NZ RealMe Documentation
Transcript of NZ RealMe Documentation
NZ RealMe DocumentationRelease 0.0.1
Darryl Cousins
November 04, 2014
Contents
1 NZ RealMe 31.1 Development repository only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
2 Installation 52.1 Potential problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
3 Usage 7
4 Contributing 94.1 Types of Contributions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94.2 Get Started! . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104.3 Pull Request Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
5 Credits 115.1 Development Lead . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115.2 Credits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 115.3 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6 History 13
7 Development (2014-01-11) 15
8 nzrealme 178.1 nzrealme package . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
9 NZRealMe Authn Request 199.1 Create Request . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19
10 Indices and tables 21
Python Module Index 23
i
ii
NZ RealMe Documentation, Release 0.0.1
Contents:
Contents 1
NZ RealMe Documentation, Release 0.0.1
2 Contents
CHAPTER 1
NZ RealMe
1.1 Development repository only
Please note that this project is under development and is not ready for use.
This Python package provides an API for integrating your application with the New Zealand RealMe login and identityservices (formerly “igovt logon”) using SAML 2.0 messaging.
The package uses python-saml2
You can also look for information at:
• Documentation: https://nz-realme.readthedocs.org.
• Issue tracker on github: https://github.com/darrylcousins/nzrealme/issues
• Source code repository on github: https://github.com/darrylcousins/nzrealme
Commercial support and consultancy is available through Encode Limited
• Free software: BSD license
3
NZ RealMe Documentation, Release 0.0.1
4 Chapter 1. NZ RealMe
CHAPTER 2
Installation
At the command line:
$ easy_install nzrealme
Or, if you have virtualenvwrapper installed:
$ mkvirtualenv nzrealme$ pip install nzrealme
From your virtualenv root directory clone the repository:
$ git clone https://bitbucket.org/darrylcousins/nzrealme
Initialize and activate the virtualenv:
$ pyenv virtualenv 2.7.6 onlymarlborough$ cd onlymarlborough$ pyenv activate onlymarlborough
Pip install the requirements for development:
$ pip install -r requirements.txt
Run tests:
$ make test
Check pep8 with flake8:
$ make lint
Check coverage:
$ make coverage
2.1 Potential problems
Installation of xml bindings lxml and dm.xmsec.binding https://github.com/onelogin/python-saml/issues/30.
5
NZ RealMe Documentation, Release 0.0.1
6 Chapter 2. Installation
CHAPTER 3
Usage
To use nzrealme in a project:
import nzrealme
TODO.
7
NZ RealMe Documentation, Release 0.0.1
8 Chapter 3. Usage
CHAPTER 4
Contributing
Contributions are welcome, and they are greatly appreciated! Every little bit helps, and credit will always be given.
You can contribute in many ways:
4.1 Types of Contributions
4.1.1 Report Bugs
Report bugs at https://github.com/darrylcousins/nzrealme/issues.
If you are reporting a bug, please include:
• Your operating system name and version.
• Any details about your local setup that might be helpful in troubleshooting.
• Detailed steps to reproduce the bug.
4.1.2 Fix Bugs
Look through the GitHub issues for bugs. Anything tagged with “bug” is open to whoever wants to implement it.
4.1.3 Write Documentation
nzrealme could always use more documentation, whether as part of the official nzrealme docs, in docstrings, or evenon the web in blog posts, articles, and such.
4.1.4 Submit Feedback
The best way to send feedback is to file an issue at https://github.com/darrylcousins/nzrealme/issues.
If you are proposing a feature:
• Explain in detail how it would work.
• Keep the scope as narrow as possible, to make it easier to implement.
• Remember that this is a volunteer-driven project, and that contributions are welcome :)
9
NZ RealMe Documentation, Release 0.0.1
4.2 Get Started!
Ready to contribute? Here’s how to set up nzrealme for local development.
1. Fork the nzrealme repo on GitHub.
2. Clone your fork locally:
$ git clone [email protected]:your_name_here/nzrealme.git
3. Install your local copy into a virtualenv. Assuming you have virtualenvwrapper installed, this is how you set upyour fork for local development:
$ mkvirtualenv nzrealme$ cd nzrealme/$ python setup.py develop
4. Create a branch for local development:
$ git checkout -b name-of-your-bugfix-or-feature
Now you can make your changes locally.
5. When you’re done making changes, check that your changes pass flake8 and the tests, including testing otherPython versions with tox:
$ flake8 nzrealme tests$ python setup.py test$ tox
To get flake8 and tox, just pip install them into your virtualenv.
6. Commit your changes and push your branch to GitHub:
$ git add .$ git commit -m "Your detailed description of your changes."$ git push origin name-of-your-bugfix-or-feature
7. Submit a pull request through the GitHub website.
4.3 Pull Request Guidelines
Before you submit a pull request, check that it meets these guidelines:
1. The pull request should include tests.
2. If the pull request adds functionality, the docs should be updated. Put your new functionality into a functionwith a docstring, and add the feature to the list in README.rst.
3. The pull request should work for Python 2.7. Check https://travis-ci.org/darrylcousins/nzrealme/pull_requestsand make sure that the tests pass for all supported Python versions.
10 Chapter 4. Contributing
CHAPTER 5
Credits
5.1 Development Lead
• Darryl Cousins <[email protected]>
5.2 Credits
• Sixto Martin (@pitbulk) for python-saml2
5.3 Contributors
11
NZ RealMe Documentation, Release 0.0.1
12 Chapter 5. Credits
CHAPTER 6
History
13
NZ RealMe Documentation, Release 0.0.1
14 Chapter 6. History
CHAPTER 7
Development (2014-01-11)
• continuing development
15
NZ RealMe Documentation, Release 0.0.1
16 Chapter 7. Development (2014-01-11)
CHAPTER 8
nzrealme
8.1 nzrealme package
8.1.1 Submodules
8.1.2 nzrealme.authn_request module
8.1.3 nzrealme.settings module
8.1.4 nzrealme.utils module
8.1.5 Module contents
Doctest documentation:
17
NZ RealMe Documentation, Release 0.0.1
18 Chapter 8. nzrealme
CHAPTER 9
NZRealMe Authn Request
The default onelogin.saml2.authn_request.OneLogin_Saml2_Authn_Request object uses an xmltemplate not quite what is required for NZRealMe.
So it has been subclassed for use in this package.
9.1 Create Request
Load the json setting file and create the authn_request object:
>>> saml_settings = loadSettings()>>> settings = OneLogin_Saml2_Settings(saml_settings)>>> authn_request = NZRealMe_Authn_Request(settings)
9.1.1 Check Encoded Request
The authn_request returned is encoded:
>>> authn_request_encoded = authn_request.get_request()>>> decoded = b64decode(authn_request_encoded)>>> inflated = decompress(decoded, -15)>>> print(inflated)<samlp:AuthnRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"ID="NZREALME_..."Version="2.0"ProviderName="SP test"IssueInstant="20...T...Z"Destination="http://idp.example.com/SSOService.php"ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"AssertionConsumerServiceURL="http://stuff.com/endpoints/endpoints/acs.php"ForceAuthn="true"><saml:Issuer>http://stuff.com/endpoints/metadata.php</saml:Issuer><samlp:NameIDPolicyFormat="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"AllowCreate="false" />
<samlp:RequestedAuthnContext Comparison="exact"><saml:AuthnContextClassRef>urn:nzl:govt:ict:stds:authn:deployment:GLS:SAML:2.0:ac:classes:LowStrength</saml:AuthnContextClassRef>
</samlp:RequestedAuthnContext></samlp:AuthnRequest>
19
NZ RealMe Documentation, Release 0.0.1
9.1.2 The Encoded Query String
The query string of the url is encoded:
>>> parameters = {... ’SAMLRequest’: authn_request.get_request()... }>>> auth_url = NZRealMe_Utils.redirect(... ’http://idp.example.com/SSOService.php’,... parameters=parameters,... request_data={})>>> exploded = urlparse.urlparse(auth_url)>>> exploded = urlparse.parse_qs(exploded[4])>>> ’SAMLRequest’ in explodedTrue>>> payload = exploded[’SAMLRequest’][0]>>> decoded = b64decode(payload)>>> inflated = decompress(decoded, -15)>>> print(inflated)<samlp:AuthnRequest
xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"ID="NZREALME_..."
...</samlp:AuthnRequest>
Same result as for above.
20 Chapter 9. NZRealMe Authn Request
CHAPTER 10
Indices and tables
• genindex
• modindex
• search
21
NZ RealMe Documentation, Release 0.0.1
22 Chapter 10. Indices and tables
Python Module Index
nnzrealme, 17
23
NZ RealMe Documentation, Release 0.0.1
24 Python Module Index
Index
Nnzrealme (module), 17
25