All tests now pass in 2.7 and 3.4 .

Author: Roland Hedberg

.travis.yml

@@ -1,5 +1,9 @@
 language: python
 
+env:
+  - TOX_ENV=py27
+  - TOX_ENV=py34
+
 services:
   - mongodb
 

setup.py

@@ -45,12 +45,6 @@ def run_tests(self):
     #'pytest-coverage',
 ]
 
-
-# only for Python 2.6
-if sys.version_info < (2, 7):
-    install_requires.append('argparse')
-    install_requires.append('importlib')
-
 setup(
     name='pysaml2',
     version='3.0.0',

src/saml2/attribute_converter.py

@@ -480,10 +480,10 @@ def to_(self, attrvals):
         """
         attributes = []
         for key, value in attrvals.items():
-            key = key.lower()
+            lkey = key.lower()
             try:
                 attributes.append(factory(saml.Attribute,
-                                          name=self._to[key],
+                                          name=self._to[lkey],
                                           name_format=self.name_format,
                                           friendly_name=key,
                                           attribute_value=do_ava(value)))

src/saml2/config.py

@@ -399,7 +399,7 @@ def load_metadata(self, metadata_conf):
             disable_validation = False
 
         mds = MetadataStore(
-            ONTS.values(), acs, self, ca_certs,
+            list(ONTS.values()), acs, self, ca_certs,
             disable_ssl_certificate_validation=disable_validation)
 
         mds.imp(metadata_conf)

src/saml2/httpbase.py

@@ -199,7 +199,7 @@ def set_cookie(self, kaka, request):
                                          name=std_attr["name"])
                 except ValueError:
                     pass
-            elif morsel["expires"] < utc_now():
+            elif morsel["expires"] and morsel["expires"] < utc_now():
                 try:
                     self.cookiejar.clear(domain=std_attr["domain"],
                                          path=std_attr["path"],

tests/test_19_attribute_converter.py

@@ -80,7 +80,7 @@ def test_to_attrstat_1(self):
             assert a1.friendly_name == "givenName"
             assert a1.name == 'urn:mace:dir:attribute-def:givenName'
             assert a1.name_format == BASIC_NF
-        elif a0.friendly_name == 'givenname':
+        elif a0.friendly_name == 'givenName':
             assert a0.name == 'urn:mace:dir:attribute-def:givenName'
             assert a0.name_format == BASIC_NF
             assert a1.friendly_name == "sn"
@@ -103,13 +103,14 @@ def test_to_attrstat_2(self):
             assert a1.friendly_name == "givenName"
             assert a1.name == 'urn:oid:2.5.4.42'
             assert a1.name_format == URI_NF
-        elif a0.friendly_name == 'givenname':
+        elif a0.friendly_name == 'givenName':
             assert a0.name == 'urn:oid:2.5.4.42'
             assert a0.name_format == URI_NF
             assert a1.friendly_name == "surname"
             assert a1.name == 'urn:oid:2.5.4.4'
             assert a1.name_format == URI_NF
         else:
+            print(a0.friendly_name)
             assert False
 
     def test_to_local_name(self):
@@ -227,5 +228,5 @@ def test_schac():
 if __name__ == "__main__":
     t = TestAC()
     t.setup_class()
-    t.test_to_local_name_from_basic()
+    t.test_to_attrstat_1()
     #test_schac()

tests/test_37_entity_categories.py

@@ -35,7 +35,8 @@
 
 MDS = MetadataStore(ONTS.values(), ATTRCONV, sec_config,
                     disable_ssl_certificate_validation=True)
-MDS.imp([{"class": "saml2.mdstore.MetaDataMD", "metadata": [(full_path("swamid.md"), )]}])
+MDS.imp([{"class": "saml2.mdstore.MetaDataMD",
+          "metadata": [(full_path("swamid.md"),)]}])
 
 
 def _eq(l1, l2):
@@ -46,7 +47,7 @@ def test_filter_ava():
     policy = Policy({
         "default": {
             "lifetime": {"minutes": 15},
-            #"attribute_restrictions": None  # means all I have
+            # "attribute_restrictions": None  # means all I have
             "entity_categories": ["swamid"]
         }
     })
@@ -64,7 +65,7 @@ def test_filter_ava2():
     policy = Policy({
         "default": {
             "lifetime": {"minutes": 15},
-            #"attribute_restrictions": None  # means all I have
+            # "attribute_restrictions": None  # means all I have
             "entity_categories": ["refeds", "edugain"]
         }
     })
@@ -84,14 +85,15 @@ def test_filter_ava3():
     policy = Policy({
         "default": {
             "lifetime": {"minutes": 15},
-            #"attribute_restrictions": None  # means all I have
+            # "attribute_restrictions": None  # means all I have
             "entity_categories": ["swamid"]
         }
     })
 
-    mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config,
+    mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config,
                         disable_ssl_certificate_validation=True)
-    mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("entity_cat_sfs_hei.xml"), )]}])
+    mds.imp([{"class": "saml2.mdstore.MetaDataFile",
+              "metadata": [(full_path("entity_cat_sfs_hei.xml"),)]}])
 
     ava = {"givenName": ["Derek"], "sn": ["Jeter"],
            "mail": ["[email protected]"], "c": ["USA"],
@@ -107,14 +109,15 @@ def test_filter_ava4():
     policy = Policy({
         "default": {
             "lifetime": {"minutes": 15},
-            #"attribute_restrictions": None  # means all I have
+            # "attribute_restrictions": None  # means all I have
             "entity_categories": ["swamid"]
         }
     })
 
-    mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config,
+    mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config,
                         disable_ssl_certificate_validation=True)
-    mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("entity_cat_re_nren.xml"), )]}])
+    mds.imp([{"class": "saml2.mdstore.MetaDataFile",
+              "metadata": [(full_path("entity_cat_re_nren.xml"),)]}])
 
     ava = {"givenName": ["Derek"], "sn": ["Jeter"],
            "mail": ["[email protected]"], "c": ["USA"],
@@ -123,22 +126,24 @@ def test_filter_ava4():
 
     ava = policy.filter(ava, "urn:mace:example.com:saml:roland:sp", mds)
 
-    assert _eq(list(ava.keys()), ['eduPersonTargetedID', "givenName", "c", "mail",
-                            "sn"])
+    assert _eq(list(ava.keys()),
+               ['eduPersonTargetedID', "givenName", "c", "mail",
+                "sn"])
 
 
 def test_filter_ava5():
     policy = Policy({
         "default": {
             "lifetime": {"minutes": 15},
-            #"attribute_restrictions": None  # means all I have
+            # "attribute_restrictions": None  # means all I have
             "entity_categories": ["swamid"]
         }
     })
 
-    mds = MetadataStore(ONTS.values(), ATTRCONV, sec_config,
+    mds = MetadataStore(list(ONTS.values()), ATTRCONV, sec_config,
                         disable_ssl_certificate_validation=True)
-    mds.imp([{"class": "saml2.mdstore.MetaDataFile", "metadata": [(full_path("entity_cat_re.xml"), )]}])
+    mds.imp([{"class": "saml2.mdstore.MetaDataFile",
+              "metadata": [(full_path("entity_cat_re.xml"),)]}])
 
     ava = {"givenName": ["Derek"], "sn": ["Jeter"],
            "mail": ["[email protected]"], "c": ["USA"],
@@ -162,7 +167,9 @@ def test_idp_policy_filter():
                             idp.metadata)
 
         print(ava)
-        assert list(ava.keys()) == ["eduPersonTargetedID"]  # because no entity category
+        assert list(ava.keys()) == [
+            "eduPersonTargetedID"]  # because no entity category
+
 
 if __name__ == "__main__":
-    test_idp_policy_filter()
+    test_filter_ava3()

tests/test_50_server.py

@@ -107,7 +107,8 @@ def verify_assertion(self, assertion):
         ava = ava = get_ava(assertion[0])
 
         assert ava ==\
-               {'mail': ['[email protected]'], 'givenname': ['Derek'], 'surname': ['Jeter'], 'title': ['The man']}
+               {'mail': ['[email protected]'], 'givenName': ['Derek'],
+                'surName': ['Jeter'], 'title': ['The man']}
 
 
     def verify_encrypted_assertion(self, assertion, decr_text):
@@ -295,7 +296,6 @@ def test_sso_response_with_identity(self):
         assert resp.status
         assert resp.status.status_code.value == samlp.STATUS_SUCCESS
         assert resp.assertion
-        assert resp.assertion
         assertion = resp.assertion
         print(assertion)
         assert assertion.authn_statement
@@ -307,7 +307,7 @@ def test_sso_response_with_identity(self):
         # Pick out one attribute
         attr = None
         for attr in attribute_statement[0].attribute:
-            if attr.friendly_name == "givenname":
+            if attr.friendly_name == "givenName":
                 break
         assert len(attr.attribute_value) == 1
         assert attr.name == "urn:oid:2.5.4.42"
@@ -546,31 +546,31 @@ def test_encrypted_signed_response_1(self):
 
         sresponse = response_from_string(signed_resp)
 
-        valid = self.server.sec.verify_signature(signed_resp,
-                                                 self.server.config.cert_file,
-                                                 node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
-                                                 node_id=sresponse.id,
-                                                 id_attr="")
+        valid = self.server.sec.verify_signature(
+            signed_resp, self.server.config.cert_file,
+            node_name='urn:oasis:names:tc:SAML:2.0:protocol:Response',
+            node_id=sresponse.id, id_attr="")
+
         assert valid
 
-        valid = self.server.sec.verify_signature(signed_resp,
-                                                 self.server.config.cert_file,
-                                                 node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
-                                                 node_id=sresponse.assertion[0].id,
-                                                 id_attr="")
+        valid = self.server.sec.verify_signature(
+            signed_resp, self.server.config.cert_file,
+            node_name='urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
+            node_id=sresponse.assertion[0].id, id_attr="")
 
         assert valid
 
-        _, key_file = make_temp(str(cert_key_str).encode('ascii'), decode=False)
+        _, key_file = make_temp(cert_key_str, decode=False)
 
         decr_text = self.server.sec.decrypt(signed_resp, key_file)
 
         resp = samlp.response_from_string(decr_text)
 
         assert resp.assertion[0].advice.encrypted_assertion[0].extension_elements
 
-        assertion = extension_elements_to_elements(resp.assertion[0].advice.encrypted_assertion[0].extension_elements,
-                                       [saml, samlp])
+        assertion = extension_elements_to_elements(
+            resp.assertion[0].advice.encrypted_assertion[0].extension_elements,
+            [saml, samlp])
 
         self.verify_assertion(assertion)
 
@@ -653,7 +653,7 @@ def test_encrypted_signed_response_3(self):
                                                  id_attr="")
         assert valid
 
-        _, key_file = make_temp(str(cert_key_str).encode('ascii'), decode=False)
+        _, key_file = make_temp(cert_key_str, decode=False)
 
         decr_text = self.server.sec.decrypt(signed_resp, key_file)
 
@@ -1266,4 +1266,4 @@ def test_1(self):
 if __name__ == "__main__":
     ts = TestServer1()
     ts.setup_class()
-    ts.test_encrypted_signed_response_4()
+    ts.test_encrypted_signed_response_1()

tests/test_69_discovery.py

@@ -69,4 +69,4 @@ def test_construct_deconstruct_response():
 
 
 if __name__ == "__main__":
-    test_construct_deconstruct_request()
+    test_verify()

tox.ini

@@ -0,0 +1,10 @@
+[tox]
+envlist = py27,py34
+
+[testenv]
+basepython =
+    py27: python2.7
+    py34: python3.4
+
+deps =
+    pytest