saml_idp: cleanup urls, codex -> utils, remove registry

passbook/saml_idp/utils.py

@@ -0,0 +1,87 @@
+"""Wrappers to de/encode and de/inflate strings"""
+import base64
+import datetime
+import uuid
+import zlib
+
+from cryptography import x509
+from cryptography.hazmat.backends import default_backend
+from cryptography.hazmat.primitives import hashes, serialization
+from cryptography.hazmat.primitives.asymmetric import rsa
+from cryptography.x509.oid import NameOID
+
+
+def decode_base64_and_inflate(b64string):
+    """Base64 decode and ZLib decompress b64string"""
+    decoded_data = base64.b64decode(b64string)
+    return zlib.decompress(decoded_data, -15)
+
+
+def deflate_and_base64_encode(string_val):
+    """Base64 and ZLib Compress b64string"""
+    zlibbed_str = zlib.compress(string_val)
+    compressed_string = zlibbed_str[2:-4]
+    return base64.b64encode(compressed_string)
+
+
+def nice64(src):
+    """ Returns src base64-encoded and formatted nicely for our XML. """
+    return base64.b64encode(src).decode('utf-8').replace('\n', '')
+
+
+class CertificateBuilder:
+    """Build self-signed certificates"""
+
+    __public_key = None
+    __private_key = None
+    __builder = None
+    __certificate = None
+
+    def __init__(self):
+        self.__public_key = None
+        self.__private_key = None
+        self.__builder = None
+        self.__certificate = None
+
+    def build(self):
+        one_day = datetime.timedelta(1, 0, 0)
+        self.__private_key = rsa.generate_private_key(
+            public_exponent=65537,
+            key_size=2048,
+            backend=default_backend()
+        )
+        self.__public_key = self.__private_key.public_key()
+        self.__builder = \
+            x509.CertificateBuilder(). \
+            subject_name(x509.Name([
+                x509.NameAttribute(NameOID.COMMON_NAME, u'passbook Self-signed SAML Certificate'),
+                x509.NameAttribute(NameOID.ORGANIZATION_NAME, u'passbook'),
+                x509.NameAttribute(NameOID.ORGANIZATIONAL_UNIT_NAME, u'Self-signed'),
+            ])). \
+            issuer_name(x509.Name([
+                x509.NameAttribute(NameOID.COMMON_NAME, u'passbook Self-signed SAML Certificate'),
+            ])). \
+            not_valid_before(datetime.datetime.today() - one_day). \
+            not_valid_after(datetime.datetime.today() + datetime.timedelta(days=365)). \
+            serial_number(int(uuid.uuid4())). \
+            public_key(self.__public_key)
+        self.__certificate = self.__builder.sign(
+            private_key=self.__private_key, algorithm=hashes.SHA256(),
+            backend=default_backend()
+        )
+
+    @property
+    def private_key(self):
+        """Return private key in PEM format"""
+        return self.__private_key.private_bytes(
+            encoding=serialization.Encoding.PEM,
+            format=serialization.PrivateFormat.TraditionalOpenSSL,
+            encryption_algorithm=serialization.NoEncryption(),
+        ).decode('utf-8')
+
+    @property
+    def certificate(self):
+        """Return certificate in PEM format"""
+        return self.__certificate.public_bytes(
+            encoding=serialization.Encoding.PEM,
+        ).decode('utf-8')