+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the (LGPL) GNU Lesser General Public License as
+# published by the Free Software Foundation; either version 3 of the
+# License, or (at your option) any later version.
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU Library Lesser General Public License for more details at
+# ( http://www.gnu.org/licenses/lgpl.html ).
+# You should have received a copy of the GNU Lesser General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+# written by: Jeff Ortel ( jortel@redhat.com )
+The I{wsse} module provides WS-Security.
+from logging import getLogger
+from suds.sudsobject import Object
+from suds.sax.element import Element
+from suds.sax.date import DateTime, UtcTimezone
+from datetime import datetime, timedelta
+ from hashlib import md5
+ # Python 2.4 compatibility
+ 'http://www.w3.org/2000/09/xmldsig#')
+ 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd')
+ 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd')
+ 'http://www.w3.org/2001/04/xmlenc#')
+ @ivar tokens: A list of security tokens
+ @type tokens: [L{Token},...]
+ @ivar signatures: A list of signatures.
+ @ivar references: A list of references.
+ @ivar keys: A list of encryption keys.
+ self.mustUnderstand = True
+ Get xml representation of the object.
+ @return: The root node.
+ root = Element('Security', ns=wssens)
+ root.set('mustUnderstand', str(self.mustUnderstand).lower())
+ """ I{Abstract} security token. """
+ return datetime.utcnow().replace(tzinfo=UtcTimezone())
+ utc = DateTime(cls.utc())
+class UsernameToken(Token):
+ Represents a basic I{UsernameToken} WS-Secuirty token.
+ @ivar username: A username.
+ @ivar password: A password.
+ @ivar nonce: A set of bytes to prevent replay attacks.
+ @ivar created: The token created.
+ @type created: L{datetime}
+ def __init__(self, username=None, password=None):
+ @param username: A username.
+ @param password: A password.
+ self.username = username
+ self.password = password
+ def setnonce(self, text=None):
+ Set I{nonce} which is an arbitrary set of bytes to prevent replay
+ @param text: The nonce text value.
+ Generated when I{None}.
+ s.append(self.username)
+ s.append(self.password)
+ s.append(Token.sysdate())
+ self.nonce = m.hexdigest()
+ def setcreated(self, dt=None):
+ @param dt: The created date & time.
+ Set as datetime.utc() when I{None}.
+ self.created = Token.utc()
+ Get xml representation of the object.
+ @return: The root node.
+ root = Element('UsernameToken', ns=wssens)
+ u = Element('Username', ns=wssens)
+ u.setText(self.username)
+ p = Element('Password', ns=wssens)
+ p.setText(self.password)
+ if self.nonce is not None:
+ n = Element('Nonce', ns=wssens)
+ if self.created is not None:
+ n = Element('Created', ns=wsuns)
+ n.setText(str(DateTime(self.created)))
+ Represents the I{Timestamp} WS-Secuirty token.
+ @ivar created: The token created.
+ @type created: L{datetime}
+ @ivar expires: The token expires.
+ @type expires: L{datetime}
+ def __init__(self, validity=90):
+ @param validity: The time in seconds.
+ self.created = Token.utc()
+ self.expires = self.created + timedelta(seconds=validity)
+ root = Element("Timestamp", ns=wsuns)
+ created = Element('Created', ns=wsuns)
+ created.setText(str(DateTime(self.created)))
+ expires = Element('Expires', ns=wsuns)
+ expires.setText(str(DateTime(self.expires)))