Replace double-underscored names with single underscores

This will avoid Python's class-name-prefix mangling of attributes and methods
while still retaining the signal that they're meant for private use of the library.

This makes it easier to e.g. subclass classes should one need to, and to access
data from outside (while being mindful of the fact that you're accessing notionally
private data).

Only one change to a test was required (and that test was indeed accessing a private
field from outside...).

Author: akx

src/onelogin/saml2/auth.py

@@ -41,13 +41,13 @@ def __init__(self, settings, force_authn=False, is_passive=False, set_nameid_pol
         :param name_id_value_req: Optional argument. Indicates to the IdP the subject that should be authenticated
         :type name_id_value_req: string
         """
-        self.__settings = settings
+        self._settings = settings
 
-        sp_data = self.__settings.get_sp_data()
-        idp_data = self.__settings.get_idp_data()
-        security = self.__settings.get_security_data()
+        sp_data = self._settings.get_sp_data()
+        idp_data = self._settings.get_idp_data()
+        security = self._settings.get_security_data()
 
-        self.__id = self._generate_request_id()
+        self._id = self._generate_request_id()
         issue_instant = OneLogin_Saml2_Utils.parse_time_to_SAML(OneLogin_Saml2_Utils.now())
 
         destination = idp_data['singleSignOnService']['url']
@@ -112,7 +112,7 @@ def __init__(self, settings, force_authn=False, is_passive=False, set_nameid_pol
 
         request = OneLogin_Saml2_Templates.AUTHN_REQUEST % \
             {
-                'id': self.__id,
+                'id': self._id,
                 'provider_name': provider_name_str,
                 'force_authn_str': force_authn_str,
                 'is_passive_str': is_passive_str,
@@ -127,7 +127,7 @@ def __init__(self, settings, force_authn=False, is_passive=False, set_nameid_pol
                 'acs_binding': sp_data['assertionConsumerService'].get('binding', 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST')
             }
 
-        self.__authn_request = request
+        self._authn_request = request
 
     def _generate_request_id(self):
         """
@@ -144,9 +144,9 @@ def get_request(self, deflate=True):
         :rtype: str object
         """
         if deflate:
-            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__authn_request)
+            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self._authn_request)
         else:
-            request = OneLogin_Saml2_Utils.b64encode(self.__authn_request)
+            request = OneLogin_Saml2_Utils.b64encode(self._authn_request)
         return request
 
     def get_id(self):
@@ -155,12 +155,12 @@ def get_id(self):
         :return: AuthNRequest ID
         :rtype: string
         """
-        return self.__id
+        return self._id
 
     def get_xml(self):
         """
         Returns the XML that will be sent as part of the request
         :return: XML request body
         :rtype: string
         """
-        return self.__authn_request
+        return self._authn_request

src/onelogin/saml2/authn_request.py

@@ -50,14 +50,14 @@ def __init__(self, settings, request=None, name_id=None, session_index=None, nq=
         :param spnq: SP Name Qualifier
         :type: string
         """
-        self.__settings = settings
-        self.__error = None
+        self._settings = settings
+        self._error = None
         self.id = None
 
         if request is None:
-            sp_data = self.__settings.get_sp_data()
-            idp_data = self.__settings.get_idp_data()
-            security = self.__settings.get_security_data()
+            sp_data = self._settings.get_sp_data()
+            idp_data = self._settings.get_idp_data()
+            security = self._settings.get_security_data()
 
             self.id = self._generate_request_id()
 
@@ -71,7 +71,7 @@ def __init__(self, settings, request=None, name_id=None, session_index=None, nq=
                 if exists_multix509enc:
                     cert = idp_data['x509certMulti']['encryption'][0]
                 else:
-                    cert = self.__settings.get_idp_cert()
+                    cert = self._settings.get_idp_cert()
 
             if name_id is not None:
                 if not name_id_format and sp_data['NameIDFormat'] != OneLogin_Saml2_Constants.NAMEID_UNSPECIFIED:
@@ -109,7 +109,7 @@ def __init__(self, settings, request=None, name_id=None, session_index=None, nq=
                 {
                     'id': self.id,
                     'issue_instant': issue_instant,
-                    'single_logout_url': self.__settings.get_idp_slo_url(),
+                    'single_logout_url': self._settings.get_idp_slo_url(),
                     'entity_id': sp_data['entityId'],
                     'name_id': name_id_obj,
                     'session_index': session_index_str,
@@ -118,7 +118,7 @@ def __init__(self, settings, request=None, name_id=None, session_index=None, nq=
             logout_request = OneLogin_Saml2_Utils.decode_base64_and_inflate(request, ignore_zip=True)
             self.id = self.get_id(logout_request)
 
-        self.__logout_request = compat.to_string(logout_request)
+        self._logout_request = compat.to_string(logout_request)
 
     def get_request(self, deflate=True):
         """
@@ -129,9 +129,9 @@ def get_request(self, deflate=True):
         :rtype: str object
         """
         if deflate:
-            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__logout_request)
+            request = OneLogin_Saml2_Utils.deflate_and_base64_encode(self._logout_request)
         else:
-            request = OneLogin_Saml2_Utils.b64encode(self.__logout_request)
+            request = OneLogin_Saml2_Utils.b64encode(self._logout_request)
         return request
 
     def get_xml(self):
@@ -141,7 +141,7 @@ def get_xml(self):
         :return: XML request body
         :rtype: string
         """
-        return self.__logout_request
+        return self._logout_request
 
     @classmethod
     def get_id(cls, request):
@@ -279,24 +279,24 @@ def is_valid(self, request_data, raise_exceptions=False):
         :return: If the Logout Request is or not valid
         :rtype: boolean
         """
-        self.__error = None
+        self._error = None
         try:
-            root = OneLogin_Saml2_XML.to_etree(self.__logout_request)
+            root = OneLogin_Saml2_XML.to_etree(self._logout_request)
 
-            idp_data = self.__settings.get_idp_data()
+            idp_data = self._settings.get_idp_data()
             idp_entity_id = idp_data['entityId']
 
             get_data = ('get_data' in request_data and request_data['get_data']) or dict()
 
-            if self.__settings.is_strict():
-                res = OneLogin_Saml2_XML.validate_xml(root, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
+            if self._settings.is_strict():
+                res = OneLogin_Saml2_XML.validate_xml(root, 'saml-schema-protocol-2.0.xsd', self._settings.is_debug_active())
                 if isinstance(res, str):
                     raise OneLogin_Saml2_ValidationError(
                         'Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd',
                         OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT
                     )
 
-                security = self.__settings.get_security_data()
+                security = self._settings.get_security_data()
 
                 current_url = OneLogin_Saml2_Utils.get_self_url_no_query(request_data)
 
@@ -345,8 +345,8 @@ def is_valid(self, request_data, raise_exceptions=False):
             return True
         except Exception as err:
             # pylint: disable=R0801
-            self.__error = str(err)
-            debug = self.__settings.is_debug_active()
+            self._error = str(err)
+            debug = self._settings.is_debug_active()
             if debug:
                 print(err)
             if raise_exceptions:
@@ -357,7 +357,7 @@ def get_error(self):
         """
         After executing a validation process, if it fails this method returns the cause
         """
-        return self.__error
+        return self._error
 
     def _generate_request_id(self):
         """

src/onelogin/saml2/logout_request.py

@@ -33,13 +33,13 @@ def __init__(self, settings, response=None):
             * (string)                    response. An UUEncoded SAML Logout
                                                     response from the IdP.
         """
-        self.__settings = settings
-        self.__error = None
+        self._settings = settings
+        self._error = None
         self.id = None
 
         if response is not None:
-            self.__logout_response = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(response, ignore_zip=True))
-            self.document = OneLogin_Saml2_XML.to_etree(self.__logout_response)
+            self._logout_response = compat.to_string(OneLogin_Saml2_Utils.decode_base64_and_inflate(response, ignore_zip=True))
+            self.document = OneLogin_Saml2_XML.to_etree(self._logout_response)
             self.id = self.document.get('ID', None)
 
     def get_issuer(self):
@@ -49,7 +49,7 @@ def get_issuer(self):
         :rtype: string
         """
         issuer = None
-        issuer_nodes = self.__query('/samlp:LogoutResponse/saml:Issuer')
+        issuer_nodes = self._query('/samlp:LogoutResponse/saml:Issuer')
         if len(issuer_nodes) == 1:
             issuer = OneLogin_Saml2_XML.element_text(issuer_nodes[0])
         return issuer
@@ -60,7 +60,7 @@ def get_status(self):
         :return: The Status
         :rtype: string
         """
-        entries = self.__query('/samlp:LogoutResponse/samlp:Status/samlp:StatusCode')
+        entries = self._query('/samlp:LogoutResponse/samlp:Status/samlp:StatusCode')
         if len(entries) == 0:
             return None
         status = entries[0].attrib['Value']
@@ -78,21 +78,21 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
         :return: Returns if the SAML LogoutResponse is or not valid
         :rtype: boolean
         """
-        self.__error = None
+        self._error = None
         try:
-            idp_data = self.__settings.get_idp_data()
+            idp_data = self._settings.get_idp_data()
             idp_entity_id = idp_data['entityId']
             get_data = request_data['get_data']
 
-            if self.__settings.is_strict():
-                res = OneLogin_Saml2_XML.validate_xml(self.document, 'saml-schema-protocol-2.0.xsd', self.__settings.is_debug_active())
+            if self._settings.is_strict():
+                res = OneLogin_Saml2_XML.validate_xml(self.document, 'saml-schema-protocol-2.0.xsd', self._settings.is_debug_active())
                 if isinstance(res, str):
                     raise OneLogin_Saml2_ValidationError(
                         'Invalid SAML Logout Request. Not match the saml-schema-protocol-2.0.xsd',
                         OneLogin_Saml2_ValidationError.INVALID_XML_FORMAT
                     )
 
-                security = self.__settings.get_security_data()
+                security = self._settings.get_security_data()
 
                 # Check if the InResponseTo of the Logout Response matches the ID of the Logout Request (requestId) if provided
                 in_response_to = self.get_in_response_to()
@@ -134,15 +134,15 @@ def is_valid(self, request_data, request_id=None, raise_exceptions=False):
             return True
         # pylint: disable=R0801
         except Exception as err:
-            self.__error = str(err)
-            debug = self.__settings.is_debug_active()
+            self._error = str(err)
+            debug = self._settings.is_debug_active()
             if debug:
                 print(err)
             if raise_exceptions:
                 raise
             return False
 
-    def __query(self, query):
+    def _query(self, query):
         """
         Extracts a node from the Etree (Logout Response Message)
         :param query: Xpath Expression
@@ -158,7 +158,7 @@ def build(self, in_response_to):
         :param in_response_to: InResponseTo value for the Logout Response.
         :type in_response_to: string
         """
-        sp_data = self.__settings.get_sp_data()
+        sp_data = self._settings.get_sp_data()
 
         self.id = self._generate_request_id()
 
@@ -168,13 +168,13 @@ def build(self, in_response_to):
             {
                 'id': self.id,
                 'issue_instant': issue_instant,
-                'destination': self.__settings.get_idp_slo_response_url(),
+                'destination': self._settings.get_idp_slo_response_url(),
                 'in_response_to': in_response_to,
                 'entity_id': sp_data['entityId'],
                 'status': "urn:oasis:names:tc:SAML:2.0:status:Success"
             }
 
-        self.__logout_response = logout_response
+        self._logout_response = logout_response
 
     def get_in_response_to(self):
         """
@@ -193,16 +193,16 @@ def get_response(self, deflate=True):
         :rtype: string
         """
         if deflate:
-            response = OneLogin_Saml2_Utils.deflate_and_base64_encode(self.__logout_response)
+            response = OneLogin_Saml2_Utils.deflate_and_base64_encode(self._logout_response)
         else:
-            response = OneLogin_Saml2_Utils.b64encode(self.__logout_response)
+            response = OneLogin_Saml2_Utils.b64encode(self._logout_response)
         return response
 
     def get_error(self):
         """
         After executing a validation process, if it fails this method returns the cause
         """
-        return self.__error
+        return self._error
 
     def get_xml(self):
         """
@@ -211,7 +211,7 @@ def get_xml(self):
         :return: XML response body
         :rtype: string
         """
-        return self.__logout_response
+        return self._logout_response
 
     def _generate_request_id(self):
         """

src/onelogin/saml2/logout_response.py

@@ -218,7 +218,7 @@ def sign_metadata(metadata, key, cert, sign_algorithm=OneLogin_Saml2_Constants.R
         return OneLogin_Saml2_Utils.add_sign(metadata, key, cert, False, sign_algorithm, digest_algorithm)
 
     @staticmethod
-    def __add_x509_key_descriptors(root, cert, signing):
+    def _add_x509_key_descriptors(root, cert, signing):
         key_descriptor = OneLogin_Saml2_XML.make_child(root, '{%s}KeyDescriptor' % OneLogin_Saml2_Constants.NS_MD)
         root.remove(key_descriptor)
         root.insert(0, key_descriptor)
@@ -261,6 +261,6 @@ def add_x509_key_descriptors(cls, metadata, cert=None, add_encryption=True):
             raise Exception('Malformed metadata.')
 
         if add_encryption:
-            cls.__add_x509_key_descriptors(sp_sso_descriptor, cert, False)
-        cls.__add_x509_key_descriptors(sp_sso_descriptor, cert, True)
+            cls._add_x509_key_descriptors(sp_sso_descriptor, cert, False)
+        cls._add_x509_key_descriptors(sp_sso_descriptor, cert, True)
         return OneLogin_Saml2_XML.to_string(root)