This repository has been archived on 2024-05-31. You can view files and clone it, but cannot push or open issues or pull requests.
authentik/passbook/saml_idp/xml_signing.py

27 lines
955 B
Python
Raw Normal View History

2018-11-16 08:10:35 +00:00
"""Signing code goes here."""
from logging import getLogger
from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import serialization
from defusedxml import ElementTree
from signxml import XMLSigner
2018-11-16 09:08:15 +00:00
from passbook.lib.utils.template import render_to_string
2018-11-16 08:10:35 +00:00
LOGGER = getLogger(__name__)
def sign_with_signxml(private_key, data, cert, reference_uri=None):
"""Sign Data with signxml"""
key = serialization.load_pem_private_key(
str.encode('\n'.join([x.strip() for x in private_key.split('\n')])),
password=None, backend=default_backend())
root = ElementTree.fromstring(data)
signer = XMLSigner(c14n_algorithm='http://www.w3.org/2001/10/xml-exc-c14n#')
return ElementTree.tostring(signer.sign(root, key=key, cert=cert, reference_uri=reference_uri))
def get_signature_xml():
"""Returns XML Signature for subject."""
return render_to_string('saml/xml/signature.xml', {})