Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.
def test_fail_to_parse_rstr(self):
username = 'test_username'
password = 'test_password'
appliesTo = 'test_appliesTo'
templateFile = open(os.path.join(os.getcwd(), 'tests', 'wstrust', 'RST.xml'), mode='r')
templateRST = templateFile.read()
templateFile.close()
rst = templateRST \
.replace('%USERNAME%', username) \
.replace('%PASSWORD%', password) \
.replace('%APPLIES_TO%', appliesTo) \
.replace('%WSTRUST_ENDPOINT%', wstrustEndpoint)
httpretty.register_uri(method=httpretty.POST, uri=wstrustEndpoint, status=200, body='fake response body')
request = WSTrustRequest(_call_context, wstrustEndpoint, appliesTo, WSTrustVersion.WSTRUST13)
with self.assertRaises(Exception):
request.acquire_token(username, password)
def acquire_token(self, username, password):
if self._wstrust_endpoint_version == WSTrustVersion.UNDEFINED:
raise AdalError('Unsupported wstrust endpoint version. Current support version is wstrust2005 or wstrust13.')
rst = self._build_rst(username, password)
if self._wstrust_endpoint_version == WSTrustVersion.WSTRUST2005:
soap_action = 'http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue'
else:
soap_action = 'http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue'
headers = {'headers': {'Content-type':'application/soap+xml; charset=utf-8',
'SOAPAction': soap_action},
'body': rst}
options = util.create_request_options(self, headers)
self._log.debug("Sending RST to: %(wstrust_endpoint)s",
{"wstrust_endpoint": self._wstrust_endpoint_url})
operation = "WS-Trust RST"
resp = requests.post(self._wstrust_endpoint_url, headers=options['headers'], data=rst,
allow_redirects=True,
verify=self._call_context.get('verify_ssl', None),
proxies=self._call_context.get('proxies', None),
def _select_single_matching_policy(self, policies):
matching_policies = [p for p in policies.values() if p.get('url')]
if not matching_policies:
self._log.warn("No policies found with a url.")
return
wstrust13_policy = None
wstrust2005_policy = None
for policy in matching_policies:
version = policy.get('version', None)
if version == WSTrustVersion.WSTRUST13:
wstrust13_policy = policy
elif version == WSTrustVersion.WSTRUST2005:
wstrust2005_policy = policy
if wstrust13_policy is None and wstrust2005_policy is None:
self._log.warn('No policies found for either wstrust13 or wstrust2005')
self.username_password_policy = wstrust13_policy or wstrust2005_policy
soap_transport_attributes = ""
soap_action_attributes = xmlutil.xpath_find(binding_node, SOAP_ACTION_XPATH)[0].attrib['soapAction']
if soap_action_attributes:
soap_action = soap_action_attributes
soap_transport_attributes = xmlutil.xpath_find(binding_node, SOAP_TRANSPORT_XPATH)[0].attrib['transport']
if soap_transport_attributes:
soap_transport = soap_transport_attributes
if soap_transport == SOAP_HTTP_TRANSPORT_VALUE:
if soap_action == RST_SOAP_ACTION_13:
self._log.debug(
'found binding matching Action and Transport: %(binding_node)s',
{"binding_node": name})
return WSTrustVersion.WSTRUST13
elif soap_action == RST_SOAP_ACTION_2005:
self._log.debug(
'found binding matching Action and Transport: %(binding_node)s',
{"binding_node": name})
return WSTrustVersion.WSTRUST2005
self._log.debug(
'binding node did not match soap Action or Transport: %(binding_node)s',
{"binding_node": name})
return WSTrustVersion.UNDEFINED
@staticmethod
def _parse_wstrust_version_from_federation_active_authurl(federation_active_authurl):
wstrust2005_regex = r'[/trust]?[2005][/usernamemixed]?'
wstrust13_regex = r'[/trust]?[13][/usernamemixed]?'
if re.search(wstrust2005_regex, federation_active_authurl):
return WSTrustVersion.WSTRUST2005
elif re.search(wstrust13_regex, federation_active_authurl):
return WSTrustVersion.WSTRUST13
return WSTrustVersion.UNDEFINED
@staticmethod
def _parse_wstrust_version_from_federation_active_authurl(federation_active_authurl):
wstrust2005_regex = r'[/trust]?[2005][/usernamemixed]?'
wstrust13_regex = r'[/trust]?[13][/usernamemixed]?'
if re.search(wstrust2005_regex, federation_active_authurl):
return WSTrustVersion.WSTRUST2005
elif re.search(wstrust13_regex, federation_active_authurl):
return WSTrustVersion.WSTRUST13
return WSTrustVersion.UNDEFINED
def _parse_token(self):
if self._wstrust_version == WSTrustVersion.WSTRUST2005:
token_type_nodes_xpath = 's:Body/t:RequestSecurityTokenResponse/t:TokenType'
security_token_xpath = 't:RequestedSecurityToken'
else:
token_type_nodes_xpath = 's:Body/wst:RequestSecurityTokenResponseCollection/wst:RequestSecurityTokenResponse/wst:TokenType'
security_token_xpath = 'wst:RequestedSecurityToken'
token_type_nodes = xmlutil.xpath_find(self._dom, token_type_nodes_xpath)
if not token_type_nodes:
raise AdalError("No TokenType nodes found in RSTR")
for node in token_type_nodes:
if self.token:
self._log.warn("Found more than one returned token. Using the first.")
break
token_type = xmlutil.find_element_text(node)
def _get_matching_bindings(self, policies):
bindings = {}
binding_policy_ref_nodes = xmlutil.xpath_find(self._dom, 'wsdl:binding/wsp:PolicyReference')
for node in binding_policy_ref_nodes:
uri = node.get('URI')
policy = policies.get(uri)
if policy:
binding_node = self._parents[node]
binding_name = binding_node.get('name')
version = self._check_soap_action_and_transport(binding_node)
if version != WSTrustVersion.UNDEFINED:
bindings[binding_name] = {
'url': uri,
'version': version
}
return bindings if bindings else None
def _select_single_matching_policy(self, policies):
matching_policies = [p for p in policies.values() if p.get('url')]
if not matching_policies:
self._log.warn("No policies found with a url.")
return
wstrust13_policy = None
wstrust2005_policy = None
for policy in matching_policies:
version = policy.get('version', None)
if version == WSTrustVersion.WSTRUST13:
wstrust13_policy = policy
elif version == WSTrustVersion.WSTRUST2005:
wstrust2005_policy = policy
if wstrust13_policy is None and wstrust2005_policy is None:
self._log.warn('No policies found for either wstrust13 or wstrust2005')
self.username_password_policy = wstrust13_policy or wstrust2005_policy