diff options
| author | Emmanuel Raviart <eraviart@entrouvert.com> | 2004-08-04 19:55:17 +0000 |
|---|---|---|
| committer | Emmanuel Raviart <eraviart@entrouvert.com> | 2004-08-04 19:55:17 +0000 |
| commit | 6f48cba5e81959bf43bf6a0d668f9bda1e4545b8 (patch) | |
| tree | 0a9f23507b1edd624a50448b1fb57f86a67be534 /python | |
| parent | 3e411cc8ef1d2c6088df57ea6f5bd8f0f98f4c79 (diff) | |
| download | lasso-6f48cba5e81959bf43bf6a0d668f9bda1e4545b8.tar.gz lasso-6f48cba5e81959bf43bf6a0d668f9bda1e4545b8.tar.xz lasso-6f48cba5e81959bf43bf6a0d668f9bda1e4545b8.zip | |
Python binding now raises exceptions instead of returning error codes.
Close bug #237.
Diffstat (limited to 'python')
| -rw-r--r-- | python/lasso.py | 198 | ||||
| -rw-r--r-- | python/tests/login_tests.py | 87 |
2 files changed, 170 insertions, 115 deletions
diff --git a/python/lasso.py b/python/lasso.py index a26df50a..937e4736 100644 --- a/python/lasso.py +++ b/python/lasso.py @@ -39,16 +39,24 @@ _initialized = False class Error(Exception): code = None # Use negative error codes for binding specific errors. - msg = None + functionName = None - def __init__(self, msg=None): - if msg is not None: - self.msg = msg + def __init__(self, functionName): + self.functionName = functionName def __str__(self): return repr(self.msg) +class ErrorUnknown(Error): + def __init__(self, code, functionName): + ErrorUnknown.__init__(functionName) + self.code = code + + def __str__(self): + return 'Unknown error number %d in Lasso function %s' % (self.code, self.functionName) + + class ErrorLassoAlreadyInitialized(Error): code = -1 msg = 'Lasso already initialized' @@ -61,17 +69,18 @@ class ErrorLassoNotInitialized(Error): class ErrorInstanceCreationFailed(Error): code = -3 - functionName = None - - def __init__(self, functionName): - self.functionName = functionName def __str__(self, functionName): return 'Instance creation failed in Lasso function %s()' % self.functionName +def newError(code, functionName): + # FIXME: Use proper ErrorClass, when Lasso will have well defined error codes. + return ErrorUnknown(code, functionName) + + ################################################################################ -# Functions +# Initialization ################################################################################ @@ -932,8 +941,9 @@ class Server: new_from_dump = classmethod(new_from_dump) def add_provider(self, metadata, public_key=None, certificate=None): - return lassomod.server_add_provider(self, metadata, - public_key, certificate) + errorCode = lassomod.server_add_provider(self, metadata, public_key, certificate) + if errorCode: + raise newError(errorCode, 'lasso_server_add_provider') def dump(self): return lassomod.server_dump(self) @@ -1075,16 +1085,24 @@ class Profile: return lassomod.profile_is_session_dirty(self) def set_identity(self, identity): - return lassomod.profile_set_identity(self, identity) + errorCode = lassomod.profile_set_identity(self, identity) + if errorCode: + raise newError(errorCode, 'lasso_profile_set_identity') def set_identity_from_dump(self, dump): - return lassomod.profile_set_identity_from_dump(self, dump) + errorCode = lassomod.profile_set_identity_from_dump(self, dump) + if errorCode: + raise newError(errorCode, 'lasso_profile_set_identity_from_dump') def set_session(self, session): - return lassomod.profile_set_session(self, session) + errorCode = lassomod.profile_set_session(self, session) + if errorCode: + raise newError(errorCode, 'lasso_profile_set_session') def set_session_from_dump(self, dump): - return lassomod.profile_set_session_from_dump(self, dump) + errorCode = lassomod.profile_set_session_from_dump(self, dump) + if errorCode: + raise newError(errorCode, 'lasso_profile_set_session_from_dump') ## login loginProtocolProfileBrwsArt = 1 @@ -1145,51 +1163,70 @@ class Login(Profile): new_from_dump = classmethod(new_from_dump) def accept_sso(self): - return lassomod.login_accept_sso(self) + errorCode = lassomod.login_accept_sso(self) + if errorCode: + raise newError(errorCode, 'lasso_login_accept_sso') def build_artifact_msg(self, authentication_result, authenticationMethod, reauthenticateOnOrAfter, method): - return lassomod.login_build_artifact_msg(self, authentication_result, - authenticationMethod, - reauthenticateOnOrAfter, - method) + errorCode = lassomod.login_build_artifact_msg( + self, authentication_result, authenticationMethod, reauthenticateOnOrAfter, method) + if errorCode: + raise newError(errorCode, 'lasso_login_build_artifact_msg') def build_authn_request_msg(self): - return lassomod.login_build_authn_request_msg(self) + errorCode = lassomod.login_build_authn_request_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_login_build_authn_request_msg') def build_authn_response_msg(self, authentication_result, authenticationMethod, reauthenticateOnOrAfter): - return lassomod.login_build_authn_response_msg(self, authentication_result, - authenticationMethod, - reauthenticateOnOrAfter) + errorCode = lassomod.login_build_authn_response_msg( + self, authentication_result, authenticationMethod, reauthenticateOnOrAfter) + if errorCode: + raise newError(errorCode, 'lasso_login_build_authn_response_msg') def build_request_msg(self): - return lassomod.login_build_request_msg(self) + errorCode = lassomod.login_build_request_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_login_build_request_msg') def dump(self): return lassomod.login_dump(self) def init_authn_request(self, remote_providerID): - return lassomod.login_init_authn_request(self, remote_providerID) + errorCode = lassomod.login_init_authn_request(self, remote_providerID) + if errorCode: + raise newError(errorCode, 'lasso_login_init_authn_request') def init_from_authn_request_msg(self, authn_request_msg, authn_request_method): - return lassomod.login_init_from_authn_request_msg(self, authn_request_msg, - authn_request_method) + errorCode = lassomod.login_init_from_authn_request_msg( + self, authn_request_msg, authn_request_method) + if errorCode: + raise newError(errorCode, 'lasso_login_init_from_authn_request_msg') def init_request(self, response_msg, response_method): - return lassomod.login_init_request(self, response_msg, response_method) + errorCode = lassomod.login_init_request(self, response_msg, response_method) + if errorCode: + raise newError(errorCode, 'lasso_login_init_request') def must_authenticate(self): return lassomod.login_must_authenticate(self) def process_authn_response_msg(self, authn_response_msg): - return lassomod.login_process_authn_response_msg(self, authn_response_msg) + errorCode = lassomod.login_process_authn_response_msg(self, authn_response_msg) + if errorCode: + raise newError(errorCode, 'lasso_login_process_authn_response_msg') def process_request_msg(self, request_msg): - return lassomod.login_process_request_msg(self, request_msg) + errorCode = lassomod.login_process_request_msg(self, request_msg) + if errorCode: + raise newError(errorCode, 'lasso_login_process_request_msg') def process_response_msg(self, response_msg): - return lassomod.login_process_response_msg(self, response_msg) + errorCode = lassomod.login_process_response_msg(self, response_msg) + if errorCode: + raise newError(errorCode, 'lasso_login_process_response_msg') providerTypeNone = 0 @@ -1233,10 +1270,14 @@ class Logout(Profile): new = classmethod(new) def build_request_msg(self): - return lassomod.logout_build_request_msg(self) + errorCode = lassomod.logout_build_request_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_logout_build_request_msg') def build_response_msg(self): - return lassomod.logout_build_response_msg(self) + errorCode = lassomod.logout_build_response_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_logout_build_response_msg') def destroy(self): lassomod.logout_destroy(self); @@ -1245,16 +1286,24 @@ class Logout(Profile): return lassomod.logout_get_next_providerID(self); def init_request(self, remote_providerID = None): - return lassomod.logout_init_request(self, remote_providerID); + errorCode = lassomod.logout_init_request(self, remote_providerID); + if errorCode: + raise newError(errorCode, 'lasso_logout_init_request') def process_request_msg(self, request_msg, request_method): - return lassomod.logout_process_request_msg(self, request_msg, request_method); + errorCode = lassomod.logout_process_request_msg(self, request_msg, request_method); + if errorCode: + raise newError(errorCode, 'lasso_logout_process_request_msg') def validate_request(self): - return lassomod.logout_validate_request(self); + errorCode = lassomod.logout_validate_request(self); + if errorCode: + raise newError(errorCode, 'lasso_logout_validate_request') def process_response_msg(self, response_msg, response_method): - return lassomod.logout_process_response_msg(self, response_msg, response_method); + errorCode = lassomod.logout_process_response_msg(self, response_msg, response_method); + if errorCode: + raise newError(errorCode, 'lasso_logout_process_response_msg') class FederationTermination(Profile): """\brief Short desc @@ -1292,19 +1341,28 @@ class FederationTermination(Profile): new = classmethod(new) def build_notification_msg(self): - return lassomod.federation_termination_build_notification_msg(self) + errorCode = lassomod.federation_termination_build_notification_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_federation_termination_build_notification_msg') def destroy(self): lassomod.federation_termination_destroy(self) def init_notification(self, remote_providerID = None): - return lassomod.federation_termination_init_notification(self, remote_providerID) + errorCode = lassomod.federation_termination_init_notification(self, remote_providerID) + if errorCode: + raise newError(errorCode, 'lasso_federation_termination_init_notification') def load_notification_msg(self, notification_msg, notification_method): - return lassomod.federation_termination_load_notification_msg(self, notification_msg, notification_method) + errorCode = lassomod.federation_termination_load_notification_msg( + self, notification_msg, notification_method) + if errorCode: + raise newError(errorCode, 'lasso_federation_termination_load_notification_msg') def process_notification(self): - return lassomod.federation_termination_process_notification(self) + errorCode = lassomod.federation_termination_process_notification(self) + if errorCode: + raise newError(errorCode, 'lasso_federation_termination_process_notification') class RegisterNameIdentifier: @@ -1338,22 +1396,33 @@ class RegisterNameIdentifier: new = classmethod(new) def build_request_msg(self): - return lassomod.register_name_identifier_build_request_msg(self) + errorCode = lassomod.register_name_identifier_build_request_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_register_name_identifier_build_request_msg') def build_response_msg(self): - return lassomod.register_name_identifier_build_response_msg(self) + errorCode = lassomod.register_name_identifier_build_response_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_register_name_identifier_build_response_msg') def destroy(self): pass def init_request(self, remote_providerID): - return lassomod.register_name_identifier_init_request(self, remote_providerID) + errorCode = lassomod.register_name_identifier_init_request(self, remote_providerID) + if errorCode: + raise newError(errorCode, 'lasso_register_name_identifier_init_request') def process_request(self): - return lassomod.register_name_identifier_process_request(self) + errorCode = lassomod.register_name_identifier_process_request(self) + if errorCode: + raise newError(errorCode, 'lasso_register_name_identifier_process_request') def process_response_msg(self, response_msg, response_method): - return lassomod.register_name_identifier_process_response_msg(self, response_msg, response_method) + errorCode = lassomod.register_name_identifier_process_response_msg( + self, response_msg, response_method) + if errorCode: + raise newError(errorCode, 'lasso_register_name_identifier_process_response_msg') class Lecp: """\brief Short desc @@ -1388,31 +1457,48 @@ class Lecp: new = classmethod(new) def build_authn_request_envelope_msg(self): - return lassomod.lecp_build_authn_request_envelope_msg(self) + errorCode = lassomod.lecp_build_authn_request_envelope_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_lecp_build_authn_request_envelope_msg') def build_authn_response_envelope_msg(self): - return lassomod.lecp_build_authn_response_envelope_msg(self) + errorCode = lassomod.lecp_build_authn_response_envelope_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_lecp_build_authn_response_envelope_msg') def build_authn_request_msg(self): - return lassomod.lecp_build_authn_request_msg(self) + errorCode = lassomod.lecp_build_authn_request_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_lecp_build_authn_request_msg') def build_authn_response_msg(self): - return lassomod.lecp_build_authn_response_msg(self) + errorCode = lassomod.lecp_build_authn_response_msg(self) + if errorCode: + raise newError(errorCode, 'lasso_lecp_build_authn_response_msg') def destroy(self): lassomod.lecp_destroy(self) def init_authn_request(self, remote_providerID): - return lassomod.lecp_init_authn_request(self, remote_providerID) + errorCode = lassomod.lecp_init_authn_request(self, remote_providerID) + if errorCode: + raise newError(errorCode, 'lasso_lecp_init_authn_request') def init_from_authn_request_msg(self, authn_request_msg, authn_request_method): - return lassomod.lecp_init_from_authn_request_msg(self, authn_request_msg, authn_request_method) + errorCode = lassomod.lecp_init_from_authn_request_msg( + self, authn_request_msg, authn_request_method) + if errorCode: + raise newError(errorCode, 'lasso_lecp_init_from_authn_request_msg') def process_authn_request_envelope_msg(self, request_msg): - return lassomod.lecp_process_authn_request_envelope_msg(self, request_msg) - + errorCode = lassomod.lecp_process_authn_request_envelope_msg(self, request_msg) + if errorCode: + raise newError(errorCode, 'lasso_lecp_process_authn_request_envelope_msg') + def process_authn_response_envelope_msg(self, response_msg): - return lassomod.lecp_process_authn_response_envelope_msg(self, response_msg) + errorCode = lassomod.lecp_process_authn_response_envelope_msg(self, response_msg) + if errorCode: + raise newError(errorCode, 'lasso_lecp_process_authn_response_envelope_msg') if not _initialized: diff --git a/python/tests/login_tests.py b/python/tests/login_tests.py index 6985b2d4..a211ceb6 100644 --- a/python/tests/login_tests.py +++ b/python/tests/login_tests.py @@ -39,7 +39,6 @@ import lasso class TestCase(unittest.TestCase): def generateIdpServer(self): idpServer = lasso.Server.new_from_dump(self.generateIdpServerDump()) - self.failUnless(idpServer) return idpServer def generateIdpServerDump(self): @@ -49,12 +48,10 @@ class TestCase(unittest.TestCase): "../../examples/data/idp-private-key.pem", "../../examples/data/idp-crt.pem", lasso.signatureMethodRsaSha1) - self.failUnless(idpServer) - errorCode = idpServer.add_provider( + idpServer.add_provider( "../../examples/data/sp-metadata.xml", "../../examples/data/sp-public-key.pem", "../../examples/data/ca-crt.pem") - self.failUnlessEqual(errorCode, 0) idpServerDump = idpServer.dump() self.failUnless(idpServerDump) idpServer.destroy() @@ -62,7 +59,6 @@ class TestCase(unittest.TestCase): def generateSpServer(self): spServer = lasso.Server.new_from_dump(self.generateSpServerDump()) - self.failUnless(spServer) return spServer def generateSpServerDump(self): @@ -72,12 +68,10 @@ class TestCase(unittest.TestCase): "../../examples/data/sp-private-key.pem", "../../examples/data/sp-crt.pem", lasso.signatureMethodRsaSha1) - self.failUnless(spServer) - errorCode = spServer.add_provider( + spServer.add_provider( "../../examples/data/idp-metadata.xml", "../../examples/data/idp-public-key.pem", "../../examples/data/ca-crt.pem") - self.failUnlessEqual(errorCode, 0) spServerDump = spServer.dump() self.failUnless(spServerDump) spServer.destroy() @@ -94,22 +88,19 @@ class LoginTestCase(TestCase): def idpSingleSignOnForRedirect(self, authnRequestQuery, identityDump, sessionDump): idpServer = self.generateIdpServer() idpLogin = lasso.Login.new(idpServer) - self.failUnless(idpLogin) if identityDump is not None: idpLogin.set_identity_from_dump(identityDump) if sessionDump is not None: idpLogin.set_session_from_dump(sessionDump) - errorCode = idpLogin.init_from_authn_request_msg( + idpLogin.init_from_authn_request_msg( authnRequestQuery, lasso.httpMethodRedirect) - self.failUnlessEqual(errorCode, 0) return idpLogin def idpSingleSignOn_part2ForArtifactRedirect( self, idpLogin, userAuthenticated, authenticationMethod): - errorCode = idpLogin.build_artifact_msg( + idpLogin.build_artifact_msg( userAuthenticated, authenticationMethod, "FIXME: reauthenticateOnOrAfter", lasso.httpMethodRedirect) - self.failUnlessEqual(errorCode, 0) idpIdentityDump = idpLogin.get_identity().dump() self.failUnless(idpIdentityDump) self.failUnless(idpLogin.is_session_dirty()) @@ -130,9 +121,7 @@ class LoginTestCase(TestCase): self.failUnlessEqual(requestType, lasso.requestTypeLogin) idpServer = self.generateIdpServer() idpLogin = lasso.Login.new(idpServer) - self.failUnless(idpLogin) - errorCode = idpLogin.process_request_msg(soapRequestMsg) - self.failUnlessEqual(errorCode, 0) + idpLogin.process_request_msg(soapRequestMsg) artifact = idpLogin.assertionArtifact self.failUnless(artifact) return idpLogin @@ -142,9 +131,7 @@ class LoginTestCase(TestCase): self.failUnlessEqual(requestType, lasso.requestTypeLogout) idpServer = self.generateIdpServer() idpLogout = lasso.Logout.new(idpServer, lasso.providerTypeIdp) - self.failUnless(idpLogout) - errorCode = idpLogout.process_request_msg(soapRequestMsg, lasso.httpMethodSoap) - self.failUnlessEqual(errorCode, 0) + idpLogout.process_request_msg(soapRequestMsg, lasso.httpMethodSoap) nameIdentifier = idpLogout.nameIdentifier self.failUnless(nameIdentifier) return idpLogout @@ -154,8 +141,7 @@ class LoginTestCase(TestCase): idpLogout.set_identity_from_dump(identityDump) if sessionDump is not None: idpLogout.set_session_from_dump(sessionDump) - errorCode = idpLogout.validate_request() - self.failUnlessEqual(errorCode, 0) + idpLogout.validate_request() idpIdentityDump = idpLogout.get_identity().dump() self.failUnless(idpIdentityDump) self.failUnless(idpLogout.is_session_dirty()) @@ -167,8 +153,7 @@ class LoginTestCase(TestCase): # FIXME: Handle the case where there are authentication assertions for other service # providers. self.failUnlessEqual(idpLogout.get_next_providerID(), None) - errorCode = idpLogout.build_response_msg() - self.failUnlessEqual(errorCode, 0) + idpLogout.build_response_msg() soapResponseMsg = idpLogout.msg_body self.failUnless(soapResponseMsg) return idpLogout @@ -176,10 +161,8 @@ class LoginTestCase(TestCase): def spAssertionConsumerForRedirect(self, responseQuery): spServer = self.generateSpServer() spLogin = lasso.Login.new(spServer) - errorCode = spLogin.init_request(responseQuery, lasso.httpMethodRedirect) - self.failUnlessEqual(errorCode, 0) - errorCode = spLogin.build_request_msg() - self.failUnlessEqual(errorCode, 0) + spLogin.init_request(responseQuery, lasso.httpMethodRedirect) + spLogin.build_request_msg() soapEndpoint = spLogin.msg_url self.failUnless(soapEndpoint) soapRequestMsg = spLogin.msg_body @@ -187,8 +170,7 @@ class LoginTestCase(TestCase): return spLogin def spAssertionConsumer_part2(self, spLogin, soapResponseMsg): - errorCode = spLogin.process_response_msg(soapResponseMsg) - self.failUnlessEqual(errorCode, 0) + spLogin.process_response_msg(soapResponseMsg) nameIdentifier = spLogin.nameIdentifier self.failUnless(nameIdentifier) return spLogin @@ -198,8 +180,7 @@ class LoginTestCase(TestCase): spLogin.set_identity_from_dump(identityDump) if sessionDump is not None: spLogin.set_session_from_dump(sessionDump) - errorCode = spLogin.accept_sso() - self.failUnlessEqual(errorCode, 0) + spLogin.accept_sso() spIdentity = spLogin.get_identity() self.failUnless(spIdentity) spIdentityDump = spIdentity.dump() @@ -216,18 +197,15 @@ class LoginTestCase(TestCase): def spLoginForRedirect(self): spServer = self.generateSpServer() spLogin = lasso.Login.new(spServer) - self.failUnless(spLogin) - errorCode = spLogin.init_authn_request( + spLogin.init_authn_request( "https://identity-provider:1998/liberty-alliance/metadata") - self.failUnlessEqual(errorCode, 0) self.failUnlessEqual(spLogin.request_type, lasso.messageTypeAuthnRequest) spLogin.request.set_isPassive(False) spLogin.request.set_nameIDPolicy(lasso.libNameIDPolicyTypeFederated) spLogin.request.set_consent(lasso.libConsentObtained) relayState = "fake" spLogin.request.set_relayState(relayState) - errorCode = spLogin.build_authn_request_msg() - self.failUnlessEqual(errorCode, 0) + spLogin.build_authn_request_msg() authnRequestUrl = spLogin.msg_url self.failUnless(authnRequestUrl) return spLogin @@ -235,15 +213,12 @@ class LoginTestCase(TestCase): def spLogoutForSoap(self, spIdentityDump, spSessionDump): spServer = self.generateSpServer() spLogout = lasso.Logout.new(spServer, lasso.providerTypeSp) - self.failUnless(spLogout) if spIdentityDump is not None: spLogout.set_identity_from_dump(spIdentityDump) if spSessionDump is not None: spLogout.set_session_from_dump(spSessionDump) - errorCode = spLogout.init_request() - self.failUnlessEqual(errorCode, 0) - errorCode = spLogout.build_request_msg() - self.failUnlessEqual(errorCode, 0) + spLogout.init_request() + spLogout.build_request_msg() soapEndpoint = spLogout.msg_url self.failUnless(soapEndpoint) soapRequestMsg = spLogout.msg_body @@ -251,8 +226,7 @@ class LoginTestCase(TestCase): return spLogout def spLogoutForSoap_part2(self, spLogout, soapResponseMsg): - errorCode = spLogout.process_response_msg(soapResponseMsg, lasso.httpMethodSoap) - self.failUnlessEqual(errorCode, 0) + spLogout.process_response_msg(soapResponseMsg, lasso.httpMethodSoap) self.failIf(spLogout.is_identity_dirty()) spIdentity = spLogout.get_identity() self.failUnless(spIdentity) @@ -285,7 +259,6 @@ class LoginTestCase(TestCase): authenticationMethod = lasso.samlAuthenticationMethodPassword idpServer = self.generateIdpServer() idpLogin = lasso.Login.new_from_dump(idpServer, idpLoginDump) - self.failUnless(idpLogin) self.failUnlessEqual(idpLogin.protocolProfile, lasso.loginProtocolProfileBrwsArt) idpLogin = self.idpSingleSignOn_part2ForArtifactRedirect( idpLogin, userAuthenticated, authenticationMethod) @@ -373,7 +346,7 @@ class LoginTestCase(TestCase): idpIdentityDump = """\ <LassoIdentity><LassoFederations><LassoFederation RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><LassoLocalNameIdentifier><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">NjMxMEMzRTlEMDA4NTNEMEZGNDI1MEM0QzY4NUNBNzY=</saml:NameIdentifier></LassoLocalNameIdentifier></LassoFederation></LassoFederations></LassoIdentity> """.strip() - self.failUnlessEqual(idpLogin.set_identity_from_dump(idpIdentityDump), 0) + idpLogin.set_identity_from_dump(idpIdentityDump) idpSessionDump = """ <LassoSession><LassoAssertions><LassoAssertion RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><lib:Assertion xmlns:lib="urn:liberty:iff:2003-08" AssertionID="Q0QxQzNFRTVGRTZEM0M0RjY2MTZDNTEwOUY4MDQzRTI=" MajorVersion="1" MinorVersion="2" IssueInstance="2004-08-02T18:51:43Z" Issuer="https://identity-provider:1998/liberty-alliance/metadata" InResponseTo="OEQ0OEUzODhGRTdGMEVFMzQ5Q0Q0QzYzQjk4MjUwNjQ="><lib:AuthenticationStatement xmlns:lib="urn:liberty:iff:2003-08" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2004-08-02T18:51:43Z" ReauthenticateOnOrAfter="FIXME: reauthenticateOnOrAfter"><lib:Subject xmlns:lib="urn:liberty:iff:2003-08"><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">NjMxMEMzRTlEMDA4NTNEMEZGNDI1MEM0QzY4NUNBNzY=</saml:NameIdentifier><lib:IDPProvidedNameIdentifier xmlns:lib="urn:liberty:iff:2003-08" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">NjMxMEMzRTlEMDA4NTNEMEZGNDI1MEM0QzY4NUNBNzY=</lib:IDPProvidedNameIdentifier><saml:SubjectConfirmation xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:SubjectConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:SubjectConfirmationMethod></saml:SubjectConfirmation></lib:Subject></lib:AuthenticationStatement><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> <SignedInfo> @@ -417,11 +390,10 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate> </Signature></lib:Assertion></LassoAssertion></LassoAssertions></LassoSession> """.strip() # " <-- Trick for Emacs Python mode. - self.failUnlessEqual(idpLogin.set_session_from_dump(idpSessionDump), 0) + idpLogin.set_session_from_dump(idpSessionDump) authnRequestQuery = """NameIDPolicy=federated&IsPassive=false&ProviderID=https%3A%2F%2Fservice-provider%3A2003%2Fliberty-alliance%2Fmetadata&consent=urn%3Aliberty%3Aconsent%3Aobtained&IssueInstance=2004-08-02T20%3A33%3A58Z&MinorVersion=2&MajorVersion=1&RequestID=ODVGNkUyMzY5N0MzOTY4QzZGOUYyNzEwRTJGMUNCQTI%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=fnSL5Mgp%2BV%2FtdUuYQJmFKvFY8eEco6sypmejvP4sD0v5ApywV94mUo6BxE29o1KW%0AGFXiMG7puhTwRSlKDo1vlh5iHNqVfjKcbx2XhfoDfplqLir102dyHxB5GedEQvqw%0AbTFtFrB6SnHi5facrYHCn7b58CxAWv9XW4DIfcVCOSma2OOBCm%2FzzCSiZpOtbRk9%0AveQzace41tDW0XLlbRdWpvwsma0yaYSkqYvTV3hmvgkWS5x9lzcm97oME4ywzwbU%0AJAyG8BkqMFoG7FPjwzR8qh7%2FWi%2BCzxxqfczxSGkUZUmsQdxyxazjhDpt1X8i5fan%0AnaF1vWF3GmS6G4t7mrkItA%3D%3D""" method = lasso.httpMethodRedirect - self.failUnlessEqual( - idpLogin.init_from_authn_request_msg(authnRequestQuery, method), 0) + idpLogin.init_from_authn_request_msg(authnRequestQuery, method) self.failIf(idpLogin.must_authenticate()) userAuthenticated = True authenticationMethod = lasso.samlAuthenticationMethodPassword @@ -483,14 +455,12 @@ CGb/HRUx5EPgbIy52G224ITlQWadD1Z6y4PFTowDjkaRVerjUVRJZ/a5QVNsI4Du requestType = lasso.get_request_type_from_soap_msg(soapRequestMessage) self.failUnlessEqual(requestType, lasso.requestTypeLogout) idpLogout = lasso.Logout.new(idpServer, lasso.providerTypeIdp) - self.failUnless(idpLogout) - self.failUnlessEqual( - idpLogout.process_request_msg(soapRequestMessage, lasso.httpMethodSoap), 0) + idpLogout.process_request_msg(soapRequestMessage, lasso.httpMethodSoap) self.failUnless(idpLogout.nameIdentifier) idpIdentityDump = """\ <LassoIdentity><LassoFederations><LassoFederation RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><LassoLocalNameIdentifier><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">QkM3M0M4MTYxREQzNEYwNEI4M0I4MUVERDUyQUUyMjA=</saml:NameIdentifier></LassoLocalNameIdentifier></LassoFederation></LassoFederations></LassoIdentity> """.strip() - self.failUnlessEqual(idpLogout.set_identity_from_dump(idpIdentityDump), 0) + idpLogout.set_identity_from_dump(idpIdentityDump) self.failUnlessEqual(idpLogout.get_identity().dump(), idpIdentityDump) idpSessionDump = """ <LassoSession><LassoAssertions><LassoAssertion RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><lib:Assertion xmlns:lib="urn:liberty:iff:2003-08" AssertionID="QUVENUJCNzRFOUQ3MEZFNEYzNUUwQTA5OTRGMEYzMDg=" MajorVersion="1" MinorVersion="2" IssueInstance="2004-08-03T11:55:55Z" Issuer="https://identity-provider:1998/liberty-alliance/metadata" InResponseTo="N0VEQzE0QUE1NTYwQTAzRjk4Njk3Q0JCRUU0RUZCQkY="><lib:AuthenticationStatement xmlns:lib="urn:liberty:iff:2003-08" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2004-08-03T11:55:55Z" ReauthenticateOnOrAfter="FIXME: reauthenticateOnOrAfter"><lib:Subject xmlns:lib="urn:liberty:iff:2003-08"><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">QkM3M0M4MTYxREQzNEYwNEI4M0I4MUVERDUyQUUyMjA=</saml:NameIdentifier><lib:IDPProvidedNameIdentifier xmlns:lib="urn:liberty:iff:2003-08" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">QkM3M0M4MTYxREQzNEYwNEI4M0I4MUVERDUyQUUyMjA=</lib:IDPProvidedNameIdentifier><saml:SubjectConfirmation xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:SubjectConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:SubjectConfirmationMethod></saml:SubjectConfirmation></lib:Subject></lib:AuthenticationStatement><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"> @@ -535,15 +505,15 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate> </Signature></lib:Assertion></LassoAssertion></LassoAssertions></LassoSession> """.strip() # " <-- Trick for Emacs Python mode. - self.failUnlessEqual(idpLogout.set_session_from_dump(idpSessionDump), 0) + idpLogout.set_session_from_dump(idpSessionDump) self.failUnlessEqual(idpLogout.get_session().dump(), idpSessionDump) - self.failUnlessEqual(idpLogout.validate_request(), 0) + idpLogout.validate_request() self.failIf(idpLogout.is_identity_dirty()) self.failUnless(idpLogout.is_session_dirty()) idpSessionDump = idpLogout.get_session().dump() self.failUnless(idpSessionDump) self.failIf(idpLogout.get_next_providerID()) - self.failUnlessEqual(idpLogout.build_response_msg(), 0) + idpLogout.build_response_msg() soapResponseMsg = idpLogout.msg_body self.failUnless(soapResponseMsg) @@ -602,8 +572,8 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate> # " <-- Trick for Emacs Python mode. spLogout.set_session_from_dump(spSessionDump) - self.failUnlessEqual(spLogout.init_request(), 0) - self.failUnlessEqual(spLogout.build_request_msg(), 0) + spLogout.init_request() + spLogout.build_request_msg() self.failUnless(spLogout.msg_url) self.failUnless(spLogout.msg_body) self.failUnless(spLogout.nameIdentifier) @@ -611,8 +581,7 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate> soapResponseMessage = """\ <soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"><soap-env:Body xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"><lib:LogoutResponse xmlns:lib="urn:liberty:iff:2003-08" ResponseID="NjcyNDYxQ0FCRTQwMUE0NjE4MzlFQjFDOTI2MTc3NjE=" MajorVersion="1" MinorVersion="2" IssueInstance="2004-08-04T00:03:20Z" InResponseTo="MzNCOTRBMjRCMDExN0MxODc1MUI5NjMwQjlCMTg1NzM=" Recipient="https://service-provider:2003/liberty-alliance/metadata"><lib:ProviderID>https://identity-provider:1998/liberty-alliance/metadata</lib:ProviderID><samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"><samlp:StatusCode xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" Value="Samlp:Success"/></samlp:Status></lib:LogoutResponse></soap-env:Body></soap-env:Envelope> """.strip() - self.failUnlessEqual( - spLogout.process_response_msg(soapResponseMessage, lasso.httpMethodSoap), 0) + spLogout.process_response_msg(soapResponseMessage, lasso.httpMethodSoap) self.failIf(spLogout.is_identity_dirty()) self.failUnless(spLogout.is_session_dirty()) spSessionDump = spLogout.get_session().dump() |