Skip to content

Commit a0c7d02

Browse files
leifjleifj
committed
blacked
1 parent ee6e11d commit a0c7d02

30 files changed

+1629
-1309
lines changed

src/pyff/api.py

Lines changed: 115 additions & 124 deletions
Large diffs are not rendered by default.

src/pyff/builtins.py

Lines changed: 104 additions & 69 deletions
Original file line numberDiff line numberDiff line change
@@ -5,32 +5,53 @@
55
import base64
66
import hashlib
77
import json
8+
import operator
9+
import os
10+
import re
811
import sys
912
import traceback
1013
from copy import deepcopy
1114
from datetime import datetime
1215
from distutils.util import strtobool
13-
import operator
14-
import os
15-
import re
16+
17+
import ipaddr
18+
import six
1619
import xmlsec
1720
from iso8601 import iso8601
1821
from lxml.etree import DocumentInvalid
22+
from six.moves.urllib_parse import quote_plus, urlparse
23+
24+
from pyff.pipes import registry
1925

2026
from .constants import NS, config
2127
from .decorators import deprecated
22-
from .logs import get_log
23-
from .pipes import Plumbing, PipeException, PipelineCallback, pipe
24-
from .utils import total_seconds, dumptree, safe_write, root, with_tree, duration2timedelta, xslt_transform, \
25-
validate_document, hash_id
26-
from .samlmd import sort_entities, iter_entities, annotate_entity, set_entity_attributes, \
27-
discojson_t, set_pubinfo, set_reginfo, find_in_document, entitiesdescriptor, set_nodecountry, resolve_entities
28-
from six.moves.urllib_parse import urlparse
2928
from .exceptions import MetadataException
30-
import six
31-
import ipaddr
32-
from pyff.pipes import registry
33-
from six.moves.urllib_parse import quote_plus
29+
from .logs import get_log
30+
from .pipes import PipeException, PipelineCallback, Plumbing, pipe
31+
from .samlmd import (
32+
annotate_entity,
33+
discojson_t,
34+
entitiesdescriptor,
35+
find_in_document,
36+
iter_entities,
37+
resolve_entities,
38+
set_entity_attributes,
39+
set_nodecountry,
40+
set_pubinfo,
41+
set_reginfo,
42+
sort_entities,
43+
)
44+
from .utils import (
45+
dumptree,
46+
duration2timedelta,
47+
hash_id,
48+
root,
49+
safe_write,
50+
total_seconds,
51+
validate_document,
52+
with_tree,
53+
xslt_transform,
54+
)
3455

3556
__author__ = 'leifj'
3657

@@ -58,20 +79,20 @@ def dump(req, *opts):
5879
def _map(req, *opts):
5980
"""
6081
61-
loop over the entities in a selection
82+
loop over the entities in a selection
6283
63-
:param req:
64-
:param opts:
65-
:return: None
84+
:param req:
85+
:param opts:
86+
:return: None
6687
67-
**Examples**
88+
**Examples**
6889
69-
.. code-block:: yaml
90+
.. code-block:: yaml
7091
71-
- map:
72-
- ...statements...
92+
- map:
93+
- ...statements...
7394
74-
Executes a set of statements in parallell (using a thread pool).
95+
Executes a set of statements in parallell (using a thread pool).
7596
7697
"""
7798

@@ -84,6 +105,7 @@ def _p(e):
84105
return ip.iprocess(ireq)
85106

86107
from multiprocessing.pool import ThreadPool
108+
87109
pool = ThreadPool()
88110
result = pool.map(_p, iter_entities(req.t), chunksize=10)
89111
log.info("processed {} entities".format(len(result)))
@@ -599,7 +621,8 @@ def load(req, *opts):
599621
r = x.split()
600622

601623
assert len(r) in range(1, 8), PipeException(
602-
"Usage: load resource [as url] [[verify] verification] [via pipeline] [cleanup pipeline]")
624+
"Usage: load resource [as url] [[verify] verification] [via pipeline] [cleanup pipeline]"
625+
)
603626

604627
url = r.pop(0)
605628
params = {"via": [], "cleanup": [], "verify": None, "as": url}
@@ -614,7 +637,8 @@ def load(req, *opts):
614637
params[elt] = r.pop(0)
615638
else:
616639
raise PipeException(
617-
"Usage: load resource [as url] [[verify] verification] [via pipeline]* [cleanup pipeline]*")
640+
"Usage: load resource [as url] [[verify] verification] [via pipeline]* [cleanup pipeline]*"
641+
)
618642
else:
619643
params['verify'] = elt
620644

@@ -730,12 +754,14 @@ def select(req, *opts):
730754

731755
def _strings(elt):
732756
lst = []
733-
for attr in ['{%s}DisplayName' % NS['mdui'],
734-
'{%s}ServiceName' % NS['md'],
735-
'{%s}OrganizationDisplayName' % NS['md'],
736-
'{%s}OrganizationName' % NS['md'],
737-
'{%s}Keywords' % NS['mdui'],
738-
'{%s}Scope' % NS['shibmd']]:
757+
for attr in [
758+
'{%s}DisplayName' % NS['mdui'],
759+
'{%s}ServiceName' % NS['md'],
760+
'{%s}OrganizationDisplayName' % NS['md'],
761+
'{%s}OrganizationName' % NS['md'],
762+
'{%s}Keywords' % NS['mdui'],
763+
'{%s}Scope' % NS['shibmd'],
764+
]:
739765
lst.extend([s.text for s in elt.iter(attr)])
740766
lst.append(elt.get('entityID'))
741767
return [item for item in lst if item is not None]
@@ -1005,10 +1031,12 @@ def stats(req, *opts):
10051031

10061032
if req.t is not None:
10071033
print("selected: {:d}".format(len(req.t.xpath("//md:EntityDescriptor", namespaces=NS))))
1008-
print(" idps: {:d}".format(
1009-
len(req.t.xpath("//md:EntityDescriptor[md:IDPSSODescriptor]", namespaces=NS))))
10101034
print(
1011-
" sps: {:d}".format(len(req.t.xpath("//md:EntityDescriptor[md:SPSSODescriptor]", namespaces=NS))))
1035+
" idps: {:d}".format(len(req.t.xpath("//md:EntityDescriptor[md:IDPSSODescriptor]", namespaces=NS)))
1036+
)
1037+
print(
1038+
" sps: {:d}".format(len(req.t.xpath("//md:EntityDescriptor[md:SPSSODescriptor]", namespaces=NS)))
1039+
)
10121040
print("---")
10131041
return req.t
10141042

@@ -1188,7 +1216,8 @@ def _verify(elt):
11881216
u = urlparse(uri)
11891217
if u.scheme not in ('http', 'https'):
11901218
raise MetadataException(
1191-
"Namespace URIs must be be http(s) URIs ('{}' declared on {})".format(uri, elt.tag))
1219+
"Namespace URIs must be be http(s) URIs ('{}' declared on {})".format(uri, elt.tag)
1220+
)
11921221

11931222
with_tree(root(req.t), _verify)
11941223
return req.t
@@ -1261,12 +1290,10 @@ def certreport(req, *opts):
12611290
warning_bits = int(req.args.get('warning_bits', "2048"))
12621291

12631292
seen = {}
1264-
for eid in req.t.xpath("//md:EntityDescriptor/@entityID",
1265-
namespaces=NS,
1266-
smart_strings=False):
1267-
for cd in req.t.xpath("md:EntityDescriptor[@entityID='%s']//ds:X509Certificate" % eid,
1268-
namespaces=NS,
1269-
smart_strings=False):
1293+
for eid in req.t.xpath("//md:EntityDescriptor/@entityID", namespaces=NS, smart_strings=False):
1294+
for cd in req.t.xpath(
1295+
"md:EntityDescriptor[@entityID='%s']//ds:X509Certificate" % eid, namespaces=NS, smart_strings=False
1296+
):
12701297
try:
12711298
cert_pem = cd.text
12721299
cert_der = base64.b64decode(cert_pem)
@@ -1280,50 +1307,58 @@ def certreport(req, *opts):
12801307
keysize = cdict['modulus'].bit_length()
12811308
cert = cdict['cert']
12821309
if keysize < error_bits:
1283-
annotate_entity(entity_elt,
1284-
"certificate-error",
1285-
"keysize too small",
1286-
"%s has keysize of %s bits (less than %s)" % (cert.getSubject(),
1287-
keysize,
1288-
error_bits))
1310+
annotate_entity(
1311+
entity_elt,
1312+
"certificate-error",
1313+
"keysize too small",
1314+
"%s has keysize of %s bits (less than %s)" % (cert.getSubject(), keysize, error_bits),
1315+
)
12891316
log.error("%s has keysize of %s" % (eid, keysize))
12901317
elif keysize < warning_bits:
1291-
annotate_entity(entity_elt,
1292-
"certificate-warning",
1293-
"keysize small",
1294-
"%s has keysize of %s bits (less than %s)" % (cert.getSubject(),
1295-
keysize,
1296-
warning_bits))
1318+
annotate_entity(
1319+
entity_elt,
1320+
"certificate-warning",
1321+
"keysize small",
1322+
"%s has keysize of %s bits (less than %s)" % (cert.getSubject(), keysize, warning_bits),
1323+
)
12971324
log.warn("%s has keysize of %s" % (eid, keysize))
12981325

12991326
notafter = cert.getNotAfter()
13001327
if notafter is None:
1301-
annotate_entity(entity_elt,
1302-
"certificate-error",
1303-
"certificate has no expiration time",
1304-
"%s has no expiration time" % cert.getSubject())
1328+
annotate_entity(
1329+
entity_elt,
1330+
"certificate-error",
1331+
"certificate has no expiration time",
1332+
"%s has no expiration time" % cert.getSubject(),
1333+
)
13051334
else:
13061335
try:
13071336
et = datetime.strptime("%s" % notafter, "%y%m%d%H%M%SZ")
13081337
now = datetime.now()
13091338
dt = et - now
13101339
if total_seconds(dt) < error_seconds:
1311-
annotate_entity(entity_elt,
1312-
"certificate-error",
1313-
"certificate has expired",
1314-
"%s expired %s ago" % (cert.getSubject(), -dt))
1340+
annotate_entity(
1341+
entity_elt,
1342+
"certificate-error",
1343+
"certificate has expired",
1344+
"%s expired %s ago" % (cert.getSubject(), -dt),
1345+
)
13151346
log.error("%s expired %s ago" % (eid, -dt))
13161347
elif total_seconds(dt) < warning_seconds:
1317-
annotate_entity(entity_elt,
1318-
"certificate-warning",
1319-
"certificate about to expire",
1320-
"%s expires in %s" % (cert.getSubject(), dt))
1348+
annotate_entity(
1349+
entity_elt,
1350+
"certificate-warning",
1351+
"certificate about to expire",
1352+
"%s expires in %s" % (cert.getSubject(), dt),
1353+
)
13211354
log.warn("%s expires in %s" % (eid, dt))
13221355
except ValueError as ex:
1323-
annotate_entity(entity_elt,
1324-
"certificate-error",
1325-
"certificate has unknown expiration time",
1326-
"%s unknown expiration time %s" % (cert.getSubject(), notafter))
1356+
annotate_entity(
1357+
entity_elt,
1358+
"certificate-error",
1359+
"certificate has unknown expiration time",
1360+
"%s unknown expiration time %s" % (cert.getSubject(), notafter),
1361+
)
13271362

13281363
req.store.update(entity_elt)
13291364
except Exception as ex:

0 commit comments

Comments
 (0)