in redshift_connector/plugin/saml_credentials_provider.py [0:0]
def read_metadata(self: "SamlCredentialsProvider", doc: bytes) -> CredentialsHolder.IamMetadata:
import bs4 # type: ignore
try:
soup = bs4.BeautifulSoup(doc, "xml")
attrs: typing.Any = []
namespace_used_idx: int = 0
# prefer using Attributes in saml-compliant namespace
for idx, namespace in enumerate(SAML_RESP_NAMESPACES):
attrs = soup.find_all("{}Attribute".format(namespace))
if len(attrs) > 0:
namespace_used_idx = idx
break
metadata: CredentialsHolder.IamMetadata = CredentialsHolder.IamMetadata()
for attr in attrs:
name: str = attr.attrs["Name"]
values: typing.Any = attr.findAll("{}AttributeValue".format(SAML_RESP_NAMESPACES[namespace_used_idx]))
if len(values) == 0 or not values[0].contents:
# Ignore empty-valued attributes.
continue
value: str = values[0].contents[0]
if name == "https://redshift.amazon.com/SAML/Attributes/AllowDbUserOverride":
metadata.set_allow_db_user_override(value)
elif name == "https://redshift.amazon.com/SAML/Attributes/DbUser":
metadata.set_saml_db_user(value)
elif name == "https://aws.amazon.com/SAML/Attributes/RoleSessionName":
if metadata.get_saml_db_user() is None:
metadata.set_saml_db_user(value)
elif name == "https://redshift.amazon.com/SAML/Attributes/AutoCreate":
metadata.set_auto_create(value)
elif name == "https://redshift.amazon.com/SAML/Attributes/DbGroups":
metadata.set_db_groups([value.contents[0].lower() for value in values])
elif name == "https://redshift.amazon.com/SAML/Attributes/ForceLowercase":
metadata.set_force_lowercase(value)
return metadata
except AttributeError as e:
_logger.error("AttributeError: %s", e)
raise e
except KeyError as e:
_logger.error("KeyError: %s", e)
raise e