source: TI12-security/trunk/NDGSecurity/python/ndg_security_common/ndg/security/common/saml_utils/binding/soap/authzdecisionquery.py @ 6567

Subversion URL: http://proj.badc.rl.ac.uk/svn/ndg/TI12-security/trunk/NDGSecurity/python/ndg_security_common/ndg/security/common/saml_utils/binding/soap/authzdecisionquery.py@6567
Revision 6567, 3.9 KB checked in by pjkersha, 10 years ago (diff)

Refactoring SAML SOAP bindings module to include AuthzDecisionQuery?:

  • improved package structure
  • Generic SubjectQuerySOAPBinding type which AuthzDecision? and Attribute query types extend.
Line 
1"""SAML 2.0 bindings module implements SOAP binding for Authorisation Decision
2query
3
4NERC DataGrid Project
5"""
6__author__ = "P J Kershaw"
7__date__ = "12/02/10"
8__copyright__ = "(C) 2009 Science and Technology Facilities Council"
9__license__ = "BSD - see LICENSE file in top-level directory"
10__contact__ = "Philip.Kershaw@stfc.ac.uk"
11__revision__ = '$Id: $'
12import logging
13log = logging.getLogger(__name__)
14
15from M2Crypto.m2urllib2 import HTTPSHandler
16
17from saml.saml2.core import AuthzDecisionQuery
18
19from ndg.security.common.sam_utils.binding.soap.subjectquery import (
20                                                    SubjectQuerySOAPBinding,
21                                                    SubjectQueryResponseError)
22
23# Prevent whole module breaking if this is not available - it's only needed for
24# AuthzDecisionQuerySslSOAPBinding
25try:
26    from ndg.security.common.utils.m2crypto import SSLContextProxy
27    _sslContextProxySupport = True
28   
29except ImportError:
30    _sslContextProxySupport = False
31   
32
33class AuthzDecisionQueryResponseError(SubjectQueryResponseError):
34    """SAML Response error from Attribute Query"""
35   
36
37class AuthzDecisionQuerySOAPBinding(SubjectQuerySOAPBinding): 
38    """SAML Attribute Query SOAP Binding
39   
40    Nb. Assumes X.509 subject type for query issuer
41    """
42    __slots__ = ()
43   
44    def __init__(self, **kw):
45        '''Create SOAP Client for SAML Authorization Decision Query'''
46        super(AuthzDecisionQuerySOAPBinding, self).__init__(**kw)
47
48   
49    def _createQuery(self):
50        """Specialisation to force creation of AuthzDecisionQuery type instead
51        of SubjectQuery
52        """
53        return super(AuthzDecisionQuerySOAPBinding, self)._createQuery(
54                                                            AuthzDecisionQuery) 
55
56   
57class AuthzDecisionQuerySslSOAPBinding(AuthzDecisionQuerySOAPBinding):
58    """Specialisation of AuthzDecisionQuerySOAPbinding taking in the setting of
59    SSL parameters for mutual authentication
60    """
61    SSL_CONTEXT_PROXY_SUPPORT = _sslContextProxySupport
62    __slots__ = ('__sslCtxProxy',)
63   
64    def __init__(self, **kw):
65        if not AuthzDecisionQuerySslSOAPBinding.SSL_CONTEXT_PROXY_SUPPORT:
66            raise ImportError("ndg.security.common.utils.m2crypto import "
67                              "failed - missing M2Crypto package?")
68       
69        # Miss out default HTTPSHandler and set in send() instead
70        if 'handlers' in kw:
71            raise TypeError("__init__() got an unexpected keyword argument "
72                            "'handlers'")
73           
74        super(AuthzDecisionQuerySslSOAPBinding, self).__init__(handlers=(), 
75                                                               **kw)
76        self.__sslCtxProxy = SSLContextProxy()
77
78    def send(self, **kw):
79        """Override base class implementation to pass explicit SSL Context
80        """
81        httpsHandler = HTTPSHandler(ssl_context=self.sslCtxProxy.createCtx())
82        self.client.openerDirector.add_handler(httpsHandler)
83        return super(AuthzDecisionQuerySslSOAPBinding, self).send(**kw)
84       
85    @property
86    def sslCtxProxy(self):
87        """SSL Context Proxy object used for setting up an SSL Context for
88        queries
89        """
90        return self.__sslCtxProxy
91           
92    def __setattr__(self, name, value):
93        """Enable setting of SSLContextProxy attributes as if they were
94        attributes of this class.  This is intended as a convenience for
95        making settings parameters read from a config file
96        """
97        try:
98            super(AuthzDecisionQuerySslSOAPBinding, self).__setattr__(name, 
99                                                                      value)
100           
101        except AttributeError:
102            # Coerce into setting SSL Context Proxy attributes
103            try:
104                setattr(self.sslCtxProxy, name, value)
105            except:
106                raise
Note: See TracBrowser for help on using the repository browser.