ndg.saml.saml2.binding.soap.client.xacmlauthzdecisionquery

1 """SAML 2.0 bindings module implements SOAP binding for XACMLAuthzDecisionQuery 2 3 NERC DataGrid Project 4 """ 5 __author__ = "R B Wilkinson" 6 __date__ = "23/12/11" 7 __copyright__ = "(C) 2011 Science and Technology Facilities Council" 8 __license__ = "http://www.apache.org/licenses/LICENSE-2.0" 9 __contact__ = "Philip.Kershaw@stfc.ac.uk" 10 __revision__ = '$Id$' 11 12 import logging 13 log = logging.getLogger(__name__) 14 15 from M2Crypto.m2urllib2 import HTTPSHandler 16 17 from ndg.saml.saml2.binding.soap.client.requestbase import RequestBaseSOAPBinding 18 from ndg.saml.saml2.xacml_profile import XACMLAuthzDecisionQuery 19 20 # Prevent whole module breaking if this is not available - it's only needed for 21 # AuthzDecisionQuerySslSOAPBinding 22 try: 23 from ndg.saml.utils.m2crypto import SSLContextProxy 24 _sslContextProxySupport = True 25 26 except ImportError: 27 _sslContextProxySupport = False

28 29 30 -class XACMLAuthzDecisionQuerySOAPBinding(RequestBaseSOAPBinding):

31 """XACML-SAML Attribute Query SOAP Binding 32 33 Nb. Assumes X.509 subject type for query issuer 34 """ 35 SERIALISE_KW = 'serialise' 36 DESERIALISE_KW = 'deserialise' 37 QUERY_TYPE = XACMLAuthzDecisionQuery 38 __slots__ = () 39

40 - def __init__(self, **kw):

41 '''Create SOAP Client for SAML Authorization Decision Query''' 42 cls = XACMLAuthzDecisionQuerySOAPBinding 43 44 # Default to ElementTree based serialisation/deserialisation 45 if cls.SERIALISE_KW not in kw: 46 from ndg.saml.xml.etree_xacml_profile \ 47 import XACMLAuthzDecisionQueryElementTree 48 kw[cls.SERIALISE_KW] = XACMLAuthzDecisionQueryElementTree.toXML 49 50 if cls.DESERIALISE_KW not in kw: 51 from ndg.saml.xml.etree import ResponseElementTree 52 kw[cls.DESERIALISE_KW] = ResponseElementTree.fromXML 53 54 super(XACMLAuthzDecisionQuerySOAPBinding, self).__init__(**kw)

55

56 57 # Copied from AuthzDecisionQuerySslSOAPBinding 58 -class XACMLAuthzDecisionQuerySslSOAPBinding(XACMLAuthzDecisionQuerySOAPBinding):

59 """Specialisation of AuthzDecisionQuerySOAPbinding taking in the setting of 60 SSL parameters for mutual authentication 61 """ 62 SSL_CONTEXT_PROXY_SUPPORT = _sslContextProxySupport 63 __slots__ = ('__sslCtxProxy',) 64

65 - def __init__(self, **kw):

66 if not XACMLAuthzDecisionQuerySslSOAPBinding.SSL_CONTEXT_PROXY_SUPPORT: 67 raise ImportError("ndg.security.common.utils.m2crypto import " 68 "failed - missing M2Crypto package?") 69 70 # Miss out default HTTPSHandler and set in send() instead 71 if 'handlers' in kw: 72 raise TypeError("__init__() got an unexpected keyword argument " 73 "'handlers'") 74 75 super(XACMLAuthzDecisionQuerySslSOAPBinding, self).__init__(handlers=(), 76 **kw) 77 self.__sslCtxProxy = SSLContextProxy()

78

79 - def send(self, query, **kw):

80 """Override base class implementation to pass explicit SSL Context 81 """ 82 httpsHandler = HTTPSHandler(ssl_context=self.sslCtxProxy.createCtx()) 83 self.client.openerDirector.add_handler(httpsHandler) 84 return super(XACMLAuthzDecisionQuerySslSOAPBinding, self).send(query, **kw)

85 86 @property

87 - def sslCtxProxy(self):

88 """SSL Context Proxy object used for setting up an SSL Context for 89 queries 90 """ 91 return self.__sslCtxProxy

92

93 - def __setattr__(self, name, value):

94 """Enable setting of SSLContextProxy attributes as if they were 95 attributes of this class. This is intended as a convenience for 96 making settings parameters read from a config file 97 """ 98 try: 99 super(XACMLAuthzDecisionQuerySslSOAPBinding, self).__setattr__(name, 100 value) 101 102 except AttributeError, e: 103 # Coerce into setting SSL Context Proxy attributes 104 try: 105 setattr(self.sslCtxProxy, name, value) 106 except: 107 raise e

108

Source Code for Module ndg.saml.saml2.binding.soap.client.xacmlauthzdecisionquery