From 764fc41a421de64f0cd50aa3c5c73b706ba3c9e1 Mon Sep 17 00:00:00 2001 From: nunzionapoli Date: Thu, 9 Jun 2022 18:53:49 +0200 Subject: [PATCH 1/8] added check for "__aggrsint" value --- src/spid_sp_test/metadata_public.py | 52 +++++++++++++++++++++-------- 1 file changed, 39 insertions(+), 13 deletions(-) diff --git a/src/spid_sp_test/metadata_public.py b/src/spid_sp_test/metadata_public.py index 6c3f75a..41cfcfb 100644 --- a/src/spid_sp_test/metadata_public.py +++ b/src/spid_sp_test/metadata_public.py @@ -217,13 +217,26 @@ def test_Contacts_IPACode( test_id=["01.11.03", "01.17.13"], **_data, ) - res = get_indicepa_by_ipacode(ipacode.text) - self._assertTrue( - res[0] > 0, - "The IPACode element MUST have a valid value present on IPA", - test_id=["01.11.04", "01.17.14"], - **_data, - ) + if ipacode.text == "__aggrsint": + self._assertFalse( + entity_type == "spid:aggregated", + ("The IPACode __aggrsint should be used only for test metadata."), + level="warning", + **_data, + ) + self._assertTrue( + entity_type == "spid:aggregated", + ("The IPACode __aggrsint could be used only for test metadata in the aggregated contact."), + **_data, + ) + else: + res = get_indicepa_by_ipacode(ipacode.text) + self._assertTrue( + res[0] > 0, + "The IPACode element MUST have a valid value present on IPA", + test_id=["01.11.04", "01.17.14"], + **_data, + ) else: self._assertFalse( public, @@ -311,12 +324,25 @@ def test_Contacts_VATFC( test_id=["01.11.06", "01.17.16"], **_data, ) - self._assertTrue( - (vats[0].text and vats[0].text[:2] in ISO3166_CODES), - "The VATNumber element MUST start with a valid ISO3166 Code", - test_id=["01.11.10", "01.17.17"], - **_data, - ) + if vats[0].text == "__aggrsint": + self._assertFalse( + entity_type == "spid:aggregated", + ("The VATNumber __aggrsint should be used only for test metadata."), + level="warning", + **_data, + ) + self._assertTrue( + entity_type == "spid:aggregated", + ("The VATNumber __aggrsint could be used only for test metadata in the aggregated contact."), + **_data, + ) + else: + self._assertTrue( + (vats[0].text and vats[0].text[:2] in ISO3166_CODES), + "The VATNumber element MUST start with a valid ISO3166 Code", + test_id=["01.11.10", "01.17.17"], + **_data, + ) fcs = self.doc.xpath( f"{xpatt}/Extensions/FiscalCode", namespaces=XML_NAMESPACES From 05784de62ac8c87dbf0a819a0ebfec526faf638b Mon Sep 17 00:00:00 2001 From: Giuseppe De Marco Date: Fri, 20 May 2022 17:41:24 +0200 Subject: [PATCH 2/8] feat: gh package CD --- .github/workflows/docker-ghcr-cd.yaml | 47 +++++++++++++++++++++++++++ 1 file changed, 47 insertions(+) create mode 100644 .github/workflows/docker-ghcr-cd.yaml diff --git a/.github/workflows/docker-ghcr-cd.yaml b/.github/workflows/docker-ghcr-cd.yaml new file mode 100644 index 0000000..0d25b64 --- /dev/null +++ b/.github/workflows/docker-ghcr-cd.yaml @@ -0,0 +1,47 @@ +# This workflow uses actions that are not certified by GitHub. +# They are provided by a third-party and are governed by +# separate terms of service, privacy policy, and support +# documentation. + +name: Create and publish a Docker image + +on: + release: + types: + - published + +env: + REGISTRY: ghcr.io + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push-image: + runs-on: ubuntu-latest + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v3 + + - name: Log in to the Container registry + uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GH_SECRET }} + + - name: Extract metadata (tags, labels) for Docker + id: meta + uses: docker/metadata-action@98669ae865ea3cffbcbaa878cf57c20bbf1c6c38 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + + - name: Build and push Docker image + uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc + with: + context: . + push: true + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} From 87ec02f147263e0ab1aba247943a3bc25f96f526 Mon Sep 17 00:00:00 2001 From: fabio Date: Thu, 30 Jun 2022 12:08:41 +0200 Subject: [PATCH 3/8] [#137] fix --- src/spid_sp_test/response.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/src/spid_sp_test/response.py b/src/spid_sp_test/response.py index c2304e3..9938220 100644 --- a/src/spid_sp_test/response.py +++ b/src/spid_sp_test/response.py @@ -205,10 +205,14 @@ def do_authnrequest(self): now = datetime.datetime.utcnow() - self.acs_index = self.authnreq_attrs.get("AttributeConsumingServiceIndex") - self.acs_url = self.metadata_etree.xpath( - f"//SPSSODescriptor/AssertionConsumerService[@index={self.acs_index}]" - )[0].attrib["Location"] + self.acs_index = self.authnreq_attrs.get("AssertionConsumerServiceIndex") + if(self.acs_index is not None): + self.acs_url = self.metadata_etree.xpath( + f"//SPSSODescriptor/AssertionConsumerService[@index={self.acs_index}]" + )[0].attrib["Location"] + else: + self.acs_url = self.authnreq_attrs.get("AssertionConsumerServiceURL") + self.acr = self.get_acr() if self.acr in NOSESINDEX_ACRS: From e79b51d1ce8db1261682dcabeaef6d35ffe30a73 Mon Sep 17 00:00:00 2001 From: fabio Date: Thu, 30 Jun 2022 15:48:57 +0200 Subject: [PATCH 4/8] [#137] permette di continuare a gestire anche la specifica da parte del SP dell'AttributeConsumingServiceIndex --- src/spid_sp_test/response.py | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/src/spid_sp_test/response.py b/src/spid_sp_test/response.py index 9938220..a832c0e 100644 --- a/src/spid_sp_test/response.py +++ b/src/spid_sp_test/response.py @@ -205,10 +205,13 @@ def do_authnrequest(self): now = datetime.datetime.utcnow() - self.acs_index = self.authnreq_attrs.get("AssertionConsumerServiceIndex") - if(self.acs_index is not None): + self.acs_index = self.authnreq_attrs.get("AttributeConsumingServiceIndex") + + assertion_consumer_service_index = self.authnreq_attrs.get("AssertionConsumerServiceIndex") + + if(assertion_consumer_service_index is not None): self.acs_url = self.metadata_etree.xpath( - f"//SPSSODescriptor/AssertionConsumerService[@index={self.acs_index}]" + f"//SPSSODescriptor/AssertionConsumerService[@index={assertion_consumer_service_index}]" )[0].attrib["Location"] else: self.acs_url = self.authnreq_attrs.get("AssertionConsumerServiceURL") From 4a1ec164f7252827ed493f85fd1be554ba1db82a Mon Sep 17 00:00:00 2001 From: Giuseppe De Marco Date: Tue, 5 Jul 2022 09:43:56 +0200 Subject: [PATCH 5/8] v1.2.1 --- src/spid_sp_test/__init__.py | 2 +- src/spid_sp_test/response.py | 1 - 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/src/spid_sp_test/__init__.py b/src/spid_sp_test/__init__.py index f5a8268..632adfd 100644 --- a/src/spid_sp_test/__init__.py +++ b/src/spid_sp_test/__init__.py @@ -6,7 +6,7 @@ BASE_DIR = Path(__file__).resolve().parent -__version__ = "1.2.0" +__version__ = "1.2.1" __name__ = "spid_sp_test" logger = logging.getLogger(__name__) diff --git a/src/spid_sp_test/response.py b/src/spid_sp_test/response.py index a832c0e..8bfbecb 100644 --- a/src/spid_sp_test/response.py +++ b/src/spid_sp_test/response.py @@ -204,7 +204,6 @@ def do_authnrequest(self): ].attrib["NameQualifier"] now = datetime.datetime.utcnow() - self.acs_index = self.authnreq_attrs.get("AttributeConsumingServiceIndex") assertion_consumer_service_index = self.authnreq_attrs.get("AssertionConsumerServiceIndex") From 9102786c0f989b2c0fe9cefafd1c60ec45eebfed Mon Sep 17 00:00:00 2001 From: Giuseppe De Marco Date: Tue, 5 Jul 2022 10:09:18 +0200 Subject: [PATCH 6/8] fix: __aggrsint for aggregator in production/test --- src/spid_sp_test/__init__.py | 2 +- src/spid_sp_test/authn_request.py | 2 +- src/spid_sp_test/metadata_public.py | 49 +++++++++++++++-------------- 3 files changed, 28 insertions(+), 25 deletions(-) diff --git a/src/spid_sp_test/__init__.py b/src/spid_sp_test/__init__.py index 632adfd..0fb3fec 100644 --- a/src/spid_sp_test/__init__.py +++ b/src/spid_sp_test/__init__.py @@ -6,7 +6,7 @@ BASE_DIR = Path(__file__).resolve().parent -__version__ = "1.2.1" +__version__ = "1.2.2" __name__ = "spid_sp_test" logger = logging.getLogger(__name__) diff --git a/src/spid_sp_test/authn_request.py b/src/spid_sp_test/authn_request.py index 23ffbd2..ec16786 100644 --- a/src/spid_sp_test/authn_request.py +++ b/src/spid_sp_test/authn_request.py @@ -207,7 +207,7 @@ def __init__( self.request_content_type = request_content_type self.xsds_files = xsds_files or self.xsds_files self.xsds_files_path = xsds_files_path or f"{BASE_DIR}/xsd" - + def load(self): try: self.authn_request = get_authn_request( diff --git a/src/spid_sp_test/metadata_public.py b/src/spid_sp_test/metadata_public.py index a580bf6..4f25d4b 100644 --- a/src/spid_sp_test/metadata_public.py +++ b/src/spid_sp_test/metadata_public.py @@ -208,7 +208,7 @@ def test_Contacts_IPACode( f"{xpatt}/Extensions/IPACode", namespaces=XML_NAMESPACES ) - if self.production: + if public and self.production: if ipacode: ipacode = ipacode[0] self._assertTrue( @@ -217,26 +217,19 @@ def test_Contacts_IPACode( test_id=["01.11.03", "01.17.13"], **_data, ) - if ipacode.text == "__aggrsint": - self._assertFalse( - entity_type == "spid:aggregated", - ("The IPACode __aggrsint should be used only for test metadata."), - level="warning", - **_data, - ) - self._assertTrue( - entity_type == "spid:aggregated", - ("The IPACode __aggrsint could be used only for test metadata in the aggregated contact."), - **_data, - ) - else: - res = get_indicepa_by_ipacode(ipacode.text) - self._assertTrue( - res[0] > 0, - "The IPACode element MUST have a valid value present on IPA", - test_id=["01.11.04", "01.17.14"], - **_data, - ) + self._assertTrue( + entity_type == "spid:aggregated", + ("The IPACode __aggrsint could be used only for test metadata in the aggregated contact."), + level="error", + **_data, + ) + res = get_indicepa_by_ipacode(ipacode.text) + self._assertTrue( + res[0] > 0, + "The IPACode element MUST have a valid value present on IPA", + test_id=["01.11.04", "01.17.14"], + **_data, + ) else: self._assertFalse( public, @@ -244,7 +237,16 @@ def test_Contacts_IPACode( test_id=["01.11.02", "01.18.03", "01.20.02"], **_data, ) - if private: + elif public: + if ipacode[0].text == "__aggrsint": + self._assertFalse( + entity_type == "spid:aggregated", + ("The IPACode __aggrsint should be used only for test metadata."), + level="warning", + **_data, + ) + + elif private: self._assertTrue( len(ipacode) == 0, "The IPACode element MUST NOT be present", @@ -332,8 +334,9 @@ def test_Contacts_VATFC( **_data, ) self._assertTrue( - entity_type == "spid:aggregated", + entity_type == "spid:aggregator", ("The VATNumber __aggrsint could be used only for test metadata in the aggregated contact."), + level="error", **_data, ) else: From 3230fda9aec3c11455b061350673aff4c93fd31b Mon Sep 17 00:00:00 2001 From: Giuseppe De Marco Date: Tue, 5 Jul 2022 10:20:27 +0200 Subject: [PATCH 7/8] chore: code cleanup for __aggrsint --- src/spid_sp_test/metadata.py | 2 +- src/spid_sp_test/metadata_public.py | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/src/spid_sp_test/metadata.py b/src/spid_sp_test/metadata.py index 4588d05..96ea753 100644 --- a/src/spid_sp_test/metadata.py +++ b/src/spid_sp_test/metadata.py @@ -461,7 +461,7 @@ def test_KeyDescriptor(self): ) kds = self.doc.xpath( - "//EntityDescriptor/SPSSODescriptor" '/KeyDescriptor[@use="encryption"]' + '//EntityDescriptor/SPSSODescriptor/KeyDescriptor[@use="encryption"]' ) for kd in kds: certs = kd.xpath( diff --git a/src/spid_sp_test/metadata_public.py b/src/spid_sp_test/metadata_public.py index 4f25d4b..3dff2b5 100644 --- a/src/spid_sp_test/metadata_public.py +++ b/src/spid_sp_test/metadata_public.py @@ -208,7 +208,7 @@ def test_Contacts_IPACode( f"{xpatt}/Extensions/IPACode", namespaces=XML_NAMESPACES ) - if public and self.production: + if self.production: if ipacode: ipacode = ipacode[0] self._assertTrue( @@ -237,6 +237,7 @@ def test_Contacts_IPACode( test_id=["01.11.02", "01.18.03", "01.20.02"], **_data, ) + elif public: if ipacode[0].text == "__aggrsint": self._assertFalse( From 6a47869b155577767432ee3ebc49fd03c3d41a6e Mon Sep 17 00:00:00 2001 From: Giuseppe De Marco Date: Tue, 5 Jul 2022 10:24:28 +0200 Subject: [PATCH 8/8] v1.2.1 --- src/spid_sp_test/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/spid_sp_test/__init__.py b/src/spid_sp_test/__init__.py index 0fb3fec..632adfd 100644 --- a/src/spid_sp_test/__init__.py +++ b/src/spid_sp_test/__init__.py @@ -6,7 +6,7 @@ BASE_DIR = Path(__file__).resolve().parent -__version__ = "1.2.2" +__version__ = "1.2.1" __name__ = "spid_sp_test" logger = logging.getLogger(__name__)