diff --git a/doc/_static/ViewmeonGitHub.png b/doc/_static/ViewmeonGitHub.png new file mode 100644 index 0000000..44da44c Binary files /dev/null and b/doc/_static/ViewmeonGitHub.png differ diff --git a/doc/conf.py b/doc/conf.py index f6cefd7..81a57fd 100644 --- a/doc/conf.py +++ b/doc/conf.py @@ -12,6 +12,7 @@ # serve to show the default. import sys, os +import alabaster # If extensions (or modules to document with autodoc) are in another directory, # add these directories to sys.path here. If the directory is relative to the @@ -25,7 +26,7 @@ import sys, os # Add any Sphinx extension module names here, as strings. They can be extensions # coming with Sphinx (named 'sphinx.ext.*') or your custom ones. -extensions = ['sphinx.ext.autodoc', 'sphinx.ext.viewcode'] +extensions = ['alabaster', 'sphinx.ext.autodoc', 'sphinx.ext.viewcode'] # Add any paths that contain templates here, relative to this directory. templates_path = ['_templates'] @@ -91,7 +92,25 @@ pygments_style = 'sphinx' # The theme to use for HTML and HTML Help pages. See the documentation for # a list of builtin themes. -html_theme = 'default' +html_theme_path = [alabaster.get_path()] +html_theme = 'alabaster' +html_sidebars = { + '**': [ + 'about.html', + 'navigation.html', + 'searchbox.html', + 'donate.html', + ] +} + +html_theme_options = { + 'description': '', + 'github_button': False, + 'github_user': 'its-dirg', + 'github_repo': 'IdProxy', + 'github_banner': False, + +} # Theme options are theme-specific and customize the look and feel of a theme # further. For a list of options available for each theme, see the diff --git a/doc/howto.rst b/doc/howto.rst index 186642c..414f725 100644 --- a/doc/howto.rst +++ b/doc/howto.rst @@ -206,7 +206,7 @@ Running the script testing an IDP Synopsis:: $ idp_testdrv.py --help - usage: idp_testdrv.py [-h] [-d] [-H] [-i] [-C CA_CERTS] [-J TT_CONFIG_FILE] [-m] [-l] + usage: idp_testdrv.py [-h] [-d] [-H] [-C CA_CERTS] [-J TT_CONFIG_FILE] [-m] [-l] [-c TD_CONFIG] [oper] @@ -215,15 +215,14 @@ Synopsis:: optional arguments: -C CA_CERTS CA certs to use to verify HTTPS server certificates, if - HTTPS is used and server certs are passed with -C then - the default cert verification will be done using keys/cacert.pem, - which is derived from Mozilla's ca_bundle.crt. + HTTPS is used and no server CA certs are defined then + no cert verification will be done. For a generic validation you may use the ca_bundle.crt + file that comes with Mozilla. -c TD_CONFIG, --config Test driver configuration module at the current directory or the path specified with the -P option. Do not use relative paths or the .py filename extension -d, --debug Print debug information to stderr -H, --prettyprint Human readable status output -h, --help show this help message and exit - -i, --insecure do not check TLS certificate (overriding -C option) -J TT_CONFIG_FILE Test target configuration in JSON format -L, --log Print HTTP log information # TODO: update documentation -l, --list List all the test operations as a JSON object @@ -242,22 +241,20 @@ Running the script testing an SP Synopsis:: $ sp_testdrv.py --help - usage: sp_testdrv.py [-h] [-d] [-C CA_CERTS] [-i] [-J TT_CONFIG_FILE] [-m] [-l] [-c TD_CONFIG] [-t TEST_PACKAGE] [oper] + usage: sp_testdrv.py [-h] [-d] [-C CA_CERTS] [-J TT_CONFIG_FILE] [-m] [-l] [-c TD_CONFIG] [oper] positional arguments: oper Which test to run (mandatory except for options -h, -l and -m) optional arguments: -C CA_CERTS CA certs to use to verify HTTPS server certificates, if - HTTPS is used and server certs are passed with -C then - the default cert verification will be done using keys/cacert.pem, - which is derived from Mozilla's ca_bundle.crt. + HTTPS is used and no server CA certs are defined then + no cert verification will be done. For a generic validation you may use the ca_bundle.crt + file that comes with Mozilla. -c TD_CONFIG, --config Test driver configuration module at the current directory or the path specified with the -P option. Do not use relative paths or filename extension -d, --debug Print debug information to stderr - -H, --prettyprint Human readable status output -h, --help show this help message and exit - -i, --insecure do not check TLS certificate (overriding -C option) -J TT_CONFIG_FILE Test target configuration in JSON format -L, --log Print HTTP log information # TODO: update documentation -l, --list List all the test flows as a JSON object diff --git a/doc/index.rst b/doc/index.rst index 054038a..475cb6e 100644 --- a/doc/index.rst +++ b/doc/index.rst @@ -18,6 +18,7 @@ Contents: howto install + saml2test Indices and tables ================== @@ -26,3 +27,8 @@ Indices and tables * :ref:`modindex` * :ref:`search` +.. raw:: html + + + Fork me on GitHub + \ No newline at end of file diff --git a/doc/make.sh b/doc/make.sh new file mode 100755 index 0000000..8496e1d --- /dev/null +++ b/doc/make.sh @@ -0,0 +1,5 @@ +#!/bin/sh +rm -f saml2test* +sphinx-apidoc -F -o ../doc/ ../src/saml2test +make clean +make html \ No newline at end of file diff --git a/script/sp_testdrv.py b/script/sp_testdrv.py index 14fda48..14f9430 100755 --- a/script/sp_testdrv.py +++ b/script/sp_testdrv.py @@ -1,8 +1,9 @@ #!/usr/bin/env python __author__ = 'rohe0002' +from sp_test import tests from sp_test import Client from sp_test.check import factory -cli = Client(factory) -cli.run() +cli = Client(tests, factory) +cli.run() \ No newline at end of file diff --git a/setup.py b/setup.py index 1878f41..be53239 100644 --- a/setup.py +++ b/setup.py @@ -21,19 +21,18 @@ __author__ = 'rohe0002' setup( name="saml2test", - version="0.5.0beta", + version="0.4.3", description="SAML2 test tool", author = "Roland Hedberg", author_email = "roland.hedberg@adm.umu.se", license="Apache 2.0", - packages=["idp_test", "idp_test/package", "saml2test", "sp_test", - "sp_test/test_suites"], + packages=["idp_test", "idp_test/package", "saml2test", "sp_test"], package_dir = {"": "src"}, classifiers = [ "Development Status :: 4 - Beta", "License :: OSI Approved :: Apache Software License", "Topic :: Software Development :: Libraries :: Python Modules"], - install_requires = ["pysaml2 >= 2", + install_requires = ["pysaml2", "mechanize", "argparse", "beautifulsoup4", diff --git a/src/idp_test/__init__.py b/src/idp_test/__init__.py index e184eea..15762cd 100644 --- a/src/idp_test/__init__.py +++ b/src/idp_test/__init__.py @@ -19,10 +19,9 @@ from saml2.mdstore import MetaData from saml2test import FatalError, OperationError from saml2test import exception_trace from saml2test import ContextFilter -from saml2test import JSON_DUMPS_ARGS -from base import Conversation -from check import CheckSaml2IntMetaData +from idp_test.base import Conversation +from idp_test.check import CheckSaml2IntMetaData # Schemas supported from saml2 import md @@ -40,12 +39,10 @@ SCHEMA = [dri, idpdisc, md, mdattr, mdui, saml, ui, xmldsig, xmlenc] __author__ = 'rolandh' -#logger = logging.getLogger("") -#logger.setLevel(logging.DEBUG) -#formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s " -#"%(message)s") -formatter_2 = logging.Formatter("%(delta).6f - %(levelname)s - [%(name)s] " - "%(message)s") +logger = logging.getLogger("") +logger.setLevel(logging.DEBUG) +#formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s") +formatter_2 = logging.Formatter("%(delta).6f - %(levelname)s - [%(name)s] %(message)s") cf = ContextFilter() cf.start() @@ -53,20 +50,12 @@ cf.start() streamhandler = logging.StreamHandler(sys.stderr) streamhandler.setFormatter(formatter_2) -memoryhandler = logging.handlers.MemoryHandler(1024 * 10, logging.DEBUG) +memoryhandler = logging.handlers.MemoryHandler(1024*10, logging.DEBUG) memoryhandler.addFilter(cf) -#saml2testlog = logging.getLogger("saml2test") -#saml2testlog.addHandler(memoryhandler) -#saml2testlog.setLevel(logging.DEBUG) -logger = logging.getLogger("saml2test") -logger.setLevel(logging.DEBUG) -logger.addHandler(memoryhandler) -# The streamhandler variable should be added to the logger if -# you want to see the log messages as they are printed instead -# of afterwards (mostly useful during debugging -#logger.addHandler(streamhandler) -logger.setLevel(logging.DEBUG) +saml2testlog = logging.getLogger("saml2test") +saml2testlog.addHandler(memoryhandler) +saml2testlog.setLevel(logging.DEBUG) def recursive_find_module(name, path=None): @@ -116,9 +105,9 @@ class SAML2client(object): self._parser.add_argument('-L', dest='log', action='store_true', help="Print log information") self._parser.add_argument( - '-C', dest="ca_certs", - help=("CA certs to use to verify HTTPS server certificates, " - "if HTTPS is used and no server CA certs are defined then " + '-C', dest="§", + help=("CA certs to use to verify HTTPS server certificates, ", + "if HTTPS is used and no server CA certs are defined then ", "no cert verification will be done")) self._parser.add_argument('-J', dest="json_config_file", help="Script configuration") @@ -151,7 +140,6 @@ class SAML2client(object): self.constraints = {} self.operations = None self.args = None - self.client = None def json_config_file(self): if self.args.json_config_file == "-": @@ -219,7 +207,7 @@ class SAML2client(object): try: self.entity_id = _jc["entity_id"] # Verify its the correct metadata - assert self.entity_id in md.entity.keys(), "Entityid {0} not found in {1}".format(self.entity_id, ', '.join(md.entity.keys())) + assert self.entity_id in md.entity.keys() except KeyError: if len(md.entity.keys()) == 1: self.entity_id = md.entity.keys()[0] @@ -296,34 +284,15 @@ class SAML2client(object): self.setup() except (AttributeError, ToOld), err: print >> sys.stdout, "Configuration Error: %s" % err - return + + self.client = Saml2Client(self.sp_config) + conv = None if self.args.pretty: pp = pprint.PrettyPrinter(indent=4) else: pp = None - conv = None - - try: - self.client = Saml2Client(self.sp_config) - except Exception, err: - if conv: - self.test_log = conv.test_output - self.test_log.append(exception_trace("RUN", err)) - else: - self.test_log = exception_trace("RUN", err) - tsum = self.test_summation(self.args.oper) - - if pp: - pp.pprint(tsum) - else: - print >> sys.stdout, json.dumps(tsum, **JSON_DUMPS_ARGS) - - if tsum["status"] > 1 or self.args.debug or err: - self.output_log(memoryhandler, streamhandler) - return - try: try: oper = self.operations.OPERATIONS[self.args.oper] @@ -369,7 +338,7 @@ class SAML2client(object): if pp: pp.pprint(tsum) else: - print >> sys.stdout, json.dumps(tsum, **JSON_DUMPS_ARGS) + print >> sys.stdout, json.dumps(tsum) if tsum["status"] > 1 or self.args.debug or err: self.output_log(memoryhandler, streamhandler) @@ -416,7 +385,7 @@ class SAML2client(object): lista.append(item) - print json.dumps(lista, **JSON_DUMPS_ARGS) + print json.dumps(lista) def _get_operation(self, operation): return self.operations.OPERATIONS[operation] @@ -430,7 +399,7 @@ class SAML2client(object): mod = import_module("config") _res = dict([(key, cnf["description"]) for key, cnf in mod.CONFIG.items()]) - print json.dumps(_res, **JSON_DUMPS_ARGS) + print json.dumps(_res) def verify_metadata(self): self.json_config = self.json_config_file() diff --git a/src/idp_test/base.py b/src/idp_test/base.py index fae629f..5b9309a 100644 --- a/src/idp_test/base.py +++ b/src/idp_test/base.py @@ -5,16 +5,14 @@ import urllib import cookielib from saml2 import BINDING_HTTP_REDIRECT, BINDING_URI -from saml2 import BINDING_HTTP_POST, BINDING_SOAP -from saml2 import httpbase +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_SOAP from saml2.mdstore import REQ2SRV -from saml2.pack import http_redirect_message -from saml2.pack import http_form_post_message +from saml2.pack import http_redirect_message, http_form_post_message from saml2.s_utils import rndstr from saml2test import tool -from saml2test import OperationError from saml2test import FatalError __author__ = 'rohe0002' @@ -82,14 +80,7 @@ class Conversation(tool.Conversation): response = None for srv in srvs: - try: - response = self._send(srv) - except httpbase.ConnectionError, err: - logger.debug("IO error: %s" % err) - raise OperationError("IO error: %s" % err) - except Exception, err: - raise - + response = self._send(srv) if response is not None: break @@ -105,7 +96,7 @@ class Conversation(tool.Conversation): try: req = self.oper.args["message"] except KeyError: - req_id, req = self.qfunc(**self.qargs) + req = self.qfunc(**self.qargs) self.request = self.oper.pre_processing(req, self.args) str_req = "%s" % self.request @@ -193,9 +184,9 @@ class Conversation(tool.Conversation): # remove args the create function can't handle fargs = inspect.getargspec(self.qfunc).args if _oper._class: - fargs.extend([p for p, _c, _r in + fargs.extend([p for p, c, r in _oper._class.c_attributes.values()]) - fargs.extend([p for p, _c in _oper._class.c_children.values()]) + fargs.extend([p for p, c in _oper._class.c_children.values()]) for arg in qargs.keys(): if arg not in fargs: del qargs[arg] @@ -203,7 +194,7 @@ class Conversation(tool.Conversation): self.qargs = qargs def my_endpoints(self): - return [e for e, _b in self.client.config.getattr("endpoints", "sp")[ + return [e for e, b in self.client.config.getattr("endpoints", "sp")[ "assertion_consumer_service"]] def handle_result(self): @@ -249,4 +240,4 @@ class Conversation(tool.Conversation): logger.error("Exception %s" % err) self.err_check("exception", err) - return True + return True \ No newline at end of file diff --git a/src/idp_test/check.py b/src/idp_test/check.py index 2a69e81..207d2ef 100644 --- a/src/idp_test/check.py +++ b/src/idp_test/check.py @@ -19,13 +19,20 @@ from saml2.samlp import Response from saml2.sigver import cert_from_key_info_dict from saml2.sigver import key_from_key_value_dict -# Import the status codes used indicate the test results -from saml2test.status import OK, CRITICAL, WARNING - from saml2.time_util import str_to_time __author__ = 'rolandh' +INFORMATION = 0 +OK = 1 +WARNING = 2 +ERROR = 3 +CRITICAL = 4 +INTERACTION = 5 + +STATUSCODE = ["INFORMATION", "OK", "WARNING", "ERROR", "CRITICAL", + "INTERACTION"] + PREFIX = "-----BEGIN CERTIFICATE-----" POSTFIX = "-----END CERTIFICATE-----" @@ -56,8 +63,7 @@ class CheckSaml2IntMetaData(Check): # contact person if "contact_person" not in idpsso and "contact_person" not in ed: - self._message = "Metadata should contain contact person " - "information" + self._message = "Metadata should contain contact person information" self._status = WARNING return res else: @@ -251,15 +257,14 @@ class CheckSubjectNameIDFormat(Check): """ The element tailors the name identifier in the subjects of assertions resulting from an . - When this element is used, if the content is not understood by or - acceptable to the identity provider, then a message element MUST - be returned with an error , and MAY contain a second-level + When this element is used, if the content is not understood by or acceptable + to the identity provider, then a message element MUST be + returned with an error , and MAY contain a second-level of urn:oasis:names:tc:SAML:2.0:status:InvalidNameIDPolicy. - If the Format value is omitted or set to - urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified, then the identity - provider is free to return any kind of identifier, subject to any - additional constraints due to the content of this element or the policies - of the identity provider or principal. + If the Format value is omitted or set to urn:oasis:names:tc:SAML:2.0:nameid- + format:unspecified, then the identity provider is free to return any kind + of identifier, subject to any additional constraints due to the content of + this element or the policies of the identity provider or principal. """ cid = "check-saml2int-nameid-format" msg = "Attribute error" @@ -460,7 +465,7 @@ class VerifyFunctionality(Check): md = conv.client.metadata entity = md[conv.entity_id] for desc in ["idpsso_descriptor", "attribute_authority_descriptor", - "authn_authority_descriptor"]: + "auth_authority_descriptor"]: try: srvgrps = entity[desc] except KeyError: @@ -497,8 +502,8 @@ class VerifyFunctionality(Check): if self._status != OK: return res - res = self._binding_support(conv, oper.request, - args["request_binding"], "idpsso") + res = self._binding_support(conv, oper.request, args["request_binding"], + "idpsso") if self._status != OK: return res @@ -513,9 +518,7 @@ class VerifyFunctionality(Check): pass else: res = self._nameid_format_support(conv, - args[ - "name_id_policy" - ].format) + args["name_id_policy"].format) return res @@ -634,7 +637,7 @@ CLASS_CACHE = {} def factory(cid, classes=CLASS_CACHE): if len(classes) == 0: check.factory(cid, classes) - for _name, obj in inspect.getmembers(sys.modules[__name__]): + for name, obj in inspect.getmembers(sys.modules[__name__]): if inspect.isclass(obj): try: classes[obj.cid] = obj diff --git a/src/idp_test/interaction.py b/src/idp_test/interaction.py index 3c18f12..03da9c2 100644 --- a/src/idp_test/interaction.py +++ b/src/idp_test/interaction.py @@ -1,5 +1,3 @@ -from saml2test import JSON_DUMPS_ARGS - __author__ = 'rohe0002' import json @@ -14,7 +12,6 @@ from mechanize._form import ListControl logger = logging.getLogger(__name__) - def pick_interaction(interactions, _base="", content="", req=None): unic = content if content: @@ -63,7 +60,7 @@ class FlowException(Exception): self.url = url def __str__(self): - return json.dumps(self.__dict__, **JSON_DUMPS_ARGS) + return json.dumps(self.__dict__) class RResponse(): @@ -278,6 +275,7 @@ def select_form(httpc, orig_response, **kwargs): return do_click(httpc, form, **kwargs) +#noinspection PyUnusedLocal def chose(httpc, orig_response, path, **kwargs): """ Sends a HTTP GET to a url given by the present url and the given @@ -289,6 +287,7 @@ def chose(httpc, orig_response, path, **kwargs): :return: The response do_click() returns """ + if not path.startswith("http"): try: _url = orig_response.url @@ -325,6 +324,7 @@ def NoneFunc(): return None +#noinspection PyUnusedLocal def parse(httpc, orig_response, **kwargs): # content is a form from which I get the SAMLResponse response = RResponse(orig_response) @@ -338,6 +338,7 @@ def parse(httpc, orig_response, **kwargs): "RelayState": form["RelayState"]} +#noinspection PyUnusedLocal def interaction(args): _type = args["type"] if _type == "form": diff --git a/src/idp_test/package/authn_request.py b/src/idp_test/package/authn_request.py index 4ae99b2..e4b2691 100644 --- a/src/idp_test/package/authn_request.py +++ b/src/idp_test/package/authn_request.py @@ -6,7 +6,6 @@ __author__ = 'rolandh' from idp_test.saml2base import AuthnRequest - class DummyExtension(SamlBase): """The urn:mace:umu.se:SAML:2.0:extension:foo element """ @@ -18,14 +17,12 @@ class DummyExtension(SamlBase): c_child_order = SamlBase.c_child_order[:] c_cardinality = SamlBase.c_cardinality.copy() - class AuthnRequest_UnknownIssuer(AuthnRequest): def pre_processing(self, message, args): _issuer = message.issuer _issuer.text = "https://www.example.com/foobar.xml" return message - class AuthnRequest_UnknownExtension(AuthnRequest): def pre_processing(self, message, args): message.extension = ExtensionContainer() @@ -49,4 +46,4 @@ OPERATIONS = { "tests": {"pre": [CheckSaml2IntMetaData], "post": [CheckSaml2IntAttributes]} }, -} +} \ No newline at end of file diff --git a/src/idp_test/saml2base.py b/src/idp_test/saml2base.py index 0e909b3..05872c3 100644 --- a/src/idp_test/saml2base.py +++ b/src/idp_test/saml2base.py @@ -1,9 +1,14 @@ from saml2 import samlp -from saml2 import BINDING_HTTP_ARTIFACT, BINDING_HTTP_POST -from saml2 import BINDING_HTTP_REDIRECT, BINDING_PAOS, BINDING_SOAP +from saml2 import BINDING_HTTP_ARTIFACT +from saml2 import BINDING_HTTP_POST +from saml2 import BINDING_HTTP_REDIRECT +from saml2 import BINDING_PAOS +from saml2 import BINDING_SOAP from saml2 import BINDING_URI -from saml2.saml import NAMEID_FORMAT_PERSISTENT, NAMEID_FORMAT_UNSPECIFIED -from saml2.saml import NAMEID_FORMAT_TRANSIENT, NAMEID_FORMAT_EMAILADDRESS +from saml2.saml import NAMEID_FORMAT_PERSISTENT +from saml2.saml import NAMEID_FORMAT_UNSPECIFIED +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.saml import NAMEID_FORMAT_EMAILADDRESS from idp_test.check import CheckLogoutSupport from idp_test.check import CheckSaml2IntAttributes @@ -366,7 +371,7 @@ OPERATIONS = { "sequence": [AuthnRequest], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["verify"] + "depend":["verify"] }, 'authn-nid_transient': { "tc_id": "S2c-10", @@ -375,7 +380,7 @@ OPERATIONS = { "sequence": [AuthnRequestNID_Transient], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-nid_email': { "tc_id": "S2c-20", @@ -384,7 +389,7 @@ OPERATIONS = { "sequence": [AuthnRequestNID_Email], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-nid_no': { "tc_id": "S2c-21", @@ -393,7 +398,7 @@ OPERATIONS = { "sequence": [AuthnRequestNID_no], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-nid_unspecified': { "tc_id": "S2c-21", @@ -402,7 +407,7 @@ OPERATIONS = { "sequence": [AuthnRequestNID_Unspecified], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-post': { "tc_id": "S2c-08", @@ -411,7 +416,7 @@ OPERATIONS = { "sequence": [AuthnRequestPost], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-post-transient': { "tc_id": "S2c-09", @@ -420,48 +425,48 @@ OPERATIONS = { "sequence": [AuthnRequestPostNID_Transient], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn-post"] + "depend":["authn-post"] }, - 'attribute-query': { + 'attribute-query':{ "tc_id": "S2c-01", "name": "", - "sequence": [AuthnRequest, AttributeQuery], - "depend": ["authn"] + "sequence":[AuthnRequest, AttributeQuery], + "depend":["authn"] }, - 'attribute-query-transient': { + 'attribute-query-transient':{ "tc_id": "S2c-20", "name": "", - "sequence": [AuthnRequestNID_Transient, AttributeQuery], - "depend": ["authn"] + "sequence":[AuthnRequestNID_Transient, AttributeQuery], + "depend":["authn"] }, 'authn_endpoint_index': { "tc_id": "S2c-03", "name": '', "descr": '', "sequence": [AuthnRequestEndpointIndex], - "depend": ["authn"] + "depend":["authn"] }, 'authn_endpoint_index-transient': { "tc_id": "S2c-03", "name": '', "descr": '', "sequence": [AuthnRequestEndpointIndexNIDTransient], - "depend": ["authn"] + "depend":["authn"] }, 'authn_specified_endpoint': { "tc_id": "S2c-04", "name": '', "descr": '', "sequence": [AuthnRequestSpecEndpoint], - "depend": ["authn"] + "depend":["authn"] }, - 'authn-artifact': { + 'authn-artifact':{ 'tc_id': "S2c-05", "name": "SAML2 AuthnRequest using an artifact", "descr": ('AuthnRequest using HTTP-redirect and artifact'), "sequence": [AuthnRequest_using_Artifact] }, - 'authn-artifact_nid-transient': { + 'authn-artifact_nid-transient':{ 'tc_id': "S2c-05", "name": "SAML2 AuthnRequest expecting artifact response", "descr": ('AuthnRequest using HTTP-redirect and artifact'), @@ -473,7 +478,7 @@ OPERATIONS = { "descr": 'AuthnRequest followed by an AssertionIDRequest', "sequence": [AuthnRequest, AssertionIDRequest], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-nid_transient-assertion_id_request': { "tc_id": "S2c-26", @@ -481,7 +486,7 @@ OPERATIONS = { "descr": 'AuthnRequest followed by an AssertionIDRequest', "sequence": [AuthnRequestNID_Transient, AssertionIDRequest], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-with-name_id_policy': { "tc_id": "S2c-11", @@ -489,7 +494,7 @@ OPERATIONS = { "descr": 'AuthnRequest with specific NameIDPolicy', "sequence": [AuthnRequest_NameIDPolicy1], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'authn-with-name_id_policy_nid-transient': { "tc_id": "S2c-31", @@ -497,13 +502,13 @@ OPERATIONS = { "descr": 'AuthnRequest with specific NameIDPolicy', "sequence": [AuthnRequest_NameIDPolicy1Transient], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, 'ecp_authn': { 'tc_id': "S2c-12", "name": "SAML2 AuthnRequest using ECP and PAOS", "descr": "SAML2 AuthnRequest using ECP and PAOS", - "sequence": [ECP_AuthnRequest] + "sequence":[ECP_AuthnRequest] }, 'log-in-out': { "tc_id": "S2c-13", @@ -511,31 +516,31 @@ OPERATIONS = { "descr": 'AuthnRequest using HTTP-redirect followed by a logout', "sequence": [AuthnRequest, LogOutRequest], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, - 'manage_nameid': { + 'manage_nameid':{ "tc_id": "S2c-14", "name": "Setting the SP provided ID by using ManageNameID", - "sequence": [AuthnRequest, ManageNameIDRequest], - "depend": ["authn"] + "sequence":[AuthnRequest, ManageNameIDRequest], + "depend":["authn"] }, - 'manage_nameid_nid-transient': { + 'manage_nameid_nid-transient':{ "tc_id": "S2c-14", "name": "Setting the SP provided ID by using ManageNameID", - "sequence": [AuthnRequestNID_Transient, ManageNameIDRequest], - "depend": ["authn"] + "sequence":[AuthnRequestNID_Transient, ManageNameIDRequest], + "depend":["authn"] }, - 'nameid-mapping': { + 'nameid-mapping':{ "tc_id": "S2c-15", "name": "Simple NameIDMapping request", - "sequence": [AuthnRequest, NameIDMappingRequest], - "depend": ["authn"] + "sequence":[AuthnRequest, NameIDMappingRequest], + "depend":["authn"] }, 'authn-authn_query': { "name": 'AuthnRequest and then an AuthnQuery', "descr": 'AuthnRequest followed by an AuthnQuery', "sequence": [AuthnRequest, AuthnQuery], "tests": {"pre": [CheckSaml2IntMetaData], "post": []}, - "depend": ["authn"] + "depend":["authn"] }, -} +} \ No newline at end of file diff --git a/src/saml2test/__init__.py b/src/saml2test/__init__.py index 28d1131..a4812f9 100644 --- a/src/saml2test/__init__.py +++ b/src/saml2test/__init__.py @@ -12,8 +12,6 @@ logger = logging.getLogger(__name__) __author__ = 'rolandh' -JSON_DUMPS_ARGS = {"indent": 4, "sort_keys": True} - class FatalError(Exception): pass @@ -23,7 +21,7 @@ class CheckError(Exception): pass -class HttpError(Exception): +class HTTP_ERROR(Exception): pass @@ -40,15 +38,11 @@ class ContextFilter(logging.Filter): This is a filter which injects time laps information into the log. """ - def __init__(self, name=""): - logging.Filter.__init__(self, name) - self._start = 0 - def start(self): - self._start = time.time() + self.start = time.time() def filter(self, record): - record.delta = time.time() - self._start + record.delta = time.time() - self.start return True @@ -64,7 +58,7 @@ def stop_script_by_name(name): import os p = subprocess.Popen(['ps', '-A'], stdout=subprocess.PIPE) - out, _err = p.communicate() + out, err = p.communicate() for line in out.splitlines(): if name in line: @@ -84,7 +78,7 @@ def get_page(url): if resp.status_code == 200: return resp.text else: - raise HttpError(resp.status) + raise HTTP_ERROR(resp.status) def exception_trace(tag, exc, log=None): @@ -100,4 +94,4 @@ def exception_trace(tag, exc, log=None): def ip_addresses(): return [ip for ip in socket.gethostbyname_ex(socket.gethostname())[2] - if not ip.startswith("127.")] + if not ip.startswith("127.")] \ No newline at end of file diff --git a/src/saml2test/check.py b/src/saml2test/check.py index 9bfb272..1f2f062 100644 --- a/src/saml2test/check.py +++ b/src/saml2test/check.py @@ -1,13 +1,21 @@ import inspect import json -import traceback -import sys -# Import the status codes used indicate the test results -from saml2test.status import INFORMATION, OK, ERROR, CRITICAL - __author__ = 'rolandh' +import traceback +import sys + +INFORMATION = 0 +OK = 1 +WARNING = 2 +ERROR = 3 +CRITICAL = 4 +INTERACTION = 5 + +STATUSCODE = ["INFORMATION", "OK", "WARNING", "ERROR", "CRITICAL", + "INTERACTION"] + CONT_JSON = "application/json" CONT_JWT = "application/jwt" @@ -145,7 +153,7 @@ class VerifyError(Error): except Exception: pass - item, _msg = conv.protocol_response[-1] + item, msg = conv.protocol_response[-1] try: assert item.type().endswith("ErrorResponse") except AssertionError: @@ -239,10 +247,9 @@ class Parse(CriticalError): return {} - def factory(cid, classes): if len(classes) == 0: - for _name, obj in inspect.getmembers(sys.modules[__name__]): + for name, obj in inspect.getmembers(sys.modules[__name__]): if inspect.isclass(obj): try: classes[obj.cid] = obj diff --git a/src/saml2test/interaction.py b/src/saml2test/interaction.py index 1eebe69..0121fbc 100644 --- a/src/saml2test/interaction.py +++ b/src/saml2test/interaction.py @@ -1,5 +1,3 @@ -from saml2test import JSON_DUMPS_ARGS - __author__ = 'rohe0002' import json @@ -25,7 +23,7 @@ class FlowException(Exception): self.url = url def __str__(self): - return json.dumps(self.__dict__, **JSON_DUMPS_ARGS) + return json.dumps(self.__dict__) class InteractionNeeded(Exception): @@ -389,8 +387,7 @@ class Action(object): except (KeyError, AttributeError): _args = {} - _args.update({"location": location, "features": features, - "conv": conv}) + _args.update({"location": location, "features": features, "conv": conv}) logger.info("<-- FUNCTION: %s" % function.__name__) logger.info("<-- ARGS: %s" % _args) diff --git a/src/saml2test/opfunc.py b/src/saml2test/opfunc.py index 040a784..2f88c70 100644 --- a/src/saml2test/opfunc.py +++ b/src/saml2test/opfunc.py @@ -6,8 +6,6 @@ from urlparse import urlparse from mechanize import ParseResponseEx from mechanize._form import ControlNotFoundError, AmbiguityError from mechanize._form import ListControl -from saml2test import JSON_DUMPS_ARGS - __author__ = 'rohe0002' @@ -22,7 +20,7 @@ class FlowException(Exception): self.url = url def __str__(self): - return json.dumps(self.__dict__, **JSON_DUMPS_ARGS) + return json.dumps(self.__dict__) class DResponse(): diff --git a/src/saml2test/tool.py b/src/saml2test/tool.py index 05f8683..4f92620 100644 --- a/src/saml2test/tool.py +++ b/src/saml2test/tool.py @@ -7,7 +7,7 @@ from urlparse import parse_qs from saml2test.opfunc import Operation from saml2test import FatalError from saml2test.check import ExpectedError, ERROR -from saml2test.status import INTERACTION +from saml2test.check import INTERACTION from saml2test.interaction import Interaction from saml2test.interaction import Action from saml2test.interaction import InteractionNeeded @@ -61,7 +61,7 @@ class Conversation(object): except KeyError: pass - raise OperationError + raise FatalError def do_check(self, test, **kwargs): if isinstance(test, basestring): @@ -128,7 +128,7 @@ class Conversation(object): self.client.cookiejar = self.cjar["rp"] for_me = True try: - _base, query = url.split("?") + base, query = url.split("?") except ValueError: pass else: @@ -300,8 +300,8 @@ class Conversation(object): break except (FatalError, OperationError): raise - except Exception, _err: - #self.err_check("exception", _err) + except Exception, err: + #self.err_check("exception", err) raise try: diff --git a/src/sp_test/__init__.py b/src/sp_test/__init__.py index 35281d8..c7839be 100644 --- a/src/sp_test/__init__.py +++ b/src/sp_test/__init__.py @@ -13,18 +13,16 @@ from saml2.server import Server from saml2.config import IdPConfig from saml2.config import logging -from base import Conversation +from sp_test.base import Conversation from saml2test import FatalError from saml2test import CheckError from saml2test import ContextFilter from saml2test import exception_trace -from saml2test import JSON_DUMPS_ARGS __author__ = 'rolandh' -#formatter = -# logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s") +#formatter = logging.Formatter("%(asctime)s %(name)s:%(levelname)s %(message)s") formatter_2 = logging.Formatter( "%(delta).6f - %(levelname)s - [%(name)s] %(message)s") @@ -40,87 +38,44 @@ memoryhandler.addFilter(cf) logger = logging.getLogger(__name__) logger.setLevel(logging.DEBUG) logger.addHandler(memoryhandler) - -# The streamhandler variable should be added to the logger if -# you want to see the log messages as they are printed instead -# of afterwards (mostly useful during debugging -#logger.addHandler(streamhandler) logger.setLevel(logging.DEBUG) class Client(object): - """ - This is the SP testing client for saml2test. It contains the methods that - are required to set up and run the tests you request. - """ - def __init__(self, check_factory): - """ - Creates a new SP testing client. - - @param self: this SP testing client - @param check_factory: the factory containing the checks that are needed - during the SP test - """ - - self.testsuite = None + def __init__(self, operations, check_factory): + self.operations = operations + self.tests = None self.check_factory = check_factory self._parser = argparse.ArgumentParser() - self._parser.add_argument("-c", - dest="config", - default="config", + self._parser.add_argument("-c", dest="config", default="config", help="Configuration file for the IdP") - self._parser.add_argument('-C', - dest="ca_certs", - help="CA certs to use to verify HTTPS " - "server certificates, if HTTPS is used and " - "no server CA certs are defined then no " - "cert verification will be done") - self._parser.add_argument('-d', - dest='debug', - action='store_true', + self._parser.add_argument( + '-C', dest="ca_certs", + help=("CA certs to use to verify HTTPS server certificates, ", + "if HTTPS is used and no server CA certs are defined then ", + "no cert verification will be done")) + self._parser.add_argument('-d', dest='debug', action='store_true', help="Print debug information") - self._parser.add_argument("-H", - dest="pretty", - action='store_true', - help="Human readable status output") - self._parser.add_argument("-i", - dest="insecure", - action='store_true', - help="do not verify TLS certificates") - self._parser.add_argument('-J', - dest="json_config_file", + self._parser.add_argument("-H", dest="pretty", action='store_true') + self._parser.add_argument("-i", dest="insecure", action='store_true') + self._parser.add_argument('-J', dest="json_config_file", help="Script configuration") - self._parser.add_argument("-l", - dest="list", - action="store_true", - help="List all the test flows as a JSON " - "object") - self._parser.add_argument('-m', - dest="metadata", - action='store_true', + self._parser.add_argument( + "-l", dest="list", action="store_true", + help="List all the test flows as a JSON object") + self._parser.add_argument('-m', dest="metadata", action='store_true', help="Return the IdP metadata") - self._parser.add_argument("-P", - dest="configpath", - default=".", - help="Path to the configuration file for " - "the IdP") - self._parser.add_argument("-t", - dest="testsuite", - default="basicTests", - help="Specifies the test suite from which " - "you wish to run tests") - self._parser.add_argument('-v', - dest='verbose', - action='store_true', + self._parser.add_argument( + "-P", dest="configpath", default=".", + help="Path to the configuration file for the IdP") + self._parser.add_argument("-t", dest="testpackage", + help="Module describing tests") + self._parser.add_argument('-v', dest='verbose', action='store_true', help="Print runtime information") - self._parser.add_argument("-Y", - dest="pysamllog", - action='store_true', + self._parser.add_argument("-Y", dest="pysamllog", action='store_true', help="Print PySAML2 logs") - self._parser.add_argument("oper", - nargs="?", - help="Which test to run") + self._parser.add_argument("oper", nargs="?", help="Which test to run") self.interactions = None self.entity_id = None @@ -188,9 +143,6 @@ class Client(object): root_logger.addHandler(memoryhandler) root_logger.setLevel(logging.DEBUG) - self.testsuite = import_module("sp_test.test_suites.%s" % - self.args.testsuite) - if self.args.metadata: return self.make_meta() elif self.args.list: @@ -205,15 +157,18 @@ class Client(object): self.setup() - if self.testsuite: - try: - oper = self.testsuite.testcases[self.args.oper] - except ValueError: + try: + oper = self.operations.OPERATIONS[self.args.oper] + except KeyError: + if self.tests: + try: + oper = self.tests.OPERATIONS[self.args.oper] + except ValueError: + print >> sys.stderr, "Undefined testcase" + return + else: print >> sys.stderr, "Undefined testcase" return - else: - print >> sys.stderr, "Undefined testcase" - return opers = oper["sequence"] @@ -254,7 +209,7 @@ class Client(object): if pp: pp.pprint(tsum) else: - print >> sys.stdout, json.dumps(tsum, **JSON_DUMPS_ARGS) + print >> sys.stdout, json.dumps(tsum) if tsum["status"] > 1 or self.args.debug or err: self.output_log(memoryhandler, streamhandler) @@ -280,10 +235,14 @@ class Client(object): self.idp.metadata = metadata #self.idp_config.metadata = metadata + if self.args.testpackage: + self.tests = import_module("sp_test.package.%s" % + self.args.testpackage) + try: self.entity_id = _jc["entity_id"] # Verify its the correct metadata - assert self.entity_id in md.entity.keys(), "Entityid {0} not found in {1}".format(self.entity_id, ', '.join(md.entity.keys())) + assert self.entity_id in md.entity.keys() except KeyError: if len(md.entity.keys()) == 1: self.entity_id = md.entity.keys()[0] @@ -300,10 +259,10 @@ class Client(object): def list_operations(self): res = [] - for key, val in self.testsuite.testcases.items(): + for key, val in self.operations.OPERATIONS.items(): res.append({"id": key, "name": val["name"]}) - print json.dumps(res, **JSON_DUMPS_ARGS) + print json.dumps(res) def verify_metadata(self): pass diff --git a/src/sp_test/base.py b/src/sp_test/base.py index 9317ccd..aabfb34 100644 --- a/src/sp_test/base.py +++ b/src/sp_test/base.py @@ -14,11 +14,14 @@ from saml2.sigver import signed_instance_factory, pre_signature_part from saml2test import CheckError, FatalError from saml2test.check import Check from saml2test.check import ExpectedError -from saml2test.status import INTERACTION, STATUSCODE +from saml2test.check import INTERACTION +from saml2test.check import STATUSCODE from saml2test.interaction import Action from saml2test.interaction import Interaction from saml2test.interaction import InteractionNeeded +from sp_test.tests import ErrorResponse + __author__ = 'rolandh' import logging @@ -119,8 +122,8 @@ class Conversation(): for serv in ["aa", "aq", "idp"]: endpoints = self._config.getattr("endpoints", serv) if endpoints: - for _typ, spec in endpoints.items(): - for url, _binding in spec: + for typ, spec in endpoints.items(): + for url, binding in spec: yield url def which_endpoint(self, url): @@ -165,11 +168,11 @@ class Conversation(): _txt = self.last_response.content if self.last_response.status_code >= 400: - raise FatalError("Unexpected error") + raise FatalError("Did not expected error") def handle_redirect(self): try: - _url, query = self.last_response.headers["location"].split("?") + url, query = self.last_response.headers["location"].split("?") except KeyError: return @@ -250,7 +253,7 @@ class Conversation(): if param in self.json_config: args[param] = self.json_config[param] - if getattr(resp, "_send_error", False) == True: + if resp == ErrorResponse: func = getattr(self.instance, "create_error_response") else: _op = camel2underscore.sub(r'_\1', req._class.c_tag).lower() @@ -312,27 +315,13 @@ class Conversation(): Un-solicited starts with the IDP sending something. """ if len(flow) >= 3: - logger.info("TEST FLOW: Start by GET-ing the page") self.wb_send() - logger.info("TEST FLOW: Continuing with: %s" % flow[0].__name__) self.intermit(flow[0]._interaction) - logger.info("TEST FLOW: Handling redirect") self.handle_redirect() - logger.info("TEST FLOW: Sending IdP Response with expected request" - " %s and response to be used %s" % - (flow[1].__name__, flow[2].__name__)) self.send_idp_response(flow[1], flow[2]) if len(flow) == 4: - if flow[3] is None: - flowName = "None" - else: - flowName = flow[3].__name__ - logger.info("TEST FLOW Handling result with HTTP Response check" - " for %s" % flowName) self.handle_result(flow[3]) else: - logger.info("TEST FLOW: Handling result (without HTTP Response " - "check)") self.handle_result() def do_sequence(self, oper, tests=None): diff --git a/src/sp_test/check.py b/src/sp_test/check.py index 05c8345..9edf335 100644 --- a/src/sp_test/check.py +++ b/src/sp_test/check.py @@ -1,8 +1,8 @@ import inspect import sys -# Import the status codes used indicate the test results -from saml2test.status import CRITICAL + from saml2test.check import Check +from saml2test.check import CRITICAL from saml2test import check from saml2test.interaction import Interaction @@ -45,6 +45,8 @@ class ErrorResponse(Check): self._status = CRITICAL return {} +# ============================================================================= + CLASS_CACHE = {} @@ -52,7 +54,7 @@ CLASS_CACHE = {} def factory(cid, classes=CLASS_CACHE): if len(classes) == 0: check.factory(cid, classes) - for _name, obj in inspect.getmembers(sys.modules[__name__]): + for name, obj in inspect.getmembers(sys.modules[__name__]): if inspect.isclass(obj): try: classes[obj.cid] = obj diff --git a/src/sp_test/test_suites/SAML2Int.py b/src/sp_test/test_suites/SAML2Int.py deleted file mode 100644 index e69de29..0000000 diff --git a/src/sp_test/test_suites/SAMLProf_SingleLogout.py b/src/sp_test/test_suites/SAMLProf_SingleLogout.py deleted file mode 100644 index e69de29..0000000 diff --git a/src/sp_test/test_suites/SAMLProf_WebSSO.py b/src/sp_test/test_suites/SAMLProf_WebSSO.py deleted file mode 100644 index e69de29..0000000 diff --git a/src/sp_test/test_suites/__init__.py b/src/sp_test/test_suites/__init__.py deleted file mode 100644 index 7b02ecf..0000000 --- a/src/sp_test/test_suites/__init__.py +++ /dev/null @@ -1 +0,0 @@ -# Group of test suites \ No newline at end of file diff --git a/src/sp_test/test_suites/basicTests.py b/src/sp_test/tests.py similarity index 95% rename from src/sp_test/test_suites/basicTests.py rename to src/sp_test/tests.py index 433575f..41307f9 100644 --- a/src/sp_test/test_suites/basicTests.py +++ b/src/sp_test/tests.py @@ -1,21 +1,16 @@ -# -*- coding: utf-8 -*- import copy -from saml2 import samlp +from saml2 import samlp, SamlBase from saml2 import NAMEID_FORMAT_EMAILADDRESS from saml2 import BINDING_HTTP_REDIRECT from saml2 import BINDING_HTTP_POST from saml2.s_utils import rndstr -from saml2.saml import SCM_BEARER -from saml2.saml import Condition -from saml2.saml import XSI_TYPE -from saml2.saml import Audience +from saml2.saml import SCM_BEARER, Condition, XSI_TYPE, Audience from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import SCM_SENDER_VOUCHES from saml2.saml import ConditionAbstractType_ from saml2.samlp import STATUS_AUTHN_FAILED -from saml2.time_util import in_a_while -from saml2.time_util import a_while_ago +from saml2.time_util import in_a_while, a_while_ago from sp_test.check import VerifyContent from sp_test import check from saml2test import ip_addresses @@ -40,10 +35,10 @@ class TimeRestriction(ConditionAbstractType_): c_tag = 'TimeRestriction' c_namespace = "urn:mace:umu.se:sso" - c_children = copy.copy(ConditionAbstractType_.c_children) - c_attributes = copy.copy(ConditionAbstractType_.c_attributes) + c_children = ConditionAbstractType_.c_children.copy() + c_attributes = ConditionAbstractType_.c_attributes.copy() c_child_order = ConditionAbstractType_.c_child_order[:] - c_cardinality = copy.copy(ConditionAbstractType_.c_cardinality) + c_cardinality = ConditionAbstractType_.c_cardinality.copy() c_attributes['StartTime'] = ('start_time', 'time', False) c_attributes['EndTime'] = ('end_time', 'time', False) @@ -116,7 +111,6 @@ class ErrorResponse(Response): "info": (STATUS_AUTHN_FAILED, "Unknown user") } _binding = BINDING_HTTP_POST - _send_error = True class LogoutResponse(Response): @@ -157,7 +151,7 @@ class AuthnResponse_NameIDformat_foo(AuthnResponse): class AuthnResponse_without_SubjectConfirmationData_1(AuthnResponse): def pre_processing(self, message, **kwargs): - _confirmation = message.assertion.subject.subject_confirmation[0] + _confirmation = message.assertion.subject.subject_confirmation _confirmation.subject_confirmation_data = None _confirmation.method = SCM_SENDER_VOUCHES return message @@ -177,11 +171,9 @@ class AuthnResponse_rnd_Response_inresponseto(AuthnResponse): return message -class AuthnResponse_rnd_SubjectConfirmationData_inresponseto(AuthnResponse): +class AuthnResponse_rnd_Response_assertion_inresponseto(AuthnResponse): def pre_processing(self, message, **kwargs): - _scs = message.assertion.subject.subject_confirmation - for _sc in _scs: - _sc.subject_confirmation_data.in_response_to = rndstr(16) + message.assertion.in_response_to = rndstr(16) return message @@ -206,6 +198,13 @@ class AuthnResponse_missing_Recipient(AuthnResponse): return message +class AuthnResponse_missing_Recipient(AuthnResponse): + def pre_processing(self, message, **kwargs): + _confirmation = message.assertion.subject.subject_confirmation + _confirmation[0].subject_confirmation_data.recipient = None + return message + + class AuthnResponse_broken_destination(AuthnResponse): def pre_processing(self, message, **kwargs): message.destination = "NotAUrl" @@ -359,7 +358,12 @@ class AuthnResponse_AudienceRestriction_appended_audience(AuthnResponse): conditions.audience_restriction[0].audience.append(extra) return message -testcases = { + +PHASES = { + "login_redirect": (Login, AuthnRequest, AuthnResponse_redirect), +} + +OPERATIONS = { 'sp-00': { "name": 'Basic Login test', "descr": 'Basic Login test', @@ -375,8 +379,7 @@ testcases = { 'FL03': { "name": """SP should not accept a Response as valid, when the StatusCode is not success""", - "sequence": [(Login, AuthnRequest, ErrorResponse, - check.ErrorResponse)], + "sequence": [(Login, AuthnRequest, ErrorResponse, check.ErrorResponse)], "tests": {"pre": [], "post": []} }, 'FL04': { @@ -417,7 +420,7 @@ StatusCode is not success""", "name": ("SP should not accept an assertion InResponseTo ", "which is chosen randomly"), "sequence": [(Login, AuthnRequest, - AuthnResponse_rnd_SubjectConfirmationData_inresponseto, + AuthnResponse_rnd_Response_assertion_inresponseto, check.ErrorResponse)], "tests": {"pre": [], "post": []} }, @@ -516,8 +519,8 @@ StatusCode is not success""", "tests": {"pre": [], "post": []} }, 'FL29': { - "name": "Reject a Response with a " - "SubjectConfirmationData@NotOnOrAfter in the past", + "name": "Reject a Response with a SubjectConfirmationData@NotOnOrAfter " + "in the past", "sequence": [(Login, AuthnRequest, AuthnResponse_past_SubjectConfirmationData_NotOnOrAfter, check.ErrorResponse)], @@ -700,4 +703,4 @@ StatusCode is not success""", # in separate session, no session-cookies) # SP MUST accept an LogoutRequest with two sesionindexes (second valid) ( # sent in separate session, no session-cookies) -# Session fixtation check +# Session fixtation check \ No newline at end of file diff --git a/tests/attributemaps/basic.py b/tests/attributemaps/basic.py index f76ec68..9311d54 100644 --- a/tests/attributemaps/basic.py +++ b/tests/attributemaps/basic.py @@ -323,4 +323,4 @@ MAP = { 'x121Address': 'urn:mace:dir:attribute-def:x121Address', 'x500UniqueIdentifier': 'urn:mace:dir:attribute-def:x500UniqueIdentifier', } -} +} \ No newline at end of file diff --git a/tests/attributemaps/saml_uri.py b/tests/attributemaps/saml_uri.py index a78bd91..9696fba 100644 --- a/tests/attributemaps/saml_uri.py +++ b/tests/attributemaps/saml_uri.py @@ -12,230 +12,230 @@ SCHAC = "urn:oid:1.3.6.1.4.1.25178.2." MAP = { "identifier": "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", "fro": { - EDUPERSON_OID + '2': 'eduPersonNickname', - EDUPERSON_OID + '9': 'eduPersonScopedAffiliation', - EDUPERSON_OID + '11': 'eduPersonAssurance', - EDUPERSON_OID + '10': 'eduPersonTargetedID', - EDUPERSON_OID + '4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID + '6': 'norEduOrgAcronym', - NOREDUPERSON_OID + '7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID + '4': 'norEduPersonLIN', - EDUPERSON_OID + '1': 'eduPersonAffiliation', - NOREDUPERSON_OID + '2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP + '40': 'userSMIMECertificate', - NOREDUPERSON_OID + '1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP + '241': 'displayName', - UCL_DIR_PILOT + '37': 'associatedDomain', - EDUPERSON_OID + '6': 'eduPersonPrincipalName', - NOREDUPERSON_OID + '8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID + '9': 'federationFeideSchemaVersion', - X500ATTR_OID + '53': 'deltaRevocationList', - X500ATTR_OID + '52': 'supportedAlgorithms', - X500ATTR_OID + '51': 'houseIdentifier', - X500ATTR_OID + '50': 'uniqueMember', - X500ATTR_OID + '19': 'physicalDeliveryOfficeName', - X500ATTR_OID + '18': 'postOfficeBox', - X500ATTR_OID + '17': 'postalCode', - X500ATTR_OID + '16': 'postalAddress', - X500ATTR_OID + '15': 'businessCategory', - X500ATTR_OID + '14': 'searchGuide', - EDUPERSON_OID + '5': 'eduPersonPrimaryAffiliation', - X500ATTR_OID + '12': 'title', - X500ATTR_OID + '11': 'ou', - X500ATTR_OID + '10': 'o', - X500ATTR_OID + '37': 'cACertificate', - X500ATTR_OID + '36': 'userCertificate', - X500ATTR_OID + '31': 'member', - X500ATTR_OID + '30': 'supportedApplicationContext', - X500ATTR_OID + '33': 'roleOccupant', - X500ATTR_OID + '32': 'owner', - NETSCAPE_LDAP + '1': 'carLicense', - PKCS_9 + '1': 'email', - NETSCAPE_LDAP + '3': 'employeeNumber', - NETSCAPE_LDAP + '2': 'departmentNumber', - X500ATTR_OID + '39': 'certificateRevocationList', - X500ATTR_OID + '38': 'authorityRevocationList', - NETSCAPE_LDAP + '216': 'userPKCS12', - EDUPERSON_OID + '8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR_OID + '9': 'street', - X500ATTR_OID + '8': 'st', - NETSCAPE_LDAP + '39': 'preferredLanguage', - EDUPERSON_OID + '7': 'eduPersonEntitlement', - X500ATTR_OID + '2': 'knowledgeInformation', - X500ATTR_OID + '7': 'l', - X500ATTR_OID + '6': 'c', - X500ATTR_OID + '5': 'serialNumber', - X500ATTR_OID + '4': 'sn', - UCL_DIR_PILOT + '60': 'jpegPhoto', - X500ATTR_OID + '65': 'pseudonym', - NOREDUPERSON_OID + '5': 'norEduPersonNIN', - UCL_DIR_PILOT + '3': 'mail', - UCL_DIR_PILOT + '25': 'dc', - X500ATTR_OID + '40': 'crossCertificatePair', - X500ATTR_OID + '42': 'givenName', - X500ATTR_OID + '43': 'initials', - X500ATTR_OID + '44': 'generationQualifier', - X500ATTR_OID + '45': 'x500UniqueIdentifier', - X500ATTR_OID + '46': 'dnQualifier', - X500ATTR_OID + '47': 'enhancedSearchGuide', - X500ATTR_OID + '48': 'protocolInformation', - X500ATTR_OID + '54': 'dmdName', - NETSCAPE_LDAP + '4': 'employeeType', - X500ATTR_OID + '22': 'teletexTerminalIdentifier', - X500ATTR_OID + '23': 'facsimileTelephoneNumber', - X500ATTR_OID + '20': 'telephoneNumber', - X500ATTR_OID + '21': 'telexNumber', - X500ATTR_OID + '26': 'registeredAddress', - X500ATTR_OID + '27': 'destinationIndicator', - X500ATTR_OID + '24': 'x121Address', - X500ATTR_OID + '25': 'internationaliSDNNumber', - X500ATTR_OID + '28': 'preferredDeliveryMethod', - X500ATTR_OID + '29': 'presentationAddress', - EDUPERSON_OID + '3': 'eduPersonOrgDN', - NOREDUPERSON_OID + '3': 'norEduPersonBirthDate', - UMICH + '57': 'labeledURI', - UCL_DIR_PILOT + '1': 'uid', - SCHAC + '1': 'schacMotherTongue', - SCHAC + '2': 'schacGender', - SCHAC + '3': 'schacDateOfBirth', - SCHAC + '4': 'schacPlaceOfBirth', - SCHAC + '5': 'schacCountryOfCitizenship', - SCHAC + '6': 'schacSn1', - SCHAC + '7': 'schacSn2', - SCHAC + '8': 'schacPersonalTitle', - SCHAC + '9': 'schacHomeOrganization', - SCHAC + '10': 'schacHomeOrganizationType', - SCHAC + '11': 'schacCountryOfResidence', - SCHAC + '12': 'schacUserPresenceID', - SCHAC + '13': 'schacPersonalPosition', - SCHAC + '14': 'schacPersonalUniqueCode', - SCHAC + '15': 'schacPersonalUniqueID', - SCHAC + '17': 'schacExpiryDate', - SCHAC + '18': 'schacUserPrivateAttribute', - SCHAC + '19': 'schacUserStatus', - SCHAC + '20': 'schacProjectMembership', - SCHAC + '21': 'schacProjectSpecificRole', + EDUPERSON_OID+'2': 'eduPersonNickname', + EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', + EDUPERSON_OID+'11': 'eduPersonAssurance', + EDUPERSON_OID+'10': 'eduPersonTargetedID', + EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', + NOREDUPERSON_OID+'6': 'norEduOrgAcronym', + NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', + NOREDUPERSON_OID+'4': 'norEduPersonLIN', + EDUPERSON_OID+'1': 'eduPersonAffiliation', + NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', + NETSCAPE_LDAP+'40': 'userSMIMECertificate', + NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', + NETSCAPE_LDAP+'241': 'displayName', + UCL_DIR_PILOT+'37': 'associatedDomain', + EDUPERSON_OID+'6': 'eduPersonPrincipalName', + NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', + NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', + X500ATTR_OID+'53': 'deltaRevocationList', + X500ATTR_OID+'52': 'supportedAlgorithms', + X500ATTR_OID+'51': 'houseIdentifier', + X500ATTR_OID+'50': 'uniqueMember', + X500ATTR_OID+'19': 'physicalDeliveryOfficeName', + X500ATTR_OID+'18': 'postOfficeBox', + X500ATTR_OID+'17': 'postalCode', + X500ATTR_OID+'16': 'postalAddress', + X500ATTR_OID+'15': 'businessCategory', + X500ATTR_OID+'14': 'searchGuide', + EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', + X500ATTR_OID+'12': 'title', + X500ATTR_OID+'11': 'ou', + X500ATTR_OID+'10': 'o', + X500ATTR_OID+'37': 'cACertificate', + X500ATTR_OID+'36': 'userCertificate', + X500ATTR_OID+'31': 'member', + X500ATTR_OID+'30': 'supportedApplicationContext', + X500ATTR_OID+'33': 'roleOccupant', + X500ATTR_OID+'32': 'owner', + NETSCAPE_LDAP+'1': 'carLicense', + PKCS_9+'1': 'email', + NETSCAPE_LDAP+'3': 'employeeNumber', + NETSCAPE_LDAP+'2': 'departmentNumber', + X500ATTR_OID+'39': 'certificateRevocationList', + X500ATTR_OID+'38': 'authorityRevocationList', + NETSCAPE_LDAP+'216': 'userPKCS12', + EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', + X500ATTR_OID+'9': 'street', + X500ATTR_OID+'8': 'st', + NETSCAPE_LDAP+'39': 'preferredLanguage', + EDUPERSON_OID+'7': 'eduPersonEntitlement', + X500ATTR_OID+'2': 'knowledgeInformation', + X500ATTR_OID+'7': 'l', + X500ATTR_OID+'6': 'c', + X500ATTR_OID+'5': 'serialNumber', + X500ATTR_OID+'4': 'sn', + UCL_DIR_PILOT+'60': 'jpegPhoto', + X500ATTR_OID+'65': 'pseudonym', + NOREDUPERSON_OID+'5': 'norEduPersonNIN', + UCL_DIR_PILOT+'3': 'mail', + UCL_DIR_PILOT+'25': 'dc', + X500ATTR_OID+'40': 'crossCertificatePair', + X500ATTR_OID+'42': 'givenName', + X500ATTR_OID+'43': 'initials', + X500ATTR_OID+'44': 'generationQualifier', + X500ATTR_OID+'45': 'x500UniqueIdentifier', + X500ATTR_OID+'46': 'dnQualifier', + X500ATTR_OID+'47': 'enhancedSearchGuide', + X500ATTR_OID+'48': 'protocolInformation', + X500ATTR_OID+'54': 'dmdName', + NETSCAPE_LDAP+'4': 'employeeType', + X500ATTR_OID+'22': 'teletexTerminalIdentifier', + X500ATTR_OID+'23': 'facsimileTelephoneNumber', + X500ATTR_OID+'20': 'telephoneNumber', + X500ATTR_OID+'21': 'telexNumber', + X500ATTR_OID+'26': 'registeredAddress', + X500ATTR_OID+'27': 'destinationIndicator', + X500ATTR_OID+'24': 'x121Address', + X500ATTR_OID+'25': 'internationaliSDNNumber', + X500ATTR_OID+'28': 'preferredDeliveryMethod', + X500ATTR_OID+'29': 'presentationAddress', + EDUPERSON_OID+'3': 'eduPersonOrgDN', + NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', + UMICH+'57': 'labeledURI', + UCL_DIR_PILOT+'1': 'uid', + SCHAC+'1': 'schacMotherTongue', + SCHAC+'2': 'schacGender', + SCHAC+'3': 'schacDateOfBirth', + SCHAC+'4': 'schacPlaceOfBirth', + SCHAC+'5': 'schacCountryOfCitizenship', + SCHAC+'6': 'schacSn1', + SCHAC+'7': 'schacSn2', + SCHAC+'8': 'schacPersonalTitle', + SCHAC+'9': 'schacHomeOrganization', + SCHAC+'10': 'schacHomeOrganizationType', + SCHAC+'11': 'schacCountryOfResidence', + SCHAC+'12': 'schacUserPresenceID', + SCHAC+'13': 'schacPersonalPosition', + SCHAC+'14': 'schacPersonalUniqueCode', + SCHAC+'15': 'schacPersonalUniqueID', + SCHAC+'17': 'schacExpiryDate', + SCHAC+'18': 'schacUserPrivateAttribute', + SCHAC+'19': 'schacUserStatus', + SCHAC+'20': 'schacProjectMembership', + SCHAC+'21': 'schacProjectSpecificRole', }, "to": { - 'roleOccupant': X500ATTR_OID + '33', - 'gn': X500ATTR_OID + '42', - 'norEduPersonNIN': NOREDUPERSON_OID + '5', - 'title': X500ATTR_OID + '12', - 'facsimileTelephoneNumber': X500ATTR_OID + '23', - 'mail': UCL_DIR_PILOT + '3', - 'postOfficeBox': X500ATTR_OID + '18', - 'fax': X500ATTR_OID + '23', - 'telephoneNumber': X500ATTR_OID + '20', - 'norEduPersonBirthDate': NOREDUPERSON_OID + '3', - 'rfc822Mailbox': UCL_DIR_PILOT + '3', - 'dc': UCL_DIR_PILOT + '25', - 'countryName': X500ATTR_OID + '6', - 'emailAddress': PKCS_9 + '1', - 'employeeNumber': NETSCAPE_LDAP + '3', - 'organizationName': X500ATTR_OID + '10', - 'eduPersonAssurance': EDUPERSON_OID + '11', - 'norEduOrgAcronym': NOREDUPERSON_OID + '6', - 'registeredAddress': X500ATTR_OID + '26', - 'physicalDeliveryOfficeName': X500ATTR_OID + '19', - 'associatedDomain': UCL_DIR_PILOT + '37', - 'l': X500ATTR_OID + '7', - 'stateOrProvinceName': X500ATTR_OID + '8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID + '9', - 'pkcs9email': PKCS_9 + '1', - 'givenName': X500ATTR_OID + '42', - 'givenname': X500ATTR_OID + '42', - 'x500UniqueIdentifier': X500ATTR_OID + '45', - 'eduPersonNickname': EDUPERSON_OID + '2', - 'houseIdentifier': X500ATTR_OID + '51', - 'street': X500ATTR_OID + '9', - 'supportedAlgorithms': X500ATTR_OID + '52', - 'preferredLanguage': NETSCAPE_LDAP + '39', - 'postalAddress': X500ATTR_OID + '16', - 'email': PKCS_9 + '1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID + '8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID + '8', - 'c': X500ATTR_OID + '6', - 'teletexTerminalIdentifier': X500ATTR_OID + '22', - 'o': X500ATTR_OID + '10', - 'cACertificate': X500ATTR_OID + '37', - 'telexNumber': X500ATTR_OID + '21', - 'ou': X500ATTR_OID + '11', - 'initials': X500ATTR_OID + '43', - 'eduPersonOrgUnitDN': EDUPERSON_OID + '4', - 'deltaRevocationList': X500ATTR_OID + '53', - 'norEduPersonLIN': NOREDUPERSON_OID + '4', - 'supportedApplicationContext': X500ATTR_OID + '30', - 'eduPersonEntitlement': EDUPERSON_OID + '7', - 'generationQualifier': X500ATTR_OID + '44', - 'eduPersonAffiliation': EDUPERSON_OID + '1', - 'edupersonaffiliation': EDUPERSON_OID + '1', - 'eduPersonPrincipalName': EDUPERSON_OID + '6', - 'edupersonprincipalname': EDUPERSON_OID + '6', - 'localityName': X500ATTR_OID + '7', - 'owner': X500ATTR_OID + '32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID + '2', - 'searchGuide': X500ATTR_OID + '14', - 'certificateRevocationList': X500ATTR_OID + '39', - 'organizationalUnitName': X500ATTR_OID + '11', - 'userCertificate': X500ATTR_OID + '36', - 'preferredDeliveryMethod': X500ATTR_OID + '28', - 'internationaliSDNNumber': X500ATTR_OID + '25', - 'uniqueMember': X500ATTR_OID + '50', - 'departmentNumber': NETSCAPE_LDAP + '2', - 'enhancedSearchGuide': X500ATTR_OID + '47', - 'userPKCS12': NETSCAPE_LDAP + '216', - 'eduPersonTargetedID': EDUPERSON_OID + '10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID + '1', - 'x121Address': X500ATTR_OID + '24', - 'destinationIndicator': X500ATTR_OID + '27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID + '5', - 'surname': X500ATTR_OID + '4', - 'jpegPhoto': UCL_DIR_PILOT + '60', - 'eduPersonScopedAffiliation': EDUPERSON_OID + '9', - 'edupersonscopedaffiliation': EDUPERSON_OID + '9', - 'protocolInformation': X500ATTR_OID + '48', - 'knowledgeInformation': X500ATTR_OID + '2', - 'employeeType': NETSCAPE_LDAP + '4', - 'userSMIMECertificate': NETSCAPE_LDAP + '40', - 'member': X500ATTR_OID + '31', - 'streetAddress': X500ATTR_OID + '9', - 'dmdName': X500ATTR_OID + '54', - 'postalCode': X500ATTR_OID + '17', - 'pseudonym': X500ATTR_OID + '65', - 'dnQualifier': X500ATTR_OID + '46', - 'crossCertificatePair': X500ATTR_OID + '40', - 'eduPersonOrgDN': EDUPERSON_OID + '3', - 'authorityRevocationList': X500ATTR_OID + '38', - 'displayName': NETSCAPE_LDAP + '241', - 'businessCategory': X500ATTR_OID + '15', - 'serialNumber': X500ATTR_OID + '5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID + '7', - 'st': X500ATTR_OID + '8', - 'carLicense': NETSCAPE_LDAP + '1', - 'presentationAddress': X500ATTR_OID + '29', - 'sn': X500ATTR_OID + '4', - 'domainComponent': UCL_DIR_PILOT + '25', - 'labeledURI': UMICH + '57', - 'uid': UCL_DIR_PILOT + '1', - 'schacMotherTongue': SCHAC + '1', - 'schacGender': SCHAC + '2', - 'schacDateOfBirth': SCHAC + '3', - 'schacPlaceOfBirth': SCHAC + '4', - 'schacCountryOfCitizenship': SCHAC + '5', - 'schacSn1': SCHAC + '6', - 'schacSn2': SCHAC + '7', - 'schacPersonalTitle': SCHAC + '8', - 'schacHomeOrganization': SCHAC + '9', - 'schacHomeOrganizationType': SCHAC + '10', - 'schacCountryOfResidence': SCHAC + '11', - 'schacUserPresenceID': SCHAC + '12', - 'schacPersonalPosition': SCHAC + '13', - 'schacPersonalUniqueCode': SCHAC + '14', - 'schacPersonalUniqueID': SCHAC + '15', - 'schacExpiryDate': SCHAC + '17', - 'schacUserPrivateAttribute': SCHAC + '18', - 'schacUserStatus': SCHAC + '19', - 'schacProjectMembership': SCHAC + '20', - 'schacProjectSpecificRole': SCHAC + '21', + 'roleOccupant': X500ATTR_OID+'33', + 'gn': X500ATTR_OID+'42', + 'norEduPersonNIN': NOREDUPERSON_OID+'5', + 'title': X500ATTR_OID+'12', + 'facsimileTelephoneNumber': X500ATTR_OID+'23', + 'mail': UCL_DIR_PILOT+'3', + 'postOfficeBox': X500ATTR_OID+'18', + 'fax': X500ATTR_OID+'23', + 'telephoneNumber': X500ATTR_OID+'20', + 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', + 'rfc822Mailbox': UCL_DIR_PILOT+'3', + 'dc': UCL_DIR_PILOT+'25', + 'countryName': X500ATTR_OID+'6', + 'emailAddress': PKCS_9+'1', + 'employeeNumber': NETSCAPE_LDAP+'3', + 'organizationName': X500ATTR_OID+'10', + 'eduPersonAssurance': EDUPERSON_OID+'11', + 'norEduOrgAcronym': NOREDUPERSON_OID+'6', + 'registeredAddress': X500ATTR_OID+'26', + 'physicalDeliveryOfficeName': X500ATTR_OID+'19', + 'associatedDomain': UCL_DIR_PILOT+'37', + 'l': X500ATTR_OID+'7', + 'stateOrProvinceName': X500ATTR_OID+'8', + 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', + 'pkcs9email': PKCS_9+'1', + 'givenName': X500ATTR_OID+'42', + 'givenname': X500ATTR_OID+'42', + 'x500UniqueIdentifier': X500ATTR_OID+'45', + 'eduPersonNickname': EDUPERSON_OID+'2', + 'houseIdentifier': X500ATTR_OID+'51', + 'street': X500ATTR_OID+'9', + 'supportedAlgorithms': X500ATTR_OID+'52', + 'preferredLanguage': NETSCAPE_LDAP+'39', + 'postalAddress': X500ATTR_OID+'16', + 'email': PKCS_9+'1', + 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', + 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', + 'c': X500ATTR_OID+'6', + 'teletexTerminalIdentifier': X500ATTR_OID+'22', + 'o': X500ATTR_OID+'10', + 'cACertificate': X500ATTR_OID+'37', + 'telexNumber': X500ATTR_OID+'21', + 'ou': X500ATTR_OID+'11', + 'initials': X500ATTR_OID+'43', + 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', + 'deltaRevocationList': X500ATTR_OID+'53', + 'norEduPersonLIN': NOREDUPERSON_OID+'4', + 'supportedApplicationContext': X500ATTR_OID+'30', + 'eduPersonEntitlement': EDUPERSON_OID+'7', + 'generationQualifier': X500ATTR_OID+'44', + 'eduPersonAffiliation': EDUPERSON_OID+'1', + 'edupersonaffiliation': EDUPERSON_OID+'1', + 'eduPersonPrincipalName': EDUPERSON_OID+'6', + 'edupersonprincipalname': EDUPERSON_OID+'6', + 'localityName': X500ATTR_OID+'7', + 'owner': X500ATTR_OID+'32', + 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', + 'searchGuide': X500ATTR_OID+'14', + 'certificateRevocationList': X500ATTR_OID+'39', + 'organizationalUnitName': X500ATTR_OID+'11', + 'userCertificate': X500ATTR_OID+'36', + 'preferredDeliveryMethod': X500ATTR_OID+'28', + 'internationaliSDNNumber': X500ATTR_OID+'25', + 'uniqueMember': X500ATTR_OID+'50', + 'departmentNumber': NETSCAPE_LDAP+'2', + 'enhancedSearchGuide': X500ATTR_OID+'47', + 'userPKCS12': NETSCAPE_LDAP+'216', + 'eduPersonTargetedID': EDUPERSON_OID+'10', + 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', + 'x121Address': X500ATTR_OID+'24', + 'destinationIndicator': X500ATTR_OID+'27', + 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', + 'surname': X500ATTR_OID+'4', + 'jpegPhoto': UCL_DIR_PILOT+'60', + 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', + 'edupersonscopedaffiliation': EDUPERSON_OID+'9', + 'protocolInformation': X500ATTR_OID+'48', + 'knowledgeInformation': X500ATTR_OID+'2', + 'employeeType': NETSCAPE_LDAP+'4', + 'userSMIMECertificate': NETSCAPE_LDAP+'40', + 'member': X500ATTR_OID+'31', + 'streetAddress': X500ATTR_OID+'9', + 'dmdName': X500ATTR_OID+'54', + 'postalCode': X500ATTR_OID+'17', + 'pseudonym': X500ATTR_OID+'65', + 'dnQualifier': X500ATTR_OID+'46', + 'crossCertificatePair': X500ATTR_OID+'40', + 'eduPersonOrgDN': EDUPERSON_OID+'3', + 'authorityRevocationList': X500ATTR_OID+'38', + 'displayName': NETSCAPE_LDAP+'241', + 'businessCategory': X500ATTR_OID+'15', + 'serialNumber': X500ATTR_OID+'5', + 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', + 'st': X500ATTR_OID+'8', + 'carLicense': NETSCAPE_LDAP+'1', + 'presentationAddress': X500ATTR_OID+'29', + 'sn': X500ATTR_OID+'4', + 'domainComponent': UCL_DIR_PILOT+'25', + 'labeledURI': UMICH+'57', + 'uid': UCL_DIR_PILOT+'1', + 'schacMotherTongue':SCHAC+'1', + 'schacGender': SCHAC+'2', + 'schacDateOfBirth':SCHAC+'3', + 'schacPlaceOfBirth': SCHAC+'4', + 'schacCountryOfCitizenship':SCHAC+'5', + 'schacSn1': SCHAC+'6', + 'schacSn2': SCHAC+'7', + 'schacPersonalTitle':SCHAC+'8', + 'schacHomeOrganization': SCHAC+'9', + 'schacHomeOrganizationType': SCHAC+'10', + 'schacCountryOfResidence': SCHAC+'11', + 'schacUserPresenceID': SCHAC+'12', + 'schacPersonalPosition': SCHAC+'13', + 'schacPersonalUniqueCode': SCHAC+'14', + 'schacPersonalUniqueID': SCHAC+'15', + 'schacExpiryDate': SCHAC+'17', + 'schacUserPrivateAttribute': SCHAC+'18', + 'schacUserStatus': SCHAC+'19', + 'schacProjectMembership': SCHAC+'20', + 'schacProjectSpecificRole': SCHAC+'21', } -} +} \ No newline at end of file diff --git a/tests/attributemaps/shibboleth_uri.py b/tests/attributemaps/shibboleth_uri.py index 0c14d80..d26bf00 100644 --- a/tests/attributemaps/shibboleth_uri.py +++ b/tests/attributemaps/shibboleth_uri.py @@ -9,182 +9,182 @@ UMICH = "urn:oid:1.3.6.1.4.1.250.1.57." MAP = { "identifier": "urn:mace:shibboleth:1.0:attributeNamespace:uri", "fro": { - EDUPERSON_OID + '2': 'eduPersonNickname', - EDUPERSON_OID + '9': 'eduPersonScopedAffiliation', - EDUPERSON_OID + '11': 'eduPersonAssurance', - EDUPERSON_OID + '10': 'eduPersonTargetedID', - EDUPERSON_OID + '4': 'eduPersonOrgUnitDN', - NOREDUPERSON_OID + '6': 'norEduOrgAcronym', - NOREDUPERSON_OID + '7': 'norEduOrgUniqueIdentifier', - NOREDUPERSON_OID + '4': 'norEduPersonLIN', - EDUPERSON_OID + '1': 'eduPersonAffiliation', - NOREDUPERSON_OID + '2': 'norEduOrgUnitUniqueNumber', - NETSCAPE_LDAP + '40': 'userSMIMECertificate', - NOREDUPERSON_OID + '1': 'norEduOrgUniqueNumber', - NETSCAPE_LDAP + '241': 'displayName', - UCL_DIR_PILOT + '37': 'associatedDomain', - EDUPERSON_OID + '6': 'eduPersonPrincipalName', - NOREDUPERSON_OID + '8': 'norEduOrgUnitUniqueIdentifier', - NOREDUPERSON_OID + '9': 'federationFeideSchemaVersion', - X500ATTR + '53': 'deltaRevocationList', - X500ATTR + '52': 'supportedAlgorithms', - X500ATTR + '51': 'houseIdentifier', - X500ATTR + '50': 'uniqueMember', - X500ATTR + '19': 'physicalDeliveryOfficeName', - X500ATTR + '18': 'postOfficeBox', - X500ATTR + '17': 'postalCode', - X500ATTR + '16': 'postalAddress', - X500ATTR + '15': 'businessCategory', - X500ATTR + '14': 'searchGuide', - EDUPERSON_OID + '5': 'eduPersonPrimaryAffiliation', - X500ATTR + '12': 'title', - X500ATTR + '11': 'ou', - X500ATTR + '10': 'o', - X500ATTR + '37': 'cACertificate', - X500ATTR + '36': 'userCertificate', - X500ATTR + '31': 'member', - X500ATTR + '30': 'supportedApplicationContext', - X500ATTR + '33': 'roleOccupant', - X500ATTR + '32': 'owner', - NETSCAPE_LDAP + '1': 'carLicense', - PKCS_9 + '1': 'email', - NETSCAPE_LDAP + '3': 'employeeNumber', - NETSCAPE_LDAP + '2': 'departmentNumber', - X500ATTR + '39': 'certificateRevocationList', - X500ATTR + '38': 'authorityRevocationList', - NETSCAPE_LDAP + '216': 'userPKCS12', - EDUPERSON_OID + '8': 'eduPersonPrimaryOrgUnitDN', - X500ATTR + '9': 'street', - X500ATTR + '8': 'st', - NETSCAPE_LDAP + '39': 'preferredLanguage', - EDUPERSON_OID + '7': 'eduPersonEntitlement', - X500ATTR + '2': 'knowledgeInformation', - X500ATTR + '7': 'l', - X500ATTR + '6': 'c', - X500ATTR + '5': 'serialNumber', - X500ATTR + '4': 'sn', - UCL_DIR_PILOT + '60': 'jpegPhoto', - X500ATTR + '65': 'pseudonym', - NOREDUPERSON_OID + '5': 'norEduPersonNIN', - UCL_DIR_PILOT + '3': 'mail', - UCL_DIR_PILOT + '25': 'dc', - X500ATTR + '40': 'crossCertificatePair', - X500ATTR + '42': 'givenName', - X500ATTR + '43': 'initials', - X500ATTR + '44': 'generationQualifier', - X500ATTR + '45': 'x500UniqueIdentifier', - X500ATTR + '46': 'dnQualifier', - X500ATTR + '47': 'enhancedSearchGuide', - X500ATTR + '48': 'protocolInformation', - X500ATTR + '54': 'dmdName', - NETSCAPE_LDAP + '4': 'employeeType', - X500ATTR + '22': 'teletexTerminalIdentifier', - X500ATTR + '23': 'facsimileTelephoneNumber', - X500ATTR + '20': 'telephoneNumber', - X500ATTR + '21': 'telexNumber', - X500ATTR + '26': 'registeredAddress', - X500ATTR + '27': 'destinationIndicator', - X500ATTR + '24': 'x121Address', - X500ATTR + '25': 'internationaliSDNNumber', - X500ATTR + '28': 'preferredDeliveryMethod', - X500ATTR + '29': 'presentationAddress', - EDUPERSON_OID + '3': 'eduPersonOrgDN', - NOREDUPERSON_OID + '3': 'norEduPersonBirthDate', + EDUPERSON_OID+'2': 'eduPersonNickname', + EDUPERSON_OID+'9': 'eduPersonScopedAffiliation', + EDUPERSON_OID+'11': 'eduPersonAssurance', + EDUPERSON_OID+'10': 'eduPersonTargetedID', + EDUPERSON_OID+'4': 'eduPersonOrgUnitDN', + NOREDUPERSON_OID+'6': 'norEduOrgAcronym', + NOREDUPERSON_OID+'7': 'norEduOrgUniqueIdentifier', + NOREDUPERSON_OID+'4': 'norEduPersonLIN', + EDUPERSON_OID+'1': 'eduPersonAffiliation', + NOREDUPERSON_OID+'2': 'norEduOrgUnitUniqueNumber', + NETSCAPE_LDAP+'40': 'userSMIMECertificate', + NOREDUPERSON_OID+'1': 'norEduOrgUniqueNumber', + NETSCAPE_LDAP+'241': 'displayName', + UCL_DIR_PILOT+'37': 'associatedDomain', + EDUPERSON_OID+'6': 'eduPersonPrincipalName', + NOREDUPERSON_OID+'8': 'norEduOrgUnitUniqueIdentifier', + NOREDUPERSON_OID+'9': 'federationFeideSchemaVersion', + X500ATTR+'53': 'deltaRevocationList', + X500ATTR+'52': 'supportedAlgorithms', + X500ATTR+'51': 'houseIdentifier', + X500ATTR+'50': 'uniqueMember', + X500ATTR+'19': 'physicalDeliveryOfficeName', + X500ATTR+'18': 'postOfficeBox', + X500ATTR+'17': 'postalCode', + X500ATTR+'16': 'postalAddress', + X500ATTR+'15': 'businessCategory', + X500ATTR+'14': 'searchGuide', + EDUPERSON_OID+'5': 'eduPersonPrimaryAffiliation', + X500ATTR+'12': 'title', + X500ATTR+'11': 'ou', + X500ATTR+'10': 'o', + X500ATTR+'37': 'cACertificate', + X500ATTR+'36': 'userCertificate', + X500ATTR+'31': 'member', + X500ATTR+'30': 'supportedApplicationContext', + X500ATTR+'33': 'roleOccupant', + X500ATTR+'32': 'owner', + NETSCAPE_LDAP+'1': 'carLicense', + PKCS_9+'1': 'email', + NETSCAPE_LDAP+'3': 'employeeNumber', + NETSCAPE_LDAP+'2': 'departmentNumber', + X500ATTR+'39': 'certificateRevocationList', + X500ATTR+'38': 'authorityRevocationList', + NETSCAPE_LDAP+'216': 'userPKCS12', + EDUPERSON_OID+'8': 'eduPersonPrimaryOrgUnitDN', + X500ATTR+'9': 'street', + X500ATTR+'8': 'st', + NETSCAPE_LDAP+'39': 'preferredLanguage', + EDUPERSON_OID+'7': 'eduPersonEntitlement', + X500ATTR+'2': 'knowledgeInformation', + X500ATTR+'7': 'l', + X500ATTR+'6': 'c', + X500ATTR+'5': 'serialNumber', + X500ATTR+'4': 'sn', + UCL_DIR_PILOT+'60': 'jpegPhoto', + X500ATTR+'65': 'pseudonym', + NOREDUPERSON_OID+'5': 'norEduPersonNIN', + UCL_DIR_PILOT+'3': 'mail', + UCL_DIR_PILOT+'25': 'dc', + X500ATTR+'40': 'crossCertificatePair', + X500ATTR+'42': 'givenName', + X500ATTR+'43': 'initials', + X500ATTR+'44': 'generationQualifier', + X500ATTR+'45': 'x500UniqueIdentifier', + X500ATTR+'46': 'dnQualifier', + X500ATTR+'47': 'enhancedSearchGuide', + X500ATTR+'48': 'protocolInformation', + X500ATTR+'54': 'dmdName', + NETSCAPE_LDAP+'4': 'employeeType', + X500ATTR+'22': 'teletexTerminalIdentifier', + X500ATTR+'23': 'facsimileTelephoneNumber', + X500ATTR+'20': 'telephoneNumber', + X500ATTR+'21': 'telexNumber', + X500ATTR+'26': 'registeredAddress', + X500ATTR+'27': 'destinationIndicator', + X500ATTR+'24': 'x121Address', + X500ATTR+'25': 'internationaliSDNNumber', + X500ATTR+'28': 'preferredDeliveryMethod', + X500ATTR+'29': 'presentationAddress', + EDUPERSON_OID+'3': 'eduPersonOrgDN', + NOREDUPERSON_OID+'3': 'norEduPersonBirthDate', }, - "to": { - 'roleOccupant': X500ATTR + '33', - 'gn': X500ATTR + '42', - 'norEduPersonNIN': NOREDUPERSON_OID + '5', - 'title': X500ATTR + '12', - 'facsimileTelephoneNumber': X500ATTR + '23', - 'mail': UCL_DIR_PILOT + '3', - 'postOfficeBox': X500ATTR + '18', - 'fax': X500ATTR + '23', - 'telephoneNumber': X500ATTR + '20', - 'norEduPersonBirthDate': NOREDUPERSON_OID + '3', - 'rfc822Mailbox': UCL_DIR_PILOT + '3', - 'dc': UCL_DIR_PILOT + '25', - 'countryName': X500ATTR + '6', - 'emailAddress': PKCS_9 + '1', - 'employeeNumber': NETSCAPE_LDAP + '3', - 'organizationName': X500ATTR + '10', - 'eduPersonAssurance': EDUPERSON_OID + '11', - 'norEduOrgAcronym': NOREDUPERSON_OID + '6', - 'registeredAddress': X500ATTR + '26', - 'physicalDeliveryOfficeName': X500ATTR + '19', - 'associatedDomain': UCL_DIR_PILOT + '37', - 'l': X500ATTR + '7', - 'stateOrProvinceName': X500ATTR + '8', - 'federationFeideSchemaVersion': NOREDUPERSON_OID + '9', - 'pkcs9email': PKCS_9 + '1', - 'givenName': X500ATTR + '42', - 'x500UniqueIdentifier': X500ATTR + '45', - 'eduPersonNickname': EDUPERSON_OID + '2', - 'houseIdentifier': X500ATTR + '51', - 'street': X500ATTR + '9', - 'supportedAlgorithms': X500ATTR + '52', - 'preferredLanguage': NETSCAPE_LDAP + '39', - 'postalAddress': X500ATTR + '16', - 'email': PKCS_9 + '1', - 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID + '8', - 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID + '8', - 'c': X500ATTR + '6', - 'teletexTerminalIdentifier': X500ATTR + '22', - 'o': X500ATTR + '10', - 'cACertificate': X500ATTR + '37', - 'telexNumber': X500ATTR + '21', - 'ou': X500ATTR + '11', - 'initials': X500ATTR + '43', - 'eduPersonOrgUnitDN': EDUPERSON_OID + '4', - 'deltaRevocationList': X500ATTR + '53', - 'norEduPersonLIN': NOREDUPERSON_OID + '4', - 'supportedApplicationContext': X500ATTR + '30', - 'eduPersonEntitlement': EDUPERSON_OID + '7', - 'generationQualifier': X500ATTR + '44', - 'eduPersonAffiliation': EDUPERSON_OID + '1', - 'eduPersonPrincipalName': EDUPERSON_OID + '6', - 'localityName': X500ATTR + '7', - 'owner': X500ATTR + '32', - 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID + '2', - 'searchGuide': X500ATTR + '14', - 'certificateRevocationList': X500ATTR + '39', - 'organizationalUnitName': X500ATTR + '11', - 'userCertificate': X500ATTR + '36', - 'preferredDeliveryMethod': X500ATTR + '28', - 'internationaliSDNNumber': X500ATTR + '25', - 'uniqueMember': X500ATTR + '50', - 'departmentNumber': NETSCAPE_LDAP + '2', - 'enhancedSearchGuide': X500ATTR + '47', - 'userPKCS12': NETSCAPE_LDAP + '216', - 'eduPersonTargetedID': EDUPERSON_OID + '10', - 'norEduOrgUniqueNumber': NOREDUPERSON_OID + '1', - 'x121Address': X500ATTR + '24', - 'destinationIndicator': X500ATTR + '27', - 'eduPersonPrimaryAffiliation': EDUPERSON_OID + '5', - 'surname': X500ATTR + '4', - 'jpegPhoto': UCL_DIR_PILOT + '60', - 'eduPersonScopedAffiliation': EDUPERSON_OID + '9', - 'protocolInformation': X500ATTR + '48', - 'knowledgeInformation': X500ATTR + '2', - 'employeeType': NETSCAPE_LDAP + '4', - 'userSMIMECertificate': NETSCAPE_LDAP + '40', - 'member': X500ATTR + '31', - 'streetAddress': X500ATTR + '9', - 'dmdName': X500ATTR + '54', - 'postalCode': X500ATTR + '17', - 'pseudonym': X500ATTR + '65', - 'dnQualifier': X500ATTR + '46', - 'crossCertificatePair': X500ATTR + '40', - 'eduPersonOrgDN': EDUPERSON_OID + '3', - 'authorityRevocationList': X500ATTR + '38', - 'displayName': NETSCAPE_LDAP + '241', - 'businessCategory': X500ATTR + '15', - 'serialNumber': X500ATTR + '5', - 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID + '7', - 'st': X500ATTR + '8', - 'carLicense': NETSCAPE_LDAP + '1', - 'presentationAddress': X500ATTR + '29', - 'sn': X500ATTR + '4', - 'domainComponent': UCL_DIR_PILOT + '25', + "to":{ + 'roleOccupant': X500ATTR+'33', + 'gn': X500ATTR+'42', + 'norEduPersonNIN': NOREDUPERSON_OID+'5', + 'title': X500ATTR+'12', + 'facsimileTelephoneNumber': X500ATTR+'23', + 'mail': UCL_DIR_PILOT+'3', + 'postOfficeBox': X500ATTR+'18', + 'fax': X500ATTR+'23', + 'telephoneNumber': X500ATTR+'20', + 'norEduPersonBirthDate': NOREDUPERSON_OID+'3', + 'rfc822Mailbox': UCL_DIR_PILOT+'3', + 'dc': UCL_DIR_PILOT+'25', + 'countryName': X500ATTR+'6', + 'emailAddress': PKCS_9+'1', + 'employeeNumber': NETSCAPE_LDAP+'3', + 'organizationName': X500ATTR+'10', + 'eduPersonAssurance': EDUPERSON_OID+'11', + 'norEduOrgAcronym': NOREDUPERSON_OID+'6', + 'registeredAddress': X500ATTR+'26', + 'physicalDeliveryOfficeName': X500ATTR+'19', + 'associatedDomain': UCL_DIR_PILOT+'37', + 'l': X500ATTR+'7', + 'stateOrProvinceName': X500ATTR+'8', + 'federationFeideSchemaVersion': NOREDUPERSON_OID+'9', + 'pkcs9email': PKCS_9+'1', + 'givenName': X500ATTR+'42', + 'x500UniqueIdentifier': X500ATTR+'45', + 'eduPersonNickname': EDUPERSON_OID+'2', + 'houseIdentifier': X500ATTR+'51', + 'street': X500ATTR+'9', + 'supportedAlgorithms': X500ATTR+'52', + 'preferredLanguage': NETSCAPE_LDAP+'39', + 'postalAddress': X500ATTR+'16', + 'email': PKCS_9+'1', + 'norEduOrgUnitUniqueIdentifier': NOREDUPERSON_OID+'8', + 'eduPersonPrimaryOrgUnitDN': EDUPERSON_OID+'8', + 'c': X500ATTR+'6', + 'teletexTerminalIdentifier': X500ATTR+'22', + 'o': X500ATTR+'10', + 'cACertificate': X500ATTR+'37', + 'telexNumber': X500ATTR+'21', + 'ou': X500ATTR+'11', + 'initials': X500ATTR+'43', + 'eduPersonOrgUnitDN': EDUPERSON_OID+'4', + 'deltaRevocationList': X500ATTR+'53', + 'norEduPersonLIN': NOREDUPERSON_OID+'4', + 'supportedApplicationContext': X500ATTR+'30', + 'eduPersonEntitlement': EDUPERSON_OID+'7', + 'generationQualifier': X500ATTR+'44', + 'eduPersonAffiliation': EDUPERSON_OID+'1', + 'eduPersonPrincipalName': EDUPERSON_OID+'6', + 'localityName': X500ATTR+'7', + 'owner': X500ATTR+'32', + 'norEduOrgUnitUniqueNumber': NOREDUPERSON_OID+'2', + 'searchGuide': X500ATTR+'14', + 'certificateRevocationList': X500ATTR+'39', + 'organizationalUnitName': X500ATTR+'11', + 'userCertificate': X500ATTR+'36', + 'preferredDeliveryMethod': X500ATTR+'28', + 'internationaliSDNNumber': X500ATTR+'25', + 'uniqueMember': X500ATTR+'50', + 'departmentNumber': NETSCAPE_LDAP+'2', + 'enhancedSearchGuide': X500ATTR+'47', + 'userPKCS12': NETSCAPE_LDAP+'216', + 'eduPersonTargetedID': EDUPERSON_OID+'10', + 'norEduOrgUniqueNumber': NOREDUPERSON_OID+'1', + 'x121Address': X500ATTR+'24', + 'destinationIndicator': X500ATTR+'27', + 'eduPersonPrimaryAffiliation': EDUPERSON_OID+'5', + 'surname': X500ATTR+'4', + 'jpegPhoto': UCL_DIR_PILOT+'60', + 'eduPersonScopedAffiliation': EDUPERSON_OID+'9', + 'protocolInformation': X500ATTR+'48', + 'knowledgeInformation': X500ATTR+'2', + 'employeeType': NETSCAPE_LDAP+'4', + 'userSMIMECertificate': NETSCAPE_LDAP+'40', + 'member': X500ATTR+'31', + 'streetAddress': X500ATTR+'9', + 'dmdName': X500ATTR+'54', + 'postalCode': X500ATTR+'17', + 'pseudonym': X500ATTR+'65', + 'dnQualifier': X500ATTR+'46', + 'crossCertificatePair': X500ATTR+'40', + 'eduPersonOrgDN': EDUPERSON_OID+'3', + 'authorityRevocationList': X500ATTR+'38', + 'displayName': NETSCAPE_LDAP+'241', + 'businessCategory': X500ATTR+'15', + 'serialNumber': X500ATTR+'5', + 'norEduOrgUniqueIdentifier': NOREDUPERSON_OID+'7', + 'st': X500ATTR+'8', + 'carLicense': NETSCAPE_LDAP+'1', + 'presentationAddress': X500ATTR+'29', + 'sn': X500ATTR+'4', + 'domainComponent': UCL_DIR_PILOT+'25', } -} +} \ No newline at end of file diff --git a/tests/idp_test/config.py.example b/tests/idp_test/config.py.example index d509780..555be90 100755 --- a/tests/idp_test/config.py.example +++ b/tests/idp_test/config.py.example @@ -14,12 +14,12 @@ BASE = "http://lingon.ladok.umu.se:8087" #BASE = "http://localhost:8087" CONFIG = { - "entityid": "%s/sp.xml" % BASE, - "name": "SAML2 test tool", + "entityid" : "%s/sp.xml" % BASE, + "name" : "SAML2 test tool", "description": "Simplest possible", "service": { "sp": { - "endpoints": { + "endpoints":{ "assertion_consumer_service": [ ("%s/acs/post" % BASE, BINDING_HTTP_POST), ("%s/acs/redirect" % BASE, BINDING_HTTP_REDIRECT), @@ -30,27 +30,27 @@ CONFIG = { "single_logout_service": [ ("%s/sls" % BASE, BINDING_SOAP) ], - "artifact_resolution_service": [ + "artifact_resolution_service":[ ("%s/ars" % BASE, BINDING_SOAP) ], - "manage_name_id_service": [ + "manage_name_id_service":[ ("%s/mni" % BASE, BINDING_HTTP_POST), ("%s/mni" % BASE, BINDING_HTTP_REDIRECT), ("%s/mni" % BASE, BINDING_SOAP), ("%s/acs/artifact" % BASE, BINDING_HTTP_ARTIFACT) ], - "discovery_response": [ + "discovery_response":[ ("%s/disco" % BASE, BINDING_DISCO) ] } } }, - "key_file": "keys/mykey.pem", - "cert_file": "keys/mycert.pem", - "xmlsec_binary": XMLSEC_BINARY, + "key_file" : "keys/mykey.pem", + "cert_file" : "keys/mycert.pem", + "xmlsec_binary" : XMLSEC_BINARY, "subject_data": "subject_data.db", "accepted_time_diff": 60, - "attribute_map_dir": "attributemaps", + "attribute_map_dir" : "attributemaps", "organization": { "name": ("AB Exempel", "se"), "display_name": ("AB Exempel", "se"), @@ -68,3 +68,4 @@ CONFIG = { "secret": "0123456789", "only_use_keys_in_metadata": False } + diff --git a/tests/idp_test/target_idp.py b/tests/idp_test/target_idp.py index 07d974c..ea60f7f 100755 --- a/tests/idp_test/target_idp.py +++ b/tests/idp_test/target_idp.py @@ -1,6 +1,5 @@ #!/usr/bin/env python from saml2.saml import NAME_FORMAT_URI -from saml2test import JSON_DUMPS_ARGS __author__ = 'rolandh' @@ -75,4 +74,4 @@ info = { "name_format": NAME_FORMAT_URI } -print json.dumps(info, **JSON_DUMPS_ARGS) +print json.dumps(info) \ No newline at end of file diff --git a/tests/localhost.py b/tests/localhost.py index 2a518ad..fe5f5cc 100755 --- a/tests/localhost.py +++ b/tests/localhost.py @@ -1,6 +1,5 @@ #!/usr/bin/env python from saml2.saml import NAME_FORMAT_URI -from saml2test import JSON_DUMPS_ARGS __author__ = 'rolandh' @@ -65,4 +64,4 @@ info = { "name_format": NAME_FORMAT_URI } -print json.dumps(info, **JSON_DUMPS_ARGS) +print json.dumps(info) \ No newline at end of file diff --git a/tests/sp_test/targetsp.py b/tests/sp_test/targetsp.py index ee62284..5113ceb 100755 --- a/tests/sp_test/targetsp.py +++ b/tests/sp_test/targetsp.py @@ -1,6 +1,5 @@ #!/usr/bin/env python from saml2.saml import AUTHN_PASSWORD -from saml2test import JSON_DUMPS_ARGS __author__ = 'rolandh' @@ -41,4 +40,4 @@ info = { "userid": "roland" } -print json.dumps(info, **JSON_DUMPS_ARGS) +print json.dumps(info) \ No newline at end of file