diff options
| author | Valery Febvre <vfebvre at easter-eggs.com> | 2004-05-06 15:45:16 +0000 |
|---|---|---|
| committer | Valery Febvre <vfebvre at easter-eggs.com> | 2004-05-06 15:45:16 +0000 |
| commit | 60cffeeeb185ec2b9c70d8018b2cc61f11e2f945 (patch) | |
| tree | 7d80c46f866dc0842378251da16e5a743f43ad7b /python | |
| parent | 71ed7f38a91309cd81daca5d2c697f21a6b646b7 (diff) | |
| download | lasso-60cffeeeb185ec2b9c70d8018b2cc61f11e2f945.tar.gz lasso-60cffeeeb185ec2b9c70d8018b2cc61f11e2f945.tar.xz lasso-60cffeeeb185ec2b9c70d8018b2cc61f11e2f945.zip | |
*** empty log message ***
Diffstat (limited to 'python')
| -rwxr-xr-x | python/examples/test.py | 24 | ||||
| -rw-r--r-- | python/lasso.py | 94 | ||||
| -rw-r--r-- | python/lasso_strings.py | 13 | ||||
| -rw-r--r-- | python/lassomod.c | 8 | ||||
| -rw-r--r-- | python/protocols/elements/py_authentication_statement.c | 14 | ||||
| -rw-r--r-- | python/protocols/py_authn_response.c | 32 | ||||
| -rw-r--r-- | python/protocols/py_authn_response.h | 3 | ||||
| -rwxr-xr-x | python/setup.py | 1 |
8 files changed, 115 insertions, 74 deletions
diff --git a/python/examples/test.py b/python/examples/test.py index 1373ca01..089c4b1d 100755 --- a/python/examples/test.py +++ b/python/examples/test.py @@ -17,13 +17,8 @@ req.set_requestAuthnContext(["test"], lasso.libAuthnContextComparisonExact) req.set_scoping(proxyCount=1) -# admiration du resultat -req.dump() - # url encodage + signature query = req.url_encode(1, "../../examples/rsakey.pem") - -print query req.destroy() # creation de la response AuthnResponse OU Response @@ -31,38 +26,39 @@ req.destroy() protocolProfile = lasso.authn_request_get_protocolProfile(query) if protocolProfile == lasso.libProtocolProfilePost: # partie IDP - res = lasso.AuthnResponse(query, "http://providerid.com") + res = lasso.AuthnResponse.new_from_request_query(query, "http://providerid.com") # verification de la signature de la query print res.verify_signature("../../examples/rsapub.pem", "../../examples/rsakey.pem") print res.must_authenticate(is_authenticated=0) res.process_authentication_result(0) + # dump pour envoi au SP + dump_response = res.dump() + res.destroy() + + res = lasso.AuthnResponse.new_from_dump(dump_response) # creation de l'assertion - assertion = lasso.Assertion("issuer", res.requestID) + assertion = lasso.Assertion("issuer", res.get_attr_value("InResponseTo")) authentication_statement = lasso.AuthenticationStatement("password", - "3", "tralala", "dslqkjfslfj", "http://service-provider.com", "federated", "wxkfjesmqfj", "http://idp-provider.com", - "federated", - "bearer") + "federated") assertion.add_authenticationStatement(authentication_statement) # ajout de l'assertion res.add_assertion(assertion, "../../examples/rsakey.pem", "../../examples/rsacert.pem") - # dump pour envoi au SP - dump_response = res.dump() # partie SP # Verification de la signature de l'assertion - print res.get_child("Assertion").verify_signature("../../examples/rootcert.pem") + print "Signature check: ", res.get_child("Assertion").verify_signature("../../examples/rootcert.pem") # recuperation du StatusCode status_code = res.get_child("StatusCode") # recuperation de la valeur de l'attribut "Value" - print status_code.get_attr_value("Value") + print "Resultat de la demande d'authentification:", status_code.get_attr_value("Value") res.destroy() else: print "La Response (par artifact) n'est pas encore implementée" diff --git a/python/lasso.py b/python/lasso.py index cc20815d..bf498859 100644 --- a/python/lasso.py +++ b/python/lasso.py @@ -82,6 +82,48 @@ class Node: return lassomod.node_verify_signature(self, certificate_file) +class SamlAssertion(Node): + def __init__(self, _obj=None): + """ + """ + if _obj != None: + self._o = _obj + return + _obj = lassomod.saml_assertion_new() + if _obj is None: raise Error('lasso_saml_assertion_new() failed') + Node.__init__(self, _obj=_obj) + + def add_authenticationStatement(self, authenticationStatement): + lassomod.saml_assertion_add_authenticationStatement(self, + authenticationStatement) + + +class SamlAuthenticationStatement(Node): + def __init__(self, _obj=None): + """ + """ + if _obj != None: + self._o = _obj + return + _obj = lassomod.saml_authentication_statement_new() + if _obj is None: raise Error('lasso_saml_authentication_statement_new() failed') + Node.__init__(self, _obj=_obj) + + +class LibAuthenticationStatement(SamlAuthenticationStatement): + def __init__(self, _obj=None): + """ + """ + if _obj != None: + self._o = _obj + return + _obj = lassomod.lib_authentication_statement_new() + if _obj is None: raise Error('lasso_saml_authentication_statement_new() failed') + SamlAuthenticationStatement.__init__(self, _obj=_obj) + def set_sessionIndex(self, sessionIndex): + lassomod.lib_authentication_statement_set_sessionIndex(self, sessionIndex) + + class LibAuthnRequest(Node): def __init__(self, _obj=None): """ @@ -179,34 +221,6 @@ class LibNameIdentifierMappingRequest(Node): lassomod.lib_name_identifier_mapping_request_set_consent(self, consent) -class SamlAssertion(Node): - def __init__(self, _obj=None): - """ - """ - if _obj != None: - self._o = _obj - return - _obj = lassomod.saml_assertion_new() - if _obj is None: raise Error('lasso_saml_assertion_new() failed') - Node.__init__(self, _obj=_obj) - - def add_authenticationStatement(self, authenticationStatement): - lassomod.saml_assertion_add_authenticationStatement(self, - authenticationStatement) - - -class SamlAuthenticationStatement(Node): - def __init__(self, _obj=None): - """ - """ - if _obj != None: - self._o = _obj - return - _obj = lassomod.saml_authentication_statement_new() - if _obj is None: raise Error('lasso_saml_authentication_statement_new() failed') - Node.__init__(self, _obj=_obj) - - class SamlNameIdentifier(Node): def __init__(self, _obj=None): """ @@ -254,16 +268,22 @@ class AuthnRequest(LibAuthnRequest): class AuthnResponse(Node): - def __init__(self, query, providerID, _obj=None): + def __init__(self, _obj): """ """ - if _obj != None: - self._o = _obj - return - _obj = lassomod.authn_response_new(query, providerID) - if _obj is None: raise Error('lasso_authn_response_new() failed') + self._o = _obj Node.__init__(self, _obj=_obj) + def new_from_dump(cls, buffer): + obj = lassomod.authn_response_new_from_dump(buffer) + return AuthnResponse(obj) + new_from_dump = classmethod(new_from_dump) + + def new_from_request_query(cls, query, providerID): + obj = lassomod.authn_response_new_from_request_query(query, providerID) + return AuthnResponse(obj) + new_from_request_query = classmethod(new_from_request_query) + def __isprivate(self, name): return name == '_o' @@ -461,7 +481,6 @@ class Assertion(SamlAssertion): class AuthenticationStatement(Node): def __init__(self, authenticationMethod, - sessionIndex, reauthenticateOnOrAfter, nameIdentifier, nameQualifier, @@ -469,7 +488,6 @@ class AuthenticationStatement(Node): idp_nameIdentifier, idp_nameQualifier, idp_format, - confirmationMethod, _obj=None): """ """ @@ -477,15 +495,13 @@ class AuthenticationStatement(Node): self._o = _obj return _obj = lassomod.authentication_statement_new(authenticationMethod, - sessionIndex, reauthenticateOnOrAfter, nameIdentifier, nameQualifier, format, idp_nameIdentifier, idp_nameQualifier, - idp_format, - confirmationMethod) + idp_format) if _obj is None: raise Error('lasso_authentication_statement_new() failed') Node.__init__(self, _obj=_obj) diff --git a/python/lasso_strings.py b/python/lasso_strings.py index d3498757..24c63fbb 100644 --- a/python/lasso_strings.py +++ b/python/lasso_strings.py @@ -128,3 +128,16 @@ samlAuthenticationMethodXkms = "urn:oasis:names:tc:SAML:1.0:am:XKMS" samlAuthenticationMethodXmlSign = "urn:ietf:rfc:3075" samlAuthenticationMethodUnspecified = "urn:oasis:names:tc:SAML:1.0:am:unspecified" +# * ConfirmationMethods */ +samlConfirmationMethodArtifact01 = "urn:oasis:names:tc:SAML:1.0:cm:artifact-01" +samlConfirmationMethodBearer = "urn:oasis:names:tc:SAML:1.1:cm:bearer" +samlConfirmationMethodHolderOfKey = "urn:oasis:names:tc:SAML:1.0:cm:holder-of-key" +samlConfirmationMethodSenderVouches = "urn:oasis:names:tc:SAML:1.0:cm:sender-vouches" + +# *****************************************************************************/ +# * SOAP */ +# *****************************************************************************/ + +# * prefix & href */ +soapEnvHRef = "http://schemas.xmlsoap.org/soap/envelope/" +soapEnvPrefix = "soap-env" diff --git a/python/lassomod.c b/python/lassomod.c index 62c628d1..b780b0ec 100644 --- a/python/lassomod.c +++ b/python/lassomod.c @@ -27,6 +27,7 @@ #include "py_lasso.h" #include "xml/py_xml.h" +#include "xml/py_lib_authentication_statement.h" #include "xml/py_lib_authn_request.h" #include "xml/py_lib_federation_termination_notification.h" #include "xml/py_lib_logout_request.h" @@ -68,6 +69,10 @@ static PyMethodDef lasso_methods[] = { {"node_soap_envelop", node_soap_envelop, METH_VARARGS}, {"node_verify_signature", node_verify_signature, METH_VARARGS}, + /* py_lib_authentication_statement.h */ + {"lib_authentication_statement_new", lib_authentication_statement_new, METH_VARARGS}, + {"lib_authentication_statement_set_sessionIndex", lib_authentication_statement_set_sessionIndex, METH_VARARGS}, + /* py_lib_authn_request.h */ {"lib_authn_request_new", lib_authn_request_new, METH_VARARGS}, {"lib_authn_request_set_forceAuthn", lib_authn_request_set_forceAuthn, METH_VARARGS}, @@ -119,7 +124,8 @@ static PyMethodDef lasso_methods[] = { /* py_authn_response.h */ {"authn_response_getattr", authn_response_getattr, METH_VARARGS}, - {"authn_response_new", authn_response_new, METH_VARARGS}, + {"authn_response_new_from_dump", authn_response_new_from_dump, METH_VARARGS}, + {"authn_response_new_from_request_query", authn_response_new_from_request_query, METH_VARARGS}, {"authn_response_add_assertion", authn_response_add_assertion, METH_VARARGS}, {"authn_response_must_authenticate", authn_response_must_authenticate, METH_VARARGS}, {"authn_response_process_authentication_result", authn_response_process_authentication_result, METH_VARARGS}, diff --git a/python/protocols/elements/py_authentication_statement.c b/python/protocols/elements/py_authentication_statement.c index 16ed4e13..acef02dc 100644 --- a/python/protocols/elements/py_authentication_statement.c +++ b/python/protocols/elements/py_authentication_statement.c @@ -43,7 +43,6 @@ PyObject *LassoAuthenticationStatement_wrap(LassoAuthenticationStatement *statem PyObject *authentication_statement_new(PyObject *self, PyObject *args) { const xmlChar *authenticationMethod; - const xmlChar *sessionIndex; const xmlChar *reauthenticateOnOrAfter; xmlChar *nameIdentifier; const xmlChar *nameQualifier; @@ -51,27 +50,22 @@ PyObject *authentication_statement_new(PyObject *self, PyObject *args) { xmlChar *idp_nameIdentifier; const xmlChar *idp_nameQualifier; const xmlChar *idp_format; - const xmlChar *confirmationMethod; LassoNode *statement; - if(!PyArg_ParseTuple(args, (char *) "ssssssssss:authentication_statement_new", - &authenticationMethod, &sessionIndex, - &reauthenticateOnOrAfter, + if(!PyArg_ParseTuple(args, (char *) "ssssssss:authentication_statement_new", + &authenticationMethod, &reauthenticateOnOrAfter, &nameIdentifier, &nameQualifier, &format, - &idp_nameIdentifier, &idp_nameQualifier, &idp_format, - &confirmationMethod)) + &idp_nameIdentifier, &idp_nameQualifier, &idp_format)) return NULL; statement = lasso_authentication_statement_new(authenticationMethod, - sessionIndex, reauthenticateOnOrAfter, nameIdentifier, nameQualifier, format, idp_nameIdentifier, idp_nameQualifier, - idp_format, - confirmationMethod); + idp_format); return (LassoAuthenticationStatement_wrap(LASSO_AUTHENTICATION_STATEMENT(statement))); } diff --git a/python/protocols/py_authn_response.c b/python/protocols/py_authn_response.c index 69cf9653..b8f70c76 100644 --- a/python/protocols/py_authn_response.c +++ b/python/protocols/py_authn_response.c @@ -61,8 +61,6 @@ PyObject *authn_response_getattr(PyObject *self, PyObject *args) { if (!strcmp(attr, "__members__")) return Py_BuildValue("[ss]", "requestID", "query"); - if (!strcmp(attr, "requestID")) - return (xmlCharPtr_wrap(reponse->requestID)); if (!strcmp(attr, "query")) return (xmlCharPtr_wrap(reponse->query)); @@ -72,19 +70,35 @@ PyObject *authn_response_getattr(PyObject *self, PyObject *args) { /******************************************************************************/ -PyObject *authn_response_new(PyObject *self, PyObject *args) { - xmlChar *query; - const xmlChar *providerID; +PyObject *authn_response_new_from_dump(PyObject *self, PyObject *args) { + xmlChar *buffer; + LassoNode *response; + + if (CheckArgs(args, "S:authn_response_new_from_dump")) { + if(!PyArg_ParseTuple(args, (char *) "s:authn_response_new_from_dump", + &buffer)) + return NULL; + } + else return NULL; + + response = lasso_authn_response_new_from_dump(buffer); + + return (LassoAuthnResponse_wrap(LASSO_AUTHN_RESPONSE(response))); +} + +PyObject *authn_response_new_from_request_query(PyObject *self, PyObject *args) { + xmlChar *query = NULL; + const xmlChar *providerID = NULL; LassoNode *response; - if (CheckArgs(args, "SS:authn_response_new")) { - if(!PyArg_ParseTuple(args, (char *) "ss:authn_response_new", &query, - &providerID)) + if (CheckArgs(args, "ss:authn_response_new_from_request_query")) { + if(!PyArg_ParseTuple(args, (char *) "zz:authn_response_new_from_request_query", + &query, &providerID)) return NULL; } else return NULL; - response = lasso_authn_response_new(query, providerID); + response = lasso_authn_response_new_from_request_query(query, providerID); return (LassoAuthnResponse_wrap(LASSO_AUTHN_RESPONSE(response))); } diff --git a/python/protocols/py_authn_response.h b/python/protocols/py_authn_response.h index fe85e839..79e3f20b 100644 --- a/python/protocols/py_authn_response.h +++ b/python/protocols/py_authn_response.h @@ -38,7 +38,8 @@ typedef struct { PyObject *LassoAuthnResponse_wrap(LassoAuthnResponse *response); PyObject *authn_response_getattr(PyObject *self, PyObject *args); -PyObject *authn_response_new(PyObject *self, PyObject *args); +PyObject *authn_response_new_from_dump(PyObject *self, PyObject *args); +PyObject *authn_response_new_from_request_query(PyObject *self, PyObject *args); PyObject *authn_response_add_assertion(PyObject *self, PyObject *args); PyObject *authn_response_must_authenticate(PyObject *self, PyObject *args); PyObject *authn_response_process_authentication_result(PyObject *self, PyObject *args); diff --git a/python/setup.py b/python/setup.py index dc1dfc95..a94d5190 100755 --- a/python/setup.py +++ b/python/setup.py @@ -189,6 +189,7 @@ libraries.append('lasso') em = Extension("lassomod", sources = ["py_lasso.c", "xml/py_xml.c", + "xml/py_lib_authentication_statement.c", "xml/py_lib_authn_request.c", "xml/py_lib_federation_termination_notification.c", "xml/py_lib_logout_request.c", |