How to use the satosa.internal.AuthenticationInformation function in SATOSA
To help you get started, we’ve selected a few SATOSA examples, based on popular ways it is used in public projects.
Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
IdentityPython / SATOSA / tests / satosa / micro_services / test_attribute_authorization.py View on Github 
def test_authz_allow_second(self):
attribute_allow = {
"": { "default": {"a0": ['foo1','foo2']} }
}
attribute_deny = {}
authz_service = self.create_authz_service(attribute_allow, attribute_deny)
resp = InternalData(auth_info=AuthenticationInformation())
resp.attributes = {
"a0": ["foo2","kaka"],
}
try:
ctx = Context()
ctx.state = dict()
authz_service.process(ctx, resp)
except SATOSAAuthenticationError as ex:
assert Falsedef test_filter_one_attribute_from_all_target_providers_for_one_requester(self):
requester = "test_requester"
attribute_filters = {
"": {
requester:
{"a1": "foo:bar"}
}
}
filter_service = self.create_filter_service(attribute_filters)
resp = InternalData(auth_info=AuthenticationInformation())
resp.requester = requester
resp.attributes = {
"a1": ["abc:xyz", "1:foo:bar:2"],
}
filtered = filter_service.process(None, resp)
assert filtered.attributes == {"a1": ["1:foo:bar:2"]}def test_auth_resp_callback_func_user_id_from_attrs_is_used_to_override_user_id(self, context, satosa_config):
satosa_config["INTERNAL_ATTRIBUTES"]["user_id_from_attrs"] = ["user_id", "domain"]
base = SATOSABase(satosa_config)
internal_resp = InternalData(auth_info=AuthenticationInformation("", "", ""))
internal_resp.attributes = {"user_id": ["user"], "domain": ["@example.com"]}
internal_resp.requester = "test_requester"
context.state[satosa.base.STATE_KEY] = {"requester": "test_requester"}
context.state[satosa.routing.STATE_KEY] = satosa_config["FRONTEND_MODULES"][0]["name"]
base._auth_resp_callback_func(context, internal_resp)
expected_user_id = "user@example.com"
assert internal_resp.subject_id == expected_user_iddef test_authz_deny_fail(self):
attribute_deny = {
"": { "default": {"a0": ['foo1','foo2']} }
}
attribute_allow = {}
authz_service = self.create_authz_service(attribute_allow, attribute_deny)
resp = InternalData(auth_info=AuthenticationInformation())
resp.attributes = {
"a0": ["foo3"],
}
try:
ctx = Context()
ctx.state = dict()
authz_service.process(ctx, resp)
except SATOSAAuthenticationError as ex:
assert Falsedef internal_response(self):
auth_info = AuthenticationInformation("auth_class_ref", "timestamp", "issuer")
internal_response = InternalData(auth_info=auth_info)
internal_response.subject_id = "user1"
return internal_responsedef test_auth_resp_callback_func_respects_user_id_to_attr(self, context, satosa_config):
satosa_config["INTERNAL_ATTRIBUTES"]["user_id_to_attr"] = "user_id"
base = SATOSABase(satosa_config)
internal_resp = InternalData(auth_info=AuthenticationInformation("", "", ""))
internal_resp.subject_id = "user1234"
context.state[satosa.base.STATE_KEY] = {"requester": "test_requester"}
context.state[satosa.routing.STATE_KEY] = satosa_config["FRONTEND_MODULES"][0]["name"]
base._auth_resp_callback_func(context, internal_resp)
assert internal_resp.attributes["user_id"] == [internal_resp.subject_id]def auth_info(self, requrest):
return AuthenticationInformation(
UNSPECIFIED, None,
self.config['server_info']['authorization_endpoint'])def auth_info(self, requrest):
return AuthenticationInformation(
UNSPECIFIED, None,
self.config['server_info']['authorization_endpoint'])def from_dict(cls, data):
"""
:type data: dict[str, dict[str, str] | str]
:rtype: satosa.internal_data.InternalResponse
:param data: A dict representation of an InternalResponse object
:return: An InternalResponse object
"""
auth_info = _AuthenticationInformation.from_dict(data.get("auth_info"))
instance = cls(auth_info=auth_info)
instance.user_id_hash_type = data.get("hash_type")
instance.attributes = data.get("attributes", {})
instance.user_id = data.get("user_id")
instance.requester = data.get("requester")
return instance:rtype: satosa.internal.InternalData
:param response: The saml authorization response
:return: A translated internal response
"""
# The response may have been encrypted by the IdP so if we have an
# encryption key, try it.
if self.encryption_keys:
response.parse_assertion(self.encryption_keys)
authn_info = response.authn_info()[0]
auth_class_ref = authn_info[0]
timestamp = response.assertion.authn_statement[0].authn_instant
issuer = response.response.issuer.text
auth_info = AuthenticationInformation(
auth_class_ref, timestamp, issuer,
)
# The SAML response may not include a NameID.
subject = response.get_subject()
name_id = subject.text if subject else None
name_id_format = subject.format if subject else None
attributes = self.converter.to_internal(
self.attribute_profile, response.ava,
)
internal_resp = InternalData(
auth_info=auth_info,
attributes=attributes,
subject_type=name_id_format,
Popular SATOSA functions
- satosa.attribute_mapping.AttributeMapper
- satosa.backends.saml2.SAMLBackend
- satosa.base.SATOSABase
- satosa.context.Context
- satosa.exception.SATOSAAuthenticationError
- satosa.internal.AuthenticationInformation
- satosa.internal.InternalData
- satosa.internal_data.InternalRequest
- satosa.internal_data.UserIdHasher.hash_id
- satosa.internal_data.UserIdHashType
- satosa.logging_util
- satosa.logging_util.get_session_id
- satosa.logging_util.LOG_FMT
- satosa.logging_util.LOG_FMT.format
- satosa.metadata_creation.saml_metadata.create_entity_descriptors
- satosa.proxy_server.make_app
- satosa.response.Redirect
- satosa.satosa_config.SATOSAConfig
- satosa.state.State
- satosa.util