entrouvert
/
lasso
16
0
Fork 0
Code Issues Pull Requests Releases Activity

Removed obsolete Python sample code.

This commit is contained in:
Emmanuel Raviart 2005-01-26 14:35:05 +00:00
parent 10d94be454
commit 46db75a3be
9 changed files with 0 additions and 446 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
python/examples/.cvsignore
View File

@ -1,2 +0,0 @@
Makefile
Makefile.in

8
python/examples/Makefile.am
View File

@ -1,8 +0,0 @@
EXTRA_DIST = \
defederation.py \
login.py \
logout.py \
mapping.py \
registration.py \
test.py \
user.py

44
python/examples/defederation.py
View File

@ -1,44 +0,0 @@
#! /usr/bin/env python
import sys
sys.path.insert(0, '../')
import lasso
spidentity_dump = "<LassoIdentity><LassoFederations><LassoFederation RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><LassoRemoteNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">1111111111111111111111111</NameIdentifier></LassoRemoteNameIdentifier></LassoFederation></LassoFederations></LassoIdentity>"
idpidentity_dump = "<LassoIdentity><LassoFederations><LassoFederation RemoteProviderID=\"https://service-provider:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">1111111111111111111111111</NameIdentifier></LassoLocalNameIdentifier></LassoFederation></LassoFederations></LassoIdentity>"
# SP :
spserver = lasso.Server.new("../../examples/sp.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
spserver.add_provider("../../examples/idp.xml", None, None)
spdefederation = lasso.FederationTermination.new(spserver, lasso.providerTypeSp)
spdefederation.set_identity_from_dump(spidentity_dump)
spdefederation.init_notification()
spdefederation.build_notification_msg()
print 'url : ', spdefederation.msg_url
print 'body : ', spdefederation.msg_body
notification_msg = spdefederation.msg_body
# IDP :
idpserver = lasso.Server.new("../../examples/idp.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
idpserver.add_provider("../../examples/sp.xml", None, None)
idpdefederation = lasso.FederationTermination.new(idpserver, lasso.providerTypeIdp)
idpdefederation.process_notification_msg(notification_msg, lasso.HTTP_METHOD_SOAP)
print 'NameIdentifier :', idpdefederation.nameIdentifier
idpdefederation.set_identity_from_dump(idpidentity_dump);
idpdefederation.validate_notification()
print 'End of federation termination notification'
lasso.shutdown()

100
python/examples/login.py
View File

@ -1,100 +0,0 @@
#! /usr/bin/env python
# -*- coding: utf-8 -*-
import sys
sys.path.insert(0, '../')
import string
import lasso
####################
# Service provider #
####################
server = lasso.Server.new("../../examples/sp.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
server.add_provider("../../examples/idp.xml", None, None)
server_dump = server.dump()
server.destroy()
# create AuthnRequest
server = lasso.Server.new_from_dump(server_dump)
splogin = lasso.Login.new(server)
ret = splogin.init_authn_request("https://identity-provider:2003/liberty-alliance/metadata")
splogin.request.set_isPassive(0)
splogin.request.set_forceAuthn(1)
splogin.request.set_nameIDPolicy(lasso.libNameIDPolicyTypeFederated)
splogin.request.set_relayState("fake")
splogin.request.set_consent(lasso.LIB_CONSENT_OBTAINED)
splogin.request.set_protocolProfile(lasso.LIB_PROTOCOL_PROFILE_BRWS_ART)
splogin.build_authn_request_msg()
print "message url =", splogin.msg_url
#####################
# Identity provider #
#####################
server = lasso.Server.new("../../examples/idp.xml",
None, "../../examples/rsakey.pem", "../../examples/rootcert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
server.add_provider("../../examples/sp.xml",
"../../examples/rsapub.pem", "../../examples/rsacert.pem")
# create AuthnResponse OR artifact (depending ProtocolProfile)
idplogin = lasso.Login.new(server)
# get query part in msg_url
authn_request_msg = string.split(splogin.msg_url, '?')[1]
ret = idplogin.init_from_authn_request_msg(authn_request_msg,
lasso.HTTP_METHOD_REDIRECT)
print "ProtocolProfile =", idplogin.protocolProfile
must_authenticate = idplogin.must_authenticate()
print "User must be authenticated =", must_authenticate
if idplogin.protocolProfile == lasso.LOGIN_PROTOCOL_PROFILE_BRWS_ART:
ret = idplogin.build_artifact_msg(1,
lasso.SAML_AUTHENTICATION_METHOD_PASSWORD,
"",
lasso.HTTP_METHOD_REDIRECT)
print "ret = %d, msg_url = %s" % (ret, idplogin.msg_url)
sess = idplogin.get_session()
print sess.providerIDs
####################
# Service provider #
####################
server = lasso.Server.new("../../examples/sp.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
server.add_provider("../../examples/idp.xml", None, None)
# create Request OR finish (if an authnResponse was received)
splogin = lasso.Login.new(server)
response_msg = string.split(idplogin.msg_url, '?')[1]
ret = splogin.init_request(response_msg,
lasso.HTTP_METHOD_REDIRECT)
ret = splogin.build_request_msg()
print "ret = %d, msg_url = %s, msg_body = %s" % (ret, splogin.msg_url, splogin.msg_body)
#####################
# Identity provider #
#####################
server = lasso.Server.new("../../examples/idp.xml",
None, "../../examples/rsakey.pem", "../../examples/rootcert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
server.add_provider("../../examples/sp.xml",
"../../examples/rsapub.pem", "../../examples/rsacert.pem")
# create Response
idplogin = lasso.Login.new(server)
ret = idplogin.process_request_msg(splogin.msg_body)
print "samlp:AssertionArtifact = %s" % idplogin.assertionArtifact

85
python/examples/logout.py
View File

@ -1,85 +0,0 @@
#! /usr/bin/env python
import sys
sys.path.insert(0, '../')
import lasso
# SP1 server and user :
sp1server = lasso.Server.new("../../examples/sp1.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
sp1server.add_provider("../../examples/idp.xml", None, None)
sp1user_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"C9DS8CD7CSD6CDSCKDKCS\"></Assertion></LassoAssertion></LassoAssertions><LassoIdentities><LassoIdentity RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><LassoRemoteNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">11111111111111111111111111</NameIdentifier></LassoRemoteNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
# SP2 server and user :
sp2server = lasso.Server.new("../../examples/sp2.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
sp2server.add_provider("../../examples/idp.xml", None, None)
sp2user_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"4IK43JCJSDCSDKCSCSDL\"></Assertion></LassoAssertion></LassoAssertions><LassoIdentities><LassoIdentity RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><LassoRemoteNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">222222222222222222222222</NameIdentifier></LassoRemoteNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
# IDP server and user :
idpserver = lasso.Server.new("../../examples/idp.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
idpserver.add_provider("../../examples/sp1.xml", None, None)
idpserver.add_provider("../../examples/sp2.xml", None, None)
idpserver.add_provider("../../examples/sp3.xml", None, None)
idpuser_dump = "<LassoUser><LassoAssertions><LassoAssertion RemoteProviderID=\"https://service-provider1:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"C9DS8CD7CSD6CDSCKDKCS\"></Assertion></LassoAssertion><LassoAssertion RemoteProviderID=\"https://service-provider2:2003/liberty-alliance/metadata\"><Assertion AssertionID=\"4IK43JCJSDCSDKCSCSDL\"></Assertion></LassoAssertion></LassoAssertions><LassoIdentities><LassoIdentity RemoteProviderID=\"https://service-provider1:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">11111111111111111111111111</NameIdentifier></LassoLocalNameIdentifier></LassoIdentity><LassoIdentity RemoteProviderID=\"https://service-provider2:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">222222222222222222222222</NameIdentifier></LassoLocalNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
# SP1 build a request :
sp1user = lasso.User.new_from_dump(sp1user_dump)
sp1logout = lasso.Logout.new(sp1server, lasso.providerTypeSp)
sp1logout.set_user_from_dump(sp1user_dump)
sp1logout.init_request()
request = sp1logout.request
request.set_relayState("http://relaystate.com")
sp1logout.build_request_msg()
msg_url = sp1logout.msg_url
msg_body = sp1logout.msg_body
sp1logout.destroy()
# IDP process request and return a response :
idpuser = lasso.User.new_from_dump(idpuser_dump)
idplogout = lasso.Logout.new(idpserver, lasso.providerTypeIdp)
if lasso.get_request_type_from_soap_msg(msg_body)==lasso.REQUEST_TYPE_LOGOUT:
print "it's a logout request !"
#fake response, only for test !
response_msg_body = "<Envelope><LogoutResponse><ProviderID>https://service-provider2:2003/liberty-alliance/metadata</ProviderID><Status><StatusCode Value=\"Samlp:Success\"></StatusCode></Status></LogoutResponse></Envelope>"
idplogout.load_request_msg(msg_body, lasso.HTTP_METHOD_SOAP)
nameIdentifier = idplogout.nameIdentifier
print "get the user dump from NameIdentifier : ", nameIdentifier
idplogout.set_user_from_dump(idpuser_dump)
idplogout.process_request()
print "RelayState :", idplogout.msg_relayState
next_provider_id = idplogout.get_next_providerID()
while next_provider_id:
idplogout.init_request(next_provider_id)
idplogout.build_request_msg()
print "send soap msg to url", idplogout.msg_url
# remote SP send back a LogoutResponse, process it.
idplogout.process_response_msg(response_msg_body, lasso.HTTP_METHOD_SOAP)
next_provider_id = idplogout.get_next_providerID()
idplogout.build_response_msg()
print "End of logout"

36
python/examples/mapping.py
View File

@ -1,36 +0,0 @@
#! /usr/bin/env python
import sys
sys.path.insert(0, '../')
import lasso
req = lasso.NameIdentifierMappingRequest.new("http://providerid.com",
"CDSC7SCD65SCDSDCCDS", "http://qualifier.com", "federated")
print 'dump req : ', req.dump()
query = req.url_encode(1, './rsakey.pem')
print 'req url encoded : ', query
soap = req.soap_envelop()
print 'req soap envelopped : ', soap
req = lasso.NameIdentifierMappingRequest.new_from_query(query)
print 'dump req2 from query : ', req.dump()
req = lasso.NameIdentifierMappingRequest.new_from_soap(soap)
print 'dump req3 from soap : ', req.dump()
res = lasso.NameIdentifierMappingResponse.new_from_request_soap(soap, "http://providerid.com", "success")
print 'dump res from request soap : ', res.dump()
query = res.url_encode(1, 'rsakey.pem')
soap = res.soap_envelop()
#res = lasso.NameIdentifierMappingResponse.new_from_request_query(query, "http://providerid.com", "success")
#print 'dump res from request query : ', res.dump()
res = lasso.NameIdentifierMappingResponse.new_from_soap(soap)
print 'dump res from request soap : ', res.dump()
res = lasso.NameIdentifierMappingResponse.new_from_query(query)
print 'dump res from request query : ', res.dump()

41
python/examples/registration.py
View File

@ -1,41 +0,0 @@
#! /usr/bin/env python
import sys
sys.path.insert(0, '../')
import lasso
# servers :
spserver = lasso.Server.new("../../examples/sp.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
spserver.add_provider("../../examples/idp.xml", None, None)
idpserver = lasso.Server.new("../../examples/idp.xml",
"../../examples/rsapub.pem", "../../examples/rsakey.pem", "../../examples/rsacert.pem",
lasso.SIGNATURE_METHOD_RSA_SHA1)
spserver.add_provider("../../examples/sp.xml", None, None)
# users :
spuser_dump = "<LassoUser><LassoIdentities><LassoIdentity RemoteProviderID=\"https://identity-provider:2003/liberty-alliance/metadata\"><LassoRemoteNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">LLLLLLLLLLLLLLLLLLLLLLLLL</NameIdentifier></LassoRemoteNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
spuser = lasso.User.new_from_dump(spuser_dump)
idpuser_dump = "<LassoUser><LassoIdentities><LassoIdentity RemoteProviderID=\"https://service-provider:2003/liberty-alliance/metadata\"><LassoLocalNameIdentifier><NameIdentifier NameQualifier=\"qualifier.com\" Format=\"federated\">LLLLLLLLLLLLLLLLLLLLLLLLL</NameIdentifier></LassoLocalNameIdentifier></LassoIdentity></LassoIdentities></LassoUser>"
idpuser = lasso.User.new_from_dump(idpuser_dump)
# sp register name identifier :
print 'new registration'
spregistration = lasso.RegisterNameIdentifier.new(spserver, spuser, lasso.providerTypeSp)
spregistration.init_request("https://identity-provider:2003/liberty-alliance/metadata")
#spregistration.build_request_msg()
print 'url : ', spregistration.msg_url
print 'body : ', spregistration.msg_body
print 'End of registration'
lasso.shutdown()

83
python/examples/test.py
View File

@ -1,83 +0,0 @@
#! /usr/bin/env python
# -*- coding: utf-8 -*-
import sys
sys.path.insert(0, '../')
import lasso
# creation d'une AuthnRequest
req = lasso.AuthnRequest("http://providerid.com")
req.set_forceAuthn(0)
req.set_isPassive(1)
req.set_protocolProfile(lasso.libProtocolProfilePost)
req.set_requestAuthnContext(["test1", "test2"],
None,
lasso.libAuthnContextComparisonExact)
req.set_scoping(proxyCount=1)
# url encodage de la request (+ signature)
query = req.export_to_query(1, "../../examples/rsakey.pem")
req.destroy()
# creation de la response AuthnResponse OU Response
# en fonction de la valeur de ProtocolProfile
protocolProfile = lasso.authn_request_get_protocolProfile(query)
if protocolProfile == lasso.libProtocolProfilePost:
# partie IDP
res = lasso.AuthnResponse.new_from_request_query(query, "http://providerid.com")
# verification de la signature de la query
print "Query signature check:", res.verify_signature("../../examples/rsapub.pem",
"../../examples/rsakey.pem")
must_authenticate = res.must_authenticate(is_authenticated=0)
print "Must authenticate? :", must_authenticate
if must_authenticate:
# dump (sauvegarde avant authentification)
dump_response = res.dump()
res.destroy()
# reconstruction de la reponse apres authentification du Principal
res = lasso.AuthnResponse.new_from_dump(dump_response)
res.process_authentication_result(1)
# if NameIDPolicy omitted or none and federation KO
# statusCode = lib:FederationDoesNotExist
# creation de l'assertion
assertion = lasso.Assertion("issuer", res.get_attr_value("InResponseTo"))
authentication_statement = lasso.AuthenticationStatement("password",
"tralala",
"dslqkjfslfj",
"http://service-provider.com",
"federated",
"wxkfjesmqfj",
"http://idp-provider.com",
"federated")
assertion.add_authenticationStatement(authentication_statement)
assertion.set_signature(1, "../../examples/rsakey.pem",
"../../examples/rsacert.pem");
# ajout de l'assertion
res.add_assertion(assertion)
# export de la response (base64 encodée) pr envoi au SP
res_b64 = res.export_to_base64()
res.destroy()
else:
print "La Response (par artifact) n'est pas encore implementée"
lasso.shutdown()
sys.exit(0)
# partie SP
# reconstruction de la reponse
res = lasso.AuthnResponse.new_from_export(res_b64, type=1)
# Verification de la signature de l'assertion
assertion = res.get_child("Assertion")
if assertion:
print "Assertion signature check: ", res.get_child("Assertion").verify_signature("../../examples/rootcert.pem")
# recuperation du StatusCode
status_code = res.get_child("StatusCode")
# recuperation de la valeur de l'attribut "Value"
print "Resultat de la demande d'authentification:", status_code.get_attr_value("Value")
res.destroy()
lasso.shutdown()

47
python/examples/user.py
View File

@ -1,47 +0,0 @@
#! /usr/bin/env python
import sys
sys.path.insert(0, '../')
import lasso
lasso_assertions = """<LassoAssertions><LassoAssertion RemoteProviderID="https://service-provider1:2003/liberty-alliance/metadata"><Assertion AssertionID="1234567890"></Assertion></LassoAssertion><LassoAssertion RemoteProviderID="https://service-provider2:2003/liberty-alliance/metadata"><Assertion AssertionID="1234567890"></Assertion></LassoAssertion><LassoAssertion RemoteProviderID="https://service-provider3:2003/liberty-alliance/metadata"><Assertion AssertionID="1234567890"></Assertion></LassoAssertion></LassoAssertions>"""
lasso_identities = """<LassoIdentities><LassoIdentity RemoteProviderID="https://service-provider1:2003/liberty-alliance/metadata"><LassoRemoteNameIdentifier><NameIdentifier>111111111111111111111111111111</NameIdentifier></LassoRemoteNameIdentifier></LassoIdentity></LassoIdentities>"""
user_dump = "<LassoUser>%s%s</LassoUser>" % (lasso_assertions, lasso_identities)
user = lasso.User.new_from_dump(user_dump);
print "Dump of user environ : %s\n" % user.dump()
next_provider_id = user.get_next_assertion_remote_providerID()
while(next_provider_id):
print "Next provider id : ", next_provider_id
assertion = user.get_assertion(next_provider_id)
print "his Assertion : ", assertion.dump()
print "Remove his assertion from user ..."
user.remove_assertion(next_provider_id)
next_provider_id = user.get_next_assertion_remote_providerID()
print "All assertions deleted\n"
print "Dump of user environ :"
print user.dump()
user2 = lasso.User.new_from_dump(user.dump());
print 'user2 dump 1'
print user2.dump()
assertion = lasso.Assertion("http://nowhere.com", "CD8CS7C6CS6CD6C6SC6SSDC6CS6D")
print 'user dump 1'
print user.dump()
user.add_assertion("https://service-provider1:2003/liberty-alliance/metadata", assertion)
print user.dump()
user.destroy()