Deprecate UserIdHasher class

Signed-off-by: Ivan Kanakarakis <[email protected]>

Author: c00kiemon5ter

src/satosa/deprecated.py

@@ -1,3 +1,4 @@
+import datetime
 import warnings as _warnings
 from enum import Enum
 
@@ -6,6 +7,8 @@
 from saml2.saml import NAMEID_FORMAT_EMAILADDRESS
 from saml2.saml import NAMEID_FORMAT_UNSPECIFIED
 
+from satosa import util
+
 
 _warnings.simplefilter("default")
 
@@ -37,6 +40,96 @@ def from_string(cls, str):
             raise ValueError("Unknown hash type '{}'".format(str))
 
 
+class UserIdHasher(object):
+    """
+    Class for creating different user id types
+    """
+
+    STATE_KEY = "IDHASHER"
+
+    @staticmethod
+    def save_state(internal_request, state):
+        """
+        Saves all necessary information needed by the UserIdHasher
+
+        :type internal_request: satosa.internal_data.InternalRequest
+
+        :param internal_request: The request
+        :param state: The current state
+        """
+        state_data = {"hash_type": internal_request.user_id_hash_type}
+        state[UserIdHasher.STATE_KEY] = state_data
+
+    @staticmethod
+    def hash_data(salt, value):
+        """
+        Hashes a value together with a salt.
+        :type salt: str
+        :type value: str
+        :param salt: hash salt
+        :param value: value to hash together with the salt
+        :return: hash value (SHA512)
+        """
+        msg = "UserIdHasher is deprecated; use satosa.util.hash_data instead."
+        _warnings.warn(msg, DeprecationWarning)
+        return util.hash_data(salt, value)
+
+    @staticmethod
+    def hash_type(state):
+        state_data = state[UserIdHasher.STATE_KEY]
+        hash_type = state_data["hash_type"]
+        return hash_type
+
+    @staticmethod
+    def hash_id(salt, user_id, requester, state):
+        """
+        Sets a user id to the internal_response,
+        in the format specified by the internal response
+
+        :type salt: str
+        :type user_id: str
+        :type requester: str
+        :type state: satosa.state.State
+        :rtype: str
+
+        :param salt: A salt string for the ID hashing
+        :param user_id: the user id
+        :param user_id_hash_type: Hashing type
+        :param state: The current state
+        :return: the internal_response containing the hashed user ID
+        """
+        hash_type_to_format = {
+            NAMEID_FORMAT_TRANSIENT: "{id}{req}{time}",
+            NAMEID_FORMAT_PERSISTENT: "{id}{req}",
+            "pairwise": "{id}{req}",
+            "public": "{id}",
+            NAMEID_FORMAT_EMAILADDRESS: "{id}",
+            NAMEID_FORMAT_UNSPECIFIED: "{id}",
+        }
+
+        format_args = {
+            "id": user_id,
+            "req": requester,
+            "time": datetime.datetime.utcnow().timestamp(),
+        }
+
+        hash_type = UserIdHasher.hash_type(state)
+        try:
+            fmt = hash_type_to_format[hash_type]
+        except KeyError as e:
+            raise ValueError("Unknown hash type: {}".format(hash_type)) from e
+        else:
+            user_id = fmt.format(**format_args)
+
+        hasher = (
+            (lambda salt, value: value)
+            if hash_type
+            in [NAMEID_FORMAT_EMAILADDRESS, NAMEID_FORMAT_UNSPECIFIED]
+            else util.hash_data
+        )
+        return hasher(salt, user_id)
+
+
 def saml_name_id_format_to_hash_type(name_format):
     """
     Translate pySAML2 name format to satosa format

src/satosa/internal_data.py

@@ -1,106 +1,7 @@
-"""
-The module contains internal data representation in SATOSA and general converteras that can be used
-for converting from SAML/OAuth/OpenID connect to the internal representation.
-"""
-import datetime
-
-from saml2.saml import NAMEID_FORMAT_TRANSIENT
-from saml2.saml import NAMEID_FORMAT_PERSISTENT
-from saml2.saml import NAMEID_FORMAT_EMAILADDRESS
-from saml2.saml import NAMEID_FORMAT_UNSPECIFIED
-
-import satosa.util as util
-from satosa.deprecated import UserIdHashType
-
-
-class UserIdHasher(object):
-    """
-    Class for creating different user id types
-    """
-    STATE_KEY = "IDHASHER"
-
-    @staticmethod
-    def save_state(internal_request, state):
-        """
-        Saves all necessary information needed by the UserIdHasher
-
-        :type internal_request: satosa.internal_data.InternalRequest
-
-        :param internal_request: The request
-        :param state: The current state
-        """
-        state_data = {
-            "hash_type": internal_request.user_id_hash_type
-        }
-        state[UserIdHasher.STATE_KEY] = state_data
-
-    @staticmethod
-    def hash_data(salt, value):
-        """
-        Hashes a value together with a salt.
-        :type salt: str
-        :type value: str
-        :param salt: hash salt
-        :param value: value to hash together with the salt
-        :return: hash value (SHA512)
-        """
-        return util.hash_data(salt, value)
-
-    @staticmethod
-    def hash_type(state):
-        state_data = state[UserIdHasher.STATE_KEY]
-        hash_type = state_data["hash_type"]
-        return hash_type
-
-    @staticmethod
-    def hash_id(salt, user_id, requester, state):
-        """
-        Sets a user id to the internal_response,
-        in the format specified by the internal response
+"""Internal data representation for SAML/OAuth/OpenID connect."""
 
-        :type salt: str
-        :type user_id: str
-        :type requester: str
-        :type state: satosa.state.State
-        :rtype: str
-
-        :param salt: A salt string for the ID hashing
-        :param user_id: the user id
-        :param user_id_hash_type: Hashing type
-        :param state: The current state
-        :return: the internal_response containing the hashed user ID
-        """
-        hash_type_to_format = {
-            NAMEID_FORMAT_TRANSIENT:    '{id}{req}{time}',
-            NAMEID_FORMAT_PERSISTENT:   '{id}{req}',
-            "pairwise":                 '{id}{req}',
-            "public":                   '{id}',
-            NAMEID_FORMAT_EMAILADDRESS: '{id}',
-            NAMEID_FORMAT_UNSPECIFIED:  '{id}',
-        }
-
-        format_args = {
-            'id': user_id,
-            'req': requester,
-            'time': datetime.datetime.utcnow().timestamp(),
-        }
-
-        hash_type = UserIdHasher.hash_type(state)
-        try:
-            fmt = hash_type_to_format[hash_type]
-        except KeyError as e:
-            raise ValueError('Unknown hash type: {}'.format(hash_type)) from e
-        else:
-            user_id = fmt.format(**format_args)
-
-        hasher = (
-            (lambda salt, value: value)
-            if hash_type in [
-                NAMEID_FORMAT_EMAILADDRESS,
-                NAMEID_FORMAT_UNSPECIFIED,
-            ]
-            else UserIdHasher.hash_data)
-        return hasher(salt, user_id)
+from satosa.deprecated import UserIdHashType
+from satosa.deprecated import UserIdHasher
 
 
 class AuthenticationInformation(object):

tests/satosa/test_base.py

@@ -7,6 +7,7 @@
 from saml2.saml import NAMEID_FORMAT_PERSISTENT
 
 import satosa
+from satosa import util
 from satosa.base import SATOSABase
 from satosa.exception import SATOSAConfigurationError
 from satosa.internal_data import InternalResponse, AuthenticationInformation, UserIdHasher, InternalRequest
@@ -91,8 +92,10 @@ def test_auth_resp_callback_func_hashes_all_specified_attributes(self, context,
 
         base._auth_resp_callback_func(context, internal_resp)
         for attr in satosa_config["INTERNAL_ATTRIBUTES"]["hash"]:
-            assert internal_resp.attributes[attr] == [UserIdHasher.hash_data(satosa_config["USER_ID_HASH_SALT"], v)
-                                                      for v in attributes[attr]]
+            assert internal_resp.attributes[attr] == [
+                util.hash_data(satosa_config["USER_ID_HASH_SALT"], v)
+                for v in attributes[attr]
+            ]
 
     def test_auth_resp_callback_func_respects_user_id_to_attr(self, context, satosa_config):
         satosa_config["INTERNAL_ATTRIBUTES"]["user_id_to_attr"] = "user_id"