Updated tests

tests/idp.config

@@ -5,6 +5,7 @@
             "name" : "Rolands IdP",
             "endpoints" : {
                 "single_sign_on_service" : ["http://localhost:8088/sso"],
+                "single_logout_service": ["http://localhost:8088/slo"]
             },
             "policy": {
                 "default": {
@@ -32,4 +33,16 @@
     },
     "subject_data": "subject_data.db",
     "attribute_map_dir" : "attributemaps",
+    "organization": {
+        "name": "Exempel AB",
+        "display_name": [("Exempel AB","se"),("Example Co.","en")],
+        "url":"http://www.example.com/roland",
+    },
+    "contact_person": [{
+        "given_name":"John",
+        "sur_name": "Smith",
+        "email_address": ["john.smith@example.com"],
+        "contact_type": "technical",
+        },
+    ],
 }

tests/idp.xml

@@ -0,0 +1,17 @@
+<?xml version='1.0' encoding='UTF-8'?>
+<ns0:EntitiesDescriptor xmlns:ns0="urn:oasis:names:tc:SAML:2.0:metadata"><ns0:EntityDescriptor entityID="urn:mace:example.com:saml:roland:idp"><ns0:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><ns0:KeyDescriptor><ns1:KeyInfo xmlns:ns1="http://www.w3.org/2000/09/xmldsig#"><ns1:X509Data><ns1:X509Certificate>MIICsDCCAhmgAwIBAgIJAJrzqSSwmDY9MA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV
+BAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQwHhcNMDkxMDA2MTk0OTQxWhcNMDkxMTA1MTk0OTQxWjBF
+MQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50
+ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB
+gQDJg2cms7MqjniT8Fi/XkNHZNPbNVQyMUMXE9tXOdqwYCA1cc8vQdzkihscQMXy
+3iPw2cMggBu6gjMTOSOxECkuvX5ZCclKr8pXAJM5cY6gVOaVO2PdTZcvDBKGbiaN
+efiEw5hnoZomqZGp8wHNLAUkwtH9vjqqvxyS/vclc6k2ewIDAQABo4GnMIGkMB0G
+A1UdDgQWBBRePsKHKYJsiojE78ZWXccK9K4aJTB1BgNVHSMEbjBsgBRePsKHKYJs
+iojE78ZWXccK9K4aJaFJpEcwRTELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUt
+U3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZIIJAJrzqSSw
+mDY9MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEAJSrKOEzHO7TL5cy6
+h3qh+3+JAk8HbGBW+cbX6KBCAw/mzU8flK25vnWwXS3dv2FF3Aod0/S7AWNfKib5
+U/SA9nJaz/mWeF9S0farz9AQFc8/NSzAzaVq7YbM4F6f6N2FRl7GikdXRCed45j6
+mrPzGzk3ECbupFnqyREH3+ZPSdk=
+</ns1:X509Certificate></ns1:X509Data></ns1:KeyInfo></ns0:KeyDescriptor><ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://localhost:8088/slo" /><ns0:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://localhost:8088/sso" /></ns0:IDPSSODescriptor><ns0:Organization><ns0:OrganizationName xml:lang="en">Exempel AB</ns0:OrganizationName><ns0:OrganizationDisplayName xml:lang="se">Exempel AB</ns0:OrganizationDisplayName><ns0:OrganizationDisplayName xml:lang="en">Example Co.</ns0:OrganizationDisplayName><ns0:OrganizationURL xml:lang="en">http://www.example.com/roland</ns0:OrganizationURL></ns0:Organization><ns0:ContactPerson contactType="technical"><ns0:GivenName>John</ns0:GivenName><ns0:SurName>Smith</ns0:SurName><ns0:EmailAddress>john.smith@example.com</ns0:EmailAddress></ns0:ContactPerson></ns0:EntityDescriptor></ns0:EntitiesDescriptor>

tests/server.config

@@ -19,7 +19,7 @@
     "cert_file" : "test.pem",
     "xmlsec_binary" : "/usr/local/bin/xmlsec1",
     "metadata": {
-        "local": ["metadata.xml", "vo_metadata.xml"],
+        "local": ["idp.xml", "vo_metadata.xml"],
     },
     "virtual_organization" : {
         "urn:mace:example.com:it:tek":{

tests/test_31_config.py

@@ -91,7 +91,7 @@ def test_1():
 
     assert len(sp["idp"]) == 1
     assert sp["idp"].keys() == ["urn:mace:example.com:saml:roland:idp"]
-    assert sp["idp"].values() == ["http://localhost:8088/sso/"]
+    assert sp["idp"].values() == [{'single_sign_on_service': {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect':'http://localhost:8088/sso/'}}]
 
 def test_2():
     c = Config().load(sp2)
@@ -178,6 +178,6 @@ def test_wayf():
     c = Config().load_file("server.config")
     
     idps = c.get_available_idps()
-    assert idps == [('urn:mace:example.com:saml:roland:idp', 'Example Co')]
+    assert idps == [('urn:mace:example.com:saml:roland:idp', 'Exempel AB')]
     
     

tests/test_50_server.py

@@ -5,8 +5,11 @@ from saml2.server import Server, Identifier
 from saml2 import server, make_instance
 from saml2 import samlp, saml, client, config
 from saml2 import s_utils
+from saml2 import time_util
 from saml2.s_utils import OtherError
 from saml2.s_utils import do_attribute_statement, factory
+from saml2.soap import make_soap_enveloped_saml_thingy
+
 from py.test import raises
 import shelve
 import re
@@ -291,6 +294,28 @@ class TestServer1():
         # value. Just that there should be one
         assert assertion.signature.signature_value.text != ""
 
+    def test_slo(self):
+        soon = time_util.in_a_while(days=1)
+        sinfo = {
+            "name_id": "foba0001",
+            "issuer": "urn:mace:example.com:saml:roland:idp",
+            "not_on_or_after" : soon,
+            "user": {
+                "givenName": "Leo",
+                "surName": "Laport",
+            }
+        }
+        self.client.users.add_information_about_person(sinfo)
+        
+        (dest, logout_request) = self.client.make_logout_requests(
+                            subject_id = "foba0001",
+                            reason = "I'm tired of this",
+                        )[0]
+                        
+        saml_soap = make_soap_enveloped_saml_thingy(logout_request)
+        request = self.server.parse_logout_request(saml_soap)
+        assert request
+        
 #------------------------------------------------------------------------
 
 IDENTITY = {"eduPersonAffiliation": ["staff", "member"],

tests/test_51_client.py

@@ -164,8 +164,8 @@ class TestClient:
         assert scope.idp_list
         assert len(scope.idp_list.idp_entry) == 1
         idp_entry = scope.idp_list.idp_entry[0]
-        assert idp_entry.name == 'Example Co'
+        assert idp_entry.name == 'Exempel AB'
-        assert idp_entry.loc == ['http://localhost:8088/sso/']
+        assert idp_entry.loc == ['http://localhost:8088/sso']
     
     def test_create_auth_request_0(self):
         ar_str = self.client.authn_request("id1",
@@ -309,9 +309,9 @@ class TestClient:
         spentityid = self.client._spentityid()
         print spentityid
         assert spentityid == "urn:mace:example.com:saml:roland:sp"
-        location = self.client._location()
+        location = self.client._sso_location()
         print location
-        assert location == 'http://localhost:8088/sso/'
+        assert location == 'http://localhost:8088/sso'
         service_url = self.client._service_url()
         print service_url
         assert service_url == "http://lingon.catalogix.se:8087/"
@@ -349,7 +349,7 @@ class TestClient:
         authnreq = samlp.authn_request_from_string(saml_request)
         print authnreq.keyswv()
         assert authnreq.id == sid
-        assert authnreq.destination == "http://localhost:8088/sso/"
+        assert authnreq.destination == "http://localhost:8088/sso"
         assert authnreq.assertion_consumer_service_url == "http://lingon.catalogix.se:8087/"
         assert authnreq.provider_name == "urn:mace:example.com:saml:roland:sp"
         assert authnreq.protocol_binding == "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"