Skip to content

Commit 361f862

Browse files
rhoerberhoerbe
committed
extended API with lists for supported NameID formats, AttributeName formats, digest and sig algs
1 parent 3c3f1c1 commit 361f862

File tree

2 files changed

+28
-4
lines changed

2 files changed

+28
-4
lines changed

src/saml2/saml.py

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -36,7 +36,14 @@
3636
"urn:oasis:names:tc:SAML:2.0:nameid-format:transient")
3737
NAMEID_FORMAT_ENTITY = (
3838
"urn:oasis:names:tc:SAML:2.0:nameid-format:entity")
39-
39+
NAMEID_FORMATS_SAML2 = (
40+
('NAMEID_FORMAT_EMAILADDRESS', NAMEID_FORMAT_EMAILADDRESS),
41+
('NAMEID_FORMAT_ENCRYPTED', NAMEID_FORMAT_ENCRYPTED),
42+
('NAMEID_FORMAT_ENTITY', NAMEID_FORMAT_ENTITY),
43+
('NAMEID_FORMAT_PERSISTENT', NAMEID_FORMAT_PERSISTENT),
44+
('NAMEID_FORMAT_TRANSIENT', NAMEID_FORMAT_TRANSIENT),
45+
('NAMEID_FORMAT_UNSPECIFIED', NAMEID_FORMAT_UNSPECIFIED),
46+
)
4047
PROFILE_ATTRIBUTE_BASIC = (
4148
"urn:oasis:names:tc:SAML:2.0:profiles:attribute:basic")
4249

@@ -48,7 +55,11 @@
4855
"urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified")
4956
NAME_FORMAT_URI = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
5057
NAME_FORMAT_BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
51-
58+
NAME_FORMATS_SAML2 = (
59+
('NAME_FORMAT_BASIC', NAME_FORMAT_BASIC),
60+
('NAME_FORMAT_URI', NAME_FORMAT_URI),
61+
('NAME_FORMAT_UNSPECIFIED', NAME_FORMAT_UNSPECIFIED),
62+
)
5263
DECISION_TYPE_PERMIT = "Permit"
5364
DECISION_TYPE_DENY = "Deny"
5465
DECISION_TYPE_INDETERMINATE = "Indeterminate"

src/xmldsig/__init__.py

Lines changed: 15 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -20,8 +20,15 @@
2020
DIGEST_SHA512 = 'http://www.w3.org/2001/04/xmlenc#sha512'
2121
DIGEST_RIPEMD160 = 'http://www.w3.org/2001/04/xmlenc#ripemd160'
2222
digest_default = DIGEST_SHA1
23-
24-
#SIG_DSA_SHA1 = 'http://www.w3.org/2000/09/xmldsig#dsa-sha1'
23+
DIGEST_ALLOWED_ALG = (('DIGEST_SHA1', DIGEST_SHA1),
24+
('DIGEST_SHA224', DIGEST_SHA224),
25+
('DIGEST_SHA256', DIGEST_SHA256),
26+
('DIGEST_SHA384', DIGEST_SHA384),
27+
('DIGEST_SHA512', DIGEST_SHA512),
28+
('DIGEST_RIPEMD160', DIGEST_RIPEMD160))
29+
DIGEST_AVAIL_ALG = DIGEST_ALLOWED_ALG + (('DIGEST_MD5', DIGEST_MD5), )
30+
31+
#SIG_DSA_SHA1 = 'http,//www.w3.org/2000/09/xmldsig#dsa-sha1'
2532
#SIG_DSA_SHA256 = 'http://www.w3.org/2009/xmldsig11#dsa-sha256'
2633
#SIG_ECDSA_SHA1 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha1'
2734
#SIG_ECDSA_SHA224 = 'http://www.w3.org/2001/04/xmldsig-more#ECDSA_sha224'
@@ -36,6 +43,12 @@
3643
SIG_RSA_SHA512 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-sha512'
3744
#SIG_RSA_RIPEMD160 = 'http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160'
3845
sig_default = SIG_RSA_SHA1
46+
SIG_ALLOWED_ALG = (('SIG_RSA_SHA1', SIG_RSA_SHA1),
47+
('SIG_RSA_SHA224', SIG_RSA_SHA224),
48+
('SIG_RSA_SHA256', SIG_RSA_SHA256),
49+
('SIG_RSA_SHA384', SIG_RSA_SHA384),
50+
('SIG_RSA_SHA512', SIG_RSA_SHA512))
51+
SIG_AVAIL_ALG = SIG_ALLOWED_ALG + (('SIG_RSA_MD5', SIG_RSA_MD5), )
3952

4053
MAC_SHA1 = 'http://www.w3.org/2000/09/xmldsig#hmac-sha1'
4154

0 commit comments

Comments
 (0)