suds.wsse

1 # This program is free software; you can redistribute it and/or modify 2 # it under the terms of the (LGPL) GNU Lesser General Public License as 3 # published by the Free Software Foundation; either version 3 of the 4 # License, or (at your option) any later version. 5 # 6 # This program is distributed in the hope that it will be useful, 7 # but WITHOUT ANY WARRANTY; without even the implied warranty of 8 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 9 # GNU Library Lesser General Public License for more details at 10 # ( http://www.gnu.org/licenses/lgpl.html ). 11 # 12 # You should have received a copy of the GNU Lesser General Public License 13 # along with this program; if not, write to the Free Software 14 # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. 15 # written by: Jeff Ortel ( jortel@redhat.com ) 16 17 """ 18 The I{wsse} module provides WS-Security. 19 """ 20 21 from logging import getLogger 22 from suds import * 23 from suds.sudsobject import Object 24 from suds.sax.element import Element 25 from suds.sax.date import UTC 26 from datetime import datetime, timedelta 27 28 try: 29 from hashlib import md5 30 except ImportError: 31 # Python 2.4 compatibility 32 from md5 import md5 33 34 35 dsns = \ 36 ('ds', 37 'http://www.w3.org/2000/09/xmldsig#') 38 wssens = \ 39 ('wsse', 40 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd') 41 wsuns = \ 42 ('wsu', 43 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd') 44 wsencns = \ 45 ('wsenc', 46 'http://www.w3.org/2001/04/xmlenc#')

47 48 49 -class Security(Object):

50 """ 51 WS-Security object. 52 @ivar tokens: A list of security tokens 53 @type tokens: [L{Token},...] 54 @ivar signatures: A list of signatures. 55 @type signatures: TBD 56 @ivar references: A list of references. 57 @type references: TBD 58 @ivar keys: A list of encryption keys. 59 @type keys: TBD 60 """ 61

62 - def __init__(self):

63 """ """ 64 Object.__init__(self) 65 self.mustUnderstand = True 66 self.tokens = [] 67 self.signatures = [] 68 self.references = [] 69 self.keys = []

70

71 - def xml(self):

72 """ 73 Get xml representation of the object. 74 @return: The root node. 75 @rtype: L{Element} 76 """ 77 root = Element('Security', ns=wssens) 78 root.set('mustUnderstand', str(self.mustUnderstand).lower()) 79 for t in self.tokens: 80 root.append(t.xml()) 81 return root

82

83 84 -class Token(Object):

85 """ I{Abstract} security token. """ 86 87 @classmethod

88 - def now(cls):

89 return datetime.now()

90 91 @classmethod

92 - def utc(cls):

93 return datetime.utcnow()

94 95 @classmethod

96 - def sysdate(cls):

97 utc = UTC() 98 return str(utc)

99

100 - def __init__(self):

101 Object.__init__(self)

102

103 104 -class UsernameToken(Token):

105 """ 106 Represents a basic I{UsernameToken} WS-Secuirty token. 107 @ivar username: A username. 108 @type username: str 109 @ivar password: A password. 110 @type password: str 111 @ivar nonce: A set of bytes to prevent reply attacks. 112 @type nonce: str 113 @ivar created: The token created. 114 @type created: L{datetime} 115 """ 116

117 - def __init__(self, username=None, password=None):

118 """ 119 @param username: A username. 120 @type username: str 121 @param password: A password. 122 @type password: str 123 """ 124 Token.__init__(self) 125 self.username = username 126 self.password = password 127 self.nonce = None 128 self.created = None

129

130 - def setnonce(self, text=None):

131 """ 132 Set I{nonce} which is arbitraty set of bytes to prevent 133 reply attacks. 134 @param text: The nonce text value. 135 Generated when I{None}. 136 @type text: str 137 """ 138 if text is None: 139 s = [] 140 s.append(self.username) 141 s.append(self.password) 142 s.append(Token.sysdate()) 143 m = md5() 144 m.update(':'.join(s)) 145 self.nonce = m.hexdigest() 146 else: 147 self.nonce = text

148

149 - def setcreated(self, dt=None):

150 """ 151 Set I{created}. 152 @param dt: The created date & time. 153 Set as datetime.utc() when I{None}. 154 @type dt: L{datetime} 155 """ 156 if dt is None: 157 self.created = Token.utc() 158 else: 159 self.created = dt

160 161

162 - def xml(self):

163 """ 164 Get xml representation of the object. 165 @return: The root node. 166 @rtype: L{Element} 167 """ 168 root = Element('UsernameToken', ns=wssens) 169 u = Element('Username', ns=wssens) 170 u.setText(self.username) 171 root.append(u) 172 p = Element('Password', ns=wssens) 173 p.setText(self.password) 174 root.append(p) 175 if self.nonce is not None: 176 n = Element('Nonce', ns=wssens) 177 n.setText(self.nonce) 178 root.append(n) 179 if self.created is not None: 180 n = Element('Created', ns=wsuns) 181 n.setText(str(UTC(self.created))) 182 root.append(n) 183 return root

184

185 186 -class Timestamp(Token):

187 """ 188 Represents the I{Timestamp} WS-Secuirty token. 189 @ivar created: The token created. 190 @type created: L{datetime} 191 @ivar expires: The token expires. 192 @type expires: L{datetime} 193 """ 194

195 - def __init__(self, validity=90):

196 """ 197 @param validity: The time in seconds. 198 @type validity: int 199 """ 200 Token.__init__(self) 201 self.created = Token.utc() 202 self.expires = self.created + timedelta(seconds=validity)

203

204 - def xml(self):

205 root = Element("Timestamp", ns=wsuns) 206 created = Element('Created', ns=wsuns) 207 created.setText(str(UTC(self.created))) 208 expires = Element('Expires', ns=wsuns) 209 expires.setText(str(UTC(self.expires))) 210 root.append(created) 211 root.append(expires) 212 return root

213

Source Code for Module suds.wsse