IdentityPython · peppelinux · Jul 19, 2019 · Jul 20, 2019 · Nov 7, 2020 · Jan 29, 2021
diff --git a/src/saml2/__init__.py b/src/saml2/__init__.py
@@ -42,9 +42,32 @@
 
 logger = logging.getLogger(__name__)
 
+
 NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:assertion'
 # TEMPLATE = '{urn:oasis:names:tc:SAML:2.0:assertion}%s'
-# XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
+SAMLP_NAMESPACE = 'urn:oasis:names:tc:SAML:2.0:protocol'
+XSI_NAMESPACE = 'http://www.w3.org/2001/XMLSchema-instance'
+XS_NAMESPACE = 'http://www.w3.org/2001/XMLSchema'
+MD_NAMESPACE = "urn:oasis:names:tc:SAML:2.0:metadata"
+MDUI_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:ui"
+DS_NAMESPACE = 'http://www.w3.org/2000/09/xmldsig#'
+XENC_NAMESPACE = "http://www.w3.org/2001/04/xmlenc#"
+ALG_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:algsupport"
+MDATTR_NAMESPACE = "urn:oasis:names:tc:SAML:metadata:attribute"
+IDPDISC = "urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
+
+OASIS_DEFAULT_NS_PREFIXES = {'saml': NAMESPACE,
+                             'samlp': SAMLP_NAMESPACE,
+                             'ds': DS_NAMESPACE,
+                             'xsi': XSI_NAMESPACE,
+                             'xs': XS_NAMESPACE,
+                             'mdui': MDUI_NAMESPACE,
+                             'md': MD_NAMESPACE,
+                             'xenc': XENC_NAMESPACE,
+                             'alg': ALG_NAMESPACE,
+                             'mdattr': MDATTR_NAMESPACE,
+                             'idpdisc': IDPDISC
+}
 
 NAMEID_FORMAT_EMAILADDRESS = (
     "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress")
@@ -548,7 +571,8 @@ def _to_element_tree(self):
         self._add_members_to_element_tree(new_tree)
         return new_tree
 
-    def register_prefix(self, nspair):
+    @staticmethod
+    def register_prefix(nspair):
         """
         Register with ElementTree a set of namespaces
 
@@ -676,11 +700,8 @@ def fixup(name):
                 del elem.attrib[key]
 
     def to_string_force_namespace(self, nspair):
-
         elem = self._to_element_tree()
-
         self.set_prefixes(elem, nspair)
-
         return ElementTree.tostring(elem, encoding="UTF-8")
 
     def to_string(self, nspair=None):
@@ -1032,3 +1053,6 @@ def is_required_attribute(cls, attr):
     :return: True if required
     """
     return cls.c_attributes[attr][REQUIRED]
+
+# this register preferred prefix namespaces
+SamlBase.register_prefix(OASIS_DEFAULT_NS_PREFIXES)
diff --git a/tests/test_02_saml.py b/tests/test_02_saml.py
@@ -226,11 +226,11 @@ def test_to_string_nspair(self):
         foo = saml2.make_vals("lions", AttributeValue, part=True)
         txt = foo.to_string().decode('utf-8')
         nsstr = foo.to_string({"saml": saml.NAMESPACE}).decode('utf-8')
-        assert nsstr != txt
+        assert nsstr == txt # this must be the same
         print(txt)
         print(nsstr)
         assert "saml:AttributeValue" in nsstr
-        assert "saml:AttributeValue" not in txt
+        assert "saml:AttributeValue" in txt # this must be contained
 
     def test_set_text_empty(self):
         av = AttributeValue()

diff --git a/tests/test_12_s_utils.py b/tests/test_12_s_utils.py
@@ -20,25 +20,25 @@
 XML_HEADER = '<?xml version=\'1.0\' encoding=\'UTF-8\'?>\n'
 
 SUCCESS_STATUS_NO_HEADER = (
-    '<ns0:Status xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns0'
+    '<samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><samlp'
     ':StatusCode '
-    'Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></ns0:Status>')
+    'Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status>')
 SUCCESS_STATUS = '%s%s' % (XML_HEADER, SUCCESS_STATUS_NO_HEADER)
 
 ERROR_STATUS_NO_HEADER = (
-    '<ns0:Status xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns0'
+    '<samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><samlp'
     ':StatusCode '
-    'Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><ns0:StatusCode '
+    'Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><samlp:StatusCode '
     'Value="urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal" '
-    '/></ns0:StatusCode><ns0:StatusMessage>Error resolving '
-    'principal</ns0:StatusMessage></ns0:Status>')
+    '/></samlp:StatusCode><samlp:StatusMessage>Error resolving '
+    'principal</samlp:StatusMessage></samlp:Status>')
 
 ERROR_STATUS_NO_HEADER_EMPTY = (
-    '<ns0:Status xmlns:ns0="urn:oasis:names:tc:SAML:2.0:protocol"><ns0'
+    '<samlp:Status xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol"><samlp'
     ':StatusCode '
-    'Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><ns0:StatusCode '
+    'Value="urn:oasis:names:tc:SAML:2.0:status:Responder"><samlp:StatusCode '
     'Value="urn:oasis:names:tc:SAML:2.0:status:UnknownPrincipal" '
-    '/></ns0:StatusCode></ns0:Status>')
+    '/></samlp:StatusCode></samlp:Status>')
 
 ERROR_STATUS = '%s%s' % (XML_HEADER, ERROR_STATUS_NO_HEADER)
 ERROR_STATUS_EMPTY = '%s%s' % (XML_HEADER, ERROR_STATUS_NO_HEADER_EMPTY)

diff --git a/tests/test_42_enc.py b/tests/test_42_enc.py
@@ -12,7 +12,7 @@
 
 __author__ = 'roland'
 
-TMPL_NO_HEADER = """<ns0:EncryptedData xmlns:ns0="http://www.w3.org/2001/04/xmlenc#" xmlns:ns1="http://www.w3.org/2000/09/xmldsig#" Id="{ed_id}" Type="http://www.w3.org/2001/04/xmlenc#Element"><ns0:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /><ns1:KeyInfo><ns0:EncryptedKey Id="{ek_id}"><ns0:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /><ns1:KeyInfo><ns1:KeyName>my-rsa-key</ns1:KeyName></ns1:KeyInfo><ns0:CipherData><ns0:CipherValue /></ns0:CipherData></ns0:EncryptedKey></ns1:KeyInfo><ns0:CipherData><ns0:CipherValue /></ns0:CipherData></ns0:EncryptedData>"""
+TMPL_NO_HEADER = """<xenc:EncryptedData xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="{ed_id}" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /><ds:KeyInfo><xenc:EncryptedKey Id="{ek_id}"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /><ds:KeyInfo><ds:KeyName>my-rsa-key</ds:KeyName></ds:KeyInfo><xenc:CipherData><xenc:CipherValue /></xenc:CipherData></xenc:EncryptedKey></ds:KeyInfo><xenc:CipherData><xenc:CipherValue /></xenc:CipherData></xenc:EncryptedData>"""
 TMPL = "<?xml version='1.0' encoding='UTF-8'?>\n%s" % TMPL_NO_HEADER
 
 IDENTITY = {"eduPersonAffiliation": ["staff", "member"],

diff --git a/tests/test_51_client.py b/tests/test_51_client.py
@@ -1536,7 +1536,7 @@ def test_do_logout_post(self):
         _dic = unpack_form(info["data"])
         res = self.server.parse_logout_request(_dic["SAMLRequest"],
                                                BINDING_HTTP_POST)
-        assert b'<ns0:SessionIndex>_foo</ns0:SessionIndex>' in res.xmlstr
+        assert b'<samlp:SessionIndex>_foo</samlp:SessionIndex>' in res.xmlstr
 
     def test_do_logout_session_expired(self):
         # information about the user from an IdP
@@ -1566,7 +1566,7 @@ def test_do_logout_session_expired(self):
         _dic = unpack_form(info["data"])
         res = self.server.parse_logout_request(_dic["SAMLRequest"],
                                                BINDING_HTTP_POST)
-        assert b'<ns0:SessionIndex>_foo</ns0:SessionIndex>' in res.xmlstr
+        assert b'<samlp:SessionIndex>_foo</samlp:SessionIndex>' in res.xmlstr
 
     def test_signature_wants(self):
 
@@ -3113,7 +3113,7 @@ def test_do_logout_post(self):
         _dic = unpack_form(info["data"])
         res = self.server.parse_logout_request(_dic["SAMLRequest"],
                                                BINDING_HTTP_POST)
-        assert b'<ns0:SessionIndex>_foo</ns0:SessionIndex>' in res.xmlstr
+        assert b'<samlp:SessionIndex>_foo</samlp:SessionIndex>' in res.xmlstr
 
     def test_do_logout_session_expired(self):
         # information about the user from an IdP
@@ -3143,7 +3143,7 @@ def test_do_logout_session_expired(self):
         _dic = unpack_form(info["data"])
         res = self.server.parse_logout_request(_dic["SAMLRequest"],
                                                BINDING_HTTP_POST)
-        assert b'<ns0:SessionIndex>_foo</ns0:SessionIndex>' in res.xmlstr
+        assert b'<samlp:SessionIndex>_foo</samlp:SessionIndex>' in res.xmlstr
 
 # Below can only be done with dummy Server
 IDP = "urn:mace:example.com:saml:roland:idp"

diff --git a/tests/test_88_nsprefix.py b/tests/test_88_nsprefix.py
@@ -10,13 +10,15 @@
 def test_nsprefix():
     status_message = samlp.StatusMessage()
     status_message.text = "OK"
-
+
+    status_message.register_prefix(nspair={"samla": saml.NAMESPACE,
+                                           "samla": samlp.NAMESPACE})
     txt = "%s" % status_message
 
-    assert "ns0:StatusMessage" in txt
+    assert "samla:StatusMessage" in txt
 
-    status_message.register_prefix({"saml2": saml.NAMESPACE,
-                                    "saml2p": samlp.NAMESPACE})
+    status_message.register_prefix(nspair={"saml2p": samlp.NAMESPACE,
+                                           "saml2": saml.NAMESPACE})
 
     txt = "%s" % status_message
 
@@ -42,4 +44,4 @@ def test_nsprefix2():
     assert "saml2:Issuer" in txt
 
 if __name__ == "__main__":
-    test_nsprefix2()
+    test_nsprefix2()