Add eIDAS SPType node support

Author: ivan

src/saml2/client_base.py

@@ -18,6 +18,8 @@
 from saml2.samlp import AttributeQuery
 from saml2.samlp import AuthzDecisionQuery
 from saml2.samlp import AuthnRequest
+from saml2.samlp import Extensions
+from saml2.extension import sp_type
 
 import saml2
 import time
@@ -347,6 +349,14 @@ def create_authn_request(self, destination, vorg="", scoping=None,
             if force_authn:
                 args['force_authn'] = 'true'
 
+        conf_sp_type = self.config.getattr('sp_type', 'sp')
+        conf_sp_type_in_md = self.config.getattr('sp_type_in_metadata', 'sp')
+        if conf_sp_type and conf_sp_type_in_md is False:
+            if not extensions:
+                extensions = Extensions()
+            item = sp_type.SPType(text=conf_sp_type)
+            extensions.add_extension_element(item)
+
         if kwargs:
             _args, extensions = self._filter_args(AuthnRequest(), extensions,
                                                   **kwargs)

src/saml2/config.py

@@ -78,6 +78,8 @@
     "requested_attribute_name_format",
     "hide_assertion_consumer_service",
     "force_authn",
+    "sp_type",
+    "sp_type_in_metadata",
 ]
 
 AA_IDP_ARGS = [

src/saml2/extension/sp_type.py

@@ -0,0 +1,54 @@
+#!/usr/bin/env python
+
+#
+# Generated Tue Jul 18 15:03:44 2017 by parse_xsd.py version 0.5.
+#
+
+import saml2
+from saml2 import SamlBase
+
+
+NAMESPACE = 'http://eidas.europa.eu/saml-extensions'
+
+class SPTypeType_(SamlBase):
+    """The http://eidas.europa.eu/saml-extensions:SPTypeType element """
+
+    c_tag = 'SPTypeType'
+    c_namespace = NAMESPACE
+    c_value_type = {'base': 'xsd:string', 'enumeration': ['public', 'private']}
+    c_children = SamlBase.c_children.copy()
+    c_attributes = SamlBase.c_attributes.copy()
+    c_child_order = SamlBase.c_child_order[:]
+    c_cardinality = SamlBase.c_cardinality.copy()
+
+def sp_type_type__from_string(xml_string):
+    return saml2.create_class_from_xml_string(SPTypeType_, xml_string)
+
+
+class SPType(SPTypeType_):
+    """The http://eidas.europa.eu/saml-extensions:SPType element """
+
+    c_tag = 'SPType'
+    c_namespace = NAMESPACE
+    c_children = SPTypeType_.c_children.copy()
+    c_attributes = SPTypeType_.c_attributes.copy()
+    c_child_order = SPTypeType_.c_child_order[:]
+    c_cardinality = SPTypeType_.c_cardinality.copy()
+
+def sp_type_from_string(xml_string):
+    return saml2.create_class_from_xml_string(SPType, xml_string)
+
+
+ELEMENT_FROM_STRING = {
+    SPType.c_tag: sp_type_from_string,
+    SPTypeType_.c_tag: sp_type_type__from_string,
+}
+
+ELEMENT_BY_TAG = {
+    'SPType': SPType,
+    'SPTypeType': SPTypeType_,
+}
+
+
+def factory(tag, **kwargs):
+    return ELEMENT_BY_TAG[tag](**kwargs)

src/saml2/metadata.py

@@ -9,6 +9,7 @@
 from saml2.extension import idpdisc
 from saml2.extension import shibmd
 from saml2.extension import mdattr
+from saml2.extension import sp_type
 from saml2.saml import NAME_FORMAT_URI
 from saml2.saml import AttributeValue
 from saml2.saml import Attribute
@@ -722,7 +723,8 @@ def entity_descriptor(confd):
         entd.contact_person = do_contact_person_info(confd.contact_person)
 
     if confd.entity_category:
-        entd.extensions = md.Extensions()
+        if not entd.extensions:
+            entd.extensions = md.Extensions()
         ava = [AttributeValue(text=c) for c in confd.entity_category]
         attr = Attribute(attribute_value=ava,
                          name="http://macedir.org/entity-category")
@@ -734,6 +736,14 @@ def entity_descriptor(confd):
             entd.extensions = md.Extensions()
         entd.extensions.add_extension_element(item)
 
+    conf_sp_type = confd.getattr('sp_type', 'sp')
+    conf_sp_type_in_md = confd.getattr('sp_type_in_metadata', 'sp')
+    if conf_sp_type and conf_sp_type_in_md is True:
+        if not entd.extensions:
+            entd.extensions = md.Extensions()
+        item = sp_type.SPType(text=conf_sp_type)
+        entd.extensions.add_extension_element(item)
+
     serves = confd.serves
     if not serves:
         raise SAMLError(

tests/sp_mdext_conf.py

@@ -6,6 +6,8 @@
     "description": "My own SP",
     "service": {
         "sp": {
+            "sp_type": "public",
+            "sp_type_in_metadata": True,
             "endpoints": {
                 "assertion_consumer_service": [
                     "http://lingon.catalogix.se:8087/"],

tests/test_83_md_extensions.py

@@ -1,5 +1,6 @@
 from saml2.config import Config
 from saml2.metadata import entity_descriptor
+from saml2.extension.sp_type import SPType
 
 __author__ = 'roland'
 
@@ -14,4 +15,13 @@
 assert len(ed.spsso_descriptor.extensions.extension_elements) == 3
 
 assert ed.extensions
-assert len(ed.extensions.extension_elements) > 1
+assert len(ed.extensions.extension_elements) > 1
+
+assert any(e.tag is SPType.c_tag for e in ed.extensions.extension_elements)
+
+cnf.setattr('sp', 'sp_type_in_metadata', False)
+ed = entity_descriptor(cnf)
+
+print(ed)
+
+assert all(e.tag is not SPType.c_tag for e in ed.extensions.extension_elements)

tools/data/sp_type.xsd

@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema
+	xmlns="http://eidas.europa.eu/saml-extensions"
+	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+	targetNamespace="http://eidas.europa.eu/saml-extensions"
+	elementFormDefault="qualified"
+	attributeFormDefault="unqualified"
+	version="1">
+	<xsd:element name="SPType" type="SPTypeType"/>
+	<xsd:simpleType name="SPTypeType">
+		<xsd:restriction base="xsd:string">
+			<xsd:enumeration value="public"/>
+			<xsd:enumeration value="private"/>
+		</xsd:restriction>
+	</xsd:simpleType>
+</xsd:schema>