sources/saml(major): add saml SP

2019-11-07 17:02:56 +01:00
parent 3bd56ce522
commit dabce36667
22 changed files with 610 additions and 0 deletions
--- a/passbook/sources/saml/xml_signing.py
+++ b/passbook/sources/saml/xml_signing.py
@ -0,0 +1,66 @@
+#XXX: Use svn:externals to get the same version as in saml2idp???
+"""
+Signing code goes here.
+"""
+# # python:
+# import hashlib
+# import string
+
+from structlog import get_logger
+
+# other libraries:
+# this app:
+# from passbook.providers.saml.utils import nice64
+# from passbook.sources.saml.xml_templates import SIGNATURE, SIGNED_INFO
+
+LOGGER = get_logger()
+
+# def get_signature_xml(subject, reference_uri):
+#     """
+#     Returns XML Signature for subject.
+#     """
+#     private_key_file = saml2sp_settings.SAML2SP_PRIVATE_KEY_FILE
+#     certificate_file = saml2sp_settings.SAML2SP_CERTIFICATE_FILE
+#     LOGGER.debug('get_signature_xml - Begin.')
+#     LOGGER.debug('Using private key file: ' + private_key_file)
+#     LOGGER.debug('Using certificate file: ' + certificate_file)
+#     LOGGER.debug('Subject: ' + subject)
+
+#     # Hash the subject.
+#     subject_hash = hashlib.sha1()
+#     subject_hash.update(subject)
+#     subject_digest = nice64(subject_hash.digest())
+#     LOGGER.debug('Subject digest: ' + subject_digest)
+
+#     # Create signed_info.
+#     signed_info = string.Template(SIGNED_INFO).substitute({
+#         'REFERENCE_URI': reference_uri,
+#         'SUBJECT_DIGEST': subject_digest,
+#     })
+#     LOGGER.debug('SignedInfo XML: ' + signed_info)
+
+# #    # "Digest" the signed_info.
+# #    info_hash = hashlib.sha1()
+# #    info_hash.update(signed_info)
+# #    info_digest = info_hash.digest()
+# #    LOGGER.debug('Info digest: ' + nice64(info_digest))
+
+#     # RSA-sign the signed_info.
+#     private_key = M2Crypto.EVP.load_key(private_key_file)
+#     private_key.sign_init()
+#     private_key.sign_update(signed_info)
+#     rsa_signature = nice64(private_key.sign_final())
+#     LOGGER.debug('RSA Signature: ' + rsa_signature)
+
+#     # Load the certificate.
+#     cert_data = load_cert_data(certificate_file)
+
+#     # Put the signed_info and rsa_signature into the XML signature.
+#     signed_info_short = signed_info.replace('xmlns:ds="http://www.w3.org/2000/09/xmldsig#"', '')
+#     signature_xml = string.Template(SIGNATURE).substitute({
+#         'RSA_SIGNATURE': rsa_signature,
+#         'SIGNED_INFO': signed_info_short,
+#         'CERTIFICATE': cert_data,
+#     })
+#     LOGGER.debug('Signature XML: ' + signature_xml)
+#     return signature_xml