Python binding now raises exceptions instead of returning error codes.
Close bug #237.
This commit is contained in:
parent
3e411cc8ef
commit
6f48cba5e8
198
python/lasso.py
198
python/lasso.py
|
@ -39,16 +39,24 @@ _initialized = False
|
|||
|
||||
class Error(Exception):
|
||||
code = None # Use negative error codes for binding specific errors.
|
||||
msg = None
|
||||
functionName = None
|
||||
|
||||
def __init__(self, msg=None):
|
||||
if msg is not None:
|
||||
self.msg = msg
|
||||
def __init__(self, functionName):
|
||||
self.functionName = functionName
|
||||
|
||||
def __str__(self):
|
||||
return repr(self.msg)
|
||||
|
||||
|
||||
class ErrorUnknown(Error):
|
||||
def __init__(self, code, functionName):
|
||||
ErrorUnknown.__init__(functionName)
|
||||
self.code = code
|
||||
|
||||
def __str__(self):
|
||||
return 'Unknown error number %d in Lasso function %s' % (self.code, self.functionName)
|
||||
|
||||
|
||||
class ErrorLassoAlreadyInitialized(Error):
|
||||
code = -1
|
||||
msg = 'Lasso already initialized'
|
||||
|
@ -61,17 +69,18 @@ class ErrorLassoNotInitialized(Error):
|
|||
|
||||
class ErrorInstanceCreationFailed(Error):
|
||||
code = -3
|
||||
functionName = None
|
||||
|
||||
def __init__(self, functionName):
|
||||
self.functionName = functionName
|
||||
|
||||
def __str__(self, functionName):
|
||||
return 'Instance creation failed in Lasso function %s()' % self.functionName
|
||||
|
||||
|
||||
def newError(code, functionName):
|
||||
# FIXME: Use proper ErrorClass, when Lasso will have well defined error codes.
|
||||
return ErrorUnknown(code, functionName)
|
||||
|
||||
|
||||
################################################################################
|
||||
# Functions
|
||||
# Initialization
|
||||
################################################################################
|
||||
|
||||
|
||||
|
@ -932,8 +941,9 @@ class Server:
|
|||
new_from_dump = classmethod(new_from_dump)
|
||||
|
||||
def add_provider(self, metadata, public_key=None, certificate=None):
|
||||
return lassomod.server_add_provider(self, metadata,
|
||||
public_key, certificate)
|
||||
errorCode = lassomod.server_add_provider(self, metadata, public_key, certificate)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_server_add_provider')
|
||||
|
||||
def dump(self):
|
||||
return lassomod.server_dump(self)
|
||||
|
@ -1075,16 +1085,24 @@ class Profile:
|
|||
return lassomod.profile_is_session_dirty(self)
|
||||
|
||||
def set_identity(self, identity):
|
||||
return lassomod.profile_set_identity(self, identity)
|
||||
errorCode = lassomod.profile_set_identity(self, identity)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_profile_set_identity')
|
||||
|
||||
def set_identity_from_dump(self, dump):
|
||||
return lassomod.profile_set_identity_from_dump(self, dump)
|
||||
errorCode = lassomod.profile_set_identity_from_dump(self, dump)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_profile_set_identity_from_dump')
|
||||
|
||||
def set_session(self, session):
|
||||
return lassomod.profile_set_session(self, session)
|
||||
errorCode = lassomod.profile_set_session(self, session)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_profile_set_session')
|
||||
|
||||
def set_session_from_dump(self, dump):
|
||||
return lassomod.profile_set_session_from_dump(self, dump)
|
||||
errorCode = lassomod.profile_set_session_from_dump(self, dump)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_profile_set_session_from_dump')
|
||||
|
||||
## login
|
||||
loginProtocolProfileBrwsArt = 1
|
||||
|
@ -1145,51 +1163,70 @@ class Login(Profile):
|
|||
new_from_dump = classmethod(new_from_dump)
|
||||
|
||||
def accept_sso(self):
|
||||
return lassomod.login_accept_sso(self)
|
||||
errorCode = lassomod.login_accept_sso(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_accept_sso')
|
||||
|
||||
def build_artifact_msg(self, authentication_result, authenticationMethod,
|
||||
reauthenticateOnOrAfter, method):
|
||||
return lassomod.login_build_artifact_msg(self, authentication_result,
|
||||
authenticationMethod,
|
||||
reauthenticateOnOrAfter,
|
||||
method)
|
||||
errorCode = lassomod.login_build_artifact_msg(
|
||||
self, authentication_result, authenticationMethod, reauthenticateOnOrAfter, method)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_build_artifact_msg')
|
||||
|
||||
def build_authn_request_msg(self):
|
||||
return lassomod.login_build_authn_request_msg(self)
|
||||
errorCode = lassomod.login_build_authn_request_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_build_authn_request_msg')
|
||||
|
||||
def build_authn_response_msg(self, authentication_result, authenticationMethod,
|
||||
reauthenticateOnOrAfter):
|
||||
return lassomod.login_build_authn_response_msg(self, authentication_result,
|
||||
authenticationMethod,
|
||||
reauthenticateOnOrAfter)
|
||||
errorCode = lassomod.login_build_authn_response_msg(
|
||||
self, authentication_result, authenticationMethod, reauthenticateOnOrAfter)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_build_authn_response_msg')
|
||||
|
||||
def build_request_msg(self):
|
||||
return lassomod.login_build_request_msg(self)
|
||||
errorCode = lassomod.login_build_request_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_build_request_msg')
|
||||
|
||||
def dump(self):
|
||||
return lassomod.login_dump(self)
|
||||
|
||||
def init_authn_request(self, remote_providerID):
|
||||
return lassomod.login_init_authn_request(self, remote_providerID)
|
||||
errorCode = lassomod.login_init_authn_request(self, remote_providerID)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_init_authn_request')
|
||||
|
||||
def init_from_authn_request_msg(self, authn_request_msg, authn_request_method):
|
||||
return lassomod.login_init_from_authn_request_msg(self, authn_request_msg,
|
||||
authn_request_method)
|
||||
errorCode = lassomod.login_init_from_authn_request_msg(
|
||||
self, authn_request_msg, authn_request_method)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_init_from_authn_request_msg')
|
||||
|
||||
def init_request(self, response_msg, response_method):
|
||||
return lassomod.login_init_request(self, response_msg, response_method)
|
||||
errorCode = lassomod.login_init_request(self, response_msg, response_method)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_init_request')
|
||||
|
||||
def must_authenticate(self):
|
||||
return lassomod.login_must_authenticate(self)
|
||||
|
||||
def process_authn_response_msg(self, authn_response_msg):
|
||||
return lassomod.login_process_authn_response_msg(self, authn_response_msg)
|
||||
errorCode = lassomod.login_process_authn_response_msg(self, authn_response_msg)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_process_authn_response_msg')
|
||||
|
||||
def process_request_msg(self, request_msg):
|
||||
return lassomod.login_process_request_msg(self, request_msg)
|
||||
errorCode = lassomod.login_process_request_msg(self, request_msg)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_process_request_msg')
|
||||
|
||||
def process_response_msg(self, response_msg):
|
||||
return lassomod.login_process_response_msg(self, response_msg)
|
||||
errorCode = lassomod.login_process_response_msg(self, response_msg)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_login_process_response_msg')
|
||||
|
||||
|
||||
providerTypeNone = 0
|
||||
|
@ -1233,10 +1270,14 @@ class Logout(Profile):
|
|||
new = classmethod(new)
|
||||
|
||||
def build_request_msg(self):
|
||||
return lassomod.logout_build_request_msg(self)
|
||||
errorCode = lassomod.logout_build_request_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_logout_build_request_msg')
|
||||
|
||||
def build_response_msg(self):
|
||||
return lassomod.logout_build_response_msg(self)
|
||||
errorCode = lassomod.logout_build_response_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_logout_build_response_msg')
|
||||
|
||||
def destroy(self):
|
||||
lassomod.logout_destroy(self);
|
||||
|
@ -1245,16 +1286,24 @@ class Logout(Profile):
|
|||
return lassomod.logout_get_next_providerID(self);
|
||||
|
||||
def init_request(self, remote_providerID = None):
|
||||
return lassomod.logout_init_request(self, remote_providerID);
|
||||
errorCode = lassomod.logout_init_request(self, remote_providerID);
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_logout_init_request')
|
||||
|
||||
def process_request_msg(self, request_msg, request_method):
|
||||
return lassomod.logout_process_request_msg(self, request_msg, request_method);
|
||||
errorCode = lassomod.logout_process_request_msg(self, request_msg, request_method);
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_logout_process_request_msg')
|
||||
|
||||
def validate_request(self):
|
||||
return lassomod.logout_validate_request(self);
|
||||
errorCode = lassomod.logout_validate_request(self);
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_logout_validate_request')
|
||||
|
||||
def process_response_msg(self, response_msg, response_method):
|
||||
return lassomod.logout_process_response_msg(self, response_msg, response_method);
|
||||
errorCode = lassomod.logout_process_response_msg(self, response_msg, response_method);
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_logout_process_response_msg')
|
||||
|
||||
class FederationTermination(Profile):
|
||||
"""\brief Short desc
|
||||
|
@ -1292,19 +1341,28 @@ class FederationTermination(Profile):
|
|||
new = classmethod(new)
|
||||
|
||||
def build_notification_msg(self):
|
||||
return lassomod.federation_termination_build_notification_msg(self)
|
||||
errorCode = lassomod.federation_termination_build_notification_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_federation_termination_build_notification_msg')
|
||||
|
||||
def destroy(self):
|
||||
lassomod.federation_termination_destroy(self)
|
||||
|
||||
def init_notification(self, remote_providerID = None):
|
||||
return lassomod.federation_termination_init_notification(self, remote_providerID)
|
||||
errorCode = lassomod.federation_termination_init_notification(self, remote_providerID)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_federation_termination_init_notification')
|
||||
|
||||
def load_notification_msg(self, notification_msg, notification_method):
|
||||
return lassomod.federation_termination_load_notification_msg(self, notification_msg, notification_method)
|
||||
errorCode = lassomod.federation_termination_load_notification_msg(
|
||||
self, notification_msg, notification_method)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_federation_termination_load_notification_msg')
|
||||
|
||||
def process_notification(self):
|
||||
return lassomod.federation_termination_process_notification(self)
|
||||
errorCode = lassomod.federation_termination_process_notification(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_federation_termination_process_notification')
|
||||
|
||||
|
||||
class RegisterNameIdentifier:
|
||||
|
@ -1338,22 +1396,33 @@ class RegisterNameIdentifier:
|
|||
new = classmethod(new)
|
||||
|
||||
def build_request_msg(self):
|
||||
return lassomod.register_name_identifier_build_request_msg(self)
|
||||
errorCode = lassomod.register_name_identifier_build_request_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_register_name_identifier_build_request_msg')
|
||||
|
||||
def build_response_msg(self):
|
||||
return lassomod.register_name_identifier_build_response_msg(self)
|
||||
errorCode = lassomod.register_name_identifier_build_response_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_register_name_identifier_build_response_msg')
|
||||
|
||||
def destroy(self):
|
||||
pass
|
||||
|
||||
def init_request(self, remote_providerID):
|
||||
return lassomod.register_name_identifier_init_request(self, remote_providerID)
|
||||
errorCode = lassomod.register_name_identifier_init_request(self, remote_providerID)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_register_name_identifier_init_request')
|
||||
|
||||
def process_request(self):
|
||||
return lassomod.register_name_identifier_process_request(self)
|
||||
errorCode = lassomod.register_name_identifier_process_request(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_register_name_identifier_process_request')
|
||||
|
||||
def process_response_msg(self, response_msg, response_method):
|
||||
return lassomod.register_name_identifier_process_response_msg(self, response_msg, response_method)
|
||||
errorCode = lassomod.register_name_identifier_process_response_msg(
|
||||
self, response_msg, response_method)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_register_name_identifier_process_response_msg')
|
||||
|
||||
class Lecp:
|
||||
"""\brief Short desc
|
||||
|
@ -1388,31 +1457,48 @@ class Lecp:
|
|||
new = classmethod(new)
|
||||
|
||||
def build_authn_request_envelope_msg(self):
|
||||
return lassomod.lecp_build_authn_request_envelope_msg(self)
|
||||
errorCode = lassomod.lecp_build_authn_request_envelope_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_build_authn_request_envelope_msg')
|
||||
|
||||
def build_authn_response_envelope_msg(self):
|
||||
return lassomod.lecp_build_authn_response_envelope_msg(self)
|
||||
errorCode = lassomod.lecp_build_authn_response_envelope_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_build_authn_response_envelope_msg')
|
||||
|
||||
def build_authn_request_msg(self):
|
||||
return lassomod.lecp_build_authn_request_msg(self)
|
||||
errorCode = lassomod.lecp_build_authn_request_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_build_authn_request_msg')
|
||||
|
||||
def build_authn_response_msg(self):
|
||||
return lassomod.lecp_build_authn_response_msg(self)
|
||||
errorCode = lassomod.lecp_build_authn_response_msg(self)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_build_authn_response_msg')
|
||||
|
||||
def destroy(self):
|
||||
lassomod.lecp_destroy(self)
|
||||
|
||||
def init_authn_request(self, remote_providerID):
|
||||
return lassomod.lecp_init_authn_request(self, remote_providerID)
|
||||
errorCode = lassomod.lecp_init_authn_request(self, remote_providerID)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_init_authn_request')
|
||||
|
||||
def init_from_authn_request_msg(self, authn_request_msg, authn_request_method):
|
||||
return lassomod.lecp_init_from_authn_request_msg(self, authn_request_msg, authn_request_method)
|
||||
errorCode = lassomod.lecp_init_from_authn_request_msg(
|
||||
self, authn_request_msg, authn_request_method)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_init_from_authn_request_msg')
|
||||
|
||||
def process_authn_request_envelope_msg(self, request_msg):
|
||||
return lassomod.lecp_process_authn_request_envelope_msg(self, request_msg)
|
||||
|
||||
errorCode = lassomod.lecp_process_authn_request_envelope_msg(self, request_msg)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_process_authn_request_envelope_msg')
|
||||
|
||||
def process_authn_response_envelope_msg(self, response_msg):
|
||||
return lassomod.lecp_process_authn_response_envelope_msg(self, response_msg)
|
||||
errorCode = lassomod.lecp_process_authn_response_envelope_msg(self, response_msg)
|
||||
if errorCode:
|
||||
raise newError(errorCode, 'lasso_lecp_process_authn_response_envelope_msg')
|
||||
|
||||
|
||||
if not _initialized:
|
||||
|
|
|
@ -39,7 +39,6 @@ import lasso
|
|||
class TestCase(unittest.TestCase):
|
||||
def generateIdpServer(self):
|
||||
idpServer = lasso.Server.new_from_dump(self.generateIdpServerDump())
|
||||
self.failUnless(idpServer)
|
||||
return idpServer
|
||||
|
||||
def generateIdpServerDump(self):
|
||||
|
@ -49,12 +48,10 @@ class TestCase(unittest.TestCase):
|
|||
"../../examples/data/idp-private-key.pem",
|
||||
"../../examples/data/idp-crt.pem",
|
||||
lasso.signatureMethodRsaSha1)
|
||||
self.failUnless(idpServer)
|
||||
errorCode = idpServer.add_provider(
|
||||
idpServer.add_provider(
|
||||
"../../examples/data/sp-metadata.xml",
|
||||
"../../examples/data/sp-public-key.pem",
|
||||
"../../examples/data/ca-crt.pem")
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
idpServerDump = idpServer.dump()
|
||||
self.failUnless(idpServerDump)
|
||||
idpServer.destroy()
|
||||
|
@ -62,7 +59,6 @@ class TestCase(unittest.TestCase):
|
|||
|
||||
def generateSpServer(self):
|
||||
spServer = lasso.Server.new_from_dump(self.generateSpServerDump())
|
||||
self.failUnless(spServer)
|
||||
return spServer
|
||||
|
||||
def generateSpServerDump(self):
|
||||
|
@ -72,12 +68,10 @@ class TestCase(unittest.TestCase):
|
|||
"../../examples/data/sp-private-key.pem",
|
||||
"../../examples/data/sp-crt.pem",
|
||||
lasso.signatureMethodRsaSha1)
|
||||
self.failUnless(spServer)
|
||||
errorCode = spServer.add_provider(
|
||||
spServer.add_provider(
|
||||
"../../examples/data/idp-metadata.xml",
|
||||
"../../examples/data/idp-public-key.pem",
|
||||
"../../examples/data/ca-crt.pem")
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
spServerDump = spServer.dump()
|
||||
self.failUnless(spServerDump)
|
||||
spServer.destroy()
|
||||
|
@ -94,22 +88,19 @@ class LoginTestCase(TestCase):
|
|||
def idpSingleSignOnForRedirect(self, authnRequestQuery, identityDump, sessionDump):
|
||||
idpServer = self.generateIdpServer()
|
||||
idpLogin = lasso.Login.new(idpServer)
|
||||
self.failUnless(idpLogin)
|
||||
if identityDump is not None:
|
||||
idpLogin.set_identity_from_dump(identityDump)
|
||||
if sessionDump is not None:
|
||||
idpLogin.set_session_from_dump(sessionDump)
|
||||
errorCode = idpLogin.init_from_authn_request_msg(
|
||||
idpLogin.init_from_authn_request_msg(
|
||||
authnRequestQuery, lasso.httpMethodRedirect)
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
return idpLogin
|
||||
|
||||
def idpSingleSignOn_part2ForArtifactRedirect(
|
||||
self, idpLogin, userAuthenticated, authenticationMethod):
|
||||
errorCode = idpLogin.build_artifact_msg(
|
||||
idpLogin.build_artifact_msg(
|
||||
userAuthenticated, authenticationMethod, "FIXME: reauthenticateOnOrAfter",
|
||||
lasso.httpMethodRedirect)
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
idpIdentityDump = idpLogin.get_identity().dump()
|
||||
self.failUnless(idpIdentityDump)
|
||||
self.failUnless(idpLogin.is_session_dirty())
|
||||
|
@ -130,9 +121,7 @@ class LoginTestCase(TestCase):
|
|||
self.failUnlessEqual(requestType, lasso.requestTypeLogin)
|
||||
idpServer = self.generateIdpServer()
|
||||
idpLogin = lasso.Login.new(idpServer)
|
||||
self.failUnless(idpLogin)
|
||||
errorCode = idpLogin.process_request_msg(soapRequestMsg)
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
idpLogin.process_request_msg(soapRequestMsg)
|
||||
artifact = idpLogin.assertionArtifact
|
||||
self.failUnless(artifact)
|
||||
return idpLogin
|
||||
|
@ -142,9 +131,7 @@ class LoginTestCase(TestCase):
|
|||
self.failUnlessEqual(requestType, lasso.requestTypeLogout)
|
||||
idpServer = self.generateIdpServer()
|
||||
idpLogout = lasso.Logout.new(idpServer, lasso.providerTypeIdp)
|
||||
self.failUnless(idpLogout)
|
||||
errorCode = idpLogout.process_request_msg(soapRequestMsg, lasso.httpMethodSoap)
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
idpLogout.process_request_msg(soapRequestMsg, lasso.httpMethodSoap)
|
||||
nameIdentifier = idpLogout.nameIdentifier
|
||||
self.failUnless(nameIdentifier)
|
||||
return idpLogout
|
||||
|
@ -154,8 +141,7 @@ class LoginTestCase(TestCase):
|
|||
idpLogout.set_identity_from_dump(identityDump)
|
||||
if sessionDump is not None:
|
||||
idpLogout.set_session_from_dump(sessionDump)
|
||||
errorCode = idpLogout.validate_request()
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
idpLogout.validate_request()
|
||||
idpIdentityDump = idpLogout.get_identity().dump()
|
||||
self.failUnless(idpIdentityDump)
|
||||
self.failUnless(idpLogout.is_session_dirty())
|
||||
|
@ -167,8 +153,7 @@ class LoginTestCase(TestCase):
|
|||
# FIXME: Handle the case where there are authentication assertions for other service
|
||||
# providers.
|
||||
self.failUnlessEqual(idpLogout.get_next_providerID(), None)
|
||||
errorCode = idpLogout.build_response_msg()
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
idpLogout.build_response_msg()
|
||||
soapResponseMsg = idpLogout.msg_body
|
||||
self.failUnless(soapResponseMsg)
|
||||
return idpLogout
|
||||
|
@ -176,10 +161,8 @@ class LoginTestCase(TestCase):
|
|||
def spAssertionConsumerForRedirect(self, responseQuery):
|
||||
spServer = self.generateSpServer()
|
||||
spLogin = lasso.Login.new(spServer)
|
||||
errorCode = spLogin.init_request(responseQuery, lasso.httpMethodRedirect)
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
errorCode = spLogin.build_request_msg()
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
spLogin.init_request(responseQuery, lasso.httpMethodRedirect)
|
||||
spLogin.build_request_msg()
|
||||
soapEndpoint = spLogin.msg_url
|
||||
self.failUnless(soapEndpoint)
|
||||
soapRequestMsg = spLogin.msg_body
|
||||
|
@ -187,8 +170,7 @@ class LoginTestCase(TestCase):
|
|||
return spLogin
|
||||
|
||||
def spAssertionConsumer_part2(self, spLogin, soapResponseMsg):
|
||||
errorCode = spLogin.process_response_msg(soapResponseMsg)
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
spLogin.process_response_msg(soapResponseMsg)
|
||||
nameIdentifier = spLogin.nameIdentifier
|
||||
self.failUnless(nameIdentifier)
|
||||
return spLogin
|
||||
|
@ -198,8 +180,7 @@ class LoginTestCase(TestCase):
|
|||
spLogin.set_identity_from_dump(identityDump)
|
||||
if sessionDump is not None:
|
||||
spLogin.set_session_from_dump(sessionDump)
|
||||
errorCode = spLogin.accept_sso()
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
spLogin.accept_sso()
|
||||
spIdentity = spLogin.get_identity()
|
||||
self.failUnless(spIdentity)
|
||||
spIdentityDump = spIdentity.dump()
|
||||
|
@ -216,18 +197,15 @@ class LoginTestCase(TestCase):
|
|||
def spLoginForRedirect(self):
|
||||
spServer = self.generateSpServer()
|
||||
spLogin = lasso.Login.new(spServer)
|
||||
self.failUnless(spLogin)
|
||||
errorCode = spLogin.init_authn_request(
|
||||
spLogin.init_authn_request(
|
||||
"https://identity-provider:1998/liberty-alliance/metadata")
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
self.failUnlessEqual(spLogin.request_type, lasso.messageTypeAuthnRequest)
|
||||
spLogin.request.set_isPassive(False)
|
||||
spLogin.request.set_nameIDPolicy(lasso.libNameIDPolicyTypeFederated)
|
||||
spLogin.request.set_consent(lasso.libConsentObtained)
|
||||
relayState = "fake"
|
||||
spLogin.request.set_relayState(relayState)
|
||||
errorCode = spLogin.build_authn_request_msg()
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
spLogin.build_authn_request_msg()
|
||||
authnRequestUrl = spLogin.msg_url
|
||||
self.failUnless(authnRequestUrl)
|
||||
return spLogin
|
||||
|
@ -235,15 +213,12 @@ class LoginTestCase(TestCase):
|
|||
def spLogoutForSoap(self, spIdentityDump, spSessionDump):
|
||||
spServer = self.generateSpServer()
|
||||
spLogout = lasso.Logout.new(spServer, lasso.providerTypeSp)
|
||||
self.failUnless(spLogout)
|
||||
if spIdentityDump is not None:
|
||||
spLogout.set_identity_from_dump(spIdentityDump)
|
||||
if spSessionDump is not None:
|
||||
spLogout.set_session_from_dump(spSessionDump)
|
||||
errorCode = spLogout.init_request()
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
errorCode = spLogout.build_request_msg()
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
spLogout.init_request()
|
||||
spLogout.build_request_msg()
|
||||
soapEndpoint = spLogout.msg_url
|
||||
self.failUnless(soapEndpoint)
|
||||
soapRequestMsg = spLogout.msg_body
|
||||
|
@ -251,8 +226,7 @@ class LoginTestCase(TestCase):
|
|||
return spLogout
|
||||
|
||||
def spLogoutForSoap_part2(self, spLogout, soapResponseMsg):
|
||||
errorCode = spLogout.process_response_msg(soapResponseMsg, lasso.httpMethodSoap)
|
||||
self.failUnlessEqual(errorCode, 0)
|
||||
spLogout.process_response_msg(soapResponseMsg, lasso.httpMethodSoap)
|
||||
self.failIf(spLogout.is_identity_dirty())
|
||||
spIdentity = spLogout.get_identity()
|
||||
self.failUnless(spIdentity)
|
||||
|
@ -285,7 +259,6 @@ class LoginTestCase(TestCase):
|
|||
authenticationMethod = lasso.samlAuthenticationMethodPassword
|
||||
idpServer = self.generateIdpServer()
|
||||
idpLogin = lasso.Login.new_from_dump(idpServer, idpLoginDump)
|
||||
self.failUnless(idpLogin)
|
||||
self.failUnlessEqual(idpLogin.protocolProfile, lasso.loginProtocolProfileBrwsArt)
|
||||
idpLogin = self.idpSingleSignOn_part2ForArtifactRedirect(
|
||||
idpLogin, userAuthenticated, authenticationMethod)
|
||||
|
@ -373,7 +346,7 @@ class LoginTestCase(TestCase):
|
|||
idpIdentityDump = """\
|
||||
<LassoIdentity><LassoFederations><LassoFederation RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><LassoLocalNameIdentifier><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">NjMxMEMzRTlEMDA4NTNEMEZGNDI1MEM0QzY4NUNBNzY=</saml:NameIdentifier></LassoLocalNameIdentifier></LassoFederation></LassoFederations></LassoIdentity>
|
||||
""".strip()
|
||||
self.failUnlessEqual(idpLogin.set_identity_from_dump(idpIdentityDump), 0)
|
||||
idpLogin.set_identity_from_dump(idpIdentityDump)
|
||||
idpSessionDump = """
|
||||
<LassoSession><LassoAssertions><LassoAssertion RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><lib:Assertion xmlns:lib="urn:liberty:iff:2003-08" AssertionID="Q0QxQzNFRTVGRTZEM0M0RjY2MTZDNTEwOUY4MDQzRTI=" MajorVersion="1" MinorVersion="2" IssueInstance="2004-08-02T18:51:43Z" Issuer="https://identity-provider:1998/liberty-alliance/metadata" InResponseTo="OEQ0OEUzODhGRTdGMEVFMzQ5Q0Q0QzYzQjk4MjUwNjQ="><lib:AuthenticationStatement xmlns:lib="urn:liberty:iff:2003-08" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2004-08-02T18:51:43Z" ReauthenticateOnOrAfter="FIXME: reauthenticateOnOrAfter"><lib:Subject xmlns:lib="urn:liberty:iff:2003-08"><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">NjMxMEMzRTlEMDA4NTNEMEZGNDI1MEM0QzY4NUNBNzY=</saml:NameIdentifier><lib:IDPProvidedNameIdentifier xmlns:lib="urn:liberty:iff:2003-08" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">NjMxMEMzRTlEMDA4NTNEMEZGNDI1MEM0QzY4NUNBNzY=</lib:IDPProvidedNameIdentifier><saml:SubjectConfirmation xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:SubjectConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:SubjectConfirmationMethod></saml:SubjectConfirmation></lib:Subject></lib:AuthenticationStatement><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
||||
<SignedInfo>
|
||||
|
@ -417,11 +390,10 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate>
|
|||
</Signature></lib:Assertion></LassoAssertion></LassoAssertions></LassoSession>
|
||||
""".strip()
|
||||
# " <-- Trick for Emacs Python mode.
|
||||
self.failUnlessEqual(idpLogin.set_session_from_dump(idpSessionDump), 0)
|
||||
idpLogin.set_session_from_dump(idpSessionDump)
|
||||
authnRequestQuery = """NameIDPolicy=federated&IsPassive=false&ProviderID=https%3A%2F%2Fservice-provider%3A2003%2Fliberty-alliance%2Fmetadata&consent=urn%3Aliberty%3Aconsent%3Aobtained&IssueInstance=2004-08-02T20%3A33%3A58Z&MinorVersion=2&MajorVersion=1&RequestID=ODVGNkUyMzY5N0MzOTY4QzZGOUYyNzEwRTJGMUNCQTI%3D&SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&Signature=fnSL5Mgp%2BV%2FtdUuYQJmFKvFY8eEco6sypmejvP4sD0v5ApywV94mUo6BxE29o1KW%0AGFXiMG7puhTwRSlKDo1vlh5iHNqVfjKcbx2XhfoDfplqLir102dyHxB5GedEQvqw%0AbTFtFrB6SnHi5facrYHCn7b58CxAWv9XW4DIfcVCOSma2OOBCm%2FzzCSiZpOtbRk9%0AveQzace41tDW0XLlbRdWpvwsma0yaYSkqYvTV3hmvgkWS5x9lzcm97oME4ywzwbU%0AJAyG8BkqMFoG7FPjwzR8qh7%2FWi%2BCzxxqfczxSGkUZUmsQdxyxazjhDpt1X8i5fan%0AnaF1vWF3GmS6G4t7mrkItA%3D%3D"""
|
||||
method = lasso.httpMethodRedirect
|
||||
self.failUnlessEqual(
|
||||
idpLogin.init_from_authn_request_msg(authnRequestQuery, method), 0)
|
||||
idpLogin.init_from_authn_request_msg(authnRequestQuery, method)
|
||||
self.failIf(idpLogin.must_authenticate())
|
||||
userAuthenticated = True
|
||||
authenticationMethod = lasso.samlAuthenticationMethodPassword
|
||||
|
@ -483,14 +455,12 @@ CGb/HRUx5EPgbIy52G224ITlQWadD1Z6y4PFTowDjkaRVerjUVRJZ/a5QVNsI4Du
|
|||
requestType = lasso.get_request_type_from_soap_msg(soapRequestMessage)
|
||||
self.failUnlessEqual(requestType, lasso.requestTypeLogout)
|
||||
idpLogout = lasso.Logout.new(idpServer, lasso.providerTypeIdp)
|
||||
self.failUnless(idpLogout)
|
||||
self.failUnlessEqual(
|
||||
idpLogout.process_request_msg(soapRequestMessage, lasso.httpMethodSoap), 0)
|
||||
idpLogout.process_request_msg(soapRequestMessage, lasso.httpMethodSoap)
|
||||
self.failUnless(idpLogout.nameIdentifier)
|
||||
idpIdentityDump = """\
|
||||
<LassoIdentity><LassoFederations><LassoFederation RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><LassoLocalNameIdentifier><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">QkM3M0M4MTYxREQzNEYwNEI4M0I4MUVERDUyQUUyMjA=</saml:NameIdentifier></LassoLocalNameIdentifier></LassoFederation></LassoFederations></LassoIdentity>
|
||||
""".strip()
|
||||
self.failUnlessEqual(idpLogout.set_identity_from_dump(idpIdentityDump), 0)
|
||||
idpLogout.set_identity_from_dump(idpIdentityDump)
|
||||
self.failUnlessEqual(idpLogout.get_identity().dump(), idpIdentityDump)
|
||||
idpSessionDump = """
|
||||
<LassoSession><LassoAssertions><LassoAssertion RemoteProviderID="https://service-provider:2003/liberty-alliance/metadata"><lib:Assertion xmlns:lib="urn:liberty:iff:2003-08" AssertionID="QUVENUJCNzRFOUQ3MEZFNEYzNUUwQTA5OTRGMEYzMDg=" MajorVersion="1" MinorVersion="2" IssueInstance="2004-08-03T11:55:55Z" Issuer="https://identity-provider:1998/liberty-alliance/metadata" InResponseTo="N0VEQzE0QUE1NTYwQTAzRjk4Njk3Q0JCRUU0RUZCQkY="><lib:AuthenticationStatement xmlns:lib="urn:liberty:iff:2003-08" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" AuthenticationInstant="2004-08-03T11:55:55Z" ReauthenticateOnOrAfter="FIXME: reauthenticateOnOrAfter"><lib:Subject xmlns:lib="urn:liberty:iff:2003-08"><saml:NameIdentifier xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">QkM3M0M4MTYxREQzNEYwNEI4M0I4MUVERDUyQUUyMjA=</saml:NameIdentifier><lib:IDPProvidedNameIdentifier xmlns:lib="urn:liberty:iff:2003-08" NameQualifier="https://identity-provider:1998/liberty-alliance/metadata" Format="urn:liberty:iff:nameid:federated">QkM3M0M4MTYxREQzNEYwNEI4M0I4MUVERDUyQUUyMjA=</lib:IDPProvidedNameIdentifier><saml:SubjectConfirmation xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"><saml:SubjectConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:SubjectConfirmationMethod></saml:SubjectConfirmation></lib:Subject></lib:AuthenticationStatement><Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
|
||||
|
@ -535,15 +505,15 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate>
|
|||
</Signature></lib:Assertion></LassoAssertion></LassoAssertions></LassoSession>
|
||||
""".strip()
|
||||
# " <-- Trick for Emacs Python mode.
|
||||
self.failUnlessEqual(idpLogout.set_session_from_dump(idpSessionDump), 0)
|
||||
idpLogout.set_session_from_dump(idpSessionDump)
|
||||
self.failUnlessEqual(idpLogout.get_session().dump(), idpSessionDump)
|
||||
self.failUnlessEqual(idpLogout.validate_request(), 0)
|
||||
idpLogout.validate_request()
|
||||
self.failIf(idpLogout.is_identity_dirty())
|
||||
self.failUnless(idpLogout.is_session_dirty())
|
||||
idpSessionDump = idpLogout.get_session().dump()
|
||||
self.failUnless(idpSessionDump)
|
||||
self.failIf(idpLogout.get_next_providerID())
|
||||
self.failUnlessEqual(idpLogout.build_response_msg(), 0)
|
||||
idpLogout.build_response_msg()
|
||||
soapResponseMsg = idpLogout.msg_body
|
||||
self.failUnless(soapResponseMsg)
|
||||
|
||||
|
@ -602,8 +572,8 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate>
|
|||
# " <-- Trick for Emacs Python mode.
|
||||
spLogout.set_session_from_dump(spSessionDump)
|
||||
|
||||
self.failUnlessEqual(spLogout.init_request(), 0)
|
||||
self.failUnlessEqual(spLogout.build_request_msg(), 0)
|
||||
spLogout.init_request()
|
||||
spLogout.build_request_msg()
|
||||
self.failUnless(spLogout.msg_url)
|
||||
self.failUnless(spLogout.msg_body)
|
||||
self.failUnless(spLogout.nameIdentifier)
|
||||
|
@ -611,8 +581,7 @@ jFL7NhzvY02aBTLhm22YOLYnlycKm64NGne+siooDCi5tel2/vcx+e+btX9x</X509Certificate>
|
|||
soapResponseMessage = """\
|
||||
<soap-env:Envelope xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"><soap-env:Body xmlns:soap-env="http://schemas.xmlsoap.org/soap/envelope/"><lib:LogoutResponse xmlns:lib="urn:liberty:iff:2003-08" ResponseID="NjcyNDYxQ0FCRTQwMUE0NjE4MzlFQjFDOTI2MTc3NjE=" MajorVersion="1" MinorVersion="2" IssueInstance="2004-08-04T00:03:20Z" InResponseTo="MzNCOTRBMjRCMDExN0MxODc1MUI5NjMwQjlCMTg1NzM=" Recipient="https://service-provider:2003/liberty-alliance/metadata"><lib:ProviderID>https://identity-provider:1998/liberty-alliance/metadata</lib:ProviderID><samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"><samlp:StatusCode xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" Value="Samlp:Success"/></samlp:Status></lib:LogoutResponse></soap-env:Body></soap-env:Envelope>
|
||||
""".strip()
|
||||
self.failUnlessEqual(
|
||||
spLogout.process_response_msg(soapResponseMessage, lasso.httpMethodSoap), 0)
|
||||
spLogout.process_response_msg(soapResponseMessage, lasso.httpMethodSoap)
|
||||
self.failIf(spLogout.is_identity_dirty())
|
||||
self.failUnless(spLogout.is_session_dirty())
|
||||
spSessionDump = spLogout.get_session().dump()
|
||||
|
|
Loading…
Reference in New Issue