diff --git a/README.md b/README.md index 8a524de8..0d1d0750 100644 --- a/README.md +++ b/README.md @@ -226,6 +226,9 @@ This is the ``settings.json`` file: // Enable debug mode (outputs errors). "debug": true, + // Enable deflate mode (request compression). + "deflate": true, + // Service Provider Data that we are deploying. "sp": { // Identifier of the SP entity (must be a URI) @@ -1049,6 +1052,7 @@ Configuration of the OneLogin Python Toolkit * ***set_strict*** Activates or deactivates the strict mode. * ***is_strict*** Returns if the ``strict`` mode is active. * ***is_debug_active*** Returns if the debug is active. +* ***is_deflate_active*** Returns if the deflate is active. #### OneLogin_Saml2_Metadata - metadata.py #### diff --git a/src/onelogin/saml2/authn_request.py b/src/onelogin/saml2/authn_request.py index cdbf2c44..b0fe51b4 100644 --- a/src/onelogin/saml2/authn_request.py +++ b/src/onelogin/saml2/authn_request.py @@ -135,15 +135,13 @@ def _generate_request_id(self): """ return OneLogin_Saml2_Utils.generate_unique_id() - def get_request(self, deflate=True): + def get_request(self): """ Returns unsigned AuthnRequest. - :param deflate: It makes the deflate process optional - :type: bool :return: AuthnRequest maybe deflated and base64 encoded :rtype: str object """ - if deflate: + if self.__settings.is_deflate_active(): request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__authn_request) else: request = OneLogin_Saml2_Utils.b64encode(self.__authn_request) diff --git a/src/onelogin/saml2/logout_request.py b/src/onelogin/saml2/logout_request.py index 3ed3fb15..42c24bcb 100644 --- a/src/onelogin/saml2/logout_request.py +++ b/src/onelogin/saml2/logout_request.py @@ -120,15 +120,13 @@ def __init__(self, settings, request=None, name_id=None, session_index=None, nq= self.__logout_request = compat.to_string(logout_request) - def get_request(self, deflate=True): + def get_request(self): """ Returns the Logout Request deflated, base64encoded - :param deflate: It makes the deflate process optional - :type: bool :return: Logout Request maybe deflated and base64 encoded :rtype: str object """ - if deflate: + if self.__settings.is_deflate_active(): request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__logout_request) else: request = OneLogin_Saml2_Utils.b64encode(self.__logout_request) diff --git a/src/onelogin/saml2/settings.py b/src/onelogin/saml2/settings.py index ab3dbe37..df3a4059 100644 --- a/src/onelogin/saml2/settings.py +++ b/src/onelogin/saml2/settings.py @@ -102,6 +102,7 @@ def __init__(self, settings=None, custom_base_path=None, sp_validation_only=Fals self.__paths = {} self.__strict = True self.__debug = False + self.__deflate = True self.__sp = {} self.__idp = {} self.__security = {} @@ -229,6 +230,7 @@ def __load_settings_from_dict(self, settings): self.__idp = settings.get('idp', {}) self.__strict = settings.get('strict', True) self.__debug = settings.get('debug', False) + self.__deflate = settings.get('deflate', True) self.__security = settings.get('security', {}) self.__contacts = settings.get('contactPerson', {}) self.__organization = settings.get('organization', {}) @@ -849,6 +851,15 @@ def is_debug_active(self): """ return self.__debug + def is_deflate_active(self): + """ + Returns if the deflate is active. + + :returns: Deflate parameter + :rtype: boolean + """ + return self.__deflate + def _get_allow_single_label_domain(self, settings): security = settings.get('security', {}) return 'allowSingleLabelDomains' in security.keys() and security['allowSingleLabelDomains'] diff --git a/tests/settings/settings1.json b/tests/settings/settings1.json index 69d7d25e..336e163d 100644 --- a/tests/settings/settings1.json +++ b/tests/settings/settings1.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://stuff.com/endpoints/metadata.php", diff --git a/tests/settings/settings10.json b/tests/settings/settings10.json index f118b4d0..8b62523e 100644 --- a/tests/settings/settings10.json +++ b/tests/settings/settings10.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "sp": { "entityId": "http://stuff.com/endpoints/metadata.php", "assertionConsumerService": { diff --git a/tests/settings/settings2.json b/tests/settings/settings2.json index 22f92dc1..bd589686 100644 --- a/tests/settings/settings2.json +++ b/tests/settings/settings2.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://stuff.com/endpoints/metadata.php", diff --git a/tests/settings/settings3.json b/tests/settings/settings3.json index de72e50d..926f9bae 100644 --- a/tests/settings/settings3.json +++ b/tests/settings/settings3.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://pytoolkit.com:8000/metadata/", diff --git a/tests/settings/settings4.json b/tests/settings/settings4.json index c217c7d8..50da2292 100644 --- a/tests/settings/settings4.json +++ b/tests/settings/settings4.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://pytoolkit.com:8000/metadata/", diff --git a/tests/settings/settings5.json b/tests/settings/settings5.json index e399d217..0b1612b2 100644 --- a/tests/settings/settings5.json +++ b/tests/settings/settings5.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://pytoolkit.com:8000/metadata/", diff --git a/tests/settings/settings6.json b/tests/settings/settings6.json index 5730925d..27fd5520 100644 --- a/tests/settings/settings6.json +++ b/tests/settings/settings6.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://stuff.com/endpoints/metadata.php", diff --git a/tests/settings/settings7.json b/tests/settings/settings7.json index e573624b..4f3196ef 100644 --- a/tests/settings/settings7.json +++ b/tests/settings/settings7.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://stuff.com/endpoints/metadata.php", diff --git a/tests/settings/settings8.json b/tests/settings/settings8.json index ce30e498..b35779b9 100644 --- a/tests/settings/settings8.json +++ b/tests/settings/settings8.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://stuff.com/endpoints/metadata.php", diff --git a/tests/settings/settings9.json b/tests/settings/settings9.json index 351c5c95..28998545 100644 --- a/tests/settings/settings9.json +++ b/tests/settings/settings9.json @@ -1,6 +1,7 @@ { "strict": false, "debug": false, + "deflate": true, "custom_base_path": "../../../tests/data/customPath/", "sp": { "entityId": "http://stuff.com/endpoints/metadata.php", diff --git a/tests/src/OneLogin/saml2_tests/auth_test.py b/tests/src/OneLogin/saml2_tests/auth_test.py index ea8cf1d3..26bd7d13 100644 --- a/tests/src/OneLogin/saml2_tests/auth_test.py +++ b/tests/src/OneLogin/saml2_tests/auth_test.py @@ -1217,7 +1217,7 @@ def testIsInValidLogoutResponseSign(self): def testIsValidLogoutRequestSign(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request """ request_data = { 'http_host': 'example.com', diff --git a/tests/src/OneLogin/saml2_tests/authn_request_test.py b/tests/src/OneLogin/saml2_tests/authn_request_test.py index b23c633a..f5ea2ab5 100644 --- a/tests/src/OneLogin/saml2_tests/authn_request_test.py +++ b/tests/src/OneLogin/saml2_tests/authn_request_test.py @@ -370,3 +370,26 @@ def testAttributeConsumingService(self): inflated = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(authn_request_encoded)) self.assertRegex(inflated, 'AttributeConsumingServiceIndex="1"') + + def testGetRequest(self): + """ + Tests the get_request method of the OneLogin_Saml2_Authn_Request. + """ + saml_settings = self.loadSettingsJSON() + saml_settings['deflate'] = True + settings = OneLogin_Saml2_Settings(saml_settings) + + authn_request = OneLogin_Saml2_Authn_Request(settings) + authn_request_xml = authn_request.get_xml() + + authn_request_encoded = authn_request.get_request() + self.assertEqual(authn_request_encoded, OneLogin_Saml2_Utils.deflate_and_base64_encode(authn_request_xml)) + + saml_settings['deflate'] = False + settings = OneLogin_Saml2_Settings(saml_settings) + + authn_request = OneLogin_Saml2_Authn_Request(settings) + authn_request_xml = authn_request.get_xml() + + authn_request_encoded = authn_request.get_request() + self.assertEqual(authn_request_encoded, OneLogin_Saml2_Utils.b64encode(authn_request_xml)) diff --git a/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py b/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py index 4aa653b5..603d7418 100644 --- a/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py +++ b/tests/src/OneLogin/saml2_tests/idp_metadata_parser_test.py @@ -513,6 +513,7 @@ def test_merge_settings(self): "signMetadata": false }, "debug": false, + "deflate": true, "organization": { "en-US": { "displayname": "SP test", @@ -532,6 +533,7 @@ def test_merge_settings(self): expected_settings2_json = """ { "debug": false, + "deflate": true, "idp": { "singleLogoutService": { "url": "http://idp.example.com/SingleLogoutService.php" @@ -589,6 +591,7 @@ def test_merge_settings(self): expected_settings3_json = """ { "debug": false, + "deflate": true, "strict": false, "custom_base_path": "../../../tests/data/customPath/", "sp": { diff --git a/tests/src/OneLogin/saml2_tests/logout_request_test.py b/tests/src/OneLogin/saml2_tests/logout_request_test.py index c18eaee4..642c1be9 100644 --- a/tests/src/OneLogin/saml2_tests/logout_request_test.py +++ b/tests/src/OneLogin/saml2_tests/logout_request_test.py @@ -55,7 +55,7 @@ def file_contents(self, filename): def testConstructor(self): """ - Tests the OneLogin_Saml2_LogoutRequest Constructor. + Tests the OneLogin_Saml2_Logout_Request Constructor. """ settings_info = self.loadSettingsJSON() settings_info['security']['nameIdEncrypted'] = True @@ -74,7 +74,7 @@ def testConstructor(self): def testCreateDeflatedSAMLLogoutRequestURLParameter(self): """ - Tests the OneLogin_Saml2_LogoutRequest Constructor. + Tests the OneLogin_Saml2_Logout_Request Constructor. The creation of a deflated SAML Logout Request """ settings = OneLogin_Saml2_Settings(self.loadSettingsJSON()) @@ -91,7 +91,7 @@ def testCreateDeflatedSAMLLogoutRequestURLParameter(self): def testConstructorWithNameIdFormatOnSettings(self): """ - Tests the OneLogin_Saml2_LogoutRequest Constructor. + Tests the OneLogin_Saml2_Logout_Request Constructor. Case: Defines NameIDFormat from settings """ settings_info = self.loadSettingsJSON() @@ -110,7 +110,7 @@ def testConstructorWithNameIdFormatOnSettings(self): def testConstructorWithoutNameIdFormat(self): """ - Tests the OneLogin_Saml2_LogoutRequest Constructor. + Tests the OneLogin_Saml2_Logout_Request Constructor. Case: Checks that NameIDFormat is not added """ settings_info = self.loadSettingsJSON() @@ -128,7 +128,7 @@ def testConstructorWithoutNameIdFormat(self): def testConstructorEncryptIdUsingX509certMulti(self): """ - Tests the OneLogin_Saml2_LogoutRequest Constructor. + Tests the OneLogin_Saml2_Logout_Request Constructor. Case: Able to generate encryptedID with MultiCert """ settings_info = self.loadSettingsJSON('settings8.json') @@ -149,7 +149,7 @@ def testConstructorEncryptIdUsingX509certMulti(self): def testGetIDFromSAMLLogoutRequest(self): """ - Tests the get_id method of the OneLogin_Saml2_LogoutRequest + Tests the get_id method of the OneLogin_Saml2_Logout_Request """ logout_request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml')) id1 = OneLogin_Saml2_Logout_Request.get_id(logout_request) @@ -161,7 +161,7 @@ def testGetIDFromSAMLLogoutRequest(self): def testGetIDFromDeflatedSAMLLogoutRequest(self): """ - Tests the get_id method of the OneLogin_Saml2_LogoutRequest + Tests the get_id method of the OneLogin_Saml2_Logout_Request """ deflated_logout_request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_deflated.xml.base64')) logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(deflated_logout_request) @@ -170,7 +170,7 @@ def testGetIDFromDeflatedSAMLLogoutRequest(self): def testGetNameIdData(self): """ - Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest + Tests the get_nameid_data method of the OneLogin_Saml2_Logout_Request """ expected_name_id_data = { 'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c', @@ -240,7 +240,7 @@ def testGetNameIdData(self): def testGetNameId(self): """ - Tests the get_nameid of the OneLogin_Saml2_LogoutRequest + Tests the get_nameid of the OneLogin_Saml2_Logout_Request """ request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml')) name_id = OneLogin_Saml2_Logout_Request.get_nameid(request) @@ -257,7 +257,7 @@ def testGetNameId(self): def testGetIssuer(self): """ - Tests the get_issuer of the OneLogin_Saml2_LogoutRequest + Tests the get_issuer of the OneLogin_Saml2_Logout_Request """ request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml')) @@ -275,7 +275,7 @@ def testGetIssuer(self): def testGetSessionIndexes(self): """ - Tests the get_session_indexes of the OneLogin_Saml2_LogoutRequest + Tests the get_session_indexes of the OneLogin_Saml2_Logout_Request """ request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml')) @@ -292,7 +292,7 @@ def testGetSessionIndexes(self): def testIsInvalidXML(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request Case Invalid XML """ request = OneLogin_Saml2_Utils.b64encode('invalid') @@ -312,7 +312,7 @@ def testIsInvalidXML(self): def testIsInvalidIssuer(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request Case Invalid Issuer """ request = self.file_contents(join(self.data_path, 'logout_requests', 'invalids', 'invalid_issuer.xml')) @@ -333,7 +333,7 @@ def testIsInvalidIssuer(self): def testIsInvalidDestination(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request Case Invalid Destination """ request_data = { @@ -361,7 +361,7 @@ def testIsInvalidDestination(self): def testIsInvalidNotOnOrAfter(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request Case Invalid NotOnOrAfter """ request_data = { @@ -383,7 +383,7 @@ def testIsInvalidNotOnOrAfter(self): def testIsValid(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request """ request_data = { 'http_host': 'example.com', @@ -415,7 +415,7 @@ def testIsValid(self): def testIsValidWithCapitalization(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request """ request_data = { 'http_host': 'exaMPLe.com', @@ -447,7 +447,7 @@ def testIsValidWithCapitalization(self): def testIsInValidWithCapitalization(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request """ request_data = { 'http_host': 'example.com', @@ -479,7 +479,7 @@ def testIsInValidWithCapitalization(self): def testIsValidWithXMLEncoding(self): """ - Tests the is_valid method of the OneLogin_Saml2_LogoutRequest + Tests the is_valid method of the OneLogin_Saml2_Logout_Request """ request_data = { 'http_host': 'example.com', @@ -544,3 +544,26 @@ def testGetXML(self): logout_request_processed = OneLogin_Saml2_Logout_Request(settings, OneLogin_Saml2_Utils.b64encode(request)) self.assertEqual(request, logout_request_processed.get_xml()) + + def testGetRequest(self): + """ + Tests the get_request method of the OneLogin_Saml2_Logout_Request. + """ + saml_settings = self.loadSettingsJSON() + saml_settings['deflate'] = True + settings = OneLogin_Saml2_Settings(saml_settings) + + authn_request = OneLogin_Saml2_Logout_Request(settings) + authn_request_xml = authn_request.get_xml() + + authn_request_encoded = authn_request.get_request() + self.assertEqual(authn_request_encoded, OneLogin_Saml2_Utils.deflate_and_base64_encode(authn_request_xml)) + + saml_settings['deflate'] = False + settings = OneLogin_Saml2_Settings(saml_settings) + + authn_request = OneLogin_Saml2_Logout_Request(settings) + authn_request_xml = authn_request.get_xml() + + authn_request_encoded = authn_request.get_request() + self.assertEqual(authn_request_encoded, OneLogin_Saml2_Utils.b64encode(authn_request_xml)) diff --git a/tests/src/OneLogin/saml2_tests/settings_test.py b/tests/src/OneLogin/saml2_tests/settings_test.py index 4cb271f5..41abf668 100644 --- a/tests/src/OneLogin/saml2_tests/settings_test.py +++ b/tests/src/OneLogin/saml2_tests/settings_test.py @@ -874,3 +874,21 @@ def testIsDebugActive(self): settings_info['debug'] = True settings_3 = OneLogin_Saml2_Settings(settings_info) self.assertTrue(settings_3.is_debug_active()) + + def testIsDeflateActive(self): + """ + Tests the isDeflateActive method of the OneLogin_Saml2_Settings + """ + settings_info = self.loadSettingsJSON() + del settings_info['deflate'] + + settings = OneLogin_Saml2_Settings(settings_info) + self.assertTrue(settings.is_deflate_active()) + + settings_info['deflate'] = False + settings_2 = OneLogin_Saml2_Settings(settings_info) + self.assertFalse(settings_2.is_deflate_active()) + + settings_info['deflate'] = True + settings_3 = OneLogin_Saml2_Settings(settings_info) + self.assertTrue(settings_3.is_deflate_active())