality': 'urn:mace:dir:attribute-def:singleLevelQuality', - 'sn': 'urn:mace:dir:attribute-def:sn', - 'st': 'urn:mace:dir:attribute-def:st', - 'stateOrProvinceName': 'urn:mace:dir:attribute-def:stateOrProvinceName', - 'street': 'urn:mace:dir:attribute-def:street', - 'streetAddress': 'urn:mace:dir:attribute-def:streetAddress', - 'subtreeMaximumQuality': 'urn:mace:dir:attribute-def:subtreeMaximumQuality', - 'subtreeMinimumQuality': 'urn:mace:dir:attribute-def:subtreeMinimumQuality', - 'supportedAlgorithms': 'urn:mace:dir:attribute-def:supportedAlgorithms', - 'supportedApplicationContext': 'urn:mace:dir:attribute-def:supportedApplicationContext', - 'surname': 'urn:mace:dir:attribute-def:surname', - 'telephoneNumber': 'urn:mace:dir:attribute-def:telephoneNumber', - 'teletexTerminalIdentifier': 'urn:mace:dir:attribute-def:teletexTerminalIdentifier', - 'telexNumber': 'urn:mace:dir:attribute-def:telexNumber', - 'textEncodedORAddress': 'urn:mace:dir:attribute-def:textEncodedORAddress', - 'title': 'urn:mace:dir:attribute-def:title', - 'uid': 'urn:mace:dir:attribute-def:uid', - 'uniqueIdentifier': 'urn:mace:dir:attribute-def:uniqueIdentifier', - 'uniqueMember': 'urn:mace:dir:attribute-def:uniqueMember', - 'userCertificate': 'urn:mace:dir:attribute-def:userCertificate', - 'userClass': 'urn:mace:dir:attribute-def:userClass', - 'userPKCS12': 'urn:mace:dir:attribute-def:userPKCS12', - 'userPassword': 'urn:mace:dir:attribute-def:userPassword', - 'userSMIMECertificate': 'urn:mace:dir:attribute-def:userSMIMECertificate', - 'userid': 'urn:mace:dir:attribute-def:userid', - 'x121Address': 'urn:mace:dir:attribute-def:x121Address', - 'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier', - } -} \ No newline at end of file + "aRecord": "urn:mace:dir:attribute-def:aRecord", + "aliasedEntryName": "urn:mace:dir:attribute-def:aliasedEntryName", + "aliasedObjectName": "urn:mace:dir:attribute-def:aliasedObjectName", + "associatedDomain": "urn:mace:dir:attribute-def:associatedDomain", + "associatedName": "urn:mace:dir:attribute-def:associatedName", + "audio": "urn:mace:dir:attribute-def:audio", + "authorityRevocationList": "urn:mace:dir:attribute-def:authorityRevocationList", + "buildingName": "urn:mace:dir:attribute-def:buildingName", + "businessCategory": "urn:mace:dir:attribute-def:businessCategory", + "c": "urn:mace:dir:attribute-def:c", + "cACertificate": "urn:mace:dir:attribute-def:cACertificate", + "cNAMERecord": "urn:mace:dir:attribute-def:cNAMERecord", + "carLicense": "urn:mace:dir:attribute-def:carLicense", + "certificateRevocationList": "urn:mace:dir:attribute-def:certificateRevocationList", + "cn": "urn:mace:dir:attribute-def:cn", + "co": "urn:mace:dir:attribute-def:co", + "commonName": "urn:mace:dir:attribute-def:commonName", + "countryName": "urn:mace:dir:attribute-def:countryName", + "crossCertificatePair": "urn:mace:dir:attribute-def:crossCertificatePair", + "dITRedirect": "urn:mace:dir:attribute-def:dITRedirect", + "dSAQuality": "urn:mace:dir:attribute-def:dSAQuality", + "dc": "urn:mace:dir:attribute-def:dc", + "deltaRevocationList": "urn:mace:dir:attribute-def:deltaRevocationList", + "departmentNumber": "urn:mace:dir:attribute-def:departmentNumber", + "description": "urn:mace:dir:attribute-def:description", + "destinationIndicator": "urn:mace:dir:attribute-def:destinationIndicator", + "displayName": "urn:mace:dir:attribute-def:displayName", + "distinguishedName": "urn:mace:dir:attribute-def:distinguishedName", + "dmdName": "urn:mace:dir:attribute-def:dmdName", + "dnQualifier": "urn:mace:dir:attribute-def:dnQualifier", + "documentAuthor": "urn:mace:dir:attribute-def:documentAuthor", + "documentIdentifier": "urn:mace:dir:attribute-def:documentIdentifier", + "documentLocation": "urn:mace:dir:attribute-def:documentLocation", + "documentPublisher": "urn:mace:dir:attribute-def:documentPublisher", + "documentTitle": "urn:mace:dir:attribute-def:documentTitle", + "documentVersion": "urn:mace:dir:attribute-def:documentVersion", + "domainComponent": "urn:mace:dir:attribute-def:domainComponent", + "drink": "urn:mace:dir:attribute-def:drink", + "eduOrgHomePageURI": "urn:mace:dir:attribute-def:eduOrgHomePageURI", + "eduOrgIdentityAuthNPolicyURI": "urn:mace:dir:attribute-def:eduOrgIdentityAuthNPolicyURI", + "eduOrgLegalName": "urn:mace:dir:attribute-def:eduOrgLegalName", + "eduOrgSuperiorURI": "urn:mace:dir:attribute-def:eduOrgSuperiorURI", + "eduOrgWhitePagesURI": "urn:mace:dir:attribute-def:eduOrgWhitePagesURI", + "eduPersonAffiliation": "urn:mace:dir:attribute-def:eduPersonAffiliation", + "eduPersonEntitlement": "urn:mace:dir:attribute-def:eduPersonEntitlement", + "eduPersonNickname": "urn:mace:dir:attribute-def:eduPersonNickname", + "eduPersonOrgDN": "urn:mace:dir:attribute-def:eduPersonOrgDN", + "eduPersonOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonOrgUnitDN", + "eduPersonPrimaryAffiliation": "urn:mace:dir:attribute-def:eduPersonPrimaryAffiliation", + "eduPersonPrimaryOrgUnitDN": "urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN", + "eduPersonPrincipalName": "urn:mace:dir:attribute-def:eduPersonPrincipalName", + "eduPersonScopedAffiliation": "urn:mace:dir:attribute-def:eduPersonScopedAffiliation", + "eduPersonTargetedID": "urn:mace:dir:attribute-def:eduPersonTargetedID", + "email": "urn:mace:dir:attribute-def:email", + "emailAddress": "urn:mace:dir:attribute-def:emailAddress", + "employeeNumber": "urn:mace:dir:attribute-def:employeeNumber", + "employeeType": "urn:mace:dir:attribute-def:employeeType", + "enhancedSearchGuide": "urn:mace:dir:attribute-def:enhancedSearchGuide", + "facsimileTelephoneNumber": "urn:mace:dir:attribute-def:facsimileTelephoneNumber", + "favouriteDrink": "urn:mace:dir:attribute-def:favouriteDrink", + "fax": "urn:mace:dir:attribute-def:fax", + "federationFeideSchemaVersion": "urn:mace:dir:attribute-def:federationFeideSchemaVersion", + "friendlyCountryName": "urn:mace:dir:attribute-def:friendlyCountryName", + "generationQualifier": "urn:mace:dir:attribute-def:generationQualifier", + "givenName": "urn:mace:dir:attribute-def:givenName", + "gn": "urn:mace:dir:attribute-def:gn", + "homePhone": "urn:mace:dir:attribute-def:homePhone", + "homePostalAddress": "urn:mace:dir:attribute-def:homePostalAddress", + "homeTelephoneNumber": "urn:mace:dir:attribute-def:homeTelephoneNumber", + "host": "urn:mace:dir:attribute-def:host", + "houseIdentifier": "urn:mace:dir:attribute-def:houseIdentifier", + "info": "urn:mace:dir:attribute-def:info", + "initials": "urn:mace:dir:attribute-def:initials", + "internationaliSDNNumber": "urn:mace:dir:attribute-def:internationaliSDNNumber", + "janetMailbox": "urn:mace:dir:attribute-def:janetMailbox", + "jpegPhoto": "urn:mace:dir:attribute-def:jpegPhoto", + "knowledgeInformation": "urn:mace:dir:attribute-def:knowledgeInformation", + "l": "urn:mace:dir:attribute-def:l", + "labeledURI": "urn:mace:dir:attribute-def:labeledURI", + "localityName": "urn:mace:dir:attribute-def:localityName", + "mDRecord": "urn:mace:dir:attribute-def:mDRecord", + "mXRecord": "urn:mace:dir:attribute-def:mXRecord", + "mail": "urn:mace:dir:attribute-def:mail", + "mailPreferenceOption": "urn:mace:dir:attribute-def:mailPreferenceOption", + "manager": "urn:mace:dir:attribute-def:manager", + "member": "urn:mace:dir:attribute-def:member", + "mobile": "urn:mace:dir:attribute-def:mobile", + "mobileTelephoneNumber": "urn:mace:dir:attribute-def:mobileTelephoneNumber", + "nSRecord": "urn:mace:dir:attribute-def:nSRecord", + "name": "urn:mace:dir:attribute-def:name", + "norEduOrgAcronym": "urn:mace:dir:attribute-def:norEduOrgAcronym", + "norEduOrgNIN": "urn:mace:dir:attribute-def:norEduOrgNIN", + "norEduOrgSchemaVersion": "urn:mace:dir:attribute-def:norEduOrgSchemaVersion", + "norEduOrgUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUniqueIdentifier", + "norEduOrgUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUniqueNumber", + "norEduOrgUnitUniqueIdentifier": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueIdentifier", + "norEduOrgUnitUniqueNumber": "urn:mace:dir:attribute-def:norEduOrgUnitUniqueNumber", + "norEduPersonBirthDate": "urn:mace:dir:attribute-def:norEduPersonBirthDate", + "norEduPersonLIN": "urn:mace:dir:attribute-def:norEduPersonLIN", + "norEduPersonNIN": "urn:mace:dir:attribute-def:norEduPersonNIN", + "o": "urn:mace:dir:attribute-def:o", + "objectClass": "urn:mace:dir:attribute-def:objectClass", + "organizationName": "urn:mace:dir:attribute-def:organizationName", + "organizationalStatus": "urn:mace:dir:attribute-def:organizationalStatus", + "organizationalUnitName": "urn:mace:dir:attribute-def:organizationalUnitName", + "otherMailbox": "urn:mace:dir:attribute-def:otherMailbox", + "ou": "urn:mace:dir:attribute-def:ou", + "owner": "urn:mace:dir:attribute-def:owner", + "pager": "urn:mace:dir:attribute-def:pager", + "pagerTelephoneNumber": "urn:mace:dir:attribute-def:pagerTelephoneNumber", + "personalSignature": "urn:mace:dir:attribute-def:personalSignature", + "personalTitle": "urn:mace:dir:attribute-def:personalTitle", + "photo": "urn:mace:dir:attribute-def:photo", + "physicalDeliveryOfficeName": "urn:mace:dir:attribute-def:physicalDeliveryOfficeName", + "pkcs9email": "urn:mace:dir:attribute-def:pkcs9email", + "postOfficeBox": "urn:mace:dir:attribute-def:postOfficeBox", + "postalAddress": "urn:mace:dir:attribute-def:postalAddress", + "postalCode": "urn:mace:dir:attribute-def:postalCode", + "preferredDeliveryMethod": "urn:mace:dir:attribute-def:preferredDeliveryMethod", + "preferredLanguage": "urn:mace:dir:attribute-def:preferredLanguage", + "presentationAddress": "urn:mace:dir:attribute-def:presentationAddress", + "protocolInformation": "urn:mace:dir:attribute-def:protocolInformation", + "pseudonym": "urn:mace:dir:attribute-def:pseudonym", + "registeredAddress": "urn:mace:dir:attribute-def:registeredAddress", + "rfc822Mailbox": "urn:mace:dir:attribute-def:rfc822Mailbox", + "roleOccupant": "urn:mace:dir:attribute-def:roleOccupant", + "roomNumber": "urn:mace:dir:attribute-def:roomNumber", + "sOARecord": "urn:mace:dir:attribute-def:sOARecord", + "searchGuide": "urn:mace:dir:attribute-def:searchGuide", + "secretary": "urn:mace:dir:attribute-def:secretary", + "seeAlso": "urn:mace:dir:attribute-def:seeAlso", + "serialNumber": "urn:mace:dir:attribute-def:serialNumber", + "singleLevelQuality": "urn:mace:dir:attribute-def:singleLevelQuality", + "sn": "urn:mace:dir:attribute-def:sn", + "st": "urn:mace:dir:attribute-def:st", + "stateOrProvinceName": "urn:mace:dir:attribute-def:stateOrProvinceName", + "street": "urn:mace:dir:attribute-def:street", + "streetAddress": "urn:mace:dir:attribute-def:streetAddress", + "subtreeMaximumQuality": "urn:mace:dir:attribute-def:subtreeMaximumQuality", + "subtreeMinimumQuality": "urn:mace:dir:attribute-def:subtreeMinimumQuality", + "supportedAlgorithms": "urn:mace:dir:attribute-def:supportedAlgorithms", + "supportedApplicationContext": "urn:mace:dir:attribute-def:supportedApplicationContext", + "surname": "urn:mace:dir:attribute-def:surname", + "telephoneNumber": "urn:mace:dir:attribute-def:telephoneNumber", + "teletexTerminalIdentifier": "urn:mace:dir:attribute-def:teletexTerminalIdentifier", + "telexNumber": "urn:mace:dir:attribute-def:telexNumber", + "textEncodedORAddress": "urn:mace:dir:attribute-def:textEncodedORAddress", + "title": "urn:mace:dir:attribute-def:title", + "uid": "urn:mace:dir:attribute-def:uid", + "uniqueIdentifier": "urn:mace:dir:attribute-def:uniqueIdentifier", + "uniqueMember": "urn:mace:dir:attribute-def:uniqueMember", + "userCertificate": "urn:mace:dir:attribute-def:userCertificate", + "userClass": "urn:mace:dir:attribute-def:userClass", + "userPKCS12": "urn:mace:dir:attribute-def:userPKCS12", + "userPassword": "urn:mace:dir:attribute-def:userPassword", + "userSMIMECertificate": "urn:mace:dir:attribute-def:userSMIMECertificate", + "userid": "urn:mace:dir:attribute-def:userid", + "x121Address": "urn:mace:dir:attribute-def:x121Address", + "x500UniqueIdentifier": "urn:mace:dir:attribute-def:x500UniqueIdentifier", + }, +} diff --git a/tests/attributemaps/saml_uri.py b/tests/attributemaps/saml_uri.py index 9696fba87..0520f4dd1 100644 --- a/tests/attributemaps/saml_uri.py +++ b/tests/attributemaps/saml_uri.py @@ -1,10 +1,10 @@ -__author__ = 'rolandh' +__author__ = "rolandh" EDUPERSON_OID = "urn:oid:1.3.6.1.4.1.5923.1.1.1." X500ATTR_OID = "urn:oid:2.5.4." NOREDUPERSON_OID = "urn:oid:1.3.6.1.4.1.2428.90.1." NETSCAPE_LDAP = "urn:oid:2.16.840.1.113730.3.1." -UCL_DIR_PILOT = 'urn:oid:0.9.2342.19200300.100.1.' +UCL_DIR_PILOT = "urn:oid:0.9.2342.19200300.100.1." PKCS_9 = "urn:oid:1.2.840.113549.1.9.1." UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." SCHAC = "urn:oid:1.3.6.1.4.1.25178.2." @@ -12,230 +12,230 @@ MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "fro": { - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP+'241': 'displayName', - UCL_DIR_PILOT+'37': 'associatedDomain', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - X500ATTR_OID+'53': 'deltaRevocationList', - X500ATTR_OID+'52': 'supportedAlgorithms', - X500ATTR_OID+'51': 'houseIdentifier', - X500ATTR_OID+'50': 'uniqueMember', - X500ATTR_OID+'19': 'physicalDeliveryOfficeName', - X500ATTR_OID+'18': 'postOfficeBox', - X500ATTR_OID+'17': 'postalCode', - X500ATTR_OID+'16': 'postalAddress', - X500ATTR_OID+'15': 'businessCategory', - X500ATTR_OID+'14': 'searchGuide', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - X500ATTR_OID+'12': 'title', - X500ATTR_OID+'11': 'ou', - X500ATTR_OID+'10': 'o', - X500ATTR_OID+'37': 'cACertificate', - X500ATTR_OID+'36': 'userCertificate', - X500ATTR_OID+'31': 'member', - X500ATTR_OID+'30': 'supportedApplicationContext', - X500ATTR_OID+'33': 'roleOccupant', - X500ATTR_OID+'32': 'owner', - NETSCAPE_LDAP+'1': 'carLicense', - PKCS_9+'1': 'email', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'2': 'departmentNumber', - X500ATTR_OID+'39': 'certificateRevocationList', - X500ATTR_OID+'38': 'authorityRevocationList', - NETSCAPE_LDAP+'216': 'userPKCS12', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR_OID+'9': 'street', - X500ATTR_OID+'8': 'st', - NETSCAPE_LDAP+'39': 'preferredLanguage', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - X500ATTR_OID+'2': 'knowledgeInformation', - X500ATTR_OID+'7': 'l', - X500ATTR_OID+'6': 'c', - X500ATTR_OID+'5': 'serialNumber', - X500ATTR_OID+'4': 'sn', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR_OID+'65': 'pseudonym', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - X500ATTR_OID+'40': 'crossCertificatePair', - X500ATTR_OID+'42': 'givenName', - X500ATTR_OID+'43': 'initials', - X500ATTR_OID+'44': 'generationQualifier', - X500ATTR_OID+'45': 'x500UniqueIdentifier', - X500ATTR_OID+'46': 'dnQualifier', - X500ATTR_OID+'47': 'enhancedSearchGuide', - X500ATTR_OID+'48': 'protocolInformation', - X500ATTR_OID+'54': 'dmdName', - NETSCAPE_LDAP+'4': 'employeeType', - X500ATTR_OID+'22': 'teletexTerminalIdentifier', - X500ATTR_OID+'23': 'facsimileTelephoneNumber', - X500ATTR_OID+'20': 'telephoneNumber', - X500ATTR_OID+'21': 'telexNumber', - X500ATTR_OID+'26': 'registeredAddress', - X500ATTR_OID+'27': 'destinationIndicator', - X500ATTR_OID+'24': 'x121Address', - X500ATTR_OID+'25': 'internationaliSDNNumber', - X500ATTR_OID+'28': 'preferredDeliveryMethod', - X500ATTR_OID+'29': 'presentationAddress', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', - UMICH+'57': 'labeledURI', - UCL_DIR_PILOT+'1': 'uid', - SCHAC+'1': 'schacMotherTongue', - SCHAC+'2': 'schacGender', - SCHAC+'3': 'schacDateOfBirth', - SCHAC+'4': 'schacPlaceOfBirth', - SCHAC+'5': 'schacCountryOfCitizenship', - SCHAC+'6': 'schacSn1', - SCHAC+'7': 'schacSn2', - SCHAC+'8': 'schacPersonalTitle', - SCHAC+'9': 'schacHomeOrganization', - SCHAC+'10': 'schacHomeOrganizationType', - SCHAC+'11': 'schacCountryOfResidence', - SCHAC+'12': 'schacUserPresenceID', - SCHAC+'13': 'schacPersonalPosition', - SCHAC+'14': 'schacPersonalUniqueCode', - SCHAC+'15': 'schacPersonalUniqueID', - SCHAC+'17': 'schacExpiryDate', - SCHAC+'18': 'schacUserPrivateAttribute', - SCHAC+'19': 'schacUserStatus', - SCHAC+'20': 'schacProjectMembership', - SCHAC+'21': 'schacProjectSpecificRole', + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NETSCAPE_LDAP}241": "displayName", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{X500ATTR_OID}53": "deltaRevocationList", + f"{X500ATTR_OID}52": "supportedAlgorithms", + f"{X500ATTR_OID}51": "houseIdentifier", + f"{X500ATTR_OID}50": "uniqueMember", + f"{X500ATTR_OID}19": "physicalDeliveryOfficeName", + f"{X500ATTR_OID}18": "postOfficeBox", + f"{X500ATTR_OID}17": "postalCode", + f"{X500ATTR_OID}16": "postalAddress", + f"{X500ATTR_OID}15": "businessCategory", + f"{X500ATTR_OID}14": "searchGuide", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{X500ATTR_OID}12": "title", + f"{X500ATTR_OID}11": "ou", + f"{X500ATTR_OID}10": "o", + f"{X500ATTR_OID}37": "cACertificate", + f"{X500ATTR_OID}36": "userCertificate", + f"{X500ATTR_OID}31": "member", + f"{X500ATTR_OID}30": "supportedApplicationContext", + f"{X500ATTR_OID}33": "roleOccupant", + f"{X500ATTR_OID}32": "owner", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{PKCS_9}1": "email", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{X500ATTR_OID}39": "certificateRevocationList", + f"{X500ATTR_OID}38": "authorityRevocationList", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{X500ATTR_OID}9": "street", + f"{X500ATTR_OID}8": "st", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{X500ATTR_OID}2": "knowledgeInformation", + f"{X500ATTR_OID}7": "l", + f"{X500ATTR_OID}6": "c", + f"{X500ATTR_OID}5": "serialNumber", + f"{X500ATTR_OID}4": "sn", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{X500ATTR_OID}65": "pseudonym", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{X500ATTR_OID}40": "crossCertificatePair", + f"{X500ATTR_OID}42": "givenName", + f"{X500ATTR_OID}43": "initials", + f"{X500ATTR_OID}44": "generationQualifier", + f"{X500ATTR_OID}45": "x500UniqueIdentifier", + f"{X500ATTR_OID}46": "dnQualifier", + f"{X500ATTR_OID}47": "enhancedSearchGuide", + f"{X500ATTR_OID}48": "protocolInformation", + f"{X500ATTR_OID}54": "dmdName", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{X500ATTR_OID}22": "teletexTerminalIdentifier", + f"{X500ATTR_OID}23": "facsimileTelephoneNumber", + f"{X500ATTR_OID}20": "telephoneNumber", + f"{X500ATTR_OID}21": "telexNumber", + f"{X500ATTR_OID}26": "registeredAddress", + f"{X500ATTR_OID}27": "destinationIndicator", + f"{X500ATTR_OID}24": "x121Address", + f"{X500ATTR_OID}25": "internationaliSDNNumber", + f"{X500ATTR_OID}28": "preferredDeliveryMethod", + f"{X500ATTR_OID}29": "presentationAddress", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", + f"{UMICH}57": "labeledURI", + f"{UCL_DIR_PILOT}1": "uid", + f"{SCHAC}1": "schacMotherTongue", + f"{SCHAC}2": "schacGender", + f"{SCHAC}3": "schacDateOfBirth", + f"{SCHAC}4": "schacPlaceOfBirth", + f"{SCHAC}5": "schacCountryOfCitizenship", + f"{SCHAC}6": "schacSn1", + f"{SCHAC}7": "schacSn2", + f"{SCHAC}8": "schacPersonalTitle", + f"{SCHAC}9": "schacHomeOrganization", + f"{SCHAC}10": "schacHomeOrganizationType", + f"{SCHAC}11": "schacCountryOfResidence", + f"{SCHAC}12": "schacUserPresenceID", + f"{SCHAC}13": "schacPersonalPosition", + f"{SCHAC}14": "schacPersonalUniqueCode", + f"{SCHAC}15": "schacPersonalUniqueID", + f"{SCHAC}17": "schacExpiryDate", + f"{SCHAC}18": "schacUserPrivateAttribute", + f"{SCHAC}19": "schacUserStatus", + f"{SCHAC}20": "schacProjectMembership", + f"{SCHAC}21": "schacProjectSpecificRole", }, "to": { - 'roleOccupant': X500ATTR_OID+'33', - 'gn': X500ATTR_OID+'42', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'title': X500ATTR_OID+'12', - 'facsimileTelephoneNumber': X500ATTR_OID+'23', - 'mail': UCL_DIR_PILOT+'3', - 'postOfficeBox': X500ATTR_OID+'18', - 'fax': X500ATTR_OID+'23', - 'telephoneNumber': X500ATTR_OID+'20', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'dc': UCL_DIR_PILOT+'25', - 'countryName': X500ATTR_OID+'6', - 'emailAddress': PKCS_9+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'organizationName': X500ATTR_OID+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'registeredAddress': X500ATTR_OID+'26', - 'physicalDeliveryOfficeName': X500ATTR_OID+'19', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'l': X500ATTR_OID+'7', - 'stateOrProvinceName': X500ATTR_OID+'8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'pkcs9email': PKCS_9+'1', - 'givenName': X500ATTR_OID+'42', - 'givenname': X500ATTR_OID+'42', - 'x500UniqueIdentifier': X500ATTR_OID+'45', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'houseIdentifier': X500ATTR_OID+'51', - 'street': X500ATTR_OID+'9', - 'supportedAlgorithms': X500ATTR_OID+'52', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'postalAddress': X500ATTR_OID+'16', - 'email': PKCS_9+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'c': X500ATTR_OID+'6', - 'teletexTerminalIdentifier': X500ATTR_OID+'22', - 'o': X500ATTR_OID+'10', - 'cACertificate': X500ATTR_OID+'37', - 'telexNumber': X500ATTR_OID+'21', - 'ou': X500ATTR_OID+'11', - 'initials': X500ATTR_OID+'43', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'deltaRevocationList': X500ATTR_OID+'53', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'supportedApplicationContext': X500ATTR_OID+'30', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'generationQualifier': X500ATTR_OID+'44', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'edupersonaffiliation': EDUPERSON_OID+'1', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'edupersonprincipalname': EDUPERSON_OID+'6', - 'localityName': X500ATTR_OID+'7', - 'owner': X500ATTR_OID+'32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'searchGuide': X500ATTR_OID+'14', - 'certificateRevocationList': X500ATTR_OID+'39', - 'organizationalUnitName': X500ATTR_OID+'11', - 'userCertificate': X500ATTR_OID+'36', - 'preferredDeliveryMethod': X500ATTR_OID+'28', - 'internationaliSDNNumber': X500ATTR_OID+'25', - 'uniqueMember': X500ATTR_OID+'50', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'enhancedSearchGuide': X500ATTR_OID+'47', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'x121Address': X500ATTR_OID+'24', - 'destinationIndicator': X500ATTR_OID+'27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'surname': X500ATTR_OID+'4', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'edupersonscopedaffiliation': EDUPERSON_OID+'9', - 'protocolInformation': X500ATTR_OID+'48', - 'knowledgeInformation': X500ATTR_OID+'2', - 'employeeType': NETSCAPE_LDAP+'4', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'member': X500ATTR_OID+'31', - 'streetAddress': X500ATTR_OID+'9', - 'dmdName': X500ATTR_OID+'54', - 'postalCode': X500ATTR_OID+'17', - 'pseudonym': X500ATTR_OID+'65', - 'dnQualifier': X500ATTR_OID+'46', - 'crossCertificatePair': X500ATTR_OID+'40', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'authorityRevocationList': X500ATTR_OID+'38', - 'displayName': NETSCAPE_LDAP+'241', - 'businessCategory': X500ATTR_OID+'15', - 'serialNumber': X500ATTR_OID+'5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'st': X500ATTR_OID+'8', - 'carLicense': NETSCAPE_LDAP+'1', - 'presentationAddress': X500ATTR_OID+'29', - 'sn': X500ATTR_OID+'4', - 'domainComponent': UCL_DIR_PILOT+'25', - 'labeledURI': UMICH+'57', - 'uid': UCL_DIR_PILOT+'1', - 'schacMotherTongue':SCHAC+'1', - 'schacGender': SCHAC+'2', - 'schacDateOfBirth':SCHAC+'3', - 'schacPlaceOfBirth': SCHAC+'4', - 'schacCountryOfCitizenship':SCHAC+'5', - 'schacSn1': SCHAC+'6', - 'schacSn2': SCHAC+'7', - 'schacPersonalTitle':SCHAC+'8', - 'schacHomeOrganization': SCHAC+'9', - 'schacHomeOrganizationType': SCHAC+'10', - 'schacCountryOfResidence': SCHAC+'11', - 'schacUserPresenceID': SCHAC+'12', - 'schacPersonalPosition': SCHAC+'13', - 'schacPersonalUniqueCode': SCHAC+'14', - 'schacPersonalUniqueID': SCHAC+'15', - 'schacExpiryDate': SCHAC+'17', - 'schacUserPrivateAttribute': SCHAC+'18', - 'schacUserStatus': SCHAC+'19', - 'schacProjectMembership': SCHAC+'20', - 'schacProjectSpecificRole': SCHAC+'21', - } -} \ No newline at end of file + "roleOccupant": f"{X500ATTR_OID}33", + "gn": f"{X500ATTR_OID}42", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "title": f"{X500ATTR_OID}12", + "facsimileTelephoneNumber": f"{X500ATTR_OID}23", + "mail": f"{UCL_DIR_PILOT}3", + "postOfficeBox": f"{X500ATTR_OID}18", + "fax": f"{X500ATTR_OID}23", + "telephoneNumber": f"{X500ATTR_OID}20", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "rfc822Mailbox": f"{UCL_DIR_PILOT}3", + "dc": f"{UCL_DIR_PILOT}25", + "countryName": f"{X500ATTR_OID}6", + "emailAddress": f"{PKCS_9}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "organizationName": f"{X500ATTR_OID}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "registeredAddress": f"{X500ATTR_OID}26", + "physicalDeliveryOfficeName": f"{X500ATTR_OID}19", + "associatedDomain": f"{UCL_DIR_PILOT}37", + "l": f"{X500ATTR_OID}7", + "stateOrProvinceName": f"{X500ATTR_OID}8", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "pkcs9email": f"{PKCS_9}1", + "givenName": f"{X500ATTR_OID}42", + "givenname": f"{X500ATTR_OID}42", + "x500UniqueIdentifier": f"{X500ATTR_OID}45", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "houseIdentifier": f"{X500ATTR_OID}51", + "street": f"{X500ATTR_OID}9", + "supportedAlgorithms": f"{X500ATTR_OID}52", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "postalAddress": f"{X500ATTR_OID}16", + "email": f"{PKCS_9}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "c": f"{X500ATTR_OID}6", + "teletexTerminalIdentifier": f"{X500ATTR_OID}22", + "o": f"{X500ATTR_OID}10", + "cACertificate": f"{X500ATTR_OID}37", + "telexNumber": f"{X500ATTR_OID}21", + "ou": f"{X500ATTR_OID}11", + "initials": f"{X500ATTR_OID}43", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "deltaRevocationList": f"{X500ATTR_OID}53", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "supportedApplicationContext": f"{X500ATTR_OID}30", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "generationQualifier": f"{X500ATTR_OID}44", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "edupersonaffiliation": f"{EDUPERSON_OID}1", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "edupersonprincipalname": f"{EDUPERSON_OID}6", + "localityName": f"{X500ATTR_OID}7", + "owner": f"{X500ATTR_OID}32", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "searchGuide": f"{X500ATTR_OID}14", + "certificateRevocationList": f"{X500ATTR_OID}39", + "organizationalUnitName": f"{X500ATTR_OID}11", + "userCertificate": f"{X500ATTR_OID}36", + "preferredDeliveryMethod": f"{X500ATTR_OID}28", + "internationaliSDNNumber": f"{X500ATTR_OID}25", + "uniqueMember": f"{X500ATTR_OID}50", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "enhancedSearchGuide": f"{X500ATTR_OID}47", + "userPKCS12": f"{NETSCAPE_LDAP}216", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "x121Address": f"{X500ATTR_OID}24", + "destinationIndicator": f"{X500ATTR_OID}27", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "surname": f"{X500ATTR_OID}4", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "edupersonscopedaffiliation": f"{EDUPERSON_OID}9", + "protocolInformation": f"{X500ATTR_OID}48", + "knowledgeInformation": f"{X500ATTR_OID}2", + "employeeType": f"{NETSCAPE_LDAP}4", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "member": f"{X500ATTR_OID}31", + "streetAddress": f"{X500ATTR_OID}9", + "dmdName": f"{X500ATTR_OID}54", + "postalCode": f"{X500ATTR_OID}17", + "pseudonym": f"{X500ATTR_OID}65", + "dnQualifier": f"{X500ATTR_OID}46", + "crossCertificatePair": f"{X500ATTR_OID}40", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "authorityRevocationList": f"{X500ATTR_OID}38", + "displayName": f"{NETSCAPE_LDAP}241", + "businessCategory": f"{X500ATTR_OID}15", + "serialNumber": f"{X500ATTR_OID}5", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "st": f"{X500ATTR_OID}8", + "carLicense": f"{NETSCAPE_LDAP}1", + "presentationAddress": f"{X500ATTR_OID}29", + "sn": f"{X500ATTR_OID}4", + "domainComponent": f"{UCL_DIR_PILOT}25", + "labeledURI": f"{UMICH}57", + "uid": f"{UCL_DIR_PILOT}1", + "schacMotherTongue": f"{SCHAC}1", + "schacGender": f"{SCHAC}2", + "schacDateOfBirth": f"{SCHAC}3", + "schacPlaceOfBirth": f"{SCHAC}4", + "schacCountryOfCitizenship": f"{SCHAC}5", + "schacSn1": f"{SCHAC}6", + "schacSn2": f"{SCHAC}7", + "schacPersonalTitle": f"{SCHAC}8", + "schacHomeOrganization": f"{SCHAC}9", + "schacHomeOrganizationType": f"{SCHAC}10", + "schacCountryOfResidence": f"{SCHAC}11", + "schacUserPresenceID": f"{SCHAC}12", + "schacPersonalPosition": f"{SCHAC}13", + "schacPersonalUniqueCode": f"{SCHAC}14", + "schacPersonalUniqueID": f"{SCHAC}15", + "schacExpiryDate": f"{SCHAC}17", + "schacUserPrivateAttribute": f"{SCHAC}18", + "schacUserStatus": f"{SCHAC}19", + "schacProjectMembership": f"{SCHAC}20", + "schacProjectSpecificRole": f"{SCHAC}21", + }, +} diff --git a/tests/attributemaps/shibboleth_uri.py b/tests/attributemaps/shibboleth_uri.py index d26bf0061..992a2219e 100644 --- a/tests/attributemaps/shibboleth_uri.py +++ b/tests/attributemaps/shibboleth_uri.py @@ -9,182 +9,182 @@ MAP = { "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri", "fro": { - EDUPERSON_OID+'2': 'eduPersonNickname', - EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', - EDUPERSON_OID+'11': 'eduPersonAssurance', - EDUPERSON_OID+'10': 'eduPersonTargetedID', - EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID+'6': 'norEduOrgAcronym', - NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID+'4': 'norEduPersonLIN', - EDUPERSON_OID+'1': 'eduPersonAffiliation', - NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP+'40': 'userSMIMECertificate', - NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP+'241': 'displayName', - UCL_DIR_PILOT+'37': 'associatedDomain', - EDUPERSON_OID+'6': 'eduPersonPrincipalName', - NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', - X500ATTR+'53': 'deltaRevocationList', - X500ATTR+'52': 'supportedAlgorithms', - X500ATTR+'51': 'houseIdentifier', - X500ATTR+'50': 'uniqueMember', - X500ATTR+'19': 'physicalDeliveryOfficeName', - X500ATTR+'18': 'postOfficeBox', - X500ATTR+'17': 'postalCode', - X500ATTR+'16': 'postalAddress', - X500ATTR+'15': 'businessCategory', - X500ATTR+'14': 'searchGuide', - EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', - X500ATTR+'12': 'title', - X500ATTR+'11': 'ou', - X500ATTR+'10': 'o', - X500ATTR+'37': 'cACertificate', - X500ATTR+'36': 'userCertificate', - X500ATTR+'31': 'member', - X500ATTR+'30': 'supportedApplicationContext', - X500ATTR+'33': 'roleOccupant', - X500ATTR+'32': 'owner', - NETSCAPE_LDAP+'1': 'carLicense', - PKCS_9+'1': 'email', - NETSCAPE_LDAP+'3': 'employeeNumber', - NETSCAPE_LDAP+'2': 'departmentNumber', - X500ATTR+'39': 'certificateRevocationList', - X500ATTR+'38': 'authorityRevocationList', - NETSCAPE_LDAP+'216': 'userPKCS12', - EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR+'9': 'street', - X500ATTR+'8': 'st', - NETSCAPE_LDAP+'39': 'preferredLanguage', - EDUPERSON_OID+'7': 'eduPersonEntitlement', - X500ATTR+'2': 'knowledgeInformation', - X500ATTR+'7': 'l', - X500ATTR+'6': 'c', - X500ATTR+'5': 'serialNumber', - X500ATTR+'4': 'sn', - UCL_DIR_PILOT+'60': 'jpegPhoto', - X500ATTR+'65': 'pseudonym', - NOREDUPERSON_OID+'5': 'norEduPersonNIN', - UCL_DIR_PILOT+'3': 'mail', - UCL_DIR_PILOT+'25': 'dc', - X500ATTR+'40': 'crossCertificatePair', - X500ATTR+'42': 'givenName', - X500ATTR+'43': 'initials', - X500ATTR+'44': 'generationQualifier', - X500ATTR+'45': 'x500UniqueIdentifier', - X500ATTR+'46': 'dnQualifier', - X500ATTR+'47': 'enhancedSearchGuide', - X500ATTR+'48': 'protocolInformation', - X500ATTR+'54': 'dmdName', - NETSCAPE_LDAP+'4': 'employeeType', - X500ATTR+'22': 'teletexTerminalIdentifier', - X500ATTR+'23': 'facsimileTelephoneNumber', - X500ATTR+'20': 'telephoneNumber', - X500ATTR+'21': 'telexNumber', - X500ATTR+'26': 'registeredAddress', - X500ATTR+'27': 'destinationIndicator', - X500ATTR+'24': 'x121Address', - X500ATTR+'25': 'internationaliSDNNumber', - X500ATTR+'28': 'preferredDeliveryMethod', - X500ATTR+'29': 'presentationAddress', - EDUPERSON_OID+'3': 'eduPersonOrgDN', - NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', + f"{EDUPERSON_OID}2": "eduPersonNickname", + f"{EDUPERSON_OID}9": "eduPersonScopedAffiliation", + f"{EDUPERSON_OID}11": "eduPersonAssurance", + f"{EDUPERSON_OID}10": "eduPersonTargetedID", + f"{EDUPERSON_OID}4": "eduPersonOrgUnitDN", + f"{NOREDUPERSON_OID}6": "norEduOrgAcronym", + f"{NOREDUPERSON_OID}7": "norEduOrgUniqueIdentifier", + f"{NOREDUPERSON_OID}4": "norEduPersonLIN", + f"{EDUPERSON_OID}1": "eduPersonAffiliation", + f"{NOREDUPERSON_OID}2": "norEduOrgUnitUniqueNumber", + f"{NETSCAPE_LDAP}40": "userSMIMECertificate", + f"{NOREDUPERSON_OID}1": "norEduOrgUniqueNumber", + f"{NETSCAPE_LDAP}241": "displayName", + f"{UCL_DIR_PILOT}37": "associatedDomain", + f"{EDUPERSON_OID}6": "eduPersonPrincipalName", + f"{NOREDUPERSON_OID}8": "norEduOrgUnitUniqueIdentifier", + f"{NOREDUPERSON_OID}9": "federationFeideSchemaVersion", + f"{X500ATTR}53": "deltaRevocationList", + f"{X500ATTR}52": "supportedAlgorithms", + f"{X500ATTR}51": "houseIdentifier", + f"{X500ATTR}50": "uniqueMember", + f"{X500ATTR}19": "physicalDeliveryOfficeName", + f"{X500ATTR}18": "postOfficeBox", + f"{X500ATTR}17": "postalCode", + f"{X500ATTR}16": "postalAddress", + f"{X500ATTR}15": "businessCategory", + f"{X500ATTR}14": "searchGuide", + f"{EDUPERSON_OID}5": "eduPersonPrimaryAffiliation", + f"{X500ATTR}12": "title", + f"{X500ATTR}11": "ou", + f"{X500ATTR}10": "o", + f"{X500ATTR}37": "cACertificate", + f"{X500ATTR}36": "userCertificate", + f"{X500ATTR}31": "member", + f"{X500ATTR}30": "supportedApplicationContext", + f"{X500ATTR}33": "roleOccupant", + f"{X500ATTR}32": "owner", + f"{NETSCAPE_LDAP}1": "carLicense", + f"{PKCS_9}1": "email", + f"{NETSCAPE_LDAP}3": "employeeNumber", + f"{NETSCAPE_LDAP}2": "departmentNumber", + f"{X500ATTR}39": "certificateRevocationList", + f"{X500ATTR}38": "authorityRevocationList", + f"{NETSCAPE_LDAP}216": "userPKCS12", + f"{EDUPERSON_OID}8": "eduPersonPrimaryOrgUnitDN", + f"{X500ATTR}9": "street", + f"{X500ATTR}8": "st", + f"{NETSCAPE_LDAP}39": "preferredLanguage", + f"{EDUPERSON_OID}7": "eduPersonEntitlement", + f"{X500ATTR}2": "knowledgeInformation", + f"{X500ATTR}7": "l", + f"{X500ATTR}6": "c", + f"{X500ATTR}5": "serialNumber", + f"{X500ATTR}4": "sn", + f"{UCL_DIR_PILOT}60": "jpegPhoto", + f"{X500ATTR}65": "pseudonym", + f"{NOREDUPERSON_OID}5": "norEduPersonNIN", + f"{UCL_DIR_PILOT}3": "mail", + f"{UCL_DIR_PILOT}25": "dc", + f"{X500ATTR}40": "crossCertificatePair", + f"{X500ATTR}42": "givenName", + f"{X500ATTR}43": "initials", + f"{X500ATTR}44": "generationQualifier", + f"{X500ATTR}45": "x500UniqueIdentifier", + f"{X500ATTR}46": "dnQualifier", + f"{X500ATTR}47": "enhancedSearchGuide", + f"{X500ATTR}48": "protocolInformation", + f"{X500ATTR}54": "dmdName", + f"{NETSCAPE_LDAP}4": "employeeType", + f"{X500ATTR}22": "teletexTerminalIdentifier", + f"{X500ATTR}23": "facsimileTelephoneNumber", + f"{X500ATTR}20": "telephoneNumber", + f"{X500ATTR}21": "telexNumber", + f"{X500ATTR}26": "registeredAddress", + f"{X500ATTR}27": "destinationIndicator", + f"{X500ATTR}24": "x121Address", + f"{X500ATTR}25": "internationaliSDNNumber", + f"{X500ATTR}28": "preferredDeliveryMethod", + f"{X500ATTR}29": "presentationAddress", + f"{EDUPERSON_OID}3": "eduPersonOrgDN", + f"{NOREDUPERSON_OID}3": "norEduPersonBirthDate", }, - "to":{ - 'roleOccupant': X500ATTR+'33', - 'gn': X500ATTR+'42', - 'norEduPersonNIN': NOREDUPERSON_OID+'5', - 'title': X500ATTR+'12', - 'facsimileTelephoneNumber': X500ATTR+'23', - 'mail': UCL_DIR_PILOT+'3', - 'postOfficeBox': X500ATTR+'18', - 'fax': X500ATTR+'23', - 'telephoneNumber': X500ATTR+'20', - 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', - 'rfc822Mailbox': UCL_DIR_PILOT+'3', - 'dc': UCL_DIR_PILOT+'25', - 'countryName': X500ATTR+'6', - 'emailAddress': PKCS_9+'1', - 'employeeNumber': NETSCAPE_LDAP+'3', - 'organizationName': X500ATTR+'10', - 'eduPersonAssurance': EDUPERSON_OID+'11', - 'norEduOrgAcronym': NOREDUPERSON_OID+'6', - 'registeredAddress': X500ATTR+'26', - 'physicalDeliveryOfficeName': X500ATTR+'19', - 'associatedDomain': UCL_DIR_PILOT+'37', - 'l': X500ATTR+'7', - 'stateOrProvinceName': X500ATTR+'8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', - 'pkcs9email': PKCS_9+'1', - 'givenName': X500ATTR+'42', - 'x500UniqueIdentifier': X500ATTR+'45', - 'eduPersonNickname': EDUPERSON_OID+'2', - 'houseIdentifier': X500ATTR+'51', - 'street': X500ATTR+'9', - 'supportedAlgorithms': X500ATTR+'52', - 'preferredLanguage': NETSCAPE_LDAP+'39', - 'postalAddress': X500ATTR+'16', - 'email': PKCS_9+'1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', - 'c': X500ATTR+'6', - 'teletexTerminalIdentifier': X500ATTR+'22', - 'o': X500ATTR+'10', - 'cACertificate': X500ATTR+'37', - 'telexNumber': X500ATTR+'21', - 'ou': X500ATTR+'11', - 'initials': X500ATTR+'43', - 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', - 'deltaRevocationList': X500ATTR+'53', - 'norEduPersonLIN': NOREDUPERSON_OID+'4', - 'supportedApplicationContext': X500ATTR+'30', - 'eduPersonEntitlement': EDUPERSON_OID+'7', - 'generationQualifier': X500ATTR+'44', - 'eduPersonAffiliation': EDUPERSON_OID+'1', - 'eduPersonPrincipalName': EDUPERSON_OID+'6', - 'localityName': X500ATTR+'7', - 'owner': X500ATTR+'32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', - 'searchGuide': X500ATTR+'14', - 'certificateRevocationList': X500ATTR+'39', - 'organizationalUnitName': X500ATTR+'11', - 'userCertificate': X500ATTR+'36', - 'preferredDeliveryMethod': X500ATTR+'28', - 'internationaliSDNNumber': X500ATTR+'25', - 'uniqueMember': X500ATTR+'50', - 'departmentNumber': NETSCAPE_LDAP+'2', - 'enhancedSearchGuide': X500ATTR+'47', - 'userPKCS12': NETSCAPE_LDAP+'216', - 'eduPersonTargetedID': EDUPERSON_OID+'10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', - 'x121Address': X500ATTR+'24', - 'destinationIndicator': X500ATTR+'27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', - 'surname': X500ATTR+'4', - 'jpegPhoto': UCL_DIR_PILOT+'60', - 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', - 'protocolInformation': X500ATTR+'48', - 'knowledgeInformation': X500ATTR+'2', - 'employeeType': NETSCAPE_LDAP+'4', - 'userSMIMECertificate': NETSCAPE_LDAP+'40', - 'member': X500ATTR+'31', - 'streetAddress': X500ATTR+'9', - 'dmdName': X500ATTR+'54', - 'postalCode': X500ATTR+'17', - 'pseudonym': X500ATTR+'65', - 'dnQualifier': X500ATTR+'46', - 'crossCertificatePair': X500ATTR+'40', - 'eduPersonOrgDN': EDUPERSON_OID+'3', - 'authorityRevocationList': X500ATTR+'38', - 'displayName': NETSCAPE_LDAP+'241', - 'businessCategory': X500ATTR+'15', - 'serialNumber': X500ATTR+'5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', - 'st': X500ATTR+'8', - 'carLicense': NETSCAPE_LDAP+'1', - 'presentationAddress': X500ATTR+'29', - 'sn': X500ATTR+'4', - 'domainComponent': UCL_DIR_PILOT+'25', - } -} \ No newline at end of file + "to": { + "roleOccupant": f"{X500ATTR}33", + "gn": f"{X500ATTR}42", + "norEduPersonNIN": f"{NOREDUPERSON_OID}5", + "title": f"{X500ATTR}12", + "facsimileTelephoneNumber": f"{X500ATTR}23", + "mail": f"{UCL_DIR_PILOT}3", + "postOfficeBox": f"{X500ATTR}18", + "fax": f"{X500ATTR}23", + "telephoneNumber": f"{X500ATTR}20", + "norEduPersonBirthDate": f"{NOREDUPERSON_OID}3", + "rfc822Mailbox": f"{UCL_DIR_PILOT}3", + "dc": f"{UCL_DIR_PILOT}25", + "countryName": f"{X500ATTR}6", + "emailAddress": f"{PKCS_9}1", + "employeeNumber": f"{NETSCAPE_LDAP}3", + "organizationName": f"{X500ATTR}10", + "eduPersonAssurance": f"{EDUPERSON_OID}11", + "norEduOrgAcronym": f"{NOREDUPERSON_OID}6", + "registeredAddress": f"{X500ATTR}26", + "physicalDeliveryOfficeName": f"{X500ATTR}19", + "associatedDomain": f"{UCL_DIR_PILOT}37", + "l": f"{X500ATTR}7", + "stateOrProvinceName": f"{X500ATTR}8", + "federationFeideSchemaVersion": f"{NOREDUPERSON_OID}9", + "pkcs9email": f"{PKCS_9}1", + "givenName": f"{X500ATTR}42", + "x500UniqueIdentifier": f"{X500ATTR}45", + "eduPersonNickname": f"{EDUPERSON_OID}2", + "houseIdentifier": f"{X500ATTR}51", + "street": f"{X500ATTR}9", + "supportedAlgorithms": f"{X500ATTR}52", + "preferredLanguage": f"{NETSCAPE_LDAP}39", + "postalAddress": f"{X500ATTR}16", + "email": f"{PKCS_9}1", + "norEduOrgUnitUniqueIdentifier": f"{NOREDUPERSON_OID}8", + "eduPersonPrimaryOrgUnitDN": f"{EDUPERSON_OID}8", + "c": f"{X500ATTR}6", + "teletexTerminalIdentifier": f"{X500ATTR}22", + "o": f"{X500ATTR}10", + "cACertificate": f"{X500ATTR}37", + "telexNumber": f"{X500ATTR}21", + "ou": f"{X500ATTR}11", + "initials": f"{X500ATTR}43", + "eduPersonOrgUnitDN": f"{EDUPERSON_OID}4", + "deltaRevocationList": f"{X500ATTR}53", + "norEduPersonLIN": f"{NOREDUPERSON_OID}4", + "supportedApplicationContext": f"{X500ATTR}30", + "eduPersonEntitlement": f"{EDUPERSON_OID}7", + "generationQualifier": f"{X500ATTR}44", + "eduPersonAffiliation": f"{EDUPERSON_OID}1", + "eduPersonPrincipalName": f"{EDUPERSON_OID}6", + "localityName": f"{X500ATTR}7", + "owner": f"{X500ATTR}32", + "norEduOrgUnitUniqueNumber": f"{NOREDUPERSON_OID}2", + "searchGuide": f"{X500ATTR}14", + "certificateRevocationList": f"{X500ATTR}39", + "organizationalUnitName": f"{X500ATTR}11", + "userCertificate": f"{X500ATTR}36", + "preferredDeliveryMethod": f"{X500ATTR}28", + "internationaliSDNNumber": f"{X500ATTR}25", + "uniqueMember": f"{X500ATTR}50", + "departmentNumber": f"{NETSCAPE_LDAP}2", + "enhancedSearchGuide": f"{X500ATTR}47", + "userPKCS12": f"{NETSCAPE_LDAP}216", + "eduPersonTargetedID": f"{EDUPERSON_OID}10", + "norEduOrgUniqueNumber": f"{NOREDUPERSON_OID}1", + "x121Address": f"{X500ATTR}24", + "destinationIndicator": f"{X500ATTR}27", + "eduPersonPrimaryAffiliation": f"{EDUPERSON_OID}5", + "surname": f"{X500ATTR}4", + "jpegPhoto": f"{UCL_DIR_PILOT}60", + "eduPersonScopedAffiliation": f"{EDUPERSON_OID}9", + "protocolInformation": f"{X500ATTR}48", + "knowledgeInformation": f"{X500ATTR}2", + "employeeType": f"{NETSCAPE_LDAP}4", + "userSMIMECertificate": f"{NETSCAPE_LDAP}40", + "member": f"{X500ATTR}31", + "streetAddress": f"{X500ATTR}9", + "dmdName": f"{X500ATTR}54", + "postalCode": f"{X500ATTR}17", + "pseudonym": f"{X500ATTR}65", + "dnQualifier": f"{X500ATTR}46", + "crossCertificatePair": f"{X500ATTR}40", + "eduPersonOrgDN": f"{EDUPERSON_OID}3", + "authorityRevocationList": f"{X500ATTR}38", + "displayName": f"{NETSCAPE_LDAP}241", + "businessCategory": f"{X500ATTR}15", + "serialNumber": f"{X500ATTR}5", + "norEduOrgUniqueIdentifier": f"{NOREDUPERSON_OID}7", + "st": f"{X500ATTR}8", + "carLicense": f"{NETSCAPE_LDAP}1", + "presentationAddress": f"{X500ATTR}29", + "sn": f"{X500ATTR}4", + "domainComponent": f"{UCL_DIR_PILOT}25", + }, +} diff --git a/tests/conftest.py b/tests/conftest.py index 5048394c7..a6587e091 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -1,16 +1,19 @@ import os + import pytest -#TODO: On my system this function seems to be returning an incorrect location + +# TODO: On my system this function seems to be returning an incorrect location @pytest.fixture def xmlsec(request): for path in os.environ["PATH"].split(":"): fil = os.path.join(path, "xmlsec1") - if os.access(fil,os.X_OK): + if os.access(fil, os.X_OK): return fil raise Exception("Can't find xmlsec1") + @pytest.fixture def AVA(request): return [ diff --git a/tests/disco_conf.py b/tests/disco_conf.py index 68cf0388e..cb1197586 100644 --- a/tests/disco_conf.py +++ b/tests/disco_conf.py @@ -1,26 +1,29 @@ -from saml2.extension.idpdisc import BINDING_DISCO - from pathutils import full_path from pathutils import xmlsec_path +from saml2.extension.idpdisc import BINDING_DISCO + + BASE = "http://localhost:8088" CONFIG = { - "entityid": "%s/disco.xml" % BASE, + "entityid": f"{BASE}/disco.xml", "name": "Rolands Discoserver", "service": { "ds": { "endpoints": { "disco_service": [ - ("%s/disco" % BASE, BINDING_DISCO), + (f"{BASE}/disco", BINDING_DISCO), ] }, }, }, "debug": 1, "xmlsec_binary": xmlsec_path, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("servera.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("servera.xml"),)], + } + ], } diff --git a/tests/ds_data.py b/tests/ds_data.py index 243d955e9..f503c451b 100644 --- a/tests/ds_data.py +++ b/tests/ds_data.py @@ -3,7 +3,7 @@ """Test data for ds""" -__author__ = 'tmatsuo@example.com (Takashi MATSUO)' +__author__ = "tmatsuo@example.com (Takashi MATSUO)" TEST_OBJECT = """ + + https://eidas-service.eu + + + + + + + + + + + + + t5V4hqAh4Nxjd49H/rC+N9tN/dNHBNuCOco1v1GYfFc= + + + fQ== + + + fQ== + + + + + + + + https://eidas-service.eu + + ES/AT/02635542Y + + + + + + + https://eidas-connector.eu/post + + + + + http://eidas.europa.eu/LoA/high + + + + + ES/AT/02635542Y + + + Onasis + Ωνάσης + + + Sarah + + + 1970-05-28 + + + + diff --git a/tests/empty_metadata_file.xml b/tests/empty_metadata_file.xml new file mode 100644 index 000000000..e69de29bb diff --git a/tests/encrypted_attribute_statement.xml b/tests/encrypted_attribute_statement.xml index 45c490411..65860bc2a 100644 --- a/tests/encrypted_attribute_statement.xml +++ b/tests/encrypted_attribute_statement.xml @@ -1,9 +1,10 @@ + xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" + xmlns:ns3="http://www.w3.org/2009/xmlenc11#"> - @@ -24,9 +25,10 @@ - - + + + + @@ -48,8 +50,9 @@ Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> - + + + @@ -82,8 +85,9 @@ Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> - + + + @@ -116,8 +120,9 @@ Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> - + + + diff --git a/tests/entity_anonymous_sp.xml b/tests/entity_anonymous_sp.xml new file mode 100644 index 000000000..7dac55c05 --- /dev/null +++ b/tests/entity_anonymous_sp.xml @@ -0,0 +1,93 @@ + + + + + + + https://refeds.org/category/pseudonymous + https://refeds.org/category/anonymous + + + + + + + MIIDvDCCAqQCCQDXVjecpE8ibTANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMC +U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQ4wDAYD +VQQKDAVFRFVJRDEaMBgGA1UECwwRZWR1aWQuZXhhbXBsZS5jb20xGjAYBgNVBAMM +EWVkdWlkLmV4YW1wbGUuY29tMSAwHgYJKoZIhvcNAQkBFhFlZHVpZEBleGFtcGxl +LmNvbTAeFw0xMzA2MTIxMTU5NTdaFw0yMzA2MTAxMTU5NTdaMIGfMQswCQYDVQQG +EwJTRTESMBAGA1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDjAM +BgNVBAoMBUVEVUlEMRowGAYDVQQLDBFlZHVpZC5leGFtcGxlLmNvbTEaMBgGA1UE +AwwRZWR1aWQuZXhhbXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEWVkdWlkQGV4YW1w +bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzXvBlv+DN1 +0tV9z6M79RFKJEE1HoBpo/vuQzcIP8SZZNhzwQpYxTVTQ9ocagX1onfJn2ZjoWsi +p45tSMnwLM9a9+UETYAV8O/AUq3gNDp+Mu6sS3smNhdykVR4STscIiP/hWMkZbJ4 +4dmJ2ccT3H6VosXR/OIVTjyalanmvMpDb6ZkKqmuQCDvRMii/R0HhbYUCytToDiy +Bxw1tQG946g8pe5RhZxxzmxVwAGwOyDn1dwi+j4wH2eCDyLu8hLanPHNFNiy5hiN +5B40N24V5YixlksgdT0pF46DfkJRrOCsNWHWnMSN+Xvo1oXLRFXEnfsCB1cw0EAp +SMMGX4dhSwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA8+faeCQVTadTrXpB8jzfE +MJq6+V4oajnWb0LJ5ZZcKSlQZ5sfYJ1385CaXGh60Tg4uhtwTOgpRi1R1cZMLTz9 +ST6WPF+2vDJv7dGPuglzyQLvA2fd6BLnyGV6kLUc2XNOyCmD/tWuMvKvW62j4Y3B +XZvRFZZdHNgay4Wgvs8D6wyozWpkWpawXkQ3LqbXO6GChYC4VLru+uJuMKvvKCd/ +I125dzkP2nf9zkGV0cil3oIVSBPBtSRTF/M+oZhkHTwoM6hhonRvdOLuvobKfZ2Q +wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE + + + + + + + + MIIDvDCCAqQCCQDXVjecpE8ibTANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMC +U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQ4wDAYD +VQQKDAVFRFVJRDEaMBgGA1UECwwRZWR1aWQuZXhhbXBsZS5jb20xGjAYBgNVBAMM +EWVkdWlkLmV4YW1wbGUuY29tMSAwHgYJKoZIhvcNAQkBFhFlZHVpZEBleGFtcGxl +LmNvbTAeFw0xMzA2MTIxMTU5NTdaFw0yMzA2MTAxMTU5NTdaMIGfMQswCQYDVQQG +EwJTRTESMBAGA1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDjAM +BgNVBAoMBUVEVUlEMRowGAYDVQQLDBFlZHVpZC5leGFtcGxlLmNvbTEaMBgGA1UE +AwwRZWR1aWQuZXhhbXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEWVkdWlkQGV4YW1w +bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzXvBlv+DN1 +0tV9z6M79RFKJEE1HoBpo/vuQzcIP8SZZNhzwQpYxTVTQ9ocagX1onfJn2ZjoWsi +p45tSMnwLM9a9+UETYAV8O/AUq3gNDp+Mu6sS3smNhdykVR4STscIiP/hWMkZbJ4 +4dmJ2ccT3H6VosXR/OIVTjyalanmvMpDb6ZkKqmuQCDvRMii/R0HhbYUCytToDiy +Bxw1tQG946g8pe5RhZxxzmxVwAGwOyDn1dwi+j4wH2eCDyLu8hLanPHNFNiy5hiN +5B40N24V5YixlksgdT0pF46DfkJRrOCsNWHWnMSN+Xvo1oXLRFXEnfsCB1cw0EAp +SMMGX4dhSwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA8+faeCQVTadTrXpB8jzfE +MJq6+V4oajnWb0LJ5ZZcKSlQZ5sfYJ1385CaXGh60Tg4uhtwTOgpRi1R1cZMLTz9 +ST6WPF+2vDJv7dGPuglzyQLvA2fd6BLnyGV6kLUc2XNOyCmD/tWuMvKvW62j4Y3B +XZvRFZZdHNgay4Wgvs8D6wyozWpkWpawXkQ3LqbXO6GChYC4VLru+uJuMKvvKCd/ +I125dzkP2nf9zkGV0cil3oIVSBPBtSRTF/M+oZhkHTwoM6hhonRvdOLuvobKfZ2Q +wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE + + + + + + + + anononymous-SP + refeds anononymous access SP + + + + Example CO + Example CO + Example + Example + http://www.example.edu + http://www.example.com + + + Example CO + Sysadmin + + sysadmin@example.com + + + Example CO + Admin + CEO + admin@example.com + + diff --git a/tests/entity_cat_sfs_hei.xml b/tests/entity_cat_sfs_hei.xml index 6b05f1c2f..3521eedda 100644 --- a/tests/entity_cat_sfs_hei.xml +++ b/tests/entity_cat_sfs_hei.xml @@ -9,12 +9,8 @@ - - http://www.swamid.se/category/sfs-1993-1153 - - - http://www.swamid.se/category/hei-service - + http://www.swamid.se/category/sfs-1993-1153 + http://www.swamid.se/category/hei-service diff --git a/tests/entity_esi_and_coco_sp.xml b/tests/entity_esi_and_coco_sp.xml index a076535b6..f4e0ccbb7 100644 --- a/tests/entity_esi_and_coco_sp.xml +++ b/tests/entity_esi_and_coco_sp.xml @@ -7,6 +7,9 @@ https://myacademicid.org/entity-categories/esi http://www.geant.net/uri/dataprotection-code-of-conduct/v1 + + any + @@ -65,7 +68,7 @@ wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE - + esi-coco-SP ESI and COCO SP diff --git a/tests/entity_personalized_sp.xml b/tests/entity_personalized_sp.xml new file mode 100644 index 000000000..aa48693a4 --- /dev/null +++ b/tests/entity_personalized_sp.xml @@ -0,0 +1,92 @@ + + + + + + + https://refeds.org/category/personalized + + + + + + + MIIDvDCCAqQCCQDXVjecpE8ibTANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMC +U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQ4wDAYD +VQQKDAVFRFVJRDEaMBgGA1UECwwRZWR1aWQuZXhhbXBsZS5jb20xGjAYBgNVBAMM +EWVkdWlkLmV4YW1wbGUuY29tMSAwHgYJKoZIhvcNAQkBFhFlZHVpZEBleGFtcGxl +LmNvbTAeFw0xMzA2MTIxMTU5NTdaFw0yMzA2MTAxMTU5NTdaMIGfMQswCQYDVQQG +EwJTRTESMBAGA1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDjAM +BgNVBAoMBUVEVUlEMRowGAYDVQQLDBFlZHVpZC5leGFtcGxlLmNvbTEaMBgGA1UE +AwwRZWR1aWQuZXhhbXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEWVkdWlkQGV4YW1w +bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzXvBlv+DN1 +0tV9z6M79RFKJEE1HoBpo/vuQzcIP8SZZNhzwQpYxTVTQ9ocagX1onfJn2ZjoWsi +p45tSMnwLM9a9+UETYAV8O/AUq3gNDp+Mu6sS3smNhdykVR4STscIiP/hWMkZbJ4 +4dmJ2ccT3H6VosXR/OIVTjyalanmvMpDb6ZkKqmuQCDvRMii/R0HhbYUCytToDiy +Bxw1tQG946g8pe5RhZxxzmxVwAGwOyDn1dwi+j4wH2eCDyLu8hLanPHNFNiy5hiN +5B40N24V5YixlksgdT0pF46DfkJRrOCsNWHWnMSN+Xvo1oXLRFXEnfsCB1cw0EAp +SMMGX4dhSwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA8+faeCQVTadTrXpB8jzfE +MJq6+V4oajnWb0LJ5ZZcKSlQZ5sfYJ1385CaXGh60Tg4uhtwTOgpRi1R1cZMLTz9 +ST6WPF+2vDJv7dGPuglzyQLvA2fd6BLnyGV6kLUc2XNOyCmD/tWuMvKvW62j4Y3B +XZvRFZZdHNgay4Wgvs8D6wyozWpkWpawXkQ3LqbXO6GChYC4VLru+uJuMKvvKCd/ +I125dzkP2nf9zkGV0cil3oIVSBPBtSRTF/M+oZhkHTwoM6hhonRvdOLuvobKfZ2Q +wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE + + + + + + + + MIIDvDCCAqQCCQDXVjecpE8ibTANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMC +U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQ4wDAYD +VQQKDAVFRFVJRDEaMBgGA1UECwwRZWR1aWQuZXhhbXBsZS5jb20xGjAYBgNVBAMM +EWVkdWlkLmV4YW1wbGUuY29tMSAwHgYJKoZIhvcNAQkBFhFlZHVpZEBleGFtcGxl +LmNvbTAeFw0xMzA2MTIxMTU5NTdaFw0yMzA2MTAxMTU5NTdaMIGfMQswCQYDVQQG +EwJTRTESMBAGA1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDjAM +BgNVBAoMBUVEVUlEMRowGAYDVQQLDBFlZHVpZC5leGFtcGxlLmNvbTEaMBgGA1UE +AwwRZWR1aWQuZXhhbXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEWVkdWlkQGV4YW1w +bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzXvBlv+DN1 +0tV9z6M79RFKJEE1HoBpo/vuQzcIP8SZZNhzwQpYxTVTQ9ocagX1onfJn2ZjoWsi +p45tSMnwLM9a9+UETYAV8O/AUq3gNDp+Mu6sS3smNhdykVR4STscIiP/hWMkZbJ4 +4dmJ2ccT3H6VosXR/OIVTjyalanmvMpDb6ZkKqmuQCDvRMii/R0HhbYUCytToDiy +Bxw1tQG946g8pe5RhZxxzmxVwAGwOyDn1dwi+j4wH2eCDyLu8hLanPHNFNiy5hiN +5B40N24V5YixlksgdT0pF46DfkJRrOCsNWHWnMSN+Xvo1oXLRFXEnfsCB1cw0EAp +SMMGX4dhSwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA8+faeCQVTadTrXpB8jzfE +MJq6+V4oajnWb0LJ5ZZcKSlQZ5sfYJ1385CaXGh60Tg4uhtwTOgpRi1R1cZMLTz9 +ST6WPF+2vDJv7dGPuglzyQLvA2fd6BLnyGV6kLUc2XNOyCmD/tWuMvKvW62j4Y3B +XZvRFZZdHNgay4Wgvs8D6wyozWpkWpawXkQ3LqbXO6GChYC4VLru+uJuMKvvKCd/ +I125dzkP2nf9zkGV0cil3oIVSBPBtSRTF/M+oZhkHTwoM6hhonRvdOLuvobKfZ2Q +wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE + + + + + + + + personalized-SP + refeds personalized access SP + + + + Example CO + Example CO + Example + Example + http://www.example.edu + http://www.example.com + + + Example CO + Sysadmin + + sysadmin@example.com + + + Example CO + Admin + CEO + admin@example.com + + diff --git a/tests/entity_pseudonymous_sp.xml b/tests/entity_pseudonymous_sp.xml new file mode 100644 index 000000000..f479a4bce --- /dev/null +++ b/tests/entity_pseudonymous_sp.xml @@ -0,0 +1,93 @@ + + + + + + + https://refeds.org/category/pseudonymous + https://refeds.org/category/personalized + + + + + + + MIIDvDCCAqQCCQDXVjecpE8ibTANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMC +U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQ4wDAYD +VQQKDAVFRFVJRDEaMBgGA1UECwwRZWR1aWQuZXhhbXBsZS5jb20xGjAYBgNVBAMM +EWVkdWlkLmV4YW1wbGUuY29tMSAwHgYJKoZIhvcNAQkBFhFlZHVpZEBleGFtcGxl +LmNvbTAeFw0xMzA2MTIxMTU5NTdaFw0yMzA2MTAxMTU5NTdaMIGfMQswCQYDVQQG +EwJTRTESMBAGA1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDjAM +BgNVBAoMBUVEVUlEMRowGAYDVQQLDBFlZHVpZC5leGFtcGxlLmNvbTEaMBgGA1UE +AwwRZWR1aWQuZXhhbXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEWVkdWlkQGV4YW1w +bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzXvBlv+DN1 +0tV9z6M79RFKJEE1HoBpo/vuQzcIP8SZZNhzwQpYxTVTQ9ocagX1onfJn2ZjoWsi +p45tSMnwLM9a9+UETYAV8O/AUq3gNDp+Mu6sS3smNhdykVR4STscIiP/hWMkZbJ4 +4dmJ2ccT3H6VosXR/OIVTjyalanmvMpDb6ZkKqmuQCDvRMii/R0HhbYUCytToDiy +Bxw1tQG946g8pe5RhZxxzmxVwAGwOyDn1dwi+j4wH2eCDyLu8hLanPHNFNiy5hiN +5B40N24V5YixlksgdT0pF46DfkJRrOCsNWHWnMSN+Xvo1oXLRFXEnfsCB1cw0EAp +SMMGX4dhSwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA8+faeCQVTadTrXpB8jzfE +MJq6+V4oajnWb0LJ5ZZcKSlQZ5sfYJ1385CaXGh60Tg4uhtwTOgpRi1R1cZMLTz9 +ST6WPF+2vDJv7dGPuglzyQLvA2fd6BLnyGV6kLUc2XNOyCmD/tWuMvKvW62j4Y3B +XZvRFZZdHNgay4Wgvs8D6wyozWpkWpawXkQ3LqbXO6GChYC4VLru+uJuMKvvKCd/ +I125dzkP2nf9zkGV0cil3oIVSBPBtSRTF/M+oZhkHTwoM6hhonRvdOLuvobKfZ2Q +wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE + + + + + + + + MIIDvDCCAqQCCQDXVjecpE8ibTANBgkqhkiG9w0BAQUFADCBnzELMAkGA1UEBhMC +U0UxEjAQBgNVBAgMCVN0b2NraG9sbTESMBAGA1UEBwwJU3RvY2tob2xtMQ4wDAYD +VQQKDAVFRFVJRDEaMBgGA1UECwwRZWR1aWQuZXhhbXBsZS5jb20xGjAYBgNVBAMM +EWVkdWlkLmV4YW1wbGUuY29tMSAwHgYJKoZIhvcNAQkBFhFlZHVpZEBleGFtcGxl +LmNvbTAeFw0xMzA2MTIxMTU5NTdaFw0yMzA2MTAxMTU5NTdaMIGfMQswCQYDVQQG +EwJTRTESMBAGA1UECAwJU3RvY2tob2xtMRIwEAYDVQQHDAlTdG9ja2hvbG0xDjAM +BgNVBAoMBUVEVUlEMRowGAYDVQQLDBFlZHVpZC5leGFtcGxlLmNvbTEaMBgGA1UE +AwwRZWR1aWQuZXhhbXBsZS5jb20xIDAeBgkqhkiG9w0BCQEWEWVkdWlkQGV4YW1w +bGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHzXvBlv+DN1 +0tV9z6M79RFKJEE1HoBpo/vuQzcIP8SZZNhzwQpYxTVTQ9ocagX1onfJn2ZjoWsi +p45tSMnwLM9a9+UETYAV8O/AUq3gNDp+Mu6sS3smNhdykVR4STscIiP/hWMkZbJ4 +4dmJ2ccT3H6VosXR/OIVTjyalanmvMpDb6ZkKqmuQCDvRMii/R0HhbYUCytToDiy +Bxw1tQG946g8pe5RhZxxzmxVwAGwOyDn1dwi+j4wH2eCDyLu8hLanPHNFNiy5hiN +5B40N24V5YixlksgdT0pF46DfkJRrOCsNWHWnMSN+Xvo1oXLRFXEnfsCB1cw0EAp +SMMGX4dhSwIDAQABMA0GCSqGSIb3DQEBBQUAA4IBAQA8+faeCQVTadTrXpB8jzfE +MJq6+V4oajnWb0LJ5ZZcKSlQZ5sfYJ1385CaXGh60Tg4uhtwTOgpRi1R1cZMLTz9 +ST6WPF+2vDJv7dGPuglzyQLvA2fd6BLnyGV6kLUc2XNOyCmD/tWuMvKvW62j4Y3B +XZvRFZZdHNgay4Wgvs8D6wyozWpkWpawXkQ3LqbXO6GChYC4VLru+uJuMKvvKCd/ +I125dzkP2nf9zkGV0cil3oIVSBPBtSRTF/M+oZhkHTwoM6hhonRvdOLuvobKfZ2Q +wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE + + + + + + + + pseudonymous-SP + refeds pseudonymous access SP + + + + Example CO + Example CO + Example + Example + http://www.example.edu + http://www.example.com + + + Example CO + Sysadmin + + sysadmin@example.com + + + Example CO + Admin + CEO + admin@example.com + + diff --git a/tests/extra_lines.crt b/tests/extra_lines.crt new file mode 100644 index 000000000..05b68bef6 --- /dev/null +++ b/tests/extra_lines.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV +BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF +Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx +OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6 +ejEOMAwGA1UECgwFWnp6enoxDjAMBgNVBAsMBVp6enp6MQ0wCwYDVQQDDAR0ZXN0 +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjW0kJM+4baWKtvO24ZsGXNvNK +KkwTMz7OW5Z6BRqhSOq2WA0c5NCpMk6rD8Z2OTFEolPojEjf8dVyd/Ds/hrjFKQv +8wQgbdXLN51YTIsgd6h+hBJO+vzhl0PT4aT7M0JKo5ALtS6qk4tsworW2BnwyvsG +SAinwfeWt4t/b1J3kwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFtj7WArQQBugmh/ +KQjjlfTQ5A052QeXfgTyO9vv1S6MRIi7qgiaEv49cGXnJv/TWbySkMKObPMUApjg +6z8PqcxuShew5FCTkNvwhABFPiyu0fUj3e2FEPHfsBu76jz4ugtmhUqjqhzwFY9c +tnWRkkl6J0AjM3LnHOSgjNIclDZG +-----END CERTIFICATE----- + + + + + diff --git a/tests/fakeIDP.py b/tests/fakeIDP.py index c2bd5612a..00dda20ef 100644 --- a/tests/fakeIDP.py +++ b/tests/fakeIDP.py @@ -1,30 +1,28 @@ -from six.moves.urllib.parse import parse_qs -from saml2.authn_context import INTERNETPROTOCOLPASSWORD -from saml2.samlp import attribute_query_from_string, logout_request_from_string -from saml2 import BINDING_HTTP_REDIRECT, pack +from urllib.parse import parse_qs + from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP +from saml2 import pack +from saml2.authn_context import INTERNETPROTOCOLPASSWORD +from saml2.samlp import attribute_query_from_string +from saml2.samlp import logout_request_from_string from saml2.server import Server +from saml2.soap import make_soap_enveloped_saml_thingy from saml2.soap import parse_soap_enveloped_saml_attribute_query from saml2.soap import parse_soap_enveloped_saml_logout_request -from saml2.soap import make_soap_enveloped_saml_thingy -__author__ = 'rolandh' -TYP = { - "GET": [BINDING_HTTP_REDIRECT], - "POST": [BINDING_HTTP_POST, BINDING_SOAP] -} +__author__ = "rolandh" + +TYP = {"GET": [BINDING_HTTP_REDIRECT], "POST": [BINDING_HTTP_POST, BINDING_SOAP]} -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def unpack_form(_str, ver="SAMLRequest"): - SR_STR = "name=\"%s\" value=\"" % ver + SR_STR = f'name="{ver}" value="' RS_STR = 'name="RelayState" value="' i = _str.find(SR_STR) @@ -42,7 +40,7 @@ def unpack_form(_str, ver="SAMLRequest"): return {ver: sr, "RelayState": rs} -class DummyResponse(object): +class DummyResponse: def __init__(self, status, data, headers=None): self.status_code = status self.text = data @@ -53,7 +51,7 @@ def __init__(self, status, data, headers=None): class FakeIDP(Server): def __init__(self, config_file=""): Server.__init__(self, config_file) - #self.sign = False + # self.sign = False def receive(self, url, method="GET", **kwargs): """ @@ -90,8 +88,7 @@ def receive(self, url, method="GET", **kwargs): if path == endp: assert binding in TYP[method] if key == "single_sign_on_service": - return self.authn_request_endpoint(req, binding, - rstate) + return self.authn_request_endpoint(req, binding, rstate) elif key == "single_logout_service": return self.logout_endpoint(req, binding) @@ -116,20 +113,14 @@ def authn_request_endpoint(self, req, binding, relay_state): except Exception: raise - identity = {"surName": "Hedberg", "givenName": "Roland", - "title": "supertramp", "mail": "roland@example.com"} + identity = {"surName": "Hedberg", "givenName": "Roland", "title": "supertramp", "mail": "roland@example.com"} userid = "Pavill" - authn_resp = self.create_authn_response(identity, - userid=userid, - authn=AUTHN, - **resp_args) + authn_resp = self.create_authn_response(identity, userid=userid, authn=AUTHN, **resp_args) - response = "%s" % authn_resp + response = f"{authn_resp}" - _dict = pack.factory(_binding, response, - resp_args["destination"], relay_state, - "SAMLResponse") + _dict = pack.factory(_binding, response, resp_args["destination"], relay_state, "SAMLResponse") return DummyResponse(**_dict) def attribute_query_endpoint(self, xml_str, binding): @@ -140,25 +131,25 @@ def attribute_query_endpoint(self, xml_str, binding): aquery = attribute_query_from_string(_str) extra = {"eduPersonAffiliation": "faculty"} - #userid = "Pavill" + # userid = "Pavill" name_id = aquery.subject.name_id attr_resp = self.create_attribute_response( - extra, aquery.id, None, sp_entity_id=aquery.issuer.text, - name_id=name_id, attributes=aquery.attribute) + extra, aquery.id, None, sp_entity_id=aquery.issuer.text, name_id=name_id, attributes=aquery.attribute + ) if binding == BINDING_SOAP: # SOAP packing - #headers = {"content-type": "application/soap+xml"} + # headers = {"content-type": "application/soap+xml"} soap_message = make_soap_enveloped_saml_thingy(attr_resp) # if self.sign and self.sec: # _signed = self.sec.sign_statement_using_xmlsec(soap_message, # class_name(attr_resp), # nodeid=attr_resp.id) # soap_message = _signed - response = "%s" % soap_message + response = f"{soap_message}" else: # Just POST - response = "%s" % attr_resp + response = f"{attr_resp}" return DummyResponse(status=200, data=response) @@ -174,15 +165,15 @@ def logout_endpoint(self, xml_str, binding): if binding == BINDING_SOAP: # SOAP packing - #headers = {"content-type": "application/soap+xml"} + # headers = {"content-type": "application/soap+xml"} soap_message = make_soap_enveloped_saml_thingy(_resp) # if self.sign and self.sec: # _signed = self.sec.sign_statement_using_xmlsec(soap_message, # class_name(attr_resp), # nodeid=attr_resp.id) # soap_message = _signed - response = "%s" % soap_message - else: # Just POST - response = "%s" % _resp + response = f"{soap_message}" + else: # Just POST + response = f"{_resp}" return DummyResponse(status=200, data=response) diff --git a/tests/idp_all_conf.py b/tests/idp_all_conf.py index e4b0b7ee5..b880b9eb7 100644 --- a/tests/idp_all_conf.py +++ b/tests/idp_all_conf.py @@ -1,13 +1,14 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -from saml2 import BINDING_SOAP, BINDING_URI -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST +from pathutils import full_path + from saml2 import BINDING_HTTP_ARTIFACT -from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import BINDING_URI from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path BASE = "http://localhost:8088" @@ -16,58 +17,43 @@ "name": "Rolands IdP", "service": { "aa": { - "endpoints": { - "attribute_service": [ - ("%s/aap" % BASE, BINDING_HTTP_POST), - ("%s/aas" % BASE, BINDING_SOAP) - ] - }, + "endpoints": {"attribute_service": [(f"{BASE}/aap", BINDING_HTTP_POST), (f"{BASE}/aas", BINDING_SOAP)]}, }, "aq": { - "endpoints": { - "authn_query_service": [ - ("%s/aqs" % BASE, BINDING_SOAP) - ] - }, + "endpoints": {"authn_query_service": [(f"{BASE}/aqs", BINDING_SOAP)]}, }, "idp": { "endpoints": { "single_sign_on_service": [ - ("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/sso/post" % BASE, BINDING_HTTP_POST), - ("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT), - ("%s/sso/paos" % BASE, BINDING_SOAP) + (f"{BASE}/sso/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/sso/post", BINDING_HTTP_POST), + (f"{BASE}/sso/art", BINDING_HTTP_ARTIFACT), + (f"{BASE}/sso/paos", BINDING_SOAP), ], "single_logout_service": [ - ("%s/slo/soap" % BASE, BINDING_SOAP), - ("%s/slo/post" % BASE, BINDING_HTTP_POST) - ], - "artifact_resolution_service": [ - ("%s/ars" % BASE, BINDING_SOAP) - ], - "assertion_id_request_service": [ - ("%s/airs" % BASE, BINDING_URI) - ], - "authn_query_service": [ - ("%s/aqs" % BASE, BINDING_SOAP) + (f"{BASE}/slo/soap", BINDING_SOAP), + (f"{BASE}/slo/post", BINDING_HTTP_POST), ], + "artifact_resolution_service": [(f"{BASE}/ars", BINDING_SOAP)], + "assertion_id_request_service": [(f"{BASE}/airs", BINDING_URI)], + "authn_query_service": [(f"{BASE}/aqs", BINDING_SOAP)], "manage_name_id_service": [ - ("%s/mni/soap" % BASE, BINDING_SOAP), - ("%s/mni/post" % BASE, BINDING_HTTP_POST), - ("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT) + (f"{BASE}/mni/soap", BINDING_SOAP), + (f"{BASE}/mni/post", BINDING_HTTP_POST), + (f"{BASE}/mni/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/mni/art", BINDING_HTTP_ARTIFACT), ], "name_id_mapping_service": [ - ("%s/nim/soap" % BASE, BINDING_SOAP), - ("%s/nim/post" % BASE, BINDING_HTTP_POST), - ("%s/nim/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/nim/art" % BASE, BINDING_HTTP_ARTIFACT) - ] + (f"{BASE}/nim/soap", BINDING_SOAP), + (f"{BASE}/nim/post", BINDING_HTTP_POST), + (f"{BASE}/nim/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/nim/art", BINDING_HTTP_ARTIFACT), + ], }, "policy": { "default": { "lifetime": {"minutes": 15}, - "attribute_restrictions": None, # means all I have + "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI, }, "urn:mace:example.com:saml:roland:sp": { @@ -77,21 +63,22 @@ # "givenName": None, # "surName": None, # } - } + }, }, - #"subject_data": ("mongodb", "foo"), - "scope": ["example.com"] + # "subject_data": ("mongodb", "foo"), + "scope": ["example.com"], }, }, "debug": 1, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), "xmlsec_path": ["/usr/local/bin", "/opt/local/bin"], - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("servera.xml"), ), - (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("servera.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", diff --git a/tests/idp_conf.py b/tests/idp_conf.py index d805207e8..4f76aba04 100644 --- a/tests/idp_conf.py +++ b/tests/idp_conf.py @@ -1,11 +1,13 @@ -from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT +from pathutils import full_path +from pathutils import xmlsec_path + from saml2 import BINDING_HTTP_POST -from saml2.saml import NAMEID_FORMAT_PERSISTENT, NAME_FORMAT_BASIC +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2.saml import NAME_FORMAT_BASIC from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path -from pathutils import xmlsec_path BASE = "http://localhost:8088" @@ -15,11 +17,8 @@ "service": { "idp": { "endpoints": { - "single_sign_on_service": [ - ("%s/sso" % BASE, BINDING_HTTP_REDIRECT)], - "single_logout_service": [ - ("%s/slo" % BASE, BINDING_SOAP), - ("%s/slop" % BASE, BINDING_HTTP_POST)] + "single_sign_on_service": [(f"{BASE}/sso", BINDING_HTTP_REDIRECT)], + "single_logout_service": [(f"{BASE}/slo", BINDING_SOAP), (f"{BASE}/slop", BINDING_HTTP_POST)], }, "policy": { "default": { @@ -34,24 +33,28 @@ "https://example.com/sp": { "lifetime": {"minutes": 5}, "nameid_format": NAMEID_FORMAT_PERSISTENT, - "name_form": NAME_FORMAT_BASIC - } + "name_form": NAME_FORMAT_BASIC, + }, }, "subject_data": full_path("subject_data.db"), - #"domain": "umu.se", - #"name_qualifier": "" + # "domain": "umu.se", + # "name_qualifier": "" }, }, "debug": 1, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), "xmlsec_binary": xmlsec_path, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata_sp_1.xml"), ), - (full_path("metadata_sp_2.xml"), ), - (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [ + (full_path("metadata_sp_1.xml"),), + (full_path("metadata_sp_2.xml"),), + (full_path("vo_metadata.xml"),), + ], + } + ], "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", diff --git a/tests/idp_conf_ec.py b/tests/idp_conf_ec.py index a2a670b28..eef4d2c92 100644 --- a/tests/idp_conf_ec.py +++ b/tests/idp_conf_ec.py @@ -1,10 +1,11 @@ -from saml2.sigver import get_xmlsec_binary -from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT +from pathutils import full_path + from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP from saml2.saml import NAME_FORMAT_URI +from saml2.sigver import get_xmlsec_binary -from pathutils import full_path xmlsec_path = get_xmlsec_binary(["/opt/local/bin"]) @@ -16,11 +17,8 @@ "service": { "idp": { "endpoints": { - "single_sign_on_service": [ - ("%s/sso" % BASE, BINDING_HTTP_REDIRECT)], - "single_logout_service": [ - ("%s/slo" % BASE, BINDING_SOAP), - ("%s/slop" % BASE, BINDING_HTTP_POST)] + "single_sign_on_service": [(f"{BASE}/sso", BINDING_HTTP_REDIRECT)], + "single_logout_service": [(f"{BASE}/slo", BINDING_SOAP), (f"{BASE}/slop", BINDING_HTTP_POST)], }, "policy": { "default": { @@ -30,19 +28,20 @@ } }, "subject_data": full_path("subject_data.db"), - #"domain": "umu.se", - #"name_qualifier": "" + # "domain": "umu.se", + # "name_qualifier": "" }, }, "debug": 1, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), "xmlsec_binary": xmlsec_path, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata_sp_1.xml"), ), - (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata_sp_1.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", diff --git a/tests/idp_conf_mdb.py b/tests/idp_conf_mdb.py index 1b8bc8be4..fb5d325d4 100644 --- a/tests/idp_conf_mdb.py +++ b/tests/idp_conf_mdb.py @@ -1,68 +1,54 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -from saml2 import BINDING_SOAP, BINDING_URI -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST +from pathutils import full_path + from saml2 import BINDING_HTTP_ARTIFACT -from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import BINDING_URI from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path BASE = "http://localhost:8088" CONFIG = { - "entityid": "%s/saml/idp" % BASE, + "entityid": f"{BASE}/saml/idp", "name": "Rolands IdP", "service": { "aa": { - "endpoints": { - "attribute_service": [ - ("%s/aap" % BASE, BINDING_HTTP_POST), - ("%s/aas" % BASE, BINDING_SOAP) - ] - }, + "endpoints": {"attribute_service": [(f"{BASE}/aap", BINDING_HTTP_POST), (f"{BASE}/aas", BINDING_SOAP)]}, }, "aq": { - "endpoints": { - "authn_query_service": [ - ("%s/aqs" % BASE, BINDING_SOAP) - ] - }, + "endpoints": {"authn_query_service": [(f"{BASE}/aqs", BINDING_SOAP)]}, }, "idp": { "endpoints": { "single_sign_on_service": [ - ("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/sso/post" % BASE, BINDING_HTTP_POST), - ("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT), - ("%s/sso/paos" % BASE, BINDING_SOAP) + (f"{BASE}/sso/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/sso/post", BINDING_HTTP_POST), + (f"{BASE}/sso/art", BINDING_HTTP_ARTIFACT), + (f"{BASE}/sso/paos", BINDING_SOAP), ], "single_logout_service": [ - ("%s/slo/soap" % BASE, BINDING_SOAP), - ("%s/slo/post" % BASE, BINDING_HTTP_POST) - ], - "artifact_resolution_service": [ - ("%s/ars" % BASE, BINDING_SOAP) - ], - "assertion_id_request_service": [ - ("%s/airs" % BASE, BINDING_URI) - ], - "authn_query_service": [ - ("%s/aqs" % BASE, BINDING_SOAP) + (f"{BASE}/slo/soap", BINDING_SOAP), + (f"{BASE}/slo/post", BINDING_HTTP_POST), ], + "artifact_resolution_service": [(f"{BASE}/ars", BINDING_SOAP)], + "assertion_id_request_service": [(f"{BASE}/airs", BINDING_URI)], + "authn_query_service": [(f"{BASE}/aqs", BINDING_SOAP)], "manage_name_id_service": [ - ("%s/mni/soap" % BASE, BINDING_SOAP), - ("%s/mni/post" % BASE, BINDING_HTTP_POST), - ("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT) + (f"{BASE}/mni/soap", BINDING_SOAP), + (f"{BASE}/mni/post", BINDING_HTTP_POST), + (f"{BASE}/mni/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/mni/art", BINDING_HTTP_ARTIFACT), ], "name_id_mapping_service": [ - ("%s/nim/soap" % BASE, BINDING_SOAP), - ("%s/nim/post" % BASE, BINDING_HTTP_POST), - ("%s/nim/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/nim/art" % BASE, BINDING_HTTP_ARTIFACT) - ] + (f"{BASE}/nim/soap", BINDING_SOAP), + (f"{BASE}/nim/post", BINDING_HTTP_POST), + (f"{BASE}/nim/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/nim/art", BINDING_HTTP_ARTIFACT), + ], }, "policy": { "default": { @@ -77,22 +63,23 @@ # "givenName": None, # "surName": None, # } - } + }, }, "subject_data": ("mongodb", "subject"), - "session_storage": ("mongodb", "session") + "session_storage": ("mongodb", "session"), }, }, "debug": 1, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), - #"xmlsec_binary": None, + # "xmlsec_binary": None, "xmlsec_path": ["/opt/local/bin", "usr/local/bin"], - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("servera.xml"), ), - (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("servera.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", @@ -101,11 +88,10 @@ }, "contact_person": [ { - "given_name":"John", + "given_name": "John", "sur_name": "Smith", "email_address": ["john.smith@example.com"], "contact_type": "technical", }, ], } - diff --git a/tests/idp_conf_mdb2.py b/tests/idp_conf_mdb2.py index ede0d5db4..3a4b9e7dc 100644 --- a/tests/idp_conf_mdb2.py +++ b/tests/idp_conf_mdb2.py @@ -1,68 +1,54 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -from saml2 import BINDING_SOAP, BINDING_URI -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST +from pathutils import full_path + from saml2 import BINDING_HTTP_ARTIFACT -from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import BINDING_URI from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path BASE = "http://localhost:8089" CONFIG = { - "entityid": "%s/saml/idp2" % BASE, + "entityid": f"{BASE}/saml/idp2", "name": "Rolands 2nd IdP", "service": { "aa": { - "endpoints": { - "attribute_service": [ - ("%s/aap" % BASE, BINDING_HTTP_POST), - ("%s/aas" % BASE, BINDING_SOAP) - ] - }, + "endpoints": {"attribute_service": [(f"{BASE}/aap", BINDING_HTTP_POST), (f"{BASE}/aas", BINDING_SOAP)]}, }, "aq": { - "endpoints": { - "authn_query_service": [ - ("%s/aqs" % BASE, BINDING_SOAP) - ] - }, + "endpoints": {"authn_query_service": [(f"{BASE}/aqs", BINDING_SOAP)]}, }, "idp": { "endpoints": { "single_sign_on_service": [ - ("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/sso/post" % BASE, BINDING_HTTP_POST), - ("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT), - ("%s/sso/paos" % BASE, BINDING_SOAP) + (f"{BASE}/sso/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/sso/post", BINDING_HTTP_POST), + (f"{BASE}/sso/art", BINDING_HTTP_ARTIFACT), + (f"{BASE}/sso/paos", BINDING_SOAP), ], "single_logout_service": [ - ("%s/slo/soap" % BASE, BINDING_SOAP), - ("%s/slo/post" % BASE, BINDING_HTTP_POST) - ], - "artifact_resolution_service": [ - ("%s/ars" % BASE, BINDING_SOAP) - ], - "assertion_id_request_service": [ - ("%s/airs" % BASE, BINDING_URI) - ], - "authn_query_service": [ - ("%s/aqs" % BASE, BINDING_SOAP) + (f"{BASE}/slo/soap", BINDING_SOAP), + (f"{BASE}/slo/post", BINDING_HTTP_POST), ], + "artifact_resolution_service": [(f"{BASE}/ars", BINDING_SOAP)], + "assertion_id_request_service": [(f"{BASE}/airs", BINDING_URI)], + "authn_query_service": [(f"{BASE}/aqs", BINDING_SOAP)], "manage_name_id_service": [ - ("%s/mni/soap" % BASE, BINDING_SOAP), - ("%s/mni/post" % BASE, BINDING_HTTP_POST), - ("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT) + (f"{BASE}/mni/soap", BINDING_SOAP), + (f"{BASE}/mni/post", BINDING_HTTP_POST), + (f"{BASE}/mni/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/mni/art", BINDING_HTTP_ARTIFACT), ], "name_id_mapping_service": [ - ("%s/nim/soap" % BASE, BINDING_SOAP), - ("%s/nim/post" % BASE, BINDING_HTTP_POST), - ("%s/nim/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/nim/art" % BASE, BINDING_HTTP_ARTIFACT) - ] + (f"{BASE}/nim/soap", BINDING_SOAP), + (f"{BASE}/nim/post", BINDING_HTTP_POST), + (f"{BASE}/nim/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/nim/art", BINDING_HTTP_ARTIFACT), + ], }, "policy": { "default": { @@ -77,10 +63,10 @@ # "givenName": None, # "surName": None, # } - } + }, }, "subject_data": ("mongodb", "subject"), - "session_storage": ("mongodb", "session") + "session_storage": ("mongodb", "session"), }, }, "debug": 1, @@ -88,8 +74,7 @@ "cert_file": full_path("test.pem"), "xmlsec_binary": None, "metadata": { - "local": [full_path("servera.xml"), - full_path("vo_metadata.xml")], + "local": [full_path("servera.xml"), full_path("vo_metadata.xml")], }, "attribute_map_dir": full_path("attributemaps"), "organization": { @@ -99,11 +84,10 @@ }, "contact_person": [ { - "given_name":"John", + "given_name": "John", "sur_name": "Smith", "email_address": ["john.smith@example.com"], "contact_type": "technical", }, ], } - diff --git a/tests/idp_conf_sp_no_encrypt.py b/tests/idp_conf_sp_no_encrypt.py index c9b5ad008..b47e4efef 100644 --- a/tests/idp_conf_sp_no_encrypt.py +++ b/tests/idp_conf_sp_no_encrypt.py @@ -1,11 +1,12 @@ -from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT +from pathutils import full_path +from pathutils import xmlsec_path + from saml2 import BINDING_HTTP_POST -from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path -from pathutils import xmlsec_path BASE = "http://localhost:8088" @@ -15,11 +16,8 @@ "service": { "idp": { "endpoints": { - "single_sign_on_service": [ - ("%s/sso" % BASE, BINDING_HTTP_REDIRECT)], - "single_logout_service": [ - ("%s/slo" % BASE, BINDING_SOAP), - ("%s/slop" % BASE, BINDING_HTTP_POST)] + "single_sign_on_service": [(f"{BASE}/sso", BINDING_HTTP_REDIRECT)], + "single_logout_service": [(f"{BASE}/slo", BINDING_SOAP), (f"{BASE}/slop", BINDING_HTTP_POST)], }, "policy": { "default": { @@ -34,21 +32,22 @@ # "givenName": None, # "surName": None, # } - } + }, }, - #"domain": "umu.se", - #"name_qualifier": "" + # "domain": "umu.se", + # "name_qualifier": "" }, }, "debug": 1, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), "xmlsec_binary": xmlsec_path, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata_sp_1_no_encryption.xml"), ), - (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata_sp_1_no_encryption.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", diff --git a/tests/idp_conf_verify_cert.py b/tests/idp_conf_verify_cert.py index 9333d62d3..e6c522993 100644 --- a/tests/idp_conf_verify_cert.py +++ b/tests/idp_conf_verify_cert.py @@ -1,21 +1,24 @@ -from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT +from pathutils import full_path +from pathutils import xmlsec_path + from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP from saml2.cert import OpenSSLWrapper -from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path -from pathutils import xmlsec_path BASE = "http://localhost:8088" + def verify_encrypt_cert(cert_str): osw = OpenSSLWrapper() ca_cert_str = osw.read_str_from_file(full_path("root_cert/localhost.ca.crt")) valid, mess = osw.verify(ca_cert_str, cert_str) return valid + CONFIG = { "entityid": "urn:mace:example.com:saml:roland:idp", "name": "Rolands IdP", @@ -24,11 +27,8 @@ def verify_encrypt_cert(cert_str): "verify_encrypt_cert_advice": verify_encrypt_cert, "verify_encrypt_cert_assertion": verify_encrypt_cert, "endpoints": { - "single_sign_on_service": [ - ("%s/sso" % BASE, BINDING_HTTP_REDIRECT)], - "single_logout_service": [ - ("%s/slo" % BASE, BINDING_SOAP), - ("%s/slop" % BASE, BINDING_HTTP_POST)] + "single_sign_on_service": [(f"{BASE}/sso", BINDING_HTTP_REDIRECT)], + "single_logout_service": [(f"{BASE}/slo", BINDING_SOAP), (f"{BASE}/slop", BINDING_HTTP_POST)], }, "policy": { "default": { @@ -43,21 +43,22 @@ def verify_encrypt_cert(cert_str): # "givenName": None, # "surName": None, # } - } + }, }, - #"domain": "umu.se", - #"name_qualifier": "" + # "domain": "umu.se", + # "name_qualifier": "" }, }, "debug": 1, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), "xmlsec_binary": xmlsec_path, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata_sp_1.xml"), ), - (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata_sp_1.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", diff --git a/tests/idp_example.xml b/tests/idp_example.xml index dd7bc86f8..38bdd1f7d 100644 --- a/tests/idp_example.xml +++ b/tests/idp_example.xml @@ -3,8 +3,7 @@ xmlns:ns1="http://www.w3.org/2000/09/xmldsig#" entityID="http://localhost:8088/idp.xml" validUntil="2036-04-12T06:06:13Z"> - diff --git a/tests/idp_slo_redirect_conf.py b/tests/idp_slo_redirect_conf.py index 8e5c48a83..21d2ce1ce 100644 --- a/tests/idp_slo_redirect_conf.py +++ b/tests/idp_slo_redirect_conf.py @@ -1,53 +1,55 @@ +from pathutils import full_path + from saml2 import BINDING_HTTP_REDIRECT -from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path CONFIG = { - "entityid" : "urn:mace:example.com:saml:roland:idp", - "name" : "Rolands IdP", + "entityid": "urn:mace:example.com:saml:roland:idp", + "name": "Rolands IdP", "service": { "idp": { - "endpoints" : { - "single_sign_on_service" : [ - ("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)], - "single_logout_service": [ - ("http://localhost:8088/slo", BINDING_HTTP_REDIRECT)] + "endpoints": { + "single_sign_on_service": [("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)], + "single_logout_service": [("http://localhost:8088/slo", BINDING_HTTP_REDIRECT)], }, "policy": { "default": { - "lifetime": {"minutes":15}, - "attribute_restrictions": None, # means all I have - "name_form": NAME_FORMAT_URI + "lifetime": {"minutes": 15}, + "attribute_restrictions": None, # means all I have + "name_form": NAME_FORMAT_URI, }, "urn:mace:example.com:saml:roland:sp": { "lifetime": {"minutes": 5}, "nameid_format": NAMEID_FORMAT_PERSISTENT, - } + }, }, "subject_data": full_path("subject_data.db"), } }, - "debug" : 1, - "key_file" : full_path("test.key"), - "cert_file" : full_path("test.pem"), - "xmlsec_binary" : None, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("sp_slo_redirect.xml"), )], - }], - "attribute_map_dir" : full_path("attributemaps"), + "debug": 1, + "key_file": full_path("test.key"), + "cert_file": full_path("test.pem"), + "xmlsec_binary": None, + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("sp_slo_redirect.xml"),)], + } + ], + "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", - "display_name": [("Exempel AB","se"),("Example Co.","en")], - "url":"http://www.example.com/roland", + "display_name": [("Exempel AB", "se"), ("Example Co.", "en")], + "url": "http://www.example.com/roland", }, - "contact_person": [{ - "given_name":"John", - "sur_name": "Smith", - "email_address": ["john.smith@example.com"], - "contact_type": "technical", + "contact_person": [ + { + "given_name": "John", + "sur_name": "Smith", + "email_address": ["john.smith@example.com"], + "contact_type": "technical", }, ], } diff --git a/tests/idp_soap_conf.py b/tests/idp_soap_conf.py index e65c1b813..71abd9499 100644 --- a/tests/idp_soap_conf.py +++ b/tests/idp_soap_conf.py @@ -1,24 +1,24 @@ -from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT -from saml2.saml import NAMEID_FORMAT_PERSISTENT +from pathutils import full_path + +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT -from pathutils import full_path -CONFIG={ - "entityid" : "urn:mace:example.com:saml:roland:idp", - "name" : "Rolands IdP", +CONFIG = { + "entityid": "urn:mace:example.com:saml:roland:idp", + "name": "Rolands IdP", "service": { "idp": { - "endpoints" : { - "single_sign_on_service" : [ - ("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)], - "single_logout_service": [ - ("http://localhost:8088/slo", BINDING_SOAP)] + "endpoints": { + "single_sign_on_service": [("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)], + "single_logout_service": [("http://localhost:8088/slo", BINDING_SOAP)], }, "policy": { "default": { - "lifetime": {"minutes":15}, - "attribute_restrictions": None, # means all I have + "lifetime": {"minutes": 15}, + "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI, }, "urn:mace:example.com:saml:roland:sp": { @@ -28,30 +28,33 @@ # "givenName": None, # "surName": None, # } - } + }, }, "subject_data": full_path("subject_data.db"), } }, - "debug" : 1, - "key_file" : full_path("test.key"), - "cert_file" : full_path("test.pem"), - #"xmlsec_binary" : None, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata.xml"), ), (full_path("vo_metadata.xml"), )], - }], - "attribute_map_dir" : full_path("attributemaps"), + "debug": 1, + "key_file": full_path("test.key"), + "cert_file": full_path("test.pem"), + # "xmlsec_binary" : None, + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata.xml"),), (full_path("vo_metadata.xml"),)], + } + ], + "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", - "display_name": [("Exempel AB","se"),("Example Co.","en")], - "url":"http://www.example.com/roland", + "display_name": [("Exempel AB", "se"), ("Example Co.", "en")], + "url": "http://www.example.com/roland", }, - "contact_person": [{ - "given_name":"John", - "sur_name": "Smith", - "email_address": ["john.smith@example.com"], - "contact_type": "technical", + "contact_person": [ + { + "given_name": "John", + "sur_name": "Smith", + "email_address": ["john.smith@example.com"], + "contact_type": "technical", }, ], } diff --git a/tests/idp_sp_conf.py b/tests/idp_sp_conf.py index c686cffe8..32aecfa28 100644 --- a/tests/idp_sp_conf.py +++ b/tests/idp_sp_conf.py @@ -1,29 +1,30 @@ -__author__ = 'rolandh' +__author__ = "rolandh" -from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST -from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_PERSISTENT + BASE = "http://localhost:8088/" from pathutils import full_path + CONFIG = { - "entityid" : "urn:mace:example.com:saml:roland:idp", - "name" : "Rolands IdP", + "entityid": "urn:mace:example.com:saml:roland:idp", + "name": "Rolands IdP", "service": { "idp": { - "endpoints" : { - "single_sign_on_service" : [ - (BASE+"sso", BINDING_HTTP_REDIRECT)], - "single_logout_service": [ - (BASE+"slo", BINDING_SOAP), - (BASE+"slop",BINDING_HTTP_POST)] + "endpoints": { + "single_sign_on_service": [(f"{BASE}sso", BINDING_HTTP_REDIRECT)], + "single_logout_service": [(f"{BASE}slo", BINDING_SOAP), (f"{BASE}slop", BINDING_HTTP_POST)], }, "policy": { "default": { - "lifetime": {"minutes":15}, - "attribute_restrictions": None, # means all I have + "lifetime": {"minutes": 15}, + "attribute_restrictions": None, # means all I have "name_form": NAME_FORMAT_URI, }, "urn:mace:example.com:saml:roland:sp": { @@ -33,38 +34,40 @@ # "givenName": None, # "surName": None, # } - } + }, }, "subject_data": full_path("subject_data.db"), }, "sp": { - "endpoints":{ - "assertion_consumer_service": [(BASE, BINDING_HTTP_REDIRECT) - ], + "endpoints": { + "assertion_consumer_service": [(BASE, BINDING_HTTP_REDIRECT)], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], - } + }, }, - "debug" : 1, - "key_file" : full_path("test.key"), - "cert_file" : full_path("test.pem"), - "xmlsec_binary" : None, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata.xml"), ), (full_path("vo_metadata.xml"), )], - }], - "attribute_map_dir" : full_path("attributemaps"), + "debug": 1, + "key_file": full_path("test.key"), + "cert_file": full_path("test.pem"), + "xmlsec_binary": None, + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata.xml"),), (full_path("vo_metadata.xml"),)], + } + ], + "attribute_map_dir": full_path("attributemaps"), "organization": { "name": "Exempel AB", - "display_name": [("Exempel AB","se"),("Example Co.","en")], - "url":"http://www.example.com/roland", + "display_name": [("Exempel AB", "se"), ("Example Co.", "en")], + "url": "http://www.example.com/roland", }, - "contact_person": [{ - "given_name":"John", - "sur_name": "Smith", - "email_address": ["john.smith@example.com"], - "contact_type": "technical", + "contact_person": [ + { + "given_name": "John", + "sur_name": "Smith", + "email_address": ["john.smith@example.com"], + "contact_type": "technical", }, ], } diff --git a/tests/idp_test/target_idp.py b/tests/idp_test/target_idp.py index 4b954ec58..bafb538d6 100755 --- a/tests/idp_test/target_idp.py +++ b/tests/idp_test/target_idp.py @@ -1,102 +1,76 @@ #!/usr/bin/env python from saml2.saml import NAME_FORMAT_URI -__author__ = 'rolandh' + +__author__ = "rolandh" import json + from saml2 import xmldsig as ds -from saml2.saml import NAME_FORMAT_UNSPECIFIED, NAME_FORMAT_URI, NAME_FORMAT_BASIC +from saml2.saml import NAME_FORMAT_URI + BASE = "http://localhost:8088" metadata = open("./idp/idp.xml").read() info = { - "entity_id": "%s/idp.xml" % BASE, + "entity_id": f"{BASE}/idp.xml", "interaction": [ { - "matches": { - "url": "%s/sso/redirect" % BASE, - "title": 'IDP test login' - }, + "matches": {"url": f"{BASE}/sso/redirect", "title": "IDP test login"}, "page-type": "login", - "control": { - "type": "form", - "set": {"login": "roland", "password": "dianakra"} - } + "control": {"type": "form", "set": {"login": "roland", "password": "dianakra"}}, }, { - "matches": { - "url": "%s/sso/post" % BASE, - "title": 'IDP test login' - }, + "matches": {"url": f"{BASE}/sso/post", "title": "IDP test login"}, "page-type": "login", - "control": { - "type": "form", - "set": {"login": "roland", "password": "dianakra"} - } + "control": {"type": "form", "set": {"login": "roland", "password": "dianakra"}}, }, { - "matches": { - "url": "%s/sso/redirect" % BASE, - "title": "SAML 2.0 POST" - }, + "matches": {"url": f"{BASE}/sso/redirect", "title": "SAML 2.0 POST"}, "page-type": "other", "control": { "index": 0, "type": "form", - } + }, }, { - "matches": { - "url": "%s/sso/post" % BASE, - "title": "SAML 2.0 POST" - }, + "matches": {"url": f"{BASE}/sso/post", "title": "SAML 2.0 POST"}, "page-type": "other", - "control": { - "index": 0, - "type": "form", - "set": {} - } + "control": {"index": 0, "type": "form", "set": {}}, }, { - "matches": { - "url": "%s/slo/post" % BASE, - "title": "SAML 2.0 POST" - }, + "matches": {"url": f"{BASE}/slo/post", "title": "SAML 2.0 POST"}, "page-type": "other", - "control": { - "index": 0, - "type": "form", - "set": {} - } - } + "control": {"index": 0, "type": "form", "set": {}}, + }, ], # metadata source for the test target's EntityDescriptor: "metadata": metadata, "constraints": { # test if attribute name format matches the given value. Absence of this # option or the value NAME_FORMAT_UNSPECIFIED will match any format - #"name_format": NAME_FORMAT_BASIC, - #"name_format": NAME_FORMAT_UNSPECIFIED, + # "name_format": NAME_FORMAT_BASIC, + # "name_format": NAME_FORMAT_UNSPECIFIED, "name_format": NAME_FORMAT_URI, # allowed for assertion & response: "signature_algorithm": [ - #ds.SIG_RSA_SHA1, # you may need this for legacy deployments + # ds.SIG_RSA_SHA1, # you may need this for legacy deployments ds.SIG_RSA_SHA224, ds.SIG_RSA_SHA256, ds.SIG_RSA_SHA384, ds.SIG_RSA_SHA512, ], "digest_algorithm": [ - #ds.DIGEST_SHA1, # you may need this for legacy deployments + # ds.DIGEST_SHA1, # you may need this for legacy deployments ds.DIGEST_SHA224, ds.DIGEST_SHA256, ds.DIGEST_SHA384, ds.DIGEST_SHA512, ds.DIGEST_RIPEMD160, ], - } + }, } -print(json.dumps(info)) \ No newline at end of file +print(json.dumps(info)) diff --git a/tests/invalid_metadata_file.xml b/tests/invalid_metadata_file.xml index 249c87ce6..5e65d5f58 100644 --- a/tests/invalid_metadata_file.xml +++ b/tests/invalid_metadata_file.xml @@ -1 +1 @@ -this content is invalid +this content is invalid for a metadata file diff --git a/tests/localhost.py b/tests/localhost.py old mode 100755 new mode 100644 index ec4f466c3..762bd5b3f --- a/tests/localhost.py +++ b/tests/localhost.py @@ -1,67 +1,42 @@ #!/usr/bin/env python from saml2.saml import NAME_FORMAT_URI -__author__ = 'rolandh' + +__author__ = "rolandh" import json + BASE = "http://localhost:8088" metadata = open("idp_test/idp.xml").read() info = { - "entity_id": "%s/idp.xml" % BASE, + "entity_id": f"{BASE}/idp.xml", "interaction": [ { - "matches": { - "url": "%s/login" % BASE, - "title": 'IDP test login' - }, + "matches": {"url": f"{BASE}/login", "title": "IDP test login"}, "page-type": "login", - "control": { - "type": "form", - "set": {"login": "roland", "password": "dianakra"} - } + "control": {"type": "form", "set": {"login": "roland", "password": "dianakra"}}, }, { - "matches": { - "url": "%s/sso/redirect" % BASE, - "title": "SAML 2.0 POST" - }, + "matches": {"url": f"{BASE}/sso/redirect", "title": "SAML 2.0 POST"}, "page-type": "other", - "control": { - "index": 0, - "type": "form", - "set": {} - } + "control": {"index": 0, "type": "form", "set": {}}, }, { - "matches": { - "url": "%s/sso/post" % BASE, - "title": "SAML 2.0 POST" - }, + "matches": {"url": f"{BASE}/sso/post", "title": "SAML 2.0 POST"}, "page-type": "other", - "control": { - "index": 0, - "type": "form", - "set": {} - } + "control": {"index": 0, "type": "form", "set": {}}, }, { - "matches": { - "url": "%s/slo/post" % BASE, - "title": "SAML 2.0 POST" - }, + "matches": {"url": f"{BASE}/slo/post", "title": "SAML 2.0 POST"}, "page-type": "other", - "control": { - "index": 0, - "type": "form", - "set": {} - } - } + "control": {"index": 0, "type": "form", "set": {}}, + }, ], "metadata": metadata, - "name_format": NAME_FORMAT_URI + "name_format": NAME_FORMAT_URI, } print(json.dumps(info)) diff --git a/tests/malformed.crt b/tests/malformed.crt new file mode 100644 index 000000000..fb4098ba0 --- /dev/null +++ b/tests/malformed.crt @@ -0,0 +1,12 @@ +-----BEGIN CERTIFICATE----- +MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV +BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF +Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx +OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6 +MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjW0kJM+4baWKtvO24ZsGXNvNK +KkwTMz7OW5Z6BRqhSOq2WA0c5NCpMk6rD8Z2OTFEolPojEjf8dVyd/Ds/hrjFKQv +8wQgbdXLN51YTIsgd6h+hBJO+vzhl0PT4aT7M0JKo5ALtS6qk4tsworW2BnwyvsG +SAinwfeWt4t/b1J3kwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFtj7WArQQBugmh/ +KQjjlfTQ5A052QeXfgTyO9vv1S6MRIi7qgiaEv49cGXnJv/TWbySkMKObPMUApjg +6z8PqcxuShew5FCTkNvwhABFPiyu0fUj3e2FEPHfsBu76jz4ugtmhUqjqhzwFY9c +tnWRkkl6J0AjM3LnHOSgjNIclDZG diff --git a/tests/md_data.py b/tests/md_data.py index 1a18ce6d3..f058d9161 100644 --- a/tests/md_data.py +++ b/tests/md_data.py @@ -3,7 +3,7 @@ """Test data for md""" -__author__ = 'tmatsuo@example.com (Takashi MATSUO)' +__author__ = "tmatsuo@example.com (Takashi MATSUO)" TEST_ENDPOINT = """ - - @@ -34,11 +34,9 @@ Location="http://localhost:8087/" index="0"/> - http://www.example.com/ - Example Co - Example Co - + Example Co + http://www.example.com/ Roland @@ -47,7 +45,7 @@ - @@ -78,11 +76,9 @@ Location="http://localhost:8088/sso/"/> - http://www.example.com/ - Example Co - Example Co - + Example Co + http://www.example.com/ Roland diff --git a/tests/metasp.xml b/tests/metasp.xml index b1756d59a..00625ba7b 100644 --- a/tests/metasp.xml +++ b/tests/metasp.xml @@ -1,7 +1,7 @@ - + - + diff --git a/tests/myentitycategory.py b/tests/myentitycategory.py index 9ec55bf9d..707bcb73b 100644 --- a/tests/myentitycategory.py +++ b/tests/myentitycategory.py @@ -1,12 +1,13 @@ -CUSTOM_R_AND_S = ['eduPersonTargetedID', - 'eduPersonPrincipalName', - 'mail', - 'displayName', - 'givenName', - 'sn', - 'eduPersonScopedAffiliation', - 'eduPersonUniqueId' - ] +CUSTOM_R_AND_S = [ + "eduPersonTargetedID", + "eduPersonPrincipalName", + "mail", + "displayName", + "givenName", + "sn", + "eduPersonScopedAffiliation", + "eduPersonUniqueId", +] RESEARCH_AND_SCHOLARSHIP = "http://refeds.org/category/research-and-scholarship" diff --git a/tests/otest_61_makemeta.py b/tests/otest_61_makemeta.py index ba6fb0dc1..22a117763 100644 --- a/tests/otest_61_makemeta.py +++ b/tests/otest_61_makemeta.py @@ -1,74 +1,70 @@ import saml2 -from saml2 import mdstore -from saml2 import md from saml2 import BINDING_HTTP_POST from saml2 import extension_elements_to_elements - -from saml2.extension import shibmd -from saml2.extension import mdui -from saml2.extension import idpdisc - +from saml2 import md from saml2.attribute_converter import ac_factory +from saml2.config import IdPConfig +from saml2.config import SPConfig +from saml2.extension import idpdisc +from saml2.extension import mdui +from saml2.extension import shibmd from saml2.saml import NAME_FORMAT_URI -from saml2.config import SPConfig, IdPConfig -def _eq(l1,l2): + +def _eq(l1, l2): return set(l1) == set(l2) + SP = { - "name" : "Rolands SP", + "name": "Rolands SP", "description": "One of the best SPs in business", "service": { "sp": { "endpoints": { - "single_logout_service" : ["http://localhost:8087/logout"], - "assertion_consumer_service" : [{"location":"http://localhost:8087/", - "binding":BINDING_HTTP_POST},] + "single_logout_service": ["http://localhost:8087/logout"], + "assertion_consumer_service": [ + {"location": "http://localhost:8087/", "binding": BINDING_HTTP_POST}, + ], }, "required_attributes": ["sn", "givenName", "mail"], "optional_attributes": ["title"], "idp": { - "" : "https://example.com/saml2/idp/SSOService.php", + "": "https://example.com/saml2/idp/SSOService.php", }, } }, "metadata": { "local": ["foo.xml"], }, - "attribute_map_dir" : "attributemaps", + "attribute_map_dir": "attributemaps", } IDP = { - "name" : "Rolands IdP", + "name": "Rolands IdP", "service": { "idp": { "endpoints": { - "single_sign_on_service" : ["http://localhost:8088/sso"], + "single_sign_on_service": ["http://localhost:8088/sso"], }, "policy": { "default": { - "lifetime": {"minutes":15}, - "attribute_restrictions": None, # means all I have + "lifetime": {"minutes": 15}, + "attribute_restrictions": None, # means all I have "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", }, "urn:mace:example.com:saml:roland:sp": { "lifetime": {"minutes": 5}, "nameid_format": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", - } + }, }, "scope": ["example.org"], "ui_info": { - "privacy_statement_url": - "http://example.com/saml2/privacyStatement.html", + "privacy_statement_url": "http://example.com/saml2/privacyStatement.html", "information_url": "http://example.com/saml2/info.html", - "logo": { - "height": "40", - "width" : "30", - "text": "http://example.com/logo.jpg" - }, + "logo": {"height": "40", "width": "30", "text": "http://example.com/logo.jpg"}, "display_name": "Example Co.", - "description" : {"text":"Exempel bolag","lang":"se"}, - "keywords": {"lang":"en", "text":["foo", "bar"]} + "description": {"text": "Exempel bolag", "lang": "se"}, + "keywords": {"lang": "en", "text": ["foo", "bar"]}, }, } }, @@ -77,58 +73,70 @@ def _eq(l1,l2): }, } + def test_org_1(): desc = { - "name": [("Example Company","en"), ("Exempel AB","se"), "Example",], + "name": [ + ("Example Company", "en"), + ("Exempel AB", "se"), + "Example", + ], "display_name": ["Example AS", ("Voorbeeld AZ", "")], - "url": [("http://example.com","en")], + "url": [("http://example.com", "en")], } org = metadata.do_organization_info(desc) print(org) assert isinstance(org, md.Organization) print(org.keyswv()) - assert _eq(org.keyswv(), ['organization_name', - 'organization_display_name','organization_url']) + assert _eq(org.keyswv(), ["organization_name", "organization_display_name", "organization_url"]) assert len(org.organization_name) == 3 assert len(org.organization_display_name) == 2 assert len(org.organization_url) == 1 + def test_org_2(): desc = { - "name": [("Example Company","en"), ("Exempel AB","se"), "Example",], + "name": [ + ("Example Company", "en"), + ("Exempel AB", "se"), + "Example", + ], "display_name": "Example AS", - "url": ("http://example.com","en"), + "url": ("http://example.com", "en"), } org = metadata.do_organization_info(desc) print(org) - assert _eq(org.keyswv(), ['organization_name', - 'organization_display_name','organization_url']) + assert _eq(org.keyswv(), ["organization_name", "organization_display_name", "organization_url"]) assert len(org.organization_name) == 3 assert len(org.organization_display_name) == 1 - assert org.organization_display_name[0].text == 'Example AS' + assert org.organization_display_name[0].text == "Example AS" assert len(org.organization_url) == 1 assert isinstance(org.organization_url[0], md.OrganizationURL) assert org.organization_url[0].lang == "en" - assert org.organization_url[0].text == 'http://example.com' + assert org.organization_url[0].text == "http://example.com" + def test_org_3(): - desc = { "display_name": ["Rolands SAML"] } + desc = {"display_name": ["Rolands SAML"]} org = metadata.do_organization_info(desc) - assert _eq(org.keyswv(), ['organization_display_name']) + assert _eq(org.keyswv(), ["organization_display_name"]) assert len(org.organization_display_name) == 1 + def test_contact_0(): - conf = [{ - "given_name":"Roland", - "sur_name": "Hedberg", - "telephone_number": "+46 70 100 00 00", - "email_address": ["foo@eample.com", "foo@example.org"], - "contact_type": "technical" - }] + conf = [ + { + "given_name": "Roland", + "sur_name": "Hedberg", + "telephone_number": "+46 70 100 00 00", + "email_address": ["foo@eample.com", "foo@example.org"], + "contact_type": "technical", + } + ] contact_person = metadata.do_contact_person_info(conf) - assert _eq(contact_person[0].keyswv(), ['given_name', 'sur_name', - 'contact_type', 'telephone_number', - "email_address"]) + assert _eq( + contact_person[0].keyswv(), ["given_name", "sur_name", "contact_type", "telephone_number", "email_address"] + ) print(contact_person[0]) person = contact_person[0] assert person.contact_type == "technical" @@ -142,12 +150,11 @@ def test_contact_0(): assert isinstance(person.email_address[0], md.EmailAddress) assert person.email_address[0].text == "foo@eample.com" + def test_do_endpoints(): - eps = metadata.do_endpoints(SP["service"]["sp"]["endpoints"], - metadata.ENDPOINTS["sp"]) + eps = metadata.do_endpoints(SP["service"]["sp"]["endpoints"], metadata.ENDPOINTS["sp"]) print(eps) - assert _eq(eps.keys(), ["assertion_consumer_service", - "single_logout_service"]) + assert _eq(eps.keys(), ["assertion_consumer_service", "single_logout_service"]) assert len(eps["single_logout_service"]) == 1 sls = eps["single_logout_service"][0] @@ -162,55 +169,61 @@ def test_do_endpoints(): assert "artifact_resolution_service" not in eps assert "manage_name_id_service" not in eps + def test_required_attributes(): attrconverters = ac_factory("../tests/attributemaps") ras = metadata.do_requested_attribute( - SP["service"]["sp"]["required_attributes"], - attrconverters, is_required="true") + SP["service"]["sp"]["required_attributes"], attrconverters, is_required="true" + ) assert len(ras) == len(SP["service"]["sp"]["required_attributes"]) print(ras[0]) - assert ras[0].name == 'urn:oid:2.5.4.4' + assert ras[0].name == "urn:oid:2.5.4.4" assert ras[0].name_format == NAME_FORMAT_URI assert ras[0].is_required == "true" + def test_optional_attributes(): attrconverters = ac_factory("../tests/attributemaps") - ras = metadata.do_requested_attribute( - SP["service"]["sp"]["optional_attributes"], - attrconverters) + ras = metadata.do_requested_attribute(SP["service"]["sp"]["optional_attributes"], attrconverters) assert len(ras) == len(SP["service"]["sp"]["optional_attributes"]) print(ras[0]) - assert ras[0].name == 'urn:oid:2.5.4.12' + assert ras[0].name == "urn:oid:2.5.4.12" assert ras[0].name_format == NAME_FORMAT_URI assert ras[0].is_required == "false" + def test_do_sp_sso_descriptor(): conf = SPConfig().load(SP) spsso = metadata.do_spsso_descriptor(conf) assert isinstance(spsso, md.SPSSODescriptor) - assert _eq(spsso.keyswv(), ['authn_requests_signed', - 'attribute_consuming_service', - 'single_logout_service', - 'protocol_support_enumeration', - 'assertion_consumer_service', - 'want_assertions_signed']) + assert _eq( + spsso.keyswv(), + [ + "authn_requests_signed", + "attribute_consuming_service", + "single_logout_service", + "protocol_support_enumeration", + "assertion_consumer_service", + "want_assertions_signed", + ], + ) assert spsso.authn_requests_signed == "false" assert spsso.want_assertions_signed == "true" - assert len (spsso.attribute_consuming_service) == 1 + assert len(spsso.attribute_consuming_service) == 1 acs = spsso.attribute_consuming_service[0] print(acs.keyswv()) - assert _eq(acs.keyswv(), ['requested_attribute', 'service_name', - 'service_description', 'index']) + assert _eq(acs.keyswv(), ["requested_attribute", "service_name", "service_description", "index"]) assert acs.service_name[0].text == SP["name"] assert acs.service_description[0].text == SP["description"] assert len(acs.requested_attribute) == 4 assert acs.requested_attribute[0].friendly_name == "sn" - assert acs.requested_attribute[0].name == 'urn:oid:2.5.4.4' + assert acs.requested_attribute[0].name == "urn:oid:2.5.4.4" assert acs.requested_attribute[0].name_format == NAME_FORMAT_URI assert acs.requested_attribute[0].is_required == "true" + def test_do_sp_sso_descriptor_2(): SP["service"]["sp"]["discovery_response"] = "http://example.com/sp/ds" @@ -219,64 +232,64 @@ def test_do_sp_sso_descriptor_2(): assert isinstance(spsso, md.SPSSODescriptor) print(spsso.keyswv()) - assert _eq(spsso.keyswv(), ['authn_requests_signed', - 'attribute_consuming_service', - 'single_logout_service', - 'protocol_support_enumeration', - 'assertion_consumer_service', - 'want_assertions_signed', - 'extensions']) + assert _eq( + spsso.keyswv(), + [ + "authn_requests_signed", + "attribute_consuming_service", + "single_logout_service", + "protocol_support_enumeration", + "assertion_consumer_service", + "want_assertions_signed", + "extensions", + ], + ) exts = spsso.extensions.extension_elements assert len(exts) == 1 print(exts) - idpd = saml2.extension_element_to_element(exts[0], - idpdisc.ELEMENT_FROM_STRING, - namespace=idpdisc.NAMESPACE) + idpd = saml2.extension_element_to_element(exts[0], idpdisc.ELEMENT_FROM_STRING, namespace=idpdisc.NAMESPACE) print(idpd) assert idpd.location == "http://example.com/sp/ds" assert idpd.index == "0" assert idpd.binding == "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" + def test_entity_description(): - #confd = eval(open("../tests/server.config").read()) + # confd = eval(open("../tests/server.config").read()) confd = SPConfig().load_file("server_conf") print(confd.attribute_converters) entd = metadata.entity_descriptor(confd) assert entd is not None print(entd.keyswv()) - assert _eq(entd.keyswv(), ['valid_until', 'entity_id', 'contact_person', - 'spsso_descriptor', 'organization']) + assert _eq(entd.keyswv(), ["valid_until", "entity_id", "contact_person", "spsso_descriptor", "organization"]) print(entd) assert entd.entity_id == "urn:mace:example.com:saml:roland:sp" + def test_do_idp_sso_descriptor(): conf = IdPConfig().load(IDP) idpsso = metadata.do_idpsso_descriptor(conf) assert isinstance(idpsso, md.IDPSSODescriptor) - assert _eq(idpsso.keyswv(), ['protocol_support_enumeration', - 'single_sign_on_service', - 'want_authn_requests_signed', - "extensions"]) + assert _eq( + idpsso.keyswv(), + ["protocol_support_enumeration", "single_sign_on_service", "want_authn_requests_signed", "extensions"], + ) exts = idpsso.extensions.extension_elements assert len(exts) == 2 print(exts) - inst = saml2.extension_element_to_element(exts[0], - shibmd.ELEMENT_FROM_STRING, - namespace=shibmd.NAMESPACE) + inst = saml2.extension_element_to_element(exts[0], shibmd.ELEMENT_FROM_STRING, namespace=shibmd.NAMESPACE) assert isinstance(inst, shibmd.Scope) assert inst.text == "example.org" assert inst.regexp == "false" - uiinfo = saml2.extension_element_to_element(exts[1], - mdui.ELEMENT_FROM_STRING, - namespace=mdui.NAMESPACE) + uiinfo = saml2.extension_element_to_element(exts[1], mdui.ELEMENT_FROM_STRING, namespace=mdui.NAMESPACE) assert uiinfo - assert _eq(uiinfo.keyswv(), ['display_name', 'description', - 'information_url', 'privacy_statement_url', - 'keywords', 'logo']) + assert _eq( + uiinfo.keyswv(), ["display_name", "description", "information_url", "privacy_statement_url", "keywords", "logo"] + ) assert len(uiinfo.privacy_statement_url) == 1 assert uiinfo.privacy_statement_url[0].text == "http://example.com/saml2/privacyStatement.html" @@ -284,7 +297,7 @@ def test_do_idp_sso_descriptor(): assert uiinfo.description[0].text == "Exempel bolag" assert uiinfo.description[0].lang == "se" - res = extension_elements_to_elements(exts,[shibmd, mdui]) + res = extension_elements_to_elements(exts, [shibmd, mdui]) assert len(res) == 2 # one is a shibmd.Scope instance and the other a mdui.UIInfo instance @@ -293,11 +306,9 @@ def test_do_idp_sso_descriptor(): elif isinstance(res[1], shibmd.Scope): assert isinstance(res[0], mdui.UIInfo) - found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag, - mdui.NAMESPACE) + found = idpsso.extensions.find_extensions(mdui.UIInfo.c_tag, mdui.NAMESPACE) assert len(found) == 1 elem = idpsso.extensions.extensions_as_elements(mdui.UIInfo.c_tag, mdui) assert len(elem) == 1 assert isinstance(elem[0], mdui.UIInfo) - diff --git a/tests/pathutils.py b/tests/pathutils.py index aa919586c..1f10b0b95 100644 --- a/tests/pathutils.py +++ b/tests/pathutils.py @@ -1,5 +1,6 @@ import os.path + BASEDIR = os.path.abspath(os.path.dirname(__file__)) @@ -8,11 +9,12 @@ def full_path(local_file): def dotname(module): - if not BASEDIR.endswith('tests'): - return 'tests.' + module + if not BASEDIR.endswith("tests"): + return f"tests.{module}" else: return module + try: from saml2.sigver import get_xmlsec_binary except ImportError: @@ -21,4 +23,4 @@ def dotname(module): if get_xmlsec_binary: xmlsec_path = get_xmlsec_binary(["/opt/local/bin"]) else: - xmlsec_path = '/usr/bin/xmlsec1' + xmlsec_path = "/usr/bin/xmlsec1" diff --git a/tests/restrictive_idp_conf.py b/tests/restrictive_idp_conf.py index ca089daab..70d78bced 100644 --- a/tests/restrictive_idp_conf.py +++ b/tests/restrictive_idp_conf.py @@ -1,45 +1,45 @@ -from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP from saml2.saml import NAME_FORMAT_URI + BASE = "http://localhost:8089/" from pathutils import full_path + CONFIG = { - "entityid" : "urn:mace:example.com:saml:roland:idpr", - "name" : "Rolands restrictied IdP", + "entityid": "urn:mace:example.com:saml:roland:idpr", + "name": "Rolands restrictied IdP", "service": { "idp": { - "endpoints" : { - "single_sign_on_service" : [ - (BASE+"sso", BINDING_HTTP_REDIRECT)], - "attribute_service" : [ - (BASE+"aa", BINDING_SOAP)], + "endpoints": { + "single_sign_on_service": [(f"{BASE}sso", BINDING_HTTP_REDIRECT)], + "attribute_service": [(f"{BASE}aa", BINDING_SOAP)], }, "policy": { - "default": { - "lifetime": {"minutes":15}, - "name_form": NAME_FORMAT_URI - }, + "default": {"lifetime": {"minutes": 15}, "name_form": NAME_FORMAT_URI}, "urn:mace:example.com:saml:roland:sp": { "lifetime": {"minutes": 5}, - "attribute_restrictions":{ + "attribute_restrictions": { "givenName": None, "surName": None, "mail": [".*@example.com"], "eduPersonAffiliation": ["(employee|staff|faculty)"], - } - } + }, + }, }, "subject_data": full_path("subject_data.db"), } }, - "key_file" : full_path("test.key"), - "cert_file" : full_path("test.pem"), - "xmlsec_binary" : None, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("sp_0.metadata"), )], - }], - "attribute_map_dir" : full_path("attributemaps"), + "key_file": full_path("test.key"), + "cert_file": full_path("test.pem"), + "xmlsec_binary": None, + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("sp_0.metadata"),)], + } + ], + "attribute_map_dir": full_path("attributemaps"), } diff --git a/tests/saml2_data.py b/tests/saml2_data.py index f81f2ce5f..30d79f192 100644 --- a/tests/saml2_data.py +++ b/tests/saml2_data.py @@ -3,7 +3,7 @@ """Test data for saml2""" -__author__ = 'tmatsuo@example.com (Takashi MATSUO)' +__author__ = "tmatsuo@example.com (Takashi MATSUO)" TEST_NAME_ID = """ """ - diff --git a/tests/saml_false_signed.xml b/tests/saml_false_signed.xml index f8c4a7413..0d77ffd6a 100644 --- a/tests/saml_false_signed.xml +++ b/tests/saml_false_signed.xml @@ -64,15 +64,15 @@ OmuMZY0K6ERY4fNVnGEAoUZeieehC6/ljmfk14xCAlE= - + student - + member - + student diff --git a/tests/saml_signed.xml b/tests/saml_signed.xml index ca824c2f5..d652d261e 100644 --- a/tests/saml_signed.xml +++ b/tests/saml_signed.xml @@ -44,7 +44,7 @@ OmuMZY0K6ERY4fNVnGEAoUZeieehC6/ljmfk14xCAlE= - + _cddc88563d433f556d4cc70c3162deabddea3b5019 @@ -58,21 +58,21 @@ OmuMZY0K6ERY4fNVnGEAoUZeieehC6/ljmfk14xCAlE= - + urn:oasis:names:tc:SAML:2.0:ac:classes:Password - + student - + member - + student diff --git a/tests/saml_unsigned.xml b/tests/saml_unsigned.xml index c0213bfad..e5a849911 100644 --- a/tests/saml_unsigned.xml +++ b/tests/saml_unsigned.xml @@ -6,7 +6,7 @@ http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php - + _cddc88563d433f556d4cc70c3162deabddea3b5019 @@ -20,21 +20,21 @@ - + urn:oasis:names:tc:SAML:2.0:ac:classes:Password - + student - + member - + student diff --git a/tests/samlp_data.py b/tests/samlp_data.py index f458d15c4..65af04f0a 100644 --- a/tests/samlp_data.py +++ b/tests/samlp_data.py @@ -3,7 +3,7 @@ """Test data for saml2""" -__author__ = 'tmatsuo@example.com (Takashi MATSUO)' +__author__ = "tmatsuo@example.com (Takashi MATSUO)" TEST_STATUS_CODE = """ - http://www.swamid.se/category/sfs-1993-1153 - http://www.swamid.se/category/hei-service + http://www.swamid.se/category/sfs-1993-1153 + http://www.swamid.se/category/hei-service diff --git a/tests/servera_conf.py b/tests/servera_conf.py index 5b837b34e..7277568c3 100644 --- a/tests/servera_conf.py +++ b/tests/servera_conf.py @@ -1,16 +1,17 @@ -from saml2.extension.idpdisc import BINDING_DISCO -from saml2 import BINDING_SOAP -from saml2 import BINDING_PAOS +from pathutils import full_path +from pathutils import xmlsec_path + +from saml2 import BINDING_HTTP_ARTIFACT from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_ARTIFACT +from saml2 import BINDING_PAOS +from saml2 import BINDING_SOAP from saml2.authn_context import PASSWORDPROTECTEDTRANSPORT as AUTHN_PASSWORD_PROTECTED from saml2.authn_context import TIMESYNCTOKEN as AUTHN_TIME_SYNC_TOKEN -from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.extension.idpdisc import BINDING_DISCO from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2.saml import NAMEID_FORMAT_TRANSIENT -from pathutils import full_path -from pathutils import xmlsec_path BASE = "http://lingon.catalogix.se:8087" @@ -22,24 +23,19 @@ "sp": { "endpoints": { "assertion_consumer_service": [ - ("%s/" % BASE, BINDING_HTTP_POST), - ("%s/paos" % BASE, BINDING_PAOS), - ("%s/redirect" % BASE, BINDING_HTTP_REDIRECT)], - "artifact_resolution_service": [ - ("%s/ars" % BASE, BINDING_SOAP) + (f"{BASE}/", BINDING_HTTP_POST), + (f"{BASE}/paos", BINDING_PAOS), + (f"{BASE}/redirect", BINDING_HTTP_REDIRECT), ], + "artifact_resolution_service": [(f"{BASE}/ars", BINDING_SOAP)], "manage_name_id_service": [ - ("%s/mni/soap" % BASE, BINDING_SOAP), - ("%s/mni/post" % BASE, BINDING_HTTP_POST), - ("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT) - ], - "single_logout_service": [ - ("%s/sls" % BASE, BINDING_SOAP) + (f"{BASE}/mni/soap", BINDING_SOAP), + (f"{BASE}/mni/post", BINDING_HTTP_POST), + (f"{BASE}/mni/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/mni/art", BINDING_HTTP_ARTIFACT), ], - "discovery_response": [ - ("%s/disco" % BASE, BINDING_DISCO) - ] + "single_logout_service": [(f"{BASE}/sls", BINDING_SOAP)], + "discovery_response": [(f"{BASE}/disco", BINDING_DISCO)], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title", "eduPersonAffiliation"], @@ -62,10 +58,12 @@ "cert_file": full_path("test.pem"), "ca_certs": full_path("cacerts.txt"), "xmlsec_binary": xmlsec_path, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("idp_all.xml"), ), (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("idp_all.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "virtual_organization": { "urn:mace:example.com:it:tek": { "nameid_format": "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID", @@ -75,10 +73,12 @@ "subject_data": "subject_data.db", "accepted_time_diff": 60, "attribute_map_dir": full_path("attributemaps"), - "entity_category": ["http://www.swamid.se/category/sfs-1993-1153", - #"http://www.swamid.se/category/research-and-education", - "http://www.swamid.se/category/hei-service"], - #"valid_for": 6, + "entity_category": [ + "http://www.swamid.se/category/sfs-1993-1153", + # "http://www.swamid.se/category/research-and-education", + "http://www.swamid.se/category/hei-service", + ], + # "valid_for": 6, "organization": { "name": ("AB Exempel", "se"), "display_name": ("AB Exempel", "se"), @@ -90,7 +90,7 @@ "sur_name": "Hedberg", "telephone_number": "+46 70 100 0000", "email_address": ["tech@eample.com", "tech@example.org"], - "contact_type": "technical" + "contact_type": "technical", }, ], "logger": { @@ -100,5 +100,5 @@ "backupCount": 5, }, "loglevel": "info", - } + }, } diff --git a/tests/sp_1_conf.py b/tests/sp_1_conf.py index 834ff15ab..e15ceba3a 100644 --- a/tests/sp_1_conf.py +++ b/tests/sp_1_conf.py @@ -8,8 +8,7 @@ "service": { "sp": { "endpoints": { - "assertion_consumer_service": [ - "http://lingon.catalogix.se:8087/"], + "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], @@ -20,10 +19,12 @@ "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), "xmlsec_binary": None, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("idp.xml"), ), (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("idp.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "virtual_organization": { "urn:mace:example.com:it:tek": { "nameid_format": "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID", @@ -38,14 +39,15 @@ "display_name": ("AB Exempel", "se"), "url": "http://www.example.org", }, - "contact_person": [{ - "given_name": "Roland", - "sur_name": "Hedberg", - "telephone_number": "+46 70 100 0000", - "email_address": ["tech@eample.com", - "tech@example.org"], - "contact_type": "technical" - }, + "contact_person": [ + { + "given_name": "Roland", + "sur_name": "Hedberg", + "telephone_number": "+46 70 100 0000", + "email_address": ["tech@eample.com", "tech@example.org"], + "contact_type": "technical", + }, ], "secret": "0123456789", -} + "http_client_timeout": 10, +} diff --git a/tests/sp_2_conf.py b/tests/sp_2_conf.py index 58801412e..c284ab59a 100644 --- a/tests/sp_2_conf.py +++ b/tests/sp_2_conf.py @@ -1,5 +1,6 @@ from pathutils import full_path + CONFIG = { "entityid": "urn:mace:example.com:saml:roland:sp", "name": "urn:mace:example.com:saml:roland:sp", @@ -7,8 +8,7 @@ "service": { "sp": { "endpoints": { - "assertion_consumer_service": [ - "http://lingon.catalogix.se:8087/"], + "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], @@ -36,15 +36,15 @@ "display_name": ("AB Exempel", "se"), "url": "http://www.example.org", }, - "contact_person": [{ - "given_name": "Roland", - "sur_name": "Hedberg", - "telephone_number": "+46 70 100 0000", - "email_address": ["tech@eample.com", - "tech@example.org"], - "contact_type": "technical" - }, + "contact_person": [ + { + "given_name": "Roland", + "sur_name": "Hedberg", + "telephone_number": "+46 70 100 0000", + "email_address": ["tech@eample.com", "tech@example.org"], + "contact_type": "technical", + }, ], "secret": "0123456789", - "only_use_keys_in_metadata": True + "only_use_keys_in_metadata": True, } diff --git a/tests/sp_conf_nameidpolicy.py b/tests/sp_conf_nameidpolicy.py index c2e81c1d4..edadded3c 100644 --- a/tests/sp_conf_nameidpolicy.py +++ b/tests/sp_conf_nameidpolicy.py @@ -1,6 +1,7 @@ from pathutils import full_path from pathutils import xmlsec_path + CONFIG = { "entityid": "urn:mace:example.com:saml:roland:sp", "name": "urn:mace:example.com:saml:roland:sp", @@ -8,27 +9,30 @@ "service": { "sp": { "endpoints": { - "assertion_consumer_service": [ - "http://lingon.catalogix.se:8087/"], + "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], "idp": ["urn:mace:example.com:saml:roland:idp"], "name_id_policy_format": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent", - "name_id_format_allow_create": "true" + "name_id_format_allow_create": "true", } }, "debug": 1, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), - "encryption_keypairs": [{"key_file": full_path("test_1.key"), "cert_file": full_path("test_1.crt")}, - {"key_file": full_path("test_2.key"), "cert_file": full_path("test_2.crt")}], + "encryption_keypairs": [ + {"key_file": full_path("test_1.key"), "cert_file": full_path("test_1.crt")}, + {"key_file": full_path("test_2.key"), "cert_file": full_path("test_2.crt")}, + ], "ca_certs": full_path("cacerts.txt"), "xmlsec_binary": xmlsec_path, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("idp.xml"), ), (full_path("vo_metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("idp.xml"),), (full_path("vo_metadata.xml"),)], + } + ], "virtual_organization": { "urn:mace:example.com:it:tek": { "nameid_format": "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID", @@ -44,14 +48,14 @@ "display_name": ("AB Exempel", "se"), "url": "http://www.example.org", }, - "contact_person": [{ - "given_name": "Roland", - "sur_name": "Hedberg", - "telephone_number": "+46 70 100 0000", - "email_address": ["tech@eample.com", - "tech@example.org"], - "contact_type": "technical" - }, + "contact_person": [ + { + "given_name": "Roland", + "sur_name": "Hedberg", + "telephone_number": "+46 70 100 0000", + "email_address": ["tech@eample.com", "tech@example.org"], + "contact_type": "technical", + }, ], "logger": { "rotating": { @@ -60,5 +64,5 @@ "backupCount": 5, }, "loglevel": "info", - } + }, } diff --git a/tests/sp_mdext_conf.py b/tests/sp_mdext_conf.py index 2fe43390f..98951284a 100644 --- a/tests/sp_mdext_conf.py +++ b/tests/sp_mdext_conf.py @@ -1,4 +1,6 @@ -from pathutils import full_path, xmlsec_path +from pathutils import full_path +from pathutils import xmlsec_path + CONFIG = { "entityid": "urn:mace:example.com:saml:roland:sp", @@ -23,8 +25,7 @@ "sp_type": "public", "sp_type_in_metadata": True, "endpoints": { - "assertion_consumer_service": [ - "http://lingon.catalogix.se:8087/"], + "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], @@ -33,22 +34,18 @@ "mdui": { "UIInfo": { "display_name": {"text": "NORDUnet", "lang": "en"}, - "description": { - "text": "The NORDUnet A/S Identity Provider ..", - "lang": "en"}, + "description": {"text": "The NORDUnet A/S Identity Provider ..", "lang": "en"}, "logo": { - "text": "https://www.nordu" - ".net/resources/NORDUnet2.jpg", - "lang": "en", "height": 46, "width": 203} + "text": "https://www.nordu" ".net/resources/NORDUnet2.jpg", + "lang": "en", + "height": 46, + "width": 203, + }, }, - "DiscoHints": { - "domain_hint": {"text": "nordu.net"} - } - }, - "shibmd": { - "Scope": {"regexp": "false", "text": "nordu.net"} + "DiscoHints": {"domain_hint": {"text": "nordu.net"}}, }, - } + "shibmd": {"Scope": {"regexp": "false", "text": "nordu.net"}}, + }, } }, "debug": 1, @@ -78,7 +75,7 @@ "sur_name": "Hedberg", "telephone_number": "+46 70 100 0000", "email_address": ["tech@eample.com", "tech@example.org"], - "contact_type": "technical" + "contact_type": "technical", }, ], "secret": "0123456789", diff --git a/tests/sp_slo_redirect_conf.py b/tests/sp_slo_redirect_conf.py index 7bc17a1be..696bee1db 100644 --- a/tests/sp_slo_redirect_conf.py +++ b/tests/sp_slo_redirect_conf.py @@ -1,9 +1,9 @@ -from saml2 import BINDING_HTTP_REDIRECT, BINDING_HTTP_POST -from saml2.saml import NAMEID_FORMAT_PERSISTENT -from saml2.saml import NAME_FORMAT_URI - from pathutils import full_path +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT + + HOME = "http://lingon.catalogix.se:8087/" CONFIG = { "entityid": "urn:mace:example.com:saml:roland:sp", @@ -12,10 +12,8 @@ "service": { "sp": { "endpoints": { - "assertion_consumer_service": [ - (HOME, BINDING_HTTP_POST)], - "single_logout_service": [ - (HOME + "slo", BINDING_HTTP_REDIRECT)], + "assertion_consumer_service": [(HOME, BINDING_HTTP_POST)], + "single_logout_service": [(f"{HOME}slo", BINDING_HTTP_REDIRECT)], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], @@ -27,10 +25,12 @@ "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), "xmlsec_binary": None, - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("idp_slo_redirect.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("idp_slo_redirect.xml"),)], + } + ], "virtual_organization": { "urn:mace:example.com:it:tek": { "nameid_format": "urn:oid:1.3.6.1.4.1.1466.115.121.1.15-NameID", @@ -44,13 +44,13 @@ "display_name": ("AB Exempel", "se"), "url": "http://www.example.org", }, - "contact_person": [{ - "given_name": "Roland", - "sur_name": "Hedberg", - "telephone_number": "+46 70 100 0000", - "email_address": ["tech@eample.com", - "tech@example.org"], - "contact_type": "technical" - }, - ] + "contact_person": [ + { + "given_name": "Roland", + "sur_name": "Hedberg", + "telephone_number": "+46 70 100 0000", + "email_address": ["tech@eample.com", "tech@example.org"], + "contact_type": "technical", + }, + ], } diff --git a/tests/sp_test/config.py b/tests/sp_test/config.py index c722960c6..d7ad0e41c 100644 --- a/tests/sp_test/config.py +++ b/tests/sp_test/config.py @@ -1,10 +1,11 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -from saml2 import BINDING_HTTP_REDIRECT, BINDING_URI from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_URI from saml2.saml import NAME_FORMAT_URI -from saml2.saml import NAMEID_FORMAT_TRANSIENT from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2.saml import NAMEID_FORMAT_TRANSIENT + try: from saml2.sigver import get_xmlsec_binary @@ -14,45 +15,42 @@ if get_xmlsec_binary: xmlsec_path = get_xmlsec_binary(["/opt/local/bin"]) else: - xmlsec_path = '/usr/bin/xmlsec1' + xmlsec_path = "/usr/bin/xmlsec1" -#BASE = "http://lingon.ladok.umu.se:8088" -#BASE = "http://lingon.catalogix.se:8088" +# BASE = "http://lingon.ladok.umu.se:8088" +# BASE = "http://lingon.catalogix.se:8088" BASE = "http://localhost:8088" CONFIG = { - "entityid": "%s/idp.xml" % BASE, + "entityid": f"{BASE}/idp.xml", "description": "My IDP", "service": { "idp": { "name": "Rolands IdP", "endpoints": { "single_sign_on_service": [ - ("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT), - ("%s/sso/post" % BASE, BINDING_HTTP_POST), + (f"{BASE}/sso/redirect", BINDING_HTTP_REDIRECT), + (f"{BASE}/sso/post", BINDING_HTTP_POST), ], "single_logout_service": [ - ("%s/slo/post" % BASE, BINDING_HTTP_POST), - ("%s/slo/redirect" % BASE, BINDING_HTTP_REDIRECT) - ], - "assertion_id_request_service": [ - ("%s/airs" % BASE, BINDING_URI) + (f"{BASE}/slo/post", BINDING_HTTP_POST), + (f"{BASE}/slo/redirect", BINDING_HTTP_REDIRECT), ], + "assertion_id_request_service": [(f"{BASE}/airs", BINDING_URI)], "manage_name_id_service": [ - ("%s/mni/post" % BASE, BINDING_HTTP_POST), - ("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT), + (f"{BASE}/mni/post", BINDING_HTTP_POST), + (f"{BASE}/mni/redirect", BINDING_HTTP_REDIRECT), ], }, "policy": { "default": { "lifetime": {"minutes": 15}, "attribute_restrictions": None, # means all I have - "name_form": NAME_FORMAT_URI + "name_form": NAME_FORMAT_URI, }, }, "subject_data": ("dict", None), - "name_id_format": [NAMEID_FORMAT_TRANSIENT, - NAMEID_FORMAT_PERSISTENT] + "name_id_format": [NAMEID_FORMAT_TRANSIENT, NAMEID_FORMAT_PERSISTENT], }, }, "debug": 1, @@ -69,12 +67,9 @@ "contact_type": "technical", "given_name": "Roland", "sur_name": "Hedberg", - "email_address": "technical@example.com" - }, { - "contact_type": "support", - "given_name": "Support", - "email_address": "support@example.com" + "email_address": "technical@example.com", }, + {"contact_type": "support", "given_name": "Support", "email_address": "support@example.com"}, ], # This database holds the map between a subjects local identifier and # the identifier returned to a SP @@ -87,5 +82,5 @@ "backupCount": 5, }, "loglevel": "debug", - } + }, } diff --git a/tests/sp_test/targetsp.py b/tests/sp_test/targetsp.py index 166a514cc..225930aea 100755 --- a/tests/sp_test/targetsp.py +++ b/tests/sp_test/targetsp.py @@ -1,43 +1,38 @@ #!/usr/bin/env python from saml2.saml import AUTHN_PASSWORD -__author__ = 'rolandh' + +__author__ = "rolandh" import json + BASE = "http://localhost:8087" -#BASE= "http://lingon.catalogix.se:8087" +# BASE= "http://lingon.catalogix.se:8087" metadata = open("./sp/sp.xml").read() -AUTHN = {"class_ref": AUTHN_PASSWORD, - "authn_auth": "http://lingon.catalogix.se/login"} +AUTHN = {"class_ref": AUTHN_PASSWORD, "authn_auth": "http://lingon.catalogix.se/login"} info = { "start_page": BASE, - "entity_id": "%s/sp.xml" % BASE, + "entity_id": f"{BASE}/sp.xml", "result": { - "matches": { - "content": "

Your identity are" - }, + "matches": {"content": "

Your identity are"}, }, "metadata": metadata, - "args": - { - "AuthnResponse": { - "sign_assertion": "always", # always, never - "sign_response": "never", # always, never - "sign_digest_alg": ds.DIGEST_SHA256, - "sign_signature_alg": ds.SIG_RSA_SHA256, - "authn": AUTHN - } - }, + "args": { + "AuthnResponse": { + "sign_assertion": "always", # always, never + "sign_response": "never", # always, never + "sign_digest_alg": ds.DIGEST_SHA256, + "sign_signature_alg": ds.SIG_RSA_SHA256, + "authn": AUTHN, + } + }, # This is the set of attributes and values that are returned in the # SAML Assertion - "identity": { - "given_name": "Roland", - "sn": "Hedberg" - }, + "identity": {"given_name": "Roland", "sn": "Hedberg"}, # This is the value of the NameID that is return in the Subject in the # Assertion "userid": "roland", @@ -46,22 +41,23 @@ "echopageIdPattern": r"SAML Echo Service", # list of regex patterns that must be contained in the resulting echo page to validate # that the SP's echo page returns expected SAMLe response values (e.g. attribute values) - "echopageContentPattern": [r"Given Name\s*\s*

", - r"Userid\s*\s*", - r"Surname\s*\s*", - ], + "echopageContentPattern": [ + r"Given Name\s*\s*", + r"Userid\s*\s*", + r"Surname\s*\s*", + ], "constraints": { "authnRequest_signature_required": True, # allowed for assertion & response signature: "signature_algorithm": [ - #ds.SIG_RSA_SHA1, # you may need this for legacy deployments + # ds.SIG_RSA_SHA1, # you may need this for legacy deployments ds.SIG_RSA_SHA224, ds.SIG_RSA_SHA256, ds.SIG_RSA_SHA384, ds.SIG_RSA_SHA512, ], "digest_algorithm": [ - #ds.DIGEST_SHA1, # you may need this for legacy deployments + # ds.DIGEST_SHA1, # you may need this for legacy deployments ds.DIGEST_SHA1, ds.DIGEST_SHA224, ds.DIGEST_SHA256, @@ -72,4 +68,4 @@ }, } -print(json.dumps(info)) \ No newline at end of file +print(json.dumps(info)) diff --git a/tests/test-requirements.txt b/tests/test-requirements.txt deleted file mode 100644 index bfb2c0025..000000000 --- a/tests/test-requirements.txt +++ /dev/null @@ -1,7 +0,0 @@ -coverage -mock -pyasn1 -pymongo -pytest -pytest-cov -responses diff --git a/tests/test_00_xmldsig.py b/tests/test_00_xmldsig.py index 80453f9a1..059e8a049 100644 --- a/tests/test_00_xmldsig.py +++ b/tests/test_00_xmldsig.py @@ -3,639 +3,562 @@ """Tests for xmldsig""" -__author__ = 'tmatsuo@example.com (Takashi MATSUO)' +__author__ = "tmatsuo@example.com (Takashi MATSUO)" import unittest -try: - from xml.etree import ElementTree -except ImportError: - from elementtree import ElementTree -import ds_data -import saml2.xmldsig as ds -class TestObject: +import ds_data - def setup_class(self): - self.object = ds.Object() +import saml2.xmldsig as ds - def testAccessors(self): - """Test for Object accessors""" - self.object.id = "object_id" - self.object.mime_type = "test/plain; charset=UTF-8" - self.object.encoding = ds.ENCODING_BASE64 - new_object = ds.object_from_string(self.object.to_string()) - assert new_object.id == "object_id" - assert new_object.mime_type == "test/plain; charset=UTF-8" - assert new_object.encoding == ds.ENCODING_BASE64 - def testUsingTestData(self): - """Test for object_from_string() using test data""" - new_object = ds.object_from_string(ds_data.TEST_OBJECT) - assert new_object.id == "object_id" - assert new_object.encoding == ds.ENCODING_BASE64 - assert new_object.text.strip() == "V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo" +class TestObject: + def setup_class(self): + self.object = ds.Object() + + def testAccessors(self): + """Test for Object accessors""" + self.object.id = "object_id" + self.object.mime_type = "test/plain; charset=UTF-8" + self.object.encoding = ds.ENCODING_BASE64 + new_object = ds.object_from_string(self.object.to_string()) + assert new_object.id == "object_id" + assert new_object.mime_type == "test/plain; charset=UTF-8" + assert new_object.encoding == ds.ENCODING_BASE64 + + def testUsingTestData(self): + """Test for object_from_string() using test data""" + new_object = ds.object_from_string(ds_data.TEST_OBJECT) + assert new_object.id == "object_id" + assert new_object.encoding == ds.ENCODING_BASE64 + assert new_object.text.strip() == "V2VkIEp1biAgNCAxMjoxMTowMyBFRFQgMjAwMwo" class TestMgmtData: - def setup_class(self): - self.mgmt_data = ds.MgmtData() + def setup_class(self): + self.mgmt_data = ds.MgmtData() - def testAccessors(self): - """Test for MgmtData accessors""" - self.mgmt_data.text = "mgmt data" - new_mgmt_data = ds.mgmt_data_from_string(self.mgmt_data.to_string()) - assert new_mgmt_data.text.strip() == "mgmt data" + def testAccessors(self): + """Test for MgmtData accessors""" + self.mgmt_data.text = "mgmt data" + new_mgmt_data = ds.mgmt_data_from_string(self.mgmt_data.to_string()) + assert new_mgmt_data.text.strip() == "mgmt data" - def testUsingTestData(self): - """Test for mgmt_data_from_string() using test data""" - new_mgmt_data = ds.mgmt_data_from_string(ds_data.TEST_MGMT_DATA) - assert new_mgmt_data.text.strip() == "mgmt data" + def testUsingTestData(self): + """Test for mgmt_data_from_string() using test data""" + new_mgmt_data = ds.mgmt_data_from_string(ds_data.TEST_MGMT_DATA) + assert new_mgmt_data.text.strip() == "mgmt data" class TestSPKISexp: + def setup_class(self): + self.spki_sexp = ds.SPKISexp() - def setup_class(self): - self.spki_sexp = ds.SPKISexp() + def testAccessors(self): + """Test for SPKISexp accessors""" + self.spki_sexp.text = "spki sexp" + new_spki_sexp = ds.spki_sexp_from_string(self.spki_sexp.to_string()) + assert new_spki_sexp.text.strip() == "spki sexp" - def testAccessors(self): - """Test for SPKISexp accessors""" - self.spki_sexp.text = "spki sexp" - new_spki_sexp = ds.spki_sexp_from_string(self.spki_sexp.to_string()) - assert new_spki_sexp.text.strip() == "spki sexp" - - def testUsingTestData(self): - """Test for spki_sexp_from_string() using test data""" - new_spki_sexp = ds.spki_sexp_from_string(ds_data.TEST_SPKI_SEXP) - assert new_spki_sexp.text.strip() == "spki sexp" + def testUsingTestData(self): + """Test for spki_sexp_from_string() using test data""" + new_spki_sexp = ds.spki_sexp_from_string(ds_data.TEST_SPKI_SEXP) + assert new_spki_sexp.text.strip() == "spki sexp" class TestSPKIData: + def setup_class(self): + self.spki_data = ds.SPKIData() - def setup_class(self): - self.spki_data = ds.SPKIData() - - def testAccessors(self): - """Test for SPKIData accessors""" - self.spki_data.spki_sexp.append( - ds.spki_sexp_from_string(ds_data.TEST_SPKI_SEXP)) - new_spki_data = ds.spki_data_from_string(self.spki_data.to_string()) - assert new_spki_data.spki_sexp[0].text.strip() == "spki sexp" + def testAccessors(self): + """Test for SPKIData accessors""" + self.spki_data.spki_sexp.append(ds.spki_sexp_from_string(ds_data.TEST_SPKI_SEXP)) + new_spki_data = ds.spki_data_from_string(self.spki_data.to_string()) + assert new_spki_data.spki_sexp[0].text.strip() == "spki sexp" - def testUsingTestData(self): - """Test for spki_data_from_string() using test data""" - new_spki_data = ds.spki_data_from_string(ds_data.TEST_SPKI_DATA) - print(new_spki_data) - assert new_spki_data.spki_sexp[0].text.strip() == "spki sexp" - assert new_spki_data.spki_sexp[1].text.strip() == "spki sexp2" + def testUsingTestData(self): + """Test for spki_data_from_string() using test data""" + new_spki_data = ds.spki_data_from_string(ds_data.TEST_SPKI_DATA) + print(new_spki_data) + assert new_spki_data.spki_sexp[0].text.strip() == "spki sexp" + assert new_spki_data.spki_sexp[1].text.strip() == "spki sexp2" class TestPGPData: - - def setup_class(self): - self.pgp_data = ds.PGPData() - - def testAccessors(self): - """Test for PGPData accessors""" - self.pgp_data.pgp_key_id = ds.PGPKeyID(text="pgp key id") - self.pgp_data.pgp_key_packet = ds.PGPKeyPacket(text="pgp key packet") - new_pgp_data = ds.pgp_data_from_string(self.pgp_data.to_string()) - assert isinstance(new_pgp_data.pgp_key_id, ds.PGPKeyID) - assert isinstance(new_pgp_data.pgp_key_packet, ds.PGPKeyPacket) - assert new_pgp_data.pgp_key_id.text.strip() == "pgp key id" - assert new_pgp_data.pgp_key_packet.text.strip() == "pgp key packet" - - def testUsingTestData(self): - """Test for pgp_data_from_string() using test data""" - new_pgp_data = ds.pgp_data_from_string(ds_data.TEST_PGP_DATA) - assert isinstance(new_pgp_data.pgp_key_id, ds.PGPKeyID) - assert isinstance(new_pgp_data.pgp_key_packet, ds.PGPKeyPacket) - assert new_pgp_data.pgp_key_id.text.strip() == "pgp key id" - assert new_pgp_data.pgp_key_packet.text.strip() == "pgp key packet" + def setup_class(self): + self.pgp_data = ds.PGPData() + + def testAccessors(self): + """Test for PGPData accessors""" + self.pgp_data.pgp_key_id = ds.PGPKeyID(text="pgp key id") + self.pgp_data.pgp_key_packet = ds.PGPKeyPacket(text="pgp key packet") + new_pgp_data = ds.pgp_data_from_string(self.pgp_data.to_string()) + assert isinstance(new_pgp_data.pgp_key_id, ds.PGPKeyID) + assert isinstance(new_pgp_data.pgp_key_packet, ds.PGPKeyPacket) + assert new_pgp_data.pgp_key_id.text.strip() == "pgp key id" + assert new_pgp_data.pgp_key_packet.text.strip() == "pgp key packet" + + def testUsingTestData(self): + """Test for pgp_data_from_string() using test data""" + new_pgp_data = ds.pgp_data_from_string(ds_data.TEST_PGP_DATA) + assert isinstance(new_pgp_data.pgp_key_id, ds.PGPKeyID) + assert isinstance(new_pgp_data.pgp_key_packet, ds.PGPKeyPacket) + assert new_pgp_data.pgp_key_id.text.strip() == "pgp key id" + assert new_pgp_data.pgp_key_packet.text.strip() == "pgp key packet" class TestX509IssuerSerial: + def setup_class(self): + self.x509_issuer_serial = ds.X509IssuerSerialType_() - def setup_class(self): - self.x509_issuer_serial = ds.X509IssuerSerialType_() - - def testAccessors(self): - """Test for X509SerialNumber accessors""" - self.x509_issuer_serial.x509_issuer_name = ds.X509IssuerName( - text="issuer name") - self.x509_issuer_serial.x509_serial_number = ds.X509SerialNumber(text="1") - new_x509_issuer_serial = ds.x509_issuer_serial_type__from_string( - self.x509_issuer_serial.to_string()) - assert new_x509_issuer_serial.x509_issuer_name.text.strip() == \ - "issuer name" - assert new_x509_issuer_serial.x509_serial_number.text.strip() == "1" - - def testUsingTestData(self): - """Test for x509_issuer_serial_from_string() using test data""" - new_x509_issuer_serial = ds.x509_issuer_serial_from_string( - ds_data.TEST_X509_ISSUER_SERIAL) - assert new_x509_issuer_serial.x509_issuer_name.text.strip() == \ - "issuer name" - assert new_x509_issuer_serial.x509_serial_number.text.strip() == "1" + def testAccessors(self): + """Test for X509SerialNumber accessors""" + self.x509_issuer_serial.x509_issuer_name = ds.X509IssuerName(text="issuer name") + self.x509_issuer_serial.x509_serial_number = ds.X509SerialNumber(text="1") + new_x509_issuer_serial = ds.x509_issuer_serial_type__from_string(self.x509_issuer_serial.to_string()) + assert new_x509_issuer_serial.x509_issuer_name.text.strip() == "issuer name" + assert new_x509_issuer_serial.x509_serial_number.text.strip() == "1" + def testUsingTestData(self): + """Test for x509_issuer_serial_from_string() using test data""" + new_x509_issuer_serial = ds.x509_issuer_serial_from_string(ds_data.TEST_X509_ISSUER_SERIAL) + assert new_x509_issuer_serial.x509_issuer_name.text.strip() == "issuer name" + assert new_x509_issuer_serial.x509_serial_number.text.strip() == "1" -class TestX509Data: - def setup_class(self): - self.x509_data = ds.X509Data() - - def testAccessors(self): - """Test for X509Data accessors""" - st = ds.x509_issuer_serial_from_string(ds_data.TEST_X509_ISSUER_SERIAL) - print(st) - self.x509_data.x509_issuer_serial= st - self.x509_data.x509_ski = ds.X509SKI(text="x509 ski") - self.x509_data.x509_subject_name = ds.X509SubjectName( - text="x509 subject name") - self.x509_data.x509_certificate = ds.X509Certificate( - text="x509 certificate") - self.x509_data.x509_crl = ds.X509CRL(text="x509 crl") - - new_x509_data = ds.x509_data_from_string(self.x509_data.to_string()) - print(new_x509_data.keyswv()) - print(new_x509_data.__dict__.keys()) - assert new_x509_data.x509_issuer_serial - assert isinstance(new_x509_data.x509_issuer_serial, ds.X509IssuerSerial) - assert new_x509_data.x509_ski.text.strip() == "x509 ski" - assert isinstance(new_x509_data.x509_ski, ds.X509SKI) - assert new_x509_data.x509_subject_name.text.strip() == \ - "x509 subject name" - assert isinstance(new_x509_data.x509_subject_name, ds.X509SubjectName) - assert new_x509_data.x509_certificate.text.strip() == \ - "x509 certificate" - assert isinstance(new_x509_data.x509_certificate, ds.X509Certificate) - assert new_x509_data.x509_crl.text.strip() == "x509 crl" - assert isinstance(new_x509_data.x509_crl,ds.X509CRL) - - def testUsingTestData(self): - """Test for x509_data_from_string() using test data""" - new_x509_data = ds.x509_data_from_string(ds_data.TEST_X509_DATA) - assert isinstance(new_x509_data.x509_issuer_serial, ds.X509IssuerSerial) - assert new_x509_data.x509_ski.text.strip() == "x509 ski" - assert isinstance(new_x509_data.x509_ski, ds.X509SKI) - assert new_x509_data.x509_subject_name.text.strip() == \ - "x509 subject name" - assert isinstance(new_x509_data.x509_subject_name, ds.X509SubjectName) - assert new_x509_data.x509_certificate.text.strip() == \ - "x509 certificate" - assert isinstance(new_x509_data.x509_certificate, ds.X509Certificate) - assert new_x509_data.x509_crl.text.strip() == "x509 crl" - assert isinstance(new_x509_data.x509_crl,ds.X509CRL) +class TestX509Data: + def setup_class(self): + self.x509_data = ds.X509Data() + + def testAccessors(self): + """Test for X509Data accessors""" + st = ds.x509_issuer_serial_from_string(ds_data.TEST_X509_ISSUER_SERIAL) + print(st) + self.x509_data.x509_issuer_serial = st + self.x509_data.x509_ski = ds.X509SKI(text="x509 ski") + self.x509_data.x509_subject_name = ds.X509SubjectName(text="x509 subject name") + self.x509_data.x509_certificate = ds.X509Certificate(text="x509 certificate") + self.x509_data.x509_crl = ds.X509CRL(text="x509 crl") + + new_x509_data = ds.x509_data_from_string(self.x509_data.to_string()) + print(new_x509_data.keyswv()) + print(new_x509_data.__dict__.keys()) + assert new_x509_data.x509_issuer_serial + assert isinstance(new_x509_data.x509_issuer_serial, ds.X509IssuerSerial) + assert new_x509_data.x509_ski.text.strip() == "x509 ski" + assert isinstance(new_x509_data.x509_ski, ds.X509SKI) + assert new_x509_data.x509_subject_name.text.strip() == "x509 subject name" + assert isinstance(new_x509_data.x509_subject_name, ds.X509SubjectName) + assert new_x509_data.x509_certificate.text.strip() == "x509 certificate" + assert isinstance(new_x509_data.x509_certificate, ds.X509Certificate) + assert new_x509_data.x509_crl.text.strip() == "x509 crl" + assert isinstance(new_x509_data.x509_crl, ds.X509CRL) + + def testUsingTestData(self): + """Test for x509_data_from_string() using test data""" + new_x509_data = ds.x509_data_from_string(ds_data.TEST_X509_DATA) + assert isinstance(new_x509_data.x509_issuer_serial, ds.X509IssuerSerial) + assert new_x509_data.x509_ski.text.strip() == "x509 ski" + assert isinstance(new_x509_data.x509_ski, ds.X509SKI) + assert new_x509_data.x509_subject_name.text.strip() == "x509 subject name" + assert isinstance(new_x509_data.x509_subject_name, ds.X509SubjectName) + assert new_x509_data.x509_certificate.text.strip() == "x509 certificate" + assert isinstance(new_x509_data.x509_certificate, ds.X509Certificate) + assert new_x509_data.x509_crl.text.strip() == "x509 crl" + assert isinstance(new_x509_data.x509_crl, ds.X509CRL) class TestTransform: - - def setup_class(self): - self.transform = ds.Transform() - - def testAccessors(self): - """Test for Transform accessors""" - self.transform.x_path.append(ds.TransformType_XPath(text="xpath")) - self.transform.algorithm = ds.TRANSFORM_ENVELOPED - new_transform = ds.transform_from_string(self.transform.to_string()) - assert isinstance(new_transform.x_path[0], ds.TransformType_XPath) - assert new_transform.x_path[0].text.strip() == "xpath" - assert new_transform.algorithm == ds.TRANSFORM_ENVELOPED - - def testUsingTestData(self): - """Test for transform_from_string() using test data""" - new_transform = ds.transform_from_string(ds_data.TEST_TRANSFORM) - assert isinstance(new_transform.x_path[0], ds.TransformType_XPath) - assert new_transform.x_path[0].text.strip() == "xpath" - assert new_transform.algorithm == ds.TRANSFORM_ENVELOPED + def setup_class(self): + self.transform = ds.Transform() + + def testAccessors(self): + """Test for Transform accessors""" + self.transform.x_path.append(ds.TransformType_XPath(text="xpath")) + self.transform.algorithm = ds.TRANSFORM_ENVELOPED + new_transform = ds.transform_from_string(self.transform.to_string()) + assert isinstance(new_transform.x_path[0], ds.TransformType_XPath) + assert new_transform.x_path[0].text.strip() == "xpath" + assert new_transform.algorithm == ds.TRANSFORM_ENVELOPED + + def testUsingTestData(self): + """Test for transform_from_string() using test data""" + new_transform = ds.transform_from_string(ds_data.TEST_TRANSFORM) + assert isinstance(new_transform.x_path[0], ds.TransformType_XPath) + assert new_transform.x_path[0].text.strip() == "xpath" + assert new_transform.algorithm == ds.TRANSFORM_ENVELOPED class TestTransforms: - - def setup_class(self): - self.transforms = ds.Transforms() - - def testAccessors(self): - """Test for Transforms accessors""" - self.transforms.transform.append( - ds.transform_from_string(ds_data.TEST_TRANSFORM)) - self.transforms.transform.append( - ds.transform_from_string(ds_data.TEST_TRANSFORM)) - new_transforms = ds.transforms_from_string(self.transforms.to_string()) - assert isinstance(new_transforms.transform[0], ds.Transform) - assert isinstance(new_transforms.transform[1], ds.Transform) - assert new_transforms.transform[0].algorithm == \ - ds.TRANSFORM_ENVELOPED - assert new_transforms.transform[1].algorithm == \ - ds.TRANSFORM_ENVELOPED - assert new_transforms.transform[0].x_path[0].text.strip() == "xpath" - assert new_transforms.transform[1].x_path[0].text.strip() == "xpath" - - def testUsingTestData(self): - """Test for transform_from_string() using test data""" - new_transforms = ds.transforms_from_string(ds_data.TEST_TRANSFORMS) - assert isinstance(new_transforms.transform[0], ds.Transform) - assert isinstance(new_transforms.transform[1], ds.Transform) - assert new_transforms.transform[0].algorithm == \ - ds.TRANSFORM_ENVELOPED - assert new_transforms.transform[1].algorithm == \ - ds.TRANSFORM_ENVELOPED - assert new_transforms.transform[0].x_path[0].text.strip() == "xpath" - assert new_transforms.transform[1].x_path[0].text.strip() == "xpath" + def setup_class(self): + self.transforms = ds.Transforms() + + def testAccessors(self): + """Test for Transforms accessors""" + self.transforms.transform.append(ds.transform_from_string(ds_data.TEST_TRANSFORM)) + self.transforms.transform.append(ds.transform_from_string(ds_data.TEST_TRANSFORM)) + new_transforms = ds.transforms_from_string(self.transforms.to_string()) + assert isinstance(new_transforms.transform[0], ds.Transform) + assert isinstance(new_transforms.transform[1], ds.Transform) + assert new_transforms.transform[0].algorithm == ds.TRANSFORM_ENVELOPED + assert new_transforms.transform[1].algorithm == ds.TRANSFORM_ENVELOPED + assert new_transforms.transform[0].x_path[0].text.strip() == "xpath" + assert new_transforms.transform[1].x_path[0].text.strip() == "xpath" + + def testUsingTestData(self): + """Test for transform_from_string() using test data""" + new_transforms = ds.transforms_from_string(ds_data.TEST_TRANSFORMS) + assert isinstance(new_transforms.transform[0], ds.Transform) + assert isinstance(new_transforms.transform[1], ds.Transform) + assert new_transforms.transform[0].algorithm == ds.TRANSFORM_ENVELOPED + assert new_transforms.transform[1].algorithm == ds.TRANSFORM_ENVELOPED + assert new_transforms.transform[0].x_path[0].text.strip() == "xpath" + assert new_transforms.transform[1].x_path[0].text.strip() == "xpath" class TestRetrievalMethod: - - def setup_class(self): - self.retrieval_method = ds.RetrievalMethod() - - def testAccessors(self): - """Test for RetrievalMethod accessors""" - self.retrieval_method.uri = "http://www.example.com/URI" - self.retrieval_method.type = "http://www.example.com/Type" - self.retrieval_method.transforms = ds.transforms_from_string( - ds_data.TEST_TRANSFORMS) - new_retrieval_method = ds.retrieval_method_from_string( - self.retrieval_method.to_string()) - assert new_retrieval_method.uri == "http://www.example.com/URI" - assert new_retrieval_method.type == "http://www.example.com/Type" - assert isinstance(new_retrieval_method.transforms, ds.Transforms) - - def testUsingTestData(self): - """Test for retrieval_method_from_string() using test data""" - new_retrieval_method = ds.retrieval_method_from_string( - ds_data.TEST_RETRIEVAL_METHOD) - assert new_retrieval_method.uri == "http://www.example.com/URI" - assert new_retrieval_method.type == "http://www.example.com/Type" - assert isinstance(new_retrieval_method.transforms, ds.Transforms) + def setup_class(self): + self.retrieval_method = ds.RetrievalMethod() + + def testAccessors(self): + """Test for RetrievalMethod accessors""" + self.retrieval_method.uri = "http://www.example.com/URI" + self.retrieval_method.type = "http://www.example.com/Type" + self.retrieval_method.transforms = ds.transforms_from_string(ds_data.TEST_TRANSFORMS) + new_retrieval_method = ds.retrieval_method_from_string(self.retrieval_method.to_string()) + assert new_retrieval_method.uri == "http://www.example.com/URI" + assert new_retrieval_method.type == "http://www.example.com/Type" + assert isinstance(new_retrieval_method.transforms, ds.Transforms) + + def testUsingTestData(self): + """Test for retrieval_method_from_string() using test data""" + new_retrieval_method = ds.retrieval_method_from_string(ds_data.TEST_RETRIEVAL_METHOD) + assert new_retrieval_method.uri == "http://www.example.com/URI" + assert new_retrieval_method.type == "http://www.example.com/Type" + assert isinstance(new_retrieval_method.transforms, ds.Transforms) class TestRSAKeyValue: - - def setup_class(self): - self.rsa_key_value = ds.RSAKeyValue() - - def testAccessors(self): - """Test for RSAKeyValue accessors""" - self.rsa_key_value.modulus = ds.Modulus(text="modulus") - self.rsa_key_value.exponent = ds.Exponent(text="exponent") - new_rsa_key_value = ds.rsa_key_value_from_string(self.rsa_key_value.to_string()) - assert isinstance(new_rsa_key_value.modulus, ds.Modulus) - assert isinstance(new_rsa_key_value.exponent, ds.Exponent) - assert new_rsa_key_value.modulus.text.strip() == "modulus" - assert new_rsa_key_value.exponent.text.strip() == "exponent" - - def testUsingTestData(self): - """Test for rsa_key_value_from_string() using test data""" - new_rsa_key_value = ds.rsa_key_value_from_string( - ds_data.TEST_RSA_KEY_VALUE) - assert isinstance(new_rsa_key_value.modulus, ds.Modulus) - assert isinstance(new_rsa_key_value.exponent, ds.Exponent) - assert new_rsa_key_value.modulus.text.strip() == "modulus" - assert new_rsa_key_value.exponent.text.strip() == "exponent" + def setup_class(self): + self.rsa_key_value = ds.RSAKeyValue() + + def testAccessors(self): + """Test for RSAKeyValue accessors""" + self.rsa_key_value.modulus = ds.Modulus(text="modulus") + self.rsa_key_value.exponent = ds.Exponent(text="exponent") + new_rsa_key_value = ds.rsa_key_value_from_string(self.rsa_key_value.to_string()) + assert isinstance(new_rsa_key_value.modulus, ds.Modulus) + assert isinstance(new_rsa_key_value.exponent, ds.Exponent) + assert new_rsa_key_value.modulus.text.strip() == "modulus" + assert new_rsa_key_value.exponent.text.strip() == "exponent" + + def testUsingTestData(self): + """Test for rsa_key_value_from_string() using test data""" + new_rsa_key_value = ds.rsa_key_value_from_string(ds_data.TEST_RSA_KEY_VALUE) + assert isinstance(new_rsa_key_value.modulus, ds.Modulus) + assert isinstance(new_rsa_key_value.exponent, ds.Exponent) + assert new_rsa_key_value.modulus.text.strip() == "modulus" + assert new_rsa_key_value.exponent.text.strip() == "exponent" class TestDSAKeyValue: - - def setup_class(self): - self.dsa_key_value = ds.DSAKeyValue() - - def testAccessors(self): - """Test for DSAKeyValue accessors""" - self.dsa_key_value.p = ds.P(text="p") - self.dsa_key_value.q = ds.Q(text="q") - self.dsa_key_value.g = ds.G(text="g") - self.dsa_key_value.y = ds.Y(text="y") - self.dsa_key_value.j = ds.J(text="j") - self.dsa_key_value.seed = ds.Seed(text="seed") - self.dsa_key_value.pgen_counter = ds.PgenCounter(text="pgen counter") - new_dsa_key_value = ds.dsa_key_value_from_string(self.dsa_key_value.to_string()) - assert isinstance(new_dsa_key_value.p, ds.P) - assert isinstance(new_dsa_key_value.q, ds.Q) - assert isinstance(new_dsa_key_value.g, ds.G) - assert isinstance(new_dsa_key_value.y, ds.Y) - assert isinstance(new_dsa_key_value.j, ds.J) - assert isinstance(new_dsa_key_value.seed, ds.Seed) - assert isinstance(new_dsa_key_value.pgen_counter, ds.PgenCounter) - assert new_dsa_key_value.p.text.strip() == "p" - assert new_dsa_key_value.q.text.strip() == "q" - assert new_dsa_key_value.g.text.strip() == "g" - assert new_dsa_key_value.y.text.strip() == "y" - assert new_dsa_key_value.j.text.strip() == "j" - assert new_dsa_key_value.seed.text.strip() == "seed" - assert new_dsa_key_value.pgen_counter.text.strip() == "pgen counter" - - def testUsingTestData(self): - """Test for dsa_key_value_from_string() using test data""" - new_dsa_key_value = ds.dsa_key_value_from_string( - ds_data.TEST_DSA_KEY_VALUE) - assert isinstance(new_dsa_key_value.p, ds.P) - assert isinstance(new_dsa_key_value.q, ds.Q) - assert isinstance(new_dsa_key_value.g, ds.G) - assert isinstance(new_dsa_key_value.y, ds.Y) - assert isinstance(new_dsa_key_value.j, ds.J) - assert isinstance(new_dsa_key_value.seed, ds.Seed) - assert isinstance(new_dsa_key_value.pgen_counter, ds.PgenCounter) - assert new_dsa_key_value.p.text.strip() == "p" - assert new_dsa_key_value.q.text.strip() == "q" - assert new_dsa_key_value.g.text.strip() == "g" - assert new_dsa_key_value.y.text.strip() == "y" - assert new_dsa_key_value.j.text.strip() == "j" - assert new_dsa_key_value.seed.text.strip() == "seed" - assert new_dsa_key_value.pgen_counter.text.strip() == "pgen counter" + def setup_class(self): + self.dsa_key_value = ds.DSAKeyValue() + + def testAccessors(self): + """Test for DSAKeyValue accessors""" + self.dsa_key_value.p = ds.P(text="p") + self.dsa_key_value.q = ds.Q(text="q") + self.dsa_key_value.g = ds.G(text="g") + self.dsa_key_value.y = ds.Y(text="y") + self.dsa_key_value.j = ds.J(text="j") + self.dsa_key_value.seed = ds.Seed(text="seed") + self.dsa_key_value.pgen_counter = ds.PgenCounter(text="pgen counter") + new_dsa_key_value = ds.dsa_key_value_from_string(self.dsa_key_value.to_string()) + assert isinstance(new_dsa_key_value.p, ds.P) + assert isinstance(new_dsa_key_value.q, ds.Q) + assert isinstance(new_dsa_key_value.g, ds.G) + assert isinstance(new_dsa_key_value.y, ds.Y) + assert isinstance(new_dsa_key_value.j, ds.J) + assert isinstance(new_dsa_key_value.seed, ds.Seed) + assert isinstance(new_dsa_key_value.pgen_counter, ds.PgenCounter) + assert new_dsa_key_value.p.text.strip() == "p" + assert new_dsa_key_value.q.text.strip() == "q" + assert new_dsa_key_value.g.text.strip() == "g" + assert new_dsa_key_value.y.text.strip() == "y" + assert new_dsa_key_value.j.text.strip() == "j" + assert new_dsa_key_value.seed.text.strip() == "seed" + assert new_dsa_key_value.pgen_counter.text.strip() == "pgen counter" + + def testUsingTestData(self): + """Test for dsa_key_value_from_string() using test data""" + new_dsa_key_value = ds.dsa_key_value_from_string(ds_data.TEST_DSA_KEY_VALUE) + assert isinstance(new_dsa_key_value.p, ds.P) + assert isinstance(new_dsa_key_value.q, ds.Q) + assert isinstance(new_dsa_key_value.g, ds.G) + assert isinstance(new_dsa_key_value.y, ds.Y) + assert isinstance(new_dsa_key_value.j, ds.J) + assert isinstance(new_dsa_key_value.seed, ds.Seed) + assert isinstance(new_dsa_key_value.pgen_counter, ds.PgenCounter) + assert new_dsa_key_value.p.text.strip() == "p" + assert new_dsa_key_value.q.text.strip() == "q" + assert new_dsa_key_value.g.text.strip() == "g" + assert new_dsa_key_value.y.text.strip() == "y" + assert new_dsa_key_value.j.text.strip() == "j" + assert new_dsa_key_value.seed.text.strip() == "seed" + assert new_dsa_key_value.pgen_counter.text.strip() == "pgen counter" class TestKeyValue: - - def setup_class(self): - self.key_value = ds.KeyValue() - - def testAccessors(self): - """Test for KeyValue accessors""" - self.key_value.dsa_key_value = ds.dsa_key_value_from_string( - ds_data.TEST_DSA_KEY_VALUE) - new_key_value = ds.key_value_from_string(self.key_value.to_string()) - assert isinstance(new_key_value.dsa_key_value, ds.DSAKeyValue) - self.key_value.dsa_key_value = None - self.key_value.rsa_key_value = ds.rsa_key_value_from_string( - ds_data.TEST_RSA_KEY_VALUE) - new_key_value = ds.key_value_from_string(self.key_value.to_string()) - assert isinstance(new_key_value.rsa_key_value, ds.RSAKeyValue) - - def testUsingTestData(self): - """Test for key_value_from_string() using test data""" - new_key_value = ds.key_value_from_string(ds_data.TEST_KEY_VALUE1) - assert isinstance(new_key_value.dsa_key_value, ds.DSAKeyValue) - self.key_value.dsa_key_value = None - self.key_value.rsa_key_value = ds.rsa_key_value_from_string( - ds_data.TEST_RSA_KEY_VALUE) - new_key_value = ds.key_value_from_string(ds_data.TEST_KEY_VALUE2) - assert isinstance(new_key_value.rsa_key_value, ds.RSAKeyValue) + def setup_class(self): + self.key_value = ds.KeyValue() + + def testAccessors(self): + """Test for KeyValue accessors""" + self.key_value.dsa_key_value = ds.dsa_key_value_from_string(ds_data.TEST_DSA_KEY_VALUE) + new_key_value = ds.key_value_from_string(self.key_value.to_string()) + assert isinstance(new_key_value.dsa_key_value, ds.DSAKeyValue) + self.key_value.dsa_key_value = None + self.key_value.rsa_key_value = ds.rsa_key_value_from_string(ds_data.TEST_RSA_KEY_VALUE) + new_key_value = ds.key_value_from_string(self.key_value.to_string()) + assert isinstance(new_key_value.rsa_key_value, ds.RSAKeyValue) + + def testUsingTestData(self): + """Test for key_value_from_string() using test data""" + new_key_value = ds.key_value_from_string(ds_data.TEST_KEY_VALUE1) + assert isinstance(new_key_value.dsa_key_value, ds.DSAKeyValue) + self.key_value.dsa_key_value = None + self.key_value.rsa_key_value = ds.rsa_key_value_from_string(ds_data.TEST_RSA_KEY_VALUE) + new_key_value = ds.key_value_from_string(ds_data.TEST_KEY_VALUE2) + assert isinstance(new_key_value.rsa_key_value, ds.RSAKeyValue) class TestKeyName: + def setup_class(self): + self.key_name = ds.KeyName() - def setup_class(self): - self.key_name = ds.KeyName() - - def testAccessors(self): - """Test for KeyName accessors""" - self.key_name.text = "key name" - new_key_name = ds.key_name_from_string(self.key_name.to_string()) - assert new_key_name.text.strip() == "key name" + def testAccessors(self): + """Test for KeyName accessors""" + self.key_name.text = "key name" + new_key_name = ds.key_name_from_string(self.key_name.to_string()) + assert new_key_name.text.strip() == "key name" - def testUsingTestData(self): - """Test for key_name_from_string() using test data""" - new_key_name = ds.key_name_from_string(ds_data.TEST_KEY_NAME) - assert new_key_name.text.strip() == "key name" + def testUsingTestData(self): + """Test for key_name_from_string() using test data""" + new_key_name = ds.key_name_from_string(ds_data.TEST_KEY_NAME) + assert new_key_name.text.strip() == "key name" class TestKeyInfo: - def setup_class(self): - self.key_info = ds.KeyInfo() - - def testAccessors(self): - """Test for KeyInfo accessors""" - self.key_info.key_name.append( - ds.key_name_from_string(ds_data.TEST_KEY_NAME)) - self.key_info.key_value.append( - ds.key_value_from_string(ds_data.TEST_KEY_VALUE1)) - self.key_info.retrieval_method.append( - ds.retrieval_method_from_string(ds_data.TEST_RETRIEVAL_METHOD)) - self.key_info.x509_data.append( - ds.x509_data_from_string(ds_data.TEST_X509_DATA)) - self.key_info.pgp_data.append( - ds.pgp_data_from_string(ds_data.TEST_PGP_DATA)) - self.key_info.spki_data.append( - ds.spki_data_from_string(ds_data.TEST_SPKI_DATA)) - self.key_info.mgmt_data.append( - ds.mgmt_data_from_string(ds_data.TEST_MGMT_DATA)) - self.key_info.id = "id" - new_key_info = ds.key_info_from_string(self.key_info.to_string()) - - assert isinstance(new_key_info.key_name[0], ds.KeyName) - assert isinstance(new_key_info.key_value[0], ds.KeyValue) - assert isinstance(new_key_info.retrieval_method[0], - ds.RetrievalMethod) - assert isinstance(new_key_info.x509_data[0], ds.X509Data) - assert isinstance(new_key_info.pgp_data[0], ds.PGPData) - assert isinstance(new_key_info.spki_data[0], ds.SPKIData) - assert isinstance(new_key_info.mgmt_data[0], ds.MgmtData) - assert new_key_info.id == "id" - - def testUsingTestData(self): - """Test for key_info_from_string() using test data""" - new_key_info = ds.key_info_from_string(ds_data.TEST_KEY_INFO) - assert isinstance(new_key_info.key_name[0], ds.KeyName) - assert isinstance(new_key_info.key_value[0], ds.KeyValue) - assert isinstance(new_key_info.retrieval_method[0], - ds.RetrievalMethod) - assert isinstance(new_key_info.x509_data[0], ds.X509Data) - assert isinstance(new_key_info.pgp_data[0], ds.PGPData) - assert isinstance(new_key_info.spki_data[0], ds.SPKIData) - assert isinstance(new_key_info.mgmt_data[0], ds.MgmtData) - assert new_key_info.id == "id" + def setup_class(self): + self.key_info = ds.KeyInfo() + + def testAccessors(self): + """Test for KeyInfo accessors""" + self.key_info.key_name.append(ds.key_name_from_string(ds_data.TEST_KEY_NAME)) + self.key_info.key_value.append(ds.key_value_from_string(ds_data.TEST_KEY_VALUE1)) + self.key_info.retrieval_method.append(ds.retrieval_method_from_string(ds_data.TEST_RETRIEVAL_METHOD)) + self.key_info.x509_data.append(ds.x509_data_from_string(ds_data.TEST_X509_DATA)) + self.key_info.pgp_data.append(ds.pgp_data_from_string(ds_data.TEST_PGP_DATA)) + self.key_info.spki_data.append(ds.spki_data_from_string(ds_data.TEST_SPKI_DATA)) + self.key_info.mgmt_data.append(ds.mgmt_data_from_string(ds_data.TEST_MGMT_DATA)) + self.key_info.id = "id" + new_key_info = ds.key_info_from_string(self.key_info.to_string()) + + assert isinstance(new_key_info.key_name[0], ds.KeyName) + assert isinstance(new_key_info.key_value[0], ds.KeyValue) + assert isinstance(new_key_info.retrieval_method[0], ds.RetrievalMethod) + assert isinstance(new_key_info.x509_data[0], ds.X509Data) + assert isinstance(new_key_info.pgp_data[0], ds.PGPData) + assert isinstance(new_key_info.spki_data[0], ds.SPKIData) + assert isinstance(new_key_info.mgmt_data[0], ds.MgmtData) + assert new_key_info.id == "id" + + def testUsingTestData(self): + """Test for key_info_from_string() using test data""" + new_key_info = ds.key_info_from_string(ds_data.TEST_KEY_INFO) + assert isinstance(new_key_info.key_name[0], ds.KeyName) + assert isinstance(new_key_info.key_value[0], ds.KeyValue) + assert isinstance(new_key_info.retrieval_method[0], ds.RetrievalMethod) + assert isinstance(new_key_info.x509_data[0], ds.X509Data) + assert isinstance(new_key_info.pgp_data[0], ds.PGPData) + assert isinstance(new_key_info.spki_data[0], ds.SPKIData) + assert isinstance(new_key_info.mgmt_data[0], ds.MgmtData) + assert new_key_info.id == "id" class TestDigestValue: + def setup_class(self): + self.digest_value = ds.DigestValue() - def setup_class(self): - self.digest_value = ds.DigestValue() + def testAccessors(self): + """Test for DigestValue accessors""" + self.digest_value.text = "digest value" + new_digest_value = ds.digest_value_from_string(self.digest_value.to_string()) + assert new_digest_value.text.strip() == "digest value" - def testAccessors(self): - """Test for DigestValue accessors""" - self.digest_value.text = "digest value" - new_digest_value = ds.digest_value_from_string(self.digest_value.to_string()) - assert new_digest_value.text.strip() == "digest value" - - def testUsingTestData(self): - """Test for digest_value_from_string() using test data""" - new_digest_value = ds.digest_value_from_string(ds_data.TEST_DIGEST_VALUE) - assert new_digest_value.text.strip() == "digest value" + def testUsingTestData(self): + """Test for digest_value_from_string() using test data""" + new_digest_value = ds.digest_value_from_string(ds_data.TEST_DIGEST_VALUE) + assert new_digest_value.text.strip() == "digest value" class TestDigestMethod: + def setup_class(self): + self.digest_method = ds.DigestMethod() - def setup_class(self): - self.digest_method = ds.DigestMethod() - - def testAccessors(self): - """Test for DigestMethod accessors""" - self.digest_method.algorithm = ds.DIGEST_SHA1 - new_digest_method = ds.digest_method_from_string( - self.digest_method.to_string()) - assert new_digest_method.algorithm == ds.DIGEST_SHA1 + def testAccessors(self): + """Test for DigestMethod accessors""" + self.digest_method.algorithm = ds.DIGEST_SHA1 + new_digest_method = ds.digest_method_from_string(self.digest_method.to_string()) + assert new_digest_method.algorithm == ds.DIGEST_SHA1 - def testUsingTestData(self): - """Test for digest_method_from_string() using test data""" - new_digest_method = ds.digest_method_from_string( - ds_data.TEST_DIGEST_METHOD) - assert new_digest_method.algorithm == ds.DIGEST_SHA1 + def testUsingTestData(self): + """Test for digest_method_from_string() using test data""" + new_digest_method = ds.digest_method_from_string(ds_data.TEST_DIGEST_METHOD) + assert new_digest_method.algorithm == ds.DIGEST_SHA1 class TestReference: - - def setup_class(self): - self.reference = ds.Reference() - - def testAccessors(self): - """Test for Reference accessors""" - self.reference.transforms = ds.transforms_from_string( - ds_data.TEST_TRANSFORMS) - self.reference.digest_method = ds.digest_method_from_string( - ds_data.TEST_DIGEST_METHOD) - self.reference.digest_value = ds.digest_value_from_string( - ds_data.TEST_DIGEST_VALUE) - self.reference.id = "id" - self.reference.uri = "http://www.example.com/URI" - self.reference.type = "http://www.example.com/Type" - new_reference = ds.reference_from_string(self.reference.to_string()) - assert isinstance(new_reference.transforms, ds.Transforms) - assert isinstance(new_reference.digest_method, ds.DigestMethod) - assert isinstance(new_reference.digest_value, ds.DigestValue) - assert new_reference.id == "id" - assert new_reference.uri == "http://www.example.com/URI" - assert new_reference.type == "http://www.example.com/Type" - - def testUsingTestData(self): - """Test for reference_from_string() using test data""" - new_reference = ds.reference_from_string(ds_data.TEST_REFERENCE) - assert isinstance(new_reference.transforms, ds.Transforms) - assert isinstance(new_reference.digest_method, ds.DigestMethod) - assert isinstance(new_reference.digest_value, ds.DigestValue) - assert new_reference.id == "id" - assert new_reference.uri == "http://www.example.com/URI" - assert new_reference.type == "http://www.example.com/Type" + def setup_class(self): + self.reference = ds.Reference() + + def testAccessors(self): + """Test for Reference accessors""" + self.reference.transforms = ds.transforms_from_string(ds_data.TEST_TRANSFORMS) + self.reference.digest_method = ds.digest_method_from_string(ds_data.TEST_DIGEST_METHOD) + self.reference.digest_value = ds.digest_value_from_string(ds_data.TEST_DIGEST_VALUE) + self.reference.id = "id" + self.reference.uri = "http://www.example.com/URI" + self.reference.type = "http://www.example.com/Type" + new_reference = ds.reference_from_string(self.reference.to_string()) + assert isinstance(new_reference.transforms, ds.Transforms) + assert isinstance(new_reference.digest_method, ds.DigestMethod) + assert isinstance(new_reference.digest_value, ds.DigestValue) + assert new_reference.id == "id" + assert new_reference.uri == "http://www.example.com/URI" + assert new_reference.type == "http://www.example.com/Type" + + def testUsingTestData(self): + """Test for reference_from_string() using test data""" + new_reference = ds.reference_from_string(ds_data.TEST_REFERENCE) + assert isinstance(new_reference.transforms, ds.Transforms) + assert isinstance(new_reference.digest_method, ds.DigestMethod) + assert isinstance(new_reference.digest_value, ds.DigestValue) + assert new_reference.id == "id" + assert new_reference.uri == "http://www.example.com/URI" + assert new_reference.type == "http://www.example.com/Type" class TestSignatureMethod: - - def setup_class(self): - self.signature_method = ds.SignatureMethod() - - def testAccessors(self): - """Test for SignatureMethod accessors""" - self.signature_method.algorithm = ds.SIG_RSA_SHA1 - self.signature_method.hmac_output_length = ds.HMACOutputLength(text="8") - new_signature_method = ds.signature_method_from_string( - self.signature_method.to_string()) - assert isinstance(new_signature_method.hmac_output_length, - ds.HMACOutputLength) - assert new_signature_method.hmac_output_length.text.strip() == "8" - assert new_signature_method.algorithm == ds.SIG_RSA_SHA1 - - def testUsingTestData(self): - """Test for signature_method_from_string() using test data""" - new_signature_method = ds.signature_method_from_string( - ds_data.TEST_SIGNATURE_METHOD) - assert isinstance(new_signature_method.hmac_output_length, - ds.HMACOutputLength) - assert new_signature_method.hmac_output_length.text.strip() == "8" - assert new_signature_method.algorithm == ds.SIG_RSA_SHA1 + def setup_class(self): + self.signature_method = ds.SignatureMethod() + + def testAccessors(self): + """Test for SignatureMethod accessors""" + self.signature_method.algorithm = ds.SIG_RSA_SHA1 + self.signature_method.hmac_output_length = ds.HMACOutputLength(text="8") + new_signature_method = ds.signature_method_from_string(self.signature_method.to_string()) + assert isinstance(new_signature_method.hmac_output_length, ds.HMACOutputLength) + assert new_signature_method.hmac_output_length.text.strip() == "8" + assert new_signature_method.algorithm == ds.SIG_RSA_SHA1 + + def testUsingTestData(self): + """Test for signature_method_from_string() using test data""" + new_signature_method = ds.signature_method_from_string(ds_data.TEST_SIGNATURE_METHOD) + assert isinstance(new_signature_method.hmac_output_length, ds.HMACOutputLength) + assert new_signature_method.hmac_output_length.text.strip() == "8" + assert new_signature_method.algorithm == ds.SIG_RSA_SHA1 class TestCanonicalizationMethod: + def setup_class(self): + self.canonicalization_method = ds.CanonicalizationMethod() - def setup_class(self): - self.canonicalization_method = ds.CanonicalizationMethod() + def testAccessors(self): + """Test for CanonicalizationMethod accessors""" + self.canonicalization_method.algorithm = ds.TRANSFORM_C14N_WITH_COMMENTS + new_canonicalization_method = ds.canonicalization_method_from_string(self.canonicalization_method.to_string()) + assert new_canonicalization_method.algorithm == ds.TRANSFORM_C14N_WITH_COMMENTS - def testAccessors(self): - """Test for CanonicalizationMethod accessors""" - self.canonicalization_method.algorithm = ds.TRANSFORM_C14N_WITH_COMMENTS - new_canonicalization_method = ds.canonicalization_method_from_string( - self.canonicalization_method.to_string()) - assert new_canonicalization_method.algorithm == ds.TRANSFORM_C14N_WITH_COMMENTS - - def testUsingTestData(self): - """Test for canonicalization_method_from_string() using test data""" - new_canonicalization_method = ds.canonicalization_method_from_string( - ds_data.TEST_CANONICALIZATION_METHOD - ) - assert new_canonicalization_method.algorithm == "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" + def testUsingTestData(self): + """Test for canonicalization_method_from_string() using test data""" + new_canonicalization_method = ds.canonicalization_method_from_string(ds_data.TEST_CANONICALIZATION_METHOD) + assert new_canonicalization_method.algorithm == "http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments" class TestSignedInfo: + def setup_class(self): + self.si = ds.SignedInfo() + + def testAccessors(self): + """Test for SignedInfo accessors""" + self.si.id = "id" + self.si.canonicalization_method = ds.canonicalization_method_from_string(ds_data.TEST_CANONICALIZATION_METHOD) + self.si.signature_method = ds.signature_method_from_string(ds_data.TEST_SIGNATURE_METHOD) + self.si.reference.append(ds.reference_from_string(ds_data.TEST_REFERENCE)) + new_si = ds.signed_info_from_string(self.si.to_string()) + assert new_si.id == "id" + assert isinstance(new_si.canonicalization_method, ds.CanonicalizationMethod) + assert isinstance(new_si.signature_method, ds.SignatureMethod) + assert isinstance(new_si.reference[0], ds.Reference) + + def testUsingTestData(self): + """Test for signed_info_from_string() using test data""" + new_si = ds.signed_info_from_string(ds_data.TEST_SIGNED_INFO) + assert new_si.id == "id" + assert isinstance(new_si.canonicalization_method, ds.CanonicalizationMethod) + assert isinstance(new_si.signature_method, ds.SignatureMethod) + assert isinstance(new_si.reference[0], ds.Reference) - def setup_class(self): - self.si = ds.SignedInfo() - - def testAccessors(self): - """Test for SignedInfo accessors""" - self.si.id = "id" - self.si.canonicalization_method = ds.canonicalization_method_from_string( - ds_data.TEST_CANONICALIZATION_METHOD) - self.si.signature_method = ds.signature_method_from_string( - ds_data.TEST_SIGNATURE_METHOD) - self.si.reference.append(ds.reference_from_string( - ds_data.TEST_REFERENCE)) - new_si = ds.signed_info_from_string(self.si.to_string()) - assert new_si.id == "id" - assert isinstance(new_si.canonicalization_method, - ds.CanonicalizationMethod) - assert isinstance(new_si.signature_method, ds.SignatureMethod) - assert isinstance(new_si.reference[0], ds.Reference) - - def testUsingTestData(self): - """Test for signed_info_from_string() using test data""" - new_si = ds.signed_info_from_string(ds_data.TEST_SIGNED_INFO) - assert new_si.id == "id" - assert isinstance(new_si.canonicalization_method, - ds.CanonicalizationMethod) - assert isinstance(new_si.signature_method, ds.SignatureMethod) - assert isinstance(new_si.reference[0], ds.Reference) class TestSignatureValue: + def setup_class(self): + self.signature_value = ds.SignatureValue() - def setup_class(self): - self.signature_value = ds.SignatureValue() - - def testAccessors(self): - """Test for SignatureValue accessors""" - self.signature_value.id = "id" - self.signature_value.text = "signature value" - new_signature_value = ds.signature_value_from_string( - self.signature_value.to_string()) - assert new_signature_value.id == "id" - assert new_signature_value.text.strip() == "signature value" + def testAccessors(self): + """Test for SignatureValue accessors""" + self.signature_value.id = "id" + self.signature_value.text = "signature value" + new_signature_value = ds.signature_value_from_string(self.signature_value.to_string()) + assert new_signature_value.id == "id" + assert new_signature_value.text.strip() == "signature value" - def testUsingTestData(self): - """Test for signature_value_from_string() using test data""" - new_signature_value = ds.signature_value_from_string( - ds_data.TEST_SIGNATURE_VALUE) - assert new_signature_value.id == "id" - assert new_signature_value.text.strip() == "signature value" + def testUsingTestData(self): + """Test for signature_value_from_string() using test data""" + new_signature_value = ds.signature_value_from_string(ds_data.TEST_SIGNATURE_VALUE) + assert new_signature_value.id == "id" + assert new_signature_value.text.strip() == "signature value" class TestSignature: - - def setup_class(self): - self.signature = ds.Signature() - - def testAccessors(self): - """Test for Signature accessors""" - self.signature.id = "id" - self.signature.signed_info = ds.signed_info_from_string( - ds_data.TEST_SIGNED_INFO) - self.signature.signature_value = ds.signature_value_from_string( - ds_data.TEST_SIGNATURE_VALUE) - self.signature.key_info = ds.key_info_from_string(ds_data.TEST_KEY_INFO) - self.signature.object.append(ds.object_from_string(ds_data.TEST_OBJECT)) - - new_signature = ds.signature_from_string(self.signature.to_string()) - assert new_signature.id == "id" - assert isinstance(new_signature.signed_info, ds.SignedInfo) - assert isinstance(new_signature.signature_value, ds.SignatureValue) - assert isinstance(new_signature.key_info, ds.KeyInfo) - assert isinstance(new_signature.object[0], ds.Object) - - def testUsingTestData(self): - """Test for signature_value_from_string() using test data""" - new_signature = ds.signature_from_string(ds_data.TEST_SIGNATURE) - assert new_signature.id == "id" - assert isinstance(new_signature.signed_info, ds.SignedInfo) - assert isinstance(new_signature.signature_value, ds.SignatureValue) - assert isinstance(new_signature.key_info, ds.KeyInfo) - assert isinstance(new_signature.object[0], ds.Object) - - -if __name__ == '__main__': - unittest.main() + def setup_class(self): + self.signature = ds.Signature() + + def testAccessors(self): + """Test for Signature accessors""" + self.signature.id = "id" + self.signature.signed_info = ds.signed_info_from_string(ds_data.TEST_SIGNED_INFO) + self.signature.signature_value = ds.signature_value_from_string(ds_data.TEST_SIGNATURE_VALUE) + self.signature.key_info = ds.key_info_from_string(ds_data.TEST_KEY_INFO) + self.signature.object.append(ds.object_from_string(ds_data.TEST_OBJECT)) + + new_signature = ds.signature_from_string(self.signature.to_string()) + assert new_signature.id == "id" + assert isinstance(new_signature.signed_info, ds.SignedInfo) + assert isinstance(new_signature.signature_value, ds.SignatureValue) + assert isinstance(new_signature.key_info, ds.KeyInfo) + assert isinstance(new_signature.object[0], ds.Object) + + def testUsingTestData(self): + """Test for signature_value_from_string() using test data""" + new_signature = ds.signature_from_string(ds_data.TEST_SIGNATURE) + assert new_signature.id == "id" + assert isinstance(new_signature.signed_info, ds.SignedInfo) + assert isinstance(new_signature.signature_value, ds.SignatureValue) + assert isinstance(new_signature.key_info, ds.KeyInfo) + assert isinstance(new_signature.object[0], ds.Object) + + +if __name__ == "__main__": + unittest.main() diff --git a/tests/test_01_xmlenc.py b/tests/test_01_xmlenc.py index b6e6be0d9..a83d9abe3 100644 --- a/tests/test_01_xmlenc.py +++ b/tests/test_01_xmlenc.py @@ -1,6 +1,7 @@ import saml2 -import saml2.xmlenc as xenc from saml2 import xmldsig +import saml2.xmlenc as xenc + data1 = """ @@ -18,7 +19,8 @@ def test_1(): cd = ed.cipher_data assert cd.cipher_value is not None assert cd.cipher_value.text == "A23B45C56" - + + data2 = """ DEADBEEF # """ + def test_2(): ed = xenc.encrypted_data_from_string(data2) assert ed @@ -49,7 +52,7 @@ def test_2(): assert ed.type == "http://www.w3.org/2001/04/xmlenc#Element" assert ed.encryption_method is not None em = ed.encryption_method - assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#tripledes-cbc' + assert em.algorithm == "http://www.w3.org/2001/04/xmlenc#tripledes-cbc" assert ed.key_info is not None ki = ed.key_info assert ki.key_name[0].text == "John Smith" @@ -58,6 +61,7 @@ def test_2(): assert cd.cipher_value is not None assert cd.cipher_value.text == "DEADBEEF" + data3 = """ """ + def test_3(): ed = xenc.encrypted_data_from_string(data3) assert ed print(ed) assert ed.encryption_method != None em = ed.encryption_method - assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#aes128-cbc' + assert em.algorithm == "http://www.w3.org/2001/04/xmlenc#aes128-cbc" assert ed.key_info != None ki = ed.key_info assert ki.key_name[0].text == "Sally Doe" @@ -92,6 +97,7 @@ def test_3(): assert cd.cipher_value != None assert cd.cipher_value.text == "DEADBEEF" + data4 = """ -# # # John Smith @@ -123,13 +129,14 @@ def test_3(): # Sally Doe # """ + def test_4(): ek = xenc.encrypted_key_from_string(data4) assert ek print(ek) assert ek.encryption_method != None em = ek.encryption_method - assert em.algorithm == 'http://www.w3.org/2001/04/xmlenc#rsa-1_5' + assert em.algorithm == "http://www.w3.org/2001/04/xmlenc#rsa-1_5" assert ek.key_info != None ki = ek.key_info assert ki.key_name[0].text == "John Smith" @@ -143,6 +150,7 @@ def test_4(): assert cd.cipher_value != None assert cd.cipher_value.text == "xyzabc" + data5 = """ @@ -156,6 +164,7 @@ def test_4(): """ + def test_5(): cr = xenc.cipher_reference_from_string(data5) assert cr @@ -164,16 +173,15 @@ def test_5(): trs = cr.transforms assert len(trs.transform) == 2 tr = trs.transform[0] - assert tr.algorithm in ["http://www.w3.org/TR/1999/REC-xpath-19991116", - "http://www.w3.org/2000/09/xmldsig#base64"] + assert tr.algorithm in ["http://www.w3.org/TR/1999/REC-xpath-19991116", "http://www.w3.org/2000/09/xmldsig#base64"] if tr.algorithm == "http://www.w3.org/2000/09/xmldsig#base64": pass elif tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116": assert len(tr.x_path) == 1 xp = tr.x_path[0] assert xp.text.strip() == """self::text()[parent::rep:CipherValue[@Id="example1"]]""" - - + + data6 = """ @@ -186,6 +194,7 @@ def test_5(): """ + def test_6(): rl = xenc.reference_list_from_string(data6) assert rl @@ -197,13 +206,11 @@ def test_6(): ee = dr.extension_elements[0] assert ee.tag == "Transforms" assert ee.namespace == "http://www.w3.org/2000/09/xmldsig#" - trs = saml2.extension_element_to_element(ee, xmldsig.ELEMENT_FROM_STRING, - namespace=xmldsig.NAMESPACE) - + trs = saml2.extension_element_to_element(ee, xmldsig.ELEMENT_FROM_STRING, namespace=xmldsig.NAMESPACE) + assert trs assert len(trs.transform) == 1 tr = trs.transform[0] assert tr.algorithm == "http://www.w3.org/TR/1999/REC-xpath-19991116" assert len(tr.x_path) == 1 assert tr.x_path[0].text.strip() == """self::xenc:EncryptedData[@Id="example1"]""" - diff --git a/tests/test_02_saml.py b/tests/test_02_saml.py index fe5bbb707..a090d89f2 100644 --- a/tests/test_02_saml.py +++ b/tests/test_02_saml.py @@ -1,30 +1,22 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """Tests for saml2.saml""" -__author__ = 'roland.hedberg@adm.umu.se (Roland Hedberg)' +__author__ = "roland.hedberg@adm.umu.se (Roland Hedberg)" -try: - from xml.etree import ElementTree -except ImportError: - from elementtree import ElementTree -import saml2 -import saml2_data import ds_data - -from saml2 import xmldsig as ds - -from saml2 import saml - from pytest import raises +import saml2_data -from saml2.saml import Issuer +import saml2 +from saml2 import saml +from saml2 import xmldsig as ds +from saml2.saml import NAMEID_FORMAT_EMAILADDRESS from saml2.saml import Attribute from saml2.saml import AttributeValue -from saml2.saml import NAMEID_FORMAT_EMAILADDRESS +from saml2.saml import Issuer class TestExtensionElement: @@ -33,7 +25,7 @@ def test_loadd(self): "attributes": {"attr": "loa", "info": "source"}, "tag": "tag", "namespace": "urn:mace:example.com", - "text": "free text" + "text": "free text", } ee = saml2.ExtensionElement(ava["tag"]) @@ -59,32 +51,27 @@ def test_find_children(self): "tag": "tag", "namespace": "urn:mace:example.com", "text": "free text", - "children": [{ - "attributes": {"foo": "bar", "special": "app"}, - "tag": "tag2", - "namespace": "urn:mace:example.com", - "text": "Just a line" - }, - { - "attributes": {"static": "attribute", - "dynamic": "orgname"}, - "tag": "tag3", - "namespace": "urn:mace:example.com", - "text": "Another line of text", - "children": [{ - "tag": "subtag", - "namespace": "urn:mace:example.org", - - "text": "grandchild" - }] - }, - { - "attributes": {"entitlement": "xyz"}, - "tag": "tag4", - "namespace": "urn:mace:example.org", - "text": "A comment" - } - ] + "children": [ + { + "attributes": {"foo": "bar", "special": "app"}, + "tag": "tag2", + "namespace": "urn:mace:example.com", + "text": "Just a line", + }, + { + "attributes": {"static": "attribute", "dynamic": "orgname"}, + "tag": "tag3", + "namespace": "urn:mace:example.com", + "text": "Another line of text", + "children": [{"tag": "subtag", "namespace": "urn:mace:example.org", "text": "grandchild"}], + }, + { + "attributes": {"entitlement": "xyz"}, + "tag": "tag4", + "namespace": "urn:mace:example.org", + "text": "A comment", + }, + ], } ee = saml2.ExtensionElement(ava["tag"]) @@ -121,29 +108,27 @@ def test_find_children(self): class TestExtensionContainer: def test_find_extensions(self): - avas = [{ - "attributes": {"foo": "bar", "special": "app"}, - "tag": "tag2", - "namespace": "urn:mace:example.com", - "text": "Just a line" - }, - { - "attributes": {"static": "attribute", "dynamic": "orgname"}, - "tag": "tag3", - "namespace": "urn:mace:example.com", - "text": "Another line of text", - "children": [{ - "tag": "subtag", - "namespace": "urn:mace:example.org", - "text": "grandchild" - }] - }, - { - "attributes": {"entitlement": "xyz"}, - "tag": "tag4", - "namespace": "urn:mace:example.org", - "text": "A comment" - }] + avas = [ + { + "attributes": {"foo": "bar", "special": "app"}, + "tag": "tag2", + "namespace": "urn:mace:example.com", + "text": "Just a line", + }, + { + "attributes": {"static": "attribute", "dynamic": "orgname"}, + "tag": "tag3", + "namespace": "urn:mace:example.com", + "text": "Another line of text", + "children": [{"tag": "subtag", "namespace": "urn:mace:example.org", "text": "grandchild"}], + }, + { + "attributes": {"entitlement": "xyz"}, + "tag": "tag4", + "namespace": "urn:mace:example.org", + "text": "A comment", + }, + ] ees = [saml2.ExtensionElement("").loadd(a) for a in avas] print(ees) @@ -166,9 +151,11 @@ def test_find_extensions(self): assert len(esl) == 3 def test_add_extension_elements(self): - items = [saml.NameID(sp_name_qualifier="sp0", text="foo"), - saml.NameID(sp_name_qualifier="sp1", text="bar"), - saml.Audience(text="http://example.org")] + items = [ + saml.NameID(sp_name_qualifier="sp0", text="foo"), + saml.NameID(sp_name_qualifier="sp1", text="bar"), + saml.Audience(text="http://example.org"), + ] ec = saml2.ExtensionContainer() ec.add_extension_elements(items) @@ -190,11 +177,7 @@ def test_add_extension_attribute(self): class TestSAMLBase: def test_make_vals_dict(self): - ava = { - "sp_name_qualifier": "loa", - "format": NAMEID_FORMAT_EMAILADDRESS, - "text": "free text" - } + ava = {"sp_name_qualifier": "loa", "format": NAMEID_FORMAT_EMAILADDRESS, "text": "free text"} foo = saml2.make_vals(ava, Issuer, part=True) print(foo) @@ -218,14 +201,13 @@ def test_make_vals_multi_dict(self): attr = Attribute() saml2.make_vals(ava, AttributeValue, attr, prop="attribute_value") - assert sorted(attr.keyswv()) == sorted(["name_format", - "attribute_value"]) + assert sorted(attr.keyswv()) == sorted(["name_format", "attribute_value"]) assert len(attr.attribute_value) == 4 def test_to_string_nspair(self): foo = saml2.make_vals("lions", AttributeValue, part=True) - txt = foo.to_string().decode('utf-8') - nsstr = foo.to_string({"saml": saml.NAMESPACE}).decode('utf-8') + txt = foo.to_string().decode("utf-8") + nsstr = foo.to_string({"saml": saml.NAMESPACE}).decode("utf-8") assert nsstr != txt print(txt) print(nsstr) @@ -235,40 +217,40 @@ def test_to_string_nspair(self): def test_set_text_empty(self): av = AttributeValue() av.set_text(None) - assert av.get_type() == '' - assert av.text == '' + assert av.get_type() == "" + assert av.text == "" def test_set_text_value(self): value = 123 av = AttributeValue(value) - assert av.get_type() == 'xs:integer' + assert av.get_type() == "xs:integer" assert av.text == str(value) def test_set_text_update_same_type(self): av = AttributeValue() av.set_text(True) - assert av.get_type() == 'xs:boolean' - assert av.text == 'true' + assert av.get_type() == "xs:boolean" + assert av.text == "true" av.set_text(False) - assert av.get_type() == 'xs:boolean' - assert av.text == 'false' + assert av.get_type() == "xs:boolean" + assert av.text == "false" def test_set_text_cannot_change_value_type(self): av = AttributeValue() av.set_text(True) - assert av.get_type() == 'xs:boolean' - assert av.text == 'true' + assert av.get_type() == "xs:boolean" + assert av.text == "true" with raises(ValueError): av.set_text(123) - assert av.get_type() == 'xs:boolean' - assert av.text == 'true' + assert av.get_type() == "xs:boolean" + assert av.text == "true" def test_set_xs_type_anytype_unchanged_value(self): av = AttributeValue() - av.set_type('xs:anyType') + av.set_type("xs:anyType") for value in [ [1, 2, 3], - {'key': 'value'}, + {"key": "value"}, True, 123, ]: @@ -276,11 +258,25 @@ def test_set_xs_type_anytype_unchanged_value(self): # the value is unchanged assert av.text == value - def test_set_invalid_type_before_text(self): + def test_set_xs_type_date(self): + _type_name = "xs:date" + _value = "2022-06-07" av = AttributeValue() - av.set_type('invalid-type') - with raises(ValueError): - av.set_text('foobar') + av.set_type(_type_name) + av.set_text(_value) + assert av.get_type() == _type_name + assert av.text == _value + assert type(av.text) is str + + def test_treat_invalid_types_as_string(self): + _type_name = "invalid-type" + _value = "foobar" + av = AttributeValue() + av.set_type(_type_name) + av.set_text(_value) + assert av.get_type() == _type_name + assert av.text == _value + assert type(av.text) is str def test_make_vals_div(self): foo = saml2.make_vals(666, AttributeValue, part=True) @@ -310,8 +306,7 @@ def testFormatAttribute(self): new_name_id = saml.name_id_from_string(self.name_id.to_string()) assert len(new_name_id.extension_elements) == 0 - self.name_id.extension_elements.append(saml2.ExtensionElement( - 'foo', text='bar')) + self.name_id.extension_elements.append(saml2.ExtensionElement("foo", text="bar")) assert len(self.name_id.extension_elements) == 1 assert self.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS @@ -347,13 +342,13 @@ def testNameIDToAndFromStringMatch(self): def testExtensionAttributes(self): """Test extension attributes""" - self.name_id.extension_attributes['hoge'] = 'fuga' - self.name_id.extension_attributes['moge'] = 'muga' - assert self.name_id.extension_attributes['hoge'] == 'fuga' - assert self.name_id.extension_attributes['moge'] == 'muga' + self.name_id.extension_attributes["hoge"] = "fuga" + self.name_id.extension_attributes["moge"] = "muga" + assert self.name_id.extension_attributes["hoge"] == "fuga" + assert self.name_id.extension_attributes["moge"] == "muga" new_name_id = saml.name_id_from_string(self.name_id.to_string()) - assert new_name_id.extension_attributes['hoge'] == 'fuga' - assert new_name_id.extension_attributes['moge'] == 'muga' + assert new_name_id.extension_attributes["hoge"] == "fuga" + assert new_name_id.extension_attributes["moge"] == "muga" def testname_id_from_string(self): """Test name_id_from_string() using test data""" @@ -397,21 +392,18 @@ def testAccessors(self): self.subject_locality.dns_name = "localhost" assert self.subject_locality.address == "127.0.0.1" assert self.subject_locality.dns_name == "localhost" - new_subject_locality = saml.subject_locality_from_string( - self.subject_locality.to_string()) + new_subject_locality = saml.subject_locality_from_string(self.subject_locality.to_string()) assert new_subject_locality.address == "127.0.0.1" assert new_subject_locality.dns_name == "localhost" def testUsingTestData(self): """Test SubjectLocalityFromString() using test data""" - subject_locality = saml.subject_locality_from_string( - saml2_data.TEST_SUBJECT_LOCALITY) + subject_locality = saml.subject_locality_from_string(saml2_data.TEST_SUBJECT_LOCALITY) assert subject_locality.address == "127.0.0.1" assert subject_locality.dns_name == "localhost" - new_subject_locality = saml.subject_locality_from_string( - subject_locality.to_string()) + new_subject_locality = saml.subject_locality_from_string(subject_locality.to_string()) assert new_subject_locality.address == "127.0.0.1" assert new_subject_locality.dns_name == "localhost" assert subject_locality.to_string() == new_subject_locality.to_string() @@ -426,16 +418,13 @@ def testAccessors(self): """Test for AuthnContextClassRef accessors""" self.authn_context_class_ref.text = self.text assert self.authn_context_class_ref.text == self.text - new_authn_context_class_ref = saml.authn_context_class_ref_from_string( - self.authn_context_class_ref.to_string()) + new_authn_context_class_ref = saml.authn_context_class_ref_from_string(self.authn_context_class_ref.to_string()) assert new_authn_context_class_ref.text == self.text - assert self.authn_context_class_ref.to_string() == \ - new_authn_context_class_ref.to_string() + assert self.authn_context_class_ref.to_string() == new_authn_context_class_ref.to_string() def testUsingTestData(self): """Test authn_context_class_ref_from_string() using test data""" - authn_context_class_ref = saml.authn_context_class_ref_from_string( - saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF) + authn_context_class_ref = saml.authn_context_class_ref_from_string(saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF) assert authn_context_class_ref.text.strip() == self.text @@ -448,16 +437,13 @@ def testAccessors(self): """Test for AuthnContextDeclRef accessors""" self.authn_context_decl_ref.text = self.ref assert self.authn_context_decl_ref.text == self.ref - new_authn_context_decl_ref = saml.authn_context_decl_ref_from_string( - self.authn_context_decl_ref.to_string()) + new_authn_context_decl_ref = saml.authn_context_decl_ref_from_string(self.authn_context_decl_ref.to_string()) assert new_authn_context_decl_ref.text == self.ref - assert self.authn_context_decl_ref.to_string() == \ - new_authn_context_decl_ref.to_string() + assert self.authn_context_decl_ref.to_string() == new_authn_context_decl_ref.to_string() def testUsingTestData(self): """Test authn_context_decl_ref_from_string() using test data""" - authn_context_decl_ref = saml.authn_context_decl_ref_from_string( - saml2_data.TEST_AUTHN_CONTEXT_DECL_REF) + authn_context_decl_ref = saml.authn_context_decl_ref_from_string(saml2_data.TEST_AUTHN_CONTEXT_DECL_REF) assert authn_context_decl_ref.text.strip() == self.ref @@ -470,16 +456,13 @@ def testAccessors(self): """Test for AuthnContextDecl accessors""" self.authn_context_decl.text = self.text assert self.authn_context_decl.text == self.text - new_authn_context_decl = saml.authn_context_decl_from_string( - self.authn_context_decl.to_string()) + new_authn_context_decl = saml.authn_context_decl_from_string(self.authn_context_decl.to_string()) assert new_authn_context_decl.text == self.text - assert self.authn_context_decl.to_string() == \ - new_authn_context_decl.to_string() + assert self.authn_context_decl.to_string() == new_authn_context_decl.to_string() def testUsingTestData(self): """Test authn_context_decl_from_string() using test data""" - authn_context_decl = saml.authn_context_decl_from_string( - saml2_data.TEST_AUTHN_CONTEXT_DECL) + authn_context_decl = saml.authn_context_decl_from_string(saml2_data.TEST_AUTHN_CONTEXT_DECL) assert authn_context_decl.text.strip() == self.text @@ -493,15 +476,14 @@ def testAccessors(self): self.authenticating_authority.text = self.text assert self.authenticating_authority.text == self.text new_authenticating_authority = saml.authenticating_authority_from_string( - self.authenticating_authority.to_string()) + self.authenticating_authority.to_string() + ) assert new_authenticating_authority.text == self.text - assert self.authenticating_authority.to_string() == \ - new_authenticating_authority.to_string() + assert self.authenticating_authority.to_string() == new_authenticating_authority.to_string() def testUsingTestData(self): """Test authenticating_authority_from_string() using test data""" - authenticating_authority = saml.authenticating_authority_from_string( - saml2_data.TEST_AUTHENTICATING_AUTHORITY) + authenticating_authority = saml.authenticating_authority_from_string(saml2_data.TEST_AUTHENTICATING_AUTHORITY) assert authenticating_authority.text.strip() == self.text @@ -511,36 +493,30 @@ def setup_class(self): def testAccessors(self): """Test for AuthnContext accessors""" - self.authn_context.authn_context_class_ref = \ - saml.authn_context_class_ref_from_string( - saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF) - self.authn_context.authn_context_decl_ref = \ - saml.authn_context_decl_ref_from_string( - saml2_data.TEST_AUTHN_CONTEXT_DECL_REF) - self.authn_context.authn_context_decl = \ - saml.authn_context_decl_from_string( - saml2_data.TEST_AUTHN_CONTEXT_DECL) + self.authn_context.authn_context_class_ref = saml.authn_context_class_ref_from_string( + saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF + ) + self.authn_context.authn_context_decl_ref = saml.authn_context_decl_ref_from_string( + saml2_data.TEST_AUTHN_CONTEXT_DECL_REF + ) + self.authn_context.authn_context_decl = saml.authn_context_decl_from_string(saml2_data.TEST_AUTHN_CONTEXT_DECL) self.authn_context.authenticating_authority.append( - saml.authenticating_authority_from_string( - saml2_data.TEST_AUTHENTICATING_AUTHORITY)) - assert self.authn_context.authn_context_class_ref.text.strip() == \ - "http://www.example.com/authnContextClassRef" - assert self.authn_context.authn_context_decl_ref.text.strip() == \ - "http://www.example.com/authnContextDeclRef" - assert self.authn_context.authn_context_decl.text.strip() == \ - "http://www.example.com/authnContextDecl" - assert self.authn_context.authenticating_authority[0].text.strip() == \ - "http://www.example.com/authenticatingAuthority" - new_authn_context = saml.authn_context_from_string( - self.authn_context.to_string()) + saml.authenticating_authority_from_string(saml2_data.TEST_AUTHENTICATING_AUTHORITY) + ) + assert self.authn_context.authn_context_class_ref.text.strip() == "http://www.example.com/authnContextClassRef" + assert self.authn_context.authn_context_decl_ref.text.strip() == "http://www.example.com/authnContextDeclRef" + assert self.authn_context.authn_context_decl.text.strip() == "http://www.example.com/authnContextDecl" + assert ( + self.authn_context.authenticating_authority[0].text.strip() + == "http://www.example.com/authenticatingAuthority" + ) + new_authn_context = saml.authn_context_from_string(self.authn_context.to_string()) assert self.authn_context.to_string() == new_authn_context.to_string() def testUsingTestData(self): """Test authn_context_from_string() using test data""" - authn_context = saml.authn_context_from_string( - saml2_data.TEST_AUTHN_CONTEXT) - assert authn_context.authn_context_class_ref.text.strip() == \ - saml.AUTHN_PASSWORD + authn_context = saml.authn_context_from_string(saml2_data.TEST_AUTHN_CONTEXT) + assert authn_context.authn_context_class_ref.text.strip() == saml.AUTHN_PASSWORD class TestAuthnStatement: @@ -553,41 +529,40 @@ def testAccessors(self): self.authn_statem.session_not_on_or_after = "2007-09-14T01:05:02Z" self.authn_statem.session_index = "sessionindex" self.authn_statem.authn_context = saml.AuthnContext() - self.authn_statem.authn_context.authn_context_class_ref = \ - saml.authn_context_class_ref_from_string( - saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF) - self.authn_statem.authn_context.authn_context_decl_ref = \ - saml.authn_context_decl_ref_from_string( - saml2_data.TEST_AUTHN_CONTEXT_DECL_REF) - self.authn_statem.authn_context.authn_context_decl = \ - saml.authn_context_decl_from_string( - saml2_data.TEST_AUTHN_CONTEXT_DECL) + self.authn_statem.authn_context.authn_context_class_ref = saml.authn_context_class_ref_from_string( + saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF + ) + self.authn_statem.authn_context.authn_context_decl_ref = saml.authn_context_decl_ref_from_string( + saml2_data.TEST_AUTHN_CONTEXT_DECL_REF + ) + self.authn_statem.authn_context.authn_context_decl = saml.authn_context_decl_from_string( + saml2_data.TEST_AUTHN_CONTEXT_DECL + ) self.authn_statem.authn_context.authenticating_authority.append( - saml.authenticating_authority_from_string( - saml2_data.TEST_AUTHENTICATING_AUTHORITY)) + saml.authenticating_authority_from_string(saml2_data.TEST_AUTHENTICATING_AUTHORITY) + ) new_as = saml.authn_statement_from_string(self.authn_statem.to_string()) assert new_as.authn_instant == "2007-08-31T01:05:02Z" assert new_as.session_index == "sessionindex" assert new_as.session_not_on_or_after == "2007-09-14T01:05:02Z" - assert new_as.authn_context.authn_context_class_ref.text.strip() == \ - "http://www.example.com/authnContextClassRef" - assert new_as.authn_context.authn_context_decl_ref.text.strip() == \ - "http://www.example.com/authnContextDeclRef" - assert new_as.authn_context.authn_context_decl.text.strip() == \ - "http://www.example.com/authnContextDecl" - assert new_as.authn_context.authenticating_authority[0].text.strip() \ - == "http://www.example.com/authenticatingAuthority" + assert ( + new_as.authn_context.authn_context_class_ref.text.strip() == "http://www.example.com/authnContextClassRef" + ) + assert new_as.authn_context.authn_context_decl_ref.text.strip() == "http://www.example.com/authnContextDeclRef" + assert new_as.authn_context.authn_context_decl.text.strip() == "http://www.example.com/authnContextDecl" + assert ( + new_as.authn_context.authenticating_authority[0].text.strip() + == "http://www.example.com/authenticatingAuthority" + ) assert self.authn_statem.to_string() == new_as.to_string() def testUsingTestData(self): """Test authn_statement_from_string() using test data""" - authn_statem = saml.authn_statement_from_string( - saml2_data.TEST_AUTHN_STATEMENT) + authn_statem = saml.authn_statement_from_string(saml2_data.TEST_AUTHN_STATEMENT) assert authn_statem.authn_instant == "2007-08-31T01:05:02Z" assert authn_statem.session_not_on_or_after == "2007-09-14T01:05:02Z" - assert authn_statem.authn_context.authn_context_class_ref.text.strip() == \ - saml.AUTHN_PASSWORD + assert authn_statem.authn_context.authn_context_class_ref.text.strip() == saml.AUTHN_PASSWORD class TestAttributeValue: @@ -599,15 +574,13 @@ def testAccessors(self): """Test for AttributeValue accessors""" self.attribute_value.text = self.text - new_attribute_value = saml.attribute_value_from_string( - self.attribute_value.to_string()) + new_attribute_value = saml.attribute_value_from_string(self.attribute_value.to_string()) assert new_attribute_value.text.strip() == self.text def testUsingTestData(self): """Test attribute_value_from_string() using test data""" - attribute_value = saml.attribute_value_from_string( - saml2_data.TEST_ATTRIBUTE_VALUE) + attribute_value = saml.attribute_value_from_string(saml2_data.TEST_ATTRIBUTE_VALUE) assert attribute_value.text.strip() == self.text @@ -681,9 +654,7 @@ def testUsingTestData(self): class TestAttribute: def setup_class(self): self.attribute = saml.Attribute() - self.text = ["value of test attribute", - "value1 of test attribute", - "value2 of test attribute"] + self.text = ["value of test attribute", "value1 of test attribute", "value2 of test attribute"] def testAccessors(self): """Test for Attribute accessors""" @@ -745,11 +716,13 @@ def test_basic_boolean_false(self): class TestAttributeStatement: def setup_class(self): self.attr_statem = saml.AttributeStatement() - self.text = ["value of test attribute", - "value1 of test attribute", - "value2 of test attribute", - "value1 of test attribute2", - "value2 of test attribute2", ] + self.text = [ + "value of test attribute", + "value1 of test attribute", + "value2 of test attribute", + "value1 of test attribute2", + "value2 of test attribute2", + ] def testAccessors(self): """Test for Attribute accessors""" @@ -758,70 +731,51 @@ def testAccessors(self): self.attr_statem.attribute[0].name = "testAttribute" self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI self.attr_statem.attribute[0].friendly_name = "test attribute" - self.attr_statem.attribute[0].attribute_value.append( - saml.AttributeValue()) + self.attr_statem.attribute[0].attribute_value.append(saml.AttributeValue()) self.attr_statem.attribute[0].attribute_value[0].text = self.text[0] self.attr_statem.attribute[1].name = "testAttribute2" self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED self.attr_statem.attribute[1].friendly_name = self.text[2] - self.attr_statem.attribute[1].attribute_value.append( - saml.AttributeValue()) + self.attr_statem.attribute[1].attribute_value.append(saml.AttributeValue()) self.attr_statem.attribute[1].attribute_value[0].text = self.text[2] - new_as = saml.attribute_statement_from_string( - self.attr_statem.to_string()) + new_as = saml.attribute_statement_from_string(self.attr_statem.to_string()) assert new_as.attribute[0].name == "testAttribute" assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI assert new_as.attribute[0].friendly_name == "test attribute" - assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[ - 0] + assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[0] assert new_as.attribute[1].name == "testAttribute2" assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED assert new_as.attribute[1].friendly_name == "value2 of test attribute" - assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[ - 2] + assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[2] def testUsingTestData(self): """Test attribute_statement_from_string() using test data""" - attr_statem = saml.attribute_statement_from_string( \ - saml2_data.TEST_ATTRIBUTE_STATEMENT) + attr_statem = saml.attribute_statement_from_string(saml2_data.TEST_ATTRIBUTE_STATEMENT) assert attr_statem.attribute[0].name == "testAttribute" - assert attr_statem.attribute[ - 0].name_format == saml.NAME_FORMAT_UNSPECIFIED + assert attr_statem.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED assert attr_statem.attribute[0].friendly_name == "test attribute" - assert attr_statem.attribute[0].attribute_value[0].text.strip() == \ - self.text[1] - assert attr_statem.attribute[0].attribute_value[1].text.strip() == \ - self.text[2] - assert attr_statem.attribute[ - 1].name == "http://www.example.com/testAttribute2" + assert attr_statem.attribute[0].attribute_value[0].text.strip() == self.text[1] + assert attr_statem.attribute[0].attribute_value[1].text.strip() == self.text[2] + assert attr_statem.attribute[1].name == "http://www.example.com/testAttribute2" assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI assert attr_statem.attribute[1].friendly_name == "test attribute2" - assert attr_statem.attribute[1].attribute_value[0].text.strip() == \ - self.text[3] - assert attr_statem.attribute[1].attribute_value[1].text.strip() == \ - self.text[4] + assert attr_statem.attribute[1].attribute_value[0].text.strip() == self.text[3] + assert attr_statem.attribute[1].attribute_value[1].text.strip() == self.text[4] # test again - attr_statem2 = saml.attribute_statement_from_string( - attr_statem.to_string()) + attr_statem2 = saml.attribute_statement_from_string(attr_statem.to_string()) assert attr_statem2.attribute[0].name == "testAttribute" - assert attr_statem2.attribute[ - 0].name_format == saml.NAME_FORMAT_UNSPECIFIED + assert attr_statem2.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED assert attr_statem2.attribute[0].friendly_name == "test attribute" - assert attr_statem2.attribute[0].attribute_value[0].text.strip() == \ - self.text[1] - assert attr_statem2.attribute[0].attribute_value[1].text.strip() == \ - self.text[2] - assert attr_statem2.attribute[ - 1].name == "http://www.example.com/testAttribute2" + assert attr_statem2.attribute[0].attribute_value[0].text.strip() == self.text[1] + assert attr_statem2.attribute[0].attribute_value[1].text.strip() == self.text[2] + assert attr_statem2.attribute[1].name == "http://www.example.com/testAttribute2" assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI assert attr_statem2.attribute[1].friendly_name == "test attribute2" - assert attr_statem2.attribute[1].attribute_value[0].text.strip() == \ - self.text[3] - assert attr_statem2.attribute[1].attribute_value[1].text.strip() == \ - self.text[4] + assert attr_statem2.attribute[1].attribute_value[0].text.strip() == self.text[3] + assert attr_statem2.attribute[1].attribute_value[1].text.strip() == self.text[4] class TestSubjectConfirmationData: @@ -836,8 +790,7 @@ def testAccessors(self): self.scd.recipient = "recipient" self.scd.in_response_to = "responseID" self.scd.address = "127.0.0.1" - new_scd = saml.subject_confirmation_data_from_string( - self.scd.to_string()) + new_scd = saml.subject_confirmation_data_from_string(self.scd.to_string()) assert new_scd.not_before == "2007-08-31T01:05:02Z" assert new_scd.not_on_or_after == "2007-09-14T01:05:02Z" assert new_scd.recipient == "recipient" @@ -847,8 +800,7 @@ def testAccessors(self): def testUsingTestData(self): """Test subject_confirmation_data_from_string() using test data""" - scd = saml.subject_confirmation_data_from_string( - saml2_data.TEST_SUBJECT_CONFIRMATION_DATA) + scd = saml.subject_confirmation_data_from_string(saml2_data.TEST_SUBJECT_CONFIRMATION_DATA) assert scd.not_before == "2007-08-31T01:05:02Z" assert scd.not_on_or_after == "2007-09-14T01:05:02Z" assert scd.recipient == "recipient" @@ -865,14 +817,14 @@ def testAccessors(self): self.sc.name_id = saml.name_id_from_string(saml2_data.TEST_NAME_ID) self.sc.method = saml.SCM_BEARER self.sc.subject_confirmation_data = saml.subject_confirmation_data_from_string( - saml2_data.TEST_SUBJECT_CONFIRMATION_DATA) + saml2_data.TEST_SUBJECT_CONFIRMATION_DATA + ) new_sc = saml.subject_confirmation_from_string(self.sc.to_string()) self._assertBearer(new_sc) def testBearerUsingTestData(self): """Test subject_confirmation_from_string() using test data for 'bearer' SubjectConfirmation""" - sc = saml.subject_confirmation_from_string( - saml2_data.TEST_SUBJECT_CONFIRMATION) + sc = saml.subject_confirmation_from_string(saml2_data.TEST_SUBJECT_CONFIRMATION) assert sc.verify() self._assertBearer(sc) @@ -892,9 +844,7 @@ def _assertBearer(self, sc): def testHolderOfKeyUsingTestData(self): """Test subject_confirmation_from_string() using test data for 'holder-of-key' SubjectConfirmation""" - sc = saml.subject_confirmation_from_string( - saml2_data.TEST_HOLDER_OF_KEY_SUBJECT_CONFIRMATION - ) + sc = saml.subject_confirmation_from_string(saml2_data.TEST_HOLDER_OF_KEY_SUBJECT_CONFIRMATION) assert sc.verify() assert sc.method == saml.SCM_HOLDER_OF_KEY assert sc.subject_confirmation_data is not None @@ -932,14 +882,13 @@ def testAccessors(self): """Test for Subject accessors""" self.subject.name_id = saml.name_id_from_string(saml2_data.TEST_NAME_ID) self.subject.subject_confirmation.append( - saml.subject_confirmation_from_string( - saml2_data.TEST_SUBJECT_CONFIRMATION)) + saml.subject_confirmation_from_string(saml2_data.TEST_SUBJECT_CONFIRMATION) + ) new_subject = saml.subject_from_string(self.subject.to_string()) assert new_subject.name_id.sp_provided_id == "sp provided id" assert new_subject.name_id.text.strip() == "tmatsuo@example.com" assert new_subject.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS - assert isinstance(new_subject.subject_confirmation[0], - saml.SubjectConfirmation) + assert isinstance(new_subject.subject_confirmation[0], saml.SubjectConfirmation) def testUsingTestData(self): """Test for subject_from_string() using test data.""" @@ -948,8 +897,7 @@ def testUsingTestData(self): assert subject.name_id.sp_provided_id == "sp provided id" assert subject.name_id.text.strip() == "tmatsuo@example.com" assert subject.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS - assert isinstance(subject.subject_confirmation[0], - saml.SubjectConfirmation) + assert isinstance(subject.subject_confirmation[0], saml.SubjectConfirmation) class TestCondition: @@ -960,11 +908,10 @@ def setup_class(self): def testAccessors(self): """Test for Condition accessors.""" self.condition.extension_attributes[self.name] = "test" - self.condition.extension_attributes['ExtendedAttribute'] = "value" + self.condition.extension_attributes["ExtendedAttribute"] = "value" new_condition = saml.condition_from_string(self.condition.to_string()) assert new_condition.extension_attributes[self.name] == "test" - assert new_condition.extension_attributes[ - "ExtendedAttribute"] == "value" + assert new_condition.extension_attributes["ExtendedAttribute"] == "value" def testUsingTestData(self): """Test for condition_from_string() using test data.""" @@ -998,20 +945,15 @@ def setup_class(self): def testAccessors(self): """Test for AudienceRestriction accessors""" - self.audience_restriction.audience = \ - saml.audience_from_string(saml2_data.TEST_AUDIENCE) - new_audience = saml.audience_restriction_from_string( - self.audience_restriction.to_string()) - assert self.audience_restriction.audience.text.strip() == \ - "http://www.example.com/Audience" + self.audience_restriction.audience = saml.audience_from_string(saml2_data.TEST_AUDIENCE) + new_audience = saml.audience_restriction_from_string(self.audience_restriction.to_string()) + assert self.audience_restriction.audience.text.strip() == "http://www.example.com/Audience" def testUsingTestData(self): """Test audience_restriction_from_string using test data""" - audience_restriction = saml.audience_restriction_from_string( - saml2_data.TEST_AUDIENCE_RESTRICTION) - assert audience_restriction.audience[0].text.strip() == \ - "http://www.example.com/Audience" + audience_restriction = saml.audience_restriction_from_string(saml2_data.TEST_AUDIENCE_RESTRICTION) + assert audience_restriction.audience[0].text.strip() == "http://www.example.com/Audience" class TestOneTimeUse: @@ -1025,8 +967,7 @@ def testAccessors(self): def testUsingTestData(self): """Test one_time_use_from_string() using test data""" - one_time_use = saml.one_time_use_from_string( - saml2_data.TEST_ONE_TIME_USE) + one_time_use = saml.one_time_use_from_string(saml2_data.TEST_ONE_TIME_USE) assert isinstance(one_time_use, saml.OneTimeUse) assert isinstance(one_time_use, saml.ConditionAbstractType_) @@ -1040,22 +981,17 @@ def testAccessors(self): assert isinstance(self.proxy_restriction, saml.ConditionAbstractType_) self.proxy_restriction.count = "2" - self.proxy_restriction.audience.append(saml.audience_from_string( - saml2_data.TEST_AUDIENCE)) - new_proxy_restriction = saml.proxy_restriction_from_string( - self.proxy_restriction.to_string()) + self.proxy_restriction.audience.append(saml.audience_from_string(saml2_data.TEST_AUDIENCE)) + new_proxy_restriction = saml.proxy_restriction_from_string(self.proxy_restriction.to_string()) assert new_proxy_restriction.count == "2" - assert new_proxy_restriction.audience[0].text.strip() == \ - "http://www.example.com/Audience" + assert new_proxy_restriction.audience[0].text.strip() == "http://www.example.com/Audience" def testUsingTestData(self): """Test proxy_restriction_from_string() using test data""" - proxy_restriction = saml.proxy_restriction_from_string( - saml2_data.TEST_PROXY_RESTRICTION) + proxy_restriction = saml.proxy_restriction_from_string(saml2_data.TEST_PROXY_RESTRICTION) assert proxy_restriction.count == "2" - assert proxy_restriction.audience[0].text.strip() == \ - "http://www.example.com/Audience" + assert proxy_restriction.audience[0].text.strip() == "http://www.example.com/Audience" class TestConditions: @@ -1070,17 +1006,13 @@ def testAccessors(self): self.conditions.audience_restriction.append(saml.AudienceRestriction()) self.conditions.one_time_use.append(saml.OneTimeUse()) self.conditions.proxy_restriction.append(saml.ProxyRestriction()) - new_conditions = saml.conditions_from_string( - self.conditions.to_string()) + new_conditions = saml.conditions_from_string(self.conditions.to_string()) assert new_conditions.not_before == "2007-08-31T01:05:02Z" assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z" assert isinstance(new_conditions.condition[0], saml.Condition) - assert isinstance(new_conditions.audience_restriction[0], - saml.AudienceRestriction) - assert isinstance(new_conditions.one_time_use[0], - saml.OneTimeUse) - assert isinstance(new_conditions.proxy_restriction[0], - saml.ProxyRestriction) + assert isinstance(new_conditions.audience_restriction[0], saml.AudienceRestriction) + assert isinstance(new_conditions.one_time_use[0], saml.OneTimeUse) + assert isinstance(new_conditions.proxy_restriction[0], saml.ProxyRestriction) def testUsingTestData(self): """Test conditions_from_string() using test data""" @@ -1088,12 +1020,9 @@ def testUsingTestData(self): assert new_conditions.not_before == "2007-08-31T01:05:02Z" assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z" assert isinstance(new_conditions.condition[0], saml.Condition) - assert isinstance(new_conditions.audience_restriction[0], - saml.AudienceRestriction) - assert isinstance(new_conditions.one_time_use[0], - saml.OneTimeUse) - assert isinstance(new_conditions.proxy_restriction[0], - saml.ProxyRestriction) + assert isinstance(new_conditions.audience_restriction[0], saml.AudienceRestriction) + assert isinstance(new_conditions.one_time_use[0], saml.OneTimeUse) + assert isinstance(new_conditions.proxy_restriction[0], saml.ProxyRestriction) class TestAssertionIDRef: @@ -1103,17 +1032,13 @@ def setup_class(self): def testAccessors(self): """Test for AssertionIDRef accessors""" self.assertion_id_ref.text = "zzlieajngjbkjggjldmgindkckkolcblndbghlhm" - new_assertion_id_ref = saml.assertion_id_ref_from_string( - self.assertion_id_ref.to_string()) - assert new_assertion_id_ref.text == \ - "zzlieajngjbkjggjldmgindkckkolcblndbghlhm" + new_assertion_id_ref = saml.assertion_id_ref_from_string(self.assertion_id_ref.to_string()) + assert new_assertion_id_ref.text == "zzlieajngjbkjggjldmgindkckkolcblndbghlhm" def testUsingTestData(self): """Test assertion_id_ref_from_string() using test data""" - new_assertion_id_ref = saml.assertion_id_ref_from_string( - saml2_data.TEST_ASSERTION_ID_REF) - assert new_assertion_id_ref.text.strip() == \ - "zzlieajngjbkjggjldmgindkckkolcblndbghlhm" + new_assertion_id_ref = saml.assertion_id_ref_from_string(saml2_data.TEST_ASSERTION_ID_REF) + assert new_assertion_id_ref.text.strip() == "zzlieajngjbkjggjldmgindkckkolcblndbghlhm" class TestAssertionURIRef: @@ -1123,17 +1048,13 @@ def setup_class(self): def testAccessors(self): """Test for AssertionURIRef accessors""" self.assertion_uri_ref.text = "http://www.example.com/AssertionURIRef" - new_assertion_uri_ref = saml.assertion_uri_ref_from_string( - self.assertion_uri_ref.to_string()) - assert new_assertion_uri_ref.text == \ - "http://www.example.com/AssertionURIRef" + new_assertion_uri_ref = saml.assertion_uri_ref_from_string(self.assertion_uri_ref.to_string()) + assert new_assertion_uri_ref.text == "http://www.example.com/AssertionURIRef" def testUsingTestData(self): """Test assertion_uri_ref_from_string() using test data""" - new_assertion_uri_ref = saml.assertion_uri_ref_from_string( - saml2_data.TEST_ASSERTION_URI_REF) - assert new_assertion_uri_ref.text.strip() == \ - "http://www.example.com/AssertionURIRef" + new_assertion_uri_ref = saml.assertion_uri_ref_from_string(saml2_data.TEST_ASSERTION_URI_REF) + assert new_assertion_uri_ref.text.strip() == "http://www.example.com/AssertionURIRef" class TestAction: @@ -1165,20 +1086,16 @@ def testAccessors(self): new_evidence = saml.evidence_from_string(self.evidence.to_string()) print(new_evidence) assert self.evidence.to_string() == new_evidence.to_string() - assert isinstance(new_evidence.assertion_id_ref[0], - saml.AssertionIDRef) - assert isinstance(new_evidence.assertion_uri_ref[0], - saml.AssertionURIRef) + assert isinstance(new_evidence.assertion_id_ref[0], saml.AssertionIDRef) + assert isinstance(new_evidence.assertion_uri_ref[0], saml.AssertionURIRef) assert len(new_evidence.assertion) == 1 assert isinstance(new_evidence.assertion[0], saml.Assertion) assert len(new_evidence.encrypted_assertion) == 1 - assert isinstance(new_evidence.encrypted_assertion[0], - saml.EncryptedAssertion) + assert isinstance(new_evidence.encrypted_assertion[0], saml.EncryptedAssertion) def testUsingTestData(self): """Test evidence_from_string() using test data""" # TODO: - pass class TestAuthzDecisionStatement: @@ -1192,23 +1109,17 @@ def testAccessors(self): self.authz_decision_statement.action.append(saml.Action()) self.authz_decision_statement.evidence = saml.Evidence() new_authz_decision_statement = saml.authz_decision_statement_from_string( - self.authz_decision_statement.to_string()) - assert self.authz_decision_statement.to_string() == \ - new_authz_decision_statement.to_string() - assert new_authz_decision_statement.resource == \ - "http://www.example.com/Resource" - assert new_authz_decision_statement.decision == \ - saml.DECISION_TYPE_PERMIT - assert isinstance(new_authz_decision_statement.action[0], - saml.Action) - assert isinstance(new_authz_decision_statement.evidence, - saml.Evidence) - + self.authz_decision_statement.to_string() + ) + assert self.authz_decision_statement.to_string() == new_authz_decision_statement.to_string() + assert new_authz_decision_statement.resource == "http://www.example.com/Resource" + assert new_authz_decision_statement.decision == saml.DECISION_TYPE_PERMIT + assert isinstance(new_authz_decision_statement.action[0], saml.Action) + assert isinstance(new_authz_decision_statement.evidence, saml.Evidence) def testUsingTestData(self): """Test authz_decision_statement_from_string() using test data""" # TODO: - pass class TestAdvice: @@ -1223,18 +1134,14 @@ def testAccessors(self): self.advice.encrypted_assertion.append(saml.EncryptedAssertion()) new_advice = saml.advice_from_string(self.advice.to_string()) assert self.advice.to_string() == new_advice.to_string() - assert isinstance(new_advice.assertion_id_ref[0], - saml.AssertionIDRef) - assert isinstance(new_advice.assertion_uri_ref[0], - saml.AssertionURIRef) + assert isinstance(new_advice.assertion_id_ref[0], saml.AssertionIDRef) + assert isinstance(new_advice.assertion_uri_ref[0], saml.AssertionURIRef) assert isinstance(new_advice.assertion[0], saml.Assertion) - assert isinstance(new_advice.encrypted_assertion[0], - saml.EncryptedAssertion) + assert isinstance(new_advice.encrypted_assertion[0], saml.EncryptedAssertion) def testUsingTestData(self): """Test advice_from_string() using test data""" # TODO: - pass class TestAssertion: @@ -1247,21 +1154,16 @@ def testAccessors(self): self.assertion.version = saml2.VERSION self.assertion.issue_instant = "2007-08-31T01:05:02Z" self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER) - self.assertion.signature = ds.signature_from_string( - ds_data.TEST_SIGNATURE) - self.assertion.subject = saml.subject_from_string( - saml2_data.TEST_SUBJECT) - self.assertion.conditions = saml.conditions_from_string( - saml2_data.TEST_CONDITIONS) + self.assertion.signature = ds.signature_from_string(ds_data.TEST_SIGNATURE) + self.assertion.subject = saml.subject_from_string(saml2_data.TEST_SUBJECT) + self.assertion.conditions = saml.conditions_from_string(saml2_data.TEST_CONDITIONS) self.assertion.advice = saml.Advice() self.assertion.statement.append(saml.Statement()) - self.assertion.authn_statement.append(saml.authn_statement_from_string( - saml2_data.TEST_AUTHN_STATEMENT)) - self.assertion.authz_decision_statement.append( - saml.AuthzDecisionStatement()) + self.assertion.authn_statement.append(saml.authn_statement_from_string(saml2_data.TEST_AUTHN_STATEMENT)) + self.assertion.authz_decision_statement.append(saml.AuthzDecisionStatement()) self.assertion.attribute_statement.append( - saml.attribute_statement_from_string( - saml2_data.TEST_ATTRIBUTE_STATEMENT)) + saml.attribute_statement_from_string(saml2_data.TEST_ATTRIBUTE_STATEMENT) + ) new_assertion = saml.assertion_from_string(self.assertion.to_string()) assert new_assertion.id == "assertion id" @@ -1273,18 +1175,14 @@ def testAccessors(self): assert isinstance(new_assertion.conditions, saml.Conditions) assert isinstance(new_assertion.advice, saml.Advice) assert isinstance(new_assertion.statement[0], saml.Statement) - assert isinstance(new_assertion.authn_statement[0], - saml.AuthnStatement) - assert isinstance(new_assertion.authz_decision_statement[0], - saml.AuthzDecisionStatement) - assert isinstance(new_assertion.attribute_statement[0], - saml.AttributeStatement) - + assert isinstance(new_assertion.authn_statement[0], saml.AuthnStatement) + assert isinstance(new_assertion.authz_decision_statement[0], saml.AuthzDecisionStatement) + assert isinstance(new_assertion.attribute_statement[0], saml.AttributeStatement) def testUsingTestData(self): """Test assertion_from_string() using test data""" # TODO - pass + if __name__ == "__main__": t = TestSAMLBase() diff --git a/tests/test_03_saml2.py b/tests/test_03_saml2.py index 442884aff..b96afd9c1 100644 --- a/tests/test_03_saml2.py +++ b/tests/test_03_saml2.py @@ -1,41 +1,43 @@ #!/usr/bin/env python -import saml2 - -from saml2 import create_class_from_xml_string, class_name, make_vals, md -from saml2.saml import NameID, Issuer, SubjectLocality, AuthnContextClassRef -from saml2.saml import SubjectConfirmationData, SubjectConfirmation -from saml2.saml import Attribute - +from defusedxml.common import EntitiesForbidden from pytest import raises import saml2_data -try: - from xml.etree import cElementTree as ElementTree -except ImportError: - try: - import cElementTree as ElementTree - except ImportError: - from elementtree import ElementTree -from defusedxml.common import EntitiesForbidden +import saml2 +from saml2 import class_name +from saml2 import create_class_from_xml_string +from saml2 import make_vals +from saml2 import md +from saml2.saml import Attribute +from saml2.saml import Issuer +from saml2.saml import NameID +from saml2.saml import SubjectConfirmation +from saml2.saml import SubjectConfirmationData +from saml2.saml import SubjectLocality + ITEMS = { - NameID: [""" + NameID: [ + """ roland@example.com -""", """ +""", + """ _1632879f09d08ea5ede2dc667cbed7e429ebc4335c -""", """ +""", + """ test -"""], +""", + ], Issuer: """ http://www.example.com/test @@ -45,15 +47,13 @@ """, - SubjectConfirmationData: - """ + SubjectConfirmationData: """ """, - SubjectConfirmation: - """ + SubjectConfirmation: """ """ +InResponseTo="_59B3A01B03334032C31E434C63F89E3E"/>""", } -#def pytest_generate_tests(metafunc): +# def pytest_generate_tests(metafunc): # if "target_class" in metafunc.funcargnames: # for tcl,xml in ITEMS.items(): # metafunc.addcall(funcargs={"target_class":tcl,"xml_string":xml}) + def _eq(l1, l2): return set(l1) == set(l2) @@ -80,17 +81,16 @@ def test_create_class_from_xml_string_nameid(): assert kl.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" assert kl.sp_provided_id == "sp provided id" assert kl.text.strip() == "roland@example.com" - assert _eq(kl.keyswv(), ['sp_provided_id', 'format', 'text']) + assert _eq(kl.keyswv(), ["sp_provided_id", "format", "text"]) assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID" - assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier', - 'name_qualifier', 'format', 'text']) + assert _eq(kl.keys(), ["sp_provided_id", "sp_name_qualifier", "name_qualifier", "format", "text"]) kl = create_class_from_xml_string(NameID, ITEMS[NameID][1]) assert kl != None assert kl.format == "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" assert kl.sp_name_qualifier == "https://foo.example.com/sp" assert kl.text.strip() == "_1632879f09d08ea5ede2dc667cbed7e429ebc4335c" - assert _eq(kl.keyswv(), ['sp_name_qualifier', 'format', 'text']) + assert _eq(kl.keyswv(), ["sp_name_qualifier", "format", "text"]) assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID" kl = create_class_from_xml_string(NameID, ITEMS[NameID][2]) @@ -99,8 +99,7 @@ def test_create_class_from_xml_string_nameid(): assert kl.name_qualifier == "http://authentic.example.com/saml/metadata" assert kl.sp_name_qualifier == "http://auth.example.com/saml/metadata" assert kl.text.strip() == "test" - assert _eq(kl.keyswv(), ['sp_name_qualifier', 'format', 'name_qualifier', - 'text']) + assert _eq(kl.keyswv(), ["sp_name_qualifier", "format", "name_qualifier", "text"]) assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID" @@ -108,62 +107,50 @@ def test_create_class_from_xml_string_issuer(): kl = create_class_from_xml_string(Issuer, ITEMS[Issuer]) assert kl != None assert kl.text.strip() == "http://www.example.com/test" - assert _eq(kl.keyswv(), ['text']) + assert _eq(kl.keyswv(), ["text"]) assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:Issuer" def test_create_class_from_xml_string_subject_locality(): kl = create_class_from_xml_string(SubjectLocality, ITEMS[SubjectLocality]) assert kl != None - assert _eq(kl.keyswv(), ['address', "dns_name"]) + assert _eq(kl.keyswv(), ["address", "dns_name"]) assert kl.address == "127.0.0.1" assert kl.dns_name == "localhost" - assert class_name( - kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality" + assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality" def test_create_class_from_xml_string_subject_confirmation_data(): - kl = create_class_from_xml_string(SubjectConfirmationData, - ITEMS[SubjectConfirmationData]) + kl = create_class_from_xml_string(SubjectConfirmationData, ITEMS[SubjectConfirmationData]) assert kl != None - assert _eq(kl.keyswv(), ['in_response_to', 'not_on_or_after', - 'not_before', 'recipient']) + assert _eq(kl.keyswv(), ["in_response_to", "not_on_or_after", "not_before", "recipient"]) assert kl.in_response_to == "_1683146e27983964fbe7bf8f08961108d166a652e5" assert kl.not_on_or_after == "2010-02-18T13:52:13.959Z" assert kl.not_before == "2010-01-16T12:00:00Z" assert kl.recipient == "http://192.168.0.10/saml/sp" - assert class_name(kl) == \ - "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData" + assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData" def test_create_class_from_xml_string_subject_confirmation(): - kl = create_class_from_xml_string(SubjectConfirmation, - ITEMS[SubjectConfirmation]) + kl = create_class_from_xml_string(SubjectConfirmation, ITEMS[SubjectConfirmation]) assert kl != None - assert _eq(kl.keyswv(), ['method', 'name_id', - 'subject_confirmation_data']) + assert _eq(kl.keyswv(), ["method", "name_id", "subject_confirmation_data"]) assert kl.method == "urn:oasis:names:tc:SAML:2.0:cm:bearer" name_id = kl.name_id - assert _eq(name_id.keyswv(), ['format', 'name_qualifier', 'text']) + assert _eq(name_id.keyswv(), ["format", "name_qualifier", "text"]) assert name_id.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" assert name_id.name_qualifier == "http://authentic.example.com/saml/metadata" assert name_id.text.strip() == "test@example.com" subject_confirmation_data = kl.subject_confirmation_data - assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after', - 'recipient', - 'in_response_to']) - assert subject_confirmation_data.recipient == \ - "http://auth.example.com/saml/proxySingleSignOnRedirect" + assert _eq(subject_confirmation_data.keyswv(), ["not_on_or_after", "recipient", "in_response_to"]) + assert subject_confirmation_data.recipient == "http://auth.example.com/saml/proxySingleSignOnRedirect" assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z" - assert subject_confirmation_data.in_response_to == \ - "_59B3A01B03334032C31E434C63F89E3E" - assert class_name(kl) == \ - "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation" + assert subject_confirmation_data.in_response_to == "_59B3A01B03334032C31E434C63F89E3E" + assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation" def test_create_class_from_xml_string_wrong_class_spec(): - kl = create_class_from_xml_string(SubjectConfirmationData, - ITEMS[SubjectConfirmation]) + kl = create_class_from_xml_string(SubjectConfirmationData, ITEMS[SubjectConfirmation]) assert kl == None @@ -181,8 +168,7 @@ def test_create_class_from_xml_string_xxe(): def test_ee_1(): - ee = saml2.extension_element_from_string( - """bar""") + ee = saml2.extension_element_from_string("""bar""") assert ee != None print(ee.__dict__) assert ee.attributes == {} @@ -193,8 +179,7 @@ def test_ee_1(): def test_ee_2(): - ee = saml2.extension_element_from_string( - """bar""") + ee = saml2.extension_element_from_string("""bar""") assert ee != None print(ee.__dict__) assert ee.attributes == {"id": "xyz"} @@ -208,7 +193,8 @@ def test_ee_3(): ee = saml2.extension_element_from_string( """ bar""") + id="xyz">bar""" + ) assert ee != None print(ee.__dict__) assert ee.attributes == {"id": "xyz"} @@ -222,7 +208,8 @@ def test_ee_4(): ee = saml2.extension_element_from_string( """ - xyztre""") + xyztre""" + ) assert ee != None print(ee.__dict__) assert ee.attributes == {} @@ -246,11 +233,13 @@ def test_ee_4(): def test_ee_5(): ee = saml2.extension_element_from_string( """ - bar""") + bar""" + ) ce = saml2.extension_element_from_string( """ - rev""") + rev""" + ) ee.children.append(ce) @@ -279,11 +268,13 @@ def test_ee_5(): def test_ee_6(): ee = saml2.extension_element_from_string( """ - bar""") + bar""" + ) ce = saml2.extension_element_from_string( """ - rev""") + rev""" + ) et = ee.transfer_to_element_tree() ce.become_child_element_of(et) @@ -330,13 +321,10 @@ def test_nameid_with_extension(): assert kl.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" assert kl.sp_provided_id == "sp provided id" assert kl.text.strip() == "roland@example.com" - assert _eq(kl.keyswv(), ['sp_provided_id', 'format', - 'extension_attributes', 'text']) + assert _eq(kl.keyswv(), ["sp_provided_id", "format", "extension_attributes", "text"]) assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID" - assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier', - 'name_qualifier', 'format', 'text']) - assert kl.extension_attributes == { - '{urn:mace:example.com:saml:assertion}Foo': 'BAR'} + assert _eq(kl.keys(), ["sp_provided_id", "sp_name_qualifier", "name_qualifier", "format", "text"]) + assert kl.extension_attributes == {"{urn:mace:example.com:saml:assertion}Foo": "BAR"} SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION = """ @@ -357,26 +345,21 @@ def test_nameid_with_extension(): def test_subject_confirmation_with_extension(): - kl = create_class_from_xml_string(SubjectConfirmation, - SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) + kl = create_class_from_xml_string(SubjectConfirmation, SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) assert kl != None print(kl.__dict__) assert kl.extension_attributes == {} assert kl.method == "urn:oasis:names:tc:SAML:2.0:cm:bearer" name_id = kl.name_id - assert _eq(name_id.keyswv(), ['format', 'name_qualifier', 'text']) + assert _eq(name_id.keyswv(), ["format", "name_qualifier", "text"]) assert name_id.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" assert name_id.name_qualifier == "http://authentic.example.com/saml/metadata" assert name_id.text.strip() == "test@example.com" subject_confirmation_data = kl.subject_confirmation_data - assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after', - 'recipient', - 'in_response_to']) - assert subject_confirmation_data.recipient == \ - "http://auth.example.com/saml/proxySingleSignOnRedirect" + assert _eq(subject_confirmation_data.keyswv(), ["not_on_or_after", "recipient", "in_response_to"]) + assert subject_confirmation_data.recipient == "http://auth.example.com/saml/proxySingleSignOnRedirect" assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z" - assert subject_confirmation_data.in_response_to == \ - "_59B3A01B03334032C31E434C63F89E3E" + assert subject_confirmation_data.in_response_to == "_59B3A01B03334032C31E434C63F89E3E" assert len(kl.extension_elements) == 1 ee = kl.extension_elements[0] assert ee.tag == "Trustlevel" @@ -385,8 +368,7 @@ def test_subject_confirmation_with_extension(): def test_to_fro_string_1(): - kl = create_class_from_xml_string(SubjectConfirmation, - SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) + kl = create_class_from_xml_string(SubjectConfirmation, SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) txt = kl.to_string() cpy = create_class_from_xml_string(SubjectConfirmation, txt) @@ -421,16 +403,15 @@ def test_attribute_element_to_extension_element(): ee = saml2.element_to_extension_element(attr) print(ee.__dict__) assert ee.tag == "Attribute" - assert ee.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion' - assert _eq(ee.attributes.keys(), ['FriendlyName', 'Name', 'NameFormat']) - assert ee.attributes["FriendlyName"] == 'test attribute' + assert ee.namespace == "urn:oasis:names:tc:SAML:2.0:assertion" + assert _eq(ee.attributes.keys(), ["FriendlyName", "Name", "NameFormat"]) + assert ee.attributes["FriendlyName"] == "test attribute" assert ee.attributes["Name"] == "testAttribute" - assert ee.attributes["NameFormat"] == \ - 'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified' + assert ee.attributes["NameFormat"] == "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified" assert len(ee.children) == 2 for child in ee.children: # children are also extension element instances - assert child.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion' + assert child.namespace == "urn:oasis:names:tc:SAML:2.0:assertion" assert child.tag == "AttributeValue" @@ -448,14 +429,14 @@ def test_ee_7(): https://federationX.org/?ID=a87s76a5765da76576a57as -""") +""" + ) print(ee.__dict__) assert len(ee.children) == 2 for child in ee.children: assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" - assert _eq(["AssertingEntity", "RetrievalEndpoint"], - [c.tag for c in ee.children]) + assert _eq(["AssertingEntity", "RetrievalEndpoint"], [c.tag for c in ee.children]) aes = [c for c in ee.children if c.tag == "AssertingEntity"] assert len(aes) == 1 assert len(aes[0].children) == 1 @@ -482,27 +463,29 @@ def test_ee_xxe(): def test_extension_element_loadd(): - ava = {'attributes': {}, - 'tag': 'ExternalEntityAttributeAuthority', - 'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml', - 'children': [{ - "tag": "AssertingEntity", - "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", - - "children": [{ - "tag": "NameID", - "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", - "text": "http://federationX.org", - "attributes": { - "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity" - }, - }] - }, { - "tag": "RetrievalEndpoint", - "namespace": "urn:oasis:names:tc:SAML:metadata" - ":dynamicsaml", - "text": "https://federationX.org/?ID=a87s76a5765da76576a57as", - }], + ava = { + "attributes": {}, + "tag": "ExternalEntityAttributeAuthority", + "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", + "children": [ + { + "tag": "AssertingEntity", + "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", + "children": [ + { + "tag": "NameID", + "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", + "text": "http://federationX.org", + "attributes": {"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"}, + } + ], + }, + { + "tag": "RetrievalEndpoint", + "namespace": "urn:oasis:names:tc:SAML:metadata" ":dynamicsaml", + "text": "https://federationX.org/?ID=a87s76a5765da76576a57as", + }, + ], } ee = saml2.ExtensionElement(ava["tag"]).loadd(ava) @@ -510,8 +493,7 @@ def test_extension_element_loadd(): assert len(ee.children) == 2 for child in ee.children: assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" - assert _eq(["AssertingEntity", "RetrievalEndpoint"], - [c.tag for c in ee.children]) + assert _eq(["AssertingEntity", "RetrievalEndpoint"], [c.tag for c in ee.children]) aes = [c for c in ee.children if c.tag == "AssertingEntity"] assert len(aes) == 1 assert len(aes[0].children) == 1 @@ -525,32 +507,36 @@ def test_extension_element_loadd(): def test_extensions_loadd(): - ava = {"extension_elements": [ - { - 'attributes': {}, - 'tag': 'ExternalEntityAttributeAuthority', - 'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml', - 'children': [ - {"tag": "AssertingEntity", - "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", - "children": [ - {"tag": "NameID", - "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", - "text": "http://federationX.org", - "attributes": { - "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity" - }, - }] - }, - { - "tag": "RetrievalEndpoint", - "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", - "text": "https://federationX.org/?ID=a87s76a5765da76576a57as", - }], - }], - "extension_attributes": { - "foo": "bar", - } + ava = { + "extension_elements": [ + { + "attributes": {}, + "tag": "ExternalEntityAttributeAuthority", + "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", + "children": [ + { + "tag": "AssertingEntity", + "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", + "children": [ + { + "tag": "NameID", + "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", + "text": "http://federationX.org", + "attributes": {"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"}, + } + ], + }, + { + "tag": "RetrievalEndpoint", + "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", + "text": "https://federationX.org/?ID=a87s76a5765da76576a57as", + }, + ], + } + ], + "extension_attributes": { + "foo": "bar", + }, } extension = saml2.SamlBase() @@ -562,8 +548,7 @@ def test_extensions_loadd(): assert len(ee.children) == 2 for child in ee.children: assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" - assert _eq(["AssertingEntity", "RetrievalEndpoint"], - [c.tag for c in ee.children]) + assert _eq(["AssertingEntity", "RetrievalEndpoint"], [c.tag for c in ee.children]) aes = [c for c in ee.children if c.tag == "AssertingEntity"] assert len(aes) == 1 assert len(aes[0].children) == 1 diff --git a/tests/test_04_samlp.py b/tests/test_04_samlp.py index 34f6176d9..97e6cdb9a 100644 --- a/tests/test_04_samlp.py +++ b/tests/test_04_samlp.py @@ -1,29 +1,23 @@ #!/usr/bin/env pythony -# -*- coding: utf-8 -*- # """Tests for saml2.samlp""" -__author__ = 'roland.hedberg@adm.umu.se (Roland Hedberg)' - -try: - from xml.etree import ElementTree -except ImportError: - from elementtree import ElementTree -import saml2 +__author__ = "roland.hedberg@adm.umu.se (Roland Hedberg)" import samlp_data +import saml2 from saml2 import saml from saml2 import samlp from saml2 import xmldsig as ds # class TestRequestAbstractType: -# +# # def setup_class(self): # self.ar = samlp.RequestAbstractType_() -# +# # def testAccessors(self): # """Test for RequestAbstractType accessors""" # self.ar.id = "request id" @@ -34,7 +28,7 @@ # self.ar.issuer = saml.Issuer() # self.ar.signature = ds.Signature() # self.ar.extensions = samlp.Extensions() -# +# # new_ar = samlp.request_abstract_type__from_string(self.ar.to_string()) # assert new_ar.id == "request id" # assert new_ar.version == saml2.VERSION @@ -44,61 +38,52 @@ # assert isinstance(new_ar.issuer, saml.Issuer) # assert isinstance(new_ar.signature, ds.Signature) # assert isinstance(new_ar.extensions, samlp.Extensions) -# +# # def testUsingTestData(self): # """Test for request_abstract_type_from_string() using test data""" # # TODO: # pass -class TestStatusDetail: +class TestStatusDetail: def setup_class(self): self.status_detail = samlp.StatusDetail() def testAccessors(self): """Test for StatusDetail accessors""" # TODO: - pass - -class TestStatusMessage: +class TestStatusMessage: def setup_class(self): self.status_message = samlp.StatusMessage() def testAccessors(self): """Test for StatusMessage accessors""" # TODO: - pass - -class TestStatusCode: +class TestStatusCode: def setup_class(self): self.status_code = samlp.StatusCode() def testAccessors(self): """Test for StatusCode accessors""" self.status_code.value = samlp.STATUS_RESPONDER - self.status_code.status_code = samlp.StatusCode( - value=samlp.STATUS_REQUEST_DENIED) + self.status_code.status_code = samlp.StatusCode(value=samlp.STATUS_REQUEST_DENIED) print(self.status_code.__dict__) new_status_code = samlp.status_code_from_string(self.status_code.to_string()) assert new_status_code.value == samlp.STATUS_RESPONDER - assert new_status_code.status_code.value == \ - samlp.STATUS_REQUEST_DENIED + assert new_status_code.status_code.value == samlp.STATUS_REQUEST_DENIED def testUsingTestData(self): """Test for status_code_from_string() using test data""" - new_status_code = samlp.status_code_from_string( - samlp_data.TEST_STATUS_CODE) + new_status_code = samlp.status_code_from_string(samlp_data.TEST_STATUS_CODE) assert new_status_code.value == samlp.STATUS_RESPONDER - assert new_status_code.status_code.value == \ - samlp.STATUS_REQUEST_DENIED + assert new_status_code.status_code.value == samlp.STATUS_REQUEST_DENIED class TestStatus: - def setup_class(self): self.status = samlp.Status() @@ -116,16 +101,16 @@ def testUsingTestData(self): """Test for status_from_string using test data""" new_status = samlp.status_from_string(samlp_data.TEST_STATUS) assert isinstance(new_status.status_code, samlp.StatusCode) - assert isinstance(new_status.status_code.status_code, - samlp.StatusCode) + assert isinstance(new_status.status_code.status_code, samlp.StatusCode) assert isinstance(new_status.status_message, samlp.StatusMessage) assert isinstance(new_status.status_detail, samlp.StatusDetail) + # class TestStatusResponseType: -# +# # def setup_class(self): # self.sr = samlp.StatusResponseType() -# +# # def testAccessors(self): # """Test for StatusResponseType accessors""" # self.sr.id = "response id" @@ -138,7 +123,7 @@ def testUsingTestData(self): # self.sr.signature = ds.Signature() # self.sr.extensions = samlp.Extensions() # self.sr.status = samlp.Status() -# +# # new_sr = samlp.status_response_type_from_string(self.sr.to_string()) # assert new_sr.id == "response id" # assert new_sr.in_response_to == "request id" @@ -150,7 +135,7 @@ def testUsingTestData(self): # assert isinstance(new_sr.signature, ds.Signature) # assert isinstance(new_sr.extensions, samlp.Extensions) # assert isinstance(new_sr.status, samlp.Status) -# +# # def testUsingTestData(self): # """Test for status_response_from_string() using test data""" # # TODO: @@ -158,7 +143,6 @@ def testUsingTestData(self): class TestResponse: - def setup_class(self): self.response = samlp.Response() @@ -190,16 +174,14 @@ def testAccessors(self): assert isinstance(new_response.status, samlp.Status) assert isinstance(new_response.assertion[0], saml.Assertion) - assert isinstance(new_response.encrypted_assertion[0], - saml.EncryptedAssertion) + assert isinstance(new_response.encrypted_assertion[0], saml.EncryptedAssertion) def testUsingTestData(self): """Test for response_from_string() using test data""" # TODO: - pass -class TestNameIDPolicy: +class TestNameIDPolicy: def setup_class(self): self.name_id_policy = samlp.NameIDPolicy() @@ -207,29 +189,24 @@ def testAccessors(self): """Test for NameIDPolicy accessors""" self.name_id_policy.format = saml.NAMEID_FORMAT_EMAILADDRESS self.name_id_policy.sp_name_qualifier = saml.NAMEID_FORMAT_PERSISTENT - self.name_id_policy.allow_create = 'false' + self.name_id_policy.allow_create = "false" - new_name_id_policy = samlp.name_id_policy_from_string( - self.name_id_policy.to_string()) + new_name_id_policy = samlp.name_id_policy_from_string(self.name_id_policy.to_string()) assert new_name_id_policy.format == saml.NAMEID_FORMAT_EMAILADDRESS - assert new_name_id_policy.sp_name_qualifier == \ - saml.NAMEID_FORMAT_PERSISTENT - assert new_name_id_policy.allow_create == 'false' + assert new_name_id_policy.sp_name_qualifier == saml.NAMEID_FORMAT_PERSISTENT + assert new_name_id_policy.allow_create == "false" def testUsingTestData(self): """Test for name_id_policy_from_string() using test data""" - new_name_id_policy = samlp.name_id_policy_from_string( - samlp_data.TEST_NAME_ID_POLICY) + new_name_id_policy = samlp.name_id_policy_from_string(samlp_data.TEST_NAME_ID_POLICY) assert new_name_id_policy.format == saml.NAMEID_FORMAT_EMAILADDRESS - assert new_name_id_policy.sp_name_qualifier == \ - saml.NAMEID_FORMAT_PERSISTENT - assert new_name_id_policy.allow_create == 'false' + assert new_name_id_policy.sp_name_qualifier == saml.NAMEID_FORMAT_PERSISTENT + assert new_name_id_policy.allow_create == "false" class TestIDPEntry: - def setup_class(self): self.idp_entry = samlp.IDPEntry() @@ -253,31 +230,25 @@ def testUsingTestData(self): class TestIDPList: - def setup_class(self): self.idp_list = samlp.IDPList() def testAccessors(self): """Test for IDPList accessors""" - self.idp_list.idp_entry.append(samlp.idp_entry_from_string( - samlp_data.TEST_IDP_ENTRY)) - self.idp_list.get_complete = samlp.GetComplete( - text="http://www.example.com/GetComplete") + self.idp_list.idp_entry.append(samlp.idp_entry_from_string(samlp_data.TEST_IDP_ENTRY)) + self.idp_list.get_complete = samlp.GetComplete(text="http://www.example.com/GetComplete") new_idp_list = samlp.idp_list_from_string(self.idp_list.to_string()) assert isinstance(new_idp_list.idp_entry[0], samlp.IDPEntry) - assert new_idp_list.get_complete.text.strip() == \ - "http://www.example.com/GetComplete" + assert new_idp_list.get_complete.text.strip() == "http://www.example.com/GetComplete" def testUsingTestData(self): """Test for idp_list_from_string() using test data""" new_idp_list = samlp.idp_list_from_string(samlp_data.TEST_IDP_LIST) assert isinstance(new_idp_list.idp_entry[0], samlp.IDPEntry) - assert new_idp_list.get_complete.text.strip() == \ - "http://www.example.com/GetComplete" + assert new_idp_list.get_complete.text.strip() == "http://www.example.com/GetComplete" class TestScoping: - def setup_class(self): self.scoping = samlp.Scoping() @@ -304,7 +275,6 @@ def testUsingTestData(self): class TestRequestedAuthnContext: - def setup_class(self): self.context = samlp.RequestedAuthnContext() @@ -315,29 +285,22 @@ def testAccessors(self): self.context.authn_context_decl_ref.append(saml.AuthnContextDeclRef()) self.context.comparison = "exact" - new_context = samlp.requested_authn_context_from_string( - self.context.to_string()) + new_context = samlp.requested_authn_context_from_string(self.context.to_string()) - assert isinstance(new_context.authn_context_class_ref[0], - saml.AuthnContextClassRef) - assert isinstance(new_context.authn_context_decl_ref[0], - saml.AuthnContextDeclRef) + assert isinstance(new_context.authn_context_class_ref[0], saml.AuthnContextClassRef) + assert isinstance(new_context.authn_context_decl_ref[0], saml.AuthnContextDeclRef) assert new_context.comparison == "exact" def testUsingTestData(self): """Test for requested_authn_context_from_string() using test data""" - new_context = samlp.requested_authn_context_from_string( - samlp_data.TEST_REQUESTED_AUTHN_CONTEXT) + new_context = samlp.requested_authn_context_from_string(samlp_data.TEST_REQUESTED_AUTHN_CONTEXT) - assert isinstance(new_context.authn_context_class_ref[0], - saml.AuthnContextClassRef) - assert isinstance(new_context.authn_context_decl_ref[0], - saml.AuthnContextDeclRef) + assert isinstance(new_context.authn_context_class_ref[0], saml.AuthnContextClassRef) + assert isinstance(new_context.authn_context_decl_ref[0], saml.AuthnContextDeclRef) assert new_context.comparison == "exact" class TestAuthnRequest: - def setup_class(self): self.ar = samlp.AuthnRequest() @@ -357,8 +320,8 @@ def testAccessors(self): self.ar.conditions = saml.Conditions() self.ar.requested_authn_context = samlp.RequestedAuthnContext() self.ar.scoping = samlp.Scoping() - self.ar.force_authn = 'true' - self.ar.is_passive = 'true' + self.ar.force_authn = "true" + self.ar.is_passive = "true" self.ar.assertion_consumer_service_index = "1" self.ar.assertion_consumer_service_url = "http://www.example.com/acs" self.ar.protocol_binding = saml2.BINDING_HTTP_POST @@ -378,16 +341,14 @@ def testAccessors(self): assert isinstance(new_ar.subject, saml.Subject) assert isinstance(new_ar.name_id_policy, samlp.NameIDPolicy) assert isinstance(new_ar.conditions, saml.Conditions) - assert isinstance(new_ar.requested_authn_context, - samlp.RequestedAuthnContext) + assert isinstance(new_ar.requested_authn_context, samlp.RequestedAuthnContext) assert isinstance(new_ar.scoping, samlp.Scoping) - assert new_ar.force_authn == 'true' - assert new_ar.is_passive == 'true' - assert new_ar.assertion_consumer_service_index == '1' - assert new_ar.assertion_consumer_service_url == \ - 'http://www.example.com/acs' + assert new_ar.force_authn == "true" + assert new_ar.is_passive == "true" + assert new_ar.assertion_consumer_service_index == "1" + assert new_ar.assertion_consumer_service_url == "http://www.example.com/acs" assert new_ar.protocol_binding == saml2.BINDING_HTTP_POST - assert new_ar.attribute_consuming_service_index == '2' + assert new_ar.attribute_consuming_service_index == "2" assert new_ar.provider_name == "provider name" def testUsingTestData(self): @@ -405,21 +366,18 @@ def testUsingTestData(self): assert isinstance(new_ar.subject, saml.Subject) assert isinstance(new_ar.name_id_policy, samlp.NameIDPolicy) assert isinstance(new_ar.conditions, saml.Conditions) - assert isinstance(new_ar.requested_authn_context, - samlp.RequestedAuthnContext) + assert isinstance(new_ar.requested_authn_context, samlp.RequestedAuthnContext) assert isinstance(new_ar.scoping, samlp.Scoping) - assert new_ar.force_authn == 'true' - assert new_ar.is_passive == 'true' - assert new_ar.assertion_consumer_service_index == '1' - assert new_ar.assertion_consumer_service_url == \ - 'http://www.example.com/acs' + assert new_ar.force_authn == "true" + assert new_ar.is_passive == "true" + assert new_ar.assertion_consumer_service_index == "1" + assert new_ar.assertion_consumer_service_url == "http://www.example.com/acs" assert new_ar.protocol_binding == saml2.BINDING_HTTP_POST - assert new_ar.attribute_consuming_service_index == '2' + assert new_ar.attribute_consuming_service_index == "2" assert new_ar.provider_name == "provider name" class TestLogoutRequest: - def setup_class(self): self.lr = samlp.LogoutRequest() @@ -478,7 +436,6 @@ def testUsingTestData(self): class TestLogoutResponse: - def setup_class(self): self.lr = samlp.LogoutResponse() @@ -506,11 +463,10 @@ def testAccessors(self): assert isinstance(new_lr.signature, ds.Signature) assert isinstance(new_lr.extensions, samlp.Extensions) assert isinstance(new_lr.status, samlp.Status) - + def testUsingTestData(self): """Test for logout_response_from_string() using test data""" - new_lr = samlp.logout_response_from_string( - samlp_data.TEST_LOGOUT_RESPONSE) + new_lr = samlp.logout_response_from_string(samlp_data.TEST_LOGOUT_RESPONSE) assert new_lr.id == "response id" assert new_lr.in_response_to == "request id" assert new_lr.version == saml2.VERSION @@ -521,4 +477,3 @@ def testUsingTestData(self): assert isinstance(new_lr.signature, ds.Signature) assert isinstance(new_lr.extensions, samlp.Extensions) assert isinstance(new_lr.status, samlp.Status) - diff --git a/tests/test_05_md.py b/tests/test_05_md.py index 2bcc0bab3..a06723b14 100644 --- a/tests/test_05_md.py +++ b/tests/test_05_md.py @@ -1,29 +1,22 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- # """Tests for saml2.md""" -__author__ = 'roland.hedberg@umu.se (Roland Hedberg)' +__author__ = "roland.hedberg@umu.se (Roland Hedberg)" -import unittest - -try: - from xml.etree import ElementTree -except ImportError: - from elementtree import ElementTree +import ds_data +import md_data import saml2 -from saml2 import xmldsig as ds +from saml2 import extension_element_to_element +from saml2 import md from saml2 import saml from saml2 import samlp -from saml2 import md +from saml2 import xmldsig as ds from saml2.extension import idpdisc from saml2.extension import shibmd -from saml2 import extension_element_to_element -import md_data, ds_data - class TestEndpointType: def setup_class(self): @@ -38,16 +31,14 @@ def testAccessors(self): new_endpoint = md.endpoint_type__from_string(self.endpoint.to_string()) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" def testUsingTestData(self): """Test for endpoint_type_from_string() using test data.""" new_endpoint = md.endpoint_type__from_string(md_data.TEST_ENDPOINT) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" class TestIndexedEndpointType: @@ -70,8 +61,7 @@ def testAccessors(self): def testUsingTestData(self): """Test for indexed_endpoint_type_from_string() using test data.""" - new_i_e = md.indexed_endpoint_type__from_string( - md_data.TEST_INDEXED_ENDPOINT) + new_i_e = md.indexed_endpoint_type__from_string(md_data.TEST_INDEXED_ENDPOINT) assert new_i_e.binding == saml2.BINDING_HTTP_POST assert new_i_e.location == "http://www.example.com/endpoint" assert new_i_e.response_location == "http://www.example.com/response" @@ -89,7 +79,9 @@ def testAccessors(self): saml2.extension_element_from_string( """ fuga - """)) + """ + ) + ) new_extensions = md.extensions_from_string(self.extensions.to_string()) assert new_extensions.extension_elements[0].tag == "hoge" assert new_extensions.extension_elements[0].text.strip() == "fuga" @@ -103,15 +95,13 @@ def testAccessors(self): """Test for OrganizationName accessors""" self.organization_name.lang = "en" self.organization_name.text = "SIOS Technology, Inc." - new_organization_name = md.organization_name_from_string( - self.organization_name.to_string()) + new_organization_name = md.organization_name_from_string(self.organization_name.to_string()) assert new_organization_name.lang == "en" assert new_organization_name.text.strip() == "SIOS Technology, Inc." def testUsingTestData(self): """Test for organization_name_from_string() using test data.""" - new_organization_name = md.organization_name_from_string( - md_data.TEST_ORGANIZATION_NAME) + new_organization_name = md.organization_name_from_string(md_data.TEST_ORGANIZATION_NAME) print(new_organization_name.keyswv()) assert new_organization_name.lang == "se" assert new_organization_name.text.strip() == "Catalogix" @@ -125,15 +115,13 @@ def testAccessors(self): """Test for OrganizationDisplayName accessors""" self.od_name.lang = "en" self.od_name.text = "SIOS" - new_od_name = md.organization_display_name_from_string( - self.od_name.to_string()) + new_od_name = md.organization_display_name_from_string(self.od_name.to_string()) assert new_od_name.lang == "en" assert new_od_name.text.strip() == "SIOS" def testUsingTestData(self): """Test for organization_display_name_from_string() using test data.""" - new_od_name = md.organization_display_name_from_string( - md_data.TEST_ORGANIZATION_DISPLAY_NAME) + new_od_name = md.organization_display_name_from_string(md_data.TEST_ORGANIZATION_DISPLAY_NAME) assert new_od_name.lang == "se" assert new_od_name.text.strip() == "Catalogix" @@ -147,15 +135,13 @@ def testAccessors(self): self.organization_url.lang = "ja" self.organization_url.text = "http://www.example.com/" print(self.organization_url.to_string()) - new_organization_url = md.organization_url_from_string( - self.organization_url.to_string()) + new_organization_url = md.organization_url_from_string(self.organization_url.to_string()) assert new_organization_url.lang == "ja" assert new_organization_url.text.strip() == "http://www.example.com/" def testUsingTestData(self): """Test for organization_url_from_string() using test data.""" - new_organization_url = md.organization_url_from_string( - md_data.TEST_ORGANIZATION_URL) + new_organization_url = md.organization_url_from_string(md_data.TEST_ORGANIZATION_URL) assert new_organization_url.lang == "no" assert new_organization_url.text.strip() == "http://www.example.com/" @@ -167,50 +153,35 @@ def setup_class(self): def testAccessors(self): """Test for Organization accessors""" self.organization.extensions = md.Extensions() - self.organization.organization_name.append( - md.organization_name_from_string(md_data.TEST_ORGANIZATION_NAME)) + self.organization.organization_name.append(md.organization_name_from_string(md_data.TEST_ORGANIZATION_NAME)) self.organization.organization_display_name.append( - md.organization_display_name_from_string( - md_data.TEST_ORGANIZATION_DISPLAY_NAME)) - self.organization.organization_url.append( - md.organization_url_from_string(md_data.TEST_ORGANIZATION_URL)) - new_organization = md.organization_from_string( - self.organization.to_string()) + md.organization_display_name_from_string(md_data.TEST_ORGANIZATION_DISPLAY_NAME) + ) + self.organization.organization_url.append(md.organization_url_from_string(md_data.TEST_ORGANIZATION_URL)) + new_organization = md.organization_from_string(self.organization.to_string()) assert isinstance(new_organization.extensions, md.Extensions) - assert isinstance(new_organization.organization_name[0], - md.OrganizationName) - assert isinstance(new_organization.organization_display_name[0], - md.OrganizationDisplayName) - assert isinstance(new_organization.organization_url[0], - md.OrganizationURL) + assert isinstance(new_organization.organization_name[0], md.OrganizationName) + assert isinstance(new_organization.organization_display_name[0], md.OrganizationDisplayName) + assert isinstance(new_organization.organization_url[0], md.OrganizationURL) assert new_organization.organization_name[0].text.strip() == "Catalogix" assert new_organization.organization_name[0].lang == "se" - assert new_organization.organization_display_name[ - 0].text.strip() == "Catalogix" + assert new_organization.organization_display_name[0].text.strip() == "Catalogix" assert new_organization.organization_display_name[0].lang == "se" - assert new_organization.organization_url[ - 0].text.strip() == "http://www.example.com/" + assert new_organization.organization_url[0].text.strip() == "http://www.example.com/" assert new_organization.organization_url[0].lang == "no" def testUsingTestData(self): """Test for organization_from_string() using test data.""" - new_organization = md.organization_from_string( - md_data.TEST_ORGANIZATION) + new_organization = md.organization_from_string(md_data.TEST_ORGANIZATION) assert isinstance(new_organization.extensions, md.Extensions) - assert isinstance(new_organization.organization_name[0], - md.OrganizationName) - assert isinstance(new_organization.organization_display_name[0], - md.OrganizationDisplayName) - assert isinstance(new_organization.organization_url[0], - md.OrganizationURL) - assert new_organization.organization_name[ - 0].text.strip() == "Catalogix AB" + assert isinstance(new_organization.organization_name[0], md.OrganizationName) + assert isinstance(new_organization.organization_display_name[0], md.OrganizationDisplayName) + assert isinstance(new_organization.organization_url[0], md.OrganizationURL) + assert new_organization.organization_name[0].text.strip() == "Catalogix AB" assert new_organization.organization_name[0].lang == "se" - assert new_organization.organization_display_name[ - 0].text.strip() == "Catalogix AS" + assert new_organization.organization_display_name[0].text.strip() == "Catalogix AS" assert new_organization.organization_display_name[0].lang == "no" - assert new_organization.organization_url[ - 0].text.strip() == "http://www.example.com/" + assert new_organization.organization_url[0].text.strip() == "http://www.example.com/" assert new_organization.organization_url[0].lang == "en" @@ -225,43 +196,30 @@ def testAccessors(self): self.contact_person.company = md.Company(text="SIOS Technology, Inc.") self.contact_person.given_name = md.GivenName(text="Takashi") self.contact_person.sur_name = md.SurName(text="Matsuo") - self.contact_person.email_address.append( - md.EmailAddress(text="tmatsuo@example.com")) - self.contact_person.email_address.append( - md.EmailAddress(text="tmatsuo@shehas.net")) - self.contact_person.telephone_number.append( - md.TelephoneNumber(text="00-0000-0000")) - new_contact_person = md.contact_person_from_string( - self.contact_person.to_string()) + self.contact_person.email_address.append(md.EmailAddress(text="tmatsuo@example.com")) + self.contact_person.email_address.append(md.EmailAddress(text="tmatsuo@shehas.net")) + self.contact_person.telephone_number.append(md.TelephoneNumber(text="00-0000-0000")) + new_contact_person = md.contact_person_from_string(self.contact_person.to_string()) assert new_contact_person.contact_type == "technical" assert isinstance(new_contact_person.extensions, md.Extensions) - assert new_contact_person.company.text.strip() == "SIOS Technology, " \ - "Inc." + assert new_contact_person.company.text.strip() == "SIOS Technology, " "Inc." assert new_contact_person.given_name.text.strip() == "Takashi" assert new_contact_person.sur_name.text.strip() == "Matsuo" - assert new_contact_person.email_address[ - 0].text.strip() == "tmatsuo@example.com" - assert new_contact_person.email_address[ - 1].text.strip() == "tmatsuo@shehas.net" - assert new_contact_person.telephone_number[ - 0].text.strip() == "00-0000-0000" + assert new_contact_person.email_address[0].text.strip() == "tmatsuo@example.com" + assert new_contact_person.email_address[1].text.strip() == "tmatsuo@shehas.net" + assert new_contact_person.telephone_number[0].text.strip() == "00-0000-0000" def testUsingTestData(self): """Test for contact_person_from_string() using test data.""" - new_contact_person = md.contact_person_from_string( - md_data.TEST_CONTACT_PERSON) + new_contact_person = md.contact_person_from_string(md_data.TEST_CONTACT_PERSON) assert new_contact_person.contact_type == "technical" assert isinstance(new_contact_person.extensions, md.Extensions) - assert new_contact_person.company.text.strip() == "SIOS Technology, " \ - "Inc." + assert new_contact_person.company.text.strip() == "SIOS Technology, " "Inc." assert new_contact_person.given_name.text.strip() == "Takashi" assert new_contact_person.sur_name.text.strip() == "Matsuo" - assert new_contact_person.email_address[ - 0].text.strip() == "tmatsuo@example.com" - assert new_contact_person.email_address[ - 1].text.strip() == "tmatsuo@shehas.net" - assert new_contact_person.telephone_number[ - 0].text.strip() == "00-0000-0000" + assert new_contact_person.email_address[0].text.strip() == "tmatsuo@example.com" + assert new_contact_person.email_address[1].text.strip() == "tmatsuo@shehas.net" + assert new_contact_person.telephone_number[0].text.strip() == "00-0000-0000" class TestAdditionalMetadataLocation: @@ -270,41 +228,35 @@ def setup_class(self): def testAccessors(self): """Test for AdditionalMetadataLocation accessors""" - self.additional_metadata_location.namespace = ( - "http://www.example.com/namespace") - self.additional_metadata_location.text = ( - "http://www.example.com/AdditionalMetadataLocation") - new_additional_metadata_location = \ - md.additional_metadata_location_from_string( - self.additional_metadata_location.to_string()) - assert new_additional_metadata_location.namespace == \ - "http://www.example.com/namespace" - assert new_additional_metadata_location.text.strip() == \ - "http://www.example.com/AdditionalMetadataLocation" + self.additional_metadata_location.namespace = "http://www.example.com/namespace" + self.additional_metadata_location.text = "http://www.example.com/AdditionalMetadataLocation" + new_additional_metadata_location = md.additional_metadata_location_from_string( + self.additional_metadata_location.to_string() + ) + assert new_additional_metadata_location.namespace == "http://www.example.com/namespace" + assert new_additional_metadata_location.text.strip() == "http://www.example.com/AdditionalMetadataLocation" def testUsingTestData(self): """Test for additional_metadata_location_from_string() using test data.""" - new_additional_metadata_location = \ - md.additional_metadata_location_from_string( - md_data.TEST_ADDITIONAL_METADATA_LOCATION) - assert new_additional_metadata_location.namespace == \ - "http://www.example.com/namespace" - assert new_additional_metadata_location.text.strip() == \ - "http://www.example.com/AdditionalMetadataLocation" + new_additional_metadata_location = md.additional_metadata_location_from_string( + md_data.TEST_ADDITIONAL_METADATA_LOCATION + ) + assert new_additional_metadata_location.namespace == "http://www.example.com/namespace" + assert new_additional_metadata_location.text.strip() == "http://www.example.com/AdditionalMetadataLocation" # class TestKeySize: -# +# # def setup_class(self): # self.key_size = md.KeySize() -# +# # def testAccessors(self): # """Test for KeySize accessors""" # self.key_size.text = "128" # new_key_size = md.key_size_from_string(self.key_size.to_string()) # assert new_key_size.text.strip() == "128" -# +# # def testUsingTestData(self): # """Test for key_size_from_string() using test data.""" # new_key_size = md.key_size_from_string(md_data.TEST_KEY_SIZE) @@ -312,16 +264,16 @@ def testUsingTestData(self): # class TestOAEPparams: -# +# # def setup_class(self): # self.oaep_params = md.OAEPparams() -# +# # def testAccessors(self): # """Test for OAEPparams accessors""" # self.oaep_params.text = "9lWu3Q==" # new_oaep_params = md.oae_pparams_from_string(self.oaep_params.to_string()) # assert new_oaep_params.text.strip() == "9lWu3Q==" -# +# # def testUsingTestData(self): # """Test for oae_pparams_from_string() using test data.""" # new_oaep_params = md.oae_pparams_from_string(md_data.TEST_OAEP_PARAMS) @@ -334,19 +286,14 @@ def setup_class(self): def testAccessors(self): """Test for EncryptionMethod accessors""" - self.encryption_method.algorithm = ( - "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p") - new_encryption_method = md.encryption_method_from_string( - self.encryption_method.to_string()) - assert new_encryption_method.algorithm == \ - "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" + self.encryption_method.algorithm = "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" + new_encryption_method = md.encryption_method_from_string(self.encryption_method.to_string()) + assert new_encryption_method.algorithm == "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" def testUsingTestData(self): """Test for encryption_method_from_string() using test data.""" - new_encryption_method = md.encryption_method_from_string( - md_data.TEST_ENCRYPTION_METHOD) - assert new_encryption_method.algorithm == \ - "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" + new_encryption_method = md.encryption_method_from_string(md_data.TEST_ENCRYPTION_METHOD) + assert new_encryption_method.algorithm == "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" assert new_encryption_method.oae_pparams.text.strip() == "9lWu3Q==" @@ -358,26 +305,19 @@ def testAccessors(self): """Test for KeyDescriptor accessors""" self.key_descriptor.use = "signing" - self.key_descriptor.key_info = ds.key_info_from_string( - ds_data.TEST_KEY_INFO) - self.key_descriptor.encryption_method.append( - md.encryption_method_from_string( - md_data.TEST_ENCRYPTION_METHOD)) - new_key_descriptor = md.key_descriptor_from_string( - self.key_descriptor.to_string()) + self.key_descriptor.key_info = ds.key_info_from_string(ds_data.TEST_KEY_INFO) + self.key_descriptor.encryption_method.append(md.encryption_method_from_string(md_data.TEST_ENCRYPTION_METHOD)) + new_key_descriptor = md.key_descriptor_from_string(self.key_descriptor.to_string()) assert new_key_descriptor.use == "signing" assert isinstance(new_key_descriptor.key_info, ds.KeyInfo) - assert isinstance(new_key_descriptor.encryption_method[0], - md.EncryptionMethod) + assert isinstance(new_key_descriptor.encryption_method[0], md.EncryptionMethod) def testUsingTestData(self): """Test for key_descriptor_from_string() using test data.""" - new_key_descriptor = md.key_descriptor_from_string( - md_data.TEST_KEY_DESCRIPTOR) + new_key_descriptor = md.key_descriptor_from_string(md_data.TEST_KEY_DESCRIPTOR) assert new_key_descriptor.use == "signing" assert isinstance(new_key_descriptor.key_info, ds.KeyInfo) - assert isinstance(new_key_descriptor.encryption_method[0], - md.EncryptionMethod) + assert isinstance(new_key_descriptor.encryption_method[0], md.EncryptionMethod) class TestRoleDescriptor: @@ -393,53 +333,41 @@ def testAccessors(self): self.role_descriptor.error_url = "http://www.example.com/errorURL" self.role_descriptor.signature = ds.Signature() self.role_descriptor.extensions = md.Extensions() - self.role_descriptor.key_descriptor.append( - md.key_descriptor_from_string( - md_data.TEST_KEY_DESCRIPTOR)) + self.role_descriptor.key_descriptor.append(md.key_descriptor_from_string(md_data.TEST_KEY_DESCRIPTOR)) self.role_descriptor.organization = md.Organization() self.role_descriptor.contact_person.append(md.ContactPerson()) - new_role_descriptor = md.role_descriptor_from_string( - self.role_descriptor.to_string()) + new_role_descriptor = md.role_descriptor_from_string(self.role_descriptor.to_string()) assert new_role_descriptor.id == "ID" assert new_role_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_role_descriptor.cache_duration == "10:00:00:00" - assert new_role_descriptor.protocol_support_enumeration == \ - samlp.NAMESPACE - assert new_role_descriptor.error_url == \ - "http://www.example.com/errorURL" + assert new_role_descriptor.protocol_support_enumeration == samlp.NAMESPACE + assert new_role_descriptor.error_url == "http://www.example.com/errorURL" assert isinstance(new_role_descriptor.signature, ds.Signature) assert isinstance(new_role_descriptor.extensions, md.Extensions) - assert isinstance(new_role_descriptor.key_descriptor[0], - md.KeyDescriptor) + assert isinstance(new_role_descriptor.key_descriptor[0], md.KeyDescriptor) assert isinstance(new_role_descriptor.organization, md.Organization) - assert isinstance(new_role_descriptor.contact_person[0], - md.ContactPerson) + assert isinstance(new_role_descriptor.contact_person[0], md.ContactPerson) def testUsingTestData(self): """Test for role_descriptor_from_string() using test data.""" - new_role_descriptor = md.role_descriptor_from_string( - md_data.TEST_ROLE_DESCRIPTOR) + new_role_descriptor = md.role_descriptor_from_string(md_data.TEST_ROLE_DESCRIPTOR) assert new_role_descriptor.id == "ID" assert new_role_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_role_descriptor.cache_duration == "10:00:00:00" - assert new_role_descriptor.protocol_support_enumeration == \ - samlp.NAMESPACE - assert new_role_descriptor.error_url == \ - "http://www.example.com/errorURL" + assert new_role_descriptor.protocol_support_enumeration == samlp.NAMESPACE + assert new_role_descriptor.error_url == "http://www.example.com/errorURL" assert isinstance(new_role_descriptor.signature, ds.Signature) assert isinstance(new_role_descriptor.extensions, md.Extensions) - assert isinstance(new_role_descriptor.key_descriptor[0], - md.KeyDescriptor) + assert isinstance(new_role_descriptor.key_descriptor[0], md.KeyDescriptor) assert isinstance(new_role_descriptor.organization, md.Organization) - assert isinstance(new_role_descriptor.contact_person[0], - md.ContactPerson) + assert isinstance(new_role_descriptor.contact_person[0], md.ContactPerson) # class TestSSODescriptor: # def setup_class(self): # self.sso_descriptor = md.SSODescriptorType_() -# +# # def testAccessors(self): # """Test for SSODescriptorType accessors""" # self.sso_descriptor.id = "ID" @@ -461,7 +389,7 @@ def testUsingTestData(self): # md.ManageNameIDService()) # self.sso_descriptor.name_id_format.append( # md.NameIDFormat()) -# +# # new_sso_descriptor = md.sso_descriptor_type__from_string( # self.sso_descriptor.to_string()) # assert new_sso_descriptor.id == "ID" @@ -484,7 +412,8 @@ def testUsingTestData(self): # md.ManageNameIDService) # assert isinstance(new_sso_descriptor.name_id_format[0], # md.NameIDFormat) -# +# + class TestArtifactResolutionService: def setup_class(self): @@ -497,8 +426,7 @@ def testAccessors(self): self.i_e.response_location = "http://www.example.com/response" self.i_e.index = "1" self.i_e.is_default = "false" - new_i_e = md.artifact_resolution_service_from_string( - self.i_e.to_string()) + new_i_e = md.artifact_resolution_service_from_string(self.i_e.to_string()) assert new_i_e.binding == saml2.BINDING_HTTP_POST assert new_i_e.location == "http://www.example.com/endpoint" assert new_i_e.response_location == "http://www.example.com/response" @@ -508,8 +436,7 @@ def testAccessors(self): def testUsingTestData(self): """Test for artifact_resolution_service_from_string() using test data.""" - new_i_e = md.artifact_resolution_service_from_string( - md_data.TEST_ARTIFACT_RESOLUTION_SERVICE) + new_i_e = md.artifact_resolution_service_from_string(md_data.TEST_ARTIFACT_RESOLUTION_SERVICE) assert new_i_e.binding == saml2.BINDING_HTTP_POST assert new_i_e.location == "http://www.example.com/endpoint" assert new_i_e.response_location == "http://www.example.com/response" @@ -526,21 +453,17 @@ def testAccessors(self): self.endpoint.binding = saml2.BINDING_HTTP_POST self.endpoint.location = "http://www.example.com/endpoint" self.endpoint.response_location = "http://www.example.com/response" - new_endpoint = md.single_logout_service_from_string( - self.endpoint.to_string()) + new_endpoint = md.single_logout_service_from_string(self.endpoint.to_string()) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" def testUsingTestData(self): """Test for single_logout_service_from_string() using test data.""" - new_endpoint = md.single_logout_service_from_string( - md_data.TEST_SINGLE_LOGOUT_SERVICE) + new_endpoint = md.single_logout_service_from_string(md_data.TEST_SINGLE_LOGOUT_SERVICE) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" class TestManageNameIDService: @@ -552,21 +475,17 @@ def testAccessors(self): self.endpoint.binding = saml2.BINDING_HTTP_POST self.endpoint.location = "http://www.example.com/endpoint" self.endpoint.response_location = "http://www.example.com/response" - new_endpoint = md.manage_name_id_service_from_string( - self.endpoint.to_string()) + new_endpoint = md.manage_name_id_service_from_string(self.endpoint.to_string()) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" def testUsingTestData(self): """Test for manage_name_id_service_from_string() using test data.""" - new_endpoint = md.manage_name_id_service_from_string( - md_data.TEST_MANAGE_NAMEID_SERVICE) + new_endpoint = md.manage_name_id_service_from_string(md_data.TEST_MANAGE_NAMEID_SERVICE) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" class TestNameIDFormat: @@ -576,17 +495,13 @@ def setup_class(self): def testAccessors(self): """Test for NameIDFormat accessors""" self.name_id_format.text = saml.NAMEID_FORMAT_EMAILADDRESS - new_name_id_format = md.name_id_format_from_string( - self.name_id_format.to_string()) - assert new_name_id_format.text.strip() == \ - saml.NAMEID_FORMAT_EMAILADDRESS + new_name_id_format = md.name_id_format_from_string(self.name_id_format.to_string()) + assert new_name_id_format.text.strip() == saml.NAMEID_FORMAT_EMAILADDRESS def testUsingTestData(self): """Test for name_id_format_from_string() using test data.""" - new_name_id_format = md.name_id_format_from_string( - md_data.TEST_NAME_ID_FORMAT) - assert new_name_id_format.text.strip() == \ - saml.NAMEID_FORMAT_EMAILADDRESS + new_name_id_format = md.name_id_format_from_string(md_data.TEST_NAME_ID_FORMAT) + assert new_name_id_format.text.strip() == saml.NAMEID_FORMAT_EMAILADDRESS class TestSingleSignOnService: @@ -598,21 +513,17 @@ def testAccessors(self): self.endpoint.binding = saml2.BINDING_HTTP_POST self.endpoint.location = "http://www.example.com/endpoint" self.endpoint.response_location = "http://www.example.com/response" - new_endpoint = md.single_sign_on_service_from_string( - self.endpoint.to_string()) + new_endpoint = md.single_sign_on_service_from_string(self.endpoint.to_string()) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" def testUsingTestData(self): """Test for SingelSignOn_service_from_string() using test data.""" - new_endpoint = md.single_sign_on_service_from_string( - md_data.TEST_SINGLE_SIGN_ON_SERVICE) + new_endpoint = md.single_sign_on_service_from_string(md_data.TEST_SINGLE_SIGN_ON_SERVICE) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" class TestNameIDMappingService: @@ -624,21 +535,17 @@ def testAccessors(self): self.endpoint.binding = saml2.BINDING_HTTP_POST self.endpoint.location = "http://www.example.com/endpoint" self.endpoint.response_location = "http://www.example.com/response" - new_endpoint = md.name_id_mapping_service_from_string( - self.endpoint.to_string()) + new_endpoint = md.name_id_mapping_service_from_string(self.endpoint.to_string()) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" def testUsingTestData(self): """Test for name_id_mapping_service_from_string() using test data.""" - new_endpoint = md.name_id_mapping_service_from_string( - md_data.TEST_NAME_ID_MAPPING_SERVICE) + new_endpoint = md.name_id_mapping_service_from_string(md_data.TEST_NAME_ID_MAPPING_SERVICE) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" class TestAssertionIDRequestService: @@ -650,22 +557,18 @@ def testAccessors(self): self.endpoint.binding = saml2.BINDING_HTTP_POST self.endpoint.location = "http://www.example.com/endpoint" self.endpoint.response_location = "http://www.example.com/response" - new_endpoint = md.assertion_id_request_service_from_string( - self.endpoint.to_string()) + new_endpoint = md.assertion_id_request_service_from_string(self.endpoint.to_string()) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" def testUsingTestData(self): """Test for assertion_id_request_service_from_string() using test data.""" - new_endpoint = md.assertion_id_request_service_from_string( - md_data.TEST_ASSERTION_ID_REQUEST_SERVICE) + new_endpoint = md.assertion_id_request_service_from_string(md_data.TEST_ASSERTION_ID_REQUEST_SERVICE) assert new_endpoint.binding == saml2.BINDING_HTTP_POST assert new_endpoint.location == "http://www.example.com/endpoint" - assert new_endpoint.response_location == \ - "http://www.example.com/response" + assert new_endpoint.response_location == "http://www.example.com/response" class TestAttributeProfile: @@ -675,17 +578,13 @@ def setup_class(self): def testAccessors(self): """Test for AttributeProfile accessors""" self.attribute_profile.text = saml.PROFILE_ATTRIBUTE_BASIC - new_attribute_profile = md.attribute_profile_from_string( - self.attribute_profile.to_string()) - assert new_attribute_profile.text.strip() == \ - saml.PROFILE_ATTRIBUTE_BASIC + new_attribute_profile = md.attribute_profile_from_string(self.attribute_profile.to_string()) + assert new_attribute_profile.text.strip() == saml.PROFILE_ATTRIBUTE_BASIC def testUsingTestData(self): """Test for name_id_format_from_string() using test data.""" - new_attribute_profile = md.attribute_profile_from_string( - md_data.TEST_ATTRIBUTE_PROFILE) - assert new_attribute_profile.text.strip() == \ - saml.PROFILE_ATTRIBUTE_BASIC + new_attribute_profile = md.attribute_profile_from_string(md_data.TEST_ATTRIBUTE_PROFILE) + assert new_attribute_profile.text.strip() == saml.PROFILE_ATTRIBUTE_BASIC class TestIDPSSODescriptor: @@ -697,114 +596,69 @@ def testAccessors(self): self.idp_sso_descriptor.id = "ID" self.idp_sso_descriptor.valid_until = "2008-09-14T01:05:02Z" self.idp_sso_descriptor.cache_duration = "10:00:00:00" - self.idp_sso_descriptor.protocol_support_enumeration = \ - samlp.NAMESPACE + self.idp_sso_descriptor.protocol_support_enumeration = samlp.NAMESPACE self.idp_sso_descriptor.error_url = "http://www.example.com/errorURL" self.idp_sso_descriptor.signature = ds.Signature() self.idp_sso_descriptor.extensions = md.Extensions() - self.idp_sso_descriptor.key_descriptor.append( - md.key_descriptor_from_string( - md_data.TEST_KEY_DESCRIPTOR)) + self.idp_sso_descriptor.key_descriptor.append(md.key_descriptor_from_string(md_data.TEST_KEY_DESCRIPTOR)) self.idp_sso_descriptor.organization = md.Organization() self.idp_sso_descriptor.contact_person.append(md.ContactPerson()) - self.idp_sso_descriptor.artifact_resolution_service.append( - md.ArtifactResolutionService()) - self.idp_sso_descriptor.single_logout_service.append( - md.SingleLogoutService()) - self.idp_sso_descriptor.manage_name_id_service.append( - md.ManageNameIDService()) - self.idp_sso_descriptor.name_id_format.append( - md.NameIDFormat()) - self.idp_sso_descriptor.want_authn_requests_signed = 'true' - self.idp_sso_descriptor.single_sign_on_service.append( - md.SingleSignOnService()) - self.idp_sso_descriptor.name_id_mapping_service.append( - md.NameIDMappingService()) - self.idp_sso_descriptor.assertion_id_request_service.append( - md.AssertionIDRequestService()) - self.idp_sso_descriptor.attribute_profile.append( - md.AttributeProfile()) + self.idp_sso_descriptor.artifact_resolution_service.append(md.ArtifactResolutionService()) + self.idp_sso_descriptor.single_logout_service.append(md.SingleLogoutService()) + self.idp_sso_descriptor.manage_name_id_service.append(md.ManageNameIDService()) + self.idp_sso_descriptor.name_id_format.append(md.NameIDFormat()) + self.idp_sso_descriptor.want_authn_requests_signed = "true" + self.idp_sso_descriptor.single_sign_on_service.append(md.SingleSignOnService()) + self.idp_sso_descriptor.name_id_mapping_service.append(md.NameIDMappingService()) + self.idp_sso_descriptor.assertion_id_request_service.append(md.AssertionIDRequestService()) + self.idp_sso_descriptor.attribute_profile.append(md.AttributeProfile()) self.idp_sso_descriptor.attribute.append(saml.Attribute()) - new_idp_sso_descriptor = md.idpsso_descriptor_from_string( - self.idp_sso_descriptor.to_string()) + new_idp_sso_descriptor = md.idpsso_descriptor_from_string(self.idp_sso_descriptor.to_string()) assert new_idp_sso_descriptor.id == "ID" assert new_idp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_idp_sso_descriptor.cache_duration == "10:00:00:00" - assert new_idp_sso_descriptor.protocol_support_enumeration == \ - samlp.NAMESPACE - assert new_idp_sso_descriptor.error_url == \ - "http://www.example.com/errorURL" + assert new_idp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE + assert new_idp_sso_descriptor.error_url == "http://www.example.com/errorURL" assert isinstance(new_idp_sso_descriptor.signature, ds.Signature) assert isinstance(new_idp_sso_descriptor.extensions, md.Extensions) - assert isinstance(new_idp_sso_descriptor.key_descriptor[0], - md.KeyDescriptor) - assert isinstance(new_idp_sso_descriptor.organization, - md.Organization) - assert isinstance(new_idp_sso_descriptor.contact_person[0], - md.ContactPerson) - assert isinstance( - new_idp_sso_descriptor.artifact_resolution_service[0], - md.ArtifactResolutionService) - assert isinstance(new_idp_sso_descriptor.single_logout_service[0], - md.SingleLogoutService) - assert isinstance(new_idp_sso_descriptor.manage_name_id_service[0], - md.ManageNameIDService) - assert isinstance(new_idp_sso_descriptor.name_id_format[0], - md.NameIDFormat) + assert isinstance(new_idp_sso_descriptor.key_descriptor[0], md.KeyDescriptor) + assert isinstance(new_idp_sso_descriptor.organization, md.Organization) + assert isinstance(new_idp_sso_descriptor.contact_person[0], md.ContactPerson) + assert isinstance(new_idp_sso_descriptor.artifact_resolution_service[0], md.ArtifactResolutionService) + assert isinstance(new_idp_sso_descriptor.single_logout_service[0], md.SingleLogoutService) + assert isinstance(new_idp_sso_descriptor.manage_name_id_service[0], md.ManageNameIDService) + assert isinstance(new_idp_sso_descriptor.name_id_format[0], md.NameIDFormat) assert new_idp_sso_descriptor.want_authn_requests_signed == "true" - assert isinstance(new_idp_sso_descriptor.single_sign_on_service[0], - md.SingleSignOnService) - assert isinstance(new_idp_sso_descriptor.name_id_mapping_service[0], - md.NameIDMappingService) - assert isinstance( - new_idp_sso_descriptor.assertion_id_request_service[0], - md.AssertionIDRequestService) - assert isinstance(new_idp_sso_descriptor.attribute_profile[0], - md.AttributeProfile) - assert isinstance(new_idp_sso_descriptor.attribute[0], - saml.Attribute) + assert isinstance(new_idp_sso_descriptor.single_sign_on_service[0], md.SingleSignOnService) + assert isinstance(new_idp_sso_descriptor.name_id_mapping_service[0], md.NameIDMappingService) + assert isinstance(new_idp_sso_descriptor.assertion_id_request_service[0], md.AssertionIDRequestService) + assert isinstance(new_idp_sso_descriptor.attribute_profile[0], md.AttributeProfile) + assert isinstance(new_idp_sso_descriptor.attribute[0], saml.Attribute) def testUsingTestData(self): """Test for idpsso_descriptor_from_string() using test data.""" - new_idp_sso_descriptor = md.idpsso_descriptor_from_string( - md_data.TEST_IDP_SSO_DESCRIPTOR) + new_idp_sso_descriptor = md.idpsso_descriptor_from_string(md_data.TEST_IDP_SSO_DESCRIPTOR) assert new_idp_sso_descriptor.id == "ID" assert new_idp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_idp_sso_descriptor.cache_duration == "10:00:00:00" - assert new_idp_sso_descriptor.protocol_support_enumeration == \ - samlp.NAMESPACE - assert new_idp_sso_descriptor.error_url == \ - "http://www.example.com/errorURL" + assert new_idp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE + assert new_idp_sso_descriptor.error_url == "http://www.example.com/errorURL" assert isinstance(new_idp_sso_descriptor.signature, ds.Signature) assert isinstance(new_idp_sso_descriptor.extensions, md.Extensions) - assert isinstance(new_idp_sso_descriptor.key_descriptor[0], - md.KeyDescriptor) - assert isinstance(new_idp_sso_descriptor.organization, - md.Organization) - assert isinstance(new_idp_sso_descriptor.contact_person[0], - md.ContactPerson) - assert isinstance( - new_idp_sso_descriptor.artifact_resolution_service[0], - md.ArtifactResolutionService) - assert isinstance(new_idp_sso_descriptor.single_logout_service[0], - md.SingleLogoutService) - assert isinstance(new_idp_sso_descriptor.manage_name_id_service[0], - md.ManageNameIDService) - assert isinstance(new_idp_sso_descriptor.name_id_format[0], - md.NameIDFormat) + assert isinstance(new_idp_sso_descriptor.key_descriptor[0], md.KeyDescriptor) + assert isinstance(new_idp_sso_descriptor.organization, md.Organization) + assert isinstance(new_idp_sso_descriptor.contact_person[0], md.ContactPerson) + assert isinstance(new_idp_sso_descriptor.artifact_resolution_service[0], md.ArtifactResolutionService) + assert isinstance(new_idp_sso_descriptor.single_logout_service[0], md.SingleLogoutService) + assert isinstance(new_idp_sso_descriptor.manage_name_id_service[0], md.ManageNameIDService) + assert isinstance(new_idp_sso_descriptor.name_id_format[0], md.NameIDFormat) assert new_idp_sso_descriptor.want_authn_requests_signed == "true" - assert isinstance(new_idp_sso_descriptor.single_sign_on_service[0], - md.SingleSignOnService) - assert isinstance(new_idp_sso_descriptor.name_id_mapping_service[0], - md.NameIDMappingService) - assert isinstance( - new_idp_sso_descriptor.assertion_id_request_service[0], - md.AssertionIDRequestService) - assert isinstance(new_idp_sso_descriptor.attribute_profile[0], - md.AttributeProfile) - assert isinstance(new_idp_sso_descriptor.attribute[0], - saml.Attribute) + assert isinstance(new_idp_sso_descriptor.single_sign_on_service[0], md.SingleSignOnService) + assert isinstance(new_idp_sso_descriptor.name_id_mapping_service[0], md.NameIDMappingService) + assert isinstance(new_idp_sso_descriptor.assertion_id_request_service[0], md.AssertionIDRequestService) + assert isinstance(new_idp_sso_descriptor.attribute_profile[0], md.AttributeProfile) + assert isinstance(new_idp_sso_descriptor.attribute[0], saml.Attribute) def testUsingScope(self): descriptor = md.IDPSSODescriptor() @@ -817,9 +671,7 @@ def testUsingScope(self): exts = descriptor.extensions assert len(exts.extension_elements) == 1 elem = exts.extension_elements[0] - inst = saml2.extension_element_to_element(elem, - shibmd.ELEMENT_FROM_STRING, - namespace=shibmd.NAMESPACE) + inst = saml2.extension_element_to_element(elem, shibmd.ELEMENT_FROM_STRING, namespace=shibmd.NAMESPACE) assert isinstance(inst, shibmd.Scope) assert inst.text == "example.org" assert inst.regexp == "false" @@ -836,8 +688,7 @@ def testAccessors(self): self.i_e.response_location = "http://www.example.com/response" self.i_e.index = "1" self.i_e.is_default = "false" - new_i_e = md.assertion_consumer_service_from_string( - self.i_e.to_string()) + new_i_e = md.assertion_consumer_service_from_string(self.i_e.to_string()) assert new_i_e.binding == saml2.BINDING_HTTP_POST assert new_i_e.location == "http://www.example.com/endpoint" assert new_i_e.response_location == "http://www.example.com/response" @@ -846,8 +697,7 @@ def testAccessors(self): def testUsingTestData(self): """Test for assertion_consumer_service_from_string() using test data.""" - new_i_e = md.assertion_consumer_service_from_string( - md_data.TEST_ASSERTION_CONSUMER_SERVICE) + new_i_e = md.assertion_consumer_service_from_string(md_data.TEST_ASSERTION_CONSUMER_SERVICE) assert new_i_e.binding == saml2.BINDING_HTTP_POST assert new_i_e.location == "http://www.example.com/endpoint" assert new_i_e.response_location == "http://www.example.com/response" @@ -865,16 +715,14 @@ def testAccessors(self): assert isinstance(self.requested_attribute, md.RequestedAttribute) assert self.requested_attribute.is_required is None self.requested_attribute.is_required = "true" - new_requested_attribute = md.requested_attribute_from_string( - self.requested_attribute.to_string()) + new_requested_attribute = md.requested_attribute_from_string(self.requested_attribute.to_string()) assert new_requested_attribute.is_required == "true" assert isinstance(new_requested_attribute, saml.AttributeType_) assert isinstance(new_requested_attribute, md.RequestedAttribute) def testUsingTestData(self): """Test for requested_attribute_from_string() using test data.""" - new_requested_attribute = md.requested_attribute_from_string( - md_data.TEST_REQUESTED_ATTRIBUTE) + new_requested_attribute = md.requested_attribute_from_string(md_data.TEST_REQUESTED_ATTRIBUTE) assert new_requested_attribute.is_required == "true" assert isinstance(new_requested_attribute, saml.AttributeType_) assert isinstance(new_requested_attribute, md.RequestedAttribute) @@ -888,15 +736,13 @@ def testAccessors(self): """Test for ServiceName accessors""" self.service_name.lang = "en" self.service_name.text = "SIOS mail" - new_service_name = md.service_name_from_string( - self.service_name.to_string()) + new_service_name = md.service_name_from_string(self.service_name.to_string()) assert new_service_name.lang == "en" assert new_service_name.text.strip() == "SIOS mail" def testUsingTestData(self): """Test for organization_name_from_string() using test data.""" - new_service_name = md.service_name_from_string( - md_data.TEST_SERVICE_NAME) + new_service_name = md.service_name_from_string(md_data.TEST_SERVICE_NAME) assert new_service_name.lang == "en" assert new_service_name.text.strip() == "Catalogix Whois" @@ -909,15 +755,13 @@ def testAccessors(self): """Test for ServiceDescription accessors""" self.service_description.lang = "en" self.service_description.text = "SIOS mail service" - new_service_description = md.service_description_from_string( - self.service_description.to_string()) + new_service_description = md.service_description_from_string(self.service_description.to_string()) assert new_service_description.lang == "en" assert new_service_description.text.strip() == "SIOS mail service" def testUsingTestData(self): """Test for organization_name_from_string() using test data.""" - new_service_description = md.service_description_from_string( - md_data.TEST_SERVICE_DESCRIPTION) + new_service_description = md.service_description_from_string(md_data.TEST_SERVICE_DESCRIPTION) assert new_service_description.lang == "en" assert new_service_description.text.strip() == "Catalogix Whois Service" @@ -929,43 +773,31 @@ def setup_class(self): def testAccessors(self): """Test for AttributeConsumingService accessors""" self.attribute_consuming_service.service_name.append(md.ServiceName()) - self.attribute_consuming_service.service_description.append( - md.ServiceDescription()) - self.attribute_consuming_service.requested_attribute.append( - md.RequestedAttribute()) + self.attribute_consuming_service.service_description.append(md.ServiceDescription()) + self.attribute_consuming_service.requested_attribute.append(md.RequestedAttribute()) self.attribute_consuming_service.index = "1" self.attribute_consuming_service.is_default = "true" - new_attribute_consuming_service = \ - md.attribute_consuming_service_from_string( - self.attribute_consuming_service.to_string()) + new_attribute_consuming_service = md.attribute_consuming_service_from_string( + self.attribute_consuming_service.to_string() + ) assert new_attribute_consuming_service.index == "1" assert new_attribute_consuming_service.is_default == "true" - assert isinstance(new_attribute_consuming_service.service_name[0], - md.ServiceName) - assert isinstance( - new_attribute_consuming_service.service_description[0], - md.ServiceDescription) - assert isinstance( - new_attribute_consuming_service.requested_attribute[0], - md.RequestedAttribute) + assert isinstance(new_attribute_consuming_service.service_name[0], md.ServiceName) + assert isinstance(new_attribute_consuming_service.service_description[0], md.ServiceDescription) + assert isinstance(new_attribute_consuming_service.requested_attribute[0], md.RequestedAttribute) def testUsingTestData(self): """Test for attribute_consuming_service_from_string() using test data.""" - new_attribute_consuming_service = \ - md.attribute_consuming_service_from_string( - md_data.TEST_ATTRIBUTE_CONSUMING_SERVICE) + new_attribute_consuming_service = md.attribute_consuming_service_from_string( + md_data.TEST_ATTRIBUTE_CONSUMING_SERVICE + ) assert new_attribute_consuming_service.index == "1" assert new_attribute_consuming_service.is_default == "true" - assert isinstance(new_attribute_consuming_service.service_name[0], - md.ServiceName) - assert isinstance( - new_attribute_consuming_service.service_description[0], - md.ServiceDescription) - assert isinstance( - new_attribute_consuming_service.requested_attribute[0], - md.RequestedAttribute) + assert isinstance(new_attribute_consuming_service.service_name[0], md.ServiceName) + assert isinstance(new_attribute_consuming_service.service_description[0], md.ServiceDescription) + assert isinstance(new_attribute_consuming_service.requested_attribute[0], md.RequestedAttribute) class TestSPSSODescriptor: @@ -977,113 +809,72 @@ def testAccessors(self): self.sp_sso_descriptor.id = "ID" self.sp_sso_descriptor.valid_until = "2008-09-14T01:05:02Z" self.sp_sso_descriptor.cache_duration = "10:00:00:00" - self.sp_sso_descriptor.protocol_support_enumeration = \ - samlp.NAMESPACE + self.sp_sso_descriptor.protocol_support_enumeration = samlp.NAMESPACE self.sp_sso_descriptor.error_url = "http://www.example.com/errorURL" self.sp_sso_descriptor.signature = ds.Signature() self.sp_sso_descriptor.extensions = md.Extensions() - self.sp_sso_descriptor.key_descriptor.append( - md.key_descriptor_from_string( - md_data.TEST_KEY_DESCRIPTOR)) + self.sp_sso_descriptor.key_descriptor.append(md.key_descriptor_from_string(md_data.TEST_KEY_DESCRIPTOR)) self.sp_sso_descriptor.organization = md.Organization() self.sp_sso_descriptor.contact_person.append(md.ContactPerson()) - self.sp_sso_descriptor.artifact_resolution_service.append( - md.ArtifactResolutionService()) - self.sp_sso_descriptor.single_logout_service.append( - md.SingleLogoutService()) - self.sp_sso_descriptor.manage_name_id_service.append( - md.ManageNameIDService()) - self.sp_sso_descriptor.name_id_format.append( - md.NameIDFormat()) + self.sp_sso_descriptor.artifact_resolution_service.append(md.ArtifactResolutionService()) + self.sp_sso_descriptor.single_logout_service.append(md.SingleLogoutService()) + self.sp_sso_descriptor.manage_name_id_service.append(md.ManageNameIDService()) + self.sp_sso_descriptor.name_id_format.append(md.NameIDFormat()) self.sp_sso_descriptor.authn_requests_signed = "true" self.sp_sso_descriptor.want_assertions_signed = "true" - self.sp_sso_descriptor.assertion_consumer_service.append( - md.AssertionConsumerService()) - self.sp_sso_descriptor.attribute_consuming_service.append( - md.AttributeConsumingService()) + self.sp_sso_descriptor.assertion_consumer_service.append(md.AssertionConsumerService()) + self.sp_sso_descriptor.attribute_consuming_service.append(md.AttributeConsumingService()) print(self.sp_sso_descriptor) - new_sp_sso_descriptor = md.spsso_descriptor_from_string( - self.sp_sso_descriptor.to_string()) + new_sp_sso_descriptor = md.spsso_descriptor_from_string(self.sp_sso_descriptor.to_string()) print(new_sp_sso_descriptor) assert new_sp_sso_descriptor.id == "ID" assert new_sp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_sp_sso_descriptor.cache_duration == "10:00:00:00" - assert new_sp_sso_descriptor.protocol_support_enumeration == \ - samlp.NAMESPACE - assert new_sp_sso_descriptor.error_url == \ - "http://www.example.com/errorURL" + assert new_sp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE + assert new_sp_sso_descriptor.error_url == "http://www.example.com/errorURL" assert isinstance(new_sp_sso_descriptor.signature, ds.Signature) assert isinstance(new_sp_sso_descriptor.extensions, md.Extensions) - assert isinstance(new_sp_sso_descriptor.key_descriptor[0], - md.KeyDescriptor) - assert isinstance(new_sp_sso_descriptor.organization, - md.Organization) - assert isinstance(new_sp_sso_descriptor.contact_person[0], - md.ContactPerson) - assert isinstance( - new_sp_sso_descriptor.artifact_resolution_service[0], - md.ArtifactResolutionService) - assert isinstance(new_sp_sso_descriptor.single_logout_service[0], - md.SingleLogoutService) - assert isinstance(new_sp_sso_descriptor.manage_name_id_service[0], - md.ManageNameIDService) - assert isinstance(new_sp_sso_descriptor.name_id_format[0], - md.NameIDFormat) + assert isinstance(new_sp_sso_descriptor.key_descriptor[0], md.KeyDescriptor) + assert isinstance(new_sp_sso_descriptor.organization, md.Organization) + assert isinstance(new_sp_sso_descriptor.contact_person[0], md.ContactPerson) + assert isinstance(new_sp_sso_descriptor.artifact_resolution_service[0], md.ArtifactResolutionService) + assert isinstance(new_sp_sso_descriptor.single_logout_service[0], md.SingleLogoutService) + assert isinstance(new_sp_sso_descriptor.manage_name_id_service[0], md.ManageNameIDService) + assert isinstance(new_sp_sso_descriptor.name_id_format[0], md.NameIDFormat) assert new_sp_sso_descriptor.authn_requests_signed == "true" assert new_sp_sso_descriptor.want_assertions_signed == "true" - assert isinstance( - new_sp_sso_descriptor.assertion_consumer_service[0], - md.AssertionConsumerService) - assert isinstance( - new_sp_sso_descriptor.attribute_consuming_service[0], - md.AttributeConsumingService) + assert isinstance(new_sp_sso_descriptor.assertion_consumer_service[0], md.AssertionConsumerService) + assert isinstance(new_sp_sso_descriptor.attribute_consuming_service[0], md.AttributeConsumingService) def testUsingTestData(self): """Test for spsso_descriptor_from_string() using test data.""" - new_sp_sso_descriptor = md.spsso_descriptor_from_string( - md_data.TEST_SP_SSO_DESCRIPTOR) + new_sp_sso_descriptor = md.spsso_descriptor_from_string(md_data.TEST_SP_SSO_DESCRIPTOR) assert new_sp_sso_descriptor.id == "ID" assert new_sp_sso_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_sp_sso_descriptor.cache_duration == "10:00:00:00" - assert new_sp_sso_descriptor.protocol_support_enumeration == \ - samlp.NAMESPACE - assert new_sp_sso_descriptor.error_url == \ - "http://www.example.com/errorURL" + assert new_sp_sso_descriptor.protocol_support_enumeration == samlp.NAMESPACE + assert new_sp_sso_descriptor.error_url == "http://www.example.com/errorURL" assert isinstance(new_sp_sso_descriptor.signature, ds.Signature) assert isinstance(new_sp_sso_descriptor.extensions, md.Extensions) print(new_sp_sso_descriptor.extensions.__dict__) assert len(new_sp_sso_descriptor.extensions.extension_elements) == 2 for eelem in new_sp_sso_descriptor.extensions.extension_elements: print("EE", eelem.__dict__) - dp = extension_element_to_element(eelem, - idpdisc.ELEMENT_FROM_STRING, - idpdisc.NAMESPACE) + dp = extension_element_to_element(eelem, idpdisc.ELEMENT_FROM_STRING, idpdisc.NAMESPACE) print("DP", dp.c_tag, dp.c_namespace, dp.__dict__) assert isinstance(dp, idpdisc.DiscoveryResponse) - assert isinstance(new_sp_sso_descriptor.key_descriptor[0], - md.KeyDescriptor) - assert isinstance(new_sp_sso_descriptor.organization, - md.Organization) - assert isinstance(new_sp_sso_descriptor.contact_person[0], - md.ContactPerson) - assert isinstance( - new_sp_sso_descriptor.artifact_resolution_service[0], - md.ArtifactResolutionService) - assert isinstance(new_sp_sso_descriptor.single_logout_service[0], - md.SingleLogoutService) - assert isinstance(new_sp_sso_descriptor.manage_name_id_service[0], - md.ManageNameIDService) - assert isinstance(new_sp_sso_descriptor.name_id_format[0], - md.NameIDFormat) + assert isinstance(new_sp_sso_descriptor.key_descriptor[0], md.KeyDescriptor) + assert isinstance(new_sp_sso_descriptor.organization, md.Organization) + assert isinstance(new_sp_sso_descriptor.contact_person[0], md.ContactPerson) + assert isinstance(new_sp_sso_descriptor.artifact_resolution_service[0], md.ArtifactResolutionService) + assert isinstance(new_sp_sso_descriptor.single_logout_service[0], md.SingleLogoutService) + assert isinstance(new_sp_sso_descriptor.manage_name_id_service[0], md.ManageNameIDService) + assert isinstance(new_sp_sso_descriptor.name_id_format[0], md.NameIDFormat) assert new_sp_sso_descriptor.authn_requests_signed == "true" assert new_sp_sso_descriptor.want_assertions_signed == "true" - assert isinstance( - new_sp_sso_descriptor.assertion_consumer_service[0], - md.AssertionConsumerService) - assert isinstance( - new_sp_sso_descriptor.attribute_consuming_service[0], - md.AttributeConsumingService) + assert isinstance(new_sp_sso_descriptor.assertion_consumer_service[0], md.AssertionConsumerService) + assert isinstance(new_sp_sso_descriptor.attribute_consuming_service[0], md.AttributeConsumingService) class TestEntityDescriptor: @@ -1104,53 +895,37 @@ def testAccessors(self): self.entity_descriptor.spsso_descriptor.append(md.SPSSODescriptor()) self.entity_descriptor.organization = md.Organization() self.entity_descriptor.contact_person.append(md.ContactPerson()) - self.entity_descriptor.additional_metadata_location.append( - md.AdditionalMetadataLocation()) + self.entity_descriptor.additional_metadata_location.append(md.AdditionalMetadataLocation()) - new_entity_descriptor = md.entity_descriptor_from_string( - self.entity_descriptor.to_string()) + new_entity_descriptor = md.entity_descriptor_from_string(self.entity_descriptor.to_string()) assert new_entity_descriptor.id == "ID" assert new_entity_descriptor.entity_id == "entityID" assert new_entity_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_entity_descriptor.cache_duration == "10:00:00:00" assert isinstance(new_entity_descriptor.signature, ds.Signature) assert isinstance(new_entity_descriptor.extensions, md.Extensions) - assert isinstance(new_entity_descriptor.role_descriptor[0], - md.RoleDescriptor) - assert isinstance(new_entity_descriptor.idpsso_descriptor[0], - md.IDPSSODescriptor) - assert isinstance(new_entity_descriptor.spsso_descriptor[0], - md.SPSSODescriptor) - assert isinstance(new_entity_descriptor.organization, - md.Organization) - assert isinstance(new_entity_descriptor.contact_person[0], - md.ContactPerson) - assert isinstance( - new_entity_descriptor.additional_metadata_location[0], - md.AdditionalMetadataLocation) + assert isinstance(new_entity_descriptor.role_descriptor[0], md.RoleDescriptor) + assert isinstance(new_entity_descriptor.idpsso_descriptor[0], md.IDPSSODescriptor) + assert isinstance(new_entity_descriptor.spsso_descriptor[0], md.SPSSODescriptor) + assert isinstance(new_entity_descriptor.organization, md.Organization) + assert isinstance(new_entity_descriptor.contact_person[0], md.ContactPerson) + assert isinstance(new_entity_descriptor.additional_metadata_location[0], md.AdditionalMetadataLocation) def testUsingTestData(self): """Test for entity_descriptor_from_string() using test data.""" - new_entity_descriptor = md.entity_descriptor_from_string( - md_data.TEST_ENTITY_DESCRIPTOR) + new_entity_descriptor = md.entity_descriptor_from_string(md_data.TEST_ENTITY_DESCRIPTOR) assert new_entity_descriptor.id == "ID" assert new_entity_descriptor.entity_id == "entityID" assert new_entity_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_entity_descriptor.cache_duration == "10:00:00:00" assert isinstance(new_entity_descriptor.signature, ds.Signature) assert isinstance(new_entity_descriptor.extensions, md.Extensions) - assert isinstance(new_entity_descriptor.role_descriptor[0], - md.RoleDescriptor) - assert isinstance(new_entity_descriptor.idpsso_descriptor[0], - md.IDPSSODescriptor) - assert isinstance(new_entity_descriptor.spsso_descriptor[0], - md.SPSSODescriptor) - assert isinstance(new_entity_descriptor.organization, - md.Organization) - assert isinstance(new_entity_descriptor.contact_person[0], - md.ContactPerson) - assert isinstance(new_entity_descriptor.additional_metadata_location[0], - md.AdditionalMetadataLocation) + assert isinstance(new_entity_descriptor.role_descriptor[0], md.RoleDescriptor) + assert isinstance(new_entity_descriptor.idpsso_descriptor[0], md.IDPSSODescriptor) + assert isinstance(new_entity_descriptor.spsso_descriptor[0], md.SPSSODescriptor) + assert isinstance(new_entity_descriptor.organization, md.Organization) + assert isinstance(new_entity_descriptor.contact_person[0], md.ContactPerson) + assert isinstance(new_entity_descriptor.additional_metadata_location[0], md.AdditionalMetadataLocation) class TestEntitiesDescriptor: @@ -1167,39 +942,32 @@ def testAccessors(self): self.entities_descriptor.signature = ds.Signature() self.entities_descriptor.extensions = md.Extensions() self.entities_descriptor.entity_descriptor.append(md.EntityDescriptor()) - self.entities_descriptor.entities_descriptor.append( - md.EntitiesDescriptor()) + self.entities_descriptor.entities_descriptor.append(md.EntitiesDescriptor()) - new_entities_descriptor = md.entities_descriptor_from_string( - self.entities_descriptor.to_string()) + new_entities_descriptor = md.entities_descriptor_from_string(self.entities_descriptor.to_string()) assert new_entities_descriptor.id == "ID" assert new_entities_descriptor.name == "name" assert new_entities_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_entities_descriptor.cache_duration == "10:00:00:00" assert isinstance(new_entities_descriptor.signature, ds.Signature) assert isinstance(new_entities_descriptor.extensions, md.Extensions) - assert isinstance(new_entities_descriptor.entity_descriptor[0], - md.EntityDescriptor) - assert isinstance(new_entities_descriptor.entities_descriptor[0], - md.EntitiesDescriptor) + assert isinstance(new_entities_descriptor.entity_descriptor[0], md.EntityDescriptor) + assert isinstance(new_entities_descriptor.entities_descriptor[0], md.EntitiesDescriptor) def testUsingTestData(self): """Test for entities_descriptor_from_string() using test data.""" - new_entities_descriptor = md.entities_descriptor_from_string( - md_data.TEST_ENTITIES_DESCRIPTOR) + new_entities_descriptor = md.entities_descriptor_from_string(md_data.TEST_ENTITIES_DESCRIPTOR) assert new_entities_descriptor.id == "ID" assert new_entities_descriptor.name == "name" assert new_entities_descriptor.valid_until == "2008-09-14T01:05:02Z" assert new_entities_descriptor.cache_duration == "10:00:00:00" assert isinstance(new_entities_descriptor.signature, ds.Signature) assert isinstance(new_entities_descriptor.extensions, md.Extensions) - assert isinstance(new_entities_descriptor.entity_descriptor[0], - md.EntityDescriptor) - assert isinstance(new_entities_descriptor.entities_descriptor[0], - md.EntitiesDescriptor) + assert isinstance(new_entities_descriptor.entity_descriptor[0], md.EntityDescriptor) + assert isinstance(new_entities_descriptor.entities_descriptor[0], md.EntitiesDescriptor) if __name__ == "__main__": c = TestIDPSSODescriptor() c.setup_class() - c.testAccessors() \ No newline at end of file + c.testAccessors() diff --git a/tests/test_06_setarg.py b/tests/test_06_setarg.py index 7df32179c..fad7c6915 100644 --- a/tests/test_06_setarg.py +++ b/tests/test_06_setarg.py @@ -1,53 +1,51 @@ from saml2 import saml +from saml2.argtree import add_path +from saml2.argtree import find_paths +from saml2.argtree import is_set +from saml2.argtree import set_arg from saml2.saml import Subject from saml2.samlp import Response -from saml2.argtree import set_arg, add_path, is_set -from saml2.argtree import find_paths -__author__ = 'roland' + +__author__ = "roland" def test_path(): - result = find_paths(Subject, 'in_response_to') + result = find_paths(Subject, "in_response_to") - assert result == [ - ['subject_confirmation', 'subject_confirmation_data', 'in_response_to']] + assert result == [["subject_confirmation", "subject_confirmation_data", "in_response_to"]] - result = find_paths(Response, 'in_response_to') + result = find_paths(Response, "in_response_to") assert result == [ - ['assertion', 'subject', 'subject_confirmation', - 'subject_confirmation_data', 'in_response_to'], - ['in_response_to'] + ["assertion", "subject", "subject_confirmation", "subject_confirmation_data", "in_response_to"], + ["in_response_to"], ] def test_set_arg(): - r = set_arg(Subject, 'in_response_to', '123456') + r = set_arg(Subject, "in_response_to", "123456") - assert r == [{'subject_confirmation': { - 'subject_confirmation_data': {'in_response_to': '123456'}}}] + assert r == [{"subject_confirmation": {"subject_confirmation_data": {"in_response_to": "123456"}}}] def test_multi(): t = {} - t = add_path(t, ['subject_confirmation','method',saml.SCM_BEARER]) - add_path(t['subject_confirmation'], - ['subject_confirmation_data','in_response_to','1234']) + t = add_path(t, ["subject_confirmation", "method", saml.SCM_BEARER]) + add_path(t["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "1234"]) assert t == { - 'subject_confirmation': { - 'subject_confirmation_data': {'in_response_to': '1234'}, - 'method': 'urn:oasis:names:tc:SAML:2.0:cm:bearer'} + "subject_confirmation": { + "subject_confirmation_data": {"in_response_to": "1234"}, + "method": "urn:oasis:names:tc:SAML:2.0:cm:bearer", + } } def test_is_set(): t = {} - t = add_path(t, ['subject_confirmation','method',saml.SCM_BEARER]) - add_path(t['subject_confirmation'], - ['subject_confirmation_data','in_response_to','1234']) + t = add_path(t, ["subject_confirmation", "method", saml.SCM_BEARER]) + add_path(t["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "1234"]) - assert is_set(t, ['subject_confirmation','method']) - assert is_set(t, ['subject_confirmation', 'subject_confirmation_data', - 'receiver']) is False + assert is_set(t, ["subject_confirmation", "method"]) + assert is_set(t, ["subject_confirmation", "subject_confirmation_data", "receiver"]) is False diff --git a/tests/test_1.der b/tests/test_1.der new file mode 100644 index 000000000..77abcf8dd Binary files /dev/null and b/tests/test_1.der differ diff --git a/tests/test_10_time_util.py b/tests/test_10_time_util.py index 1c1f8198c..80e77ac30 100644 --- a/tests/test_10_time_util.py +++ b/tests/test_10_time_util.py @@ -3,9 +3,19 @@ import calendar import datetime import time -from saml2.time_util import f_quotient, modulo, parse_duration, add_duration -from saml2.time_util import str_to_time, instant, valid, in_a_while -from saml2.time_util import before, after, not_before, not_on_or_after + +from saml2.time_util import add_duration +from saml2.time_util import after +from saml2.time_util import before +from saml2.time_util import f_quotient +from saml2.time_util import in_a_while +from saml2.time_util import instant +from saml2.time_util import modulo +from saml2.time_util import not_before +from saml2.time_util import not_on_or_after +from saml2.time_util import parse_duration +from saml2.time_util import str_to_time +from saml2.time_util import valid def test_f_quotient(): @@ -38,51 +48,42 @@ def test_modulo_2(): for i in range(1, 13): assert modulo(i, 1, 13) == i assert modulo(13, 1, 13) == 1 - #x = 0.123 - #assert modulo(13+x, 1, 13) == 1+x + # x = 0.123 + # assert modulo(13+x, 1, 13) == 1+x def test_parse_duration(): (sign, d) = parse_duration("P1Y3M5DT7H10M3.3S") assert sign == "+" - assert d['tm_sec'] == 3.3 - assert d['tm_mon'] == 3 - assert d['tm_hour'] == 7 - assert d['tm_mday'] == 5 - assert d['tm_year'] == 1 - assert d['tm_min'] == 10 + assert d["tm_sec"] == 3.3 + assert d["tm_mon"] == 3 + assert d["tm_hour"] == 7 + assert d["tm_mday"] == 5 + assert d["tm_year"] == 1 + assert d["tm_min"] == 10 def test_parse_duration2(): (sign, d) = parse_duration("PT30M") assert sign == "+" - assert d['tm_sec'] == 0 - assert d['tm_mon'] == 0 - assert d['tm_hour'] == 0 - assert d['tm_mday'] == 0 - assert d['tm_year'] == 0 - assert d['tm_min'] == 30 + assert d["tm_sec"] == 0 + assert d["tm_mon"] == 0 + assert d["tm_hour"] == 0 + assert d["tm_mday"] == 0 + assert d["tm_year"] == 0 + assert d["tm_min"] == 30 PATTERNS = { - "P3Y6M4DT12H30M5S": {'tm_sec': 5, 'tm_hour': 12, 'tm_mday': 4, - 'tm_year': 3, 'tm_mon': 6, 'tm_min': 30}, - "P23DT23H": {'tm_sec': 0, 'tm_hour': 23, 'tm_mday': 23, 'tm_year': 0, - 'tm_mon': 0, 'tm_min': 0}, - "P4Y": {'tm_sec': 0, 'tm_hour': 0, 'tm_mday': 0, 'tm_year': 4, - 'tm_mon': 0, 'tm_min': 0}, - "P1M": {'tm_sec': 0, 'tm_hour': 0, 'tm_mday': 0, 'tm_year': 0, - 'tm_mon': 1, 'tm_min': 0}, - "PT1M": {'tm_sec': 0, 'tm_hour': 0, 'tm_mday': 0, 'tm_year': 0, - 'tm_mon': 0, 'tm_min': 1}, - "P0.5Y": {'tm_sec': 0, 'tm_hour': 0, 'tm_mday': 0, 'tm_year': 0.5, - 'tm_mon': 0, 'tm_min': 0}, - "P0,5Y": {'tm_sec': 0, 'tm_hour': 0, 'tm_mday': 0, 'tm_year': 0.5, - 'tm_mon': 0, 'tm_min': 0}, - "PT36H": {'tm_sec': 0, 'tm_hour': 36, 'tm_mday': 0, 'tm_year': 0, - 'tm_mon': 0, 'tm_min': 0}, - "P1DT12H": {'tm_sec': 0, 'tm_hour': 12, 'tm_mday': 1, 'tm_year': 0, - 'tm_mon': 0, 'tm_min': 0} + "P3Y6M4DT12H30M5S": {"tm_sec": 5, "tm_hour": 12, "tm_mday": 4, "tm_year": 3, "tm_mon": 6, "tm_min": 30}, + "P23DT23H": {"tm_sec": 0, "tm_hour": 23, "tm_mday": 23, "tm_year": 0, "tm_mon": 0, "tm_min": 0}, + "P4Y": {"tm_sec": 0, "tm_hour": 0, "tm_mday": 0, "tm_year": 4, "tm_mon": 0, "tm_min": 0}, + "P1M": {"tm_sec": 0, "tm_hour": 0, "tm_mday": 0, "tm_year": 0, "tm_mon": 1, "tm_min": 0}, + "PT1M": {"tm_sec": 0, "tm_hour": 0, "tm_mday": 0, "tm_year": 0, "tm_mon": 0, "tm_min": 1}, + "P0.5Y": {"tm_sec": 0, "tm_hour": 0, "tm_mday": 0, "tm_year": 0.5, "tm_mon": 0, "tm_min": 0}, + "P0,5Y": {"tm_sec": 0, "tm_hour": 0, "tm_mday": 0, "tm_year": 0.5, "tm_mon": 0, "tm_min": 0}, + "PT36H": {"tm_sec": 0, "tm_hour": 36, "tm_mday": 0, "tm_year": 0, "tm_mon": 0, "tm_min": 0}, + "P1DT12H": {"tm_sec": 0, "tm_hour": 12, "tm_mday": 1, "tm_year": 0, "tm_mon": 0, "tm_min": 0}, } @@ -91,8 +92,9 @@ def test_parse_duration_n(): (sign, d) = parse_duration(dur) assert d == _val + def test_add_duration_1(): - #2000-01-12T12:13:14Z P1Y3M5DT7H10M3S 2001-04-17T19:23:17Z + # 2000-01-12T12:13:14Z P1Y3M5DT7H10M3S 2001-04-17T19:23:17Z t = add_duration(str_to_time("2000-01-12T12:13:14Z"), "P1Y3M5DT7H10M3S") assert t.tm_year == 2001 assert t.tm_mon == 4 @@ -103,7 +105,7 @@ def test_add_duration_1(): def test_add_duration_2(): - #2000-01-12 PT33H 2000-01-13 + # 2000-01-12 PT33H 2000-01-13 t = add_duration(str_to_time("2000-01-12T00:00:00Z"), "PT33H") assert t.tm_year == 2000 assert t.tm_mon == 1 @@ -115,16 +117,17 @@ def test_add_duration_2(): def test_str_to_time(): t = calendar.timegm(str_to_time("2000-01-12T00:00:00Z")) - #TODO: Find all instances of time.mktime(.....) - #t = time.mktime(str_to_time("2000-01-12T00:00:00Z")) - #assert t == 947631600.0 - #TODO: add something to show how this time was arrived at + # TODO: Find all instances of time.mktime(.....) + # t = time.mktime(str_to_time("2000-01-12T00:00:00Z")) + # assert t == 947631600.0 + # TODO: add something to show how this time was arrived at # do this as an external method in the assert t == 947635200 # some IdPs omit the trailing Z, and SAML spec is unclear if it is actually required t = calendar.timegm(str_to_time("2000-01-12T00:00:00")) assert t == 947635200 + def test_instant(): inst = str_to_time(instant()) now = time.gmtime() @@ -135,7 +138,7 @@ def test_instant(): def test_valid(): assert valid("2000-01-12T00:00:00Z") == False current_year = datetime.datetime.today().year - assert valid("%d-01-12T00:00:00Z" % (current_year + 1)) == True + assert valid(f"{int(current_year + 1)}-01-12T00:00:00Z") == True this_instance = instant() time.sleep(1) assert valid(this_instance) is False # unless on a very fast machine :-) @@ -151,26 +154,26 @@ def test_timeout(): def test_before(): current_year = datetime.datetime.today().year - assert before("%d-01-01T00:00:00Z" % (current_year - 1)) == False - assert before("%d-01-01T00:00:00Z" % (current_year + 1)) == True + assert before(f"{int(current_year - 1)}-01-01T00:00:00Z") == False + assert before(f"{int(current_year + 1)}-01-01T00:00:00Z") == True def test_after(): current_year = datetime.datetime.today().year - assert after("%d-01-01T00:00:00Z" % (current_year + 1)) == False - assert after("%d-01-01T00:00:00Z" % (current_year - 1)) == True + assert after(f"{int(current_year + 1)}-01-01T00:00:00Z") == False + assert after(f"{int(current_year - 1)}-01-01T00:00:00Z") == True def test_not_before(): current_year = datetime.datetime.today().year - assert not_before("%d-01-01T00:00:00Z" % (current_year + 1)) == False - assert not_before("%d-01-01T00:00:00Z" % (current_year - 1)) == True + assert not_before(f"{int(current_year + 1)}-01-01T00:00:00Z") == False + assert not_before(f"{int(current_year - 1)}-01-01T00:00:00Z") == True def test_not_on_or_after(): current_year = datetime.datetime.today().year - assert not_on_or_after("%d-01-01T00:00:00Z" % (current_year + 1)) == True - assert not_on_or_after("%d-01-01T00:00:00Z" % (current_year - 1)) == False + assert not_on_or_after(f"{int(current_year + 1)}-01-01T00:00:00Z") == True + assert not_on_or_after(f"{int(current_year - 1)}-01-01T00:00:00Z") == False if __name__ == "__main__": diff --git a/tests/test_12_s_utils.py b/tests/test_12_s_utils.py index cd1be8e90..454cd0bb1 100644 --- a/tests/test_12_s_utils.py +++ b/tests/test_12_s_utils.py @@ -1,47 +1,47 @@ # !/usr/bin/env python -# -*- coding: utf-8 -*- import base64 -import six +from pathutils import full_path from saml2 import s_utils as utils from saml2 import saml from saml2 import samlp from saml2.argtree import set_arg - from saml2.s_utils import do_attribute_statement -from saml2.saml import Attribute, Subject from saml2.saml import NAME_FORMAT_URI - -from pathutils import full_path +from saml2.saml import Attribute +from saml2.saml import Subject -XML_HEADER = '\n' +XML_HEADER = "\n" SUCCESS_STATUS_NO_HEADER = ( '') -SUCCESS_STATUS = '%s%s' % (XML_HEADER, SUCCESS_STATUS_NO_HEADER) + ":StatusCode " + 'Value="urn:oasis:names:tc:SAML:2.0:status:Success" />' +) +SUCCESS_STATUS = f"{XML_HEADER}{SUCCESS_STATUS_NO_HEADER}" ERROR_STATUS_NO_HEADER = ( 'Error resolving ' - 'principal') + "/>Error resolving " + "principal" +) ERROR_STATUS_NO_HEADER_EMPTY = ( '') + "/>" +) -ERROR_STATUS = '%s%s' % (XML_HEADER, ERROR_STATUS_NO_HEADER) -ERROR_STATUS_EMPTY = '%s%s' % (XML_HEADER, ERROR_STATUS_NO_HEADER_EMPTY) +ERROR_STATUS = f"{XML_HEADER}{ERROR_STATUS_NO_HEADER}" +ERROR_STATUS_EMPTY = f"{XML_HEADER}{ERROR_STATUS_NO_HEADER_EMPTY}" def _eq(l1, l2): @@ -54,9 +54,9 @@ def _oeq(l1, l2): return False for item in l1: if item not in l2: - print("%s not in l2" % (item,)) + print(f"{item} not in l2") for ite in l2: - print("\t%s" % (ite,)) + print(f"\t{ite}") return False return True @@ -65,29 +65,29 @@ def test_inflate_then_deflate(): txt = """Selma Lagerlöf (1858-1940) was born in Östra Emterwik, Värmland, Sweden. She was brought up on Mårbacka, the family estate, which she did not leave until 1881, when she went to a teachers' college at Stockholm""" - if not isinstance(txt, six.binary_type): - txt = txt.encode('utf-8') + if not isinstance(txt, bytes): + txt = txt.encode("utf-8") interm = utils.deflate_and_base64_encode(txt) bis = utils.decode_base64_and_inflate(interm) - if not isinstance(bis, six.binary_type): - bis = bis.encode('utf-8') + if not isinstance(bis, bytes): + bis = bis.encode("utf-8") assert bis == txt def test_status_success(): status = utils.success_status_factory() - status_text = "%s" % status + status_text = f"{status}" assert status_text in (SUCCESS_STATUS_NO_HEADER, SUCCESS_STATUS) assert status.status_code.value == samlp.STATUS_SUCCESS def test_error_status(): - status = utils.status_message_factory("Error resolving principal", - samlp.STATUS_UNKNOWN_PRINCIPAL, - samlp.STATUS_RESPONDER) + status = utils.status_message_factory( + "Error resolving principal", samlp.STATUS_UNKNOWN_PRINCIPAL, samlp.STATUS_RESPONDER + ) - status_text = "%s" % status + status_text = f"{status}" print(status_text) assert status_text in (ERROR_STATUS_NO_HEADER, ERROR_STATUS) @@ -95,21 +95,20 @@ def test_error_status(): def test_status_from_exception(): e = utils.UnknownPrincipal("Error resolving principal") stat = utils.error_status_factory(e) - status_text = "%s" % stat + status_text = f"{stat}" print(status_text) assert status_text in (ERROR_STATUS_NO_HEADER, ERROR_STATUS) def test_status_from_tuple(): - stat = utils.error_status_factory((samlp.STATUS_UNKNOWN_PRINCIPAL, - 'Error resolving principal')) - status_text = "%s" % stat + stat = utils.error_status_factory((samlp.STATUS_UNKNOWN_PRINCIPAL, "Error resolving principal")) + status_text = f"{stat}" assert status_text in (ERROR_STATUS_NO_HEADER, ERROR_STATUS) def test_status_from_tuple_empty_message(): stat = utils.error_status_factory((samlp.STATUS_UNKNOWN_PRINCIPAL, None)) - status_text = "%s" % stat + status_text = f"{stat}" assert status_text in (ERROR_STATUS_EMPTY, ERROR_STATUS_NO_HEADER_EMPTY) @@ -152,9 +151,9 @@ def test_attribute_onoff(): def test_attribute_base64(): txt = "Selma Lagerlöf" - if not isinstance(txt, six.binary_type): + if not isinstance(txt, bytes): txt = txt.encode("utf-8") - b64sl = base64.b64encode(txt).decode('ascii') + b64sl = base64.b64encode(txt).decode("ascii") attr = utils.do_attributes({"name": (b64sl, "xs:base64Binary")}) assert len(attr) == 1 @@ -168,8 +167,7 @@ def test_attribute_base64(): def test_attribute_statement(): - statement = do_attribute_statement({"surName": ("Jeter", ""), - "givenName": ("Derek", "")}) + statement = do_attribute_statement({"surName": ("Jeter", ""), "givenName": ("Derek", "")}) print(statement) assert statement.keyswv() == ["attribute"] assert len(statement.attribute) == 2 @@ -191,26 +189,23 @@ def test_attribute_statement(): def test_audience(): - aud_restr = utils.factory(saml.AudienceRestriction, - audience=utils.factory(saml.Audience, - text="urn:foo:bar")) + aud_restr = utils.factory(saml.AudienceRestriction, audience=utils.factory(saml.Audience, text="urn:foo:bar")) assert aud_restr.keyswv() == ["audience"] assert aud_restr.audience.text == "urn:foo:bar" def test_conditions(): - conditions = utils.factory(saml.Conditions, - not_before="2009-10-30T07:58:10.852Z", - not_on_or_after="2009-10-30T08:03:10.852Z", - audience_restriction=[ - utils.factory(saml.AudienceRestriction, - audience=utils.factory( - saml.Audience, - text="urn:foo:bar"))]) - - assert _eq(conditions.keyswv(), ["not_before", "not_on_or_after", - "audience_restriction"]) + conditions = utils.factory( + saml.Conditions, + not_before="2009-10-30T07:58:10.852Z", + not_on_or_after="2009-10-30T08:03:10.852Z", + audience_restriction=[ + utils.factory(saml.AudienceRestriction, audience=utils.factory(saml.Audience, text="urn:foo:bar")) + ], + ) + + assert _eq(conditions.keyswv(), ["not_before", "not_on_or_after", "audience_restriction"]) assert conditions.not_before == "2009-10-30T07:58:10.852Z" assert conditions.not_on_or_after == "2009-10-30T08:03:10.852Z" assert conditions.audience_restriction[0].audience.text == "urn:foo:bar" @@ -219,17 +214,16 @@ def test_conditions(): def test_value_1(): # FriendlyName="givenName" Name="urn:oid:2.5.4.42" # NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" - attribute = utils.factory(saml.Attribute, name="urn:oid:2.5.4.42", - name_format=NAME_FORMAT_URI) + attribute = utils.factory(saml.Attribute, name="urn:oid:2.5.4.42", name_format=NAME_FORMAT_URI) assert _eq(attribute.keyswv(), ["name", "name_format"]) assert attribute.name == "urn:oid:2.5.4.42" assert attribute.name_format == saml.NAME_FORMAT_URI def test_value_2(): - attribute = utils.factory(saml.Attribute, name="urn:oid:2.5.4.42", - name_format=NAME_FORMAT_URI, - friendly_name="givenName") + attribute = utils.factory( + saml.Attribute, name="urn:oid:2.5.4.42", name_format=NAME_FORMAT_URI, friendly_name="givenName" + ) assert _eq(attribute.keyswv(), ["name", "name_format", "friendly_name"]) assert attribute.name == "urn:oid:2.5.4.42" assert attribute.name_format == NAME_FORMAT_URI @@ -237,15 +231,15 @@ def test_value_2(): def test_value_3(): - attribute = utils.factory(saml.Attribute, - attribute_value=[utils.factory( - saml.AttributeValue, text="Derek")], - name="urn:oid:2.5.4.42", - name_format=NAME_FORMAT_URI, - friendly_name="givenName") - - assert _eq(attribute.keyswv(), ["name", "name_format", - "friendly_name", "attribute_value"]) + attribute = utils.factory( + saml.Attribute, + attribute_value=[utils.factory(saml.AttributeValue, text="Derek")], + name="urn:oid:2.5.4.42", + name_format=NAME_FORMAT_URI, + friendly_name="givenName", + ) + + assert _eq(attribute.keyswv(), ["name", "name_format", "friendly_name", "attribute_value"]) assert attribute.name == "urn:oid:2.5.4.42" assert attribute.name_format == NAME_FORMAT_URI assert attribute.friendly_name == "givenName" @@ -254,13 +248,11 @@ def test_value_3(): def test_value_4(): - attribute = utils.factory(saml.Attribute, - attribute_value=[utils.factory( - saml.AttributeValue, text="Derek")], - friendly_name="givenName") + attribute = utils.factory( + saml.Attribute, attribute_value=[utils.factory(saml.AttributeValue, text="Derek")], friendly_name="givenName" + ) - assert _eq(attribute.keyswv(), ["friendly_name", "attribute_value", - "name_format"]) + assert _eq(attribute.keyswv(), ["friendly_name", "attribute_value", "name_format"]) assert attribute.friendly_name == "givenName" assert len(attribute.attribute_value) == 1 assert attribute.attribute_value[0].text == "Derek" @@ -279,9 +271,7 @@ def test_do_attribute_statement_0(): def test_do_attribute_statement(): - statement = do_attribute_statement({"surName": ("Jeter", ""), - "givenName": (["Derek", - "Sanderson"], "")}) + statement = do_attribute_statement({"surName": ("Jeter", ""), "givenName": (["Derek", "Sanderson"], "")}) assert statement.keyswv() == ["attribute"] assert len(statement.attribute) == 2 @@ -291,8 +281,7 @@ def test_do_attribute_statement(): assert _eq(attr1.keyswv(), ["name", "attribute_value", "name_format"]) if attr0.name == "givenName": assert len(attr0.attribute_value) == 2 - assert _eq([av.text for av in attr0.attribute_value], - ["Derek", "Sanderson"]) + assert _eq([av.text for av in attr0.attribute_value], ["Derek", "Sanderson"]) assert attr1.name == "surName" assert attr1.attribute_value[0].text == "Jeter" assert len(attr1.attribute_value) == 1 @@ -302,31 +291,31 @@ def test_do_attribute_statement(): assert len(attr0.attribute_value) == 1 assert attr1.name == "givenName" assert len(attr1.attribute_value) == 2 - assert _eq([av.text for av in attr1.attribute_value], - ["Derek", "Sanderson"]) + assert _eq([av.text for av in attr1.attribute_value], ["Derek", "Sanderson"]) def test_do_attribute_statement_multi(): statement = do_attribute_statement( - {("urn:oid:1.3.6.1.4.1.5923.1.1.1.7", - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - "eduPersonEntitlement"): ("Jeter", "")}) + { + ( + "urn:oid:1.3.6.1.4.1.5923.1.1.1.7", + "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "eduPersonEntitlement", + ): ("Jeter", "") + } + ) assert statement.keyswv() == ["attribute"] assert len(statement.attribute) - assert _eq(statement.attribute[0].keyswv(), - ["name", "name_format", "friendly_name", "attribute_value"]) + assert _eq(statement.attribute[0].keyswv(), ["name", "name_format", "friendly_name", "attribute_value"]) attribute = statement.attribute[0] assert attribute.name == "urn:oid:1.3.6.1.4.1.5923.1.1.1.7" - assert attribute.name_format == ( - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri") + assert attribute.name_format == ("urn:oasis:names:tc:SAML:2.0:attrname-format:uri") assert attribute.friendly_name == "eduPersonEntitlement" def test_subject(): - subject = utils.factory(saml.Subject, text="_aaa", - name_id=saml.NameID( - text=saml.NAMEID_FORMAT_TRANSIENT)) + subject = utils.factory(saml.Subject, text="_aaa", name_id=saml.NameID(text=saml.NAMEID_FORMAT_TRANSIENT)) assert _eq(subject.keyswv(), ["text", "name_id"]) assert subject.text == "_aaa" @@ -335,47 +324,53 @@ def test_subject(): # --------------------------------------------------------------------------- + def test_parse_attribute_map(): - (forward, backward) = utils.parse_attribute_map( - [full_path("attribute.map")]) + (forward, backward) = utils.parse_attribute_map([full_path("attribute.map")]) assert _eq(forward.keys(), backward.values()) assert _eq(forward.values(), backward.keys()) print(forward.keys()) - assert _oeq(forward.keys(), [ - ('urn:oid:1.3.6.1.4.1.5923.1.1.1.7', NAME_FORMAT_URI), - ('urn:oid:0.9.2342.19200300.100.1.1', NAME_FORMAT_URI), - ('urn:oid:1.3.6.1.4.1.5923.1.1.1.1', NAME_FORMAT_URI), - ('urn:oid:2.5.4.42', NAME_FORMAT_URI), - ('urn:oid:2.5.4.4', NAME_FORMAT_URI), - ('urn:oid:0.9.2342.19200300.100.1.3', NAME_FORMAT_URI), - ('urn:oid:2.5.4.12', NAME_FORMAT_URI)]) - assert _eq(forward.keys(), [ - ('urn:oid:1.3.6.1.4.1.5923.1.1.1.7', NAME_FORMAT_URI), - ('urn:oid:0.9.2342.19200300.100.1.1', NAME_FORMAT_URI), - ('urn:oid:1.3.6.1.4.1.5923.1.1.1.1', NAME_FORMAT_URI), - ('urn:oid:2.5.4.42', NAME_FORMAT_URI), - ('urn:oid:2.5.4.4', NAME_FORMAT_URI), - ('urn:oid:0.9.2342.19200300.100.1.3', NAME_FORMAT_URI), - ('urn:oid:2.5.4.12', NAME_FORMAT_URI)]) - assert _eq(backward.keys(), ["surName", "givenName", "title", "uid", "mail", - "eduPersonAffiliation", - "eduPersonEntitlement"]) + assert _oeq( + forward.keys(), + [ + ("urn:oid:1.3.6.1.4.1.5923.1.1.1.7", NAME_FORMAT_URI), + ("urn:oid:0.9.2342.19200300.100.1.1", NAME_FORMAT_URI), + ("urn:oid:1.3.6.1.4.1.5923.1.1.1.1", NAME_FORMAT_URI), + ("urn:oid:2.5.4.42", NAME_FORMAT_URI), + ("urn:oid:2.5.4.4", NAME_FORMAT_URI), + ("urn:oid:0.9.2342.19200300.100.1.3", NAME_FORMAT_URI), + ("urn:oid:2.5.4.12", NAME_FORMAT_URI), + ], + ) + assert _eq( + forward.keys(), + [ + ("urn:oid:1.3.6.1.4.1.5923.1.1.1.7", NAME_FORMAT_URI), + ("urn:oid:0.9.2342.19200300.100.1.1", NAME_FORMAT_URI), + ("urn:oid:1.3.6.1.4.1.5923.1.1.1.1", NAME_FORMAT_URI), + ("urn:oid:2.5.4.42", NAME_FORMAT_URI), + ("urn:oid:2.5.4.4", NAME_FORMAT_URI), + ("urn:oid:0.9.2342.19200300.100.1.3", NAME_FORMAT_URI), + ("urn:oid:2.5.4.12", NAME_FORMAT_URI), + ], + ) + assert _eq( + backward.keys(), + ["surName", "givenName", "title", "uid", "mail", "eduPersonAffiliation", "eduPersonEntitlement"], + ) def test_identity_attribute_0(): - (forward, backward) = utils.parse_attribute_map( - [full_path("attribute.map")]) - a = Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI, - friendly_name="surName") + (forward, backward) = utils.parse_attribute_map([full_path("attribute.map")]) + a = Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI, friendly_name="surName") assert utils.identity_attribute("name", a, forward) == "urn:oid:2.5.4.4" assert utils.identity_attribute("friendly", a, forward) == "surName" def test_identity_attribute_1(): - (forward, backward) = utils.parse_attribute_map( - [full_path("attribute.map")]) + (forward, backward) = utils.parse_attribute_map([full_path("attribute.map")]) a = Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI) assert utils.identity_attribute("name", a, forward) == "urn:oid:2.5.4.4" @@ -383,8 +378,7 @@ def test_identity_attribute_1(): def test_identity_attribute_2(): - (forward, backward) = utils.parse_attribute_map( - [full_path("attribute.map")]) + (forward, backward) = utils.parse_attribute_map([full_path("attribute.map")]) a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI) assert utils.identity_attribute("name", a, forward) == "urn:oid:2.5.4.5" @@ -401,8 +395,7 @@ def test_identity_attribute_3(): def test_identity_attribute_4(): - a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber") + a = Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, friendly_name="serialNumber") assert utils.identity_attribute("name", a) == "urn:oid:2.5.4.5" # if there would be a map it would be serialNumber @@ -431,101 +424,98 @@ def test_nameformat_email(): def test_attribute(): - a = utils.factory(saml.Attribute, - friendly_name="eduPersonScopedAffiliation", - name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9", - name_format="urn:oasis:names:tc:SAML:2.0:attrname" - "-format:uri") + a = utils.factory( + saml.Attribute, + friendly_name="eduPersonScopedAffiliation", + name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9", + name_format="urn:oasis:names:tc:SAML:2.0:attrname" "-format:uri", + ) assert _eq(a.keyswv(), ["friendly_name", "name", "name_format"]) a = utils.factory( - saml.Attribute, friendly_name="eduPersonScopedAffiliation", + saml.Attribute, + friendly_name="eduPersonScopedAffiliation", name="urn:oid:1.3.6.1.4.1.5923.1.1.1.9", name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - attribute_value=[saml.AttributeValue(text="member@example.com")]) + attribute_value=[saml.AttributeValue(text="member@example.com")], + ) - assert _eq(a.keyswv(), ["friendly_name", "name", "name_format", - "attribute_value"]) + assert _eq(a.keyswv(), ["friendly_name", "name", "name_format", "attribute_value"]) def test_attribute_statement_2(): - statement = utils.factory(saml.Statement, - attribute=[ - utils.factory(saml.Attribute, - attribute_value=[ - utils.factory( - saml.AttributeValue, - text="Derek")], - friendly_name="givenName"), - utils.factory(saml.Attribute, - attribute_value=[ - utils.factory( - saml.AttributeValue, - text="Jeter")], - friendly_name="surName"), - ]) + statement = utils.factory( + saml.Statement, + attribute=[ + utils.factory( + saml.Attribute, + attribute_value=[utils.factory(saml.AttributeValue, text="Derek")], + friendly_name="givenName", + ), + utils.factory( + saml.Attribute, + attribute_value=[utils.factory(saml.AttributeValue, text="Jeter")], + friendly_name="surName", + ), + ], + ) assert statement.keyswv() == ["attribute"] assert len(statement.attribute) == 2 def test_subject_confirmation_data(): - s = utils.factory(saml.SubjectConfirmation, - in_response_to="_12345678", - not_before="2010-02-11T07:30:00Z", - not_on_or_after="2010-02-11T07:35:00Z", - recipient="http://example.com/sp/", - address="192.168.0.10") + s = utils.factory( + saml.SubjectConfirmation, + in_response_to="_12345678", + not_before="2010-02-11T07:30:00Z", + not_on_or_after="2010-02-11T07:35:00Z", + recipient="http://example.com/sp/", + address="192.168.0.10", + ) - assert _eq(s.keyswv(), ["in_response_to", "not_before", "not_on_or_after", - "recipient", "address"]) + assert _eq(s.keyswv(), ["in_response_to", "not_before", "not_on_or_after", "recipient", "address"]) def test_subject_confirmation(): - s = utils.factory(saml.SubjectConfirmation, - method="urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser", - base_id="1234", - name_id="abcd", - subject_confirmation_data=utils.factory( - saml.SubjectConfirmationData, - in_response_to="_1234567890", - recipient="http://example.com/sp/")) - - assert _eq(s.keyswv(), - ["method", "base_id", "name_id", "subject_confirmation_data"]) + s = utils.factory( + saml.SubjectConfirmation, + method="urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser", + base_id="1234", + name_id="abcd", + subject_confirmation_data=utils.factory( + saml.SubjectConfirmationData, in_response_to="_1234567890", recipient="http://example.com/sp/" + ), + ) + + assert _eq(s.keyswv(), ["method", "base_id", "name_id", "subject_confirmation_data"]) assert s.method == "urn:oasis:names:tc:SAML:2.0:profiles:SSO:browser" def test_authn_context_class_ref(): - a = utils.factory(saml.AuthnContextClassRef, - text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified") + a = utils.factory(saml.AuthnContextClassRef, text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified") assert a.keyswv() == ["text"] assert a.text == "urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified" def test_authn_context(): - accr = utils.factory( - saml.AuthnContext, - text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified") + accr = utils.factory(saml.AuthnContext, text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified") a = utils.factory(saml.AuthnContext, authn_context_class_ref=accr) assert a.keyswv() == ["authn_context_class_ref"] def test_authn_statement(): - accr = utils.factory( - saml.AuthnContextClassRef, - text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified") - ac = utils.factory(saml.AuthnContext, - authn_context_class_ref=accr) - ast = utils.factory(saml.AuthnStatement, - authn_instant="2010-03-10T12:33:00Z", - session_index="_12345", - session_not_on_or_after="2010-03-11T12:00:00Z", - authn_context=ac) - assert _eq(ast.keyswv(), ["authn_instant", "session_index", - "session_not_on_or_after", - "authn_context"]) + accr = utils.factory(saml.AuthnContextClassRef, text="urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified") + ac = utils.factory(saml.AuthnContext, authn_context_class_ref=accr) + ast = utils.factory( + saml.AuthnStatement, + authn_instant="2010-03-10T12:33:00Z", + session_index="_12345", + session_not_on_or_after="2010-03-11T12:00:00Z", + authn_context=ac, + ) + assert _eq(ast.keyswv(), ["authn_instant", "session_index", "session_not_on_or_after", "authn_context"]) def test_signature(): @@ -537,11 +527,9 @@ def test_signature(): def test_complex_factory(): - r = set_arg(Subject, 'in_response_to', '123456') + r = set_arg(Subject, "in_response_to", "123456") subject = utils.factory(Subject, **r[0]) - assert _eq(subject.keyswv(), ['subject_confirmation']) - assert _eq(subject.subject_confirmation.keyswv(), - ['subject_confirmation_data']) - assert _eq(subject.subject_confirmation.subject_confirmation_data.keyswv(), - ['in_response_to']) - assert subject.subject_confirmation.subject_confirmation_data.in_response_to == '123456' + assert _eq(subject.keyswv(), ["subject_confirmation"]) + assert _eq(subject.subject_confirmation.keyswv(), ["subject_confirmation_data"]) + assert _eq(subject.subject_confirmation.subject_confirmation_data.keyswv(), ["in_response_to"]) + assert subject.subject_confirmation.subject_confirmation_data.in_response_to == "123456" diff --git a/tests/test_13_validate.py b/tests/test_13_validate.py index 3c13e2c15..05e63a192 100644 --- a/tests/test_13_validate.py +++ b/tests/test_13_validate.py @@ -1,21 +1,20 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -import saml2 +from pytest import raises +import saml2 from saml2 import saml from saml2 import samlp -from saml2.validate import valid_duration, MustValueError -from saml2.validate import valid_unsigned_short -from saml2.validate import valid_non_negative_integer -from saml2.validate import valid_string -from saml2.validate import valid_instance -from saml2.validate import valid_any_uri +from saml2.validate import MustValueError from saml2.validate import NotValid -from saml2.validate import valid_anytype from saml2.validate import valid_address - -from pytest import raises +from saml2.validate import valid_any_uri +from saml2.validate import valid_anytype +from saml2.validate import valid_duration +from saml2.validate import valid_instance +from saml2.validate import valid_non_negative_integer +from saml2.validate import valid_string +from saml2.validate import valid_unsigned_short def _eq(l1, l2): @@ -62,7 +61,7 @@ def test_valid_non_negative_integer(): def test_valid_string(): - assert valid_string(u'example') + assert valid_string("example") import codecs @@ -76,11 +75,13 @@ def test_valid_anyuri(): def test_valid_instance(): attr_statem = saml.AttributeStatement() - text = ["value of test attribute", - "value1 of test attribute", - "value2 of test attribute", - "value1 of test attribute2", - "value2 of test attribute2", ] + text = [ + "value of test attribute", + "value1 of test attribute", + "value2 of test attribute", + "value1 of test attribute2", + "value2 of test attribute2", + ] attr_statem.attribute.append(saml.Attribute()) attr_statem.attribute.append(saml.Attribute()) diff --git a/tests/test_19_attribute_converter.py b/tests/test_19_attribute_converter.py index fdb9cd96a..4f3a5fbc5 100644 --- a/tests/test_19_attribute_converter.py +++ b/tests/test_19_attribute_converter.py @@ -1,25 +1,26 @@ #!/usr/bin/env python -from saml2 import attribute_converter, saml - from attribute_statement_data import * - from pathutils import full_path -from saml2.attribute_converter import AttributeConverterNOOP, from_local + +from saml2 import attribute_converter +from saml2 import saml from saml2.attribute_converter import AttributeConverter +from saml2.attribute_converter import AttributeConverterNOOP +from saml2.attribute_converter import from_local from saml2.attribute_converter import to_local -from saml2.saml import attribute_from_string, name_id_from_string, NameID, NAMEID_FORMAT_PERSISTENT -from saml2.saml import attribute_statement_from_string import saml2.attributemaps.saml_uri as saml_map +from saml2.saml import attribute_from_string +from saml2.saml import attribute_statement_from_string def _eq(l1, l2): return set(l1) == set(l2) -BASIC_NF = 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic' -URI_NF = 'urn:oasis:names:tc:SAML:2.0:attrname-format:uri' -SAML1 = 'urn:mace:shibboleth:1.0:attributeNamespace:uri' +BASIC_NF = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic" +URI_NF = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri" +SAML1 = "urn:mace:shibboleth:1.0:attributeNamespace:uri" def test_default(): @@ -27,7 +28,7 @@ def test_default(): assert acs -class TestAC(): +class TestAC: def setup_class(self): self.acs = attribute_converter.ac_factory(full_path("attributemaps")) @@ -50,13 +51,26 @@ def test_ava_fro_1(self): if ava: break print(ava.keys()) - assert _eq(ava.keys(), ['givenName', 'displayName', 'uid', - 'eduPersonNickname', 'street', - 'eduPersonScopedAffiliation', - 'employeeType', 'eduPersonAffiliation', - 'eduPersonPrincipalName', 'sn', 'postalCode', - 'physicalDeliveryOfficeName', 'ou', - 'eduPersonTargetedID', 'cn']) + assert _eq( + ava.keys(), + [ + "givenName", + "displayName", + "uid", + "eduPersonNickname", + "street", + "eduPersonScopedAffiliation", + "employeeType", + "eduPersonAffiliation", + "eduPersonPrincipalName", + "sn", + "postalCode", + "physicalDeliveryOfficeName", + "ou", + "eduPersonTargetedID", + "cn", + ], + ) def test_ava_fro_2(self): ats = saml.attribute_statement_from_string(STATEMENT2) @@ -66,8 +80,7 @@ def test_ava_fro_2(self): ava.update(ac.fro(ats)) print(ava.keys()) - assert _eq(ava.keys(), ['eduPersonEntitlement', 'eduPersonAffiliation', - 'uid', 'mail', 'givenName', 'sn']) + assert _eq(ava.keys(), ["eduPersonEntitlement", "eduPersonAffiliation", "uid", "mail", "givenName", "sn"]) def test_to_attrstat_1(self): ava = {"givenName": "Roland", "sn": "Hedberg"} @@ -78,17 +91,17 @@ def test_to_attrstat_1(self): assert len(statement) == 2 a0 = statement[0] a1 = statement[1] - if a0.friendly_name == 'sn': - assert a0.name == 'urn:mace:dir:attribute-def:sn' + if a0.friendly_name == "sn": + assert a0.name == "urn:mace:dir:attribute-def:sn" assert a0.name_format == BASIC_NF assert a1.friendly_name == "givenName" - assert a1.name == 'urn:mace:dir:attribute-def:givenName' + assert a1.name == "urn:mace:dir:attribute-def:givenName" assert a1.name_format == BASIC_NF - elif a0.friendly_name == 'givenName': - assert a0.name == 'urn:mace:dir:attribute-def:givenName' + elif a0.friendly_name == "givenName": + assert a0.name == "urn:mace:dir:attribute-def:givenName" assert a0.name_format == BASIC_NF assert a1.friendly_name == "sn" - assert a1.name == 'urn:mace:dir:attribute-def:sn' + assert a1.name == "urn:mace:dir:attribute-def:sn" assert a1.name_format == BASIC_NF else: assert False @@ -101,17 +114,17 @@ def test_to_attrstat_2(self): assert len(statement) == 2 a0 = statement[0] a1 = statement[1] - if a0.friendly_name == 'surname': - assert a0.name == 'urn:oid:2.5.4.4' + if a0.friendly_name == "surname": + assert a0.name == "urn:oid:2.5.4.4" assert a0.name_format == URI_NF assert a1.friendly_name == "givenName" - assert a1.name == 'urn:oid:2.5.4.42' + assert a1.name == "urn:oid:2.5.4.42" assert a1.name_format == URI_NF - elif a0.friendly_name == 'givenName': - assert a0.name == 'urn:oid:2.5.4.42' + elif a0.friendly_name == "givenName": + assert a0.name == "urn:oid:2.5.4.42" assert a0.name_format == URI_NF assert a1.friendly_name == "surname" - assert a1.name == 'urn:oid:2.5.4.4' + assert a1.name == "urn:oid:2.5.4.4" assert a1.name_format == URI_NF else: print(a0.friendly_name) @@ -123,19 +136,23 @@ def test_to_local_name(self): saml.Attribute( friendly_name="surName", name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), saml.Attribute( friendly_name="efternamn", name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), saml.Attribute( friendly_name="titel", name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ] lan = [attribute_converter.to_local_name(self.acs, a) for a in attr] - assert _eq(lan, ['sn', 'givenName', 'title']) + assert _eq(lan, ["sn", "givenName", "title"]) def test_to_local_name_from_unspecified(self): _xml = """ @@ -152,18 +169,19 @@ def test_to_local_name_from_unspecified(self): attr = attribute_statement_from_string(_xml) ava = attribute_converter.to_local(self.acs, attr) - assert _eq(list(ava.keys()), ['EmailAddress']) + assert _eq(list(ava.keys()), ["EmailAddress"]) def test_to_local_name_from_basic(self): attr = [ saml.Attribute( name="urn:mace:dir:attribute-def:eduPersonPrimaryOrgUnitDN", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:basic") + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:basic", + ) ] lan = [attribute_converter.to_local_name(self.acs, a) for a in attr] - assert _eq(lan, ['eduPersonPrimaryOrgUnitDN']) + assert _eq(lan, ["eduPersonPrimaryOrgUnitDN"]) def test_to_and_for(self): ava = {"givenName": "Roland", "surname": "Hedberg"} @@ -179,22 +197,30 @@ def test_to_and_for(self): def test_unspecified_name_format(self): ats = saml.attribute_statement_from_string(STATEMENT4) ava = to_local(self.acs, ats) - assert ava == {'user_id': ['bob'], 'NameID': ['bobsnameagain']} + assert ava == {"user_id": ["bob"], "NameID": ["bobsnameagain"]} def test_mixed_attributes_1(self): ats = saml.attribute_statement_from_string(STATEMENT_MIXED) ava = to_local(self.acs, ats) - assert ava == {'eduPersonAffiliation': ['staff'], - 'givenName': ['Roland'], 'sn': ['Hedberg'], - 'uid': ['demouser'], 'user_id': ['bob']} + assert ava == { + "eduPersonAffiliation": ["staff"], + "givenName": ["Roland"], + "sn": ["Hedberg"], + "uid": ["demouser"], + "user_id": ["bob"], + } # Allow unknown ava = to_local(self.acs, ats, True) - assert ava == {'eduPersonAffiliation': ['staff'], - 'givenName': ['Roland'], 'sn': ['Hedberg'], - 'urn:oid:2.16.756.1.2.5.1.1.5': ['others'], - 'uid': ['demouser'], 'urn:example:com:foo': ['Thing'], - 'user_id': ['bob']} + assert ava == { + "eduPersonAffiliation": ["staff"], + "givenName": ["Roland"], + "sn": ["Hedberg"], + "urn:oid:2.16.756.1.2.5.1.1.5": ["others"], + "uid": ["demouser"], + "urn:example:com:foo": ["Thing"], + "user_id": ["bob"], + } def test_adjust_with_only_from_defined(self): attr_conv = AttributeConverter() @@ -262,7 +288,7 @@ def test_noop_attribute_conversion(): assert attr.attribute_value[0].text == "Roland" -class BuilderAVA(): +class BuilderAVA: def __init__(self, name, friendly_name, name_format): template = """ """ - self.ava = template.format( - attr_name=name, - attr_friendly_name=friendly_name, - attr_name_format=name_format) + self.ava = template.format(attr_name=name, attr_friendly_name=friendly_name, attr_name_format=name_format) -class TestSchac(): +class TestSchac: def test(self): failures = 0 friendly_name = "schacHomeOrganization" - ava_schac = BuilderAVA( - "urn:oid:1.3.6.1.4.1.25178.1.2.9", - friendly_name, - saml_map.MAP['identifier']) + ava_schac = BuilderAVA("urn:oid:1.3.6.1.4.1.25178.1.2.9", friendly_name, saml_map.MAP["identifier"]) attr = attribute_from_string(ava_schac.ava) acs = attribute_converter.ac_factory() @@ -305,14 +325,11 @@ def test(self): assert failures != len(acs) -class TestEIDAS(): +class TestEIDAS: def test(self): failures = 0 - friendly_name = 'PersonIdentifier' - ava_eidas = BuilderAVA( - saml_map.EIDAS_NATURALPERSON + friendly_name, - friendly_name, - saml_map.MAP['identifier']) + friendly_name = "PersonIdentifier" + ava_eidas = BuilderAVA(saml_map.EIDAS_NATURALPERSON + friendly_name, friendly_name, saml_map.MAP["identifier"]) attr = attribute_from_string(ava_eidas.ava) acs = attribute_converter.ac_factory() diff --git a/tests/test_20_assertion.py b/tests/test_20_assertion.py index da7e70fd4..c40bde4bb 100644 --- a/tests/test_20_assertion.py +++ b/tests/test_20_assertion.py @@ -1,49 +1,51 @@ -# coding=utf-8 -import copy +from pathutils import full_path +from pytest import raises +from saml2 import assertion +from saml2 import attribute_converter +from saml2 import config +from saml2 import create_class_from_xml_string +from saml2 import md +from saml2 import saml +from saml2 import xmldsig +from saml2 import xmlenc from saml2.argtree import add_path +from saml2.assertion import Assertion +from saml2.assertion import Policy +from saml2.assertion import filter_attribute_value_assertions +from saml2.assertion import filter_on_attributes +from saml2.assertion import from_local +from saml2.attribute_converter import AttributeConverterNOOP +from saml2.attribute_converter import ac_factory from saml2.authn_context import pword +from saml2.extension import dri +from saml2.extension import idpdisc +from saml2.extension import mdattr +from saml2.extension import mdui from saml2.mdie import to_dict -from saml2 import md, assertion, create_class_from_xml_string, config from saml2.mdstore import MetadataStore -from saml2.saml import Attribute -from saml2.saml import Issuer -from saml2.saml import NAMEID_FORMAT_ENTITY -from saml2.saml import NAME_FORMAT_URI +from saml2.s_utils import MissingValue from saml2.saml import NAME_FORMAT_UNSPECIFIED +from saml2.saml import NAME_FORMAT_URI +from saml2.saml import NAMEID_FORMAT_ENTITY +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import Attribute from saml2.saml import AttributeValue +from saml2.saml import Issuer from saml2.saml import NameID -from saml2.saml import NAMEID_FORMAT_TRANSIENT -from saml2.assertion import Policy -from saml2.assertion import Assertion -from saml2.assertion import filter_on_attributes -from saml2.assertion import filter_attribute_value_assertions -from saml2.assertion import from_local -from saml2.s_utils import MissingValue -from saml2 import attribute_converter -from saml2.attribute_converter import ac_factory, AttributeConverterNOOP -from pytest import raises - -from saml2.extension import mdui -from saml2.extension import idpdisc -from saml2.extension import dri -from saml2.extension import mdattr -from saml2 import saml -from saml2 import xmldsig -from saml2 import xmlenc - -from pathutils import full_path ONTS = [saml, mdui, mdattr, dri, idpdisc, md, xmldsig, xmlenc] ATTRCONV = ac_factory(full_path("attributemaps")) sec_config = config.Config() METADATACONF = { - "1": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("swamid-2.0.xml"),)], - }], + "1": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("swamid-2.0.xml"),)], + } + ], } @@ -51,37 +53,75 @@ def _eq(l1, l2): return set(l1) == set(l2) -gn = to_dict(md.RequestedAttribute(name="urn:oid:2.5.4.42", - friendly_name="givenName", - name_format=NAME_FORMAT_URI), ONTS) +gn = to_dict( + md.RequestedAttribute(name="urn:oid:2.5.4.42", friendly_name="givenName", name_format=NAME_FORMAT_URI), ONTS +) -sn = to_dict(md.RequestedAttribute(name="urn:oid:2.5.4.4", - friendly_name="surName", - name_format=NAME_FORMAT_URI), ONTS) +sn = to_dict(md.RequestedAttribute(name="urn:oid:2.5.4.4", friendly_name="surName", name_format=NAME_FORMAT_URI), ONTS) -mail = to_dict(md.RequestedAttribute(name="urn:oid:0.9.2342.19200300.100.1.3", - friendly_name="mail", - name_format=NAME_FORMAT_URI), ONTS) +mail = to_dict( + md.RequestedAttribute(name="urn:oid:0.9.2342.19200300.100.1.3", friendly_name="mail", name_format=NAME_FORMAT_URI), + ONTS, +) # --------------------------------------------------------------------------- def test_filter_on_attributes_0(): - a = to_dict(Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber"), ONTS) + a = to_dict( + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + ), + ONTS, + ) - required = [a] - ava = {"serialNumber": ["12345"]} + b = to_dict( + Attribute( + name="urn:oasis:names:tc:SAML:attribute:subject-id", + name_format=NAME_FORMAT_URI, + friendly_name="subject-id", + ), + ONTS, + ) + + c = to_dict( + Attribute( + name="unmapped_attr_name", + name_format=NAME_FORMAT_URI, + friendly_name="unmapped attr name", + ), + ONTS, + ) + + d = to_dict( + Attribute( + name="urn:oid:2.5.4.6", + friendly_name="c", + ), + ONTS, + ) + + required = [a, b, c, d] + ava = { + "serialNumber": ["12345"], + "subject-id": ["id_12345"], + "unmapped_attr_name": ["abcd"], + "c": ["some-country"], + } ava = filter_on_attributes(ava, required, acs=ac_factory()) - assert list(ava.keys()) == ["serialNumber"] + assert set(ava.keys()) == {"serialNumber", "subject-id", "unmapped_attr_name", "c"} assert ava["serialNumber"] == ["12345"] + assert ava["subject-id"] == ["id_12345"] + assert ava["unmapped_attr_name"] == ["abcd"] + assert ava["c"] == ["some-country"] def test_filter_on_attributes_1(): - a = to_dict(Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber"), ONTS) + a = to_dict(Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, friendly_name="serialNumber"), ONTS) required = [a] ava = {"serialNumber": ["12345"], "givenName": ["Lars"]} @@ -93,80 +133,69 @@ def test_filter_on_attributes_1(): def test_filter_on_attributes_2(): - a = to_dict(Attribute(friendly_name="surName",name="urn:oid:2.5.4.4", - name_format=NAME_FORMAT_URI), ONTS) + a = to_dict(Attribute(friendly_name="surName", name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI), ONTS) required = [a] - ava = {"sn":["kakavas"]} + ava = {"sn": ["kakavas"]} - ava = filter_on_attributes(ava,required,acs=ac_factory()) - assert list(ava.keys()) == ['sn'] + ava = filter_on_attributes(ava, required, acs=ac_factory()) + assert list(ava.keys()) == ["sn"] assert ava["sn"] == ["kakavas"] def test_filter_on_attributes_without_friendly_name(): - ava = {"eduPersonTargetedID": "test@example.com", - "eduPersonAffiliation": "test", - "extra": "foo"} - eptid = to_dict( - Attribute(name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10", - name_format=NAME_FORMAT_URI), ONTS) - ep_affiliation = to_dict( - Attribute(name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1", - name_format=NAME_FORMAT_URI), ONTS) + ava = {"eduPersonTargetedID": "test@example.com", "eduPersonAffiliation": "test", "extra": "foo"} + eptid = to_dict(Attribute(name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10", name_format=NAME_FORMAT_URI), ONTS) + ep_affiliation = to_dict(Attribute(name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1", name_format=NAME_FORMAT_URI), ONTS) - restricted_ava = filter_on_attributes(ava, required=[eptid], - optional=[ep_affiliation], - acs=ac_factory()) - assert restricted_ava == {"eduPersonTargetedID": "test@example.com", - "eduPersonAffiliation": "test"} + restricted_ava = filter_on_attributes(ava, required=[eptid], optional=[ep_affiliation], acs=ac_factory()) + assert restricted_ava == {"eduPersonTargetedID": "test@example.com", "eduPersonAffiliation": "test"} def test_filter_on_attributes_with_missing_required_attribute(): ava = {"extra": "foo"} - eptid = to_dict(Attribute( - friendly_name="eduPersonTargetedID", - name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10", - name_format=NAME_FORMAT_URI), ONTS) + eptid = to_dict( + Attribute( + friendly_name="eduPersonTargetedID", name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10", name_format=NAME_FORMAT_URI + ), + ONTS, + ) with raises(MissingValue): filter_on_attributes(ava, required=[eptid], acs=ac_factory()) def test_filter_on_attributes_with_missing_optional_attribute(): ava = {"extra": "foo"} - eptid = to_dict(Attribute( - friendly_name="eduPersonTargetedID", - name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10", - name_format=NAME_FORMAT_URI), ONTS) + eptid = to_dict( + Attribute( + friendly_name="eduPersonTargetedID", name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10", name_format=NAME_FORMAT_URI + ), + ONTS, + ) assert filter_on_attributes(ava, optional=[eptid], acs=ac_factory()) == {} def test_filter_on_attributes_with_missing_name_format(): - ava = {"eduPersonTargetedID": "test@example.com", - "eduPersonAffiliation": "test", - "extra": "foo"} - eptid = to_dict(Attribute(friendly_name="eduPersonTargetedID", - name="urn:myown:eptid", - name_format=''), ONTS) + ava = {"eduPersonTargetedID": "test@example.com", "eduPersonAffiliation": "test", "extra": "foo"} + eptid = to_dict(Attribute(friendly_name="eduPersonTargetedID", name="urn:myown:eptid", name_format=""), ONTS) ava = filter_on_attributes(ava, optional=[eptid], acs=ac_factory()) - assert ava['eduPersonTargetedID'] == "test@example.com" + assert ava["eduPersonTargetedID"] == "test@example.com" # ---------------------------------------------------------------------- + def test_lifetime_1(): conf = { - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have "urn:mace:umu.se:saml:roland:sp": { "lifetime": {"minutes": 5}, "attribute_restrictions": { "givenName": None, "surName": None, "mail": [r".*@.*\.umu\.se"], - } - }} + }, + }, + } r = Policy(conf) @@ -178,17 +207,16 @@ def test_lifetime_1(): def test_lifetime_2(): conf = { - "default": { - "attribute_restrictions": None # means all I have - }, + "default": {"attribute_restrictions": None}, # means all I have "urn:mace:umu.se:saml:roland:sp": { "lifetime": {"minutes": 5}, "attribute_restrictions": { "givenName": None, "surName": None, "mail": [r".*@.*\.umu\.se"], - } - }} + }, + }, + } r = Policy(conf) assert r is not None @@ -199,63 +227,56 @@ def test_lifetime_2(): def test_ava_filter_1(): conf = { - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have "urn:mace:umu.se:saml:roland:sp": { "lifetime": {"minutes": 5}, "attribute_restrictions": { "givenName": None, "surName": None, "mail": [r".*@.*\.umu\.se"], - } - }} + }, + }, + } r = Policy(conf) - ava = {"givenName": "Derek", - "surName": "Jeter", - "mail": "derek@example.com"} + ava = {"givenName": "Derek", "surName": "Jeter", "mail": "derek@example.com"} ava = r.filter(ava, "urn:mace:umu.se:saml:roland:sp") assert _eq(list(ava.keys()), ["givenName", "surName"]) - ava = {"givenName": "Derek", - "mail": "derek@nyy.umu.se"} + ava = {"givenName": "Derek", "mail": "derek@nyy.umu.se"} assert _eq(sorted(list(ava.keys())), ["givenName", "mail"]) def test_ava_filter_2(): conf = { - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have "urn:mace:umu.se:saml:roland:sp": { "lifetime": {"minutes": 5}, "attribute_restrictions": { "givenName": None, "sn": None, "mail": [r".*@.*\.umu\.se"], - } - }} + }, + }, + } policy = Policy(conf) ava = {"givenName": "Derek", "sn": "Jeter", "mail": "derek@example.com"} # mail removed because it doesn't match the regular expression - _ava = policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', required=[mail], optional=[gn, sn]) + _ava = policy.filter(ava, "urn:mace:umu.se:saml:roland:sp", required=[mail], optional=[gn, sn]) - assert _eq(sorted(list(_ava.keys())), ["givenName", 'sn']) + assert _eq(sorted(list(_ava.keys())), ["givenName", "sn"]) ava = {"givenName": "Derek", "sn": "Jeter"} # it wasn't there to begin with try: - policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', required=[gn, sn, mail]) + policy.filter(ava, "urn:mace:umu.se:saml:roland:sp", required=[gn, sn, mail]) except MissingValue: pass @@ -265,7 +286,7 @@ def test_ava_filter_dont_fail(): "default": { "lifetime": {"minutes": 15}, "attribute_restrictions": None, # means all I have - "fail_on_missing_requested": False + "fail_on_missing_requested": False, }, "urn:mace:umu.se:saml:roland:sp": { "lifetime": {"minutes": 5}, @@ -274,41 +295,40 @@ def test_ava_filter_dont_fail(): "surName": None, "mail": [r".*@.*\.umu\.se"], }, - "fail_on_missing_requested": False - }} + "fail_on_missing_requested": False, + }, + } policy = Policy(conf) - ava = {"givenName": "Derek", - "surName": "Jeter", - "mail": "derek@example.com"} + ava = {"givenName": "Derek", "surName": "Jeter", "mail": "derek@example.com"} # mail removed because it doesn't match the regular expression # So it should fail if the 'fail_on_ ...' flag wasn't set - _ava = policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', required=[mail], optional=[gn, sn]) + _ava = policy.filter(ava, "urn:mace:umu.se:saml:roland:sp", required=[mail], optional=[gn, sn]) assert _ava - ava = {"givenName": "Derek", - "surName": "Jeter"} + ava = {"givenName": "Derek", "surName": "Jeter"} # it wasn't there to begin with - _ava = policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', required=[gn, sn, mail]) + _ava = policy.filter(ava, "urn:mace:umu.se:saml:roland:sp", required=[gn, sn, mail]) assert _ava def test_filter_attribute_value_assertions_0(AVA): - p = Policy({ - "default": { - "attribute_restrictions": { - "surName": [".*berg"], + p = Policy( + { + "default": { + "attribute_restrictions": { + "surName": [".*berg"], + } } } - }) + ) - ava = filter_attribute_value_assertions(AVA[3].copy(), - p.get_attribute_restrictions("")) + ava = filter_attribute_value_assertions(AVA[3].copy(), p.get_attribute_restrictions("")) print(ava) assert list(ava.keys()) == ["surName"] @@ -316,25 +336,25 @@ def test_filter_attribute_value_assertions_0(AVA): def test_filter_attribute_value_assertions_1(AVA): - p = Policy({ - "default": { - "attribute_restrictions": { - "surName": None, - "givenName": [".*er.*"], + p = Policy( + { + "default": { + "attribute_restrictions": { + "surName": None, + "givenName": [".*er.*"], + } } } - }) + ) - ava = filter_attribute_value_assertions(AVA[0].copy(), - p.get_attribute_restrictions("")) + ava = filter_attribute_value_assertions(AVA[0].copy(), p.get_attribute_restrictions("")) print(ava) assert _eq(ava.keys(), ["givenName", "surName"]) assert ava["surName"] == ["Jeter"] assert ava["givenName"] == ["Derek"] - ava = filter_attribute_value_assertions(AVA[1].copy(), - p.get_attribute_restrictions("")) + ava = filter_attribute_value_assertions(AVA[1].copy(), p.get_attribute_restrictions("")) print(ava) assert _eq(list(ava.keys()), ["surName"]) @@ -342,29 +362,28 @@ def test_filter_attribute_value_assertions_1(AVA): def test_filter_attribute_value_assertions_2(AVA): - p = Policy({ - "default": { - "attribute_restrictions": { - "givenName": ["^R.*"], + p = Policy( + { + "default": { + "attribute_restrictions": { + "givenName": ["^R.*"], + } } } - }) + ) - ava = filter_attribute_value_assertions(AVA[0].copy(), - p.get_attribute_restrictions("")) + ava = filter_attribute_value_assertions(AVA[0].copy(), p.get_attribute_restrictions("")) print(ava) assert _eq(ava.keys(), []) - ava = filter_attribute_value_assertions(AVA[1].copy(), - p.get_attribute_restrictions("")) + ava = filter_attribute_value_assertions(AVA[1].copy(), p.get_attribute_restrictions("")) print(ava) assert _eq(list(ava.keys()), ["givenName"]) assert ava["givenName"] == ["Ryan"] - ava = filter_attribute_value_assertions(AVA[3].copy(), - p.get_attribute_restrictions("")) + ava = filter_attribute_value_assertions(AVA[3].copy(), p.get_attribute_restrictions("")) print(ava) assert _eq(list(ava.keys()), ["givenName"]) @@ -380,13 +399,15 @@ def test_assertion_1(AVA): print(ava) print(ava.__dict__) - policy = Policy({ - "default": { - "attribute_restrictions": { - "givenName": ["^R.*"], + policy = Policy( + { + "default": { + "attribute_restrictions": { + "givenName": ["^R.*"], + } } } - }) + ) ava = ava.apply_policy("", policy) @@ -405,22 +426,26 @@ def test_assertion_1(AVA): def test_assertion_2(): - AVA = {'mail': u'roland.hedberg@adm.umu.se', - 'eduPersonTargetedID': 'http://lingon.ladok.umu' - '.se:8090/idp!http://lingon.ladok.umu' - '.se:8088/sp!95e9ae91dbe62d35198fbbd5e1fb0976', - 'displayName': u'Roland Hedberg', - 'uid': 'http://roland.hedberg.myopenid.com/'} + AVA = { + "mail": "roland.hedberg@adm.umu.se", + "eduPersonTargetedID": "http://lingon.ladok.umu" + ".se:8090/idp!http://lingon.ladok.umu" + ".se:8088/sp!95e9ae91dbe62d35198fbbd5e1fb0976", + "displayName": "Roland Hedberg", + "uid": "http://roland.hedberg.myopenid.com/", + } ava = Assertion(AVA) - policy = Policy({ - "default": { - "lifetime": {"minutes": 240}, - "attribute_restrictions": None, # means all I have - "name_form": NAME_FORMAT_URI - }, - }) + policy = Policy( + { + "default": { + "lifetime": {"minutes": 240}, + "attribute_restrictions": None, # means all I have + "name_form": NAME_FORMAT_URI, + }, + } + ) ava = ava.apply_policy("", policy) acs = ac_factory(full_path("attributemaps")) @@ -428,21 +453,23 @@ def test_assertion_2(): assert len(attribute) == 4 names = [attr.name for attr in attribute] - assert _eq(sorted(list(names)), [ - 'urn:oid:0.9.2342.19200300.100.1.1', - 'urn:oid:0.9.2342.19200300.100.1.3', - 'urn:oid:1.3.6.1.4.1.5923.1.1.1.10', - 'urn:oid:2.16.840.1.113730.3.1.241']) + assert _eq( + sorted(list(names)), + [ + "urn:oid:0.9.2342.19200300.100.1.1", + "urn:oid:0.9.2342.19200300.100.1.3", + "urn:oid:1.3.6.1.4.1.5923.1.1.1.10", + "urn:oid:2.16.840.1.113730.3.1.241", + ], + ) # ---------------------------------------------------------------------------- def test_filter_values_req_2(): - a1 = to_dict(Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber"), ONTS) - a2 = to_dict(Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI, - friendly_name="surName"), ONTS) + a1 = to_dict(Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, friendly_name="serialNumber"), ONTS) + a2 = to_dict(Attribute(name="urn:oid:2.5.4.4", name_format=NAME_FORMAT_URI, friendly_name="surName"), ONTS) required = [a1, a2] ava = {"serialNumber": ["12345"], "givenName": ["Lars"]} @@ -453,9 +480,14 @@ def test_filter_values_req_2(): def test_filter_values_req_3(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345")], + ), + ONTS, + ) required = [a] ava = {"serialNumber": ["12345"]} @@ -467,9 +499,14 @@ def test_filter_values_req_3(): def test_filter_values_req_4(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")], + ), + ONTS, + ) required = [a] ava = {"serialNumber": ["12345"]} @@ -480,9 +517,14 @@ def test_filter_values_req_4(): def test_filter_values_req_5(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345")], + ), + ONTS, + ) required = [a] ava = {"serialNumber": ["12345", "54321"]} @@ -494,9 +536,14 @@ def test_filter_values_req_5(): def test_filter_values_req_6(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")], + ), + ONTS, + ) required = [a] ava = {"serialNumber": ["12345", "54321"]} @@ -508,13 +555,23 @@ def test_filter_values_req_6(): def test_filter_values_req_opt_0(): r = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")], + ), + ONTS, + ) o = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345")], + ), + ONTS, + ) ava = {"serialNumber": ["12345", "54321"]} @@ -525,14 +582,23 @@ def test_filter_values_req_opt_0(): def test_filter_values_req_opt_1(): r = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")], + ), + ONTS, + ) o = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345"), - AttributeValue(text="abcd0")]), ONTS) + Attribute( + name="urn:oid:2.5.4.5", + name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345"), AttributeValue(text="abcd0")], + ), + ONTS, + ) ava = {"serialNumber": ["12345", "54321"]} @@ -547,30 +613,39 @@ def test_filter_values_req_opt_2(): Attribute( friendly_name="surName", name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS), + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ONTS, + ), to_dict( Attribute( friendly_name="givenName", name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS), + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ONTS, + ), to_dict( Attribute( friendly_name="mail", name="urn:oid:0.9.2342.19200300.100.1.3", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS)] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ONTS, + ), + ] o = [ to_dict( Attribute( friendly_name="title", name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS)] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ONTS, + ) + ] - ava = {"surname": ["Hedberg"], "givenName": ["Roland"], - "eduPersonAffiliation": ["staff"], "uid": ["rohe0002"]} + ava = {"surname": ["Hedberg"], "givenName": ["Roland"], "eduPersonAffiliation": ["staff"], "uid": ["rohe0002"]} with raises(MissingValue): filter_on_attributes(ava, r, o, acs=ac_factory()) @@ -584,29 +659,33 @@ def test_filter_values_req_opt_4(): Attribute( friendly_name="surName", name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), Attribute( friendly_name="givenName", name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ] o = [ Attribute( friendly_name="title", name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ) + ] acs = attribute_converter.ac_factory(full_path("attributemaps")) rava = attribute_converter.list_to_local(acs, r) oava = attribute_converter.list_to_local(acs, o) - ava = {"sn": ["Hedberg"], "givenName": ["Roland"], - "eduPersonAffiliation": ["staff"], "uid": ["rohe0002"]} + ava = {"sn": ["Hedberg"], "givenName": ["Roland"], "eduPersonAffiliation": ["staff"], "uid": ["rohe0002"]} ava = assertion.filter_on_demands(ava, rava, oava) print(ava) - assert _eq(sorted(list(ava.keys())), ['givenName', 'sn']) - assert ava == {'givenName': ['Roland'], 'sn': ['Hedberg']} + assert _eq(sorted(list(ava.keys())), ["givenName", "sn"]) + assert ava == {"givenName": ["Roland"], "sn": ["Hedberg"]} # --------------------------------------------------------------------------- @@ -615,18 +694,14 @@ def test_filter_values_req_opt_4(): def test_filter_ava_0(): policy = Policy( { - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have "urn:mace:example.com:saml:roland:sp": { "lifetime": {"minutes": 5}, - } + }, } ) - ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com"]} + ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"]} # No restrictions apply ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp") @@ -638,22 +713,21 @@ def test_filter_ava_0(): def test_filter_ava_1(): - """ No mail address returned """ - policy = Policy({ - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, - "urn:mace:example.com:saml:roland:sp": { - "lifetime": {"minutes": 5}, - "attribute_restrictions": { - "givenName": None, - "surName": None, - } - }}) + """No mail address returned""" + policy = Policy( + { + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have + "urn:mace:example.com:saml:roland:sp": { + "lifetime": {"minutes": 5}, + "attribute_restrictions": { + "givenName": None, + "surName": None, + }, + }, + } + ) - ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com"]} + ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"]} # No restrictions apply ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp") @@ -664,21 +738,20 @@ def test_filter_ava_1(): def test_filter_ava_2(): - """ Only mail returned """ - policy = Policy({ - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, - "urn:mace:example.com:saml:roland:sp": { - "lifetime": {"minutes": 5}, - "attribute_restrictions": { - "mail": None, - } - }}) + """Only mail returned""" + policy = Policy( + { + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have + "urn:mace:example.com:saml:roland:sp": { + "lifetime": {"minutes": 5}, + "attribute_restrictions": { + "mail": None, + }, + }, + } + ) - ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com"]} + ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"]} # No restrictions apply ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp") @@ -688,21 +761,20 @@ def test_filter_ava_2(): def test_filter_ava_3(): - """ Only example.com mail addresses returned """ - policy = Policy({ - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, - "urn:mace:example.com:saml:roland:sp": { - "lifetime": {"minutes": 5}, - "attribute_restrictions": { - "mail": [r".*@example\.com$"], - } - }}) + """Only example.com mail addresses returned""" + policy = Policy( + { + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have + "urn:mace:example.com:saml:roland:sp": { + "lifetime": {"minutes": 5}, + "attribute_restrictions": { + "mail": [r".*@example\.com$"], + }, + }, + } + ) - ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com", "dj@example.com"]} + ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com", "dj@example.com"]} # No restrictions apply ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp") @@ -712,26 +784,25 @@ def test_filter_ava_3(): def test_filter_ava_4(): - """ Return everything as default policy is used """ - policy = Policy({ - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, - "urn:mace:example.com:saml:roland:sp": { - "lifetime": {"minutes": 5}, - "attribute_restrictions": { - "mail": [r".*@example\.com$"], - } - }}) + """Return everything as default policy is used""" + policy = Policy( + { + "default": {"lifetime": {"minutes": 15}, "attribute_restrictions": None}, # means all I have + "urn:mace:example.com:saml:roland:sp": { + "lifetime": {"minutes": 5}, + "attribute_restrictions": { + "mail": [r".*@example\.com$"], + }, + }, + } + ) - ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com", "dj@example.com"]} + ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com", "dj@example.com"]} # No restrictions apply ava = policy.filter(ava, "urn:mace:example.com:saml:curt:sp") - assert _eq(sorted(list(ava.keys())), ['mail', 'givenName', 'surName']) + assert _eq(sorted(list(ava.keys())), ["mail", "givenName", "surName"]) assert _eq(ava["mail"], ["derek@nyy.mlb.com", "dj@example.com"]) @@ -739,21 +810,32 @@ def test_req_opt(): req = [ to_dict( md.RequestedAttribute( - friendly_name="surname", name="urn:oid:2.5.4.4", + friendly_name="surname", + name="urn:oid:2.5.4.4", name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="true"), ONTS), + is_required="true", + ), + ONTS, + ), to_dict( md.RequestedAttribute( friendly_name="givenname", name="urn:oid:2.5.4.42", name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="true"), ONTS), + is_required="true", + ), + ONTS, + ), to_dict( md.RequestedAttribute( friendly_name="edupersonaffiliation", name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1", name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="true"), ONTS)] + is_required="true", + ), + ONTS, + ), + ] opt = [ to_dict( @@ -761,11 +843,14 @@ def test_req_opt(): friendly_name="title", name="urn:oid:2.5.4.12", name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="false"), ONTS)] + is_required="false", + ), + ONTS, + ) + ] policy = Policy() - ava = {'givenname': 'Roland', 'sn': 'Hedberg', - 'uid': 'rohe0002', 'edupersonaffiliation': 'staff'} + ava = {"givenname": "Roland", "sn": "Hedberg", "uid": "rohe0002", "edupersonaffiliation": "staff"} sp_entity_id = "urn:mace:example.com:saml:curt:sp" fava = policy.filter(ava, sp_entity_id, required=req, optional=opt) @@ -777,21 +862,25 @@ def test_filter_on_wire_representation_1(): Attribute( friendly_name="surName", name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), Attribute( friendly_name="givenName", name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ] o = [ Attribute( friendly_name="title", name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ) + ] acs = attribute_converter.ac_factory(full_path("attributemaps")) - ava = {"sn": ["Hedberg"], "givenname": ["Roland"], - "edupersonaffiliation": ["staff"], "uid": ["rohe0002"]} + ava = {"sn": ["Hedberg"], "givenname": ["Roland"], "edupersonaffiliation": ["staff"], "uid": ["rohe0002"]} ava = assertion.filter_on_wire_representation(ava, acs, r, o) assert _eq(sorted(list(ava.keys())), ["givenname", "sn"]) @@ -802,21 +891,25 @@ def test_filter_on_wire_representation_2(): Attribute( friendly_name="surName", name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), Attribute( friendly_name="givenName", name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ), + ] o = [ Attribute( friendly_name="title", name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + ) + ] acs = attribute_converter.ac_factory(full_path("attributemaps")) - ava = {"sn": ["Hedberg"], "givenname": ["Roland"], - "title": ["Master"], "uid": ["rohe0002"]} + ava = {"sn": ["Hedberg"], "givenname": ["Roland"], "title": ["Master"], "uid": ["rohe0002"]} ava = assertion.filter_on_wire_representation(ava, acs, r, o) assert _eq(sorted(list(ava.keys())), ["givenname", "sn", "title"]) @@ -832,30 +925,32 @@ def test_filter_on_wire_representation_2(): def test_assertion_with_noop_attribute_conv(): ava = {"urn:oid:2.5.4.4": "Roland", "urn:oid:2.5.4.42": "Hedberg"} ast = Assertion(ava) - policy = Policy({ - "default": { - "lifetime": {"minutes": 240}, - "attribute_restrictions": None, # means all I have - "name_form": NAME_FORMAT_URI - }, - }) + policy = Policy( + { + "default": { + "lifetime": {"minutes": 240}, + "attribute_restrictions": None, # means all I have + "name_form": NAME_FORMAT_URI, + }, + } + ) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") issuer = Issuer(text="entityid", format=NAMEID_FORMAT_ENTITY) - farg = add_path( - {}, - ['subject', 'subject_confirmation', 'method', saml.SCM_BEARER]) - add_path( - farg['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', 'in_response_to']) - add_path( - farg['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', 'consumer_url']) + farg = add_path({}, ["subject", "subject_confirmation", "method", saml.SCM_BEARER]) + add_path(farg["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "in_response_to"]) + add_path(farg["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "consumer_url"]) msg = ast.construct( - "sp_entity_id", [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, - issuer=issuer, farg=farg, authn_decl=ACD, name_id=name_id, - authn_auth="authn_authn") + "sp_entity_id", + [AttributeConverterNOOP(NAME_FORMAT_URI)], + policy, + issuer=issuer, + farg=farg, + authn_decl=ACD, + name_id=name_id, + authn_auth="authn_authn", + ) print(msg) for attr in msg.attribute_statement[0].attribute: @@ -875,7 +970,7 @@ def test_filter_ava_5(): "default": { "lifetime": {"minutes": 15}, "attribute_restrictions": None, # means all I have - "entity_categories": ["swamid", "edugain"] + "entity_categories": ["swamid", "edugain"], } } policy = Policy(restrictions=policy_conf, mds=mds) @@ -910,7 +1005,7 @@ def test_filter_ava_registration_authority_1(): "givenName": None, "surName": None, } - } + }, } policy = Policy(restrictions=policy_conf, mds=mds) @@ -945,27 +1040,27 @@ def test_assertion_with_zero_attributes(): "default": { "lifetime": {"minutes": 240}, "attribute_restrictions": None, # means all I have - "name_form": NAME_FORMAT_URI + "name_form": NAME_FORMAT_URI, }, } policy = Policy(policy_conf) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") issuer = Issuer(text="entityid", format=NAMEID_FORMAT_ENTITY) - farg = add_path( - {}, - ['subject', 'subject_confirmation', 'method', saml.SCM_BEARER]) - add_path( - farg['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', 'in_response_to']) - add_path( - farg['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', 'consumer_url']) + farg = add_path({}, ["subject", "subject_confirmation", "method", saml.SCM_BEARER]) + add_path(farg["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "in_response_to"]) + add_path(farg["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "consumer_url"]) msg = ast.construct( - "sp_entity_id", [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, - issuer=issuer, authn_decl=ACD, authn_auth="authn_authn", - name_id=name_id, farg=farg) + "sp_entity_id", + [AttributeConverterNOOP(NAME_FORMAT_URI)], + policy, + issuer=issuer, + authn_decl=ACD, + authn_auth="authn_authn", + name_id=name_id, + farg=farg, + ) print(msg) assert msg.attribute_statement == [] @@ -974,30 +1069,33 @@ def test_assertion_with_zero_attributes(): def test_assertion_with_authn_instant(): ava = {} ast = Assertion(ava) - policy = Policy({ - "default": { - "lifetime": {"minutes": 240}, - "attribute_restrictions": None, # means all I have - "name_form": NAME_FORMAT_URI - }, - }) + policy = Policy( + { + "default": { + "lifetime": {"minutes": 240}, + "attribute_restrictions": None, # means all I have + "name_form": NAME_FORMAT_URI, + }, + } + ) name_id = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") issuer = Issuer(text="entityid", format=NAMEID_FORMAT_ENTITY) - farg = add_path( - {}, - ['subject', 'subject_confirmation', 'method', saml.SCM_BEARER]) - add_path( - farg['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', 'in_response_to']) - add_path( - farg['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', 'consumer_url']) + farg = add_path({}, ["subject", "subject_confirmation", "method", saml.SCM_BEARER]) + add_path(farg["subject"]["subject_confirmation"], ["subject_confirmation_data", "in_response_to", "in_response_to"]) + add_path(farg["subject"]["subject_confirmation"], ["subject_confirmation_data", "recipient", "consumer_url"]) msg = ast.construct( - "sp_entity_id", [AttributeConverterNOOP(NAME_FORMAT_URI)], policy, - issuer=issuer, authn_decl=ACD, authn_auth="authn_authn", - authn_instant=1234567890, name_id=name_id, farg=farg) + "sp_entity_id", + [AttributeConverterNOOP(NAME_FORMAT_URI)], + policy, + issuer=issuer, + authn_decl=ACD, + authn_auth="authn_authn", + authn_instant=1234567890, + name_id=name_id, + farg=farg, + ) print(msg) assert msg.authn_statement[0].authn_instant == "2009-02-13T23:31:30Z" @@ -1020,4 +1118,3 @@ def test_attribute_consumer_should_default_to_unspecified(): if __name__ == "__main__": test_assertion_2() - diff --git a/tests/test_22_mdie.py b/tests/test_22_mdie.py index 0499f6bad..f117ecd84 100644 --- a/tests/test_22_mdie.py +++ b/tests/test_22_mdie.py @@ -2,26 +2,30 @@ from saml2.mdie import from_dict from saml2.mdstore import load_metadata_modules -__author__ = 'rolandh' + +__author__ = "rolandh" ONTS = load_metadata_modules() + def _eq(l1, l2): return set(l1) == set(l2) def _class(cls): - return "%s&%s" % (cls.c_namespace, cls.c_tag) + return f"{cls.c_namespace}&{cls.c_tag}" def test_construct_contact(): - c = from_dict({ - "__class__": _class(md.ContactPerson), - "given_name": {"text": "Roland", "__class__": _class(md.GivenName)}, - "sur_name": {"text": "Hedberg", "__class__": _class(md.SurName)}, - "email_address": [{"text":"roland@catalogix.se", - "__class__": _class(md.EmailAddress)}], - }, ONTS) + c = from_dict( + { + "__class__": _class(md.ContactPerson), + "given_name": {"text": "Roland", "__class__": _class(md.GivenName)}, + "sur_name": {"text": "Hedberg", "__class__": _class(md.SurName)}, + "email_address": [{"text": "roland@catalogix.se", "__class__": _class(md.EmailAddress)}], + }, + ONTS, + ) print(c) assert c.given_name.text == "Roland" diff --git a/tests/test_30_mdstore.py b/tests/test_30_mdstore.py index 8ce058b73..6f6632014 100644 --- a/tests/test_30_mdstore.py +++ b/tests/test_30_mdstore.py @@ -1,37 +1,35 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- +from collections import OrderedDict import datetime import os import re from re import compile as regex_compile -from collections import OrderedDict from unittest.mock import Mock from unittest.mock import patch +from urllib import parse +from pathutils import full_path from pytest import raises - import responses -from six.moves.urllib import parse - -from saml2.config import Config -from saml2.mdstore import MetadataStore, MetaDataExtern -from saml2.mdstore import MetaDataMDX -from saml2.mdstore import SAML_METADATA_CONTENT_TYPE -from saml2.mdstore import locations -from saml2.mdstore import name -from saml2 import sigver -from saml2.httpbase import HTTPBase -from saml2 import SAMLError -from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_ARTIFACT +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import SAMLError from saml2 import config +from saml2 import sigver from saml2.attribute_converter import ac_factory from saml2.attribute_converter import d_to_local_name +from saml2.config import Config +from saml2.httpbase import HTTPBase +from saml2.mdstore import SAML_METADATA_CONTENT_TYPE +from saml2.mdstore import MetaDataExtern +from saml2.mdstore import MetaDataMDX +from saml2.mdstore import MetadataStore +from saml2.mdstore import locations +from saml2.mdstore import name from saml2.s_utils import UnknownPrincipal -from pathutils import full_path TESTS_DIR = os.path.dirname(__file__) @@ -97,23 +95,31 @@ -""".format(cert_data=TEST_CERT) +""".format( + cert_data=TEST_CERT +) ATTRCONV = ac_factory(full_path("attributemaps")) METADATACONF = { - "1": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("swamid-1.0.xml"),)], - }], - "2": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("InCommon-metadata.xml"),)], - }], - "3": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("extended.xml"),)], - }], + "1": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("swamid-1.0.xml"),)], + } + ], + "2": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("InCommon-metadata.xml"),)], + } + ], + "3": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("extended.xml"),)], + } + ], # "7": [{ # "class": "saml2.mdstore.MetaDataFile", # "metadata": [(full_path("metadata_sp_1.xml"), ), @@ -125,48 +131,70 @@ # =kalmarcentral2&set=saml2", # full_path("kalmar2.pem")), ], # }], - "4": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata_example.xml"),)], - }], - "5": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata.aaitest.xml"),)], - }], - "8": [{ - "class": "saml2.mdstore.MetaDataMD", - "metadata": [(full_path("swamid.md"),)], - }], - "9": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata"),)] - }], - "10": [{ - "class": "saml2.mdstore.MetaDataExtern", - "metadata": [ - ("http://md.incommon.org/InCommon/InCommon-metadata-export.xml", - full_path("inc-md-cert.pem"))] - }], - "11": [{ - "class": "saml2.mdstore.InMemoryMetaData", - "metadata": [(TEST_METADATA_STRING,)] - }], - "12": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("uu.xml"),)], - }], - "13": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("swamid-2.0.xml"),)], - }], - "14": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("invalid_metadata_file.xml"),)], - }], - "15": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("idp_uiinfo.xml"),)], - }], + "4": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata_example.xml"),)], + } + ], + "5": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata.aaitest.xml"),)], + } + ], + "8": [ + { + "class": "saml2.mdstore.MetaDataMD", + "metadata": [(full_path("swamid.md"),)], + } + ], + "9": [{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("metadata"),)]}], + "10": [ + { + "class": "saml2.mdstore.MetaDataExtern", + "metadata": [ + ("http://md.incommon.org/InCommon/InCommon-metadata-export.xml", full_path("inc-md-cert.pem")) + ], + } + ], + "11": [{"class": "saml2.mdstore.InMemoryMetaData", "metadata": [(TEST_METADATA_STRING,)]}], + "12": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("uu.xml"),)], + } + ], + "13": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("swamid-2.0.xml"),)], + } + ], + "14": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("invalid_metadata_file.xml"),)], + } + ], + "15": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("idp_uiinfo.xml"),)], + } + ], + "16": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("empty_metadata_file.xml"),)], + } + ], + "17": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("entity_esi_and_coco_sp.xml"),)], + } + ], } @@ -177,20 +205,24 @@ def _eq(l1, l2): def _fix_valid_until(xmlstring): new_date = datetime.datetime.now() + datetime.timedelta(days=1) new_date = new_date.strftime("%Y-%m-%dT%H:%M:%SZ") - return re.sub(r' validUntil=".*?"', ' validUntil="%s"' % new_date, - xmlstring) + return re.sub(r' validUntil=".*?"', f' validUntil="{new_date}"', xmlstring) def test_invalid_metadata(): + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) + mds.imp(METADATACONF["14"]) + assert mds.entities() == 0 + + +def test_empty_metadata(): mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) with raises(SAMLError): - mds.imp(METADATACONF["14"]) + mds.imp(METADATACONF["16"]) def test_swami_1(): - UMU_IDP = 'https://idp.umu.se/saml2/idp/metadata.php' - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + UMU_IDP = "https://idp.umu.se/saml2/idp/metadata.php" + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["1"]) assert len(mds) == 1 # One source @@ -198,33 +230,31 @@ def test_swami_1(): assert idps.keys() idpsso = mds.single_sign_on_service(UMU_IDP) assert len(idpsso) == 1 - assert list(locations(idpsso)) == [ - 'https://idp.umu.se/saml2/idp/SSOService.php' - ] + assert list(locations(idpsso)) == ["https://idp.umu.se/saml2/idp/SSOService.php"] _name = name(mds[UMU_IDP]) - assert _name == u'Umeå University (SAML2)' + assert _name == "Umeå University (SAML2)" certs = mds.certs(UMU_IDP, "idpsso", "signing") assert len(certs) == 1 sps = mds.with_descriptor("spsso") assert len(sps) == 108 - wants = mds.attribute_requirement('https://connect8.sunet.se/shibboleth') + wants = mds.attribute_requirement("https://connect8.sunet.se/shibboleth") lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["optional"]] - assert _eq(lnamn, ['eduPersonPrincipalName', 'mail', 'givenName', 'sn', - 'eduPersonScopedAffiliation']) + assert _eq(lnamn, ["eduPersonPrincipalName", "mail", "givenName", "sn", "eduPersonScopedAffiliation"]) - wants = mds.attribute_requirement('https://beta.lobber.se/shibboleth') + wants = mds.attribute_requirement("https://beta.lobber.se/shibboleth") assert wants["required"] == [] lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["optional"]] - assert _eq(lnamn, ['eduPersonPrincipalName', 'mail', 'givenName', 'sn', - 'eduPersonScopedAffiliation', 'eduPersonEntitlement']) + assert _eq( + lnamn, + ["eduPersonPrincipalName", "mail", "givenName", "sn", "eduPersonScopedAffiliation", "eduPersonEntitlement"], + ) def test_incommon_1(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["2"]) @@ -234,16 +264,14 @@ def test_incommon_1(): print(idps.keys()) assert len(idps) > 300 # ~ 18% try: - _ = mds.single_sign_on_service('urn:mace:incommon:uiuc.edu') + _ = mds.single_sign_on_service("urn:mace:incommon:uiuc.edu") except UnknownPrincipal: pass - idpsso = mds.single_sign_on_service('urn:mace:incommon:alaska.edu') + idpsso = mds.single_sign_on_service("urn:mace:incommon:alaska.edu") assert len(idpsso) == 1 print(idpsso) - assert list(locations(idpsso)) == [ - 'https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO' - ] + assert list(locations(idpsso)) == ["https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO"] sps = mds.with_descriptor("spsso") @@ -262,53 +290,43 @@ def test_incommon_1(): def test_ext_2(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["3"]) # No specific binding defined ents = mds.with_descriptor("spsso") - for binding in [BINDING_SOAP, BINDING_HTTP_POST, BINDING_HTTP_ARTIFACT, - BINDING_HTTP_REDIRECT]: + for binding in [BINDING_SOAP, BINDING_HTTP_POST, BINDING_HTTP_ARTIFACT, BINDING_HTTP_REDIRECT]: assert mds.single_logout_service(list(ents.keys())[0], binding, "spsso") def test_example(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["4"]) assert len(mds.keys()) == 1 idps = mds.with_descriptor("idpsso") - assert list(idps.keys()) == [ - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php'] - certs = mds.certs( - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php', - "idpsso", "signing") + assert list(idps.keys()) == ["http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"] + certs = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso", "signing") assert len(certs) == 1 def test_switch_1(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["5"]) assert len(mds.keys()) > 160 idps = mds.with_descriptor("idpsso") print(idps.keys()) - idpsso = mds.single_sign_on_service( - 'https://aai-demo-idp.switch.ch/idp/shibboleth') + idpsso = mds.single_sign_on_service("https://aai-demo-idp.switch.ch/idp/shibboleth") assert len(idpsso) == 1 print(idpsso) - assert list(locations(idpsso)) == [ - 'https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SSO' - ] + assert list(locations(idpsso)) == ["https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SSO"] assert len(idps) > 30 aas = mds.with_descriptor("attribute_authority") print(aas.keys()) - aad = aas['https://aai-demo-idp.switch.ch/idp/shibboleth'] + aad = aas["https://aai-demo-idp.switch.ch/idp/shibboleth"] print(aad.keys()) assert len(aad["attribute_authority_descriptor"]) == 1 assert len(aad["idpsso_descriptor"]) == 1 @@ -321,8 +339,7 @@ def test_switch_1(): def test_metadata_file(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["8"]) print(len(mds.keys())) @@ -333,26 +350,35 @@ def test_metadata_file(): def test_mdx_service(): entity_id = "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" - url = "http://mdx.example.com/entities/{}".format( - parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))) - responses.add(responses.GET, url, body=TEST_METADATA_STRING, status=200, - content_type=SAML_METADATA_CONTENT_TYPE) + url = f"http://mdx.example.com/entities/{parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))}" + responses.add(responses.GET, url, body=TEST_METADATA_STRING, status=200, content_type=SAML_METADATA_CONTENT_TYPE) mdx = MetaDataMDX("http://mdx.example.com") sso_loc = mdx.service(entity_id, "idpsso_descriptor", "single_sign_on_service") - assert sso_loc[BINDING_HTTP_REDIRECT][0]["location"] == "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" + assert ( + sso_loc[BINDING_HTTP_REDIRECT][0]["location"] + == "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" + ) certs = mdx.certs(entity_id, "idpsso") assert len(certs) == 1 +@patch("saml2.httpbase.requests.get") +def test_mdx_service_request_timeout(mock_request): + entity_id = "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" + url = f"http://mdx.example.com/entities/{MetaDataMDX.sha1_entity_transform(entity_id)}" + + mdx = MetaDataMDX("http://mdx.example.com", http_client_timeout=10) + mdx.service(entity_id, "idpsso_descriptor", "single_sign_on_service") + mock_request.assert_called_with(url, headers={"Accept": "application/samlmetadata+xml"}, timeout=10) + + @responses.activate def test_mdx_single_sign_on_service(): entity_id = "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" - url = "http://mdx.example.com/entities/{}".format( - parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))) - responses.add(responses.GET, url, body=TEST_METADATA_STRING, status=200, - content_type=SAML_METADATA_CONTENT_TYPE) + url = f"http://mdx.example.com/entities/{parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))}" + responses.add(responses.GET, url, body=TEST_METADATA_STRING, status=200, content_type=SAML_METADATA_CONTENT_TYPE) mdx = MetaDataMDX("http://mdx.example.com") sso_loc = mdx.single_sign_on_service(entity_id, BINDING_HTTP_REDIRECT) @@ -364,9 +390,7 @@ def test_mdx_metadata_freshness_period_not_expired(): """Ensure that metadata is not refreshed if not expired.""" entity_id = "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" - url = "http://mdx.example.com/entities/{}".format( - parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id)) - ) + url = f"http://mdx.example.com/entities/{parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))}" responses.add( responses.GET, @@ -391,9 +415,7 @@ def test_mdx_metadata_freshness_period_expired(): """Ensure that metadata is not refreshed if not expired.""" entity_id = "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php" - url = "http://mdx.example.com/entities/{}".format( - parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id)) - ) + url = f"http://mdx.example.com/entities/{parse.quote_plus(MetaDataMDX.sha1_entity_transform(entity_id))}" responses.add( responses.GET, @@ -442,8 +464,7 @@ def test_mdx_metadata_freshness_period_expired(): def test_load_local_dir(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["9"]) print(mds) @@ -451,7 +472,7 @@ def test_load_local_dir(): assert len(mds.keys()) == 4 # number of idps -@patch('saml2.httpbase.requests.request') +@patch("saml2.httpbase.requests.request") def test_load_extern_incommon(mock_request): filepath = os.path.join(TESTS_DIR, "remote_data/InCommon-metadata-export.xml") with open(filepath) as fd: @@ -461,13 +482,19 @@ def test_load_extern_incommon(mock_request): mock_request.return_value.content = data sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True, http_client_timeout=10) mds.imp(METADATACONF["10"]) print(mds) assert mds assert len(mds.keys()) + mock_request.assert_called_with( + "GET", + "http://md.incommon.org/InCommon/InCommon-metadata-export.xml", + allow_redirects=False, + verify=False, + timeout=10, + ) def test_load_local(): @@ -477,14 +504,12 @@ def test_load_local(): saml_config = Config() - config_dict = { - "metadata": {"inline": [idp_metadata]} - } + config_dict = {"metadata": {"inline": [idp_metadata]}} cfg = saml_config.load(config_dict) assert cfg -@patch('saml2.httpbase.requests.request') +@patch("saml2.httpbase.requests.request") def test_load_remote_encoding(mock_request): filepath = os.path.join(TESTS_DIR, "remote_data/metadata.aaitest.xml") with open(filepath) as fd: @@ -495,26 +520,25 @@ def test_load_remote_encoding(mock_request): crypto = sigver._get_xmlsec_cryptobackend() sc = sigver.SecurityContext(crypto, key_type="", cert_type="") - httpc = HTTPBase() - mds = MetaDataExtern(ATTRCONV, 'http://metadata.aai.switch.ch/metadata.aaitest.xml', sc, full_path('SWITCHaaiRootCA.crt.pem'), httpc) + url = "http://metadata.aai.switch.ch/metadata.aaitest.xml" + httpc = HTTPBase(http_client_timeout=10) + mds = MetaDataExtern(ATTRCONV, url, sc, full_path("SWITCHaaiRootCA.crt.pem"), httpc) mds.load() + mock_request.assert_called_with("GET", url, allow_redirects=False, verify=True, timeout=10) + def test_load_string(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["11"]) # print(mds) assert len(mds.keys()) == 1 idps = mds.with_descriptor("idpsso") - assert list(idps.keys()) == [ - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php'] - certs = mds.certs( - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php', - "idpsso", "signing") + assert list(idps.keys()) == ["http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"] + certs = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso", "signing") assert len(certs) == 1 @@ -522,9 +546,7 @@ def test_get_certs_from_metadata(): mds = MetadataStore(ATTRCONV, None) mds.imp(METADATACONF["11"]) - cert_any_name, cert_any = mds.certs( - "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "any" - )[0] + cert_any_name, cert_any = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "any")[0] cert_idpsso_name, cert_idpsso = mds.certs( "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso" )[0] @@ -537,9 +559,7 @@ def test_get_unnamed_certs_from_metadata(): mds = MetadataStore(ATTRCONV, None) mds.imp(METADATACONF["11"]) - cert_any_name, cert_any = mds.certs( - "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "any" - )[0] + cert_any_name, cert_any = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "any")[0] cert_idpsso_name, cert_idpsso = mds.certs( "http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso" )[0] @@ -552,21 +572,21 @@ def test_get_named_certs_from_metadata(): mds = MetadataStore(ATTRCONV, None) mds.imp(METADATACONF["3"]) - cert_sign_name, cert_sign = mds.certs( - "https://coip-test.sunet.se/shibboleth", "spsso", "signing" - )[0] - cert_enc_name, cert_enc = mds.certs( - "https://coip-test.sunet.se/shibboleth", "spsso", "encryption" - )[0] + cert_sign_name, cert_sign = mds.certs("https://coip-test.sunet.se/shibboleth", "spsso", "signing")[0] + cert_enc_name, cert_enc = mds.certs("https://coip-test.sunet.se/shibboleth", "spsso", "encryption")[0] assert cert_sign_name == cert_enc_name == "coip-test.sunet.se" def test_get_certs_from_metadata_without_keydescriptor(): mds = MetadataStore(ATTRCONV, None) - mds.imp([{ - "class": "saml2.mdstore.InMemoryMetaData", - "metadata": [(""" + mds.imp( + [ + { + "class": "saml2.mdstore.InMemoryMetaData", + "metadata": [ + ( + """ datordrift@catalogix.se -""",)] - }]) +""", + ) + ], + } + ] + ) certs = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso") assert len(certs) == 0 @@ -608,33 +632,56 @@ def test_metadata_extension_algsupport(): def test_supported_algorithms(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["11"]) - algs = mds.supported_algorithms(entity_id='http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php') - assert 'http://www.w3.org/2001/04/xmlenc#sha256' in algs['digest_methods'] - assert 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha256' in algs['signing_methods'] + algs = mds.supported_algorithms(entity_id="http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php") + assert "http://www.w3.org/2001/04/xmlenc#sha256" in algs["digest_methods"] + assert "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" in algs["signing_methods"] def test_registration_info(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["13"]) - registration_info = mds.registration_info(entity_id='https://aai-idp.unibe.ch/idp/shibboleth') - assert 'http://rr.aai.switch.ch/' == registration_info['registration_authority'] - assert '2013-06-15T18:15:03Z' == registration_info['registration_instant'] - assert 'https://www.switch.ch/aai/federation/switchaai/metadata-registration-practice-statement-20110711.txt' == \ - registration_info['registration_policy']['en'] + registration_info = mds.registration_info(entity_id="https://aai-idp.unibe.ch/idp/shibboleth") + assert "http://rr.aai.switch.ch/" == registration_info["registration_authority"] + assert "2013-06-15T18:15:03Z" == registration_info["registration_instant"] + assert ( + "https://www.switch.ch/aai/federation/switchaai/metadata-registration-practice-statement-20110711.txt" + == registration_info["registration_policy"]["en"] + ) def test_registration_info_no_policy(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["13"]) - registration_info = mds.registration_info(entity_id='https://idp.szie.hu/idp/shibboleth') - assert 'http://eduid.hu' == registration_info['registration_authority'] - assert registration_info['registration_instant'] is None - assert registration_info['registration_policy'] == {} + registration_info = mds.registration_info(entity_id="https://idp.szie.hu/idp/shibboleth") + assert "http://eduid.hu" == registration_info["registration_authority"] + assert registration_info["registration_instant"] is None + assert registration_info["registration_policy"] == {} + + +def test_subject_id_requirement(): + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) + mds.imp(METADATACONF["17"]) + required_subject_id = mds.subject_id_requirement(entity_id="https://esi-coco.example.edu/saml2/metadata/") + expected = [ + { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:pairwise-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "pairwise-id", + "is_required": "true", + }, + { + "__class__": "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute", + "name": "urn:oasis:names:tc:SAML:attribute:subject-id", + "name_format": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "friendly_name": "subject-id", + "is_required": "true", + }, + ] + assert required_subject_id + assert all(e in expected for e in required_subject_id) def test_extension(): @@ -642,7 +689,9 @@ def test_extension(): # use ordered dict to force expected entity to be last metadata = OrderedDict() metadata["1"] = {"entity1": {}} - metadata["2"] = {"entity2": {"idpsso_descriptor": [{"extensions": {"extension_elements": [{"__class__": "test"}]}}]}} + metadata["2"] = { + "entity2": {"idpsso_descriptor": [{"extensions": {"extension_elements": [{"__class__": "test"}]}}]} + } mds.metadata = metadata assert mds.extension("entity2", "idpsso_descriptor", "test") @@ -651,7 +700,7 @@ def test_shibmd_scope_no_regex_no_descriptor_type(): mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["15"]) - scopes = mds.sbibmd_scopes(entity_id='http://example.com/saml2/idp.xml') + scopes = mds.shibmd_scopes(entity_id="http://example.com/saml2/idp.xml") all_scopes = list(scopes) expected = [ @@ -661,7 +710,7 @@ def test_shibmd_scope_no_regex_no_descriptor_type(): }, { "regexp": True, - "text": regex_compile("descriptor-example[^0-9]*\.org"), + "text": regex_compile(r"descriptor-example[^0-9]*\.org"), }, ] assert len(all_scopes) == 2 @@ -672,7 +721,7 @@ def test_shibmd_scope_no_regex_all_descriptors(): mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["15"]) - scopes = mds.sbibmd_scopes(entity_id='http://example.com/saml2/idp.xml', typ="idpsso_descriptor") + scopes = mds.shibmd_scopes(entity_id="http://example.com/saml2/idp.xml", typ="idpsso_descriptor") all_scopes = list(scopes) expected = [ { @@ -681,7 +730,7 @@ def test_shibmd_scope_no_regex_all_descriptors(): }, { "regexp": True, - "text": regex_compile("descriptor-example[^0-9]*\.org"), + "text": regex_compile(r"descriptor-example[^0-9]*\.org"), }, { "regexp": False, diff --git a/tests/test_30_mdstore_old.py b/tests/test_30_mdstore_old.py index d9f400ed0..412d54c65 100644 --- a/tests/test_30_mdstore_old.py +++ b/tests/test_30_mdstore_old.py @@ -1,33 +1,29 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- import datetime -import re import os +import re from unittest.mock import patch -from saml2.mdstore import MetadataStore, MetaDataMDX -from saml2.mdstore import locations -from saml2.mdstore import name +from pathutils import full_path -from saml2 import md -from saml2 import sigver -from saml2 import BINDING_SOAP -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_ARTIFACT -from saml2 import saml +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP from saml2 import config +from saml2 import sigver from saml2.attribute_converter import ac_factory from saml2.attribute_converter import d_to_local_name +from saml2.mdstore import MetadataStore +from saml2.mdstore import locations +from saml2.mdstore import name from saml2.s_utils import UnknownPrincipal -from pathutils import full_path - TESTS_DIR = os.path.dirname(__file__) sec_config = config.Config() -#sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) +# sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) TEST_METADATA_STRING = """ 300 # ~ 18% try: - _ = mds.single_sign_on_service('urn:mace:incommon:uiuc.edu') + _ = mds.single_sign_on_service("urn:mace:incommon:uiuc.edu") except UnknownPrincipal: pass - idpsso = mds.single_sign_on_service('urn:mace:incommon:alaska.edu') + idpsso = mds.single_sign_on_service("urn:mace:incommon:alaska.edu") assert len(idpsso) == 1 print(idpsso) - assert list(locations(idpsso)) == [ - 'https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO' - ] + assert list(locations(idpsso)) == ["https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO"] sps = mds.with_descriptor("spsso") @@ -209,53 +186,43 @@ def test_incommon_1(): def test_ext_2(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["3"]) # No specific binding defined ents = mds.with_descriptor("spsso") - for binding in [BINDING_SOAP, BINDING_HTTP_POST, BINDING_HTTP_ARTIFACT, - BINDING_HTTP_REDIRECT]: + for binding in [BINDING_SOAP, BINDING_HTTP_POST, BINDING_HTTP_ARTIFACT, BINDING_HTTP_REDIRECT]: assert mds.single_logout_service(list(ents.keys())[0], binding, "spsso") def test_example(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["4"]) assert len(mds.keys()) == 1 idps = mds.with_descriptor("idpsso") - assert list(idps.keys()) == [ - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php'] - certs = mds.certs( - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php', - "idpsso", "signing") + assert list(idps.keys()) == ["http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"] + certs = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso", "signing") assert len(certs) == 1 def test_switch_1(): - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["5"]) assert len(mds.keys()) > 160 idps = mds.with_descriptor("idpsso") print(idps.keys()) - idpsso = mds.single_sign_on_service( - 'https://aai-demo-idp.switch.ch/idp/shibboleth') + idpsso = mds.single_sign_on_service("https://aai-demo-idp.switch.ch/idp/shibboleth") assert len(idpsso) == 1 print(idpsso) - assert list(locations(idpsso)) == [ - 'https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SSO' - ] + assert list(locations(idpsso)) == ["https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SSO"] assert len(idps) > 30 aas = mds.with_descriptor("attribute_authority") print(aas.keys()) - aad = aas['https://aai-demo-idp.switch.ch/idp/shibboleth'] + aad = aas["https://aai-demo-idp.switch.ch/idp/shibboleth"] print(aad.keys()) assert len(aad["attribute_authority_descriptor"]) == 1 assert len(aad["idpsso_descriptor"]) == 1 @@ -268,8 +235,7 @@ def test_switch_1(): def test_metadata_file(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["8"]) print(len(mds.keys())) @@ -304,8 +270,7 @@ def test_metadata_file(): def test_load_local_dir(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["9"]) print(mds) @@ -313,7 +278,7 @@ def test_load_local_dir(): assert len(mds.keys()) == 4 # number of idps -@patch('saml2.httpbase.requests.request') +@patch("saml2.httpbase.requests.request") def test_load_external(mock_request): filepath = os.path.join(TESTS_DIR, "remote_data/InCommon-metadata-export.xml") with open(filepath) as fd: @@ -323,8 +288,7 @@ def test_load_external(mock_request): mock_request.return_value.content = data sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["10"]) print(mds) @@ -334,20 +298,17 @@ def test_load_external(mock_request): def test_load_string(): sec_config.xmlsec_binary = sigver.get_xmlsec_binary(["/opt/local/bin"]) - mds = MetadataStore(ATTRCONV, sec_config, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) mds.imp(METADATACONF["11"]) print(mds) assert len(mds.keys()) == 1 idps = mds.with_descriptor("idpsso") - assert list(idps.keys()) == [ - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php'] - certs = mds.certs( - 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php', - "idpsso", "signing") + assert list(idps.keys()) == ["http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php"] + certs = mds.certs("http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php", "idpsso", "signing") assert len(certs) == 1 + if __name__ == "__main__": test_load_external() diff --git a/tests/test_31_config.py b/tests/test_31_config.py index d58b9a01b..599f1b146 100644 --- a/tests/test_31_config.py +++ b/tests/test_31_config.py @@ -1,21 +1,20 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -import sys -import logging -from saml2.mdstore import MetadataStore, name + +from pathutils import dotname +from pathutils import full_path from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP +from saml2.authn_context import PASSWORDPROTECTEDTRANSPORT as AUTHN_PASSWORD_PROTECTED +from saml2.authn_context import TIMESYNCTOKEN as AUTHN_TIME_SYNC_TOKEN from saml2.config import Config from saml2.config import IdPConfig from saml2.config import SPConfig -from saml2.authn_context import PASSWORDPROTECTEDTRANSPORT as AUTHN_PASSWORD_PROTECTED -from saml2.authn_context import TIMESYNCTOKEN as AUTHN_TIME_SYNC_TOKEN -from saml2 import logger - -from pathutils import dotname, full_path -from saml2.sigver import security_context, CryptoBackendXMLSecurity +from saml2.mdstore import MetadataStore +from saml2.mdstore import name +from saml2.sigver import CryptoBackendXMLSecurity +from saml2.sigver import security_context sp1 = { @@ -23,15 +22,15 @@ "service": { "sp": { "endpoints": { - "assertion_consumer_service": [ - "http://lingon.catalogix.se:8087/"], + "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"], }, "name": "test", "idp": { "urn:mace:example.com:saml:roland:idp": { - 'single_sign_on_service': - {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': - 'http://localhost:8088/sso/'}}, + "single_sign_on_service": { + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect": "http://localhost:8088/sso/" + } + }, }, "requested_authn_context": { "authn_context_class_ref": [ @@ -44,23 +43,24 @@ }, "key_file": full_path("test.key"), "cert_file": full_path("test.pem"), - "metadata": [{ - "class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("metadata.xml"), ), - (full_path("urn-mace-swami.se-swamid-test-1.0-metadata.xml"), )], - }], + "metadata": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("metadata.xml"),), (full_path("urn-mace-swami.se-swamid-test-1.0-metadata.xml"),)], + } + ], "virtual_organization": { "coip": { "nameid_format": "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", "common_identifier": "eduPersonPrincipalName", "attribute_auth": [ "https://coip-test.sunet.se/idp/shibboleth", - ] + ], } }, "attribute_map_dir": full_path("attributemaps"), "only_use_keys_in_metadata": True, - "xmlsec_path": ["/opt/local/bin"] + "xmlsec_path": ["/opt/local/bin"], } sp2 = { @@ -69,8 +69,7 @@ "service": { "sp": { "endpoints": { - "assertion_consumer_service": [ - "http://lingon.catalogix.se:8087/"], + "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], @@ -82,7 +81,7 @@ "force_authn": True, } }, - #"xmlsec_binary" : "/opt/local/bin/xmlsec1", + # "xmlsec_binary" : "/opt/local/bin/xmlsec1", } IDP1 = { @@ -102,11 +101,12 @@ "mail": [".*@example.com"], } }, - "urn:mace:umu.se:saml:roland:sp": None + "urn:mace:umu.se:saml:roland:sp": None, }, + "error_url": "http://localhost:8080/error", } }, - #"xmlsec_binary" : "/usr/local/bin/xmlsec1", + # "xmlsec_binary" : "/usr/local/bin/xmlsec1", } IDP2 = { @@ -116,8 +116,7 @@ "idp": { "endpoints": { "single_sign_on_service": ["http://localhost:8088/"], - "single_logout_service": [ - ("http://localhost:8088/", BINDING_HTTP_REDIRECT)], + "single_logout_service": [("http://localhost:8088/", BINDING_HTTP_REDIRECT)], }, "policy": { "default": { @@ -128,11 +127,11 @@ "mail": [".*@example.com"], } }, - "urn:mace:umu.se:saml:roland:sp": None + "urn:mace:umu.se:saml:roland:sp": None, }, } }, - #"xmlsec_binary" : "/usr/local/bin/xmlsec1", + # "xmlsec_binary" : "/usr/local/bin/xmlsec1", } PDP = { @@ -141,8 +140,7 @@ "service": { "pdp": { "endpoints": { - "authz_service": [("http://example.org/pysaml2/pdp/authz", - BINDING_SOAP)], + "authz_service": [("http://example.org/pysaml2/pdp/authz", BINDING_SOAP)], }, } }, @@ -153,12 +151,13 @@ "display_name": [("Exempel AB", "se"), ("Example Co.", "en")], "url": "http://www.example.com/roland", }, - "contact_person": [{ - "given_name": "John", - "sur_name": "Smith", - "email_address": ["john.smith@example.com"], - "contact_type": "technical", - }, + "contact_person": [ + { + "given_name": "John", + "sur_name": "Smith", + "email_address": ["john.smith@example.com"], + "contact_type": "technical", + }, ], } @@ -168,15 +167,14 @@ "service": { "sp": { "endpoints": { - "assertion_consumer_service": [ - "http://lingon.catalogix.se:8087/"], + "assertion_consumer_service": ["http://lingon.catalogix.se:8087/"], }, "ecp": { "130.239.": "http://example.com/idp", - } + }, } }, - #"xmlsec_binary" : "/opt/local/bin/xmlsec1", + # "xmlsec_binary" : "/opt/local/bin/xmlsec1", } IDP_XMLSECURITY = { @@ -186,8 +184,7 @@ "idp": { "endpoints": { "single_sign_on_service": ["http://localhost:8088/"], - "single_logout_service": [ - ("http://localhost:8088/", BINDING_HTTP_REDIRECT)], + "single_logout_service": [("http://localhost:8088/", BINDING_HTTP_REDIRECT)], }, "policy": { "default": { @@ -198,12 +195,12 @@ "mail": [".*@example.com"], } }, - "urn:mace:umu.se:saml:roland:sp": None + "urn:mace:umu.se:saml:roland:sp": None, }, } }, "key_file": "pkcs11:///usr/lunasa/lib/libCryptoki2_64.so:1/eduID dev SAML signing key?pin=123456", - "crypto_backend": "XMLSecurity" + "crypto_backend": "XMLSecurity", } @@ -225,10 +222,8 @@ def test_1(): assert list(c._sp_idp.keys()) == ["urn:mace:example.com:saml:roland:idp"] assert list(c._sp_idp.values()) == [ { - 'single_sign_on_service': { - 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': ( - 'http://localhost:8088/sso/' - ) + "single_sign_on_service": { + "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect": ("http://localhost:8088/sso/") } } ] @@ -236,8 +231,8 @@ def test_1(): assert c.only_use_keys_in_metadata assert type(c.getattr("requested_authn_context")) is dict assert c.getattr("requested_authn_context").get("authn_context_class_ref") == [ - AUTHN_PASSWORD_PROTECTED, - AUTHN_TIME_SYNC_TOKEN, + AUTHN_PASSWORD_PROTECTED, + AUTHN_TIME_SYNC_TOKEN, ] assert c.getattr("requested_authn_context").get("comparison") == "exact" @@ -256,8 +251,7 @@ def test_2(): assert len(c._sp_idp) == 1 assert list(c._sp_idp.keys()) == [""] - assert list(c._sp_idp.values()) == [ - "https://example.com/saml2/idp/SSOService.php"] + assert list(c._sp_idp.values()) == ["https://example.com/saml2/idp/SSOService.php"] assert c.only_use_keys_in_metadata is True @@ -275,7 +269,7 @@ def test_minimum(): }, } }, - #"xmlsec_binary" : "/usr/local/bin/xmlsec1", + # "xmlsec_binary" : "/usr/local/bin/xmlsec1", } c = SPConfig().load(minimum) @@ -289,25 +283,24 @@ def test_idp_1(): c.context = "idp" print(c) - assert c.endpoint("single_sign_on_service")[0] == 'http://localhost:8088/' + assert c.endpoint("single_sign_on_service")[0] == "http://localhost:8088/" - attribute_restrictions = c.getattr("policy", - "idp").get_attribute_restrictions("") + attribute_restrictions = c.getattr("policy", "idp").get_attribute_restrictions("") assert attribute_restrictions["edupersonaffiliation"][0].match("staff") + error_url = c.getattr("error_url", "idp") + assert error_url == "http://localhost:8080/error" + def test_idp_2(): c = IdPConfig().load(IDP2) c.context = "idp" print(c) - assert c.endpoint("single_logout_service", - BINDING_SOAP) == [] - assert c.endpoint("single_logout_service", - BINDING_HTTP_REDIRECT) == ["http://localhost:8088/"] + assert c.endpoint("single_logout_service", BINDING_SOAP) == [] + assert c.endpoint("single_logout_service", BINDING_HTTP_REDIRECT) == ["http://localhost:8088/"] - attribute_restrictions = c.getattr("policy", - "idp").get_attribute_restrictions("") + attribute_restrictions = c.getattr("policy", "idp").get_attribute_restrictions("") assert attribute_restrictions["edupersonaffiliation"][0].match("staff") @@ -317,8 +310,8 @@ def test_wayf(): idps = c.metadata.with_descriptor("idpsso") ent = list(idps.values())[0] - assert name(ent) == 'Example Co.' - assert name(ent, "se") == 'Exempel AB' + assert name(ent) == "Example Co." + assert name(ent, "se") == "Exempel AB" def test_conf_syslog(): @@ -333,18 +326,18 @@ def test_3(): assert cnf.debug == 1 assert cnf.key_file == full_path("test.key") assert cnf.cert_file == full_path("test.pem") - #assert cnf.xmlsec_binary == "/usr/local/bin/xmlsec1" + # assert cnf.xmlsec_binary == "/usr/local/bin/xmlsec1" assert cnf.accepted_time_diff == 60 assert cnf.secret == "0123456789" assert cnf.metadata is not None assert cnf.attribute_converters is not None + assert cnf.http_client_timeout == 10 def test_sp(): cnf = SPConfig() cnf.load_file(dotname("sp_1_conf")) - assert cnf.endpoint("assertion_consumer_service") == \ - ["http://lingon.catalogix.se:8087/"] + assert cnf.endpoint("assertion_consumer_service") == ["http://lingon.catalogix.se:8087/"] def test_dual(): @@ -360,8 +353,7 @@ def test_dual(): def test_ecp(): cnf = SPConfig() cnf.load(ECP_SP) - assert cnf.endpoint("assertion_consumer_service") == \ - ["http://lingon.catalogix.se:8087/"] + assert cnf.endpoint("assertion_consumer_service") == ["http://lingon.catalogix.se:8087/"] eid = cnf.ecp_endpoint("130.239.16.3") assert eid == "http://example.com/idp" eid = cnf.ecp_endpoint("130.238.20.20") @@ -378,26 +370,26 @@ def test_assertion_consumer_service(): entity_id = "https://www.zimride.com/shibboleth" acs = c.metadata.assertion_consumer_service(entity_id) assert len(acs) == 1 - assert acs[0][ - "location"] == 'https://www.zimride.com/Shibboleth.sso/SAML2/POST' + assert acs[0]["location"] == "https://www.zimride.com/Shibboleth.sso/SAML2/POST" def test_crypto_backend(): idpc = IdPConfig() idpc.load(IDP_XMLSECURITY) - assert idpc.crypto_backend == 'XMLSecurity' + assert idpc.crypto_backend == "XMLSecurity" sec = security_context(idpc) assert isinstance(sec.crypto, CryptoBackendXMLSecurity) + def test_unset_force_authn(): cnf = SPConfig().load(sp1) - assert bool(cnf.getattr('force_authn', 'sp')) == False + assert bool(cnf.getattr("force_authn", "sp")) == False def test_set_force_authn(): cnf = SPConfig().load(sp2) - assert bool(cnf.getattr('force_authn', 'sp')) == True + assert bool(cnf.getattr("force_authn", "sp")) == True if __name__ == "__main__": diff --git a/tests/test_32_cache.py b/tests/test_32_cache.py index 1dc1b4ebb..68ca07096 100644 --- a/tests/test_32_cache.py +++ b/tests/test_32_cache.py @@ -4,14 +4,15 @@ from pytest import raises -from saml2.saml import NameID, NAMEID_FORMAT_TRANSIENT from saml2.cache import Cache -from saml2.time_util import in_a_while, str_to_time from saml2.ident import code +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import NameID +from saml2.time_util import in_a_while +from saml2.time_util import str_to_time -SESSION_INFO_PATTERN = {"ava": {}, "came from": "", "not_on_or_after": 0, - "issuer": "", "session_id": -1} +SESSION_INFO_PATTERN = {"ava": {}, "came from": "", "not_on_or_after": 0, "issuer": "", "session_id": -1} def _eq(l1, l2): @@ -25,7 +26,8 @@ def nid_eq(l1, l2): nid = [ NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="1234"), NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="9876"), - NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="1000")] + NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="1000"), +] class TestClass: @@ -68,7 +70,7 @@ def test_from_one_target_source(self): def test_entities(self): assert _eq(self.cache.entities(nid[0]), ["abcd", "bcde"]) with raises(Exception): - self.cache.entities('6666') + self.cache.entities("6666") def test_remove_info(self): self.cache.reset(nid[0], "bcde") @@ -76,7 +78,7 @@ def test_remove_info(self): assert self.cache.active(nid[0], "abcd") (ava, inactive) = self.cache.get_identity(nid[0]) - assert inactive == ['bcde'] + assert inactive == ["bcde"] assert _eq(ava.keys(), ["givenName"]) assert ava["givenName"] == ["Derek"] @@ -90,10 +92,8 @@ def test_subjects(self): def test_second_subject(self): not_on_or_after = str_to_time(in_a_while(days=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"givenName": ["Ichiro"], - "surName": ["Suzuki"]} - self.cache.set(nid[1], "abcd", session_info, - not_on_or_after) + session_info["ava"] = {"givenName": ["Ichiro"], "surName": ["Suzuki"]} + self.cache.set(nid[1], "abcd", session_info, not_on_or_after) (ava, inactive) = self.cache.get_identity(nid[1]) assert inactive == [] @@ -107,10 +107,8 @@ def test_receivers(self): not_on_or_after = str_to_time(in_a_while(days=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"givenName": ["Ichiro"], - "surName": ["Suzuki"]} - self.cache.set(nid[1], "bcde", session_info, - not_on_or_after) + session_info["ava"] = {"givenName": ["Ichiro"], "surName": ["Suzuki"]} + self.cache.set(nid[1], "bcde", session_info, not_on_or_after) assert _eq(self.cache.receivers(nid[1]), ["abcd", "bcde"]) assert nid_eq(self.cache.subjects(), nid[0:2]) @@ -118,10 +116,8 @@ def test_receivers(self): def test_timeout(self): not_on_or_after = str_to_time(in_a_while(seconds=1)) session_info = SESSION_INFO_PATTERN.copy() - session_info["ava"] = {"givenName": ["Alex"], - "surName": ["Rodriguez"]} - self.cache.set(nid[2], "bcde", session_info, - not_on_or_after) + session_info["ava"] = {"givenName": ["Alex"], "surName": ["Rodriguez"]} + self.cache.set(nid[2], "bcde", session_info, not_on_or_after) time.sleep(2) (ava, inactive) = self.cache.get_identity(nid[2]) diff --git a/tests/test_33_identifier.py b/tests/test_33_identifier.py index 6f11f7fee..46d9ce41a 100644 --- a/tests/test_33_identifier.py +++ b/tests/test_33_identifier.py @@ -1,49 +1,51 @@ #!/usr/bin/env python import os +from pathutils import full_path + from saml2 import samlp -from saml2.saml import NAMEID_FORMAT_PERSISTENT, NAMEID_FORMAT_TRANSIENT +from saml2.assertion import Policy from saml2.config import IdPConfig from saml2.ident import IdentDB -from saml2.assertion import Policy - -from pathutils import full_path +from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2.saml import NAMEID_FORMAT_TRANSIENT def _eq(l1, l2): return set(l1) == set(l2) -CONFIG = IdPConfig().load({ - "entityid": "urn:mace:example.com:idp:2", - "name": "test", - "service": { - "idp": { - "endpoints": { - "single_sign_on_service": ["http://idp.example.org/"], - }, - "policy": { - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None, # means all I have - "name_form": - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - "nameid_format": NAMEID_FORMAT_PERSISTENT - } +CONFIG = IdPConfig().load( + { + "entityid": "urn:mace:example.com:idp:2", + "name": "test", + "service": { + "idp": { + "endpoints": { + "single_sign_on_service": ["http://idp.example.org/"], + }, + "policy": { + "default": { + "lifetime": {"minutes": 15}, + "attribute_restrictions": None, # means all I have + "name_form": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + "nameid_format": NAMEID_FORMAT_PERSISTENT, + } + }, } - } - }, - "virtual_organization": { - "http://vo.example.org/biomed": { - "nameid_format": "urn:oid:2.16.756.1.2.5.1.1.1-NameID", - "common_identifier": "uid", }, - "http://vo.example.org/design": { - "nameid_format": NAMEID_FORMAT_PERSISTENT, - "common_identifier": "uid", - } + "virtual_organization": { + "http://vo.example.org/biomed": { + "nameid_format": "urn:oid:2.16.756.1.2.5.1.1.1-NameID", + "common_identifier": "uid", + }, + "http://vo.example.org/design": { + "nameid_format": NAMEID_FORMAT_PERSISTENT, + "common_identifier": "uid", + }, + }, } -}) +) NAME_ID_POLICY_1 = """ {key_info}""" TMPL = f"\n{TMPL_NO_HEADER}" -IDENTITY = {"eduPersonAffiliation": ["staff", "member"], - "surName": ["Jeter"], "givenName": ["Derek"], - "mail": ["foo@gmail.com"], - "title": ["shortstop"]} +IDENTITY = { + "eduPersonAffiliation": ["staff", "member"], + "surName": ["Jeter"], + "givenName": ["Derek"], + "mail": ["foo@gmail.com"], + "title": ["shortstop"], +} -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def test_pre_enc_key_format(): @@ -44,41 +46,33 @@ def the_xsd_ID_value_may_contain_only_letters_digits_underscores_hyphens_periods def test_pre_enc_with_pregenerated_key(): tmpl = pre_encryption_part(encrypted_key_id="EK", encrypted_data_id="ED") - expected = TMPL_NO_HEADER.format( - ed_id=tmpl.id, - ek_id=tmpl.key_info.encrypted_key.id, - key_info='' - ) + expected = TMPL_NO_HEADER.format(ed_id=tmpl.id, ek_id=tmpl.key_info.encrypted_key.id, key_info="") assert str(tmpl) == expected def test_pre_enc_with_generated_key(): tmpl = pre_encryption_part() - expected = TMPL_NO_HEADER.format( - ed_id=tmpl.id, - ek_id=tmpl.key_info.encrypted_key.id, - key_info='' - ) + expected = TMPL_NO_HEADER.format(ed_id=tmpl.id, ek_id=tmpl.key_info.encrypted_key.id, key_info="") assert str(tmpl) == expected + def test_pre_enc_with_named_key(): tmpl = pre_encryption_part(key_name="my-rsa-key") expected = TMPL_NO_HEADER.format( ed_id=tmpl.id, ek_id=tmpl.key_info.encrypted_key.id, - key_info='my-rsa-key' + key_info="my-rsa-key", ) assert str(tmpl) == expected def test_reshuffle_response(): with closing(Server("idp_conf")) as server: - name_id = server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") + name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") resp_ = server.create_authn_response( - IDENTITY, "id12", "http://lingon.catalogix.se:8087/", - "urn:mace:example.com:saml:roland:sp", name_id=name_id) + IDENTITY, "id12", "http://lingon.catalogix.se:8087/", "urn:mace:example.com:saml:roland:sp", name_id=name_id + ) resp2 = pre_encrypt_assertion(resp_) @@ -87,12 +81,11 @@ def test_reshuffle_response(): def test_enc1(): with closing(Server("idp_conf")) as server: - name_id = server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") + name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") resp_ = server.create_authn_response( - IDENTITY, "id12", "http://lingon.catalogix.se:8087/", - "urn:mace:example.com:saml:roland:sp", name_id=name_id) + IDENTITY, "id12", "http://lingon.catalogix.se:8087/", "urn:mace:example.com:saml:roland:sp", name_id=name_id + ) statement = pre_encrypt_assertion(resp_) @@ -107,9 +100,18 @@ def test_enc1(): # data_file.close() key_type = "des-192" - com_list = [xmlsec_path, "encrypt", "--pubkey-cert-pem", full_path("pubkey.pem"), - "--session-key", key_type, "--xml-data", data, - "--node-xpath", ASSERT_XPATH] + com_list = [ + xmlsec_path, + "encrypt", + "--pubkey-cert-pem", + full_path("pubkey.pem"), + "--session-key", + key_type, + "--xml-data", + data, + "--node-xpath", + ASSERT_XPATH, + ] crypto = CryptoBackendXmlSec1(xmlsec_path) (_stdout, _stderr, output) = crypto._run_xmlsec(com_list, [tmpl]) @@ -122,17 +124,16 @@ def test_enc2(): crypto = CryptoBackendXmlSec1(xmlsec_path) with closing(Server("idp_conf")) as server: - name_id = server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") + name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") resp_ = server.create_authn_response( - IDENTITY, "id12", "http://lingon.catalogix.se:8087/", - "urn:mace:example.com:saml:roland:sp", name_id=name_id) + IDENTITY, "id12", "http://lingon.catalogix.se:8087/", "urn:mace:example.com:saml:roland:sp", name_id=name_id + ) - enc_resp = crypto.encrypt_assertion(resp_, full_path("pubkey.pem"), - pre_encryption_part()) + enc_resp = crypto.encrypt_assertion(resp_, full_path("pubkey.pem"), pre_encryption_part()) assert enc_resp + if __name__ == "__main__": test_enc1() diff --git a/tests/test_43_soap.py b/tests/test_43_soap.py old mode 100755 new mode 100644 index bf66a1d0d..91a45fda6 --- a/tests/test_43_soap.py +++ b/tests/test_43_soap.py @@ -1,24 +1,14 @@ #!/usr/bin/env python -try: - from xml.etree import cElementTree as ElementTree - if ElementTree.VERSION < '1.3.0': - # cElementTree has no support for register_namespace - # neither _namespace_map, thus we sacrify performance - # for correctness - from xml.etree import ElementTree -except ImportError: - try: - import cElementTree as ElementTree - except ImportError: - from elementtree import ElementTree -from defusedxml.common import EntitiesForbidden +from xml.etree import ElementTree as ElementTree +from defusedxml.common import EntitiesForbidden from pytest import raises -import saml2.samlp as samlp -from saml2.samlp import NAMESPACE as SAMLP_NAMESPACE from saml2 import soap +from saml2.samlp import NAMESPACE as SAMLP_NAMESPACE +import saml2.samlp as samlp + NAMESPACE = "http://schemas.xmlsoap.org/soap/envelope/" @@ -43,33 +33,33 @@ def test_parse_soap_envelope(): envelope = ElementTree.fromstring(example) - assert envelope.tag == '{%s}Envelope' % NAMESPACE + assert envelope.tag == "{%s}Envelope" % NAMESPACE # How to check that it's the right type ? assert len(envelope) == 1 body = envelope[0] - assert body.tag == '{%s}Body' % NAMESPACE + assert body.tag == "{%s}Body" % NAMESPACE assert len(body) == 1 saml_part = body[0] - assert saml_part.tag == '{%s}Response' % SAMLP_NAMESPACE + assert saml_part.tag == "{%s}Response" % SAMLP_NAMESPACE # {http://schemas.xmlsoap.org/soap/envelope/}Envelope def test_make_soap_envelope(): - envelope = ElementTree.Element('') - envelope.tag = '{%s}Envelope' % NAMESPACE - body = ElementTree.Element('') - body.tag = '{%s}Body' % NAMESPACE - envelope.append(body) + envelope = ElementTree.Element("") + envelope.tag = "{%s}Envelope" % NAMESPACE + body = ElementTree.Element("") + body.tag = "{%s}Body" % NAMESPACE + envelope.append(body) request = samlp.AuthnRequest() request.become_child_element_of(body) - assert envelope.tag == '{%s}Envelope' % NAMESPACE + assert envelope.tag == "{%s}Envelope" % NAMESPACE assert len(envelope) == 1 body = envelope[0] - assert body.tag == '{%s}Body' % NAMESPACE + assert body.tag == "{%s}Body" % NAMESPACE assert len(body) == 1 saml_part = body[0] - assert saml_part.tag == '{%s}AuthnRequest' % SAMLP_NAMESPACE + assert saml_part.tag == "{%s}AuthnRequest" % SAMLP_NAMESPACE def test_parse_soap_enveloped_saml_thingy_xxe(): diff --git a/tests/test_44_authnresp.py b/tests/test_44_authnresp.py index 3ee377538..17db75a4a 100644 --- a/tests/test_44_authnresp.py +++ b/tests/test_44_authnresp.py @@ -1,15 +1,17 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- from contextlib import closing from datetime import datetime +from datetime import timezone + from dateutil import parser -from saml2.authn_context import INTERNETPROTOCOLPASSWORD +from pathutils import dotname +from pathutils import full_path -from saml2.server import Server -from saml2.response import authn_response +from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.config import config_factory +from saml2.response import authn_response +from saml2.server import Server -from pathutils import dotname, full_path XML_RESPONSE_FILE = full_path("saml_signed.xml") XML_RESPONSE_FILE2 = full_path("saml2_response.xml") @@ -18,53 +20,57 @@ def _eq(l1, l2): return set(l1) == set(l2) -IDENTITY = {"eduPersonAffiliation": ["staff", "member"], - "surName": ["Jeter"], "givenName": ["Derek"], - "mail": ["foo@gmail.com"], - "title": ["shortstop"]} -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" +IDENTITY = { + "eduPersonAffiliation": ["staff", "member"], + "surName": ["Jeter"], + "givenName": ["Derek"], + "mail": ["foo@gmail.com"], + "title": ["shortstop"], } +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} + class TestAuthnResponse: def setup_class(self): with closing(Server(dotname("idp_conf"))) as server: - name_id = server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp","id12") + name_id = server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") self._resp_ = server.create_authn_response( - IDENTITY, - "id12", # in_response_to - "http://lingon.catalogix.se:8087/", # consumer_url - "urn:mace:example.com:saml:roland:sp", # sp_entity_id - name_id=name_id, - authn=AUTHN) + IDENTITY, + "id12", # in_response_to + "http://lingon.catalogix.se:8087/", # consumer_url + "urn:mace:example.com:saml:roland:sp", # sp_entity_id + name_id=name_id, + authn=AUTHN, + ) self._sign_resp_ = server.create_authn_response( - IDENTITY, - "id12", # in_response_to - "http://lingon.catalogix.se:8087/", # consumer_url - "urn:mace:example.com:saml:roland:sp", # sp_entity_id - name_id=name_id, sign_assertion=True, - authn=AUTHN) + IDENTITY, + "id12", # in_response_to + "http://lingon.catalogix.se:8087/", # consumer_url + "urn:mace:example.com:saml:roland:sp", # sp_entity_id + name_id=name_id, + sign_assertion=True, + authn=AUTHN, + ) self._resp_authn = server.create_authn_response( - IDENTITY, - "id12", # in_response_to - "http://lingon.catalogix.se:8087/", # consumer_url - "urn:mace:example.com:saml:roland:sp", # sp_entity_id - name_id=name_id, - authn=AUTHN) + IDENTITY, + "id12", # in_response_to + "http://lingon.catalogix.se:8087/", # consumer_url + "urn:mace:example.com:saml:roland:sp", # sp_entity_id + name_id=name_id, + authn=AUTHN, + ) self.conf = config_factory("sp", dotname("server_conf")) self.conf.only_use_keys_in_metadata = False self.ar = authn_response(self.conf, "http://lingon.catalogix.se:8087/") def test_verify_1(self): - xml_response = "%s" % (self._resp_,) + xml_response = f"{self._resp_}" print(xml_response) self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"} self.ar.timeslack = 10000 @@ -72,11 +78,11 @@ def test_verify_1(self): self.ar.verify() print(self.ar.__dict__) - assert self.ar.came_from == 'http://localhost:8088/sso' + assert self.ar.came_from == "http://localhost:8088/sso" assert self.ar.session_id() == "id12" assert self.ar.ava["givenName"] == IDENTITY["givenName"] assert self.ar.name_id - assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' + assert self.ar.issuer() == "urn:mace:example.com:saml:roland:idp" def test_verify_signed_1(self): xml_response = self._sign_resp_ @@ -88,10 +94,10 @@ def test_verify_signed_1(self): self.ar.verify() print(self.ar.__dict__) - assert self.ar.came_from == 'http://localhost:8088/sso' + assert self.ar.came_from == "http://localhost:8088/sso" assert self.ar.session_id() == "id12" assert self.ar.ava["sn"] == IDENTITY["surName"] - assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' + assert self.ar.issuer() == "urn:mace:example.com:saml:roland:idp" assert self.ar.name_id def test_parse_2(self): @@ -102,17 +108,17 @@ def test_parse_2(self): self.ar.return_addr = "http://xenosmilus.umdc.umu.se:8087/login" self.ar.entity_id = "xenosmilus.umdc.umu.se" # roughly a year, should create the response on the fly - self.ar.timeslack = 315360000 # indecent long time + self.ar.timeslack = 315360000 # indecent long time self.ar.loads(xml_response, decode=False) self.ar.verify() print(self.ar.__dict__) - assert self.ar.came_from == 'http://localhost:8088/foo' + assert self.ar.came_from == "http://localhost:8088/foo" assert self.ar.session_id() == ID assert self.ar.name_id def test_verify_w_authn(self): - xml_response = "%s" % (self._resp_authn,) + xml_response = f"{self._resp_authn}" self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"} self.ar.return_addr = "http://lingon.catalogix.se:8087/" self.ar.entity_id = "urn:mace:example.com:saml:roland:sp" @@ -126,7 +132,7 @@ def test_verify_w_authn(self): assert len(authn_info) == 1 assert authn_info[0][0] == INTERNETPROTOCOLPASSWORD assert authn_info[0][1] == ["http://www.example.com/login"] - now = datetime.utcnow() + now = datetime.now(timezone.utc) dt = parser.parse(authn_info[0][2]) assert now.year == dt.year and now.month == dt.month and now.day == dt.day session_info = self.ar.session_info() diff --git a/tests/test_50_server.py b/tests/test_50_server.py index 2344481f4..2784d172b 100644 --- a/tests/test_50_server.py +++ b/tests/test_50_server.py @@ -1,53 +1,50 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- import base64 +from contextlib import closing import copy import os -from contextlib import closing -from six.moves.urllib.parse import parse_qs -import uuid import re +from urllib.parse import parse_qs +import uuid -from saml2.cert import OpenSSLWrapper -from saml2.sigver import make_temp, DecryptError, EncryptError, CertificateError -from saml2.assertion import Policy -from saml2.authn_context import INTERNETPROTOCOLPASSWORD -from saml2.response import IncorrectlySigned -from saml2.saml import NameID, NAMEID_FORMAT_TRANSIENT -from saml2.samlp import response_from_string +from pathutils import full_path +from pytest import raises -from saml2.server import Server -from saml2 import samlp -from saml2 import saml +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_SOAP +from saml2 import VERSION from saml2 import client from saml2 import config from saml2 import extension_elements_to_elements from saml2 import s_utils -from saml2 import sigver +from saml2 import saml +from saml2 import samlp from saml2 import time_util -from saml2 import VERSION +from saml2.assertion import Policy +from saml2.authn_context import INTERNETPROTOCOLPASSWORD +from saml2.cert import OpenSSLWrapper +from saml2.response import IncorrectlySigned from saml2.s_utils import OtherError from saml2.s_utils import do_attribute_statement from saml2.s_utils import factory from saml2.s_utils import sid +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import NameID +from saml2.samlp import response_from_string +from saml2.server import Server +from saml2.sigver import CertificateError +from saml2.sigver import DecryptError +from saml2.sigver import EncryptError +from saml2.sigver import make_temp from saml2.soap import make_soap_enveloped_saml_thingy -from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_HTTP_REDIRECT -from saml2 import BINDING_SOAP from saml2.time_util import instant - -from pytest import raises -from pathutils import full_path import saml2.xmldsig as ds -nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, - text="123456") +nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="123456") -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def response_factory(**kwargs): @@ -58,6 +55,7 @@ def response_factory(**kwargs): return response + def _eq(l1, l2): return set(l1) == set(l2) @@ -87,32 +85,25 @@ def generate_cert(): "state": "ac", "city": "Umea", "organization": "ITS", - "organization_unit": "DIRG" + "organization_unit": "DIRG", } osw = OpenSSLWrapper() - ca_cert_str = osw.read_str_from_file( - full_path("root_cert/localhost.ca.crt")) - ca_key_str = osw.read_str_from_file( - full_path("root_cert/localhost.ca.key")) - req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True, - sn=sn, key_length=2048) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str) + ca_cert_str = osw.read_str_from_file(full_path("root_cert/localhost.ca.crt")) + ca_key_str = osw.read_str_from_file(full_path("root_cert/localhost.ca.key")) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True, sn=sn, key_length=2048) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str) return cert_str, req_key_str -class TestServer1(): - +class TestServer1: def setup_class(self): self.server = Server("idp_conf") conf = config.SPConfig() conf.load_file("server_conf") self.client = client.Saml2Client(conf) - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") - self.ava = {"givenName": ["Derek"], "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": "The man"} + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") + self.ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} def teardown_class(self): self.server.close() @@ -123,10 +114,7 @@ def verify_assertion(self, assertion): ava = ava = get_ava(assertion[0]) - assert ava ==\ - {'mail': ['derek@nyy.mlb.com'], 'givenName': ['Derek'], - 'sn': ['Jeter'], 'title': ['The man']} - + assert ava == {"mail": ["derek@nyy.mlb.com"], "givenName": ["Derek"], "sn": ["Jeter"], "title": ["The man"]} def verify_encrypted_assertion(self, assertion, decr_text): self.verify_assertion(assertion) @@ -142,11 +130,11 @@ def verify_advice_assertion(self, resp, decr_text): assert resp.assertion[0].advice.encrypted_assertion[0].extension_elements - assertion = extension_elements_to_elements(resp.assertion[0].advice.encrypted_assertion[0].extension_elements, - [saml, samlp]) + assertion = extension_elements_to_elements( + resp.assertion[0].advice.encrypted_assertion[0].extension_elements, [saml, samlp] + ) self.verify_encrypted_assertion(assertion, decr_text) - def test_issuer(self): issuer = self.server._issuer() assert isinstance(issuer, saml.Issuer) @@ -157,9 +145,8 @@ def test_issuer(self): def test_assertion(self): assertion = s_utils.assertion_factory( subject=factory( - saml.Subject, text="_aaa", - name_id=factory(saml.NameID, - format=saml.NAMEID_FORMAT_TRANSIENT)), + saml.Subject, text="_aaa", name_id=factory(saml.NameID, format=saml.NAMEID_FORMAT_TRANSIENT) + ), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), @@ -169,8 +156,7 @@ def test_assertion(self): issuer=self.server._issuer(), ) - assert _eq(assertion.keyswv(), ['attribute_statement', 'issuer', 'id', - 'subject', 'issue_instant', 'version']) + assert _eq(assertion.keyswv(), ["attribute_statement", "issuer", "id", "subject", "issue_instant", "version"]) assert assertion.version == "2.0" assert assertion.issuer.text == "urn:mace:example.com:saml:roland:idp" # @@ -200,8 +186,7 @@ def test_response(self): destination="https:#www.example.com", status=s_utils.success_status_factory(), assertion=s_utils.assertion_factory( - subject=factory(saml.Subject, text="_aaa", - name_id=saml.NAMEID_FORMAT_TRANSIENT), + subject=factory(saml.Subject, text="_aaa", name_id=saml.NAMEID_FORMAT_TRANSIENT), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), @@ -214,9 +199,10 @@ def test_response(self): ) print(response.keyswv()) - assert _eq(response.keyswv(), ['destination', 'assertion', 'status', - 'in_response_to', 'issue_instant', - 'version', 'issuer', 'id']) + assert _eq( + response.keyswv(), + ["destination", "assertion", "status", "in_response_to", "issue_instant", "version", "issuer", "id"], + ) assert response.version == "2.0" assert response.issuer.text == "urn:mace:example.com:saml:roland:idp" assert response.destination == "https:#www.example.com" @@ -227,26 +213,22 @@ def test_response(self): assert status.status_code.value == samlp.STATUS_SUCCESS def test_parse_faulty_request(self): - req_id, authn_request = self.client.create_authn_request( - destination="http://www.example.com", id="id1") + req_id, authn_request = self.client.create_authn_request(destination="http://www.example.com", id="id1") # should raise an error because faulty spentityid binding = BINDING_HTTP_REDIRECT - htargs = self.client.apply_binding( - binding, "%s" % authn_request, "http://www.example.com", "abcd") - _dict = parse_qs(htargs["headers"][0][1].split('?')[1]) + htargs = self.client.apply_binding(binding, f"{authn_request}", "http://www.example.com", "abcd") + _dict = parse_qs(htargs["headers"][0][1].split("?")[1]) print(_dict) with raises(OtherError): self.server.parse_authn_request(_dict["SAMLRequest"][0], binding) def test_parse_faulty_request_to_err_status(self): - req_id, authn_request = self.client.create_authn_request( - destination="http://www.example.com") + req_id, authn_request = self.client.create_authn_request(destination="http://www.example.com") binding = BINDING_HTTP_REDIRECT - htargs = self.client.apply_binding(binding, "%s" % authn_request, - "http://www.example.com", "abcd") - _dict = parse_qs(htargs["headers"][0][1].split('?')[1]) + htargs = self.client.apply_binding(binding, f"{authn_request}", "http://www.example.com", "abcd") + _dict = parse_qs(htargs["headers"][0][1].split("?")[1]) print(_dict) try: @@ -259,7 +241,7 @@ def test_parse_faulty_request_to_err_status(self): assert status print(status) assert _eq(status.keyswv(), ["status_code", "status_message"]) - assert status.status_message.text == 'Not destined for me!' + assert status.status_message.text == "Not destined for me!" status_code = status.status_code assert _eq(status_code.keyswv(), ["status_code", "value"]) assert status_code.value == samlp.STATUS_RESPONDER @@ -274,9 +256,8 @@ def test_parse_ok_request(self): print(authn_request) binding = BINDING_HTTP_REDIRECT - htargs = self.client.apply_binding(binding, "%s" % authn_request, - "http://www.example.com", "abcd") - _dict = parse_qs(htargs["headers"][0][1].split('?')[1]) + htargs = self.client.apply_binding(binding, f"{authn_request}", "http://www.example.com", "abcd") + _dict = parse_qs(htargs["headers"][0][1].split("?")[1]) print(_dict) req = self.server.parse_authn_request(_dict["SAMLRequest"][0], binding) @@ -288,31 +269,30 @@ def test_parse_ok_request(self): name_id_policy = resp_args["name_id_policy"] assert _eq(name_id_policy.keyswv(), ["format"]) assert name_id_policy.format == saml.NAMEID_FORMAT_TRANSIENT - assert resp_args[ - "sp_entity_id"] == "urn:mace:example.com:saml:roland:sp" + assert resp_args["sp_entity_id"] == "urn:mace:example.com:saml:roland:sp" def test_sso_response_with_identity(self): - name_id = self.server.ident.transient_nameid( - "https://example.com/sp", "id12") + name_id = self.server.ident.transient_nameid("https://example.com/sp", "id12") resp = self.server.create_authn_response( { "eduPersonEntitlement": "Short stop", "sn": "Jeter", "givenName": "Derek", "mail": "derek.jeter@nyy.mlb.com", - "title": "The man" + "title": "The man", }, "id12", # in_response_to "http://localhost:8087/", # destination "https://example.com/sp", # sp_entity_id name_id=name_id, - authn=AUTHN + authn=AUTHN, ) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'assertion', - 'in_response_to', 'issue_instant', - 'version', 'id', 'issuer']) + assert _eq( + resp.keyswv(), + ["status", "destination", "assertion", "in_response_to", "issue_instant", "version", "id", "issuer"], + ) assert resp.destination == "http://localhost:8087/" assert resp.in_response_to == "id12" assert resp.status @@ -348,19 +328,20 @@ def test_sso_response_with_identity(self): def test_sso_response_without_identity(self): resp = self.server.create_authn_response( {}, - "id12", # in_response_to - "http://localhost:8087/", # consumer_url - "urn:mace:example.com:saml:roland:sp", # sp_entity_id - userid="USER1", - authn=AUTHN, - release_policy=Policy(), - best_effort=True + "id12", # in_response_to + "http://localhost:8087/", # consumer_url + "urn:mace:example.com:saml:roland:sp", # sp_entity_id + userid="USER1", + authn=AUTHN, + release_policy=Policy(), + best_effort=True, ) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'in_response_to', - 'issue_instant', 'version', 'id', 'issuer', - 'assertion']) + assert _eq( + resp.keyswv(), + ["status", "destination", "in_response_to", "issue_instant", "version", "id", "issuer", "assertion"], + ) assert resp.destination == "http://localhost:8087/" assert resp.in_response_to == "id12" assert resp.status @@ -374,38 +355,37 @@ def test_sso_response_specific_instant(self): resp = self.server.create_authn_response( {}, - "id12", # in_response_to - "http://localhost:8087/", # consumer_url - "urn:mace:example.com:saml:roland:sp", # sp_entity_id - userid="USER1", - authn=_authn, - best_effort=True + "id12", # in_response_to + "http://localhost:8087/", # consumer_url + "urn:mace:example.com:saml:roland:sp", # sp_entity_id + userid="USER1", + authn=_authn, + best_effort=True, ) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'in_response_to', - 'issue_instant', 'version', 'id', 'issuer', - 'assertion']) + assert _eq( + resp.keyswv(), + ["status", "destination", "in_response_to", "issue_instant", "version", "id", "issuer", "assertion"], + ) authn_statement = resp.assertion.authn_statement[0] - assert authn_statement.authn_instant == '2009-02-13T23:31:30Z' + assert authn_statement.authn_instant == "2009-02-13T23:31:30Z" def test_sso_failure_response(self): exc = s_utils.MissingValue("eduPersonAffiliation missing") - resp = self.server.create_error_response( - "id12", "http://localhost:8087/", exc) + resp = self.server.create_error_response("id12", "http://localhost:8087/", exc) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'in_response_to', - 'issue_instant', 'version', 'id', 'issuer']) + assert _eq( + resp.keyswv(), ["status", "destination", "in_response_to", "issue_instant", "version", "id", "issuer"] + ) assert resp.destination == "http://localhost:8087/" assert resp.in_response_to == "id12" assert resp.status print(resp.status) assert resp.status.status_code.value == samlp.STATUS_RESPONDER - assert resp.status.status_code.status_code.value == \ - samlp.STATUS_REQUEST_UNSUPPORTED - assert resp.status.status_message.text == \ - "eduPersonAffiliation missing" + assert resp.status.status_code.status_code.value == samlp.STATUS_REQUEST_UNSUPPORTED + assert resp.status.status_message.text == "eduPersonAffiliation missing" assert resp.issuer.text == "urn:mace:example.com:saml:roland:idp" assert not resp.assertion @@ -414,28 +394,40 @@ def test_authn_response_0(self): conf.load_file("server_conf") self.client = client.Saml2Client(conf) - ava = {"givenName": ["Derek"], "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": "The man"} + ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} - npolicy = samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT, - allow_create="true") + npolicy = samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT, allow_create="true") resp_str = "%s" % self.server.create_authn_response( - ava, "id1", "http://local:8087/", - "urn:mace:example.com:saml:roland:sp", npolicy, - "foba0001@example.com", authn=AUTHN) + ava, + "id1", + "http://local:8087/", + "urn:mace:example.com:saml:roland:sp", + npolicy, + "foba0001@example.com", + authn=AUTHN, + ) response = samlp.response_from_string(resp_str) print(response.keyswv()) - assert _eq(response.keyswv(), ['status', 'destination', 'assertion', - 'in_response_to', 'issue_instant', - 'version', 'issuer', 'id']) + assert _eq( + response.keyswv(), + ["status", "destination", "assertion", "in_response_to", "issue_instant", "version", "issuer", "id"], + ) print(response.assertion[0].keyswv()) assert len(response.assertion) == 1 - assert _eq(response.assertion[0].keyswv(), ['attribute_statement', - 'issue_instant', 'version', - 'subject', 'conditions', - 'id', 'issuer', - 'authn_statement']) + assert _eq( + response.assertion[0].keyswv(), + [ + "attribute_statement", + "issue_instant", + "version", + "subject", + "conditions", + "id", + "issuer", + "authn_statement", + ], + ) assertion = response.assertion[0] assert len(assertion.attribute_statement) == 1 astate = assertion.attribute_statement[0] @@ -443,10 +435,8 @@ def test_authn_response_0(self): assert len(astate.attribute) == 4 def test_signed_response(self): - name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") - ava = {"givenName": ["Derek"], "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": "The man"} + name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") + ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} signed_resp = self.server.create_authn_response( ava, @@ -454,7 +444,7 @@ def test_signed_response(self): "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, - sign_assertion=True + sign_assertion=True, ) print(signed_resp) @@ -471,7 +461,6 @@ def test_signed_response(self): def test_signed_response_1(self): - signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to @@ -484,16 +473,20 @@ def test_signed_response_1(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=sresponse.assertion[0].id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=sresponse.assertion[0].id, + ) assert valid self.verify_assertion(sresponse.assertion) @@ -511,17 +504,18 @@ def test_signed_response_2(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid assert sresponse.assertion[0].signature == None def test_signed_response_3(self): - signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to @@ -536,10 +530,12 @@ def test_signed_response_3(self): assert sresponse.signature == None - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=sresponse.assertion[0].id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=sresponse.assertion[0].id, + ) assert valid self.verify_assertion(sresponse.assertion) @@ -565,17 +561,19 @@ def test_encrypted_signed_response_1(self): sresponse = response_from_string(signed_resp) valid = self.server.sec.verify_signature( - signed_resp, self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, ) assert valid valid = self.server.sec.verify_signature( - signed_resp, self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=sresponse.assertion[0].id + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=sresponse.assertion[0].id, ) assert valid @@ -588,16 +586,14 @@ def test_encrypted_signed_response_1(self): assert resp.assertion[0].advice.encrypted_assertion[0].extension_elements assertion = extension_elements_to_elements( - resp.assertion[0].advice.encrypted_assertion[0].extension_elements, - [saml, samlp]) + resp.assertion[0].advice.encrypted_assertion[0].extension_elements, [saml, samlp] + ) self.verify_assertion(assertion) - - - #PEFIM never signs assertions. + # PEFIM never signs assertions. assert assertion[0].signature is None - #valid = self.server.sec.verify_signature(decr_text, + # valid = self.server.sec.verify_signature(decr_text, # self.server.config.cert_file, # node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', # node_id=assertion[0].id) @@ -620,13 +616,15 @@ def test_encrypted_signed_response_2(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid - decr_text_old = copy.deepcopy("%s" % signed_resp) + decr_text_old = copy.deepcopy(f"{signed_resp}") with raises(DecryptError): decr_text = self.server.sec.decrypt( @@ -646,7 +644,6 @@ def test_encrypted_signed_response_2(self): self.verify_assertion(resp.assertion) - def test_encrypted_signed_response_3(self): cert_str, cert_key_str = generate_cert() @@ -665,10 +662,12 @@ def test_encrypted_signed_response_3(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid key_fd = make_temp(cert_key_str, decode=False) @@ -678,17 +677,18 @@ def test_encrypted_signed_response_3(self): resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp]) - valid = self.server.sec.verify_signature(decr_text, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=resp.assertion[0].id) + valid = self.server.sec.verify_signature( + decr_text, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=resp.assertion[0].id, + ) assert valid self.verify_assertion(resp.assertion) - assert 'xmlns:encas' not in decr_text - + assert "xmlns:encas" not in decr_text def test_encrypted_signed_response_4(self): @@ -710,10 +710,12 @@ def test_encrypted_signed_response_4(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid decr_text = self.server.sec.decrypt(signed_resp, self.client.config.encryption_keypairs[1]["key_file"]) @@ -722,10 +724,12 @@ def test_encrypted_signed_response_4(self): resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp]) - valid = self.server.sec.verify_signature(decr_text, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=resp.assertion[0].id) + valid = self.server.sec.verify_signature( + decr_text, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=resp.assertion[0].id, + ) assert valid @@ -735,13 +739,14 @@ def test_encrypted_signed_response_4(self): resp = samlp.response_from_string(decr_text) assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp]) - assertion = \ - extension_elements_to_elements(assertion[0].advice.encrypted_assertion[0].extension_elements,[saml, samlp]) + assertion = extension_elements_to_elements( + assertion[0].advice.encrypted_assertion[0].extension_elements, [saml, samlp] + ) self.verify_assertion(assertion) - #PEFIM never signs assertion in advice + # PEFIM never signs assertion in advice assert assertion[0].signature is None - #valid = self.server.sec.verify_signature(decr_text, + # valid = self.server.sec.verify_signature(decr_text, # self.server.config.cert_file, # node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', # node_id=assertion[0].id) @@ -764,7 +769,7 @@ def test_encrypted_response_1(self): encrypt_cert_advice=cert_str_advice, ) - _resp = "%s" % _resp + _resp = f"{_resp}" sresponse = response_from_string(_resp) @@ -824,7 +829,7 @@ def test_encrypted_response_3(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=False, - encrypt_cert_assertion=cert_str_assertion + encrypt_cert_assertion=cert_str_assertion, ) sresponse = response_from_string(_resp) @@ -881,10 +886,10 @@ def test_encrypted_response_5(self): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - pefim=True + pefim=True, ) - _resp = "%s" % _resp + _resp = f"{_resp}" sresponse = response_from_string(_resp) @@ -915,7 +920,7 @@ def test_encrypted_response_6(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str_advice, - encrypt_cert_assertion=cert_str_assertion + encrypt_cert_assertion=cert_str_assertion, ) sresponse = response_from_string(_resp) @@ -945,7 +950,7 @@ def test_encrypted_response_7(self): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - pefim=True + pefim=True, ) sresponse = response_from_string(_resp) @@ -976,7 +981,7 @@ def test_encrypted_response_8(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice="whatever", - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) with raises(EncryptError): @@ -1006,7 +1011,7 @@ def test_encrypted_response_8(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=False, - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) _server = Server("idp_conf_verify_cert") @@ -1024,7 +1029,7 @@ def test_encrypted_response_8(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice="whatever", - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) with raises(CertificateError): @@ -1054,7 +1059,7 @@ def test_encrypted_response_8(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=False, - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) def test_encrypted_response_9(self): @@ -1085,7 +1090,7 @@ def test_encrypted_response_9(self): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - pefim=True + pefim=True, ) self.verify_assertion(_resp.assertion.advice.assertion) @@ -1105,7 +1110,6 @@ def test_encrypted_response_9(self): self.verify_assertion([_resp.assertion]) - def test_slo_http_post(self): soon = time_util.in_a_while(days=1) sinfo = { @@ -1115,18 +1119,20 @@ def test_slo_http_post(self): "user": { "givenName": "Leo", "sn": "Laport", - } + }, } self.client.users.add_information_about_person(sinfo) req_id, logout_request = self.client.create_logout_request( - destination="http://localhost:8088/slop", name_id=nid, + destination="http://localhost:8088/slop", + name_id=nid, issuer_entity_id="urn:mace:example.com:saml:roland:idp", - reason="I'm tired of this") + reason="I'm tired of this", + ) - intermed = base64.b64encode(str(logout_request).encode('utf-8')) + intermed = base64.b64encode(str(logout_request).encode("utf-8")) - #saml_soap = make_soap_enveloped_saml_thingy(logout_request) + # saml_soap = make_soap_enveloped_saml_thingy(logout_request) request = self.server.parse_logout_request(intermed, BINDING_HTTP_POST) assert request @@ -1139,18 +1145,20 @@ def test_slo_soap(self): "user": { "givenName": "Leo", "sn": "Laport", - } + }, } sp = client.Saml2Client(config_file="server_conf") sp.users.add_information_about_person(sinfo) req_id, logout_request = sp.create_logout_request( - name_id=nid, destination="http://localhost:8088/slo", + name_id=nid, + destination="http://localhost:8088/slo", issuer_entity_id="urn:mace:example.com:saml:roland:idp", - reason="I'm tired of this") + reason="I'm tired of this", + ) - #_ = s_utils.deflate_and_base64_encode("%s" % (logout_request,)) + # _ = s_utils.deflate_and_base64_encode("%s" % (logout_request,)) saml_soap = make_soap_enveloped_saml_thingy(logout_request) self.server.ident.close() @@ -1160,21 +1168,19 @@ def test_slo_soap(self): idp.ident.close() assert request -# ------------------------------------------------------------------------ +# ------------------------------------------------------------------------ -class TestServer1NonAsciiAva(): +class TestServer1NonAsciiAva: def setup_class(self): self.server = Server("idp_conf") conf = config.SPConfig() conf.load_file("server_conf") self.client = client.Saml2Client(conf) - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") - self.ava = {"givenName": ["Dave"], "sn": ["Concepción"], - "mail": ["dave@cnr.mlb.com"], "title": "#13"} + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") + self.ava = {"givenName": ["Dave"], "sn": ["Concepción"], "mail": ["dave@cnr.mlb.com"], "title": "#13"} def teardown_class(self): self.server.close() @@ -1185,10 +1191,7 @@ def verify_assertion(self, assertion): ava = get_ava(assertion[0]) - assert ava == \ - {"givenName": ["Dave"], "sn": [u"Concepción"], - "mail": ["dave@cnr.mlb.com"], "title": ["#13"]} - + assert ava == {"givenName": ["Dave"], "sn": ["Concepción"], "mail": ["dave@cnr.mlb.com"], "title": ["#13"]} def verify_encrypted_assertion(self, assertion, decr_text): self.verify_assertion(assertion) @@ -1203,11 +1206,11 @@ def verify_advice_assertion(self, resp, decr_text): assert resp.assertion[0].advice.encrypted_assertion[0].extension_elements - assertion = extension_elements_to_elements(resp.assertion[0].advice.encrypted_assertion[0].extension_elements, - [saml, samlp]) + assertion = extension_elements_to_elements( + resp.assertion[0].advice.encrypted_assertion[0].extension_elements, [saml, samlp] + ) self.verify_encrypted_assertion(assertion, decr_text) - def test_issuer(self): issuer = self.server._issuer() assert isinstance(issuer, saml.Issuer) @@ -1218,9 +1221,8 @@ def test_issuer(self): def test_assertion(self): assertion = s_utils.assertion_factory( subject=factory( - saml.Subject, text="_aaa", - name_id=factory(saml.NameID, - format=saml.NAMEID_FORMAT_TRANSIENT)), + saml.Subject, text="_aaa", name_id=factory(saml.NameID, format=saml.NAMEID_FORMAT_TRANSIENT) + ), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), @@ -1230,8 +1232,7 @@ def test_assertion(self): issuer=self.server._issuer(), ) - assert _eq(assertion.keyswv(), ['attribute_statement', 'issuer', 'id', - 'subject', 'issue_instant', 'version']) + assert _eq(assertion.keyswv(), ["attribute_statement", "issuer", "id", "subject", "issue_instant", "version"]) assert assertion.version == "2.0" assert assertion.issuer.text == "urn:mace:example.com:saml:roland:idp" # @@ -1261,8 +1262,7 @@ def test_response(self): destination="https:#www.example.com", status=s_utils.success_status_factory(), assertion=s_utils.assertion_factory( - subject=factory(saml.Subject, text="_aaa", - name_id=saml.NAMEID_FORMAT_TRANSIENT), + subject=factory(saml.Subject, text="_aaa", name_id=saml.NAMEID_FORMAT_TRANSIENT), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), @@ -1275,9 +1275,10 @@ def test_response(self): ) print(response.keyswv()) - assert _eq(response.keyswv(), ['destination', 'assertion', 'status', - 'in_response_to', 'issue_instant', - 'version', 'issuer', 'id']) + assert _eq( + response.keyswv(), + ["destination", "assertion", "status", "in_response_to", "issue_instant", "version", "issuer", "id"], + ) assert response.version == "2.0" assert response.issuer.text == "urn:mace:example.com:saml:roland:idp" assert response.destination == "https:#www.example.com" @@ -1288,26 +1289,22 @@ def test_response(self): assert status.status_code.value == samlp.STATUS_SUCCESS def test_parse_faulty_request(self): - req_id, authn_request = self.client.create_authn_request( - destination="http://www.example.com", id="id1") + req_id, authn_request = self.client.create_authn_request(destination="http://www.example.com", id="id1") # should raise an error because faulty spentityid binding = BINDING_HTTP_REDIRECT - htargs = self.client.apply_binding( - binding, "%s" % authn_request, "http://www.example.com", "abcd") - _dict = parse_qs(htargs["headers"][0][1].split('?')[1]) + htargs = self.client.apply_binding(binding, f"{authn_request}", "http://www.example.com", "abcd") + _dict = parse_qs(htargs["headers"][0][1].split("?")[1]) print(_dict) with raises(OtherError): self.server.parse_authn_request(_dict["SAMLRequest"][0], binding) def test_parse_faulty_request_to_err_status(self): - req_id, authn_request = self.client.create_authn_request( - destination="http://www.example.com") + req_id, authn_request = self.client.create_authn_request(destination="http://www.example.com") binding = BINDING_HTTP_REDIRECT - htargs = self.client.apply_binding(binding, "%s" % authn_request, - "http://www.example.com", "abcd") - _dict = parse_qs(htargs["headers"][0][1].split('?')[1]) + htargs = self.client.apply_binding(binding, f"{authn_request}", "http://www.example.com", "abcd") + _dict = parse_qs(htargs["headers"][0][1].split("?")[1]) print(_dict) try: @@ -1320,7 +1317,7 @@ def test_parse_faulty_request_to_err_status(self): assert status print(status) assert _eq(status.keyswv(), ["status_code", "status_message"]) - assert status.status_message.text == 'Not destined for me!' + assert status.status_message.text == "Not destined for me!" status_code = status.status_code assert _eq(status_code.keyswv(), ["status_code", "value"]) assert status_code.value == samlp.STATUS_RESPONDER @@ -1335,9 +1332,8 @@ def test_parse_ok_request(self): print(authn_request) binding = BINDING_HTTP_REDIRECT - htargs = self.client.apply_binding(binding, "%s" % authn_request, - "http://www.example.com", "abcd") - _dict = parse_qs(htargs["headers"][0][1].split('?')[1]) + htargs = self.client.apply_binding(binding, f"{authn_request}", "http://www.example.com", "abcd") + _dict = parse_qs(htargs["headers"][0][1].split("?")[1]) print(_dict) req = self.server.parse_authn_request(_dict["SAMLRequest"][0], binding) @@ -1349,31 +1345,30 @@ def test_parse_ok_request(self): name_id_policy = resp_args["name_id_policy"] assert _eq(name_id_policy.keyswv(), ["format"]) assert name_id_policy.format == saml.NAMEID_FORMAT_TRANSIENT - assert resp_args[ - "sp_entity_id"] == "urn:mace:example.com:saml:roland:sp" + assert resp_args["sp_entity_id"] == "urn:mace:example.com:saml:roland:sp" def test_sso_response_with_identity(self): - name_id = self.server.ident.transient_nameid( - "https://example.com/sp", "id12") + name_id = self.server.ident.transient_nameid("https://example.com/sp", "id12") resp = self.server.create_authn_response( { "eduPersonEntitlement": "Short stop", "sn": "Jeter", "givenName": "Derek", "mail": "derek.jeter@nyy.mlb.com", - "title": "The man" + "title": "The man", }, "id12", # in_response_to "http://localhost:8087/", # destination "https://example.com/sp", # sp_entity_id name_id=name_id, - authn=AUTHN + authn=AUTHN, ) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'assertion', - 'in_response_to', 'issue_instant', - 'version', 'id', 'issuer']) + assert _eq( + resp.keyswv(), + ["status", "destination", "assertion", "in_response_to", "issue_instant", "version", "id", "issuer"], + ) assert resp.destination == "http://localhost:8087/" assert resp.in_response_to == "id12" assert resp.status @@ -1409,19 +1404,20 @@ def test_sso_response_with_identity(self): def test_sso_response_without_identity(self): resp = self.server.create_authn_response( {}, - "id12", # in_response_to - "http://localhost:8087/", # consumer_url - "urn:mace:example.com:saml:roland:sp", # sp_entity_id - userid="USER1", - authn=AUTHN, - release_policy=Policy(), - best_effort=True + "id12", # in_response_to + "http://localhost:8087/", # consumer_url + "urn:mace:example.com:saml:roland:sp", # sp_entity_id + userid="USER1", + authn=AUTHN, + release_policy=Policy(), + best_effort=True, ) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'in_response_to', - 'issue_instant', 'version', 'id', 'issuer', - 'assertion']) + assert _eq( + resp.keyswv(), + ["status", "destination", "in_response_to", "issue_instant", "version", "id", "issuer", "assertion"], + ) assert resp.destination == "http://localhost:8087/" assert resp.in_response_to == "id12" assert resp.status @@ -1435,38 +1431,37 @@ def test_sso_response_specific_instant(self): resp = self.server.create_authn_response( {}, - "id12", # in_response_to - "http://localhost:8087/", # consumer_url - "urn:mace:example.com:saml:roland:sp", # sp_entity_id - userid="USER1", - authn=_authn, - best_effort=True + "id12", # in_response_to + "http://localhost:8087/", # consumer_url + "urn:mace:example.com:saml:roland:sp", # sp_entity_id + userid="USER1", + authn=_authn, + best_effort=True, ) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'in_response_to', - 'issue_instant', 'version', 'id', 'issuer', - 'assertion']) + assert _eq( + resp.keyswv(), + ["status", "destination", "in_response_to", "issue_instant", "version", "id", "issuer", "assertion"], + ) authn_statement = resp.assertion.authn_statement[0] - assert authn_statement.authn_instant == '2009-02-13T23:31:30Z' + assert authn_statement.authn_instant == "2009-02-13T23:31:30Z" def test_sso_failure_response(self): exc = s_utils.MissingValue("eduPersonAffiliation missing") - resp = self.server.create_error_response( - "id12", "http://localhost:8087/", exc) + resp = self.server.create_error_response("id12", "http://localhost:8087/", exc) print(resp.keyswv()) - assert _eq(resp.keyswv(), ['status', 'destination', 'in_response_to', - 'issue_instant', 'version', 'id', 'issuer']) + assert _eq( + resp.keyswv(), ["status", "destination", "in_response_to", "issue_instant", "version", "id", "issuer"] + ) assert resp.destination == "http://localhost:8087/" assert resp.in_response_to == "id12" assert resp.status print(resp.status) assert resp.status.status_code.value == samlp.STATUS_RESPONDER - assert resp.status.status_code.status_code.value == \ - samlp.STATUS_REQUEST_UNSUPPORTED - assert resp.status.status_message.text == \ - "eduPersonAffiliation missing" + assert resp.status.status_code.status_code.value == samlp.STATUS_REQUEST_UNSUPPORTED + assert resp.status.status_message.text == "eduPersonAffiliation missing" assert resp.issuer.text == "urn:mace:example.com:saml:roland:idp" assert not resp.assertion @@ -1475,28 +1470,40 @@ def test_authn_response_0(self): conf.load_file("server_conf") self.client = client.Saml2Client(conf) - ava = {"givenName": ["Derek"], "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": "The man"} + ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} - npolicy = samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT, - allow_create="true") + npolicy = samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT, allow_create="true") resp_str = "%s" % self.server.create_authn_response( - ava, "id1", "http://local:8087/", - "urn:mace:example.com:saml:roland:sp", npolicy, - "foba0001@example.com", authn=AUTHN) + ava, + "id1", + "http://local:8087/", + "urn:mace:example.com:saml:roland:sp", + npolicy, + "foba0001@example.com", + authn=AUTHN, + ) response = samlp.response_from_string(resp_str) print(response.keyswv()) - assert _eq(response.keyswv(), ['status', 'destination', 'assertion', - 'in_response_to', 'issue_instant', - 'version', 'issuer', 'id']) + assert _eq( + response.keyswv(), + ["status", "destination", "assertion", "in_response_to", "issue_instant", "version", "issuer", "id"], + ) print(response.assertion[0].keyswv()) assert len(response.assertion) == 1 - assert _eq(response.assertion[0].keyswv(), ['attribute_statement', - 'issue_instant', 'version', - 'subject', 'conditions', - 'id', 'issuer', - 'authn_statement']) + assert _eq( + response.assertion[0].keyswv(), + [ + "attribute_statement", + "issue_instant", + "version", + "subject", + "conditions", + "id", + "issuer", + "authn_statement", + ], + ) assertion = response.assertion[0] assert len(assertion.attribute_statement) == 1 astate = assertion.attribute_statement[0] @@ -1504,10 +1511,8 @@ def test_authn_response_0(self): assert len(astate.attribute) == 4 def test_signed_response(self): - name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") - ava = {"givenName": ["Derek"], "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": "The man"} + name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") + ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} signed_resp = self.server.create_authn_response( ava, @@ -1515,7 +1520,7 @@ def test_signed_response(self): "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, - sign_assertion=True + sign_assertion=True, ) print(signed_resp) @@ -1532,7 +1537,6 @@ def test_signed_response(self): def test_signed_response_1(self): - signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to @@ -1545,16 +1549,20 @@ def test_signed_response_1(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=sresponse.assertion[0].id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=sresponse.assertion[0].id, + ) assert valid self.verify_assertion(sresponse.assertion) @@ -1572,17 +1580,18 @@ def test_signed_response_2(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid assert sresponse.assertion[0].signature == None def test_signed_response_3(self): - signed_resp = self.server.create_authn_response( self.ava, "id12", # in_response_to @@ -1597,10 +1606,12 @@ def test_signed_response_3(self): assert sresponse.signature == None - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=sresponse.assertion[0].id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=sresponse.assertion[0].id, + ) assert valid self.verify_assertion(sresponse.assertion) @@ -1626,16 +1637,18 @@ def test_encrypted_signed_response_1(self): sresponse = response_from_string(signed_resp) valid = self.server.sec.verify_signature( - signed_resp, self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", node_id=sresponse.id, ) assert valid valid = self.server.sec.verify_signature( - signed_resp, self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", node_id=sresponse.assertion[0].id, ) @@ -1649,16 +1662,14 @@ def test_encrypted_signed_response_1(self): assert resp.assertion[0].advice.encrypted_assertion[0].extension_elements assertion = extension_elements_to_elements( - resp.assertion[0].advice.encrypted_assertion[0].extension_elements, - [saml, samlp]) + resp.assertion[0].advice.encrypted_assertion[0].extension_elements, [saml, samlp] + ) self.verify_assertion(assertion) - - - #PEFIM never signs assertions. + # PEFIM never signs assertions. assert assertion[0].signature is None - #valid = self.server.sec.verify_signature(decr_text, + # valid = self.server.sec.verify_signature(decr_text, # self.server.config.cert_file, # node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', # node_id=assertion[0].id) @@ -1681,13 +1692,15 @@ def test_encrypted_signed_response_2(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid - decr_text_old = copy.deepcopy("%s" % signed_resp) + decr_text_old = copy.deepcopy(f"{signed_resp}") with raises(DecryptError): decr_text = self.server.sec.decrypt( @@ -1707,7 +1720,6 @@ def test_encrypted_signed_response_2(self): self.verify_assertion(resp.assertion) - def test_encrypted_signed_response_3(self): cert_str, cert_key_str = generate_cert() @@ -1726,10 +1738,12 @@ def test_encrypted_signed_response_3(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid key_fd = make_temp(cert_key_str, decode=False) @@ -1739,17 +1753,18 @@ def test_encrypted_signed_response_3(self): resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp]) - valid = self.server.sec.verify_signature(decr_text, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=resp.assertion[0].id) + valid = self.server.sec.verify_signature( + decr_text, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=resp.assertion[0].id, + ) assert valid self.verify_assertion(resp.assertion) - assert 'xmlns:encas' not in decr_text - + assert "xmlns:encas" not in decr_text def test_encrypted_signed_response_4(self): @@ -1771,10 +1786,12 @@ def test_encrypted_signed_response_4(self): sresponse = response_from_string(signed_resp) - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid decr_text = self.server.sec.decrypt(signed_resp, self.client.config.encryption_keypairs[1]["key_file"]) @@ -1783,10 +1800,12 @@ def test_encrypted_signed_response_4(self): resp.assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp]) - valid = self.server.sec.verify_signature(decr_text, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=resp.assertion[0].id) + valid = self.server.sec.verify_signature( + decr_text, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=resp.assertion[0].id, + ) assert valid @@ -1796,13 +1815,14 @@ def test_encrypted_signed_response_4(self): resp = samlp.response_from_string(decr_text) assertion = extension_elements_to_elements(resp.encrypted_assertion[0].extension_elements, [saml, samlp]) - assertion = \ - extension_elements_to_elements(assertion[0].advice.encrypted_assertion[0].extension_elements,[saml, samlp]) + assertion = extension_elements_to_elements( + assertion[0].advice.encrypted_assertion[0].extension_elements, [saml, samlp] + ) self.verify_assertion(assertion) - #PEFIM never signs assertion in advice + # PEFIM never signs assertion in advice assert assertion[0].signature is None - #valid = self.server.sec.verify_signature(decr_text, + # valid = self.server.sec.verify_signature(decr_text, # self.server.config.cert_file, # node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', # node_id=assertion[0].id) @@ -1825,7 +1845,7 @@ def test_encrypted_response_1(self): encrypt_cert_advice=cert_str_advice, ) - _resp = "%s" % _resp + _resp = f"{_resp}" sresponse = response_from_string(_resp) @@ -1885,7 +1905,7 @@ def test_encrypted_response_3(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=False, - encrypt_cert_assertion=cert_str_assertion + encrypt_cert_assertion=cert_str_assertion, ) sresponse = response_from_string(_resp) @@ -1942,10 +1962,10 @@ def test_encrypted_response_5(self): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - pefim=True + pefim=True, ) - _resp = "%s" % _resp + _resp = f"{_resp}" sresponse = response_from_string(_resp) @@ -1976,7 +1996,7 @@ def test_encrypted_response_6(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice=cert_str_advice, - encrypt_cert_assertion=cert_str_assertion + encrypt_cert_assertion=cert_str_assertion, ) sresponse = response_from_string(_resp) @@ -2006,7 +2026,7 @@ def test_encrypted_response_7(self): sign_assertion=False, encrypt_assertion=True, encrypt_assertion_self_contained=True, - pefim=True + pefim=True, ) sresponse = response_from_string(_resp) @@ -2037,7 +2057,7 @@ def test_encrypted_response_8(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice="whatever", - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) assert False, "Must throw an exception" except EncryptError as ex: @@ -2077,7 +2097,7 @@ def test_encrypted_response_8(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=False, - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) assert False, "Must throw an exception" except EncryptError as ex: @@ -2100,7 +2120,7 @@ def test_encrypted_response_8(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_advice="whatever", - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) assert False, "Must throw an exception" except CertificateError as ex: @@ -2140,7 +2160,7 @@ def test_encrypted_response_8(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, encrypted_advice_attributes=False, - encrypt_cert_assertion="whatever" + encrypt_cert_assertion="whatever", ) assert False, "Must throw an exception" except CertificateError as ex: @@ -2176,7 +2196,7 @@ def test_encrypted_response_9(self): sign_assertion=False, encrypt_assertion=False, encrypt_assertion_self_contained=True, - pefim=True + pefim=True, ) self.verify_assertion(_resp.assertion.advice.assertion) @@ -2196,7 +2216,6 @@ def test_encrypted_response_9(self): self.verify_assertion([_resp.assertion]) - def test_slo_http_post(self): soon = time_util.in_a_while(days=1) sinfo = { @@ -2206,18 +2225,20 @@ def test_slo_http_post(self): "user": { "givenName": "Leo", "sn": "Laport", - } + }, } self.client.users.add_information_about_person(sinfo) req_id, logout_request = self.client.create_logout_request( - destination="http://localhost:8088/slop", name_id=nid, + destination="http://localhost:8088/slop", + name_id=nid, issuer_entity_id="urn:mace:example.com:saml:roland:idp", - reason="I'm tired of this") + reason="I'm tired of this", + ) - intermed = base64.b64encode(str(logout_request).encode('utf-8')) + intermed = base64.b64encode(str(logout_request).encode("utf-8")) - #saml_soap = make_soap_enveloped_saml_thingy(logout_request) + # saml_soap = make_soap_enveloped_saml_thingy(logout_request) request = self.server.parse_logout_request(intermed, BINDING_HTTP_POST) assert request @@ -2230,18 +2251,20 @@ def test_slo_soap(self): "user": { "givenName": "Leo", "sn": "Laport", - } + }, } sp = client.Saml2Client(config_file="server_conf") sp.users.add_information_about_person(sinfo) req_id, logout_request = sp.create_logout_request( - name_id=nid, destination="http://localhost:8088/slo", + name_id=nid, + destination="http://localhost:8088/slo", issuer_entity_id="urn:mace:example.com:saml:roland:idp", - reason="I'm tired of this") + reason="I'm tired of this", + ) - #_ = s_utils.deflate_and_base64_encode("%s" % (logout_request,)) + # _ = s_utils.deflate_and_base64_encode("%s" % (logout_request,)) saml_soap = make_soap_enveloped_saml_thingy(logout_request) self.server.ident.close() @@ -2269,16 +2292,19 @@ def test_slo_soap_signed(self): "user": { "givenName": "Leo", "sn": "Laport", - } + }, } sp = client.Saml2Client(config_file="server_conf") sp.users.add_information_about_person(sinfo) req_id, logout_request = sp.create_logout_request( - name_id=nid, destination="http://localhost:8088/slo", + name_id=nid, + destination="http://localhost:8088/slo", issuer_entity_id="urn:mace:example.com:saml:roland:idp", - reason="I'm tired of this", sign=True, sign_alg=ds.SIG_RSA_SHA512, + reason="I'm tired of this", + sign=True, + sign_alg=ds.SIG_RSA_SHA512, digest_alg=ds.DIGEST_SHA512, ) @@ -2309,12 +2335,16 @@ def test_slo_soap_signed(self): # ------------------------------------------------------------------------ -IDENTITY = {"eduPersonAffiliation": ["staff", "member"], - "sn": ["Jeter"], "givenName": ["Derek"], - "mail": ["foo@gmail.com"], "title": "The man"} +IDENTITY = { + "eduPersonAffiliation": ["staff", "member"], + "sn": ["Jeter"], + "givenName": ["Derek"], + "mail": ["foo@gmail.com"], + "title": "The man", +} -class TestServer2(): +class TestServer2: def setup_class(self): self.server = Server("restrictive_idp_conf") @@ -2325,8 +2355,8 @@ def test_do_attribute_reponse(self): aa_policy = self.server.config.getattr("policy", "idp") print(aa_policy.__dict__) response = self.server.create_attribute_response( - IDENTITY.copy(), "aaa", "http://example.com/sp/", - "http://www.example.com/roland/sp") + IDENTITY.copy(), "aaa", "http://example.com/sp/", "http://www.example.com/roland/sp" + ) assert response is not None assert response.destination == "http://example.com/sp/" @@ -2338,7 +2368,7 @@ def test_do_attribute_reponse(self): assertion = response.assertion assert assertion.version == "2.0" subject = assertion.subject - #assert subject.name_id.format == saml.NAMEID_FORMAT_TRANSIENT + # assert subject.name_id.format == saml.NAMEID_FORMAT_TRANSIENT assert subject.subject_confirmation subject_conf = subject.subject_confirmation[0] assert subject_conf.subject_confirmation_data.in_response_to == "aaa" @@ -2357,7 +2387,7 @@ def _logout_request(conf_file): "user": { "givenName": "Leo", "sn": "Laport", - } + }, } sp.users.add_information_about_person(sinfo) @@ -2365,10 +2395,11 @@ def _logout_request(conf_file): name_id=nid, destination="http://localhost:8088/slo", issuer_entity_id="urn:mace:example.com:saml:roland:idp", - reason="I'm tired of this") + reason="I'm tired of this", + ) -class TestServerLogout(): +class TestServerLogout: def test_1(self): with closing(Server("idp_slo_redirect_conf")) as server: req_id, request = _logout_request("sp_slo_redirect_conf") @@ -2376,18 +2407,14 @@ def test_1(self): bindings = [BINDING_HTTP_REDIRECT] response = server.create_logout_response(request, bindings) - binding, destination = server.pick_binding( - "single_logout_service", bindings, "spsso", request - ) - http_args = server.apply_binding( - binding, "%s" % response, destination, "relay_state", response=True - ) + binding, destination = server.pick_binding("single_logout_service", bindings, "spsso", request) + http_args = server.apply_binding(binding, f"{response}", destination, "relay_state", response=True) assert len(http_args) == 5 assert http_args["headers"][0][0] == "Location" assert http_args["data"] == [] assert http_args["status"] == 303 - assert http_args['url'] == 'http://lingon.catalogix.se:8087/sloresp' + assert http_args["url"] == "http://lingon.catalogix.se:8087/sloresp" def test_2(self): with closing(Server("idp_slo_redirect_conf")) as server: @@ -2396,18 +2423,14 @@ def test_2(self): bindings = [BINDING_HTTP_POST] response = server.create_logout_response(request, bindings) - binding, destination = server.pick_binding( - "single_logout_service", bindings, "spsso", request - ) - http_args = server.apply_binding( - binding, "%s" % response, destination, "relay_state", response=True - ) + binding, destination = server.pick_binding("single_logout_service", bindings, "spsso", request) + http_args = server.apply_binding(binding, f"{response}", destination, "relay_state", response=True) assert len(http_args) == 5 assert len(http_args["data"]) > 0 assert http_args["method"] == "POST" - assert http_args['url'] == 'http://lingon.catalogix.se:8087/slo' - assert http_args['status'] == 200 + assert http_args["url"] == "http://lingon.catalogix.se:8087/slo" + assert http_args["status"] == 200 if __name__ == "__main__": diff --git a/tests/test_51_client.py b/tests/test_51_client.py index a323de793..e1eb85ecb 100644 --- a/tests/test_51_client.py +++ b/tests/test_51_client.py @@ -1,63 +1,64 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -from base64 import encodebytes as b64encode from base64 import decodebytes as b64decode +from base64 import encodebytes as b64encode +from urllib import parse import uuid -import six -from six.moves.urllib import parse + +from defusedxml.common import EntitiesForbidden +from fakeIDP import FakeIDP +from fakeIDP import unpack_form +from pathutils import full_path from pytest import raises -from saml2.argtree import add_path -from saml2.cert import OpenSSLWrapper -from saml2.xmldsig import sig_default -from saml2.xmldsig import SIG_RSA_SHA256 -from saml2.xmldsig import SIG_RSA_SHA1 from saml2 import BINDING_HTTP_POST from saml2 import BINDING_HTTP_REDIRECT -from saml2 import config +from saml2 import VERSION from saml2 import class_name +from saml2 import config from saml2 import extension_elements_to_elements +from saml2 import s_utils from saml2 import saml from saml2 import samlp from saml2 import sigver -from saml2 import s_utils -from saml2 import VERSION +from saml2.argtree import add_path from saml2.assertion import Assertion -from saml2.extension.requested_attributes import RequestedAttributes -from saml2.extension.requested_attributes import RequestedAttribute - from saml2.authn_context import INTERNETPROTOCOLPASSWORD +from saml2.cert import OpenSSLWrapper from saml2.client import Saml2Client +from saml2.extension.requested_attributes import RequestedAttribute +from saml2.extension.requested_attributes import RequestedAttributes from saml2.pack import parse_soap_enveloped_saml -from saml2.response import LogoutResponse, StatusInvalidNameidPolicy, StatusError from saml2.response import IncorrectlySigned -from saml2.saml import NAMEID_FORMAT_PERSISTENT, EncryptedAssertion, Advice +from saml2.response import LogoutResponse +from saml2.response import StatusError +from saml2.response import StatusInvalidNameidPolicy +from saml2.s_utils import do_attribute_statement +from saml2.s_utils import factory +from saml2.s_utils import sid +from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import Advice +from saml2.saml import EncryptedAssertion from saml2.saml import NameID from saml2.samlp import SessionIndex from saml2.server import Server -from saml2.sigver import pre_encryption_part, pre_encrypt_assertion +from saml2.sigver import SignatureError +from saml2.sigver import SigverError +from saml2.sigver import pre_encrypt_assertion +from saml2.sigver import pre_encryption_part from saml2.sigver import rm_xmltag from saml2.sigver import verify_redirect_signature -from saml2.sigver import SignatureError, SigverError -from saml2.s_utils import do_attribute_statement -from saml2.s_utils import factory -from saml2.s_utils import sid -from saml2.time_util import in_a_while from saml2.time_util import a_while_ago +from saml2.time_util import in_a_while from saml2.time_util import instant +from saml2.xmldsig import SIG_RSA_SHA1 +from saml2.xmldsig import SIG_RSA_SHA256 +from saml2.xmldsig import sig_default -from defusedxml.common import EntitiesForbidden -from fakeIDP import FakeIDP -from fakeIDP import unpack_form -from pathutils import full_path +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} def response_factory(**kwargs): response = samlp.Response(id=sid(), version=VERSION, issue_instant=instant()) @@ -67,6 +68,7 @@ def response_factory(**kwargs): return response + def generate_cert(): sn = uuid.uuid4().urn cert_info = { @@ -75,30 +77,23 @@ def generate_cert(): "state": "ac", "city": "Umea", "organization": "ITS", - "organization_unit": "DIRG" + "organization_unit": "DIRG", } osw = OpenSSLWrapper() - ca_cert_str = osw.read_str_from_file( - full_path("root_cert/localhost.ca.crt")) - ca_key_str = osw.read_str_from_file( - full_path("root_cert/localhost.ca.key")) - req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True, - sn=sn, key_length=2048) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str) + ca_cert_str = osw.read_str_from_file(full_path("root_cert/localhost.ca.crt")) + ca_key_str = osw.read_str_from_file(full_path("root_cert/localhost.ca.key")) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True, sn=sn, key_length=2048) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str) return cert_str, req_key_str def add_subelement(xmldoc, node_name, subelem): - if six.PY2: - _str = unicode - else: - _str = str + _str = str s = xmldoc.find(node_name) if s > 0: x = xmldoc.rindex("<", 0, s) - tag = xmldoc[x + 1:s - 1] + tag = xmldoc[x + 1 : s - 1] c = s + len(node_name) spaces = "" while xmldoc[c] == " ": @@ -106,12 +101,12 @@ def add_subelement(xmldoc, node_name, subelem): c += 1 # Sometimes we get an xml header, sometimes we don't. subelem_str = _str(subelem) - if subelem_str[0:5].lower() == '" % (tag, node_name, spaces), - "<%s:%s%s>%s" % (tag, node_name, spaces, subelem_str, tag, - node_name)) + f"<{tag}:{node_name}{spaces}/>", + f"<{tag}:{node_name}{spaces}>{subelem_str}", + ) return xmldoc @@ -138,7 +133,8 @@ def _leq(l1, l2): return set(l1) == set(l2) -REQ1 = {"1.2.14": """ +REQ1 = { + "1.2.14": """ E8042FB4-4D5B-48C3-8E14-8EDD852790DD""", - "1.2.16": """ + "1.2.16": """ E8042FB4-4D5B-48C3-8E14-8EDD852790DD"""} +>""", +} -nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, - text="123456") +nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="123456") def list_values2simpletons(_dict): - return dict([(k, v[0]) for k, v in _dict.items()]) + return {k: v[0] for k, v in _dict.items()} class TestClient: @@ -185,8 +181,9 @@ def test_create_attribute_query1(self): "https://idp.example.com/idp/", "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", format=saml.NAMEID_FORMAT_PERSISTENT, - message_id="id1") - reqstr = "%s" % req.to_string().decode() + message_id="id1", + ) + reqstr = f"{req.to_string().decode()}" assert req.destination == "https://idp.example.com/idp/" assert req.id == "id1" @@ -200,8 +197,7 @@ def test_create_attribute_query1(self): attrq = samlp.attribute_query_from_string(reqstr) - assert _leq(attrq.keyswv(), ['destination', 'subject', 'issue_instant', - 'version', 'id', 'issuer']) + assert _leq(attrq.keyswv(), ["destination", "subject", "issue_instant", "version", "id", "issuer"]) assert attrq.destination == req.destination assert attrq.id == req.id @@ -216,17 +212,13 @@ def test_create_attribute_query2(self): "https://idp.example.com/idp/", "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", attribute={ - ("urn:oid:2.5.4.42", - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - "givenName"): None, - ("urn:oid:2.5.4.4", - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - "surname"): None, - ("urn:oid:1.2.840.113549.1.9.1", - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"): None, + ("urn:oid:2.5.4.42", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "givenName"): None, + ("urn:oid:2.5.4.4", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "surname"): None, + ("urn:oid:1.2.840.113549.1.9.1", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"): None, }, format=saml.NAMEID_FORMAT_PERSISTENT, - message_id="id1") + message_id="id1", + ) assert req.destination == "https://idp.example.com/idp/" assert req.id == "id1" @@ -259,11 +251,11 @@ def test_create_attribute_query_3(self): "https://aai-demo-idp.switch.ch/idp/shibboleth", "_e7b68a04488f715cda642fbdd90099f5", format=NAMEID_FORMAT_TRANSIENT, - message_id="id1") + message_id="id1", + ) assert isinstance(req, samlp.AttributeQuery) - assert req.destination == "https://aai-demo-idp.switch" \ - ".ch/idp/shibboleth" + assert req.destination == "https://aai-demo-idp.switch" ".ch/idp/shibboleth" assert req.id == "id1" assert req.version == "2.0" assert req.issue_instant @@ -273,15 +265,17 @@ def test_create_attribute_query_3(self): assert nameid.text == "_e7b68a04488f715cda642fbdd90099f5" def test_create_auth_request_0(self): - ar_str = "%s" % self.client.create_authn_request( - "http://www.example.com/sso", - message_id="id1", - nameid_format=NAMEID_FORMAT_TRANSIENT, - )[1] + ar_str = ( + "%s" + % self.client.create_authn_request( + "http://www.example.com/sso", + message_id="id1", + nameid_format=NAMEID_FORMAT_TRANSIENT, + )[1] + ) ar = samlp.authn_request_from_string(ar_str) - assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" - ".se:8087/") + assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" ".se:8087/") assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" @@ -300,44 +294,32 @@ def test_create_auth_request_0(self): for c in node_requested_attributes.children: assert c.tag == RequestedAttribute.c_tag - assert c.attributes['isRequired'] in ['true', 'false'] - assert c.attributes['Name'] - assert c.attributes['FriendlyName'] - assert c.attributes['NameFormat'] + assert c.attributes["isRequired"] in ["true", "false"] + assert c.attributes["Name"] + assert c.attributes["FriendlyName"] + assert c.attributes["NameFormat"] def test_create_auth_request_requested_attributes(self): req_attr = [{"friendly_name": "eduPersonOrgUnitDN", "required": True}] ar_id, ar = self.client.create_authn_request( - "http://www.example.com/sso", - message_id="id1", - requested_attributes=req_attr + "http://www.example.com/sso", message_id="id1", requested_attributes=req_attr ) - req_attrs_nodes = ( - e - for e in ar.extensions.extension_elements - if e.tag == RequestedAttributes.c_tag - ) + req_attrs_nodes = (e for e in ar.extensions.extension_elements if e.tag == RequestedAttributes.c_tag) req_attrs_node = next(req_attrs_nodes, None) assert req_attrs_node is not None - attrs = ( - child - for child in req_attrs_node.children - if child.friendly_name == "eduPersonOrgUnitDN" - ) + attrs = (child for child in req_attrs_node.children if child.friendly_name == "eduPersonOrgUnitDN") attr = next(attrs, None) assert attr is not None assert attr.c_tag == RequestedAttribute.c_tag - assert attr.is_required == 'true' - assert attr.name == 'urn:mace:dir:attribute-def:eduPersonOrgUnitDN' - assert attr.friendly_name == 'eduPersonOrgUnitDN' - assert attr.name_format == 'urn:oasis:names:tc:SAML:2.0:attrname-format:basic' + assert attr.is_required == "true" + assert attr.name == "urn:mace:dir:attribute-def:eduPersonOrgUnitDN" + assert attr.friendly_name == "eduPersonOrgUnitDN" + assert attr.name_format == "urn:oasis:names:tc:SAML:2.0:attrname-format:basic" def test_create_auth_request_unset_force_authn_by_default(self): - req_id, req = self.client.create_authn_request( - "http://www.example.com/sso", sign=False, message_id="id1" - ) + req_id, req = self.client.create_authn_request("http://www.example.com/sso", sign=False, message_id="id1") assert req.force_authn is None def test_create_auth_request_set_force_authn_not_true_or_1(self): @@ -371,12 +353,10 @@ def test_create_auth_request_nameid_policy_allow_create(self): conf = config.SPConfig() conf.load_file("sp_conf_nameidpolicy") client = Saml2Client(conf) - ar_str = "%s" % client.create_authn_request( - "http://www.example.com/sso", message_id="id1")[1] + ar_str = f"{client.create_authn_request('http://www.example.com/sso', message_id='id1')[1]}" ar = samlp.authn_request_from_string(ar_str) - assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" - ".se:8087/") + assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" ".se:8087/") assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" @@ -387,19 +367,21 @@ def test_create_auth_request_nameid_policy_allow_create(self): assert nid_policy.format == saml.NAMEID_FORMAT_PERSISTENT def test_create_auth_request_vo(self): - assert list(self.client.config.vorg.keys()) == [ - "urn:mace:example.com:it:tek"] - - ar_str = "%s" % self.client.create_authn_request( - "http://www.example.com/sso", - "urn:mace:example.com:it:tek", # vo - nameid_format=NAMEID_FORMAT_PERSISTENT, - message_id="666")[1] + assert list(self.client.config.vorg.keys()) == ["urn:mace:example.com:it:tek"] + + ar_str = ( + "%s" + % self.client.create_authn_request( + "http://www.example.com/sso", + "urn:mace:example.com:it:tek", # vo + nameid_format=NAMEID_FORMAT_PERSISTENT, + message_id="666", + )[1] + ) ar = samlp.authn_request_from_string(ar_str) assert ar.id == "666" - assert ar.assertion_consumer_service_url == "http://lingon.catalogix" \ - ".se:8087/" + assert ar.assertion_consumer_service_url == "http://lingon.catalogix" ".se:8087/" assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" @@ -411,10 +393,9 @@ def test_create_auth_request_vo(self): assert nid_policy.sp_name_qualifier == "urn:mace:example.com:it:tek" def test_sign_auth_request_0(self): - req_id, areq = self.client.create_authn_request( - "http://www.example.com/sso", sign=True, message_id="id1") + req_id, areq = self.client.create_authn_request("http://www.example.com/sso", sign=True, message_id="id1") - ar_str = "%s" % areq + ar_str = f"{areq}" ar = samlp.authn_request_from_string(ar_str) assert ar @@ -426,46 +407,50 @@ def test_sign_auth_request_0(self): assert signed_info.reference[0].digest_value try: assert self.client.sec.correctly_signed_authn_request( - ar_str, self.client.config.xmlsec_binary, - self.client.config.metadata) + ar_str, self.client.config.xmlsec_binary, self.client.config.metadata + ) except Exception: # missing certificate self.client.sec.verify_signature(ar_str, node_name=class_name(ar)) def test_logout_response(self): req_id, req = self.server.create_logout_request( - "http://localhost:8088/slo", "urn:mace:example.com:saml:roland:sp", - name_id=nid, reason="Tired", expire=in_a_while(minutes=15), - session_indexes=["_foo"]) + "http://localhost:8088/slo", + "urn:mace:example.com:saml:roland:sp", + name_id=nid, + reason="Tired", + expire=in_a_while(minutes=15), + session_indexes=["_foo"], + ) - info = self.client.apply_binding( - BINDING_HTTP_REDIRECT, req, destination="", - relay_state="relay2") - loc = info["headers"][0][1] - qs = parse.parse_qs(loc[1:]) - samlreq = qs['SAMLRequest'][0] - resphttp = self.client.handle_logout_request(samlreq, nid, - BINDING_HTTP_REDIRECT) - _dic = unpack_form(resphttp['data'], "SAMLResponse") - xml = b64decode(_dic['SAMLResponse'].encode('UTF-8')) + info = self.client.apply_binding(BINDING_HTTP_POST, req, destination="", relay_state="relay2") + _dic_info = unpack_form(info["data"], "SAMLRequest") + samlreq = _dic_info["SAMLRequest"] + + resphttp = self.client.handle_logout_request(samlreq, nid, BINDING_HTTP_POST) + _dic = unpack_form(resphttp["data"], "SAMLResponse") + xml = b64decode(_dic["SAMLResponse"].encode("UTF-8")) # Signature found - assert xml.decode('UTF-8').find(r"Signature") > 0 + assert xml.decode("UTF-8").find(r"Signature") > 0 # Try again with logout_responses_signed=False self.client.logout_responses_signed = False - resphttp = self.client.handle_logout_request(samlreq, nid, - BINDING_HTTP_REDIRECT) - _dic = unpack_form(resphttp['data'], "SAMLResponse") - xml = b64decode(_dic['SAMLResponse'].encode('UTF-8')) + resphttp = self.client.handle_logout_request(samlreq, nid, BINDING_HTTP_POST) + _dic = unpack_form(resphttp["data"], "SAMLResponse") + xml = b64decode(_dic["SAMLResponse"].encode("UTF-8")) # Signature not found - assert xml.decode('UTF-8').find(r"Signature") < 0 + assert xml.decode("UTF-8").find(r"Signature") < 0 def test_create_logout_request(self): req_id, req = self.client.create_logout_request( - "http://localhost:8088/slo", "urn:mace:example.com:saml:roland:idp", - name_id=nid, reason="Tired", expire=in_a_while(minutes=15), - session_indexes=["_foo"]) + "http://localhost:8088/slo", + "urn:mace:example.com:saml:roland:idp", + name_id=nid, + reason="Tired", + expire=in_a_while(minutes=15), + session_indexes=["_foo"], + ) assert req.destination == "http://localhost:8088/slo" assert req.reason == "Tired" @@ -477,11 +462,9 @@ def test_create_logout_request(self): def test_response_1(self): IDP = "urn:mace:example.com:saml:roland:idp" - ava = {"givenName": ["Derek"], "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} + ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) resp = self.server.create_authn_response( identity=ava, @@ -491,25 +474,28 @@ def test_response_1(self): name_id_policy=nameid_policy, sign_response=True, userid="foba0001@example.com", - authn=AUTHN) + authn=AUTHN, + ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) assert authn_response is not None assert authn_response.issuer() == IDP assert authn_response.response.assertion[0].issuer.text == IDP session_info = authn_response.session_info() - assert session_info["ava"] == {'mail': ['derek@nyy.mlb.com'], - 'givenName': ['Derek'], - 'sn': ['Jeter'], - 'title': ["The man"]} + assert session_info["ava"] == { + "mail": ["derek@nyy.mlb.com"], + "givenName": ["Derek"], + "sn": ["Jeter"], + "title": ["The man"], + } assert session_info["issuer"] == IDP assert session_info["came_from"] == "http://foo.example.com/service" response = samlp.response_from_string(authn_response.xmlstr) @@ -524,8 +510,7 @@ def test_response_1(self): # --- authenticate another person - ava = {"givenName": ["Alfonson"], "sn": ["Soriano"], - "mail": ["alfonson@chc.mlb.com"], "title": ["outfielder"]} + ava = {"givenName": ["Alfonson"], "sn": ["Soriano"], "mail": ["alfonson@chc.mlb.com"], "title": ["outfielder"]} resp_str = "%s" % self.server.create_authn_response( identity=ava, @@ -535,18 +520,16 @@ def test_response_1(self): sign_response=True, name_id_policy=nameid_policy, userid="also0001@example.com", - authn=AUTHN) + authn=AUTHN, + ) resp_str = b64encode(resp_str.encode()) - self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id2": "http://foo.example.com/service"}) + self.client.parse_authn_request_response(resp_str, BINDING_HTTP_POST, {"id2": "http://foo.example.com/service"}) # Two persons in the cache assert len(self.client.users.subjects()) == 2 - issuers = [self.client.users.issuers_of_info(s) for s in - self.client.users.subjects()] + issuers = [self.client.users.issuers_of_info(s) for s in self.client.users.subjects()] # The information I have about the subjects comes from the same source assert issuers == [[IDP], [IDP]] @@ -559,14 +542,9 @@ def test_response_2(self): cert_str, cert_key_str = generate_cert() - cert = \ - { - "cert": cert_str, - "key": cert_key_str - } + cert = {"cert": cert_str, "key": cert_key_str} - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -581,16 +559,16 @@ def test_response_2(self): encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, - encrypt_cert_advice=cert_str + encrypt_cert_advice=cert_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}, {"id1": cert}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, {"id1": cert} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -601,8 +579,7 @@ def test_response_3(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -619,13 +596,13 @@ def test_response_3(self): pefim=True, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -636,8 +613,7 @@ def test_response_4(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -654,13 +630,13 @@ def test_response_4(self): pefim=True, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -671,16 +647,11 @@ def test_response_5(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() - cert = \ - { - "cert": cert_str, - "key": cert_key_str - } + cert = {"cert": cert_str, "key": cert_key_str} resp = self.server.create_authn_response( identity=ava, @@ -695,16 +666,16 @@ def test_response_5(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, - encrypt_cert_assertion=cert_str + encrypt_cert_assertion=cert_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}, {"id1": cert}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, {"id1": cert} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -715,24 +686,15 @@ def test_response_6(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_assertion_str, cert_key_assertion_str = generate_cert() - cert_assertion = \ - { - "cert": cert_assertion_str, - "key": cert_key_assertion_str - } + cert_assertion = {"cert": cert_assertion_str, "key": cert_key_assertion_str} cert_advice_str, cert_key_advice_str = generate_cert() - cert_advice = \ - { - "cert": cert_advice_str, - "key": cert_key_advice_str - } + cert_advice = {"cert": cert_advice_str, "key": cert_key_advice_str} resp = self.server.create_authn_response( identity=ava, @@ -748,17 +710,19 @@ def test_response_6(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_assertion=cert_assertion_str, - encrypt_cert_advice=cert_advice_str + encrypt_cert_advice=cert_advice_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, + resp_str, + BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, - {"id1": [cert_assertion, cert_advice]}) + {"id1": [cert_assertion, cert_advice]}, + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -769,8 +733,7 @@ def test_response_7(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -787,13 +750,13 @@ def test_response_7(self): encrypted_advice_attributes=True, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -804,16 +767,11 @@ def test_response_8(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() - cert = \ - { - "cert": cert_str, - "key": cert_key_str - } + cert = {"cert": cert_str, "key": cert_key_str} resp = self.server.create_authn_response( identity=ava, @@ -827,21 +785,21 @@ def test_response_8(self): sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - encrypt_cert_assertion=cert_str + encrypt_cert_assertion=cert_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}, {"id1": cert}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, {"id1": cert} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) def test_response_no_name_id(self): - """ Test that the SP client can parse an authentication response + """Test that the SP client can parse an authentication response from an IdP that does not contain a element.""" conf = config.SPConfig() @@ -850,9 +808,7 @@ def test_response_no_name_id(self): # Use the same approach as the other tests for mocking up # an authentication response to parse. - idp, ava, ava_verify, nameid_policy = ( - self.setup_verify_authn_response() - ) + idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() # Mock up an authentication response but do not encrypt it # nor sign it since below we will modify it directly. Note that @@ -869,7 +825,7 @@ def test_response_no_name_id(self): sign_response=False, sign_assertion=False, encrypt_assertion=False, - encrypt_assertion_self_contained=False + encrypt_assertion_self_contained=False, ) # The create_authn_response method above will return an instance @@ -891,20 +847,17 @@ def test_response_no_name_id(self): # Parse the authentication response that does not include a . authn_response = client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) # A successful test is parsing the response. assert authn_response is not None def setup_verify_authn_response(self): idp = "urn:mace:example.com:saml:roland:idp" - ava = {"givenName": ["Derek"], "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} - ava_verify = {'mail': ['derek@nyy.mlb.com'], 'givenName': ['Derek'], - 'sn': ['Jeter'], 'title': ["The man"]} - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} + ava_verify = {"mail": ["derek@nyy.mlb.com"], "givenName": ["Derek"], "sn": ["Jeter"], "title": ["The man"]} + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) return idp, ava, ava_verify, nameid_policy def verify_authn_response(self, idp, authn_response, _client, ava_verify): @@ -929,7 +882,7 @@ def test_init_values(self): entityid = self.client.config.entityid assert entityid == "urn:mace:example.com:saml:roland:sp" location = self.client._sso_location() - assert location == 'http://localhost:8088/sso' + assert location == "http://localhost:8088/sso" my_name = self.client._my_name() assert my_name == "urn:mace:example.com:saml:roland:sp" @@ -938,10 +891,7 @@ def test_sign_then_encrypt_assertion(self): _sec = self.server.sec assertion = s_utils.assertion_factory( - subject=factory(saml.Subject, text="_aaa", - name_id=factory( - saml.NameID, - format=NAMEID_FORMAT_TRANSIENT)), + subject=factory(saml.Subject, text="_aaa", name_id=factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT)), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), @@ -951,12 +901,11 @@ def test_sign_then_encrypt_assertion(self): issuer=self.server._issuer(), ) - assertion.signature = sigver.pre_signature_part( - assertion.id, _sec.my_cert, 1) + assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) - sigass = _sec.sign_statement(assertion, class_name(assertion), - key_file=full_path("test.key"), - node_id=assertion.id) + sigass = _sec.sign_statement( + assertion, class_name(assertion), key_file=full_path("test.key"), node_id=assertion.id + ) # Create an Assertion instance from the signed assertion _ass = saml.assertion_from_string(sigass) @@ -965,7 +914,7 @@ def test_sign_then_encrypt_assertion(self): destination="https:#www.example.com", status=s_utils.success_status_factory(), issuer=self.server._issuer(), - assertion=_ass + assertion=_ass, ) enctext = _sec.crypto.encrypt_assertion( @@ -985,14 +934,10 @@ def test_sign_then_encrypt_assertion(self): sign_cert_file = full_path("test.pem") for enc_ass in seresp.encrypted_assertion: - assers = extension_elements_to_elements( - enc_ass.extension_elements, [saml, samlp]) + assers = extension_elements_to_elements(enc_ass.extension_elements, [saml, samlp]) for ass in assers: if ass.signature: - if not _csec.verify_signature("%s" % ass, - sign_cert_file, - node_name=class_name( - ass)): + if not _csec.verify_signature(f"{ass}", sign_cert_file, node_name=class_name(ass)): continue resp_ass.append(ass) @@ -1005,22 +950,18 @@ def test_sign_then_encrypt_assertion2(self): # Begin with the IdPs side _sec = self.server.sec - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Derek", "sn": "Jeter"}) - farg = add_path( - {}, - ['assertion', 'subject', 'subject_confirmation', 'method', - saml.SCM_BEARER]) + farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', - '_012345']) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "in_response_to", "_012345"], + ) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', - "http://lingon.catalogix.se:8087/"]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], + ) assertion = asser.construct( self.client.config.entityid, @@ -1030,15 +971,14 @@ def test_sign_then_encrypt_assertion2(self): issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", - farg=farg['assertion'] + farg=farg["assertion"], ) - assertion.signature = sigver.pre_signature_part( - assertion.id, _sec.my_cert, 1) + assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) - sigass = _sec.sign_statement(assertion, class_name(assertion), - key_file=self.client.sec.key_file, - node_id=assertion.id) + sigass = _sec.sign_statement( + assertion, class_name(assertion), key_file=self.client.sec.key_file, node_id=assertion.id + ) sigass = rm_xmltag(sigass) response = response_factory( @@ -1046,18 +986,17 @@ def test_sign_then_encrypt_assertion2(self): destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), issuer=self.server._issuer(), - encrypted_assertion=EncryptedAssertion() + encrypted_assertion=EncryptedAssertion(), ) - xmldoc = "%s" % response + xmldoc = f"{response}" # strangely enough I get different tags if I run this test separately # or as part of a bunch of tests. xmldoc = add_subelement(xmldoc, "EncryptedAssertion", sigass) - enctext = _sec.crypto.encrypt_assertion(xmldoc, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part()) + enctext = _sec.crypto.encrypt_assertion( + xmldoc, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part() + ) # seresp = samlp.response_from_string(enctext) @@ -1066,41 +1005,37 @@ def test_sign_then_encrypt_assertion2(self): # Explicitely allow unsigned responses for this and the following 2 tests self.client.want_response_signed = False resp = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"_012345": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"_012345": "http://foo.example.com/service"} + ) # assert resp.encrypted_assertion == [] assert resp.assertion - assert resp.ava == {'givenName': ['Derek'], 'sn': ['Jeter']} + assert resp.ava == {"givenName": ["Derek"], "sn": ["Jeter"]} def test_sign_then_encrypt_assertion_advice_1(self): # Begin with the IdPs side _sec = self.server.sec - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Derek", "sn": "Jeter"}) subject_confirmation_specs = { - 'recipient': "http://lingon.catalogix.se:8087/", - 'in_response_to': "_012345", - 'subject_confirmation_method': saml.SCM_BEARER + "recipient": "http://lingon.catalogix.se:8087/", + "in_response_to": "_012345", + "subject_confirmation_method": saml.SCM_BEARER, } name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) - farg = add_path( - {}, - ['assertion', 'subject', 'subject_confirmation', 'method', - saml.SCM_BEARER]) + farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', - '_012345']) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "in_response_to", "_012345"], + ) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', - "http://lingon.catalogix.se:8087/"]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], + ) assertion = asser.construct( self.client.config.entityid, @@ -1110,7 +1045,8 @@ def test_sign_then_encrypt_assertion_advice_1(self): name_id=name_id, authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser = Assertion({"uid": "test01", "email": "test.testsson@test.se"}) a_assertion = a_asser.construct( @@ -1121,84 +1057,80 @@ def test_sign_then_encrypt_assertion_advice_1(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) - a_assertion.signature = sigver.pre_signature_part( - a_assertion.id, _sec.my_cert, 1) + a_assertion.signature = sigver.pre_signature_part(a_assertion.id, _sec.my_cert, 1) assertion.advice = Advice() assertion.advice.encrypted_assertion = [] assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - assertion.advice.encrypted_assertion[0].add_extension_element( - a_assertion) + assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), - issuer=self.server._issuer() + issuer=self.server._issuer(), ) response.assertion.append(assertion) - response = _sec.sign_statement("%s" % response, class_name(a_assertion), - key_file=self.client.sec.key_file, - node_id=a_assertion.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion), key_file=self.client.sec.key_file, node_id=a_assertion.id + ) # xmldoc = "%s" % response # strangely enough I get different tags if I run this test separately # or as part of a bunch of tests. # xmldoc = add_subelement(xmldoc, "EncryptedAssertion", sigass) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 0]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[0]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) # seresp = samlp.response_from_string(enctext) resp_str = b64encode(enctext.encode()) # Now over to the client side resp = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"_012345": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"_012345": "http://foo.example.com/service"} + ) # assert resp.encrypted_assertion == [] assert resp.assertion assert resp.assertion.advice assert resp.assertion.advice.assertion - assert resp.ava == \ - {'sn': ['Jeter'], 'givenName': ['Derek'], 'uid': ['test01'], - 'email': ['test.testsson@test.se']} + assert resp.ava == { + "sn": ["Jeter"], + "givenName": ["Derek"], + "uid": ["test01"], + "email": ["test.testsson@test.se"], + } def test_sign_then_encrypt_assertion_advice_2(self): # Begin with the IdPs side _sec = self.server.sec - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser_1 = Assertion({"givenName": "Derek"}) - farg = add_path( - {}, - ['assertion', 'subject', 'subject_confirmation', 'method', - saml.SCM_BEARER]) + farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', - '_012345']) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "in_response_to", "_012345"], + ) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', - "http://lingon.catalogix.se:8087/"]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], + ) name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) assertion_1 = asser_1.construct( @@ -1209,7 +1141,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) asser_2 = Assertion({"sn": "Jeter"}) @@ -1221,7 +1154,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_1 = Assertion({"uid": "test01"}) a_assertion_1 = a_asser_1.construct( @@ -1232,7 +1166,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_2 = Assertion({"email": "test.testsson@test.se"}) a_assertion_2 = a_asser_2.construct( @@ -1243,7 +1178,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_3 = Assertion({"street": "street"}) a_assertion_3 = a_asser_3.construct( @@ -1254,7 +1190,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_4 = Assertion({"title": "title"}) a_assertion_4 = a_asser_4.construct( @@ -1265,31 +1202,26 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) - a_assertion_1.signature = sigver.pre_signature_part( - a_assertion_1.id, _sec.my_cert, 1) + a_assertion_1.signature = sigver.pre_signature_part(a_assertion_1.id, _sec.my_cert, 1) - a_assertion_2.signature = sigver.pre_signature_part( - a_assertion_2.id, _sec.my_cert, 1) + a_assertion_2.signature = sigver.pre_signature_part(a_assertion_2.id, _sec.my_cert, 1) - a_assertion_3.signature = sigver.pre_signature_part( - a_assertion_3.id, _sec.my_cert, 1) + a_assertion_3.signature = sigver.pre_signature_part(a_assertion_3.id, _sec.my_cert, 1) - a_assertion_4.signature = sigver.pre_signature_part( - a_assertion_4.id, _sec.my_cert, 1) + a_assertion_4.signature = sigver.pre_signature_part(a_assertion_4.id, _sec.my_cert, 1) - assertion_1.signature = sigver.pre_signature_part(assertion_1.id, - _sec.my_cert, 1) + assertion_1.signature = sigver.pre_signature_part(assertion_1.id, _sec.my_cert, 1) - assertion_2.signature = sigver.pre_signature_part(assertion_2.id, - _sec.my_cert, 1) + assertion_2.signature = sigver.pre_signature_part(assertion_2.id, _sec.my_cert, 1) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), - issuer=self.server._issuer() + issuer=self.server._issuer(), ) response.assertion = assertion_1 @@ -1297,62 +1229,52 @@ def test_sign_then_encrypt_assertion_advice_2(self): response.assertion.advice = Advice() response.assertion.advice.encrypted_assertion = [] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[0].add_extension_element( - a_assertion_1) + response.assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion_1) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_1._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_1), - key_file=self.server.sec.key_file, - node_id=a_assertion_1.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_1), key_file=self.server.sec.key_file, node_id=a_assertion_1.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) response.assertion = response.assertion[0] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[1].add_extension_element( - a_assertion_2) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) + response.assertion.advice.encrypted_assertion[1].add_extension_element(a_assertion_2) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_2._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_2), - key_file=self.server.sec.key_file, - node_id=a_assertion_2.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_2), key_file=self.server.sec.key_file, node_id=a_assertion_2.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 0]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[0]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) @@ -1360,18 +1282,15 @@ def test_sign_then_encrypt_assertion_advice_2(self): assertion_tag = response.assertion._to_element_tree().tag response = pre_encrypt_assertion(response) - response = \ - response.get_xml_string_with_self_contained_assertion_within_encrypted_assertion( - assertion_tag) + response = response.get_xml_string_with_self_contained_assertion_within_encrypted_assertion(assertion_tag) - response = _sec.sign_statement("%s" % response, class_name(assertion_1), - key_file=self.server.sec.key_file, - node_id=assertion_1.id) + response = _sec.sign_statement( + f"{response}", class_name(assertion_1), key_file=self.server.sec.key_file, node_id=assertion_1.id + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part()) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part() + ) response = samlp.response_from_string(enctext) @@ -1380,70 +1299,62 @@ def test_sign_then_encrypt_assertion_advice_2(self): response.assertion.advice = Advice() response.assertion.advice.encrypted_assertion = [] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[0].add_extension_element( - a_assertion_3) + response.assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion_3) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_3._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_3), - key_file=self.server.sec.key_file, - node_id=a_assertion_3.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_3), key_file=self.server.sec.key_file, node_id=a_assertion_3.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 0]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[0]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) response.assertion = response.assertion[0] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[1].add_extension_element( - a_assertion_4) + response.assertion.advice.encrypted_assertion[1].add_extension_element(a_assertion_4) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_4._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_4), - key_file=self.server.sec.key_file, - node_id=a_assertion_4.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_4), key_file=self.server.sec.key_file, node_id=a_assertion_4.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) - response = _sec.sign_statement("%s" % response, - class_name(response.assertion[0]), - key_file=self.server.sec.key_file, - node_id=response.assertion[0].id) + response = _sec.sign_statement( + f"{response}", + class_name(response.assertion[0]), + key_file=self.server.sec.key_file, + node_id=response.assertion[0].id, + ) response = samlp.response_from_string(response) @@ -1452,25 +1363,27 @@ def test_sign_then_encrypt_assertion_advice_2(self): resp_str = b64encode(str(response).encode()) # Now over to the client side resp = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"_012345": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"_012345": "http://foo.example.com/service"} + ) # assert resp.encrypted_assertion == [] assert resp.assertion assert resp.assertion.advice assert resp.assertion.advice.assertion - assert resp.ava == \ - {'street': ['street'], 'uid': ['test01'], 'title': ['title'], - 'givenName': ['Derek'], 'email': - ['test.testsson@test.se'], 'sn': ['Jeter']} + assert resp.ava == { + "street": ["street"], + "uid": ["test01"], + "title": ["title"], + "givenName": ["Derek"], + "email": ["test.testsson@test.se"], + "sn": ["Jeter"], + } def test_signed_with_default_algo_redirect(self): # Revert configuration change to disallow unsinged responses self.client.want_response_signed = True - reqid, req = self.client.create_authn_request( - "http://localhost:8088/sso", message_id="id1" - ) + reqid, req = self.client.create_authn_request("http://localhost:8088/sso", message_id="id1") msg_str = str(req) info = self.client.apply_binding( @@ -1483,26 +1396,20 @@ def test_signed_with_default_algo_redirect(self): loc = info["headers"][0][1] qs = parse.parse_qs(loc[1:]) - expected_query_params = ['SigAlg', 'SAMLRequest', 'RelayState', 'Signature'] + expected_query_params = ["SigAlg", "SAMLRequest", "RelayState", "Signature"] assert _leq(qs.keys(), expected_query_params) assert all(len(qs[k]) == 1 for k in expected_query_params) assert qs["SigAlg"] == [sig_default] - assert verify_redirect_signature( - list_values2simpletons(qs), self.client.sec.sec_backend - ) + assert verify_redirect_signature(list_values2simpletons(qs), self.client.sec.sec_backend) - res = self.server.parse_authn_request( - qs["SAMLRequest"][0], BINDING_HTTP_REDIRECT - ) + res = self.server.parse_authn_request(qs["SAMLRequest"][0], BINDING_HTTP_REDIRECT) def test_signed_redirect(self): # Revert configuration change to disallow unsinged responses self.client.want_response_signed = True - reqid, req = self.client.create_authn_request( - "http://localhost:8088/sso", message_id="id1" - ) + reqid, req = self.client.create_authn_request("http://localhost:8088/sso", message_id="id1") msg_str = str(req) info = self.client.apply_binding( @@ -1516,27 +1423,21 @@ def test_signed_redirect(self): loc = info["headers"][0][1] qs = parse.parse_qs(loc[1:]) - expected_query_params = ['SigAlg', 'SAMLRequest', 'RelayState', 'Signature'] + expected_query_params = ["SigAlg", "SAMLRequest", "RelayState", "Signature"] assert _leq(qs.keys(), expected_query_params) assert all(len(qs[k]) == 1 for k in expected_query_params) assert qs["SigAlg"] == [SIG_RSA_SHA256] - assert verify_redirect_signature( - list_values2simpletons(qs), self.client.sec.sec_backend - ) + assert verify_redirect_signature(list_values2simpletons(qs), self.client.sec.sec_backend) - res = self.server.parse_authn_request( - qs["SAMLRequest"][0], BINDING_HTTP_REDIRECT - ) + res = self.server.parse_authn_request(qs["SAMLRequest"][0], BINDING_HTTP_REDIRECT) def test_signed_redirect_passes_if_needs_signed_requests(self): # Revert configuration change to disallow unsinged responses self.client.want_response_signed = True self.server.config.setattr("idp", "want_authn_requests_signed", True) - reqid, req = self.client.create_authn_request( - "http://localhost:8088/sso", message_id="id1" - ) + reqid, req = self.client.create_authn_request("http://localhost:8088/sso", message_id="id1") info = self.client.apply_binding( BINDING_HTTP_REDIRECT, @@ -1554,7 +1455,7 @@ def test_signed_redirect_passes_if_needs_signed_requests(self): BINDING_HTTP_REDIRECT, relay_state=qs["RelayState"], sigalg=qs["SigAlg"], - signature=qs["Signature"] + signature=qs["Signature"], ) assert res.message.destination == "http://localhost:8088/sso" assert res.message.id == "id1" @@ -1564,9 +1465,7 @@ def test_signed_redirect_fail_if_needs_signed_request_but_received_unsigned(self self.client.want_response_signed = True self.server.config.setattr("idp", "want_authn_requests_signed", True) - reqid, req = self.client.create_authn_request( - "http://localhost:8088/sso", message_id="id1" - ) + reqid, req = self.client.create_authn_request("http://localhost:8088/sso", message_id="id1") info = self.client.apply_binding( BINDING_HTTP_REDIRECT, @@ -1580,18 +1479,14 @@ def test_signed_redirect_fail_if_needs_signed_request_but_received_unsigned(self qs = list_values2simpletons(parse.parse_qs(loc[1:])) with raises(IncorrectlySigned): - self.server.parse_authn_request( - qs["SAMLRequest"], BINDING_HTTP_REDIRECT - ) + self.server.parse_authn_request(qs["SAMLRequest"], BINDING_HTTP_REDIRECT) def test_signed_redirect_fail_if_needs_signed_request_but_sigalg_not_matches(self): # Revert configuration change to disallow unsinged responses self.client.want_response_signed = True self.server.config.setattr("idp", "want_authn_requests_signed", True) - reqid, req = self.client.create_authn_request( - "http://localhost:8088/sso", message_id="id1" - ) + reqid, req = self.client.create_authn_request("http://localhost:8088/sso", message_id="id1") info = self.client.apply_binding( BINDING_HTTP_REDIRECT, @@ -1610,7 +1505,7 @@ def test_signed_redirect_fail_if_needs_signed_request_but_sigalg_not_matches(sel BINDING_HTTP_REDIRECT, relay_state=qs["RelayState"], sigalg=SIG_RSA_SHA1, - signature=qs["Signature"] + signature=qs["Signature"], ) def test_do_logout_signed_redirect(self): @@ -1623,19 +1518,15 @@ def test_do_logout_signed_redirect(self): "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Andersson", - "mail": "anders.andersson@example.com" - } + "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, } client.users.add_information_about_person(session_info) entity_ids = client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] - resp = client.do_logout(nid, entity_ids, "Tired", in_a_while(minutes=5), - sign=True, - expected_binding=BINDING_HTTP_REDIRECT) + resp = client.do_logout( + nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_REDIRECT + ) assert list(resp.keys()) == entity_ids binding, info = resp[entity_ids[0]] @@ -1644,7 +1535,7 @@ def test_do_logout_signed_redirect(self): loc = info["headers"][0][1] _, _, _, _, qs, _ = parse.urlparse(loc) qs = parse.parse_qs(qs) - assert _leq(qs.keys(), ['SigAlg', 'SAMLRequest', 'RelayState', 'Signature']) + assert _leq(qs.keys(), ["SigAlg", "SAMLRequest", "RelayState", "Signature"]) qs_simple = list_values2simpletons(qs) assert verify_redirect_signature(qs_simple, client.sec.sec_backend) @@ -1652,9 +1543,9 @@ def test_do_logout_signed_redirect(self): res = self.server.parse_logout_request( qs_simple["SAMLRequest"], BINDING_HTTP_REDIRECT, - relay_state=qs_simple['RelayState'], - sigalg=qs_simple['SigAlg'], - signature=qs_simple['Signature'], + relay_state=qs_simple["RelayState"], + sigalg=qs_simple["SigAlg"], + signature=qs_simple["Signature"], ) def test_do_logout_signed_redirect_invalid(self): @@ -1666,11 +1557,7 @@ def test_do_logout_signed_redirect_invalid(self): "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Andersson", - "mail": "anders.andersson@example.com" - } + "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, } client.users.add_information_about_person(session_info) entity_ids = client.users.issuers_of_info(nid) @@ -1690,10 +1577,10 @@ def test_do_logout_signed_redirect_invalid(self): qs = parse.parse_qs(qs) qs_simple = list_values2simpletons(qs) - invalid_signature = 'ZEdMZUQ3SjBjQ2ozWmlGaHhyV3JZSzNkTWhQWU02bjA0dzVNeUd1UWgrVDhnYm1oc1R1TTFjPQo=' + invalid_signature = "ZEdMZUQ3SjBjQ2ozWmlGaHhyV3JZSzNkTWhQWU02bjA0dzVNeUd1UWgrVDhnYm1oc1R1TTFjPQo=" qs_simple_invalid = { **qs_simple, - 'Signature': invalid_signature, + "Signature": invalid_signature, } assert not verify_redirect_signature(qs_simple_invalid, client.sec.sec_backend) @@ -1702,8 +1589,8 @@ def test_do_logout_signed_redirect_invalid(self): res = self.server.parse_logout_request( qs_simple["SAMLRequest"], BINDING_HTTP_REDIRECT, - relay_state=qs_simple['RelayState'], - sigalg=qs_simple['SigAlg'], + relay_state=qs_simple["RelayState"], + sigalg=qs_simple["SigAlg"], signature=invalid_signature, ) @@ -1713,19 +1600,15 @@ def test_do_logout_post(self): "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Andersson", - "mail": "anders.andersson@example.com" - }, - "session_index": SessionIndex("_foo") + "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, + "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] - resp = self.client.do_logout(nid, entity_ids, "Tired", - in_a_while(minutes=5), sign=True, - expected_binding=BINDING_HTTP_POST) + resp = self.client.do_logout( + nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST + ) assert resp assert len(resp) == 1 assert list(resp.keys()) == entity_ids @@ -1733,9 +1616,8 @@ def test_do_logout_post(self): assert binding == BINDING_HTTP_POST _dic = unpack_form(info["data"]) - res = self.server.parse_logout_request(_dic["SAMLRequest"], - BINDING_HTTP_POST) - assert b'_foo' in res.xmlstr + res = self.server.parse_logout_request(_dic["SAMLRequest"], BINDING_HTTP_POST) + assert b"_foo" in res.xmlstr def test_do_logout_redirect_no_cache(self): conf = config.SPConfig() @@ -1743,9 +1625,13 @@ def test_do_logout_redirect_no_cache(self): client = Saml2Client(conf) entity_ids = ["urn:mace:example.com:saml:roland:idp"] - resp = client.do_logout(nid, entity_ids, "urn:oasis:names:tc:SAML:2.0:logout:user", - in_a_while(minutes=5), - expected_binding=BINDING_HTTP_REDIRECT) + resp = client.do_logout( + nid, + entity_ids, + "urn:oasis:names:tc:SAML:2.0:logout:user", + in_a_while(minutes=5), + expected_binding=BINDING_HTTP_REDIRECT, + ) assert resp assert len(resp) == 1 assert list(resp.keys()) == entity_ids @@ -1755,10 +1641,9 @@ def test_do_logout_redirect_no_cache(self): loc = info["headers"][0][1] _, _, _, _, qs, _ = parse.urlparse(loc) qs = parse.parse_qs(qs) - assert _leq(qs.keys(), ['SAMLRequest', 'RelayState']) + assert _leq(qs.keys(), ["SAMLRequest", "RelayState"]) - res = self.server.parse_logout_request(qs["SAMLRequest"][0], - BINDING_HTTP_REDIRECT) + res = self.server.parse_logout_request(qs["SAMLRequest"][0], BINDING_HTTP_REDIRECT) assert res.subject_id() == nid def test_do_logout_session_expired(self): @@ -1767,19 +1652,15 @@ def test_do_logout_session_expired(self): "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": a_while_ago(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Andersson", - "mail": "anders.andersson@example.com" - }, - "session_index": SessionIndex("_foo") + "ava": {"givenName": "Anders", "sn": "Andersson", "mail": "anders.andersson@example.com"}, + "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] - resp = self.client.do_logout(nid, entity_ids, "Tired", - in_a_while(minutes=5), sign=True, - expected_binding=BINDING_HTTP_POST) + resp = self.client.do_logout( + nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST + ) assert resp assert len(resp) == 1 assert list(resp.keys()) == entity_ids @@ -1787,22 +1668,14 @@ def test_do_logout_session_expired(self): assert binding == BINDING_HTTP_POST _dic = unpack_form(info["data"]) - res = self.server.parse_logout_request(_dic["SAMLRequest"], - BINDING_HTTP_POST) - assert b'_foo' in res.xmlstr + res = self.server.parse_logout_request(_dic["SAMLRequest"], BINDING_HTTP_POST) + assert b"_foo" in res.xmlstr def test_signature_wants(self): - ava = { - "givenName": ["Derek"], - "sn": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], - "title": ["The man"] - } + ava = {"givenName": ["Derek"], "sn": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} - nameid_policy = samlp.NameIDPolicy( - allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) kwargs = { "identity": ava, @@ -1811,18 +1684,16 @@ def test_signature_wants(self): "sp_entity_id": "urn:mace:example.com:saml:roland:sp", "name_id_policy": nameid_policy, "userid": "foba0001@example.com", - "authn": AUTHN - } + "authn": AUTHN, + } outstanding = {"id1": "http://foo.example.com/service"} def create_authn_response(**kwargs): - return b64encode( - str(self.server.create_authn_response(**kwargs)).encode()) + return b64encode(str(self.server.create_authn_response(**kwargs)).encode()) def parse_authn_response(response): - self.client.parse_authn_request_response(response, - BINDING_HTTP_POST, outstanding) + self.client.parse_authn_request_response(response, BINDING_HTTP_POST, outstanding) def set_client_want(response, assertion, either): self.client.want_response_signed = response @@ -1977,8 +1848,9 @@ def test_create_attribute_query1(self): "https://idp.example.com/idp/", "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", format=saml.NAMEID_FORMAT_PERSISTENT, - message_id="id1") - reqstr = "%s" % req.to_string().decode() + message_id="id1", + ) + reqstr = f"{req.to_string().decode()}" assert req.destination == "https://idp.example.com/idp/" assert req.id == "id1" @@ -1992,8 +1864,7 @@ def test_create_attribute_query1(self): attrq = samlp.attribute_query_from_string(reqstr) - assert _leq(attrq.keyswv(), ['destination', 'subject', 'issue_instant', - 'version', 'id', 'issuer']) + assert _leq(attrq.keyswv(), ["destination", "subject", "issue_instant", "version", "id", "issuer"]) assert attrq.destination == req.destination assert attrq.id == req.id @@ -2008,17 +1879,13 @@ def test_create_attribute_query2(self): "https://idp.example.com/idp/", "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", attribute={ - ("urn:oid:2.5.4.42", - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - "givenName"): None, - ("urn:oid:2.5.4.4", - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - "surname"): None, - ("urn:oid:1.2.840.113549.1.9.1", - "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"): None, + ("urn:oid:2.5.4.42", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "givenName"): None, + ("urn:oid:2.5.4.4", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "surname"): None, + ("urn:oid:1.2.840.113549.1.9.1", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"): None, }, format=saml.NAMEID_FORMAT_PERSISTENT, - message_id="id1") + message_id="id1", + ) assert req.destination == "https://idp.example.com/idp/" assert req.id == "id1" @@ -2051,11 +1918,11 @@ def test_create_attribute_query_3(self): "https://aai-demo-idp.switch.ch/idp/shibboleth", "_e7b68a04488f715cda642fbdd90099f5", format=NAMEID_FORMAT_TRANSIENT, - message_id="id1") + message_id="id1", + ) assert isinstance(req, samlp.AttributeQuery) - assert req.destination == "https://aai-demo-idp.switch" \ - ".ch/idp/shibboleth" + assert req.destination == "https://aai-demo-idp.switch" ".ch/idp/shibboleth" assert req.id == "id1" assert req.version == "2.0" assert req.issue_instant @@ -2065,15 +1932,17 @@ def test_create_attribute_query_3(self): assert nameid.text == "_e7b68a04488f715cda642fbdd90099f5" def test_create_auth_request_0(self): - ar_str = "%s" % self.client.create_authn_request( - "http://www.example.com/sso", - message_id="id1", - nameid_format=NAMEID_FORMAT_TRANSIENT, - )[1] + ar_str = ( + "%s" + % self.client.create_authn_request( + "http://www.example.com/sso", + message_id="id1", + nameid_format=NAMEID_FORMAT_TRANSIENT, + )[1] + ) ar = samlp.authn_request_from_string(ar_str) - assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" - ".se:8087/") + assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" ".se:8087/") assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" @@ -2092,32 +1961,29 @@ def test_create_auth_request_0(self): for c in node_requested_attributes.children: assert c.tag == RequestedAttribute.c_tag - assert c.attributes['isRequired'] in ['true', 'false'] - assert c.attributes['Name'] - assert c.attributes['FriendlyName'] - assert c.attributes['NameFormat'] + assert c.attributes["isRequired"] in ["true", "false"] + assert c.attributes["Name"] + assert c.attributes["FriendlyName"] + assert c.attributes["NameFormat"] def test_create_auth_request_unset_force_authn(self): - req_id, req = self.client.create_authn_request( - "http://www.example.com/sso", sign=False, message_id="id1") + req_id, req = self.client.create_authn_request("http://www.example.com/sso", sign=False, message_id="id1") assert bool(req.force_authn) == False def test_create_auth_request_set_force_authn(self): req_id, req = self.client.create_authn_request( - "http://www.example.com/sso", sign=False, message_id="id1", - force_authn="true") + "http://www.example.com/sso", sign=False, message_id="id1", force_authn="true" + ) assert bool(req.force_authn) == True def test_create_auth_request_nameid_policy_allow_create(self): conf = config.SPConfig() conf.load_file("sp_conf_nameidpolicy") client = Saml2Client(conf) - ar_str = "%s" % client.create_authn_request( - "http://www.example.com/sso", message_id="id1")[1] + ar_str = f"{client.create_authn_request('http://www.example.com/sso', message_id='id1')[1]}" ar = samlp.authn_request_from_string(ar_str) - assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" - ".se:8087/") + assert ar.assertion_consumer_service_url == ("http://lingon.catalogix" ".se:8087/") assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" @@ -2128,19 +1994,21 @@ def test_create_auth_request_nameid_policy_allow_create(self): assert nid_policy.format == saml.NAMEID_FORMAT_PERSISTENT def test_create_auth_request_vo(self): - assert list(self.client.config.vorg.keys()) == [ - "urn:mace:example.com:it:tek"] - - ar_str = "%s" % self.client.create_authn_request( - "http://www.example.com/sso", - "urn:mace:example.com:it:tek", # vo - nameid_format=NAMEID_FORMAT_PERSISTENT, - message_id="666")[1] + assert list(self.client.config.vorg.keys()) == ["urn:mace:example.com:it:tek"] + + ar_str = ( + "%s" + % self.client.create_authn_request( + "http://www.example.com/sso", + "urn:mace:example.com:it:tek", # vo + nameid_format=NAMEID_FORMAT_PERSISTENT, + message_id="666", + )[1] + ) ar = samlp.authn_request_from_string(ar_str) assert ar.id == "666" - assert ar.assertion_consumer_service_url == "http://lingon.catalogix" \ - ".se:8087/" + assert ar.assertion_consumer_service_url == "http://lingon.catalogix" ".se:8087/" assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" @@ -2152,10 +2020,9 @@ def test_create_auth_request_vo(self): assert nid_policy.sp_name_qualifier == "urn:mace:example.com:it:tek" def test_sign_auth_request_0(self): - req_id, areq = self.client.create_authn_request( - "http://www.example.com/sso", sign=True, message_id="id1") + req_id, areq = self.client.create_authn_request("http://www.example.com/sso", sign=True, message_id="id1") - ar_str = "%s" % areq + ar_str = f"{areq}" ar = samlp.authn_request_from_string(ar_str) assert ar @@ -2167,16 +2034,20 @@ def test_sign_auth_request_0(self): assert signed_info.reference[0].digest_value try: assert self.client.sec.correctly_signed_authn_request( - ar_str, self.client.config.xmlsec_binary, - self.client.config.metadata) + ar_str, self.client.config.xmlsec_binary, self.client.config.metadata + ) except Exception: # missing certificate self.client.sec.verify_signature(ar_str, node_name=class_name(ar)) def test_create_logout_request(self): req_id, req = self.client.create_logout_request( - "http://localhost:8088/slo", "urn:mace:example.com:saml:roland:idp", - name_id=nid, reason="Tired", expire=in_a_while(minutes=15), - session_indexes=["_foo"]) + "http://localhost:8088/slo", + "urn:mace:example.com:saml:roland:idp", + name_id=nid, + reason="Tired", + expire=in_a_while(minutes=15), + session_indexes=["_foo"], + ) assert req.destination == "http://localhost:8088/slo" assert req.reason == "Tired" @@ -2188,11 +2059,9 @@ def test_create_logout_request(self): def test_response_1(self): IDP = "urn:mace:example.com:saml:roland:idp" - ava = {"givenName": ["Dave"], "sn": ["Concepción"], - "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} + ava = {"givenName": ["Dave"], "sn": ["Concepción"], "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) resp = self.server.create_authn_response( identity=ava, @@ -2202,23 +2071,28 @@ def test_response_1(self): name_id_policy=nameid_policy, sign_response=True, userid="foba0001@example.com", - authn=AUTHN) + authn=AUTHN, + ) - resp_str = "%s" % resp + resp_str = f"{resp}" - resp_str = b64encode(resp_str.encode('utf-8')) + resp_str = b64encode(resp_str.encode("utf-8")) authn_response = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) assert authn_response is not None assert authn_response.issuer() == IDP assert authn_response.response.assertion[0].issuer.text == IDP session_info = authn_response.session_info() - assert session_info["ava"] == {"givenName": ["Dave"], "sn": [u"Concepción"], - "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} + assert session_info["ava"] == { + "givenName": ["Dave"], + "sn": ["Concepción"], + "mail": ["Dave@cnr.mlb.com"], + "title": ["#13"], + } assert session_info["issuer"] == IDP assert session_info["came_from"] == "http://foo.example.com/service" response = samlp.response_from_string(authn_response.xmlstr) @@ -2233,8 +2107,7 @@ def test_response_1(self): # --- authenticate another person - ava = {"givenName": ["Alfonson"], "sn": ["Soriano"], - "mail": ["alfonson@chc.mlb.com"], "title": ["outfielder"]} + ava = {"givenName": ["Alfonson"], "sn": ["Soriano"], "mail": ["alfonson@chc.mlb.com"], "title": ["outfielder"]} resp_str = "%s" % self.server.create_authn_response( identity=ava, @@ -2244,18 +2117,16 @@ def test_response_1(self): sign_response=True, name_id_policy=nameid_policy, userid="also0001@example.com", - authn=AUTHN) + authn=AUTHN, + ) resp_str = b64encode(resp_str.encode()) - self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id2": "http://foo.example.com/service"}) + self.client.parse_authn_request_response(resp_str, BINDING_HTTP_POST, {"id2": "http://foo.example.com/service"}) # Two persons in the cache assert len(self.client.users.subjects()) == 2 - issuers = [self.client.users.issuers_of_info(s) for s in - self.client.users.subjects()] + issuers = [self.client.users.issuers_of_info(s) for s in self.client.users.subjects()] # The information I have about the subjects comes from the same source assert issuers == [[IDP], [IDP]] @@ -2268,14 +2139,9 @@ def test_response_2(self): cert_str, cert_key_str = generate_cert() - cert = \ - { - "cert": cert_str, - "key": cert_key_str - } + cert = {"cert": cert_str, "key": cert_key_str} - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -2290,16 +2156,16 @@ def test_response_2(self): encrypt_assertion=False, encrypt_assertion_self_contained=True, pefim=True, - encrypt_cert_advice=cert_str + encrypt_cert_advice=cert_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}, {"id1": cert}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, {"id1": cert} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -2310,8 +2176,7 @@ def test_response_3(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -2328,13 +2193,13 @@ def test_response_3(self): pefim=True, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -2345,8 +2210,7 @@ def test_response_4(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -2363,13 +2227,13 @@ def test_response_4(self): pefim=True, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -2380,16 +2244,11 @@ def test_response_5(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() - cert = \ - { - "cert": cert_str, - "key": cert_key_str - } + cert = {"cert": cert_str, "key": cert_key_str} resp = self.server.create_authn_response( identity=ava, @@ -2404,16 +2263,16 @@ def test_response_5(self): encrypt_assertion=True, encrypt_assertion_self_contained=True, pefim=True, - encrypt_cert_assertion=cert_str + encrypt_cert_assertion=cert_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}, {"id1": cert}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, {"id1": cert} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -2424,24 +2283,15 @@ def test_response_6(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_assertion_str, cert_key_assertion_str = generate_cert() - cert_assertion = \ - { - "cert": cert_assertion_str, - "key": cert_key_assertion_str - } + cert_assertion = {"cert": cert_assertion_str, "key": cert_key_assertion_str} cert_advice_str, cert_key_advice_str = generate_cert() - cert_advice = \ - { - "cert": cert_advice_str, - "key": cert_key_advice_str - } + cert_advice = {"cert": cert_advice_str, "key": cert_key_advice_str} resp = self.server.create_authn_response( identity=ava, @@ -2457,17 +2307,19 @@ def test_response_6(self): encrypt_assertion_self_contained=True, pefim=True, encrypt_cert_assertion=cert_assertion_str, - encrypt_cert_advice=cert_advice_str + encrypt_cert_advice=cert_advice_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, + resp_str, + BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, - {"id1": [cert_assertion, cert_advice]}) + {"id1": [cert_assertion, cert_advice]}, + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -2478,8 +2330,7 @@ def test_response_7(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") resp = self.server.create_authn_response( identity=ava, @@ -2496,13 +2347,13 @@ def test_response_7(self): encrypted_advice_attributes=True, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) @@ -2513,16 +2364,11 @@ def test_response_8(self): idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id1") + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id1") cert_str, cert_key_str = generate_cert() - cert = \ - { - "cert": cert_str, - "key": cert_key_str - } + cert = {"cert": cert_str, "key": cert_key_str} resp = self.server.create_authn_response( identity=ava, @@ -2536,27 +2382,24 @@ def test_response_8(self): sign_assertion=True, encrypt_assertion=True, encrypt_assertion_self_contained=True, - encrypt_cert_assertion=cert_str + encrypt_cert_assertion=cert_str, ) - resp_str = "%s" % resp + resp_str = f"{resp}" resp_str = b64encode(resp_str.encode()) authn_response = _client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}, {"id1": cert}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}, {"id1": cert} + ) self.verify_authn_response(idp, authn_response, _client, ava_verify) def test_response_no_name_id(self): - """ Test that the SP client can parse an authentication response + """Test that the SP client can parse an authentication response from an IdP that does not contain a element.""" - if six.PY2: - _bytes = str - else: - _bytes = bytes + _bytes = bytes conf = config.SPConfig() conf.load_file("server_conf") @@ -2564,9 +2407,7 @@ def test_response_no_name_id(self): # Use the same approach as the other tests for mocking up # an authentication response to parse. - idp, ava, ava_verify, nameid_policy = ( - self.setup_verify_authn_response() - ) + idp, ava, ava_verify, nameid_policy = self.setup_verify_authn_response() # Mock up an authentication response but do not encrypt it # nor sign it since below we will modify it directly. Note that @@ -2583,7 +2424,7 @@ def test_response_no_name_id(self): sign_response=False, sign_assertion=False, encrypt_assertion=False, - encrypt_assertion_self_contained=False + encrypt_assertion_self_contained=False, ) # The create_authn_response method above will return an instance @@ -2597,11 +2438,7 @@ def test_response_no_name_id(self): # Cast the response to a string and encode it to mock up the payload # the SP client is expected to receive via HTTP POST binding. - if six.PY2: - resp_str = b64encode(str(resp)) - else: - resp_str = b64encode(bytes(str(resp), 'utf-8')) - + resp_str = b64encode(bytes(str(resp), "utf-8")) # We do not need the client to verify a signature for this test. client.want_assertions_signed = False @@ -2609,14 +2446,14 @@ def test_response_no_name_id(self): # Parse the authentication response that does not include a . authn_response = client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"} + ) # A successful test is parsing the response. assert authn_response is not None def test_response_error_status(self): - """ Test that the SP client can parse an authentication response + """Test that the SP client can parse an authentication response from an IdP that contains an error status.""" conf = config.SPConfig() @@ -2631,10 +2468,7 @@ def test_response_error_status(self): # Cast the response to a string and encode it to mock up the payload # the SP client is expected to receive via HTTP POST binding. - if six.PY2: - resp_str = b64encode(str(resp)) - else: - resp_str = b64encode(bytes(str(resp), 'utf-8')) + resp_str = b64encode(bytes(str(resp), "utf-8")) # We do not need the client to verify a signature for this test. client.want_assertions_signed = False @@ -2642,12 +2476,10 @@ def test_response_error_status(self): # Parse the authentication error response with raises(StatusInvalidNameidPolicy): - client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + client.parse_authn_request_response(resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}) def test_response_error_status_non_standard_status_code(self): - """ Test that the SP client can parse an authentication response + """Test that the SP client can parse an authentication response from an IdP that contains an error status.""" conf = config.SPConfig() @@ -2657,15 +2489,12 @@ def test_response_error_status_non_standard_status_code(self): resp = self.server.create_error_response( in_response_to="id1", destination="http://lingon.catalogix.se:8087/", - info=('http://example.com/status/1.0/cancel', None), + info=("http://example.com/status/1.0/cancel", None), ) # Cast the response to a string and encode it to mock up the payload # the SP client is expected to receive via HTTP POST binding. - if six.PY2: - resp_str = b64encode(str(resp)) - else: - resp_str = b64encode(bytes(str(resp), 'utf-8')) + resp_str = b64encode(bytes(str(resp), "utf-8")) # We do not need the client to verify a signature for this test. client.want_assertions_signed = False @@ -2673,18 +2502,13 @@ def test_response_error_status_non_standard_status_code(self): # Parse the authentication error response with raises(StatusError): - client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"id1": "http://foo.example.com/service"}) + client.parse_authn_request_response(resp_str, BINDING_HTTP_POST, {"id1": "http://foo.example.com/service"}) def setup_verify_authn_response(self): idp = "urn:mace:example.com:saml:roland:idp" - ava = {"givenName": ["Dave"], "sn": ["Concepción"], - "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} - ava_verify = {"givenName": ["Dave"], "sn": [u"Concepción"], - "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + ava = {"givenName": ["Dave"], "sn": ["Concepción"], "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} + ava_verify = {"givenName": ["Dave"], "sn": ["Concepción"], "mail": ["Dave@cnr.mlb.com"], "title": ["#13"]} + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) return idp, ava, ava_verify, nameid_policy def verify_authn_response(self, idp, authn_response, _client, ava_verify): @@ -2709,7 +2533,7 @@ def test_init_values(self): entityid = self.client.config.entityid assert entityid == "urn:mace:example.com:saml:roland:sp" location = self.client._sso_location() - assert location == 'http://localhost:8088/sso' + assert location == "http://localhost:8088/sso" my_name = self.client._my_name() assert my_name == "urn:mace:example.com:saml:roland:sp" @@ -2718,10 +2542,7 @@ def test_sign_then_encrypt_assertion(self): _sec = self.server.sec assertion = s_utils.assertion_factory( - subject=factory(saml.Subject, text="_aaa", - name_id=factory( - saml.NameID, - format=NAMEID_FORMAT_TRANSIENT)), + subject=factory(saml.Subject, text="_aaa", name_id=factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT)), attribute_statement=do_attribute_statement( { ("", "", "sn"): ("Jeter", ""), @@ -2731,12 +2552,11 @@ def test_sign_then_encrypt_assertion(self): issuer=self.server._issuer(), ) - assertion.signature = sigver.pre_signature_part( - assertion.id, _sec.my_cert, 1) + assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) - sigass = _sec.sign_statement(assertion, class_name(assertion), - key_file=full_path("test.key"), - node_id=assertion.id) + sigass = _sec.sign_statement( + assertion, class_name(assertion), key_file=full_path("test.key"), node_id=assertion.id + ) # Create an Assertion instance from the signed assertion _ass = saml.assertion_from_string(sigass) @@ -2745,13 +2565,12 @@ def test_sign_then_encrypt_assertion(self): destination="https:#www.example.com", status=s_utils.success_status_factory(), issuer=self.server._issuer(), - assertion=_ass + assertion=_ass, ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 0]["cert_file"], - pre_encryption_part()) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[0]["cert_file"], pre_encryption_part() + ) seresp = samlp.response_from_string(enctext) @@ -2764,14 +2583,10 @@ def test_sign_then_encrypt_assertion(self): sign_cert_file = full_path("test.pem") for enc_ass in seresp.encrypted_assertion: - assers = extension_elements_to_elements( - enc_ass.extension_elements, [saml, samlp]) + assers = extension_elements_to_elements(enc_ass.extension_elements, [saml, samlp]) for ass in assers: if ass.signature: - if not _csec.verify_signature("%s" % ass, - sign_cert_file, - node_name=class_name( - ass)): + if not _csec.verify_signature(f"{ass}", sign_cert_file, node_name=class_name(ass)): continue resp_ass.append(ass) @@ -2784,22 +2599,18 @@ def test_sign_then_encrypt_assertion2(self): # Begin with the IdPs side _sec = self.server.sec - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Dave", "sn": "Concepción"}) - farg = add_path( - {}, - ['assertion', 'subject', 'subject_confirmation', 'method', - saml.SCM_BEARER]) + farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', - '_012345']) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "in_response_to", "_012345"], + ) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', - "http://lingon.catalogix.se:8087/"]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], + ) assertion = asser.construct( self.client.config.entityid, @@ -2809,15 +2620,14 @@ def test_sign_then_encrypt_assertion2(self): issuer=self.server._issuer(), authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", - farg=farg['assertion'] + farg=farg["assertion"], ) - assertion.signature = sigver.pre_signature_part( - assertion.id, _sec.my_cert, 1) + assertion.signature = sigver.pre_signature_part(assertion.id, _sec.my_cert, 1) - sigass = _sec.sign_statement(assertion, class_name(assertion), - key_file=self.client.sec.key_file, - node_id=assertion.id) + sigass = _sec.sign_statement( + assertion, class_name(assertion), key_file=self.client.sec.key_file, node_id=assertion.id + ) sigass = rm_xmltag(sigass) response = response_factory( @@ -2825,18 +2635,17 @@ def test_sign_then_encrypt_assertion2(self): destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), issuer=self.server._issuer(), - encrypted_assertion=EncryptedAssertion() + encrypted_assertion=EncryptedAssertion(), ) - xmldoc = "%s" % response + xmldoc = f"{response}" # strangely enough I get different tags if I run this test separately # or as part of a bunch of tests. xmldoc = add_subelement(xmldoc, "EncryptedAssertion", sigass) - enctext = _sec.crypto.encrypt_assertion(xmldoc, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part()) + enctext = _sec.crypto.encrypt_assertion( + xmldoc, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part() + ) # seresp = samlp.response_from_string(enctext) @@ -2845,41 +2654,37 @@ def test_sign_then_encrypt_assertion2(self): # Explicitely allow unsigned responses for this and the following 2 tests self.client.want_response_signed = False resp = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"_012345": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"_012345": "http://foo.example.com/service"} + ) # assert resp.encrypted_assertion == [] assert resp.assertion - assert resp.ava == {"sn": [u"Concepción"], "givenName": ["Dave"]} + assert resp.ava == {"sn": ["Concepción"], "givenName": ["Dave"]} def test_sign_then_encrypt_assertion_advice_1(self): # Begin with the IdPs side _sec = self.server.sec - nameid_policy = samlp.NameIDPolicy(allow_create="false", - format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_policy = samlp.NameIDPolicy(allow_create="false", format=saml.NAMEID_FORMAT_PERSISTENT) asser = Assertion({"givenName": "Dave", "sn": "Concepción"}) subject_confirmation_specs = { - 'recipient': "http://lingon.catalogix.se:8087/", - 'in_response_to': "_012345", - 'subject_confirmation_method': saml.SCM_BEARER + "recipient": "http://lingon.catalogix.se:8087/", + "in_response_to": "_012345", + "subject_confirmation_method": saml.SCM_BEARER, } name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) - farg = add_path( - {}, - ['assertion', 'subject', 'subject_confirmation', 'method', - saml.SCM_BEARER]) + farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', - '_012345']) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "in_response_to", "_012345"], + ) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', - "http://lingon.catalogix.se:8087/"]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], + ) assertion = asser.construct( self.client.config.entityid, @@ -2889,7 +2694,8 @@ def test_sign_then_encrypt_assertion_advice_1(self): name_id=name_id, authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser = Assertion({"uid": "test01", "email": "test.testsson@test.se"}) a_assertion = a_asser.construct( @@ -2900,66 +2706,63 @@ def test_sign_then_encrypt_assertion_advice_1(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) - a_assertion.signature = sigver.pre_signature_part( - a_assertion.id, _sec.my_cert, 1) + a_assertion.signature = sigver.pre_signature_part(a_assertion.id, _sec.my_cert, 1) assertion.advice = Advice() assertion.advice.encrypted_assertion = [] assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - assertion.advice.encrypted_assertion[0].add_extension_element( - a_assertion) + assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), - issuer=self.server._issuer() + issuer=self.server._issuer(), ) response.assertion.append(assertion) - response = _sec.sign_statement("%s" % response, class_name(a_assertion), - key_file=self.client.sec.key_file, - node_id=a_assertion.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion), key_file=self.client.sec.key_file, node_id=a_assertion.id + ) # xmldoc = "%s" % response # strangely enough I get different tags if I run this test separately # or as part of a bunch of tests. # xmldoc = add_subelement(xmldoc, "EncryptedAssertion", sigass) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 0]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[0]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) # seresp = samlp.response_from_string(enctext) - if six.PY2: - resp_str = b64encode(enctext.encode('utf-8')) - else: - resp_str = b64encode(bytes(enctext, 'utf-8')) + resp_str = b64encode(bytes(enctext, "utf-8")) # Now over to the client side resp = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"_012345": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"_012345": "http://foo.example.com/service"} + ) # assert resp.encrypted_assertion == [] assert resp.assertion assert resp.assertion.advice assert resp.assertion.advice.assertion - assert resp.ava == \ - {'givenName': ['Dave'], 'sn': [u'Concepción'], 'uid': ['test01'], - 'email': ['test.testsson@test.se']} + assert resp.ava == { + "givenName": ["Dave"], + "sn": ["Concepción"], + "uid": ["test01"], + "email": ["test.testsson@test.se"], + } def test_sign_then_encrypt_assertion_advice_2(self): # Begin with the IdPs side @@ -2967,18 +2770,15 @@ def test_sign_then_encrypt_assertion_advice_2(self): asser_1 = Assertion({"givenName": "Dave"}) - farg = add_path( - {}, - ['assertion', 'subject', 'subject_confirmation', 'method', - saml.SCM_BEARER]) + farg = add_path({}, ["assertion", "subject", "subject_confirmation", "method", saml.SCM_BEARER]) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'in_response_to', - '_012345']) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "in_response_to", "_012345"], + ) add_path( - farg['assertion']['subject']['subject_confirmation'], - ['subject_confirmation_data', 'recipient', - "http://lingon.catalogix.se:8087/"]) + farg["assertion"]["subject"]["subject_confirmation"], + ["subject_confirmation_data", "recipient", "http://lingon.catalogix.se:8087/"], + ) name_id = factory(saml.NameID, format=NAMEID_FORMAT_TRANSIENT) assertion_1 = asser_1.construct( @@ -2989,7 +2789,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) asser_2 = Assertion({"sn": "Concepción"}) @@ -3001,7 +2802,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_1 = Assertion({"uid": "test01"}) a_assertion_1 = a_asser_1.construct( @@ -3012,7 +2814,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_2 = Assertion({"email": "test.testsson@test.se"}) a_assertion_2 = a_asser_2.construct( @@ -3023,7 +2826,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_3 = Assertion({"street": "street"}) a_assertion_3 = a_asser_3.construct( @@ -3034,7 +2838,8 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) a_asser_4 = Assertion({"title": "title"}) a_assertion_4 = a_asser_4.construct( @@ -3045,31 +2850,26 @@ def test_sign_then_encrypt_assertion_advice_2(self): authn_class=INTERNETPROTOCOLPASSWORD, authn_auth="http://www.example.com/login", name_id=name_id, - farg=farg['assertion']) + farg=farg["assertion"], + ) - a_assertion_1.signature = sigver.pre_signature_part( - a_assertion_1.id, _sec.my_cert, 1) + a_assertion_1.signature = sigver.pre_signature_part(a_assertion_1.id, _sec.my_cert, 1) - a_assertion_2.signature = sigver.pre_signature_part( - a_assertion_2.id, _sec.my_cert, 1) + a_assertion_2.signature = sigver.pre_signature_part(a_assertion_2.id, _sec.my_cert, 1) - a_assertion_3.signature = sigver.pre_signature_part( - a_assertion_3.id, _sec.my_cert, 1) + a_assertion_3.signature = sigver.pre_signature_part(a_assertion_3.id, _sec.my_cert, 1) - a_assertion_4.signature = sigver.pre_signature_part( - a_assertion_4.id, _sec.my_cert, 1) + a_assertion_4.signature = sigver.pre_signature_part(a_assertion_4.id, _sec.my_cert, 1) - assertion_1.signature = sigver.pre_signature_part(assertion_1.id, - _sec.my_cert, 1) + assertion_1.signature = sigver.pre_signature_part(assertion_1.id, _sec.my_cert, 1) - assertion_2.signature = sigver.pre_signature_part(assertion_2.id, - _sec.my_cert, 1) + assertion_2.signature = sigver.pre_signature_part(assertion_2.id, _sec.my_cert, 1) response = response_factory( in_response_to="_012345", destination="http://lingon.catalogix.se:8087/", status=s_utils.success_status_factory(), - issuer=self.server._issuer() + issuer=self.server._issuer(), ) response.assertion = assertion_1 @@ -3077,62 +2877,52 @@ def test_sign_then_encrypt_assertion_advice_2(self): response.assertion.advice = Advice() response.assertion.advice.encrypted_assertion = [] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[0].add_extension_element( - a_assertion_1) + response.assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion_1) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_1._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_1), - key_file=self.server.sec.key_file, - node_id=a_assertion_1.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_1), key_file=self.server.sec.key_file, node_id=a_assertion_1.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) response.assertion = response.assertion[0] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[1].add_extension_element( - a_assertion_2) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) + response.assertion.advice.encrypted_assertion[1].add_extension_element(a_assertion_2) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_2._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_2), - key_file=self.server.sec.key_file, - node_id=a_assertion_2.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_2), key_file=self.server.sec.key_file, node_id=a_assertion_2.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 0]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[0]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) @@ -3140,18 +2930,15 @@ def test_sign_then_encrypt_assertion_advice_2(self): assertion_tag = response.assertion._to_element_tree().tag response = pre_encrypt_assertion(response) - response = \ - response.get_xml_string_with_self_contained_assertion_within_encrypted_assertion( - assertion_tag) + response = response.get_xml_string_with_self_contained_assertion_within_encrypted_assertion(assertion_tag) - response = _sec.sign_statement("%s" % response, class_name(assertion_1), - key_file=self.server.sec.key_file, - node_id=assertion_1.id) + response = _sec.sign_statement( + f"{response}", class_name(assertion_1), key_file=self.server.sec.key_file, node_id=assertion_1.id + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part()) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part() + ) response = samlp.response_from_string(enctext) @@ -3160,70 +2947,62 @@ def test_sign_then_encrypt_assertion_advice_2(self): response.assertion.advice = Advice() response.assertion.advice.encrypted_assertion = [] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[0].add_extension_element( - a_assertion_3) + response.assertion.advice.encrypted_assertion[0].add_extension_element(a_assertion_3) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_3._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_3), - key_file=self.server.sec.key_file, - node_id=a_assertion_3.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_3), key_file=self.server.sec.key_file, node_id=a_assertion_3.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 0]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[0]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) response.assertion = response.assertion[0] - response.assertion.advice.encrypted_assertion.append( - EncryptedAssertion()) + response.assertion.advice.encrypted_assertion.append(EncryptedAssertion()) - response.assertion.advice.encrypted_assertion[1].add_extension_element( - a_assertion_4) + response.assertion.advice.encrypted_assertion[1].add_extension_element(a_assertion_4) advice_tag = response.assertion.advice._to_element_tree().tag assertion_tag = a_assertion_4._to_element_tree().tag - response = \ - response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( - assertion_tag, advice_tag) + response = response.get_xml_string_with_self_contained_assertion_within_advice_encrypted_assertion( + assertion_tag, advice_tag + ) - response = _sec.sign_statement("%s" % response, - class_name(a_assertion_4), - key_file=self.server.sec.key_file, - node_id=a_assertion_4.id) + response = _sec.sign_statement( + f"{response}", class_name(a_assertion_4), key_file=self.server.sec.key_file, node_id=a_assertion_4.id + ) - node_xpath = ''.join(["/*[local-name()=\"%s\"]" % v for v in - ["Response", "Assertion", "Advice", - "EncryptedAssertion", "Assertion"]]) + node_xpath = "".join( + [f'/*[local-name()="{v}"]' for v in ["Response", "Assertion", "Advice", "EncryptedAssertion", "Assertion"]] + ) - enctext = _sec.crypto.encrypt_assertion(response, - self.client.sec.encryption_keypairs[ - 1]["cert_file"], - pre_encryption_part(), - node_xpath=node_xpath) + enctext = _sec.crypto.encrypt_assertion( + response, self.client.sec.encryption_keypairs[1]["cert_file"], pre_encryption_part(), node_xpath=node_xpath + ) response = samlp.response_from_string(enctext) - response = _sec.sign_statement("%s" % response, - class_name(response.assertion[0]), - key_file=self.server.sec.key_file, - node_id=response.assertion[0].id) + response = _sec.sign_statement( + f"{response}", + class_name(response.assertion[0]), + key_file=self.server.sec.key_file, + node_id=response.assertion[0].id, + ) response = samlp.response_from_string(response) @@ -3233,40 +3012,40 @@ def test_sign_then_encrypt_assertion_advice_2(self): # Now over to the client side resp = self.client.parse_authn_request_response( - resp_str, BINDING_HTTP_POST, - {"_012345": "http://foo.example.com/service"}) + resp_str, BINDING_HTTP_POST, {"_012345": "http://foo.example.com/service"} + ) # assert resp.encrypted_assertion == [] assert resp.assertion assert resp.assertion.advice assert resp.assertion.advice.assertion - assert resp.ava == \ - {'street': ['street'], 'uid': ['test01'], 'title': ['title'], - 'givenName': ['Dave'], 'email': - ['test.testsson@test.se'], 'sn': [u'Concepción']} + assert resp.ava == { + "street": ["street"], + "uid": ["test01"], + "title": ["title"], + "givenName": ["Dave"], + "email": ["test.testsson@test.se"], + "sn": ["Concepción"], + } def test_signed_redirect(self): # Revert configuration change to disallow unsinged responses self.client.want_response_signed = True - msg_str = "%s" % self.client.create_authn_request( - "http://localhost:8088/sso", message_id="id1")[1] + msg_str = f"{self.client.create_authn_request('http://localhost:8088/sso', message_id='id1')[1]}" info = self.client.apply_binding( - BINDING_HTTP_REDIRECT, msg_str, destination="", - relay_state="relay2", sign=True, sigalg=SIG_RSA_SHA256) + BINDING_HTTP_REDIRECT, msg_str, destination="", relay_state="relay2", sign=True, sigalg=SIG_RSA_SHA256 + ) loc = info["headers"][0][1] qs = parse.parse_qs(loc[1:]) - assert _leq(qs.keys(), - ['SigAlg', 'SAMLRequest', 'RelayState', 'Signature']) + assert _leq(qs.keys(), ["SigAlg", "SAMLRequest", "RelayState", "Signature"]) - assert verify_redirect_signature(list_values2simpletons(qs), - self.client.sec.sec_backend) + assert verify_redirect_signature(list_values2simpletons(qs), self.client.sec.sec_backend) - res = self.server.parse_authn_request(qs["SAMLRequest"][0], - BINDING_HTTP_REDIRECT) + res = self.server.parse_authn_request(qs["SAMLRequest"][0], BINDING_HTTP_REDIRECT) def test_do_logout_signed_redirect(self): conf = config.SPConfig() @@ -3278,19 +3057,15 @@ def test_do_logout_signed_redirect(self): "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Österberg", - "mail": "anders.osterberg@example.com" - } + "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, } client.users.add_information_about_person(session_info) entity_ids = client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] - resp = client.do_logout(nid, entity_ids, "Tired", in_a_while(minutes=5), - sign=True, - expected_binding=BINDING_HTTP_REDIRECT) + resp = client.do_logout( + nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_REDIRECT + ) assert list(resp.keys()) == entity_ids binding, info = resp[entity_ids[0]] @@ -3299,7 +3074,7 @@ def test_do_logout_signed_redirect(self): loc = info["headers"][0][1] _, _, _, _, qs, _ = parse.urlparse(loc) qs = parse.parse_qs(qs) - assert _leq(qs.keys(), ['SigAlg', 'SAMLRequest', 'RelayState', 'Signature']) + assert _leq(qs.keys(), ["SigAlg", "SAMLRequest", "RelayState", "Signature"]) qs_simple = list_values2simpletons(qs) assert verify_redirect_signature(qs_simple, client.sec.sec_backend) @@ -3307,9 +3082,9 @@ def test_do_logout_signed_redirect(self): res = self.server.parse_logout_request( qs_simple["SAMLRequest"], BINDING_HTTP_REDIRECT, - relay_state=qs_simple['RelayState'], - sigalg=qs_simple['SigAlg'], - signature=qs_simple['Signature'], + relay_state=qs_simple["RelayState"], + sigalg=qs_simple["SigAlg"], + signature=qs_simple["Signature"], ) def test_do_logout_post(self): @@ -3318,19 +3093,15 @@ def test_do_logout_post(self): "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Österberg", - "mail": "anders.osterberg@example.com" - }, - "session_index": SessionIndex("_foo") + "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, + "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] - resp = self.client.do_logout(nid, entity_ids, "Tired", - in_a_while(minutes=5), sign=True, - expected_binding=BINDING_HTTP_POST) + resp = self.client.do_logout( + nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST + ) assert resp assert len(resp) == 1 assert list(resp.keys()) == entity_ids @@ -3338,9 +3109,8 @@ def test_do_logout_post(self): assert binding == BINDING_HTTP_POST _dic = unpack_form(info["data"]) - res = self.server.parse_logout_request(_dic["SAMLRequest"], - BINDING_HTTP_POST) - assert b'_foo' in res.xmlstr + res = self.server.parse_logout_request(_dic["SAMLRequest"], BINDING_HTTP_POST) + assert b"_foo" in res.xmlstr def test_do_logout_session_expired(self): # information about the user from an IdP @@ -3348,19 +3118,15 @@ def test_do_logout_session_expired(self): "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": a_while_ago(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Österberg", - "mail": "anders.osterberg@example.com" - }, - "session_index": SessionIndex("_foo") + "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, + "session_index": SessionIndex("_foo"), } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] - resp = self.client.do_logout(nid, entity_ids, "Tired", - in_a_while(minutes=5), sign=True, - expected_binding=BINDING_HTTP_POST) + resp = self.client.do_logout( + nid, entity_ids, "Tired", in_a_while(minutes=5), sign=True, expected_binding=BINDING_HTTP_POST + ) assert resp assert len(resp) == 1 assert list(resp.keys()) == entity_ids @@ -3368,15 +3134,15 @@ def test_do_logout_session_expired(self): assert binding == BINDING_HTTP_POST _dic = unpack_form(info["data"]) - res = self.server.parse_logout_request(_dic["SAMLRequest"], - BINDING_HTTP_POST) - assert b'_foo' in res.xmlstr + res = self.server.parse_logout_request(_dic["SAMLRequest"], BINDING_HTTP_POST) + assert b"_foo" in res.xmlstr + # Below can only be done with dummy Server IDP = "urn:mace:example.com:saml:roland:idp" -class TestClientWithDummy(): +class TestClientWithDummy: def setup_class(self): self.server = FakeIDP("idp_all_conf") @@ -3390,10 +3156,10 @@ def test_do_authn(self): binding = BINDING_HTTP_REDIRECT response_binding = BINDING_HTTP_POST sid, http_args = self.client.prepare_for_authenticate( - IDP, "http://www.example.com/relay_state", - binding=binding, response_binding=response_binding) + IDP, "http://www.example.com/relay_state", binding=binding, response_binding=response_binding + ) - assert isinstance(sid, six.string_types) + assert isinstance(sid, str) assert len(http_args) == 5 assert http_args["headers"][0][0] == "Location" assert http_args["data"] == [] @@ -3401,21 +3167,19 @@ def test_do_authn(self): redirect_url = http_args["headers"][0][1] _, _, _, _, qs, _ = parse.urlparse(redirect_url) qs_dict = parse.parse_qs(qs) - req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], - binding) + req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], binding) resp_args = self.server.response_args(req.message, [response_binding]) assert resp_args["binding"] == response_binding def test_do_negotiated_authn(self): binding = BINDING_HTTP_REDIRECT response_binding = BINDING_HTTP_POST - sid, auth_binding, http_args = \ - self.client.prepare_for_negotiated_authenticate( - IDP, "http://www.example.com/relay_state", - binding=binding, response_binding=response_binding) + sid, auth_binding, http_args = self.client.prepare_for_negotiated_authenticate( + IDP, "http://www.example.com/relay_state", binding=binding, response_binding=response_binding + ) assert binding == auth_binding - assert isinstance(sid, six.string_types) + assert isinstance(sid, str) assert len(http_args) == 5 assert http_args["headers"][0][0] == "Location" assert http_args["data"] == [] @@ -3423,30 +3187,27 @@ def test_do_negotiated_authn(self): redirect_url = http_args["headers"][0][1] _, _, _, _, qs, _ = parse.urlparse(redirect_url) qs_dict = parse.parse_qs(qs) - req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], - binding) + req = self.server.parse_authn_request(qs_dict["SAMLRequest"][0], binding) resp_args = self.server.response_args(req.message, [response_binding]) assert resp_args["binding"] == response_binding def test_do_attribute_query(self): response = self.client.do_attribute_query( - IDP, "_e7b68a04488f715cda642fbdd90099f5", + IDP, + "_e7b68a04488f715cda642fbdd90099f5", attribute={"eduPersonAffiliation": None}, - nameid_format=NAMEID_FORMAT_TRANSIENT) + nameid_format=NAMEID_FORMAT_TRANSIENT, + ) def test_logout_1(self): - """ one IdP/AA logout from""" + """one IdP/AA logout from""" # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Österberg", - "mail": "anders.osterberg@example.com" - } + "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) @@ -3464,8 +3225,11 @@ def test_post_sso(self): binding = BINDING_HTTP_POST response_binding = BINDING_HTTP_POST sid, http_args = self.client.prepare_for_authenticate( - "urn:mace:example.com:saml:roland:idp", relay_state="really", - binding=binding, response_binding=response_binding) + "urn:mace:example.com:saml:roland:idp", + relay_state="really", + binding=binding, + response_binding=response_binding, + ) _dic = unpack_form(http_args["data"]) req = self.server.parse_authn_request(_dic["SAMLRequest"], binding) @@ -3479,27 +3243,26 @@ def test_post_sso(self): http_args["data"] = parse.urlencode(_dic) http_args["method"] = "POST" http_args["dummy"] = _dic["SAMLRequest"] - http_args["headers"] = [('Content-type', - 'application/x-www-form-urlencoded')] + http_args["headers"] = [("Content-type", "application/x-www-form-urlencoded")] response = self.client.send(**http_args) _dic = unpack_form(response.text, "SAMLResponse") # Explicitly allow unsigned responses for this test self.client.want_response_signed = False - resp = self.client.parse_authn_request_response(_dic["SAMLResponse"], - BINDING_HTTP_POST, - {sid: "/"}) + resp = self.client.parse_authn_request_response(_dic["SAMLResponse"], BINDING_HTTP_POST, {sid: "/"}) ac = resp.assertion.authn_statement[0].authn_context - assert ac.authenticating_authority[0].text == \ - 'http://www.example.com/login' + assert ac.authenticating_authority[0].text == "http://www.example.com/login" assert ac.authn_context_class_ref.text == INTERNETPROTOCOLPASSWORD def test_negotiated_post_sso(self): binding = BINDING_HTTP_POST response_binding = BINDING_HTTP_POST sid, auth_binding, http_args = self.client.prepare_for_negotiated_authenticate( - "urn:mace:example.com:saml:roland:idp", relay_state="really", - binding=binding, response_binding=response_binding) + "urn:mace:example.com:saml:roland:idp", + relay_state="really", + binding=binding, + response_binding=response_binding, + ) _dic = unpack_form(http_args["data"]) assert binding == auth_binding @@ -3515,21 +3278,17 @@ def test_negotiated_post_sso(self): http_args["data"] = parse.urlencode(_dic) http_args["method"] = "POST" http_args["dummy"] = _dic["SAMLRequest"] - http_args["headers"] = [('Content-type', - 'application/x-www-form-urlencoded')] + http_args["headers"] = [("Content-type", "application/x-www-form-urlencoded")] response = self.client.send(**http_args) _dic = unpack_form(response.text, "SAMLResponse") - resp = self.client.parse_authn_request_response(_dic["SAMLResponse"], - BINDING_HTTP_POST, - {sid: "/"}) + resp = self.client.parse_authn_request_response(_dic["SAMLResponse"], BINDING_HTTP_POST, {sid: "/"}) ac = resp.assertion.authn_statement[0].authn_context - assert ac.authenticating_authority[0].text == \ - 'http://www.example.com/login' + assert ac.authenticating_authority[0].text == "http://www.example.com/login" assert ac.authn_context_class_ref.text == INTERNETPROTOCOLPASSWORD -class TestClientNoConfigContext(): +class TestClientNoConfigContext: def setup_class(self): self.server = FakeIDP("idp_all_conf") @@ -3540,18 +3299,14 @@ def setup_class(self): self.client.send = self.server.receive def test_logout_1(self): - """ one IdP/AA logout from""" + """one IdP/AA logout from""" # information about the user from an IdP session_info = { "name_id": nid, "issuer": "urn:mace:example.com:saml:roland:idp", "not_on_or_after": in_a_while(minutes=15), - "ava": { - "givenName": "Anders", - "sn": "Österberg", - "mail": "anders.osterberg@example.com" - } + "ava": {"givenName": "Anders", "sn": "Österberg", "mail": "anders.osterberg@example.com"}, } self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info(nid) diff --git a/tests/test_52_default_sign_alg.py b/tests/test_52_default_sign_alg.py index fee4ee21f..66fc572d7 100644 --- a/tests/test_52_default_sign_alg.py +++ b/tests/test_52_default_sign_alg.py @@ -1,23 +1,19 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- import os -from saml2.authn_context import INTERNETPROTOCOLPASSWORD -from saml2.saml import NameID, NAMEID_FORMAT_TRANSIENT -from saml2.samlp import response_from_string -from saml2.server import Server from saml2 import client from saml2 import config -from mock.mock import Mock, MagicMock +from saml2.authn_context import INTERNETPROTOCOLPASSWORD +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import NameID +from saml2.samlp import response_from_string +from saml2.server import Server import saml2.xmldsig as ds -nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, - text="123456") -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} +nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="123456") + +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def _eq(l1, l2): @@ -41,16 +37,14 @@ def get_ava(assertion): return ava -class TestSignedResponse(): +class TestSignedResponse: def setup_class(self): self.server = Server("idp_conf") conf = config.SPConfig() conf.load_file("server_conf") self.client = client.Saml2Client(conf) - self.name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") - self.ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": "The man"} + self.name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") + self.ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} def teardown_class(self): self.server.close() @@ -61,16 +55,17 @@ def verify_assertion(self, assertion): ava = ava = get_ava(assertion[0]) - assert ava ==\ - {'mail': ['derek@nyy.mlb.com'], 'givenName': ['Derek'], - 'surName': ['Jeter'], 'title': ['The man']} + assert ava == { + "mail": ["derek@nyy.mlb.com"], + "givenName": ["Derek"], + "surName": ["Jeter"], + "title": ["The man"], + } def test_signed_response(self): print(ds.DefaultSignature().get_digest_alg()) - name_id = self.server.ident.transient_nameid( - "urn:mace:example.com:saml:roland:sp", "id12") - ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": "The man"} + name_id = self.server.ident.transient_nameid("urn:mace:example.com:saml:roland:sp", "id12") + ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": "The man"} signed_resp = self.server.create_authn_response( ava, @@ -78,7 +73,7 @@ def test_signed_response(self): "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id name_id=name_id, - sign_assertion=True + sign_assertion=True, ) print(signed_resp) @@ -102,17 +97,21 @@ def test_signed_response_1(self): sresponse = response_from_string(signed_resp) assert ds.SIG_RSA_SHA1 in str(sresponse), "Not correctly signed!" assert ds.DIGEST_SHA1 in str(sresponse), "Not correctly signed!" - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid assert ds.SIG_RSA_SHA1 in str(sresponse.assertion[0]), "Not correctly signed!" assert ds.DIGEST_SHA1 in str(sresponse.assertion[0]), "Not correctly signed!" - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=sresponse.assertion[0].id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=sresponse.assertion[0].id, + ) assert valid self.verify_assertion(sresponse.assertion) @@ -127,23 +126,27 @@ def test_signed_response_2(self): sign_response=True, sign_assertion=True, sign_alg=ds.SIG_RSA_SHA256, - digest_alg=ds.DIGEST_SHA256 + digest_alg=ds.DIGEST_SHA256, ) sresponse = response_from_string(signed_resp) assert ds.SIG_RSA_SHA256 in str(sresponse), "Not correctly signed!" assert ds.DIGEST_SHA256 in str(sresponse), "Not correctly signed!" - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response', - node_id=sresponse.id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:protocol:Response", + node_id=sresponse.id, + ) assert valid assert ds.SIG_RSA_SHA256 in str(sresponse.assertion[0]), "Not correctly signed!" assert ds.DIGEST_SHA256 in str(sresponse.assertion[0]), "Not correctly signed!" - valid = self.server.sec.verify_signature(signed_resp, - self.server.config.cert_file, - node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion', - node_id=sresponse.assertion[0].id) + valid = self.server.sec.verify_signature( + signed_resp, + self.server.config.cert_file, + node_name="urn:oasis:names:tc:SAML:2.0:assertion:Assertion", + node_id=sresponse.assertion[0].id, + ) assert valid self.verify_assertion(sresponse.assertion) diff --git a/tests/test_60_sp.py b/tests/test_60_sp.py index b1eaa7c68..9c8799646 100644 --- a/tests/test_60_sp.py +++ b/tests/test_60_sp.py @@ -1,57 +1,52 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- from base64 import encodebytes as b64encode import pytest + from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.saml import NAMEID_FORMAT_TRANSIENT from saml2.samlp import NameIDPolicy from saml2.server import Server + try: from saml2.s2repoze.plugins.sp import make_plugin except ImportError: make_plugin = None -ENV1 = {'SERVER_SOFTWARE': 'CherryPy/3.1.2 WSGI Server', - 'SCRIPT_NAME': '', - 'ACTUAL_SERVER_PROTOCOL': 'HTTP/1.1', - 'REQUEST_METHOD': 'GET', - 'PATH_INFO': '/krissms', - 'SERVER_PROTOCOL': 'HTTP/1.1', - 'QUERY_STRING': '', - 'REMOTE_ADDR': '127.0.0.1', - 'HTTP_USER_AGENT': - 'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) ', - 'HTTP_CONNECTION': 'keep-alive', - 'SERVER_NAME': 'lingon-catalogix-se-2.local', - 'REMOTE_PORT': '57309', - 'wsgi.url_scheme': 'http', - 'SERVER_PORT': '8087', - 'HTTP_HOST': '127.0.0.1:8087', - 'wsgi.multithread': True, - 'HTTP_ACCEPT': - 'application/xml,application/xhtml+xml,text/html;q=0.9,' - 'text/plain;q=0.8,image/png,*/*;q=0.5', - 'wsgi.version': (1, 0), - 'wsgi.run_once': False, - 'wsgi.multiprocess': False, - 'HTTP_ACCEPT_LANGUAGE': 'en-us', - 'HTTP_ACCEPT_ENCODING': 'gzip, deflate'} - -trans_name_policy = NameIDPolicy(format=NAMEID_FORMAT_TRANSIENT, - allow_create="true") - -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" +ENV1 = { + "SERVER_SOFTWARE": "CherryPy/3.1.2 WSGI Server", + "SCRIPT_NAME": "", + "ACTUAL_SERVER_PROTOCOL": "HTTP/1.1", + "REQUEST_METHOD": "GET", + "PATH_INFO": "/krissms", + "SERVER_PROTOCOL": "HTTP/1.1", + "QUERY_STRING": "", + "REMOTE_ADDR": "127.0.0.1", + "HTTP_USER_AGENT": "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) ", + "HTTP_CONNECTION": "keep-alive", + "SERVER_NAME": "lingon-catalogix-se-2.local", + "REMOTE_PORT": "57309", + "wsgi.url_scheme": "http", + "SERVER_PORT": "8087", + "HTTP_HOST": "127.0.0.1:8087", + "wsgi.multithread": True, + "HTTP_ACCEPT": "application/xml,application/xhtml+xml,text/html;q=0.9," "text/plain;q=0.8,image/png,*/*;q=0.5", + "wsgi.version": (1, 0), + "wsgi.run_once": False, + "wsgi.multiprocess": False, + "HTTP_ACCEPT_LANGUAGE": "en-us", + "HTTP_ACCEPT_ENCODING": "gzip, deflate", } +trans_name_policy = NameIDPolicy(format=NAMEID_FORMAT_TRANSIENT, allow_create="true") + +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} -@pytest.mark.skipif(not make_plugin, - reason="s2repoze dependencies not installed") -class TestSP(): + +@pytest.mark.skipif(not make_plugin, reason="s2repoze dependencies not installed") +class TestSP: def setup_class(self): self.sp = make_plugin("rem", saml_conf="server_conf") # Explicitly allow unsigned responses for this test @@ -66,25 +61,30 @@ def test_setup(self): def test_identify(self): # Create a SAMLResponse - ava = {"givenName": ["Derek"], "surName": ["Jeter"], - "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} + ava = {"givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"], "title": ["The man"]} resp_str = "%s" % self.server.create_authn_response( - ava, "id1", "http://lingon.catalogix.se:8087/", - "urn:mace:example.com:saml:roland:sp", trans_name_policy, - "foba0001@example.com", authn=AUTHN) - - resp_str = b64encode(resp_str.encode('utf-8')) + ava, + "id1", + "http://lingon.catalogix.se:8087/", + "urn:mace:example.com:saml:roland:sp", + trans_name_policy, + "foba0001@example.com", + authn=AUTHN, + ) + + resp_str = b64encode(resp_str.encode("utf-8")) self.sp.outstanding_queries = {"id1": "http://www.example.com/service"} - session_info = self.sp._eval_authn_response( - {}, {"SAMLResponse": [resp_str]}) + session_info = self.sp._eval_authn_response({}, {"SAMLResponse": [resp_str]}) assert len(session_info) > 1 - assert session_info["came_from"] == 'http://www.example.com/service' - assert session_info["ava"] == {'givenName': ['Derek'], - 'mail': ['derek@nyy.mlb.com'], - 'sn': ['Jeter'], - 'title': ['The man']} + assert session_info["came_from"] == "http://www.example.com/service" + assert session_info["ava"] == { + "givenName": ["Derek"], + "mail": ["derek@nyy.mlb.com"], + "sn": ["Jeter"], + "title": ["The man"], + } if __name__ == "__main__": diff --git a/tests/test_62_vo.py b/tests/test_62_vo.py index 3acedaa93..d04ad79ba 100644 --- a/tests/test_62_vo.py +++ b/tests/test_62_vo.py @@ -1,19 +1,19 @@ -from saml2.saml import NameID from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import NameID -__author__ = 'rolandh' + +__author__ = "rolandh" from saml2 import config from saml2.client import Saml2Client -from saml2.time_util import str_to_time, in_a_while +from saml2.time_util import in_a_while +from saml2.time_util import str_to_time + -SESSION_INFO_PATTERN = {"ava": {}, "came from": "", "not_on_or_after": 0, - "issuer": "", "session_id": -1} +SESSION_INFO_PATTERN = {"ava": {}, "came from": "", "not_on_or_after": 0, "issuer": "", "session_id": -1} -nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, - text="abcdefgh") -nid0 = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, - text="01234567") +nid = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="abcdefgh") +nid0 = NameID(name_qualifier="foo", format=NAMEID_FORMAT_TRANSIENT, text="01234567") def add_derek_info(sp): @@ -27,7 +27,7 @@ def add_derek_info(sp): sp.users.add_information_about_person(session_info) -class TestVirtualOrg(): +class TestVirtualOrg: def setup_class(self): conf = config.SPConfig() conf.load_file("server_conf") @@ -41,7 +41,7 @@ def test_mta(self): aas = self.vo.members_to_ask(nid) print(aas) assert len(aas) == 1 - assert 'urn:mace:example.com:saml:aa' in aas + assert "urn:mace:example.com:saml:aa" in aas def test_unknown_subject(self): aas = self.vo.members_to_ask(nid0) @@ -58,7 +58,7 @@ def test_id_unknown(self): assert cid is None -class TestVirtualOrg_2(): +class TestVirtualOrg_2: def setup_class(self): conf = config.SPConfig() conf.load_file("server_conf") @@ -70,7 +70,7 @@ def test_mta(self): aas = self.sp.vorg.members_to_ask(nid) print(aas) assert len(aas) == 1 - assert 'urn:mace:example.com:saml:aa' in aas + assert "urn:mace:example.com:saml:aa" in aas def test_unknown_subject(self): aas = self.sp.vorg.members_to_ask(nid0) diff --git a/tests/test_63_ecp.py b/tests/test_63_ecp.py index 0db36003e..94232a6c8 100644 --- a/tests/test_63_ecp.py +++ b/tests/test_63_ecp.py @@ -1,29 +1,29 @@ from contextlib import closing + +from pathutils import dotname +from pathutils import full_path + +from saml2 import BINDING_PAOS +from saml2 import BINDING_SOAP +from saml2 import create_class_from_xml_string +from saml2 import ecp_client from saml2.authn_context import INTERNETPROTOCOLPASSWORD +from saml2.client import Saml2Client from saml2.httpbase import set_list2dict +from saml2.profile import ecp as ecp_prof from saml2.profile.ecp import RelayState from saml2.profile.paos import Request -from saml2.server import Server -from saml2.samlp import Response from saml2.samlp import STATUS_SUCCESS from saml2.samlp import AuthnRequest -from saml2 import ecp_client -from saml2 import BINDING_SOAP -from saml2 import BINDING_PAOS -from saml2 import create_class_from_xml_string +from saml2.samlp import Response +from saml2.server import Server -from saml2.profile import ecp as ecp_prof -from saml2.client import Saml2Client -from pathutils import dotname, full_path +__author__ = "rolandh" -__author__ = 'rolandh' +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} def _eq(l1, l2): if len(l1) == len(l2): @@ -32,20 +32,19 @@ def _eq(l1, l2): return len(l1) == len(l2) -class DummyResponse(object): +class DummyResponse: def __init__(self, headers): self.headers = headers def test_complete_flow(): - client = ecp_client.Client("user", "password", - metadata_file=full_path("idp_all.xml")) + client = ecp_client.Client("user", "password", metadata_file=full_path("idp_all.xml")) sp = Saml2Client(config_file=dotname("servera_conf")) with closing(Server(config_file=dotname("idp_all_conf"))) as idp: IDP_ENTITY_ID = idp.config.entityid - #SP_ENTITY_ID = sp.config.entityid + # SP_ENTITY_ID = sp.config.entityid # ------------ @Client ----------------------------- @@ -86,20 +85,24 @@ def test_complete_flow(): # create Response and return in the SOAP response sp_entity_id = req.sender() - name_id = idp.ident.transient_nameid( "id12", sp.config.entityid) - binding, destination = idp.pick_binding("assertion_consumer_service", - [BINDING_PAOS], - entity_id=sp_entity_id) + name_id = idp.ident.transient_nameid("id12", sp.config.entityid) + binding, destination = idp.pick_binding("assertion_consumer_service", [BINDING_PAOS], entity_id=sp_entity_id) resp = idp.create_ecp_authn_request_response( - destination, {"eduPersonEntitlement": "Short stop", - "surName": "Jeter", - "givenName": "Derek", - "mail": "derek.jeter@nyy.mlb.com", - "title": "The man" - }, - req.message.id, destination, sp_entity_id, - name_id=name_id, authn=AUTHN) + destination, + { + "eduPersonEntitlement": "Short stop", + "surName": "Jeter", + "givenName": "Derek", + "mail": "derek.jeter@nyy.mlb.com", + "title": "The man", + }, + req.message.id, + destination, + sp_entity_id, + name_id=name_id, + authn=AUTHN, + ) # ------------ @Client ----------------------------- # The client got the response from the IDP repackage and send it to the SP @@ -115,12 +118,11 @@ def test_complete_flow(): if item.c_tag == "Response" and item.c_namespace == ecp_prof.NAMESPACE: _ecp_response = item - #_acs_url = _ecp_response.assertion_consumer_service_url + # _acs_url = _ecp_response.assertion_consumer_service_url # done phase2 at the client - ht_args = client.use_soap(idp_response, cargs["rc_url"], - [cargs["relay_state"]]) + ht_args = client.use_soap(idp_response, cargs["rc_url"], [cargs["relay_state"]]) print(ht_args) diff --git a/tests/test_64_artifact.py b/tests/test_64_artifact.py index 8b3bb262a..25a191842 100644 --- a/tests/test_64_artifact.py +++ b/tests/test_64_artifact.py @@ -1,28 +1,26 @@ import base64 from contextlib import closing from hashlib import sha1 -from six.moves.urllib.parse import urlparse -from six.moves.urllib.parse import parse_qs +from urllib.parse import parse_qs +from urllib.parse import urlparse + from saml2 import BINDING_HTTP_ARTIFACT -from saml2 import BINDING_SOAP from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_SOAP from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.client import Saml2Client - -from saml2.entity import create_artifact from saml2.entity import ARTIFACT_TYPECODE +from saml2.entity import create_artifact from saml2.s_utils import sid from saml2.server import Server -__author__ = 'rolandh' -TAG1 = "name=\"SAMLRequest\" value=" +__author__ = "rolandh" +TAG1 = 'name="SAMLRequest" value=' -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} + +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def get_msg(hinfo, binding, response=False): @@ -45,7 +43,7 @@ def get_msg(hinfo, binding, response=False): else: parts = urlparse(hinfo["url"]) msg = parse_qs(parts.query)["SAMLart"][0] - else: # BINDING_HTTP_REDIRECT + else: # BINDING_HTTP_REDIRECT parts = urlparse(hinfo["headers"][0][1]) msg = parse_qs(parts.query)["SAMLRequest"][0] @@ -53,10 +51,9 @@ def get_msg(hinfo, binding, response=False): def test_create_artifact(): - b64art = create_artifact("http://sp.example.com/saml.xml", - b"aabbccddeeffgghhiijj") + b64art = create_artifact("http://sp.example.com/saml.xml", b"aabbccddeeffgghhiijj") - art = base64.b64decode(b64art.encode('ascii')) + art = base64.b64decode(b64art.encode("ascii")) assert art[:2] == ARTIFACT_TYPECODE assert int(art[2:4]) == 0 @@ -64,17 +61,18 @@ def test_create_artifact(): s = sha1(b"http://sp.example.com/saml.xml") assert art[4:24] == s.digest() -SP = 'urn:mace:example.com:saml:roland:sp' + +SP = "urn:mace:example.com:saml:roland:sp" def test_create_artifact_resolve(): b64art = create_artifact(SP, "aabbccddeeffgghhiijj", 1) artifact = base64.b64decode(b64art) - #assert artifact[:2] == '\x00\x04' - #assert int(artifact[2:4]) == 0 + # assert artifact[:2] == '\x00\x04' + # assert int(artifact[2:4]) == 0 # - s = sha1(SP.encode('ascii')) + s = sha1(SP.encode("ascii")) assert artifact[4:24] == s.digest() with closing(Server(config_file="idp_all_conf")) as idp: @@ -99,22 +97,21 @@ def test_create_artifact_resolve(): def test_artifact_flow(): - #SP = 'urn:mace:example.com:saml:roland:sp' + # SP = 'urn:mace:example.com:saml:roland:sp' sp = Saml2Client(config_file="servera_conf") with closing(Server(config_file="idp_all_conf")) as idp: # original request - binding, destination = sp.pick_binding("single_sign_on_service", - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding("single_sign_on_service", entity_id=idp.config.entityid) relay_state = "RS0" req_id, req = sp.create_authn_request(destination, id="id1") artifact = sp.use_artifact(req, 1) - binding, destination = sp.pick_binding("single_sign_on_service", - [BINDING_HTTP_ARTIFACT], - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding( + "single_sign_on_service", [BINDING_HTTP_ARTIFACT], entity_id=idp.config.entityid + ) hinfo = sp.apply_binding(binding, artifact, destination, relay_state) @@ -169,13 +166,18 @@ def test_artifact_flow(): resp_args = idp.response_args(spreq, [BINDING_HTTP_POST]) - response = idp.create_authn_response({"eduPersonEntitlement": "Short stop", - "surName": "Jeter", "givenName": "Derek", - "mail": "derek.jeter@nyy.mlb.com", - "title": "The man"}, - name_id=name_id, - authn=AUTHN, - **resp_args) + response = idp.create_authn_response( + { + "eduPersonEntitlement": "Short stop", + "surName": "Jeter", + "givenName": "Derek", + "mail": "derek.jeter@nyy.mlb.com", + "title": "The man", + }, + name_id=name_id, + authn=AUTHN, + **resp_args, + ) print(response) @@ -183,12 +185,11 @@ def test_artifact_flow(): artifact = idp.use_artifact(response, 1) - binding, destination = sp.pick_binding("single_sign_on_service", - [BINDING_HTTP_ARTIFACT], - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding( + "single_sign_on_service", [BINDING_HTTP_ARTIFACT], entity_id=idp.config.entityid + ) - hinfo = sp.apply_binding(binding, "%s" % artifact, destination, relay_state, - response=True) + hinfo = sp.apply_binding(binding, f"{artifact}", destination, relay_state, response=True) # ========== SP ========= @@ -216,10 +217,9 @@ def test_artifact_flow(): assert ar.artifact.text == artifact3 # The IDP retrieves the response from the database using the artifact as the key - #oreq = idp.artifact[ar.artifact.text] + # oreq = idp.artifact[ar.artifact.text] - binding, destination = idp.pick_binding("artifact_resolution_service", - entity_id=sp.config.entityid) + binding, destination = idp.pick_binding("artifact_resolution_service", entity_id=sp.config.entityid) resp = idp.create_artifact_response(ar, ar.artifact.text) hinfo = idp.use_soap(resp, destination) diff --git a/tests/test_65_authn_query.py b/tests/test_65_authn_query.py index e11da2aa9..23faf47dd 100644 --- a/tests/test_65_authn_query.py +++ b/tests/test_65_authn_query.py @@ -1,27 +1,27 @@ from contextlib import closing -from six.moves.urllib.parse import urlparse, parse_qs -from saml2 import BINDING_SOAP, BINDING_HTTP_POST +from urllib.parse import parse_qs +from urllib.parse import urlparse -__author__ = 'rolandh' +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_SOAP + + +__author__ = "rolandh" from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.authn_context import requested_authn_context -from saml2.samlp import AuthnRequest -from saml2.samlp import NameIDPolicy -from saml2.samlp import AuthnQuery from saml2.client import Saml2Client -from saml2.saml import Subject -from saml2.saml import NameID from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import NameID +from saml2.saml import Subject +from saml2.samlp import AuthnQuery from saml2.server import Server -TAG1 = "name=\"SAMLRequest\" value=" + +TAG1 = 'name="SAMLRequest" value=' -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def get_msg(hinfo, binding): @@ -39,6 +39,7 @@ def get_msg(hinfo, binding): return xmlstr + # ------------------------------------------------------------------------ @@ -50,8 +51,7 @@ def test_basic(): destination = srvs[0]["location"] authn_context = requested_authn_context(INTERNETPROTOCOLPASSWORD) - subject = Subject(text="abc", - name_id=NameID(format=NAMEID_FORMAT_TRANSIENT)) + subject = Subject(text="abc", name_id=NameID(format=NAMEID_FORMAT_TRANSIENT)) _id, aq = sp.create_authn_query(subject, destination, authn_context) @@ -69,31 +69,32 @@ def test_flow(): # == Create an AuthnRequest response name_id = idp.ident.transient_nameid(sp.config.entityid, "id12") - binding, destination = idp.pick_binding("assertion_consumer_service", - entity_id=sp.config.entityid) - resp = idp.create_authn_response({"eduPersonEntitlement": "Short stop", - "surName": "Jeter", - "givenName": "Derek", - "mail": "derek.jeter@nyy.mlb.com", - "title": "The man"}, - "id-123456789", - destination, - sp.config.entityid, - name_id=name_id, - authn=AUTHN) - - hinfo = idp.apply_binding(binding, "%s" % resp, destination, relay_state) + binding, destination = idp.pick_binding("assertion_consumer_service", entity_id=sp.config.entityid) + resp = idp.create_authn_response( + { + "eduPersonEntitlement": "Short stop", + "surName": "Jeter", + "givenName": "Derek", + "mail": "derek.jeter@nyy.mlb.com", + "title": "The man", + }, + "id-123456789", + destination, + sp.config.entityid, + name_id=name_id, + authn=AUTHN, + ) + + hinfo = idp.apply_binding(binding, f"{resp}", destination, relay_state) # ------- @SP ---------- xmlstr = get_msg(hinfo, binding) # Explicitly allow unsigned responses for this test sp.want_response_signed = False - aresp = sp.parse_authn_request_response(xmlstr, binding, - {resp.in_response_to: "/"}) + aresp = sp.parse_authn_request_response(xmlstr, binding, {resp.in_response_to: "/"}) - binding, destination = sp.pick_binding("authn_query_service", - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding("authn_query_service", entity_id=idp.config.entityid) authn_context = requested_authn_context(INTERNETPROTOCOLPASSWORD) @@ -106,7 +107,7 @@ def test_flow(): assert isinstance(aq, AuthnQuery) binding = BINDING_SOAP - hinfo = sp.apply_binding(binding, "%s" % aq, destination, "state2") + hinfo = sp.apply_binding(binding, f"{aq}", destination, "state2") # -------- @IDP ---------- @@ -117,13 +118,11 @@ def test_flow(): msg = pm.message assert msg.id == aq.id - p_res = idp.create_authn_query_response(msg.subject, msg.session_index, - msg.requested_authn_context) + p_res = idp.create_authn_query_response(msg.subject, msg.session_index, msg.requested_authn_context) print(p_res) - hinfo = idp.apply_binding(binding, "%s" % p_res, "", "state2", - response=True) + hinfo = idp.apply_binding(binding, f"{p_res}", "", "state2", response=True) # ------- @SP ---------- @@ -135,5 +134,6 @@ def test_flow(): assert final.response.id == p_res.id + if __name__ == "__main__": test_flow() diff --git a/tests/test_66_name_id_mapping.py b/tests/test_66_name_id_mapping.py index bc781730d..933e3956c 100644 --- a/tests/test_66_name_id_mapping.py +++ b/tests/test_66_name_id_mapping.py @@ -1,24 +1,25 @@ -__author__ = 'rolandh' +__author__ = "rolandh" from contextlib import closing + from saml2.client import Saml2Client -from saml2.saml import NameID, NAMEID_FORMAT_PERSISTENT +from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAMEID_FORMAT_TRANSIENT -from saml2.server import Server -from saml2.samlp import NameIDPolicy +from saml2.saml import NameID from saml2.samlp import NameIDMappingRequest +from saml2.samlp import NameIDPolicy +from saml2.server import Server def test_base_request(): sp = Saml2Client(config_file="servera_conf") with closing(Server(config_file="idp_all_conf")) as idp: - binding, destination = sp.pick_binding("name_id_mapping_service", - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding("name_id_mapping_service", entity_id=idp.config.entityid) - policy = NameIDPolicy(format=NAMEID_FORMAT_TRANSIENT, - sp_name_qualifier="urn:mace:swamid:junk", - allow_create="true") + policy = NameIDPolicy( + format=NAMEID_FORMAT_TRANSIENT, sp_name_qualifier="urn:mace:swamid:junk", allow_create="true" + ) nameid = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") @@ -33,12 +34,11 @@ def test_request_response(): sp = Saml2Client(config_file="servera_conf") with closing(Server(config_file="idp_all_conf")) as idp: - binding, destination = sp.pick_binding("name_id_mapping_service", - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding("name_id_mapping_service", entity_id=idp.config.entityid) - policy = NameIDPolicy(format=NAMEID_FORMAT_TRANSIENT, - sp_name_qualifier="urn:mace:swamid:junk", - allow_create="true") + policy = NameIDPolicy( + format=NAMEID_FORMAT_TRANSIENT, sp_name_qualifier="urn:mace:swamid:junk", allow_create="true" + ) nameid = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") @@ -55,8 +55,7 @@ def test_request_response(): in_response_to = req.message.id name_id = NameID(format=NAMEID_FORMAT_PERSISTENT, text="foobar") - idp_response = idp.create_name_id_mapping_response( - name_id, in_response_to=in_response_to) + idp_response = idp.create_name_id_mapping_response(name_id, in_response_to=in_response_to) print(idp_response) diff --git a/tests/test_67_manage_name_id.py b/tests/test_67_manage_name_id.py index 3645d0fcc..c41d8c0b2 100644 --- a/tests/test_67_manage_name_id.py +++ b/tests/test_67_manage_name_id.py @@ -1,28 +1,29 @@ from contextlib import closing + from saml2 import BINDING_SOAP -from saml2.samlp import NewID -from saml2.saml import NameID, NAMEID_FORMAT_TRANSIENT from saml2.client import Saml2Client +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import NameID +from saml2.samlp import NewID from saml2.server import Server -__author__ = 'rolandh' + +__author__ = "rolandh" def test_basic(): sp = Saml2Client(config_file="servera_conf") with closing(Server(config_file="idp_all_conf")) as idp: # -------- @SP ------------ - binding, destination = sp.pick_binding("manage_name_id_service", - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding("manage_name_id_service", entity_id=idp.config.entityid) nameid = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") newid = NewID(text="Barfoo") - mid, mreq = sp.create_manage_name_id_request(destination, name_id=nameid, - new_id=newid) + mid, mreq = sp.create_manage_name_id_request(destination, name_id=nameid, new_id=newid) print(mreq) - rargs = sp.apply_binding(binding, "%s" % mreq, destination, "") + rargs = sp.apply_binding(binding, f"{mreq}", destination, "") # --------- @IDP -------------- @@ -36,17 +37,15 @@ def test_basic(): def test_flow(): sp = Saml2Client(config_file="servera_conf") with closing(Server(config_file="idp_all_conf")) as idp: - binding, destination = sp.pick_binding("manage_name_id_service", - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding("manage_name_id_service", entity_id=idp.config.entityid) nameid = NameID(format=NAMEID_FORMAT_TRANSIENT, text="foobar") newid = NewID(text="Barfoo") - mid, midq = sp.create_manage_name_id_request(destination, name_id=nameid, - new_id=newid) + mid, midq = sp.create_manage_name_id_request(destination, name_id=nameid, new_id=newid) print(midq) - rargs = sp.apply_binding(binding, "%s" % midq, destination, "") + rargs = sp.apply_binding(binding, f"{midq}", destination, "") # --------- @IDP -------------- @@ -57,19 +56,17 @@ def test_flow(): mnir = idp.create_manage_name_id_response(_req.message, [binding]) if binding != BINDING_SOAP: - binding, destination = idp.pick_binding("manage_name_id_service", - entity_id=sp.config.entityid) + binding, destination = idp.pick_binding("manage_name_id_service", entity_id=sp.config.entityid) else: destination = "" - respargs = idp.apply_binding(binding, "%s" % mnir, destination, "") + respargs = idp.apply_binding(binding, f"{mnir}", destination, "") print(respargs) # ---------- @SP --------------- - _response = sp.parse_manage_name_id_request_response(respargs["data"], - binding) + _response = sp.parse_manage_name_id_request_response(respargs["data"], binding) print(_response.response) diff --git a/tests/test_68_assertion_id.py b/tests/test_68_assertion_id.py index 31b7e8e00..34792efc4 100644 --- a/tests/test_68_assertion_id.py +++ b/tests/test_68_assertion_id.py @@ -1,26 +1,25 @@ from contextlib import closing -from six.moves.urllib.parse import parse_qs -from six.moves.urllib.parse import urlparse -from saml2.authn_context import INTERNETPROTOCOLPASSWORD -from saml2.samlp import AuthnRequest -from saml2.samlp import NameIDPolicy -from saml2.saml import Assertion -from saml2.saml import NAMEID_FORMAT_TRANSIENT +from urllib.parse import parse_qs +from urllib.parse import urlparse + from saml2 import BINDING_HTTP_POST -from saml2 import BINDING_URI from saml2 import BINDING_SOAP +from saml2 import BINDING_URI +from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.client import Saml2Client +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import Assertion +from saml2.samlp import AuthnRequest +from saml2.samlp import NameIDPolicy from saml2.server import Server -__author__ = 'rolandh' -TAG1 = "name=\"SAMLRequest\" value=" +__author__ = "rolandh" + +TAG1 = 'name="SAMLRequest" value=' -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def get_msg(hinfo, binding, response=False): @@ -53,42 +52,43 @@ def test_basic_flow(): relay_state = "FOO" # -- dummy request --- orig_req = AuthnRequest( - issuer=sp._issuer(), name_id_policy=NameIDPolicy( - allow_create="true", format=NAMEID_FORMAT_TRANSIENT)) + issuer=sp._issuer(), name_id_policy=NameIDPolicy(allow_create="true", format=NAMEID_FORMAT_TRANSIENT) + ) # == Create an AuthnRequest response name_id = idp.ident.transient_nameid("id12", sp.config.entityid) - binding, destination = idp.pick_binding("assertion_consumer_service", - entity_id=sp.config.entityid) - resp = idp.create_authn_response({"eduPersonEntitlement": "Short stop", - "surName": "Jeter", - "givenName": "Derek", - "mail": "derek.jeter@nyy.mlb.com", - "title": "The man"}, - "id-123456789", - destination, - sp.config.entityid, - name_id=name_id, - authn=AUTHN) - - hinfo = idp.apply_binding(binding, "%s" % resp, destination, relay_state) + binding, destination = idp.pick_binding("assertion_consumer_service", entity_id=sp.config.entityid) + resp = idp.create_authn_response( + { + "eduPersonEntitlement": "Short stop", + "surName": "Jeter", + "givenName": "Derek", + "mail": "derek.jeter@nyy.mlb.com", + "title": "The man", + }, + "id-123456789", + destination, + sp.config.entityid, + name_id=name_id, + authn=AUTHN, + ) + + hinfo = idp.apply_binding(binding, f"{resp}", destination, relay_state) # --------- @SP ------------- xmlstr = get_msg(hinfo, binding) # Explicitly allow unsigned responses for this test sp.want_response_signed = False - aresp = sp.parse_authn_request_response(xmlstr, binding, - {resp.in_response_to: "/"}) + aresp = sp.parse_authn_request_response(xmlstr, binding, {resp.in_response_to: "/"}) # == Look for assertion X asid = aresp.assertion.id - binding, destination = sp.pick_binding("assertion_id_request_service", - entity_id=idp.config.entityid) + binding, destination = sp.pick_binding("assertion_id_request_service", entity_id=idp.config.entityid) hinfo = sp.apply_binding(binding, asid, destination) @@ -100,7 +100,7 @@ def test_basic_flow(): resp = idp.create_assertion_id_request_response(aid) - hinfo = idp.apply_binding(binding, "%s" % resp, None, "", response=True) + hinfo = idp.apply_binding(binding, f"{resp}", None, "", response=True) # ----------- @SP ------------- diff --git a/tests/test_69_discovery.py b/tests/test_69_discovery.py index a74cffae2..bf5ce3883 100644 --- a/tests/test_69_discovery.py +++ b/tests/test_69_discovery.py @@ -1,9 +1,10 @@ +from pathutils import dotname + from saml2.client import Saml2Client from saml2.discovery import DiscoveryServer -from pathutils import dotname -__author__ = 'rolandh' +__author__ = "rolandh" def _eq(l1, l2): @@ -18,16 +19,14 @@ def test_verify(): def test_construct_0(): sp = Saml2Client(config_file=dotname("servera_conf")) - url = sp.create_discovery_service_request("http://example.com/saml/disco", - "https://example.com/saml/sp.xml") + url = sp.create_discovery_service_request("http://example.com/saml/disco", "https://example.com/saml/sp.xml") assert url == "http://example.com/saml/disco?entityID=https%3A%2F%2Fexample.com%2Fsaml%2Fsp.xml" def test_construct_1(): sp = Saml2Client(config_file=dotname("servera_conf")) - url = sp.create_discovery_service_request("http://example.com/saml/disco", - "https://example.com/saml/sp.xml") + url = sp.create_discovery_service_request("http://example.com/saml/disco", "https://example.com/saml/sp.xml") assert url == "http://example.com/saml/disco?entityID=https%3A%2F%2Fexample.com%2Fsaml%2Fsp.xml" @@ -39,30 +38,30 @@ def test_construct_deconstruct_request(): "https://example.com/saml/sp.xml", isPassive=True, returnIDParam="foo", - return_url="https://example.com/saml/sp/disc") + return_url="https://example.com/saml/sp/disc", + ) print(url) ds = DiscoveryServer(config_file=dotname("disco_conf")) dsr = ds.parse_discovery_service_request(url) # policy is added by the parsing and verifying method - assert _eq(dsr.keys(), ["return", "entityID", "returnIDParam", - "isPassive", "policy"]) + assert _eq(dsr.keys(), ["return", "entityID", "returnIDParam", "isPassive", "policy"]) def test_construct_deconstruct_response(): sp = Saml2Client(config_file=dotname("servera_conf")) - url = sp.create_discovery_service_request("http://example.com/saml/disco", - "https://example.com/saml/sp.xml", - isPassive=True, - returnIDParam="foo", - return_url="https://example.com/saml/sp/disc") + url = sp.create_discovery_service_request( + "http://example.com/saml/disco", + "https://example.com/saml/sp.xml", + isPassive=True, + returnIDParam="foo", + return_url="https://example.com/saml/sp/disc", + ) ds = DiscoveryServer(config_file=dotname("disco_conf")) dsr = ds.parse_discovery_service_request(url) - args = dict([(key, dsr[key]) for key in ["returnIDParam", "return"]]) - url = ds.create_discovery_service_response( - entity_id="https://example.com/saml/idp.xml", - **args) + args = {key: dsr[key] for key in ["returnIDParam", "return"]} + url = ds.create_discovery_service_response(entity_id="https://example.com/saml/idp.xml", **args) idp_id = sp.parse_discovery_service_response(url, returnIDParam="foo") assert idp_id == "https://example.com/saml/idp.xml" diff --git a/tests/test_70_redirect_signing.py b/tests/test_70_redirect_signing.py index 26d6c486a..27b167b1d 100644 --- a/tests/test_70_redirect_signing.py +++ b/tests/test_70_redirect_signing.py @@ -1,21 +1,22 @@ from contextlib import closing -from saml2.pack import http_redirect_message -from saml2.sigver import verify_redirect_signature -from saml2.sigver import import_rsa_key_from_file -from saml2.sigver import SIG_RSA_SHA1 -from saml2.server import Server +from urllib.parse import parse_qs + +from pathutils import dotname + from saml2 import BINDING_HTTP_REDIRECT from saml2.client import Saml2Client from saml2.config import SPConfig -from six.moves.urllib.parse import parse_qs +from saml2.pack import http_redirect_message +from saml2.server import Server +from saml2.sigver import SIG_RSA_SHA1 +from saml2.sigver import verify_redirect_signature -from pathutils import dotname -__author__ = 'rolandh' +__author__ = "rolandh" def list_values2simpletons(_dict): - return dict([(k, v[0]) for k, v in _dict.items()]) + return {k: v[0] for k, v in _dict.items()} def test(): @@ -24,8 +25,7 @@ def test(): conf.load_file(dotname("servera_conf")) sp = Saml2Client(conf) - srvs = sp.metadata.single_sign_on_service(idp.config.entityid, - BINDING_HTTP_REDIRECT) + srvs = sp.metadata.single_sign_on_service(idp.config.entityid, BINDING_HTTP_REDIRECT) destination = srvs[0]["location"] req_id, req = sp.create_authn_request(destination, id="id1") @@ -47,9 +47,7 @@ def test(): _dict = parse_qs(val.split("?")[1]) _certs = idp.metadata.certs(sp.config.entityid, "any", "signing") for cert in _certs: - if verify_redirect_signature( - list_values2simpletons(_dict), sp.sec.sec_backend, - cert[1]): + if verify_redirect_signature(list_values2simpletons(_dict), sp.sec.sec_backend, cert[1]): verified_ok = True assert verified_ok diff --git a/tests/test_71_authn_request.py b/tests/test_71_authn_request.py index 6ee609e3b..7544af709 100644 --- a/tests/test_71_authn_request.py +++ b/tests/test_71_authn_request.py @@ -1,13 +1,14 @@ from contextlib import closing + from saml2.client import Saml2Client -from saml2.server import Server from saml2.saml import AuthnContextClassRef +from saml2.server import Server def test_authn_request_with_acs_by_index(): # ACS index and location from SP metadata in servera.xml. - ACS_INDEX = '4' - ACS_LOCATION = 'http://lingon.catalogix.se:8087/another/path' + ACS_INDEX = "4" + ACS_LOCATION = "http://lingon.catalogix.se:8087/another/path" # Create SP using the configuration found in servera_conf.py. sp = Saml2Client(config_file="servera_conf") @@ -15,9 +16,7 @@ def test_authn_request_with_acs_by_index(): # Generate an authn request object that uses AssertionConsumerServiceIndex # instead of AssertionConsumerServiceURL. The index with label ACS_INDEX # exists in the SP metadata in servera.xml. - request_id, authn_request = sp.create_authn_request( - sp.config.entityid, assertion_consumer_service_index=ACS_INDEX - ) + request_id, authn_request = sp.create_authn_request(sp.config.entityid, assertion_consumer_service_index=ACS_INDEX) assert authn_request.requested_authn_context.authn_context_class_ref == [ AuthnContextClassRef(accr) @@ -28,18 +27,14 @@ def test_authn_request_with_acs_by_index(): ) # Make sure the authn_request contains AssertionConsumerServiceIndex. - acs_index = getattr( - authn_request, 'assertion_consumer_service_index', None - ) + acs_index = getattr(authn_request, "assertion_consumer_service_index", None) assert acs_index == ACS_INDEX # Create IdP. with closing(Server(config_file="idp_all_conf")) as idp: # Ask the IdP to pick out the binding and destination from the # authn_request. - binding, destination = idp.pick_binding( - "assertion_consumer_service", request=authn_request - ) + binding, destination = idp.pick_binding("assertion_consumer_service", request=authn_request) # Make sure the IdP pick_binding method picks the correct location # or destination based on the ACS index in the authn request. diff --git a/tests/test_72_eptid.py b/tests/test_72_eptid.py index 64457610a..fbe5a6072 100644 --- a/tests/test_72_eptid.py +++ b/tests/test_72_eptid.py @@ -1,6 +1,8 @@ -from saml2.eptid import Eptid, EptidShelve +from saml2.eptid import Eptid +from saml2.eptid import EptidShelve -__author__ = 'rolandh' + +__author__ = "rolandh" def test_eptid(): diff --git a/tests/test_75_mongodb.py b/tests/test_75_mongodb.py index a66445369..51ef67c9f 100644 --- a/tests/test_75_mongodb.py +++ b/tests/test_75_mongodb.py @@ -1,19 +1,20 @@ from contextlib import closing -from pymongo.errors import ConnectionFailure, ServerSelectionTimeoutError + +from pymongo.errors import ConnectionFailure +from pymongo.errors import ServerSelectionTimeoutError import pytest + from saml2 import BINDING_HTTP_POST from saml2.authn_context import INTERNETPROTOCOLPASSWORD from saml2.client import Saml2Client -from saml2.server import Server from saml2.mongo_store import EptidMDB +from saml2.server import Server + -__author__ = 'rolandh' +__author__ = "rolandh" -AUTHN = { - "class_ref": INTERNETPROTOCOLPASSWORD, - "authn_auth": "http://www.example.com/login" -} +AUTHN = {"class_ref": INTERNETPROTOCOLPASSWORD, "authn_auth": "http://www.example.com/login"} def _eq(l1, l2): @@ -36,17 +37,19 @@ def test_flow(): rinfo = idp1.response_args(orig_req, [BINDING_HTTP_POST]) - #name_id = idp1.ident.transient_nameid("id12", rinfo["sp_entity_id"]) + # name_id = idp1.ident.transient_nameid("id12", rinfo["sp_entity_id"]) resp = idp1.create_authn_response( { "eduPersonEntitlement": "Short stop", "surName": "Jeter", "givenName": "Derek", "mail": "derek.jeter@nyy.mlb.com", - "title": "The man"}, + "title": "The man", + }, userid="jeter", authn=AUTHN, - **rinfo) + **rinfo + ) # What's stored away is the assertion a_info = idp2.session_db.get_assertion(resp.assertion.id) @@ -73,28 +76,23 @@ def test_eptid_mongo_db(): pass else: try: - e1 = edb.get("idp_entity_id", "sp_entity_id", "user_id", - "some other data") + e1 = edb.get("idp_entity_id", "sp_entity_id", "user_id", "some other data") except ServerSelectionTimeoutError: pass else: print(e1) assert e1.startswith("idp_entity_id!sp_entity_id!") - e2 = edb.get("idp_entity_id", "sp_entity_id", "user_id", - "some other data") + e2 = edb.get("idp_entity_id", "sp_entity_id", "user_id", "some other data") assert e1 == e2 - e3 = edb.get("idp_entity_id", "sp_entity_id", "user_2", - "some other data") + e3 = edb.get("idp_entity_id", "sp_entity_id", "user_2", "some other data") print(e3) assert e1 != e3 - e4 = edb.get("idp_entity_id", "sp_entity_id2", "user_id", - "some other data") + e4 = edb.get("idp_entity_id", "sp_entity_id2", "user_id", "some other data") assert e4 != e1 assert e4 != e3 - if __name__ == "__main__": test_flow() diff --git a/tests/test_76_metadata_in_mdb.py b/tests/test_76_metadata_in_mdb.py index 60c1ff1c1..999c9382b 100644 --- a/tests/test_76_metadata_in_mdb.py +++ b/tests/test_76_metadata_in_mdb.py @@ -1,16 +1,17 @@ -# -*- coding: utf-8 -*- +from pathutils import full_path from pymongo.errors import ConnectionFailure -from saml2.attribute_converter import d_to_local_name + +from saml2 import config from saml2.attribute_converter import ac_factory -from saml2.mongo_store import export_mdstore_to_mongo_db -from saml2.mongo_store import MetadataMDB +from saml2.attribute_converter import d_to_local_name from saml2.mdstore import MetadataStore from saml2.mdstore import locations from saml2.mdstore import name -from saml2 import config -from pathutils import full_path +from saml2.mongo_store import MetadataMDB +from saml2.mongo_store import export_mdstore_to_mongo_db + -__author__ = 'rolandh' +__author__ = "rolandh" ATTRCONV = ac_factory(full_path("attributemaps")) @@ -23,14 +24,12 @@ def _eq(l1, l2): def test_metadata(): conf = config.Config() conf.load_file("idp_conf_mdb") - umu_idp = 'https://idp.umu.se/saml2/idp/metadata.php' + umu_idp = "https://idp.umu.se/saml2/idp/metadata.php" # Set up a Metadata store - mds = MetadataStore(ATTRCONV, conf, - disable_ssl_certificate_validation=True) + mds = MetadataStore(ATTRCONV, conf, disable_ssl_certificate_validation=True) # Import metadata from local file. - mds.imp([{"class": "saml2.mdstore.MetaDataFile", - "metadata": [(full_path("swamid-2.0.xml"), )]}]) + mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("swamid-2.0.xml"),)]}]) assert len(mds) == 1 # One source try: @@ -46,34 +45,35 @@ def test_metadata(): assert idps.keys() idpsso = mds.single_sign_on_service(umu_idp) assert len(idpsso) == 1 - assert list(locations(idpsso)) == [ - 'https://idp.umu.se/saml2/idp/SSOService.php'] + assert list(locations(idpsso)) == ["https://idp.umu.se/saml2/idp/SSOService.php"] _name = name(mds[umu_idp]) - assert _name == u'Ume\xe5 University' + assert _name == "Ume\xe5 University" certs = mds.certs(umu_idp, "idpsso", "signing") assert len(certs) == 1 sps = mds.with_descriptor("spsso") assert len(sps) == 417 - wants = mds.attribute_requirement('https://connect.sunet.se/shibboleth') + wants = mds.attribute_requirement("https://connect.sunet.se/shibboleth") assert wants["optional"] == [] lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["required"]] - assert _eq(lnamn, - ['eduPersonPrincipalName', 'mail', 'givenName', 'sn', - 'eduPersonScopedAffiliation', 'eduPersonAffiliation']) + assert _eq( + lnamn, + ["eduPersonPrincipalName", "mail", "givenName", "sn", "eduPersonScopedAffiliation", "eduPersonAffiliation"], + ) - wants = mds.attribute_requirement( - "https://gidp.geant.net/sp/module.php/saml/sp/metadata.php/default-sp") + wants = mds.attribute_requirement("https://gidp.geant.net/sp/module.php/saml/sp/metadata.php/default-sp") # Optional lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["optional"]] - assert _eq(lnamn, ['displayName', 'commonName', 'schacHomeOrganization', - 'eduPersonAffiliation', 'schacHomeOrganizationType']) + assert _eq( + lnamn, + ["displayName", "commonName", "schacHomeOrganization", "eduPersonAffiliation", "schacHomeOrganizationType"], + ) # Required lnamn = [d_to_local_name(mds.attrc, attr) for attr in wants["required"]] - assert _eq(lnamn, ['eduPersonTargetedID', 'mail', - 'eduPersonScopedAffiliation']) + assert _eq(lnamn, ["eduPersonTargetedID", "mail", "eduPersonScopedAffiliation"]) + if __name__ == "__main__": test_metadata() diff --git a/tests/test_77_authn_context.py b/tests/test_77_authn_context.py index ed7c4b4f3..b798720a9 100644 --- a/tests/test_77_authn_context.py +++ b/tests/test_77_authn_context.py @@ -1,5 +1,4 @@ - -__author__ = 'rolandh' +__author__ = "rolandh" ex1 = """ @@ -12,22 +11,21 @@ """ -from saml2.saml import AuthnContext -from saml2.saml import authn_context_from_string -from saml2.saml import AuthnContextClassRef -from saml2.samlp import RequestedAuthnContext -from saml2.authn_context import pword -from saml2.authn_context import ppt -from saml2.authn_context import authn_context_class_ref -from saml2.authn_context import requested_authn_context -from saml2.authn_context import PASSWORDPROTECTEDTRANSPORT from saml2.authn_context import AL1 from saml2.authn_context import AL2 from saml2.authn_context import AL3 from saml2.authn_context import AL4 +from saml2.authn_context import PASSWORDPROTECTEDTRANSPORT from saml2.authn_context import AuthnBroker +from saml2.authn_context import authn_context_class_ref from saml2.authn_context import authn_context_decl_from_extension_elements from saml2.authn_context import authn_context_factory +from saml2.authn_context import pword +from saml2.authn_context import requested_authn_context +from saml2.saml import AuthnContext +from saml2.saml import authn_context_from_string +from saml2.samlp import RequestedAuthnContext + length = pword.Length(min="4") restricted_password = pword.RestrictedPassword(length=length) @@ -38,6 +36,7 @@ AUTHNCTXT = AuthnContext(authn_context_decl=ACD) REQAUTHNCTXT = RequestedAuthnContext(authn_context_decl_ref=ACD.c_namespace) + def test_passwd(): inst = ACD inst2 = pword.authentication_context_declaration_from_string(ex1) @@ -55,10 +54,9 @@ def test_factory(): def test_authn_decl_in_authn_context(): authnctxt = AuthnContext(authn_context_decl=ACD) - acs = authn_context_from_string("%s" % authnctxt) + acs = authn_context_from_string(f"{authnctxt}") if acs.extension_elements: - cacd = authn_context_decl_from_extension_elements( - acs.extension_elements) + cacd = authn_context_decl_from_extension_elements(acs.extension_elements) if cacd: acs.authn_context_decl = cacd @@ -93,7 +91,7 @@ def test_authn_2(): AL1: "https://example.com/authn/pin", AL2: "https://example.com/authn/passwd", AL3: "https://example.com/authn/multifact", - AL4: "https://example.com/authn/cert" + AL4: "https://example.com/authn/cert", } @@ -104,8 +102,7 @@ def test_authn_3(): level += 4 ac = authn_context_class_ref(ref) - authn.add(ac, REF2METHOD[ref], level, - "https://www.example.com/%s" % "al%d" % level) + authn.add(ac, REF2METHOD[ref], level, f"https://www.example.com/{'al%d'}" % level) rac = requested_authn_context(AL1, "minimum") diff --git a/tests/test_81_certificates.py b/tests/test_81_certificates.py index 772211ea6..f02feea6e 100644 --- a/tests/test_81_certificates.py +++ b/tests/test_81_certificates.py @@ -1,9 +1,11 @@ -from os import remove import os +from os import remove import time -__author__ = 'haho0032' + +__author__ = "haho0032" import unittest + from saml2.cert import OpenSSLWrapper @@ -16,7 +18,7 @@ def test_validate_with_root_cert(self): "state": "qwerty", "city": "qwerty", "organization": "qwerty", - "organization_unit": "qwerty" + "organization_unit": "qwerty", } cert_info = { @@ -25,42 +27,33 @@ def test_validate_with_root_cert(self): "state": "asdfgh", "city": "asdfgh", "organization": "asdfgh", - "organization_unit": "asdfg" + "organization_unit": "asdfg", } osw = OpenSSLWrapper() - ca_cert, ca_key = osw.create_certificate(cert_info_ca, request=False, - write_to_file=True, - cert_dir=os.path.dirname( - os.path.abspath( - __file__)) + "/pki") + ca_cert, ca_key = osw.create_certificate( + cert_info_ca, + request=False, + write_to_file=True, + cert_dir=f"{os.path.dirname(os.path.abspath(__file__))}/pki", + ) - req_cert_str, req_key_str = osw.create_certificate(cert_info, - request=True) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True) ca_cert_str = osw.read_str_from_file(ca_cert) ca_key_str = osw.read_str_from_file(ca_key) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str) valid, mess = osw.verify(ca_cert_str, cert_str) self.assertTrue(valid) - false_ca_cert, false_ca_key = osw.create_certificate(cert_info_ca, - request=False, - write_to_file=False) - false_req_cert_str_1, false_req_key_str_1 = osw.create_certificate( - cert_info_ca, request=True) - false_cert_str_1 = osw.create_cert_signed_certificate(false_ca_cert, - false_ca_key, - false_req_cert_str_1) - false_req_cert_str_2, false_req_key_str_2 = osw.create_certificate( - cert_info, request=True) - false_cert_str_2 = osw.create_cert_signed_certificate(false_ca_cert, - false_ca_key, - false_req_cert_str_2) + false_ca_cert, false_ca_key = osw.create_certificate(cert_info_ca, request=False, write_to_file=False) + false_req_cert_str_1, false_req_key_str_1 = osw.create_certificate(cert_info_ca, request=True) + false_cert_str_1 = osw.create_cert_signed_certificate(false_ca_cert, false_ca_key, false_req_cert_str_1) + false_req_cert_str_2, false_req_key_str_2 = osw.create_certificate(cert_info, request=True) + false_cert_str_2 = osw.create_cert_signed_certificate(false_ca_cert, false_ca_key, false_req_cert_str_2) valid, mess = osw.verify(false_ca_cert, cert_str) self.assertFalse(valid) @@ -69,8 +62,8 @@ def test_validate_with_root_cert(self): valid, mess = osw.verify(ca_cert_str, false_cert_str_2) self.assertFalse(valid) - if 'z' in cert_str: - false_cert_str = cert_str.replace('z', 'x') + if "z" in cert_str: + false_cert_str = cert_str.replace("z", "x") valid, mess = osw.verify(ca_cert_str, false_cert_str) self.assertFalse(valid) @@ -85,7 +78,7 @@ def test_validate_cert_chains(self): "state": "qwerty", "city": "qwerty", "organization": "qwerty", - "organization_unit": "qwerty" + "organization_unit": "qwerty", } cert_intermediate_1_info = { @@ -94,7 +87,7 @@ def test_validate_cert_chains(self): "state": "asdfgh", "city": "asdfgh", "organization": "asdfgh", - "organization_unit": "asdfg" + "organization_unit": "asdfg", } cert_intermediate_2_info = { @@ -103,7 +96,7 @@ def test_validate_cert_chains(self): "state": "asdfgh", "city": "asdfgh", "organization": "asdfgh", - "organization_unit": "asdfg" + "organization_unit": "asdfg", } cert_client_cert_info = { @@ -112,38 +105,31 @@ def test_validate_cert_chains(self): "state": "asdfgh", "city": "asdfgh", "organization": "asdfgh", - "organization_unit": "asdfg" + "organization_unit": "asdfg", } osw = OpenSSLWrapper() - ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, - request=False) + ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, request=False) - req_cert_str, intermediate_1_key_str = osw.create_certificate( - cert_intermediate_1_info, request=True) - intermediate_cert_1_str = osw.create_cert_signed_certificate( - ca_cert_str, ca_key_str, req_cert_str) + req_cert_str, intermediate_1_key_str = osw.create_certificate(cert_intermediate_1_info, request=True) + intermediate_cert_1_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str) - req_cert_str, intermediate_2_key_str = osw.create_certificate( - cert_intermediate_2_info, request=True) + req_cert_str, intermediate_2_key_str = osw.create_certificate(cert_intermediate_2_info, request=True) intermediate_cert_2_str = osw.create_cert_signed_certificate( - intermediate_cert_1_str, intermediate_1_key_str, - req_cert_str) + intermediate_cert_1_str, intermediate_1_key_str, req_cert_str + ) - req_cert_str, client_key_str = osw.create_certificate( - cert_client_cert_info, request=True) + req_cert_str, client_key_str = osw.create_certificate(cert_client_cert_info, request=True) client_cert_str = osw.create_cert_signed_certificate( - intermediate_cert_2_str, intermediate_2_key_str, - req_cert_str) + intermediate_cert_2_str, intermediate_2_key_str, req_cert_str + ) - cert_chain = [intermediate_cert_2_str, intermediate_cert_1_str, - ca_cert_str] + cert_chain = [intermediate_cert_2_str, intermediate_cert_1_str, ca_cert_str] valid, mess = osw.verify_chain(cert_chain, client_cert_str) self.assertTrue(valid) - def test_validate_passphrase(self): cert_info_ca = { @@ -152,7 +138,7 @@ def test_validate_passphrase(self): "state": "qwerty", "city": "qwerty", "organization": "qwerty", - "organization_unit": "qwerty" + "organization_unit": "qwerty", } cert_info = { @@ -161,26 +147,23 @@ def test_validate_passphrase(self): "state": "asdfgh", "city": "asdfgh", "organization": "asdfgh", - "organization_unit": "asdfg" + "organization_unit": "asdfg", } osw = OpenSSLWrapper() ca_cert_str, ca_key_str = osw.create_certificate( - cert_info_ca, request=False, - cipher_passphrase={"cipher": "blowfish", "passphrase": "qwerty"}) + cert_info_ca, request=False, cipher_passphrase={"cipher": "blowfish", "passphrase": "qwerty"} + ) - req_cert_str, req_key_str = osw.create_certificate(cert_info, - request=True) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str, - passphrase=b"qwerty") + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str, passphrase=b"qwerty") valid = False try: cert_str = osw.create_cert_signed_certificate( - ca_cert_str, ca_key_str, req_cert_str, - passphrase="qwertyqwerty") + ca_cert_str, ca_key_str, req_cert_str, passphrase="qwertyqwerty" + ) except Exception: valid = True @@ -194,7 +177,7 @@ def test_validate_expire(self): "state": "qwerty", "city": "qwerty", "organization": "qwerty", - "organization_unit": "qwerty" + "organization_unit": "qwerty", } cert_info = { @@ -203,62 +186,42 @@ def test_validate_expire(self): "state": "asdfgh", "city": "asdfgh", "organization": "asdfgh", - "organization_unit": "asdfg" + "organization_unit": "asdfg", } osw = OpenSSLWrapper() - ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, - request=False) + ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, request=False) - req_cert_str, req_key_str = osw.create_certificate(cert_info, - request=True) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str) valid, mess = osw.verify(ca_cert_str, cert_str) - ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, - request=False, - valid_from=1000, - valid_to=100000) - req_cert_str, req_key_str = osw.create_certificate(cert_info, - request=True) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str) + ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, request=False, valid_from=1000, valid_to=100000) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str) valid, mess = osw.verify(ca_cert_str, cert_str) self.assertFalse(valid) - ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, - request=False) - req_cert_str, req_key_str = osw.create_certificate(cert_info, - request=True) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str, - valid_from=1000, - valid_to=100000) + ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, request=False) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True) + cert_str = osw.create_cert_signed_certificate( + ca_cert_str, ca_key_str, req_cert_str, valid_from=1000, valid_to=100000 + ) valid, mess = osw.verify(ca_cert_str, cert_str) self.assertFalse(valid) - ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, - request=False, - valid_from=0, - valid_to=1) - req_cert_str, req_key_str = osw.create_certificate(cert_info, - request=True) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str) + ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, request=False, valid_from=0, valid_to=1) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str) time.sleep(2) valid, mess = osw.verify(ca_cert_str, cert_str) self.assertFalse(valid) - ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, - request=False) - req_cert_str, req_key_str = osw.create_certificate(cert_info, - request=True) - cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, - req_cert_str, - valid_from=0, valid_to=1) + ca_cert_str, ca_key_str = osw.create_certificate(cert_info_ca, request=False) + req_cert_str, req_key_str = osw.create_certificate(cert_info, request=True) + cert_str = osw.create_cert_signed_certificate(ca_cert_str, ca_key_str, req_cert_str, valid_from=0, valid_to=1) time.sleep(2) valid, mess = osw.verify(ca_cert_str, cert_str) self.assertFalse(valid) diff --git a/tests/test_82_pefim.py b/tests/test_82_pefim.py index a593d0354..ce223f272 100644 --- a/tests/test_82_pefim.py +++ b/tests/test_82_pefim.py @@ -1,50 +1,49 @@ -from saml2 import xmldsig as ds +from pathutils import full_path + from saml2 import config -from saml2 import extension_elements_to_elements from saml2 import element_to_extension_element +from saml2 import extension_elements_to_elements from saml2 import saml +from saml2 import xmldsig as ds from saml2.client import Saml2Client from saml2.extension import pefim from saml2.extension.pefim import SPCertEnc from saml2.samlp import Extensions from saml2.samlp import authn_request_from_string from saml2.sigver import read_cert_from_file -from pathutils import full_path -__author__ = 'roland' + +__author__ = "roland" conf = config.SPConfig() conf.load_file("server_conf") client = Saml2Client(conf) # place a certificate in an authn request -cert = read_cert_from_file(full_path("test.pem"), "pem") +cert = read_cert_from_file(full_path("test.pem")) -spcertenc = SPCertEnc( - x509_data=ds.X509Data( - x509_certificate=ds.X509Certificate(text=cert))) +spcertenc = SPCertEnc(x509_data=ds.X509Data(x509_certificate=ds.X509Certificate(text=cert))) -extensions = Extensions( - extension_elements=[element_to_extension_element(spcertenc)]) +extensions = Extensions(extension_elements=[element_to_extension_element(spcertenc)]) req_id, req = client.create_authn_request( "http://www.example.com/sso", "urn:mace:example.com:it:tek", nameid_format=saml.NAMEID_FORMAT_PERSISTENT, message_id="666", - extensions=extensions) + extensions=extensions, +) print(req) # Get a certificate from an authn request -xml = "%s" % req +xml = f"{req}" parsed = authn_request_from_string(xml) -_elem = extension_elements_to_elements(parsed.extensions.extension_elements, - [pefim, ds]) +_elem = extension_elements_to_elements(parsed.extensions.extension_elements, [pefim, ds]) assert len(_elem) == 1 _spcertenc = _elem[0] diff --git a/tests/test_83_md_extensions.py b/tests/test_83_md_extensions.py index df2c9125e..db4e08631 100644 --- a/tests/test_83_md_extensions.py +++ b/tests/test_83_md_extensions.py @@ -1,12 +1,11 @@ from saml2 import create_class_from_xml_string as parse_str_as -from saml2 import create_class_from_element_tree as parse_element_as from saml2.config import Config from saml2.extension.sp_type import SPType from saml2.metadata import Attribute from saml2.metadata import entity_descriptor -class TestMDExt(): +class TestMDExt: def test_sp_type_true(self): fil = "sp_mdext_conf.py" cnf = Config().load_file(fil) @@ -21,7 +20,7 @@ def test_sp_type_true(self): def test_sp_type_false(self): fil = "sp_mdext_conf.py" cnf = Config().load_file(fil) - cnf.setattr('sp', 'sp_type_in_metadata', False) + cnf.setattr("sp", "sp_type_in_metadata", False) ed = entity_descriptor(cnf) assert all(e.tag is not SPType.c_tag for e in ed.extensions.extension_elements) @@ -31,17 +30,11 @@ def test_entity_attributes(self): cnf = Config().load_file(fil) ed = entity_descriptor(cnf) - entity_attributes = next( - e - for e in ed.extensions.extension_elements - if e.tag == 'EntityAttributes' - ) - attributes = [ - parse_str_as(Attribute, e.to_string()) - for e in entity_attributes.children - ] + entity_attributes = next(e for e in ed.extensions.extension_elements if e.tag == "EntityAttributes") + attributes = [parse_str_as(Attribute, e.to_string()) for e in entity_attributes.children] assert all( - a.name in [ + a.name + in [ "urn:oasis:names:tc:SAML:profiles:subject-id:req", "somename", ] @@ -49,15 +42,17 @@ def test_entity_attributes(self): ) import saml2.attribute_converter + attrc = saml2.attribute_converter.ac_factory() import saml2.mdstore + mds = saml2.mdstore.MetadataStore(attrc, cnf) mds.load("inline", ed.to_string()) entityid = ed.entity_id entity_attributes = mds.entity_attributes(entityid) assert entity_attributes == { - 'urn:oasis:names:tc:SAML:profiles:subject-id:req': ['any'], - 'somename': ['x', 'y', 'z'], + "urn:oasis:names:tc:SAML:profiles:subject-id:req": ["any"], + "somename": ["x", "y", "z"], } diff --git a/tests/test_88_nsprefix.py b/tests/test_88_nsprefix.py index 4f652a54f..d61e0d190 100644 --- a/tests/test_88_nsprefix.py +++ b/tests/test_88_nsprefix.py @@ -1,24 +1,25 @@ -from saml2.saml import NAMEID_FORMAT_TRANSIENT -from saml2.client import Saml2Client -from saml2 import config, BINDING_HTTP_POST +from saml2 import BINDING_HTTP_POST +from saml2 import config from saml2 import saml from saml2 import samlp +from saml2.client import Saml2Client +from saml2.saml import NAMEID_FORMAT_TRANSIENT + -__author__ = 'roland' +__author__ = "roland" def test_nsprefix(): status_message = samlp.StatusMessage() status_message.text = "OK" - txt = "%s" % status_message + txt = f"{status_message}" assert "ns0:StatusMessage" in txt - status_message.register_prefix({"saml2": saml.NAMESPACE, - "saml2p": samlp.NAMESPACE}) + status_message.register_prefix({"saml2": saml.NAMESPACE, "saml2p": samlp.NAMESPACE}) - txt = "%s" % status_message + txt = f"{status_message}" assert "saml2p:StatusMessage" in txt @@ -33,13 +34,16 @@ def test_nsprefix2(): destination = client._sso_location(selected_idp, BINDING_HTTP_POST) reqid, req = client.create_authn_request( - destination, nameid_format=NAMEID_FORMAT_TRANSIENT, - nsprefix={"saml2": saml.NAMESPACE, "saml2p": samlp.NAMESPACE}) + destination, + nameid_format=NAMEID_FORMAT_TRANSIENT, + nsprefix={"saml2": saml.NAMESPACE, "saml2p": samlp.NAMESPACE}, + ) - txt = "%s" % req + txt = f"{req}" assert "saml2p:AuthnRequest" in txt assert "saml2:Issuer" in txt + if __name__ == "__main__": - test_nsprefix2() \ No newline at end of file + test_nsprefix2() diff --git a/tests/test_89_http_post_relay_state.py b/tests/test_89_http_post_relay_state.py index 957b930f8..f04b25cd5 100644 --- a/tests/test_89_http_post_relay_state.py +++ b/tests/test_89_http_post_relay_state.py @@ -1,9 +1,11 @@ from contextlib import closing +import sys + from saml2 import BINDING_HTTP_POST from saml2.client import Saml2Client from saml2.server import Server -import sys + if sys.version_info.major < 3: from HTMLParser import HTMLParser else: @@ -14,11 +16,12 @@ ss:mem:ab1e6a31f3bd040ffd1d64a2d0e15d61ce517f5e1a94a41ea4fae32cc8d70a04""" -class RelayStateHTMLParser(HTMLParser, object): +class RelayStateHTMLParser(HTMLParser): """Class used to parse HTML from a HTTP-POST binding response - and determine if the HTML includes the expected relay state.""" + and determine if the HTML includes the expected relay state.""" + def __init__(self, expected_relay_state): - super(RelayStateHTMLParser, self).__init__() + super().__init__() self.expected_relay_state = expected_relay_state self.expected_relay_state_found = False @@ -27,10 +30,10 @@ def __init__(self, expected_relay_state): def handle_starttag(self, tag, attrs): """If the tag is found and it includes the correct value for the relay state set the relay state found flag to true.""" - if tag == 'input': - if ('name', 'RelayState') in attrs: + if tag == "input": + if ("name", "RelayState") in attrs: self.input_relay_state_found = True - if ('value', self.expected_relay_state) in attrs: + if ("value", self.expected_relay_state) in attrs: self.expected_relay_state_found = True @@ -41,8 +44,8 @@ def test_relay_state(): "surName": "Jeter", "givenName": "Derek", "mail": "derek.jeter@nyy.mlb.com", - "title": "The man" - } + "title": "The man", + } # Create a service provider using the servera_conf.py configuration. sp = Saml2Client(config_file="servera_conf") @@ -53,21 +56,16 @@ def test_relay_state(): # it came from the SP. name_id = idp.ident.transient_nameid(sp.config.entityid, "id12") - binding, destination = idp.pick_binding("assertion_consumer_service", - bindings=[BINDING_HTTP_POST], - entity_id=sp.config.entityid) - resp = idp.create_authn_response(identity, - "id-123456789", - destination, - sp.config.entityid, - name_id=name_id) + binding, destination = idp.pick_binding( + "assertion_consumer_service", bindings=[BINDING_HTTP_POST], entity_id=sp.config.entityid + ) + resp = idp.create_authn_response(identity, "id-123456789", destination, sp.config.entityid, name_id=name_id) # Apply the HTTP_POST binding to the response with a relay state # typical from a Shibboleth SP to create the HTML that carries # the SAML response. relay_state = SHIB_SP_RELAY_STATE - html = idp.apply_binding(BINDING_HTTP_POST, - "%s" % resp, destination, relay_state)['data'] + html = idp.apply_binding(BINDING_HTTP_POST, f"{resp}", destination, relay_state)["data"] # Parse the HTML and verify that it contains the correct relay state. parser = RelayStateHTMLParser(relay_state) @@ -76,8 +74,7 @@ def test_relay_state(): # Apply the HTTP_POST binding to the response with relay state None. relay_state = None - html = idp.apply_binding(BINDING_HTTP_POST, - "%s" % resp, destination, relay_state)['data'] + html = idp.apply_binding(BINDING_HTTP_POST, f"{resp}", destination, relay_state)["data"] # Parse the HTML and verify that it does not contain a relay state. parser = RelayStateHTMLParser(relay_state) @@ -87,8 +84,7 @@ def test_relay_state(): # Apply the HTTP_POST binding to the response with empty # string relay state. relay_state = "" - html = idp.apply_binding(BINDING_HTTP_POST, - "%s" % resp, destination, relay_state)['data'] + html = idp.apply_binding(BINDING_HTTP_POST, f"{resp}", destination, relay_state)["data"] # Parse the HTML and verify that it does not contain a relay state. parser = RelayStateHTMLParser(relay_state) diff --git a/tests/test_92_aes.py b/tests/test_92_aes.py index 424ee15d5..b4491c04f 100644 --- a/tests/test_92_aes.py +++ b/tests/test_92_aes.py @@ -3,9 +3,9 @@ from saml2.cryptography.symmetric import AESCipher -class TestAES(): +class TestAES: def test_aes_defaults(self): - original_msg = b'ToBeOrNotTobe W.S.' + original_msg = b"ToBeOrNotTobe W.S." key = os.urandom(16) aes = AESCipher(key) @@ -14,60 +14,60 @@ def test_aes_defaults(self): assert decrypted_msg == original_msg def test_aes_128_cbc(self): - original_msg = b'ToBeOrNotTobe W.S.' + original_msg = b"ToBeOrNotTobe W.S." key = os.urandom(16) aes = AESCipher(key) - alg = 'aes_128_cbc' + alg = "aes_128_cbc" encrypted_msg = aes.encrypt(original_msg, alg=alg) decrypted_msg = aes.decrypt(encrypted_msg, alg=alg) assert decrypted_msg == original_msg def test_aes_128_cfb(self): - original_msg = b'ToBeOrNotTobe W.S.' + original_msg = b"ToBeOrNotTobe W.S." key = os.urandom(16) aes = AESCipher(key) - alg = 'aes_128_cfb' + alg = "aes_128_cfb" encrypted_msg = aes.encrypt(original_msg, alg=alg) decrypted_msg = aes.decrypt(encrypted_msg, alg=alg) assert decrypted_msg == original_msg def test_aes_192_cbc(self): - original_msg = b'ToBeOrNotTobe W.S.' + original_msg = b"ToBeOrNotTobe W.S." key = os.urandom(24) aes = AESCipher(key) - alg = 'aes_192_cbc' + alg = "aes_192_cbc" encrypted_msg = aes.encrypt(original_msg, alg=alg) decrypted_msg = aes.decrypt(encrypted_msg, alg=alg) assert decrypted_msg == original_msg def test_aes_192_cfb(self): - original_msg = b'ToBeOrNotTobe W.S.' + original_msg = b"ToBeOrNotTobe W.S." key = os.urandom(24) aes = AESCipher(key) - alg = 'aes_192_cfb' + alg = "aes_192_cfb" encrypted_msg = aes.encrypt(original_msg, alg=alg) decrypted_msg = aes.decrypt(encrypted_msg, alg=alg) assert decrypted_msg == original_msg def test_aes_256_cbc(self): - original_msg = b'ToBeOrNotTobe W.S.' + original_msg = b"ToBeOrNotTobe W.S." key = os.urandom(32) aes = AESCipher(key) - alg = 'aes_256_cbc' + alg = "aes_256_cbc" encrypted_msg = aes.encrypt(original_msg, alg=alg) decrypted_msg = aes.decrypt(encrypted_msg, alg=alg) assert decrypted_msg == original_msg def test_aes_256_cfb(self): - original_msg = b'ToBeOrNotTobe W.S.' + original_msg = b"ToBeOrNotTobe W.S." key = os.urandom(32) aes = AESCipher(key) - alg = 'aes_256_cfb' + alg = "aes_256_cfb" encrypted_msg = aes.encrypt(original_msg, alg=alg) decrypted_msg = aes.decrypt(encrypted_msg, alg=alg) diff --git a/tests/test_93_hok.py b/tests/test_93_hok.py index 9d74f4906..aaf8ce0f3 100644 --- a/tests/test_93_hok.py +++ b/tests/test_93_hok.py @@ -1,7 +1,6 @@ #!/usr/bin/env python -# -*- coding: utf-8 -*- -from pathutils import dotname, full_path - +from pathutils import dotname +from pathutils import full_path from pytest import raises from saml2 import xmldsig as ds @@ -26,9 +25,7 @@ def test_valid_hok_response_is_parsed(self): actual_hok_certs = [ ki.x509_data[0].x509_certificate.text.strip() for sc in resp.assertion.subject.subject_confirmation - for ki in sc.subject_confirmation_data.extensions_as_elements( - ds.KeyInfo.c_tag, ds - ) + for ki in sc.subject_confirmation_data.extensions_as_elements(ds.KeyInfo.c_tag, ds) ] assert actual_hok_certs == self._expected_hok_certs() @@ -81,7 +78,7 @@ def _get_test_response(self, path): asynchop=False, allow_unsolicited=True, ) - with open(path, "r") as fp: + with open(path) as fp: authn_response_xml = fp.read() resp.loads(authn_response_xml, False) return resp diff --git a/tests/test_94_read_cert.py b/tests/test_94_read_cert.py new file mode 100644 index 000000000..0b26e9c39 --- /dev/null +++ b/tests/test_94_read_cert.py @@ -0,0 +1,69 @@ +from pathutils import full_path + +from saml2.cert import read_cert_from_file + + +def test_read_single_cert(): + cert = read_cert_from_file(full_path("test.pem")) + + assert cert == ( + "MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV" + "BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX" + "aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF" + "MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50" + "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB" + "gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy" + "3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN" + "efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G" + "A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs" + "iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt" + "U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw" + "mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6" + "h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5" + "U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6" + "mrPzGzk3ECbupFnqyREH3+ZPSdk=" + ) + + +def test_read_cert_chain(): + cert = read_cert_from_file(full_path("test_chain.pem")) + + assert cert == ( + "MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV" + "BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX" + "aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF" + "MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50" + "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB" + "gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy" + "3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN" + "efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G" + "A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs" + "iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt" + "U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw" + "mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6" + "h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5" + "U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6" + "mrPzGzk3ECbupFnqyREH3+ZPSdk=" + ) + + +def test_read_cert_chain_with_linebreaks(): + cert = read_cert_from_file(full_path("test_chain_with_linebreaks.pem")) + + assert cert == ( + "MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV" + "BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX" + "aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF" + "MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50" + "ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB" + "gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy" + "3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN" + "efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G" + "A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs" + "iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt" + "U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw" + "mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6" + "h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5" + "U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6" + "mrPzGzk3ECbupFnqyREH3+ZPSdk=" + ) diff --git a/tests/test_chain.pem b/tests/test_chain.pem new file mode 100644 index 000000000..6b206e47b --- /dev/null +++ b/tests/test_chain.pem @@ -0,0 +1,39 @@ +-----BEGIN CERTIFICATE----- +MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF +MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 +ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB +gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy +3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN +efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G +A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs +iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt +U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw +mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6 +h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5 +U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6 +mrPzGzk3ECbupFnqyREH3+ZPSdk= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIDnzCCAoegAwIBAgINSWITCHaai+Root+CAzANBgkqhkiG9w0BAQUFADBrMQsw +CQYDVQQGEwJDSDFAMD4GA1UEChM3U3dpdGNoIC0gVGVsZWluZm9ybWF0aWtkaWVu +c3RlIGZ1ZXIgTGVocmUgdW5kIEZvcnNjaHVuZzEaMBgGA1UEAxMRU1dJVENIYWFp +IFJvb3QgQ0EwHhcNMDgwNTE1MDYzMDAwWhcNMjgwNTE1MDYyOTU5WjBrMQswCQYD +VQQGEwJDSDFAMD4GA1UEChM3U3dpdGNoIC0gVGVsZWluZm9ybWF0aWtkaWVuc3Rl +IGZ1ZXIgTGVocmUgdW5kIEZvcnNjaHVuZzEaMBgGA1UEAxMRU1dJVENIYWFpIFJv +b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUSWbn/rhWew/s +LJRyciyRKDGyFXSgiDO/EohYuZLw6EAKLLlhZorNtEHQbbn0Oo13S33MclHMvGWT +KJM0u1hG+6gLy78EPmJbqAE1Uv23wVEH4SX0VJfl3JVqIebiAH/CjuLubgMUspDI +jOdQHNLS7pthTbm7Tgh7zMsiLPyMTZJep5CGbqv8NoK6bMaF0Z+Bt7e1JRlhHFCV +iJJaR/+hfpzLsJ8NWVivvrpRGaGJ1XR+9FGsTkjNdMCirNJJZ6XvUOe5w7pHSd9M +cppFP0eyLs02AMzMXI4iz6PK/w3EdzXGXpK+gSgvLxWYct4xHpv1e2NXhNgdJOSN +9ra/wJLVAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG +MB0GA1UdDgQWBBTpmuIGWOsP14EDXVyXubG1k307hDANBgkqhkiG9w0BAQUFAAOC +AQEAMV/eIW6pFB+mbk7rD7hUPTWDRaoca3kHqmFGFnHfuY8+c0/Mqjh8Y/jyX1yb +f58crTSWrbyGbUZ3oxDGQ34tuZSkmeR32NqryiX3sP5qlNSozVguQKt8o4vhS1Qe +WPsXALs3em2pdKuIGSOpbuDnopPcmU2g5Zi2R5P7qpKDKAKtNUEwV+LW7GBMEksO +Nj7BFXk4AFBFBijaYJGgHmoKSImVgeNIvsV+BSv5HJ4q6vcxfnwuvvGHM0AGphYO +6f5qtHMUgvAblI8M/2QsBgethaGrirtKJ3aCRLdaR2R1QfaGRpck/Ron5/MpMxiJ +wLT8YlW/zjx2yNABhPSAjfzeMw== +-----END CERTIFICATE----- diff --git a/tests/test_chain_with_linebreaks.pem b/tests/test_chain_with_linebreaks.pem new file mode 100644 index 000000000..68ec8a4d4 --- /dev/null +++ b/tests/test_chain_with_linebreaks.pem @@ -0,0 +1,51 @@ + + + + + + +-----BEGIN CERTIFICATE----- +MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV +BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF +MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50 +ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB +gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy +3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN +efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G +A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs +iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt +U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw +mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6 +h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5 +U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6 +mrPzGzk3ECbupFnqyREH3+ZPSdk= +-----END CERTIFICATE----- + + + +-----BEGIN CERTIFICATE----- +MIIDnzCCAoegAwIBAgINSWITCHaai+Root+CAzANBgkqhkiG9w0BAQUFADBrMQsw +CQYDVQQGEwJDSDFAMD4GA1UEChM3U3dpdGNoIC0gVGVsZWluZm9ybWF0aWtkaWVu +c3RlIGZ1ZXIgTGVocmUgdW5kIEZvcnNjaHVuZzEaMBgGA1UEAxMRU1dJVENIYWFp +IFJvb3QgQ0EwHhcNMDgwNTE1MDYzMDAwWhcNMjgwNTE1MDYyOTU5WjBrMQswCQYD +VQQGEwJDSDFAMD4GA1UEChM3U3dpdGNoIC0gVGVsZWluZm9ybWF0aWtkaWVuc3Rl +IGZ1ZXIgTGVocmUgdW5kIEZvcnNjaHVuZzEaMBgGA1UEAxMRU1dJVENIYWFpIFJv +b3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUSWbn/rhWew/s +LJRyciyRKDGyFXSgiDO/EohYuZLw6EAKLLlhZorNtEHQbbn0Oo13S33MclHMvGWT +KJM0u1hG+6gLy78EPmJbqAE1Uv23wVEH4SX0VJfl3JVqIebiAH/CjuLubgMUspDI +jOdQHNLS7pthTbm7Tgh7zMsiLPyMTZJep5CGbqv8NoK6bMaF0Z+Bt7e1JRlhHFCV +iJJaR/+hfpzLsJ8NWVivvrpRGaGJ1XR+9FGsTkjNdMCirNJJZ6XvUOe5w7pHSd9M +cppFP0eyLs02AMzMXI4iz6PK/w3EdzXGXpK+gSgvLxWYct4xHpv1e2NXhNgdJOSN +9ra/wJLVAgMBAAGjQjBAMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEG +MB0GA1UdDgQWBBTpmuIGWOsP14EDXVyXubG1k307hDANBgkqhkiG9w0BAQUFAAOC +AQEAMV/eIW6pFB+mbk7rD7hUPTWDRaoca3kHqmFGFnHfuY8+c0/Mqjh8Y/jyX1yb +f58crTSWrbyGbUZ3oxDGQ34tuZSkmeR32NqryiX3sP5qlNSozVguQKt8o4vhS1Qe +WPsXALs3em2pdKuIGSOpbuDnopPcmU2g5Zi2R5P7qpKDKAKtNUEwV+LW7GBMEksO +Nj7BFXk4AFBFBijaYJGgHmoKSImVgeNIvsV+BSv5HJ4q6vcxfnwuvvGHM0AGphYO +6f5qtHMUgvAblI8M/2QsBgethaGrirtKJ3aCRLdaR2R1QfaGRpck/Ron5/MpMxiJ +wLT8YlW/zjx2yNABhPSAjfzeMw== +-----END CERTIFICATE----- + + + diff --git a/tests/test_schema_validator.py b/tests/test_schema_validator.py new file mode 100644 index 000000000..ee1335832 --- /dev/null +++ b/tests/test_schema_validator.py @@ -0,0 +1,109 @@ +from pathutils import full_path as expand_full_path + +from pytest import mark +from pytest import raises + +from saml2 import create_class_from_xml_string +from saml2.saml import AttributeStatement +from saml2.sigver import validate_doc_with_schema +from saml2.xml.schema import XMLSchemaError +from saml2.xml.schema import validate as validate_doc_with_schema + + +@mark.parametrize("doc", ["invalid_metadata_file.xml", "empty_metadata_file.xml"]) +def test_invalid_saml_metadata_doc(doc): + with raises(XMLSchemaError): + validate_doc_with_schema(expand_full_path(doc)) + + +@mark.parametrize( + "doc", + [ + "InCommon-metadata.xml", + "idp.xml", + "idp_2.xml", + "idp_aa.xml", + "idp_all.xml", + "idp_example.xml", + "idp_soap.xml", + "entity_cat_re.xml", + "entity_cat_re_nren.xml", + "entity_cat_rs.xml", + "entity_cat_sfs_hei.xml", + "entity_esi_and_coco_sp.xml", + "entity_no_friendly_name_sp.xml", + "extended.xml", + "idp_slo_redirect.xml", + "idp_uiinfo.xml", + "metadata.aaitest.xml", + "metadata.xml", + "metadata_cert.xml", + "metadata_example.xml", + "metadata_sp_1.xml", + "metadata_sp_1_no_encryption.xml", + "metadata_sp_2.xml", + "metasp.xml", + "pdp_meta.xml", + "servera.xml", + "sp.xml", + "sp_slo_redirect.xml", + # XXX "swamid-1.0.xml", + # XXX "swamid-2.0.xml", + # TODO include the fed namespace + # TODO see https://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html + "urn-mace-swami.se-swamid-test-1.0-metadata.xml", + "uu.xml", + "vo_metadata.xml", + ], +) +def test_valid_saml_metadata_doc(doc): + result = validate_doc_with_schema(expand_full_path(doc)) + assert result == None + + +@mark.parametrize( + "doc", + [ + "attribute_response.xml", + "okta_response.xml", + "simplesamlphp_authnresponse.xml", + "saml2_response.xml", + "saml_false_signed.xml", + "saml_hok.xml", + "saml_hok_invalid.xml", + "saml_signed.xml", + "saml_unsigned.xml", + ], +) +def test_valid_saml_response_doc(doc): + result = validate_doc_with_schema(expand_full_path(doc)) + assert result == None + + +@mark.parametrize("doc", ["encrypted_attribute_statement.xml"]) +def test_valid_saml_partial_doc(doc): + result = validate_doc_with_schema(expand_full_path(doc)) + assert result == None + + +@mark.parametrize("doc", ["eidas_response.xml"]) +def test_valid_eidas_saml_response_doc(doc): + result = validate_doc_with_schema(expand_full_path(doc)) + assert result == None + + +def test_namespace_processing(): + elem = create_class_from_xml_string( + AttributeStatement, + """ + + + alum11 + + + + + + """, + ) + validate_doc_with_schema(str(elem)) diff --git a/tests/test_xmlsec1_key_data.py b/tests/test_xmlsec1_key_data.py index 2149659f9..e8e9de85f 100644 --- a/tests/test_xmlsec1_key_data.py +++ b/tests/test_xmlsec1_key_data.py @@ -1,17 +1,14 @@ -from datetime import datetime -from dateutil import parser from unittest.mock import Mock from unittest.mock import patch +from pathutils import dotname +from pathutils import full_path from pytest import raises from saml2.config import config_factory from saml2.response import authn_response from saml2.sigver import SignatureError -from pathutils import dotname -from pathutils import full_path - SIGNED_RESPONSE_HMAC = full_path("xmlsec1-keydata/signed-response-with-hmac.xml") SIGNED_ASSERTION_HMAC = full_path("xmlsec1-keydata/signed-assertion-with-hmac.xml") @@ -19,7 +16,7 @@ class TestAuthnResponse: - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_response_with_hmac_should_fail(self, mock_validate_on_or_after): conf = config_factory("sp", dotname("server_conf")) ar = authn_response(conf, return_addrs="https://example.org/acs/post") @@ -38,7 +35,7 @@ def test_signed_response_with_hmac_should_fail(self, mock_validate_on_or_after): assert ar.ava is None assert ar.name_id is None - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_assertion_with_hmac_should_fail(self, mock_validate_on_or_after): conf = config_factory("sp", dotname("server_conf")) ar = authn_response(conf, return_addrs="https://example.org/acs/post") @@ -59,7 +56,7 @@ def test_signed_assertion_with_hmac_should_fail(self, mock_validate_on_or_after) assert ar.ava is None assert ar.name_id is None - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_assertion_with_random_embedded_cert_should_be_ignored(self, mock_validate_on_or_after): """ if the embedded cert is not ignored then verification will fail diff --git a/tests/test_xsw.py b/tests/test_xsw.py index 0e92a5bd1..5d6ca1ac8 100644 --- a/tests/test_xsw.py +++ b/tests/test_xsw.py @@ -1,18 +1,14 @@ -from datetime import datetime from unittest.mock import Mock from unittest.mock import patch +from pathutils import dotname +from pathutils import full_path +from pytest import raises + from saml2.config import config_factory from saml2.response import authn_response from saml2.sigver import SignatureError -from dateutil import parser - -from pytest import raises - -from pathutils import dotname -from pathutils import full_path - SIGNED_XSW_ASSERTION_WRAPPER = full_path("xsw/signed-xsw-assertion-wrapper.xml") SIGNED_XSW_ASSERTION_EXTENSIONS = full_path("xsw/signed-xsw-assertion-extensions.xml") @@ -27,7 +23,7 @@ def setup_class(self): self.conf = config_factory("sp", dotname("server_conf")) self.ar = authn_response(self.conf, return_addrs="https://example.org/acs/post") - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_xsw_assertion_wrapper_should_fail(self, mock_validate_on_or_after): self.ar.issue_instant_ok = Mock(return_value=True) @@ -38,9 +34,9 @@ def test_signed_xsw_assertion_wrapper_should_fail(self, mock_validate_on_or_afte self.ar.timeslack = 10000 self.ar.loads(xml_response, decode=False) - assert self.ar.came_from == 'http://localhost:8088/sso' + assert self.ar.came_from == "http://localhost:8088/sso" assert self.ar.session_id() == "id-abc" - assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' + assert self.ar.issuer() == "urn:mace:example.com:saml:roland:idp" with raises(SignatureError): self.ar.verify() @@ -48,7 +44,7 @@ def test_signed_xsw_assertion_wrapper_should_fail(self, mock_validate_on_or_afte assert self.ar.ava is None assert self.ar.name_id is None - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_xsw_assertion_extensions_should_fail(self, mock_validate_on_or_after): self.ar.issue_instant_ok = Mock(return_value=True) @@ -59,9 +55,9 @@ def test_signed_xsw_assertion_extensions_should_fail(self, mock_validate_on_or_a self.ar.timeslack = 10000 self.ar.loads(xml_response, decode=False) - assert self.ar.came_from == 'http://localhost:8088/sso' + assert self.ar.came_from == "http://localhost:8088/sso" assert self.ar.session_id() == "id-abc" - assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' + assert self.ar.issuer() == "urn:mace:example.com:saml:roland:idp" with raises(SignatureError): self.ar.verify() @@ -69,7 +65,7 @@ def test_signed_xsw_assertion_extensions_should_fail(self, mock_validate_on_or_a assert self.ar.ava is None assert self.ar.name_id is None - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_xsw_assertion_assertion_should_fail(self, mock_validate_on_or_after): self.ar.issue_instant_ok = Mock(return_value=True) @@ -80,9 +76,9 @@ def test_signed_xsw_assertion_assertion_should_fail(self, mock_validate_on_or_af self.ar.timeslack = 10000 self.ar.loads(xml_response, decode=False) - assert self.ar.came_from == 'http://localhost:8088/sso' + assert self.ar.came_from == "http://localhost:8088/sso" assert self.ar.session_id() == "id-abc" - assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' + assert self.ar.issuer() == "urn:mace:example.com:saml:roland:idp" with raises(SignatureError): self.ar.verify() @@ -96,7 +92,7 @@ def setup_class(self): self.conf = config_factory("sp", dotname("server_conf")) self.ar = authn_response(self.conf, return_addrs="https://example.org/acs/post") - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_assertion_first_sig_should_fail(self, mock_validate_on_or_after): self.ar.issue_instant_ok = Mock(return_value=True) @@ -107,9 +103,9 @@ def test_signed_assertion_first_sig_should_fail(self, mock_validate_on_or_after) self.ar.timeslack = 10000 self.ar.loads(xml_response, decode=False) - assert self.ar.came_from == 'http://localhost:8088/sso' + assert self.ar.came_from == "http://localhost:8088/sso" assert self.ar.session_id() == "id-abc" - assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' + assert self.ar.issuer() == "urn:mace:example.com:saml:roland:idp" with raises(SignatureError): self.ar.verify() @@ -117,7 +113,7 @@ def test_signed_assertion_first_sig_should_fail(self, mock_validate_on_or_after) assert self.ar.ava is None assert self.ar.name_id is None - @patch('saml2.response.validate_on_or_after', return_value=True) + @patch("saml2.response.validate_on_or_after", return_value=True) def test_signed_response_first_sig_should_fail(self, mock_validate_on_or_after): self.ar.issue_instant_ok = Mock(return_value=True) diff --git a/tests/vo_metadata.xml b/tests/vo_metadata.xml index fafc4c04d..99556204f 100644 --- a/tests/vo_metadata.xml +++ b/tests/vo_metadata.xml @@ -1,11 +1,11 @@ - urn:mace:example.com:saml:aa diff --git a/tools/data/requested_attributes.xsd b/tools/data/requested_attributes.xsd deleted file mode 100644 index b796f3d38..000000000 --- a/tools/data/requested_attributes.xsd +++ /dev/null @@ -1,28 +0,0 @@ - - - - - - - - - - - - - - - - - - - - diff --git a/tools/data/sp_type.xsd b/tools/data/sp_type.xsd deleted file mode 100644 index dbb1418df..000000000 --- a/tools/data/sp_type.xsd +++ /dev/null @@ -1,16 +0,0 @@ - - - - - - - - - - diff --git a/tools/make_metadata.py b/tools/make_metadata.py deleted file mode 100755 index 147425fe5..000000000 --- a/tools/make_metadata.py +++ /dev/null @@ -1,85 +0,0 @@ -#!/usr/bin/env python -import argparse -import os -import sys -from saml2.metadata import entity_descriptor, metadata_tostring_fix -from saml2.metadata import entities_descriptor -from saml2.metadata import sign_entity_descriptor - -from saml2.sigver import security_context -from saml2.validate import valid_instance -from saml2.config import Config - -# ============================================================================= -# Script that creates a SAML2 metadata file from a pysaml2 entity configuration -# file -# ============================================================================= - -parser = argparse.ArgumentParser() -parser.add_argument('-v', dest='valid', - help="How long, in days, the metadata is valid from the time of creation") -parser.add_argument('-c', dest='cert', help='certificate') -parser.add_argument('-e', dest='ed', action='store_true', - help="Wrap the whole thing in an EntitiesDescriptor") -parser.add_argument('-i', dest='id', - help="The ID of the entities descriptor") -parser.add_argument('-k', dest='keyfile', - help="A file with a key to sign the metadata with") -parser.add_argument('-n', dest='name', default="") -parser.add_argument('-p', dest='path', - help="path to the configuration file") -parser.add_argument('-s', dest='sign', action='store_true', - help="sign the metadata") -parser.add_argument('-x', dest='xmlsec', - help="xmlsec binaries to be used for the signing") -parser.add_argument('-w', dest='wellknown', - help="Use wellknown namespace prefixes") -parser.add_argument(dest="config", nargs="+") -args = parser.parse_args() - -valid_for = 0 -nspair = {"xs": "http://www.w3.org/2001/XMLSchema"} -paths = [".", "/opt/local/bin"] - -if args.valid: - # translate into hours - valid_for = int(args.valid) * 24 - - -eds = [] -for filespec in args.config: - bas, fil = os.path.split(filespec) - if bas != "": - sys.path.insert(0, bas) - if fil.endswith(".py"): - fil = fil[:-3] - cnf = Config().load_file(fil) - if valid_for: - cnf.valid_for = valid_for - eds.append(entity_descriptor(cnf)) - -conf = Config() -conf.key_file = args.keyfile -conf.cert_file = args.cert -conf.debug = 1 -conf.xmlsec_binary = args.xmlsec -secc = security_context(conf) - -if args.id: - desc, xmldoc = entities_descriptor(eds, valid_for, args.name, args.id, - args.sign, secc) - valid_instance(desc) - xmldoc = metadata_tostring_fix(desc, nspair, xmldoc) - print(xmldoc.decode("utf-8")) -else: - for eid in eds: - if args.sign: - assert conf.key_file - assert conf.cert_file - eid, xmldoc = sign_entity_descriptor(eid, args.id, secc) - else: - xmldoc = None - - valid_instance(eid) - xmldoc = metadata_tostring_fix(eid, nspair, xmldoc) - print(xmldoc.decode("utf-8")) diff --git a/tools/mdexport.py b/tools/mdexport.py deleted file mode 100755 index a427af77f..000000000 --- a/tools/mdexport.py +++ /dev/null @@ -1,53 +0,0 @@ -#!/usr/bin/env python -from saml2.sigver import _get_xmlsec_cryptobackend -from saml2.sigver import SecurityContext -from saml2.httpbase import HTTPBase - -from saml2 import saml -from saml2 import md -from saml2.attribute_converter import ac_factory -from saml2 import xmldsig -from saml2 import xmlenc - -import argparse - -from saml2.mdstore import MetaDataFile, MetaDataExtern, load_extensions - -__author__ = 'rolandh' - -""" -A script that imports and verifies metadata and then dumps it in a basic -dictionary format. -""" - -parser = argparse.ArgumentParser() -parser.add_argument('-t', dest='type') -parser.add_argument('-u', dest='url') -parser.add_argument('-c', dest='cert') -parser.add_argument('-a', dest='attrsmap') -parser.add_argument('-o', dest='output') -parser.add_argument('-x', dest='xmlsec') -parser.add_argument(dest="item") -args = parser.parse_args() - - -metad = None - -if args.type == "local": - metad = MetaDataFile(args.item, args.item) -elif args.type == "external": - ATTRCONV = ac_factory(args.attrsmap) - httpc = HTTPBase() - crypto = _get_xmlsec_cryptobackend(args.xmlsec) - sc = SecurityContext(crypto) - metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc) - -if metad is not None: - metad.load() - txt = metad.dumps() - if args.output: - f = open(args.output, "w") - f.write(txt) - f.close() - else: - print(txt) diff --git a/tools/mdimport.py b/tools/mdimport.py deleted file mode 100755 index 4434b4aba..000000000 --- a/tools/mdimport.py +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env python -import time -from saml2.attribute_converter import ac_factory -from saml2.mdstore import MetaDataMD, MetaDataFile - -__author__ = 'rolandh' - -start = time.time() -for i in range(1, 10): - mdmd = MetaDataMD(ac_factory("../tests/attributemaps"), "swamid2.md") - mdmd.load() - - _ = mdmd.keys() - -print(time.time() - start) - -start = time.time() -for i in range(1, 10): - mdf = MetaDataFile(ac_factory("../tests/attributemaps"), - "../tests/swamid-2.0.xml") - mdf.load() - _ = mdf.keys() - -print(time.time() - start) diff --git a/tools/merge_metadata.py b/tools/merge_metadata.py deleted file mode 100755 index fc8430bff..000000000 --- a/tools/merge_metadata.py +++ /dev/null @@ -1,74 +0,0 @@ -#!/usr/bin/env python -from saml2.sigver import _get_xmlsec_cryptobackend, SecurityContext -from saml2.httpbase import HTTPBase -from saml2.attribute_converter import ac_factory -import argparse - -from saml2.mdstore import MetaDataFile, MetaDataExtern, MetadataStore - -__author__ = 'rolandh' - -""" -A script that imports and verifies metadata. -""" - -parser = argparse.ArgumentParser() -parser.add_argument('-a', dest='attrsmap') -parser.add_argument('-o', dest='output', default="local") -parser.add_argument('-x', dest='xmlsec') -parser.add_argument('-i', dest='ignore_valid', action='store_true') -parser.add_argument(dest="conf") -args = parser.parse_args() - -metad = None - -# config file format -# -# local -# remote -# -# for instance -# -#local metadata_sp_1.xml -#local InCommon-metadata.xml -#remote https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2 kalmar2.pem -# - -ATTRCONV = ac_factory(args.attrsmap) - -mds = MetadataStore(None, None) - -for line in open(args.conf).readlines(): - line = line.strip() - if len(line) == 0: - continue - elif line[0] == "#": - continue - spec = line.split(" ") - - if args.ignore_valid: - kwargs = {"check_validity": False} - else: - kwargs = {} - - if spec[0] == "local": - metad = MetaDataFile(spec[1], spec[1], **kwargs) - elif spec[0] == "remote": - ATTRCONV = ac_factory(args.attrsmap) - httpc = HTTPBase() - crypto = _get_xmlsec_cryptobackend(args.xmlsec) - sc = SecurityContext(crypto, key_type="", cert_type="") - metad = MetaDataExtern(ATTRCONV, spec[1], sc, cert=spec[2], http=httpc, - **kwargs) - - if metad is not None: - try: - metad.load() - except: - raise - - mds.metadata[spec[1]] = metad - -print(mds.dumps(args.output)) - - diff --git a/tools/verify_metadata.py b/tools/verify_metadata.py deleted file mode 100755 index c13b7acc9..000000000 --- a/tools/verify_metadata.py +++ /dev/null @@ -1,65 +0,0 @@ -#!/usr/bin/env python - -import argparse - -from saml2.attribute_converter import ac_factory -from saml2.httpbase import HTTPBase - -from saml2.sigver import _get_xmlsec_cryptobackend -from saml2.sigver import SecurityContext - -from saml2.mdstore import MetaDataFile -from saml2.mdstore import MetaDataExtern - -__author__ = 'rolandh' - -""" -A script that imports and verifies metadata. -""" - - -parser = argparse.ArgumentParser() -parser.add_argument('-t', dest='type') -parser.add_argument('-u', dest='url') -parser.add_argument('-c', dest='cert') -parser.add_argument('-a', dest='attrsmap') -parser.add_argument('-o', dest='output') -parser.add_argument('-x', dest='xmlsec') -parser.add_argument('-i', dest='ignore_valid', action='store_true') -parser.add_argument(dest="item") -args = parser.parse_args() - - -metad = None - -if args.ignore_valid: - kwargs = {"check_validity": False} -else: - kwargs = {} - -if args.type == "local": - if args.cert and args.xmlsec: - crypto = _get_xmlsec_cryptobackend(args.xmlsec) - sc = SecurityContext(crypto) - metad = MetaDataFile(args.item, args.item, cert=args.cert, security=sc, - **kwargs) - else: - metad = MetaDataFile(args.item, args.item, **kwargs) -elif args.type == "external": - ATTRCONV = ac_factory(args.attrsmap) - httpc = HTTPBase() - crypto = _get_xmlsec_cryptobackend(args.xmlsec) - sc = SecurityContext(crypto) - metad = MetaDataExtern(ATTRCONV, args.url, sc, cert=args.cert, http=httpc, - **kwargs) - -if metad: - try: - metad.load() - except: - raise - else: - print("OK") - - - diff --git a/tox.ini b/tox.ini deleted file mode 100644 index dbaca41ea..000000000 --- a/tox.ini +++ /dev/null @@ -1,22 +0,0 @@ -[tox] -envlist = - py36 - py37 - py38 - py39 - py310 - pypy3 - -[testenv] -deps = -r tests/test-requirements.txt -whitelist_externals = - tox - xmlsec1 -commands = - xmlsec1 --version - python --version - pytest --version - tox --version - pip --version - pip freeze - pytest --cov={envsitepackagesdir}/saml2 -vvv -ra {posargs:tests/}
%s%s{str(prop)}{valarr}%s\n" % (len(valarr), prop)) + txt.append(f"{prop}\n") else: txt.append("
%s{val}
%s{prop}\n") txt.extend(dict_to_table(valarr, lev + 1, width - 1)) txt.append("RolandroalndHedbergRolandroalndHedberg