Merge pull request #301 from SAML-Toolkits/lxml_restriction

Update dependencies. Add flake8. Fix code syntax

Author: pitbulk

.travis.yml

@@ -2,16 +2,27 @@ language: python
 python:
   - '2.7'
 
+jobs:
+  include:
+    - name: "Python 2.7 on Focal Linux"
+       os: linux
+       dist: focal
+       python: 2.7
+    - name: "Python 2.7 on macOS"
+      os: osx
+      python: 2.7
+
 install:
   - sudo apt-get update -qq
   - sudo apt-get install -qq swig python-dev libxml2-dev libxmlsec1-dev
   - 'travis_retry pip install .'
   - 'travis_retry pip install -e ".[test]"'
 
-script: 
+script:
   - 'coverage run --source=src/onelogin/saml2 --rcfile=tests/coverage.rc setup.py test'
   - 'coverage report -m --rcfile=tests/coverage.rc'
-  - 'pycodestyle tests/src/OneLogin/saml2_tests/*.py demo-flask/*.py demo-django/*.py src/onelogin/saml2/*.py --config=tests/pep8.rc'
-  - 'pyflakes src/onelogin/saml2 demo-django demo-flask tests/src/OneLogin/saml2_tests'
+  #- 'pycodestyle tests/src/OneLogin/saml2_tests/*.py demo-flask/*.py demo-django/*.py src/onelogin/saml2/*.py --config=tests/pep8.rc'
+  #- 'pyflakes src/onelogin/saml2 demo-django demo-flask tests/src/OneLogin/saml2_tests'
+  - flake8 --ignore E226,E302,E41,E731,E501,C901,W504
 
 after_success: 'coveralls'

demo-bottle/index.py

@@ -44,7 +44,7 @@ def prepare_bottle_request(req):
 
 @app.route('/acs/', method='POST')
 @jinja2_view('index.html', template_lookup=['templates'])
-def index():
+def acs():
     req = prepare_bottle_request(request)
     auth = init_saml_auth(req)
     paint_logout = False
@@ -62,7 +62,7 @@ def index():
         self_url = OneLogin_Saml2_Utils.get_self_url(req)
         if 'RelayState' in request.forms and self_url != request.forms['RelayState']:
             # To avoid 'Open Redirect' attacks, before execute the redirection confirm
-                # the value of the request.forms['RelayState'] is a trusted URL.
+            # the value of the request.forms['RelayState'] is a trusted URL.
             return redirect(request.forms['RelayState'])
 
     if 'samlUserdata' in session:
@@ -71,10 +71,10 @@ def index():
             attributes = session['samlUserdata'].items()
 
     return {
-        'errors':errors,
-        'not_auth_warn':not_auth_warn,
-        'attributes':attributes,
-        'paint_logout':paint_logout
+        'errors': errors,
+        'not_auth_warn': not_auth_warn,
+        'attributes': attributes,
+        'paint_logout': paint_logout
     }
 
 
@@ -124,11 +124,11 @@ def index():
             attributes = session['samlUserdata'].items()
 
     return {
-        'errors':errors,
-        'not_auth_warn':not_auth_warn,
-        'success_slo':success_slo,
-        'attributes':attributes,
-        'paint_logout':paint_logout
+        'errors': errors,
+        'not_auth_warn': not_auth_warn,
+        'success_slo': success_slo,
+        'attributes': attributes,
+        'paint_logout': paint_logout
     }
 
 
@@ -144,8 +144,8 @@ def attrs():
         if len(session['samlUserdata']) > 0:
             attributes = session['samlUserdata'].items()
 
-    return {'paint_logout':paint_logout,
-            'attributes':attributes}
+    return {'paint_logout': paint_logout,
+            'attributes': attributes}
 
 
 @app.route('/metadata/')
@@ -178,7 +178,7 @@ def run(self, handler):
 
 if __name__ == "__main__":
     # To run HTTPS
-    #run(SessionMiddleware(app, config=session_opts), host='0.0.0.0', port=8000, debug=True, reloader=True, server=SSLPasteServer)
+    # run(SessionMiddleware(app, config=session_opts), host='0.0.0.0', port=8000, debug=True, reloader=True, server=SSLPasteServer)
 
     # To run HTTP
     run(SessionMiddleware(app, config=session_opts), host='0.0.0.0', port=8000, debug=True, reloader=True, server='paste')

demo-django/demo/urls.py

@@ -9,4 +9,3 @@
     url(r'^attrs/$', attrs, name='attrs'),
     url(r'^metadata/$', metadata, name='metadata')
 ]
-

demo-django/demo/views.py

@@ -64,10 +64,10 @@ def index(request):
 
         return HttpResponseRedirect(auth.logout(name_id=name_id, session_index=session_index, nq=name_id_nq, name_id_format=name_id_format, spnq=name_id_spnq))
 
-        # If LogoutRequest ID need to be stored in order to later validate it, do instead
+        #  If LogoutRequest ID need to be stored in order to later validate it, do instead
         # slo_built_url = auth.logout(name_id=name_id, session_index=session_index)
         # request.session['LogoutRequestID'] = auth.get_last_request_id()
-        #return HttpResponseRedirect(slo_built_url)
+        # return HttpResponseRedirect(slo_built_url)
     elif 'acs' in req['get_data']:
         request_id = None
         if 'AuthNRequestID' in request.session:
@@ -91,7 +91,7 @@ def index(request):
                 # the value of the req['post_data']['RelayState'] is a trusted URL.
                 return HttpResponseRedirect(auth.redirect_to(req['post_data']['RelayState']))
         elif auth.get_settings().is_debug_active():
-                error_reason = auth.get_last_error_reason()
+            error_reason = auth.get_last_error_reason()
     elif 'sls' in req['get_data']:
         request_id = None
         if 'LogoutRequestID' in request.session:

demo-django/demo/wsgi.py

@@ -6,9 +6,9 @@
 For more information on this file, see
 https://docs.djangoproject.com/en/1.6/howto/deployment/wsgi/
 """
-
 import os
-os.environ.setdefault("DJANGO_SETTINGS_MODULE", "demo.settings")
-
 from django.core.wsgi import get_wsgi_application
+
+
+os.environ.setdefault("DJANGO_SETTINGS_MODULE", "demo.settings")
 application = get_wsgi_application()

setup.py

@@ -1,7 +1,6 @@
 #! /usr/bin/env python
 # -*- coding: utf-8 -*-
 
-# Copyright (c) 2010-2021 OneLogin, Inc.
 # MIT License
 
 from setuptools import setup
@@ -10,18 +9,20 @@
 setup(
     name='python-saml',
     version='2.11.1',
-    description='Onelogin Python Toolkit. Add SAML support to your Python software using this library',
+    description='Saml Python Toolkit. Add SAML support to your Python software using this library',
     classifiers=[
         'Development Status :: 5 - Production/Stable',
         'Intended Audience :: Developers',
         'Intended Audience :: System Administrators',
         'Operating System :: OS Independent',
         'Programming Language :: Python :: 2.7',
     ],
-    author='OneLogin',
-    author_email='[email protected]',
+    author='SAML-Toolkits',
+    author_email='[email protected]',
+    maintainer='Sixto Martin',
+    maintainer_email='[email protected]',
     license='MIT',
-    url='https://github.com/onelogin/python-saml',
+    url='https://github.com/SAML-Toolkits/python-saml',
     packages=['onelogin', 'onelogin/saml2'],
     include_package_data=True,
     package_data={
@@ -32,17 +33,17 @@
     },
     test_suite='tests',
     install_requires=[
-        'lxml<4.7.1',
+        'lxml>=4.6.5, !=4.7.0',
         'dm.xmlsec.binding==1.3.7',
         'isodate>=0.6.1',
         'defusedxml>=0.7.1',
     ],
     extras_require={
         'test': (
-            'coverage>=3.6, <5.0',
-            'freezegun==0.3.5',
-            'flake8==3.6.0',
-            'coveralls==1.1',
+            'coverage>=5.5, <6.0',
+            'freezegun>=0.3.5, <0.4',
+            'flake8>=3.6.0, < 4.0',
+            'coveralls>=1.1, < 2.0',
         ),
     },
     keywords='saml saml2 xmlsec django flask',

src/onelogin/saml2/response.py

@@ -267,8 +267,8 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
                     else:
                         irt = sc_data.get('InResponseTo', None)
                         if (in_response_to is None and irt is not None and
-                           security.get('rejectUnsolicitedResponsesWithInResponseTo', False)) or \
-                           in_response_to and irt and irt != in_response_to:
+                           security.get('rejectUnsolicitedResponsesWithInResponseTo', False)) \
+                           or in_response_to and irt and irt != in_response_to:
                             continue
                         recipient = sc_data.get('Recipient', None)
                         if recipient and current_url not in recipient: