IdentityPython
Register common namespace prefixes
as @spaceone has already proposed here: https://github.com/IdentityPython/pysaml2/pull/326 This PR makes pySAML2 to adopt OASIS conventions about namespace prefixes.
USAGE
A user can registers his own prefixes defining them into a dict and registering them as follow:
OASIS_DEFAULT_NS_PREFIXES = {'ds': 'http://www.w3.org/2000/09/xmldsig#',
'md': 'urn:oasis:names:tc:SAML:2.0:metadata',
'mdui': 'urn:oasis:names:tc:SAML:metadata:ui',
'saml': 'urn:oasis:names:tc:SAML:2.0:assertion',
'samlp': 'urn:oasis:names:tc:SAML:2.0:protocol',
'xenc': 'http://www.w3.org/2001/04/xmlenc#',
'xs': 'http://www.w3.org/2001/XMLSchema',
'xsi': 'http://www.w3.org/2001/XMLSchema-instance',
'alg': "urn:oasis:names:tc:SAML:metadata:algsupport",
'mdattr': "urn:oasis:names:tc:SAML:metadata:attribute"}
# this register preferred prefix namespaces
SamlBase.register_prefix(NS_PREFIXES)
@c00kiemon5ter
Even if you do not want to merge this PR as-is I will be very thankfull to you and also to the community if we'll keep OASIS_DEFAULT_NS_PREFIXES as reference and SamlBase.register_prefix as a staticmethod. This will give us the opportunity to let the users to register OASIS namespaces during configuration, or any other own tastes. They just would then type:
from saml2 import SamlBase, OASIS_DEFAULT_NS_PREFIXES
SamlBase.register_prefixes(OASIS_DEFAULT_NS_PREFIXES)
Regarding unit test I'll follow @spaceone suggestions, dealing with a dynamic adaptation of xml templates. I know that this PR could represent a risk for legacy systems but I would also found in this an important belonging to OASIS conventions. Hope to meet your line.
Codecov Report
:exclamation: No coverage uploaded for pull request base (
master@8d45679). Click here to learn what that means. The diff coverage is100%.
@@ Coverage Diff @@
## master #625 +/- ##
=========================================
Coverage ? 65.42%
=========================================
Files ? 103
Lines ? 25724
Branches ? 0
=========================================
Hits ? 16831
Misses ? 8893
Partials ? 0
| Impacted Files | Coverage Δ | |
|---|---|---|
| src/saml2/__init__.py | 88.37% <100%> (ø) |
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact),ø = not affected,? = missing dataPowered by Codecov. Last update 8d45679...8b1bb93. Read the comment docs.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
I'd also like to discuss the opportunity to merge some constants. These was found as duplicate in the source tree, we can merge them into saml2.init or whatever then import from it if you agree.
In metadata.py
At line 35
NSPAIR = {
"saml2p": "urn:oasis:names:tc:SAML:2.0:protocol",
"saml2": "urn:oasis:names:tc:SAML:2.0:assertion",
"soap11": "http://schemas.xmlsoap.org/soap/envelope/",
"meta": "urn:oasis:names:tc:SAML:2.0:metadata",
"xsi": "http://www.w3.org/2001/XMLSchema-instance",
"ds": "http://www.w3.org/2000/09/xmldsig#",
"shibmd": "urn:mace:shibboleth:metadata:1.0",
"md": "urn:oasis:names:tc:SAML:2.0:metadata",
}
XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
./validate.py:10:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' ./saml.py:23:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' ./init.py:53:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
./saml.py:21:NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion' ./metadata.py:37: "saml2": "urn:oasis:names:tc:SAML:2.0:assertion", ./sigver.py:209:NODE_NAME = 'urn:oasis:names:tc:SAML:2.0:assertion:Assertion' ./sigver.py:210:ENC_NODE_NAME = 'urn:oasis:names:tc:SAML:2.0:assertion:EncryptedAssertion' ./init.py:50:NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
(XS|XSI)_NAMESPACE = 'http://www.w3.org/2001/XMLSchema(-instance)'
./validate.py:10:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' ./saml.py:23:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' ./saml.py:24:XS_NAMESPACE = 'http://www.w3.org/2001/XMLSchema' ./init.py:53:XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance' ./init.py:54:XS_NAMESPACE = 'http://www.w3.org/2001/XMLSchema'
MD_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:metadata"
./metadata.py:39: "meta": "urn:oasis:names:tc:SAML:2.0:metadata", ./metadata.py:43: "md": "urn:oasis:names:tc:SAML:2.0:metadata", ./metadata.py:59:MDNS = '"urn:oasis:names:tc:SAML:2.0:metadata"' ./metadata.py:60:bMDNS = b'"urn:oasis:names:tc:SAML:2.0:metadata"' ./init.py:55:MD_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:metadata" ./md.py:13:NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:metadata'
MDUI_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:ui"
./extension/ui.py:12:NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:ui' ./init.py:56:MDUI_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:ui"
DS_NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'
./metadata.py:41: "ds": "http://www.w3.org/2000/09/xmldsig#", ./init.py:57:DS_NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#' ./xmldsig/init.py:10:NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'
XENC_NAMESPACE = "http://www.w3.org/2001/04/xmlenc#"
./init.py:58:XENC_NAMESPACE = "http://www.w3.org/2001/04/xmlenc#" ./xmlenc/init.py:11:NAMESPACE = 'http://www.w3.org/2001/04/xmlenc#'
[not duplicated] ALG_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:algsupport"
./init.py:59:ALG_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:algsupport"
MDATTR_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:attribute"
./extension/mdattr.py:12:NAMESPACE = 'urn:oasis:names:tc:SAML:metadata:attribute' ./init.py:60:MDATTR_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:attribute"
Is this going to get merged? I've been using the code from this PR for a few years now and it's making my devops pipeline, um, difficult.
