From 3927f17ff95bc9696541f8139346eab3106f9ea4 Mon Sep 17 00:00:00 2001
From: Roland Hedberg <roland.hedberg@adm.umu.se>
Date: Tue, 28 Sep 2010 13:35:49 +0200
Subject: [PATCH] Stricter and stricter verification

---
 tests/test_44_authnresp.py | 13 +++++++------
 tests/test_51_client.py    |  6 +++---
 tests/test_60_sp.py        |  2 +-
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/tests/test_44_authnresp.py b/tests/test_44_authnresp.py
index b583740..1ef0f2e 100644
--- a/tests/test_44_authnresp.py
+++ b/tests/test_44_authnresp.py
@@ -4,7 +4,7 @@
 from saml2 import samlp, BINDING_HTTP_POST
 from saml2 import saml, config, class_name, make_instance
 from saml2.server import Server
-from saml2.authnresponse import authn_response
+from saml2.response import authn_response
 
 XML_RESPONSE_FILE = "saml_signed.xml"
 XML_RESPONSE_FILE2 = "saml2_response.xml"
@@ -50,12 +50,12 @@ class TestAuthnResponse:
             conf.load_file("tests/server.config")
         except IOError:
             conf.load_file("server.config")
-        self.ar = authn_response(conf,"")
+        self.ar = authn_response(conf, "urn:mace:example.com:saml:roland:sp", 
+                                    "http://lingon.catalogix.se:8087/")
     
     def test_verify_1(self):
         xml_response = ("%s" % (self._resp_,)).split("\n")[1]
         self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"}
-        self.ar.requestor = "urn:mace:example.com:saml:roland:sp"
         self.ar.timeslack = 10000
         self.ar.loads(xml_response, decode=False)
         self.ar.verify()
@@ -72,7 +72,6 @@ class TestAuthnResponse:
         print xml_response
         
         self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"}
-        self.ar.requestor = "urn:mace:example.com:saml:roland:sp"
         self.ar.timeslack = 10000
         self.ar.loads(xml_response, decode=False)
         self.ar.verify()
@@ -88,7 +87,8 @@ class TestAuthnResponse:
         xml_response = open(XML_RESPONSE_FILE).read()
         ID = "bahigehogffohiphlfmplepdpcohkhhmheppcdie"
         self.ar.outstanding_queries = {ID: "http://localhost:8088/foo"}    
-        self.ar.requestor = "xenosmilus.umdc.umu.se"
+        self.ar.return_addr = "http://xenosmilus.umdc.umu.se:8087/login"
+        self.ar.entity_id = "xenosmilus.umdc.umu.se"
         # roughly a year, should create the response on the fly
         self.ar.timeslack = 315360000 # indecent long time
         self.ar.loads(xml_response, decode=False)
@@ -102,7 +102,8 @@ class TestAuthnResponse:
     def test_verify_w_authn(self):
         xml_response = ("%s" % (self._resp_authn,)).split("\n",1)[1]
         self.ar.outstanding_queries = {"id12": "http://localhost:8088/sso"}
-        self.ar.requestor = "urn:mace:example.com:saml:roland:sp"
+        self.ar.return_addr = "http://lingon.catalogix.se:8087/"
+        self.ar.entity_id = "urn:mace:example.com:saml:roland:sp"
         self.ar.timeslack = 10000
         self.ar.loads(xml_response, decode=False)
         self.ar.verify()
diff --git a/tests/test_51_client.py b/tests/test_51_client.py
index 03c6df5..b81a984 100644
--- a/tests/test_51_client.py
+++ b/tests/test_51_client.py
@@ -246,7 +246,7 @@ class TestClient:
         resp_str = "\n".join(self.server.authn_response(
                     identity=ava, 
                     in_response_to="id1", 
-                    destination="http://local:8087/", 
+                    destination="http://lingon.catalogix.se:8087/", 
                     sp_entity_id="urn:mace:example.com:saml:roland:sp",
                     name_id_policy=samlp.NameIDPolicy(
                         format=saml.NAMEID_FORMAT_PERSISTENT),
@@ -268,7 +268,7 @@ class TestClient:
         assert session_info["issuer"] == IDP
         assert session_info["came_from"] == "http://foo.example.com/service"
         response = samlp.response_from_string(authn_response.xmlstr)        
-        assert response.destination == "http://local:8087/"
+        assert response.destination == "http://lingon.catalogix.se:8087/"
 
         # One person in the cache
         assert len(self.client.users.subjects()) == 1
@@ -285,7 +285,7 @@ class TestClient:
         resp_str = "\n".join(self.server.authn_response(
                     identity=ava, 
                     in_response_to="id2", 
-                    destination="http://local:8087/", 
+                    destination="http://lingon.catalogix.se:8087/", 
                     sp_entity_id="urn:mace:example.com:saml:roland:sp",
                     name_id_policy=samlp.NameIDPolicy(
                         format=saml.NAMEID_FORMAT_PERSISTENT),
diff --git a/tests/test_60_sp.py b/tests/test_60_sp.py
index ce69244..c5a5ced 100644
--- a/tests/test_60_sp.py
+++ b/tests/test_60_sp.py
@@ -46,7 +46,7 @@ class TestSP():
                 "mail": ["derek@nyy.mlb.com"]}
 
         resp_str = "\n".join(self.server.authn_response(ava, 
-                    "id1", "http://local:8087/", 
+                    "id1", "http://lingon.catalogix.se:8087/", 
                     "urn:mace:example.com:saml:roland:sp",
                     make_instance(samlp.NameIDPolicy,
                                 utils.args2dict(