Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Register common namespace prefixes #625

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Register common namespace prefixes #625

wants to merge 4 commits into from

Conversation

peppelinux
Copy link
Member

@peppelinux peppelinux commented Jul 19, 2019
edited
Loading

as @spaceone has already proposed here: #326
This PR makes pySAML2 to adopt OASIS conventions about namespace prefixes.

USAGE

A user can registers his own prefixes defining them into a dict and registering them as follow:

OASIS_DEFAULT_NS_PREFIXES = {'ds': 'http://www.w3.org/2000/09/xmldsig#',
                             'md': 'urn:oasis:names:tc:SAML:2.0:metadata',
                             'mdui': 'urn:oasis:names:tc:SAML:metadata:ui',
                             'saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
                             'samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
                             'xenc': 'http://www.w3.org/2001/04/xmlenc#',
                             'xs': 'http://www.w3.org/2001/XMLSchema',
                             'xsi': 'http://www.w3.org/2001/XMLSchema-instance',
                             'alg': "urn:oasis:names:tc:SAML:metadata:algsupport",
                             'mdattr': "urn:oasis:names:tc:SAML:metadata:attribute"}

# this register preferred prefix namespaces
SamlBase.register_prefix(NS_PREFIXES)

@c00kiemon5ter
Even if you do not want to merge this PR as-is I will be very thankfull to you and also to the community if we'll keep OASIS_DEFAULT_NS_PREFIXES as reference and SamlBase.register_prefix as a staticmethod. This will give us the opportunity to let the users to register OASIS namespaces during configuration, or any other own tastes. They just would then type:

from saml2 import SamlBase, OASIS_DEFAULT_NS_PREFIXES

SamlBase.register_prefixes(OASIS_DEFAULT_NS_PREFIXES)

Regarding unit test I'll follow @spaceone suggestions, dealing with a dynamic adaptation of xml templates. I know that this PR could represent a risk for legacy systems but I would also found in this an important belonging to OASIS conventions. Hope to meet your line.

@codecov
Copy link

codecov bot commented Jul 21, 2019
edited
Loading

Codecov Report

❗ No coverage uploaded for pull request base (master@8d45679). Click here to learn what that means.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff            @@
##             master     #625   +/-   ##
=========================================
  Coverage          ?   65.42%           
=========================================
  Files             ?      103           
  Lines             ?    25724           
  Branches          ?        0           
=========================================
  Hits              ?    16831           
  Misses            ?     8893           
  Partials          ?        0
Impacted Files Coverage Δ
src/saml2/__init__.py 88.37% <100%> (ø)

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 8d45679...8b1bb93. Read the comment docs.

@peppelinux peppelinux force-pushed the ns_prefixes branch 3 times, most recently from e82ef71 to 8b1bb93 Compare July 22, 2019 20:53
@peppelinux
unit test passes - ElementTree namespaces initialized globally in sam…
8b1bb93 
…l2.__init__

- code cleanup
- SamlBase.register_prefix is now a staticmethod
@peppelinux
Copy link
Member Author

peppelinux commented Jul 22, 2019
edited
Loading

I'd also like to discuss the opportunity to merge some constants.
These was found as duplicate in the source tree, we can merge them into saml2.init or whatever then import from it if you agree.

In metadata.py

At line 35

NSPAIR = {
    "saml2p": "urn:oasis:names:tc:SAML:2.0:protocol",
    "saml2": "urn:oasis:names:tc:SAML:2.0:assertion",
    "soap11": "http://schemas.xmlsoap.org/soap/envelope/",
    "meta": "urn:oasis:names:tc:SAML:2.0:metadata",
    "xsi": "http://www.w3.org/2001/XMLSchema-instance",
    "ds": "http://www.w3.org/2000/09/xmldsig#",
    "shibmd": "urn:mace:shibboleth:metadata:1.0",
    "md": "urn:oasis:names:tc:SAML:2.0:metadata",
}

XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'

./validate.py:10:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
./saml.py:23:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
./init.py:53:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'

NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'

./saml.py:21:NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
./metadata.py:37: "saml2": "urn:oasis:names:tc:SAML:2.0:assertion",
./sigver.py:209:NODE_NAME = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion'
./sigver.py:210:ENC_NODE_NAME = 'urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAssertion'
./init.py:50:NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'

(XS|XSI)_NAMESPACE = 'http://www.w3.org/2001/XMLSchema(-instance)'

./validate.py:10:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
./saml.py:23:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
./saml.py:24:XS_NAMESPACE = 'http://www.w3.org/2001/XMLSchema'
./init.py:53:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
./init.py:54:XS_NAMESPACE = 'http://www.w3.org/2001/XMLSchema'

MD_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:metadata"

./metadata.py:39: "meta": "urn:oasis:names:tc:SAML:2.0:metadata",
./metadata.py:43: "md": "urn:oasis:names:tc:SAML:2.0:metadata",
./metadata.py:59:MDNS = '"urn:oasis:names:tc:SAML:2.0:metadata"'
./metadata.py:60:bMDNS = b'"urn:oasis:names:tc:SAML:2.0:metadata"'
./init.py:55:MD_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:metadata"
./md.py:13:NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:metadata'

MDUI_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:ui"

./extension/ui.py:12:NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:ui'
./init.py:56:MDUI_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:ui"

DS_NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'

./metadata.py:41: "ds": "http://www.w3.org/2000/09/xmldsig#",
./init.py:57:DS_NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'
./xmldsig/init.py:10:NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'

XENC_NAMESPACE = "http://www.w3.org/2001/04/xmlenc#"

./init.py:58:XENC_NAMESPACE = "http://www.w3.org/2001/04/xmlenc#"
./xmlenc/init.py:11:NAMESPACE = 'http://www.w3.org/2001/04/xmlenc#'

[not duplicated] ALG_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:algsupport"

./init.py:59:ALG_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:algsupport"

MDATTR_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:attribute"

./extension/mdattr.py:12:NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:attribute'
./init.py:60:MDATTR_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:attribute"

@peppelinux peppelinux mentioned this pull request Oct 27, 2019
Open
@c00kiemon5ter c00kiemon5ter changed the title prettify XML string output by registering default namespace prefixes Registering common namespace prefixes Oct 29, 2019
@peppelinux peppelinux mentioned this pull request Nov 19, 2019
Open
@c00kiemon5ter c00kiemon5ter changed the title Registering common namespace prefixes Register common namespace prefixes Nov 26, 2019
@peppelinux peppelinux mentioned this pull request Feb 16, 2020
Closed
@alekratz
Copy link

alekratz commented Apr 5, 2022

Is this going to get merged? I've been using the code from this PR for a few years now and it's making my devops pipeline, um, difficult.

@spaceone
Copy link
Contributor

spaceone commented Apr 5, 2022

rebased #326

@kushaldas
Copy link

Commenting so that it shows up to the maintainers.

# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@peppelinux @alekratz @spaceone @kushaldas