openstack/deb-python-pysaml2
Code Issues Proposed changes

Updated tests

Browse Source
This commit is contained in:
Roland Hedberg
2013-05-16 21:23:21 +02:00
parent b5622c228f
commit ba8f3be8da
8 changed files with 416 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

55
tests/idp_all_conf.py
View File

@@ -12,11 +12,11 @@ from pathutils import full_path
BASE = "http://localhost:8088"
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:idp",
"name" : "Rolands IdP",
"entityid": "urn:mace:example.com:saml:roland:idp",
"name": "Rolands IdP",
"service": {
"aa": {
"endpoints" : {
"endpoints": {
"attribute_service": [
("%s/aap" % BASE, BINDING_HTTP_POST),
("%s/aas" % BASE, BINDING_SOAP)
@@ -24,15 +24,15 @@ CONFIG = {
},
},
"aq": {
"endpoints" : {
"endpoints": {
"authn_query_service": [
("%s/aqs" % BASE, BINDING_SOAP)
]
},
},
"idp": {
"endpoints" : {
"single_sign_on_service" : [
"endpoints": {
"single_sign_on_service": [
("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT),
("%s/sso/post" % BASE, BINDING_HTTP_POST),
("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT),
@@ -42,7 +42,7 @@ CONFIG = {
("%s/slo/soap" % BASE, BINDING_SOAP),
("%s/slo/post" % BASE, BINDING_HTTP_POST)
],
"artifact_resolution_service":[
"artifact_resolution_service": [
("%s/ars" % BASE, BINDING_SOAP)
],
"assertion_id_request_service": [
@@ -51,13 +51,13 @@ CONFIG = {
"authn_query_service": [
("%s/aqs" % BASE, BINDING_SOAP)
],
"manage_name_id_service":[
"manage_name_id_service": [
("%s/mni/soap" % BASE, BINDING_SOAP),
("%s/mni/post" % BASE, BINDING_HTTP_POST),
("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT),
("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT)
],
"name_id_mapping_service":[
"name_id_mapping_service": [
("%s/nim/soap" % BASE, BINDING_SOAP),
("%s/nim/post" % BASE, BINDING_HTTP_POST),
("%s/nim/redirect" % BASE, BINDING_HTTP_REDIRECT),
@@ -66,10 +66,10 @@ CONFIG = {
},
"policy": {
"default": {
"lifetime": {"minutes":15},
"lifetime": {"minutes": 15},
"attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI,
},
},
"urn:mace:example.com:saml:roland:sp": {
"lifetime": {"minutes": 5},
"nameid_format": NAMEID_FORMAT_PERSISTENT,
@@ -82,25 +82,26 @@ CONFIG = {
#"subject_data": ("mongodb", "foo"),
},
},
"debug" : 1,
"key_file" : full_path("test.key"),
"cert_file" : full_path("test.pem"),
"xmlsec_binary" : None,
"debug": 1,
"key_file": full_path("test.key"),
"cert_file": full_path("test.pem"),
"xmlsec_binary": None,
"metadata": {
"local": [full_path("servera.xml"),
full_path("vo_metadata.xml")],
},
"attribute_map_dir" : full_path("attributemaps"),
},
"attribute_map_dir": full_path("attributemaps"),
"organization": {
"name": "Exempel AB",
"display_name": [("Exempel ÄB","se"),("Example Co.","en")],
"url":"http://www.example.com/roland",
"display_name": [("Exempel ÄB", "se"), ("Example Co.", "en")],
"url": "http://www.example.com/roland",
},
"contact_person": [
{
"given_name": "John",
"sur_name": "Smith",
"email_address": ["john.smith@example.com"],
"contact_type": "technical",
},
"contact_person": [{
"given_name":"John",
"sur_name": "Smith",
"email_address": ["john.smith@example.com"],
"contact_type": "technical",
},
],
}
],
}

7
tests/idp_conf.py
View File

@@ -1,8 +1,11 @@
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST
from saml2 import BINDING_SOAP
from saml2 import BINDING_HTTP_REDIRECT
from saml2 import BINDING_HTTP_POST
from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI
from pathutils import full_path
from pathutils import xmlsec_path
BASE = "http://localhost:8088"
@@ -41,7 +44,7 @@ CONFIG = {
"debug": 1,
"key_file": full_path("test.key"),
"cert_file": full_path("test.pem"),
"xmlsec_binary": None,
"xmlsec_binary": xmlsec_path,
"metadata": {
"local": [full_path("metadata_sp_1.xml"),
full_path("vo_metadata.xml")],

10
tests/pathutils.py
View File

@@ -12,3 +12,13 @@ def dotname(module):
return 'tests.' + module
else:
return module
try:
from saml2.sigver import get_xmlsec_binary
except ImportError:
get_xmlsec_binary = None
if get_xmlsec_binary:
xmlsec_path = get_xmlsec_binary(["/opt/local/bin"])
else:
xmlsec_path = '/usr/bin/xmlsec1'

5
tests/server_conf.py
View File

@@ -1,6 +1,7 @@
from pathutils import full_path
from pathutils import xmlsec_path
CONFIG={
CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:sp",
"name" : "urn:mace:example.com:saml:roland:sp",
"description": "My own SP",
@@ -19,7 +20,7 @@ CONFIG={
"key_file": full_path("test.key"),
"cert_file": full_path("test.pem"),
"ca_certs": full_path("cacerts.txt"),
"xmlsec_binary": None,
"xmlsec_binary": xmlsec_path,
"metadata": {
"local": [full_path("idp.xml"), full_path("vo_metadata.xml")],
},

2
tests/servera_conf.py
View File

@@ -49,7 +49,7 @@ CONFIG = {
"key_file": full_path("test.key"),
"cert_file": full_path("test.pem"),
"ca_certs": full_path("cacerts.txt"),
"xmlsec_binary" : None,
"xmlsec_binary": None,
"metadata": {
"local": [full_path("idp_all.xml"), full_path("vo_metadata.xml")],
},

364
tests/test_02_saml.py
View File

@@ -42,11 +42,11 @@ from saml2.saml import NAMEID_FORMAT_EMAILADDRESS
class TestExtensionElement:
def test_loadd(self):
ava = {
"attributes": {"attr":"loa", "info":"source"},
"attributes": {"attr": "loa", "info": "source"},
"tag": "tag",
"namespace": "urn:mace:example.com",
"text": "free text"
}
}
ee = saml2.ExtensionElement(ava["tag"])
ee.loadd(ava)
@@ -65,33 +65,35 @@ class TestExtensionElement:
def test_find_children(self):
ava = {
"attributes": {"attr":"loa", "info":"source"},
"attributes": {"attr": "loa", "info": "source"},
"tag": "tag",
"namespace": "urn:mace:example.com",
"text": "free text",
"children": [{
"attributes": {"foo":"bar","special":"app"},
"tag": "tag2",
"namespace": "urn:mace:example.com",
"text": "Just a line"
},
{
"attributes": {"static":"attribute","dynamic":"orgname"},
"tag": "tag3",
"namespace": "urn:mace:example.com",
"text": "Another line of text",
"children": [{
"tag": "subtag",
"namespace": "urn:mace:example.org",
"text": "grandchild"
}]
},
{
"attributes": {"entitlement":"xyz"},
"tag": "tag4",
"namespace": "urn:mace:example.org",
"text": "A comment"
}
"attributes": {"foo": "bar", "special": "app"},
"tag": "tag2",
"namespace": "urn:mace:example.com",
"text": "Just a line"
},
{
"attributes": {"static": "attribute",
"dynamic": "orgname"},
"tag": "tag3",
"namespace": "urn:mace:example.com",
"text": "Another line of text",
"children": [{
"tag": "subtag",
"namespace": "urn:mace:example.org",
"text": "grandchild"
}]
},
{
"attributes": {"entitlement": "xyz"},
"tag": "tag4",
"namespace": "urn:mace:example.org",
"text": "A comment"
}
]
}
@@ -126,31 +128,32 @@ class TestExtensionElement:
c = ee.find_children()
assert len(c) == 3
class TestExtensionContainer:
def test_find_extensions(self):
avas = [{
"attributes": {"foo":"bar","special":"app"},
"tag": "tag2",
"namespace": "urn:mace:example.com",
"text": "Just a line"
},
{
"attributes": {"static":"attribute","dynamic":"orgname"},
"tag": "tag3",
"namespace": "urn:mace:example.com",
"text": "Another line of text",
"children": [{
"tag": "subtag",
"namespace": "urn:mace:example.org",
"text": "grandchild"
"attributes": {"foo": "bar", "special": "app"},
"tag": "tag2",
"namespace": "urn:mace:example.com",
"text": "Just a line"
},
{
"attributes": {"static": "attribute", "dynamic": "orgname"},
"tag": "tag3",
"namespace": "urn:mace:example.com",
"text": "Another line of text",
"children": [{
"tag": "subtag",
"namespace": "urn:mace:example.org",
"text": "grandchild"
}]
},
{
"attributes": {"entitlement": "xyz"},
"tag": "tag4",
"namespace": "urn:mace:example.org",
"text": "A comment"
}]
},
{
"attributes": {"entitlement":"xyz"},
"tag": "tag4",
"namespace": "urn:mace:example.org",
"text": "A comment"
}]
ees = [saml2.ExtensionElement("").loadd(a) for a in avas]
print ees
@@ -194,13 +197,14 @@ class TestExtensionContainer:
assert len(ec.extension_attributes) == 1
assert ec.extension_attributes.keys()[0] == "foo"
class TestSAMLBase:
def test_make_vals_dict(self):
ava = {
"sp_name_qualifier": "loa",
"format": NAMEID_FORMAT_EMAILADDRESS,
"text": "free text"
}
}
foo = saml2.make_vals(ava, Issuer, part=True)
print foo
@@ -220,7 +224,7 @@ class TestSAMLBase:
ava = ["foo", "bar", "lions", "saints"]
raises(Exception,
"saml2.make_vals(ava, AttributeValue, Attribute(), part=True)")
"saml2.make_vals(ava, AttributeValue, Attribute(), part=True)")
attr = Attribute()
saml2.make_vals(ava, AttributeValue, attr, prop="attribute_value")
@@ -229,13 +233,13 @@ class TestSAMLBase:
def test_to_string_nspair(self):
foo = saml2.make_vals("lions", AttributeValue, part=True)
str = foo.to_string()
nsstr = foo.to_string({"saml":saml.NAMESPACE})
assert nsstr != str
print str
txt = foo.to_string()
nsstr = foo.to_string({"saml": saml.NAMESPACE})
assert nsstr != txt
print txt
print nsstr
assert "saml:AttributeValue" in nsstr
assert "saml:AttributeValue" not in str
assert "saml:AttributeValue" not in txt
def test_set_text(self):
av = AttributeValue()
@@ -260,8 +264,8 @@ class TestSAMLBase:
foo = saml2.make_vals(False, AttributeValue, part=True)
assert foo.text == "false"
class TestNameID:
class TestNameID:
def setup_class(self):
self.name_id = saml.NameID()
@@ -287,7 +291,7 @@ class TestNameID:
"""Test text value of NameID element"""
self.name_id.text = "tmatsuo@example.com"
assert self.name_id.text == "tmatsuo@example.com"
def testSPProvidedID(self):
"""Test for SPProvidedID attribute accessors"""
self.name_id.sp_provided_id = "provided id"
@@ -332,7 +336,6 @@ class TestNameID:
class TestIssuer:
def setup_class(self):
self.issuer = saml.Issuer()
@@ -357,7 +360,6 @@ class TestIssuer:
class TestSubjectLocality:
def setup_class(self):
self.subject_locality = saml.SubjectLocality()
@@ -379,7 +381,7 @@ class TestSubjectLocality:
saml2_data.TEST_SUBJECT_LOCALITY)
assert subject_locality.address == "127.0.0.1"
assert subject_locality.dns_name == "localhost"
new_subject_locality = saml.subject_locality_from_string(
subject_locality.to_string())
assert new_subject_locality.address == "127.0.0.1"
@@ -388,7 +390,6 @@ class TestSubjectLocality:
class TestAuthnContextClassRef:
def setup_class(self):
self.authn_context_class_ref = saml.AuthnContextClassRef()
self.text = "http://www.example.com/authnContextClassRef"
@@ -401,7 +402,7 @@ class TestAuthnContextClassRef:
self.authn_context_class_ref.to_string())
assert new_authn_context_class_ref.text == self.text
assert self.authn_context_class_ref.to_string() == \
new_authn_context_class_ref.to_string()
new_authn_context_class_ref.to_string()
def testUsingTestData(self):
"""Test authn_context_class_ref_from_string() using test data"""
@@ -411,7 +412,6 @@ class TestAuthnContextClassRef:
class TestAuthnContextDeclRef:
def setup_class(self):
self.authn_context_decl_ref = saml.AuthnContextDeclRef()
self.ref = "http://www.example.com/authnContextDeclRef"
@@ -424,7 +424,7 @@ class TestAuthnContextDeclRef:
self.authn_context_decl_ref.to_string())
assert new_authn_context_decl_ref.text == self.ref
assert self.authn_context_decl_ref.to_string() == \
new_authn_context_decl_ref.to_string()
new_authn_context_decl_ref.to_string()
def testUsingTestData(self):
"""Test authn_context_decl_ref_from_string() using test data"""
@@ -434,11 +434,10 @@ class TestAuthnContextDeclRef:
class TestAuthnContextDecl:
def setup_class(self):
self.authn_context_decl = saml.AuthnContextDecl()
self.text = "http://www.example.com/authnContextDecl"
def testAccessors(self):
"""Test for AuthnContextDecl accessors"""
self.authn_context_decl.text = self.text
@@ -447,7 +446,7 @@ class TestAuthnContextDecl:
self.authn_context_decl.to_string())
assert new_authn_context_decl.text == self.text
assert self.authn_context_decl.to_string() == \
new_authn_context_decl.to_string()
new_authn_context_decl.to_string()
def testUsingTestData(self):
"""Test authn_context_decl_from_string() using test data"""
@@ -457,11 +456,10 @@ class TestAuthnContextDecl:
class TestAuthenticatingAuthority:
def setup_class(self):
self.authenticating_authority = saml.AuthenticatingAuthority()
self.text = "http://www.example.com/authenticatingAuthority"
def testAccessors(self):
"""Test for AuthenticatingAuthority accessors"""
self.authenticating_authority.text = self.text
@@ -470,7 +468,7 @@ class TestAuthenticatingAuthority:
self.authenticating_authority.to_string())
assert new_authenticating_authority.text == self.text
assert self.authenticating_authority.to_string() == \
new_authenticating_authority.to_string()
new_authenticating_authority.to_string()
def testUsingTestData(self):
"""Test authenticating_authority_from_string() using test data"""
@@ -478,8 +476,8 @@ class TestAuthenticatingAuthority:
saml2_data.TEST_AUTHENTICATING_AUTHORITY)
assert authenticating_authority.text.strip() == self.text
class TestAuthnContext:
class TestAuthnContext:
def setup_class(self):
self.authn_context = saml.AuthnContext()
@@ -487,37 +485,37 @@ class TestAuthnContext:
"""Test for AuthnContext accessors"""
self.authn_context.authn_context_class_ref = \
saml.authn_context_class_ref_from_string(
saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF)
saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF)
self.authn_context.authn_context_decl_ref = \
saml.authn_context_decl_ref_from_string(
saml2_data.TEST_AUTHN_CONTEXT_DECL_REF)
saml2_data.TEST_AUTHN_CONTEXT_DECL_REF)
self.authn_context.authn_context_decl = \
saml.authn_context_decl_from_string(
saml2_data.TEST_AUTHN_CONTEXT_DECL)
saml2_data.TEST_AUTHN_CONTEXT_DECL)
self.authn_context.authenticating_authority.append(
saml.authenticating_authority_from_string(
saml2_data.TEST_AUTHENTICATING_AUTHORITY))
saml2_data.TEST_AUTHENTICATING_AUTHORITY))
assert self.authn_context.authn_context_class_ref.text.strip() == \
"http://www.example.com/authnContextClassRef"
"http://www.example.com/authnContextClassRef"
assert self.authn_context.authn_context_decl_ref.text.strip() == \
"http://www.example.com/authnContextDeclRef"
"http://www.example.com/authnContextDeclRef"
assert self.authn_context.authn_context_decl.text.strip() == \
"http://www.example.com/authnContextDecl"
"http://www.example.com/authnContextDecl"
assert self.authn_context.authenticating_authority[0].text.strip() == \
"http://www.example.com/authenticatingAuthority"
"http://www.example.com/authenticatingAuthority"
new_authn_context = saml.authn_context_from_string(
self.authn_context.to_string())
assert self.authn_context.to_string() == new_authn_context.to_string()
def testUsingTestData(self):
"""Test authn_context_from_string() using test data"""
authn_context = saml.authn_context_from_string(saml2_data.TEST_AUTHN_CONTEXT)
authn_context = saml.authn_context_from_string(
saml2_data.TEST_AUTHN_CONTEXT)
assert authn_context.authn_context_class_ref.text.strip() == \
saml.AUTHN_PASSWORD
saml.AUTHN_PASSWORD
class TestAuthnStatement:
def setup_class(self):
self.authn_statem = saml.AuthnStatement()
@@ -529,46 +527,46 @@ class TestAuthnStatement:
self.authn_statem.authn_context = saml.AuthnContext()
self.authn_statem.authn_context.authn_context_class_ref = \
saml.authn_context_class_ref_from_string(
saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF)
saml2_data.TEST_AUTHN_CONTEXT_CLASS_REF)
self.authn_statem.authn_context.authn_context_decl_ref = \
saml.authn_context_decl_ref_from_string(
saml2_data.TEST_AUTHN_CONTEXT_DECL_REF)
saml2_data.TEST_AUTHN_CONTEXT_DECL_REF)
self.authn_statem.authn_context.authn_context_decl = \
saml.authn_context_decl_from_string(
saml2_data.TEST_AUTHN_CONTEXT_DECL)
saml2_data.TEST_AUTHN_CONTEXT_DECL)
self.authn_statem.authn_context.authenticating_authority.append(
saml.authenticating_authority_from_string(
saml2_data.TEST_AUTHENTICATING_AUTHORITY))
saml2_data.TEST_AUTHENTICATING_AUTHORITY))
new_as = saml.authn_statement_from_string(self.authn_statem.to_string())
assert new_as.authn_instant == "2007-08-31T01:05:02Z"
assert new_as.session_index == "sessionindex"
assert new_as.session_not_on_or_after == "2007-09-14T01:05:02Z"
assert new_as.authn_context.authn_context_class_ref.text.strip() == \
"http://www.example.com/authnContextClassRef"
"http://www.example.com/authnContextClassRef"
assert new_as.authn_context.authn_context_decl_ref.text.strip() == \
"http://www.example.com/authnContextDeclRef"
"http://www.example.com/authnContextDeclRef"
assert new_as.authn_context.authn_context_decl.text.strip() == \
"http://www.example.com/authnContextDecl"
"http://www.example.com/authnContextDecl"
assert new_as.authn_context.authenticating_authority[0].text.strip() \
== "http://www.example.com/authenticatingAuthority"
== "http://www.example.com/authenticatingAuthority"
assert self.authn_statem.to_string() == new_as.to_string()
def testUsingTestData(self):
"""Test authn_statement_from_string() using test data"""
authn_statem = saml.authn_statement_from_string(saml2_data.TEST_AUTHN_STATEMENT)
authn_statem = saml.authn_statement_from_string(
saml2_data.TEST_AUTHN_STATEMENT)
assert authn_statem.authn_instant == "2007-08-31T01:05:02Z"
assert authn_statem.session_not_on_or_after == "2007-09-14T01:05:02Z"
assert authn_statem.authn_context.authn_context_class_ref.text.strip() == \
saml.AUTHN_PASSWORD
saml.AUTHN_PASSWORD
class TestAttributeValue:
def setup_class(self):
self.attribute_value = saml.AttributeValue()
self.text = "value for test attribute"
def testAccessors(self):
"""Test for AttributeValue accessors"""
@@ -584,6 +582,7 @@ class TestAttributeValue:
saml2_data.TEST_ATTRIBUTE_VALUE)
assert attribute_value.text.strip() == self.text
BASIC_STR_AV = """<?xml version="1.0" encoding="utf-8"?>
<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -649,15 +648,15 @@ Name="urn:uuid:6c9d0ec8-dd2d-11cc-abdd-080009353559"
FriendlyName="pre_auth_req">
<AttributeValue xsi:type="xs:integer">1</AttributeValue>
</Attribute>"""
class TestAttribute:
class TestAttribute:
def setup_class(self):
self.attribute = saml.Attribute()
self.text = ["value of test attribute",
"value1 of test attribute",
"value2 of test attribute"]
"value1 of test attribute",
"value2 of test attribute"]
def testAccessors(self):
"""Test for Attribute accessors"""
self.attribute.name = "testAttribute"
@@ -714,15 +713,15 @@ class TestAttribute:
print attribute
assert attribute.attribute_value[0].text.lower() == "false"
class TestAttributeStatement:
class TestAttributeStatement:
def setup_class(self):
self.attr_statem = saml.AttributeStatement()
self.text = ["value of test attribute",
"value1 of test attribute",
"value2 of test attribute",
"value1 of test attribute2",
"value2 of test attribute2",]
"value1 of test attribute",
"value2 of test attribute",
"value1 of test attribute2",
"value2 of test attribute2", ]
def testAccessors(self):
"""Test for Attribute accessors"""
@@ -731,56 +730,73 @@ class TestAttributeStatement:
self.attr_statem.attribute[0].name = "testAttribute"
self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI
self.attr_statem.attribute[0].friendly_name = "test attribute"
self.attr_statem.attribute[0].attribute_value.append(saml.AttributeValue())
self.attr_statem.attribute[0].attribute_value.append(
saml.AttributeValue())
self.attr_statem.attribute[0].attribute_value[0].text = self.text[0]
self.attr_statem.attribute[1].name = "testAttribute2"
self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED
self.attr_statem.attribute[1].friendly_name = self.text[2]
self.attr_statem.attribute[1].attribute_value.append(saml.AttributeValue())
self.attr_statem.attribute[1].attribute_value.append(
saml.AttributeValue())
self.attr_statem.attribute[1].attribute_value[0].text = self.text[2]
new_as = saml.attribute_statement_from_string(self.attr_statem.to_string())
new_as = saml.attribute_statement_from_string(
self.attr_statem.to_string())
assert new_as.attribute[0].name == "testAttribute"
assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI
assert new_as.attribute[0].friendly_name == "test attribute"
assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[0]
assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[
0]
assert new_as.attribute[1].name == "testAttribute2"
assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert new_as.attribute[1].friendly_name == "value2 of test attribute"
assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[2]
assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[
2]
def testUsingTestData(self):
"""Test attribute_statement_from_string() using test data"""
attr_statem = saml.attribute_statement_from_string( \
saml2_data.TEST_ATTRIBUTE_STATEMENT)
saml2_data.TEST_ATTRIBUTE_STATEMENT)
assert attr_statem.attribute[0].name == "testAttribute"
assert attr_statem.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem.attribute[
0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem.attribute[0].friendly_name == "test attribute"
assert attr_statem.attribute[0].attribute_value[0].text.strip() == self.text[1]
assert attr_statem.attribute[0].attribute_value[1].text.strip() == self.text[2]
assert attr_statem.attribute[1].name == "http://www.example.com/testAttribute2"
assert attr_statem.attribute[0].attribute_value[0].text.strip() == \
self.text[1]
assert attr_statem.attribute[0].attribute_value[1].text.strip() == \
self.text[2]
assert attr_statem.attribute[
1].name == "http://www.example.com/testAttribute2"
assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem.attribute[1].friendly_name == "test attribute2"
assert attr_statem.attribute[1].attribute_value[0].text.strip() == self.text[3]
assert attr_statem.attribute[1].attribute_value[1].text.strip() == self.text[4]
assert attr_statem.attribute[1].attribute_value[0].text.strip() == \
self.text[3]
assert attr_statem.attribute[1].attribute_value[1].text.strip() == \
self.text[4]
# test again
attr_statem2 = saml.attribute_statement_from_string(attr_statem.to_string())
attr_statem2 = saml.attribute_statement_from_string(
attr_statem.to_string())
assert attr_statem2.attribute[0].name == "testAttribute"
assert attr_statem2.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem2.attribute[
0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem2.attribute[0].friendly_name == "test attribute"
assert attr_statem2.attribute[0].attribute_value[0].text.strip() == self.text[1]
assert attr_statem2.attribute[0].attribute_value[1].text.strip() == self.text[2]
assert attr_statem2.attribute[1].name == "http://www.example.com/testAttribute2"
assert attr_statem2.attribute[0].attribute_value[0].text.strip() == \
self.text[1]
assert attr_statem2.attribute[0].attribute_value[1].text.strip() == \
self.text[2]
assert attr_statem2.attribute[
1].name == "http://www.example.com/testAttribute2"
assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem2.attribute[1].friendly_name == "test attribute2"
assert attr_statem2.attribute[1].attribute_value[0].text.strip() == self.text[3]
assert attr_statem2.attribute[1].attribute_value[1].text.strip() == self.text[4]
assert attr_statem2.attribute[1].attribute_value[0].text.strip() == \
self.text[3]
assert attr_statem2.attribute[1].attribute_value[1].text.strip() == \
self.text[4]
class TestSubjectConfirmationData:
def setup_class(self):
self.scd = saml.SubjectConfirmationData()
@@ -792,7 +808,8 @@ class TestSubjectConfirmationData:
self.scd.recipient = "recipient"
self.scd.in_response_to = "responseID"
self.scd.address = "127.0.0.1"
new_scd = saml.subject_confirmation_data_from_string(self.scd.to_string())
new_scd = saml.subject_confirmation_data_from_string(
self.scd.to_string())
assert new_scd.not_before == "2007-08-31T01:05:02Z"
assert new_scd.not_on_or_after == "2007-09-14T01:05:02Z"
assert new_scd.recipient == "recipient"
@@ -812,7 +829,6 @@ class TestSubjectConfirmationData:
class TestSubjectConfirmation:
def setup_class(self):
self.sc = saml.SubjectConfirmation()
@@ -826,9 +842,9 @@ class TestSubjectConfirmation:
assert new_sc.name_id.sp_provided_id == "sp provided id"
assert new_sc.method == saml.SCM_BEARER
assert new_sc.subject_confirmation_data.not_before == \
"2007-08-31T01:05:02Z"
"2007-08-31T01:05:02Z"
assert new_sc.subject_confirmation_data.not_on_or_after == \
"2007-09-14T01:05:02Z"
"2007-09-14T01:05:02Z"
assert new_sc.subject_confirmation_data.recipient == "recipient"
assert new_sc.subject_confirmation_data.in_response_to == "responseID"
assert new_sc.subject_confirmation_data.address == "127.0.0.1"
@@ -848,7 +864,6 @@ class TestSubjectConfirmation:
class TestSubject:
def setup_class(self):
self.subject = saml.Subject()
@@ -857,13 +872,13 @@ class TestSubject:
self.subject.name_id = saml.name_id_from_string(saml2_data.TEST_NAME_ID)
self.subject.subject_confirmation.append(
saml.subject_confirmation_from_string(
saml2_data.TEST_SUBJECT_CONFIRMATION))
saml2_data.TEST_SUBJECT_CONFIRMATION))
new_subject = saml.subject_from_string(self.subject.to_string())
assert new_subject.name_id.sp_provided_id == "sp provided id"
assert new_subject.name_id.text.strip() == "tmatsuo@example.com"
assert new_subject.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS
assert isinstance(new_subject.subject_confirmation[0],
saml.SubjectConfirmation)
saml.SubjectConfirmation)
def testUsingTestData(self):
"""Test for subject_from_string() using test data."""
@@ -873,22 +888,22 @@ class TestSubject:
assert subject.name_id.text.strip() == "tmatsuo@example.com"
assert subject.name_id.format == saml.NAMEID_FORMAT_EMAILADDRESS
assert isinstance(subject.subject_confirmation[0],
saml.SubjectConfirmation)
saml.SubjectConfirmation)
class TestCondition:
def setup_class(self):
self.condition = saml.Condition()
self.name = "{%s}type" % saml.XSI_NAMESPACE
def testAccessors(self):
"""Test for Condition accessors."""
self.condition.extension_attributes[self.name] = "test"
self.condition.extension_attributes['ExtendedAttribute'] = "value"
new_condition = saml.condition_from_string(self.condition.to_string())
assert new_condition.extension_attributes[self.name] == "test"
assert new_condition.extension_attributes["ExtendedAttribute"] == "value"
assert new_condition.extension_attributes[
"ExtendedAttribute"] == "value"
def testUsingTestData(self):
"""Test for condition_from_string() using test data."""
@@ -898,7 +913,6 @@ class TestCondition:
class TestAudience:
def setup_class(self):
self.audience = saml.Audience()
@@ -926,9 +940,9 @@ class TestAudienceRestriction:
self.audience_restriction.audience = \
saml.audience_from_string(saml2_data.TEST_AUDIENCE)
new_audience = saml.audience_restriction_from_string(
self.audience_restriction.to_string())
self.audience_restriction.to_string())
assert self.audience_restriction.audience.text.strip() == \
"http://www.example.com/Audience"
"http://www.example.com/Audience"
def testUsingTestData(self):
"""Test audience_restriction_from_string using test data"""
@@ -936,11 +950,10 @@ class TestAudienceRestriction:
audience_restriction = saml.audience_restriction_from_string(
saml2_data.TEST_AUDIENCE_RESTRICTION)
assert audience_restriction.audience[0].text.strip() == \
"http://www.example.com/Audience"
"http://www.example.com/Audience"
class TestOneTimeUse:
def setup_class(self):
self.one_time_use = saml.OneTimeUse()
@@ -951,13 +964,13 @@ class TestOneTimeUse:
def testUsingTestData(self):
"""Test one_time_use_from_string() using test data"""
one_time_use = saml.one_time_use_from_string(saml2_data.TEST_ONE_TIME_USE)
one_time_use = saml.one_time_use_from_string(
saml2_data.TEST_ONE_TIME_USE)
assert isinstance(one_time_use, saml.OneTimeUse)
assert isinstance(one_time_use, saml.ConditionAbstractType_)
class TestProxyRestriction:
def setup_class(self):
self.proxy_restriction = saml.ProxyRestriction()
@@ -972,7 +985,7 @@ class TestProxyRestriction:
self.proxy_restriction.to_string())
assert new_proxy_restriction.count == "2"
assert new_proxy_restriction.audience[0].text.strip() == \
"http://www.example.com/Audience"
"http://www.example.com/Audience"
def testUsingTestData(self):
"""Test proxy_restriction_from_string() using test data"""
@@ -981,10 +994,10 @@ class TestProxyRestriction:
saml2_data.TEST_PROXY_RESTRICTION)
assert proxy_restriction.count == "2"
assert proxy_restriction.audience[0].text.strip() == \
"http://www.example.com/Audience"
"http://www.example.com/Audience"
class TestConditions:
def setup_class(self):
self.conditions = saml.Conditions()
@@ -996,16 +1009,17 @@ class TestConditions:
self.conditions.audience_restriction.append(saml.AudienceRestriction())
self.conditions.one_time_use.append(saml.OneTimeUse())
self.conditions.proxy_restriction.append(saml.ProxyRestriction())
new_conditions = saml.conditions_from_string(self.conditions.to_string())
new_conditions = saml.conditions_from_string(
self.conditions.to_string())
assert new_conditions.not_before == "2007-08-31T01:05:02Z"
assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z"
assert isinstance(new_conditions.condition[0], saml.Condition)
assert isinstance(new_conditions.audience_restriction[0],
saml.AudienceRestriction)
saml.AudienceRestriction)
assert isinstance(new_conditions.one_time_use[0],
saml.OneTimeUse)
saml.OneTimeUse)
assert isinstance(new_conditions.proxy_restriction[0],
saml.ProxyRestriction)
saml.ProxyRestriction)
def testUsingTestData(self):
"""Test conditions_from_string() using test data"""
@@ -1014,14 +1028,14 @@ class TestConditions:
assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z"
assert isinstance(new_conditions.condition[0], saml.Condition)
assert isinstance(new_conditions.audience_restriction[0],
saml.AudienceRestriction)
saml.AudienceRestriction)
assert isinstance(new_conditions.one_time_use[0],
saml.OneTimeUse)
saml.OneTimeUse)
assert isinstance(new_conditions.proxy_restriction[0],
saml.ProxyRestriction)
saml.ProxyRestriction)
class TestAssertionIDRef:
def setup_class(self):
self.assertion_id_ref = saml.AssertionIDRef()
@@ -1031,18 +1045,17 @@ class TestAssertionIDRef:
new_assertion_id_ref = saml.assertion_id_ref_from_string(
self.assertion_id_ref.to_string())
assert new_assertion_id_ref.text == \
"zzlieajngjbkjggjldmgindkckkolcblndbghlhm"
"zzlieajngjbkjggjldmgindkckkolcblndbghlhm"
def testUsingTestData(self):
"""Test assertion_id_ref_from_string() using test data"""
new_assertion_id_ref = saml.assertion_id_ref_from_string(
saml2_data.TEST_ASSERTION_ID_REF)
assert new_assertion_id_ref.text.strip() == \
"zzlieajngjbkjggjldmgindkckkolcblndbghlhm"
"zzlieajngjbkjggjldmgindkckkolcblndbghlhm"
class TestAssertionURIRef:
def setup_class(self):
self.assertion_uri_ref = saml.AssertionURIRef()
@@ -1052,18 +1065,17 @@ class TestAssertionURIRef:
new_assertion_uri_ref = saml.assertion_uri_ref_from_string(
self.assertion_uri_ref.to_string())
assert new_assertion_uri_ref.text == \
"http://www.example.com/AssertionURIRef"
"http://www.example.com/AssertionURIRef"
def testUsingTestData(self):
"""Test assertion_uri_ref_from_string() using test data"""
new_assertion_uri_ref = saml.assertion_uri_ref_from_string(
saml2_data.TEST_ASSERTION_URI_REF)
assert new_assertion_uri_ref.text.strip() == \
"http://www.example.com/AssertionURIRef"
"http://www.example.com/AssertionURIRef"
class TestAction:
def setup_class(self):
self.action = saml.Action()
@@ -1080,7 +1092,6 @@ class TestAction:
class TestEvidence:
def setup_class(self):
self.evidence = saml.Evidence()
@@ -1094,14 +1105,14 @@ class TestEvidence:
print new_evidence
assert self.evidence.to_string() == new_evidence.to_string()
assert isinstance(new_evidence.assertion_id_ref[0],
saml.AssertionIDRef)
saml.AssertionIDRef)
assert isinstance(new_evidence.assertion_uri_ref[0],
saml.AssertionURIRef)
saml.AssertionURIRef)
assert len(new_evidence.assertion) == 1
assert isinstance(new_evidence.assertion[0], saml.Assertion)
assert len(new_evidence.encrypted_assertion) == 1
assert isinstance(new_evidence.encrypted_assertion[0],
saml.EncryptedAssertion)
saml.EncryptedAssertion)
def testUsingTestData(self):
"""Test evidence_from_string() using test data"""
@@ -1110,7 +1121,6 @@ class TestEvidence:
class TestAuthzDecisionStatement:
def setup_class(self):
self.authz_decision_statement = saml.AuthzDecisionStatement()
@@ -1123,15 +1133,15 @@ class TestAuthzDecisionStatement:
new_authz_decision_statement = saml.authz_decision_statement_from_string(
self.authz_decision_statement.to_string())
assert self.authz_decision_statement.to_string() == \
new_authz_decision_statement.to_string()
new_authz_decision_statement.to_string()
assert new_authz_decision_statement.resource == \
"http://www.example.com/Resource"
"http://www.example.com/Resource"
assert new_authz_decision_statement.decision == \
saml.DECISION_TYPE_PERMIT
saml.DECISION_TYPE_PERMIT
assert isinstance(new_authz_decision_statement.action[0],
saml.Action)
saml.Action)
assert isinstance(new_authz_decision_statement.evidence,
saml.Evidence)
saml.Evidence)
def testUsingTestData(self):
@@ -1139,8 +1149,8 @@ class TestAuthzDecisionStatement:
# TODO:
pass
class TestAdvice:
class TestAdvice:
def setup_class(self):
self.advice = saml.Advice()
@@ -1153,12 +1163,12 @@ class TestAdvice:
new_advice = saml.advice_from_string(self.advice.to_string())
assert self.advice.to_string() == new_advice.to_string()
assert isinstance(new_advice.assertion_id_ref[0],
saml.AssertionIDRef)
saml.AssertionIDRef)
assert isinstance(new_advice.assertion_uri_ref[0],
saml.AssertionURIRef)
saml.AssertionURIRef)
assert isinstance(new_advice.assertion[0], saml.Assertion)
assert isinstance(new_advice.encrypted_assertion[0],
saml.EncryptedAssertion)
saml.EncryptedAssertion)
def testUsingTestData(self):
"""Test advice_from_string() using test data"""
@@ -1167,7 +1177,6 @@ class TestAdvice:
class TestAssertion:
def setup_class(self):
self.assertion = saml.Assertion()
@@ -1179,7 +1188,8 @@ class TestAssertion:
self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER)
self.assertion.signature = ds.signature_from_string(
ds_data.TEST_SIGNATURE)
self.assertion.subject = saml.subject_from_string(saml2_data.TEST_SUBJECT)
self.assertion.subject = saml.subject_from_string(
saml2_data.TEST_SUBJECT)
self.assertion.conditions = saml.conditions_from_string(
saml2_data.TEST_CONDITIONS)
self.assertion.advice = saml.Advice()
@@ -1190,7 +1200,7 @@ class TestAssertion:
saml.AuthzDecisionStatement())
self.assertion.attribute_statement.append(
saml.attribute_statement_from_string(
saml2_data.TEST_ATTRIBUTE_STATEMENT))
saml2_data.TEST_ATTRIBUTE_STATEMENT))
new_assertion = saml.assertion_from_string(self.assertion.to_string())
assert new_assertion.id == "assertion id"
@@ -1203,11 +1213,11 @@ class TestAssertion:
assert isinstance(new_assertion.advice, saml.Advice)
assert isinstance(new_assertion.statement[0], saml.Statement)
assert isinstance(new_assertion.authn_statement[0],
saml.AuthnStatement)
saml.AuthnStatement)
assert isinstance(new_assertion.authz_decision_statement[0],
saml.AuthzDecisionStatement)
saml.AuthzDecisionStatement)
assert isinstance(new_assertion.attribute_statement[0],
saml.AttributeStatement)
saml.AttributeStatement)
def testUsingTestData(self):

312
tests/test_03_saml2.py
View File

@@ -19,7 +19,7 @@ except ImportError:
from elementtree import ElementTree
ITEMS = {
NameID:["""<?xml version="1.0" encoding="utf-8"?>
NameID: ["""<?xml version="1.0" encoding="utf-8"?>
<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
SPProvidedID="sp provided id">
@@ -35,7 +35,7 @@ Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
NameQualifier="http://authentic.example.com/saml/metadata"
SPNameQualifier="http://auth.example.com/saml/metadata">test
</NameID>"""],
Issuer:"""<?xml version="1.0" encoding="utf-8"?>
Issuer: """<?xml version="1.0" encoding="utf-8"?>
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
http://www.example.com/test
</Issuer>
@@ -45,14 +45,14 @@ SPNameQualifier="http://auth.example.com/saml/metadata">test
Address="127.0.0.1" DNSName="localhost"/>
""",
SubjectConfirmationData:
"""<?xml version="1.0" encoding="utf-8"?>
"""<?xml version="1.0" encoding="utf-8"?>
<SubjectConfirmationData xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
InResponseTo="_1683146e27983964fbe7bf8f08961108d166a652e5"
NotOnOrAfter="2010-02-18T13:52:13.959Z"
NotBefore="2010-01-16T12:00:00Z"
Recipient="http://192.168.0.10/saml/sp" />""",
SubjectConfirmation:
"""<?xml version="1.0" encoding="utf-8"?>
"""<?xml version="1.0" encoding="utf-8"?>
<SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"><NameID
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
@@ -68,10 +68,11 @@ InResponseTo="_59B3A01B03334032C31E434C63F89E3E"/></SubjectConfirmation>"""
# if "target_class" in metafunc.funcargnames:
# for tcl,xml in ITEMS.items():
# metafunc.addcall(funcargs={"target_class":tcl,"xml_string":xml})
def _eq(l1,l2):
def _eq(l1, l2):
return set(l1) == set(l2)
def test_create_class_from_xml_string_nameid():
kl = create_class_from_xml_string(NameID, ITEMS[NameID][0])
assert kl != None
@@ -80,8 +81,8 @@ def test_create_class_from_xml_string_nameid():
assert kl.text.strip() == "roland@example.com"
assert _eq(kl.keyswv(), ['sp_provided_id', 'format', 'text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier',
'name_qualifier', 'format', 'text'])
assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier',
'name_qualifier', 'format', 'text'])
kl = create_class_from_xml_string(NameID, ITEMS[NameID][1])
assert kl != None
@@ -98,9 +99,10 @@ def test_create_class_from_xml_string_nameid():
assert kl.sp_name_qualifier == "http://auth.example.com/saml/metadata"
assert kl.text.strip() == "test"
assert _eq(kl.keyswv(), ['sp_name_qualifier', 'format', 'name_qualifier',
'text'])
'text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
def test_create_class_from_xml_string_issuer():
kl = create_class_from_xml_string(Issuer, ITEMS[Issuer])
assert kl != None
@@ -108,33 +110,37 @@ def test_create_class_from_xml_string_issuer():
assert _eq(kl.keyswv(), ['text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:Issuer"
def test_create_class_from_xml_string_subject_locality():
kl = create_class_from_xml_string(SubjectLocality, ITEMS[SubjectLocality])
assert kl != None
assert _eq(kl.keyswv(), ['address', "dns_name"])
assert kl.address == "127.0.0.1"
assert kl.dns_name == "localhost"
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality"
assert class_name(
kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality"
def test_create_class_from_xml_string_subject_confirmation_data():
kl = create_class_from_xml_string(SubjectConfirmationData,
ITEMS[SubjectConfirmationData])
kl = create_class_from_xml_string(SubjectConfirmationData,
ITEMS[SubjectConfirmationData])
assert kl != None
assert _eq(kl.keyswv(), ['in_response_to', 'not_on_or_after',
'not_before', 'recipient'])
'not_before', 'recipient'])
assert kl.in_response_to == "_1683146e27983964fbe7bf8f08961108d166a652e5"
assert kl.not_on_or_after == "2010-02-18T13:52:13.959Z"
assert kl.not_before == "2010-01-16T12:00:00Z"
assert kl.recipient == "http://192.168.0.10/saml/sp"
assert class_name(kl) == \
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData"
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData"
def test_create_class_from_xml_string_subject_confirmation():
kl = create_class_from_xml_string(SubjectConfirmation,
ITEMS[SubjectConfirmation])
kl = create_class_from_xml_string(SubjectConfirmation,
ITEMS[SubjectConfirmation])
assert kl != None
assert _eq(kl.keyswv(), ['method', 'name_id',
'subject_confirmation_data'])
'subject_confirmation_data'])
assert kl.method == "urn:oasis:names:tc:SAML:2.0:cm:bearer"
name_id = kl.name_id
assert _eq(name_id.keyswv(), ['format', 'name_qualifier', 'text'])
@@ -142,21 +148,24 @@ def test_create_class_from_xml_string_subject_confirmation():
assert name_id.name_qualifier == "http://authentic.example.com/saml/metadata"
assert name_id.text.strip() == "test@example.com"
subject_confirmation_data = kl.subject_confirmation_data
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient', 'in_response_to'])
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient',
'in_response_to'])
assert subject_confirmation_data.recipient == \
"http://auth.example.com/saml/proxySingleSignOnRedirect"
"http://auth.example.com/saml/proxySingleSignOnRedirect"
assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
assert subject_confirmation_data.in_response_to == \
"_59B3A01B03334032C31E434C63F89E3E"
"_59B3A01B03334032C31E434C63F89E3E"
assert class_name(kl) == \
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation"
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation"
def test_create_class_from_xml_string_wrong_class_spec():
kl = create_class_from_xml_string(SubjectConfirmationData,
ITEMS[SubjectConfirmation])
kl = create_class_from_xml_string(SubjectConfirmationData,
ITEMS[SubjectConfirmation])
assert kl == None
def test_ee_1():
ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?><foo>bar</foo>""")
@@ -168,17 +177,19 @@ def test_ee_1():
assert ee.children == []
assert ee.text == "bar"
def test_ee_2():
ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?><foo id="xyz">bar</foo>""")
assert ee != None
print ee.__dict__
assert ee.attributes == {"id":"xyz"}
assert ee.attributes == {"id": "xyz"}
assert ee.tag == "foo"
assert ee.namespace == None
assert ee.children == []
assert ee.text == "bar"
def test_ee_3():
ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?>
@@ -186,12 +197,13 @@ def test_ee_3():
id="xyz">bar</foo>""")
assert ee != None
print ee.__dict__
assert ee.attributes == {"id":"xyz"}
assert ee.attributes == {"id": "xyz"}
assert ee.tag == "foo"
assert ee.namespace == "urn:mace:example.com:saml:ns"
assert ee.children == []
assert ee.text == "bar"
def test_ee_4():
ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?>
@@ -204,29 +216,30 @@ def test_ee_4():
assert ee.namespace == "urn:mace:example.com:saml:ns"
assert len(ee.children) == 2
assert ee.text.strip() == ""
id = ee.find_children("id", "urn:mace:example.com:saml:namespace")
assert id == []
cid = ee.find_children("id", "urn:mace:example.com:saml:namespace")
assert cid == []
ids = ee.find_children("id", "urn:mace:example.com:saml:ns")
assert ids != []
id = ids[0]
print id.__dict__
assert id.attributes == {}
assert id.tag == "id"
assert id.namespace == "urn:mace:example.com:saml:ns"
assert id.children == []
assert id.text.strip() == "xyz"
cid = ids[0]
print cid.__dict__
assert cid.attributes == {}
assert cid.tag == "id"
assert cid.namespace == "urn:mace:example.com:saml:ns"
assert cid.children == []
assert cid.text.strip() == "xyz"
def test_ee_5():
ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?>
<foo xmlns="urn:mace:example.com:saml:ns">bar</foo>""")
ce = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?>
<educause xmlns="urn:mace:example.com:saml:cu">rev</educause>""")
ee.children.append(ce)
assert ee != None
print ee.__dict__
assert ee.attributes == {}
@@ -234,34 +247,35 @@ def test_ee_5():
assert ee.namespace == "urn:mace:example.com:saml:ns"
assert len(ee.children) == 1
assert ee.text.strip() == "bar"
c = ee.children[0]
print c.__dict__
child = ee.find_children(namespace="urn:mace:example.com:saml:cu")
assert len(child) == 1
child = ee.find_children(namespace="urn:mace:example.com:saml:ns")
assert len(child) == 0
child = ee.find_children("educause","urn:mace:example.com:saml:cu")
child = ee.find_children("educause", "urn:mace:example.com:saml:cu")
assert len(child) == 1
child = ee.find_children("edugain","urn:mace:example.com:saml:cu")
child = ee.find_children("edugain", "urn:mace:example.com:saml:cu")
assert len(child) == 0
print ee.to_string()
def test_ee_6():
ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?>
<foo xmlns="urn:mace:example.com:saml:ns">bar</foo>""")
ce = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?>
<educause xmlns="urn:mace:example.com:saml:cu">rev</educause>""")
et = ee.transfer_to_element_tree()
ce.become_child_element_of(et)
pee = saml2._extension_element_from_element_tree(et)
assert pee != None
print pee.__dict__
assert pee.attributes == {}
@@ -269,20 +283,20 @@ def test_ee_6():
assert pee.namespace == "urn:mace:example.com:saml:ns"
assert len(pee.children) == 1
assert pee.text.strip() == "bar"
c = pee.children[0]
print c.__dict__
child = pee.find_children(namespace="urn:mace:example.com:saml:cu")
assert len(child) == 1
child = pee.find_children(namespace="urn:mace:example.com:saml:ns")
assert len(child) == 0
child = pee.find_children("educause","urn:mace:example.com:saml:cu")
child = pee.find_children("educause", "urn:mace:example.com:saml:cu")
assert len(child) == 1
child = pee.find_children("edugain","urn:mace:example.com:saml:cu")
child = pee.find_children("edugain", "urn:mace:example.com:saml:cu")
assert len(child) == 0
print pee.to_string()
NAMEID_WITH_ATTRIBUTE_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
@@ -294,6 +308,7 @@ NAMEID_WITH_ATTRIBUTE_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
</NameID>
"""
def test_nameid_with_extension():
kl = create_class_from_xml_string(NameID, NAMEID_WITH_ATTRIBUTE_EXTENSION)
assert kl != None
@@ -301,13 +316,14 @@ def test_nameid_with_extension():
assert kl.format == "urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
assert kl.sp_provided_id == "sp provided id"
assert kl.text.strip() == "roland@example.com"
assert _eq(kl.keyswv(), ['sp_provided_id', 'format',
'extension_attributes', 'text'])
assert _eq(kl.keyswv(), ['sp_provided_id', 'format',
'extension_attributes', 'text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier',
'name_qualifier', 'format', 'text'])
assert _eq(kl.keys(), ['sp_provided_id', 'sp_name_qualifier',
'name_qualifier', 'format', 'text'])
assert kl.extension_attributes == {
'{urn:mace:example.com:saml:assertion}Foo': 'BAR'}
'{urn:mace:example.com:saml:assertion}Foo': 'BAR'}
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
<SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
@@ -325,9 +341,10 @@ Excellent
</local:Trustlevel>
</SubjectConfirmation>"""
def test_subject_confirmation_with_extension():
kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
assert kl != None
print kl.__dict__
assert kl.extension_attributes == {}
@@ -338,32 +355,34 @@ def test_subject_confirmation_with_extension():
assert name_id.name_qualifier == "http://authentic.example.com/saml/metadata"
assert name_id.text.strip() == "test@example.com"
subject_confirmation_data = kl.subject_confirmation_data
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient', 'in_response_to'])
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient',
'in_response_to'])
assert subject_confirmation_data.recipient == \
"http://auth.example.com/saml/proxySingleSignOnRedirect"
"http://auth.example.com/saml/proxySingleSignOnRedirect"
assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
assert subject_confirmation_data.in_response_to == \
"_59B3A01B03334032C31E434C63F89E3E"
"_59B3A01B03334032C31E434C63F89E3E"
assert len(kl.extension_elements) == 1
ee = kl.extension_elements[0]
assert ee.tag == "Trustlevel"
assert ee.namespace == "urn:mace:example.com:saml:assertion"
assert ee.text.strip() == "Excellent"
def test_to_fro_string_1():
kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
str = kl.to_string()
cpy = create_class_from_xml_string(SubjectConfirmation, str)
kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
txt = kl.to_string()
cpy = create_class_from_xml_string(SubjectConfirmation, txt)
print kl.__dict__
print cpy.__dict__
assert kl.text.strip() == cpy.text.strip()
assert kl.text.strip() == cpy.text.strip()
assert _eq(kl.keyswv(), cpy.keyswv())
assert len(kl.extension_elements) == len(cpy.extension_elements)
klee = kl.extension_elements[0]
klee = kl.extension_elements[0]
cpyee = cpy.extension_elements[0]
assert klee.text.strip() == cpyee.text.strip()
assert klee.tag == cpyee.tag
@@ -371,15 +390,17 @@ def test_to_fro_string_1():
def test_make_vals_str():
kl = make_vals("Jeter",md.GivenName, part=True)
kl = make_vals("Jeter", md.GivenName, part=True)
assert isinstance(kl, md.GivenName)
assert kl.text == "Jeter"
def test_make_vals_list_of_strs():
cp = md.ContactPerson()
make_vals(["Derek","Sanderson"], md.GivenName, cp, "given_name")
make_vals(["Derek", "Sanderson"], md.GivenName, cp, "given_name")
assert len(cp.given_name) == 2
assert _eq([i.text for i in cp.given_name],["Sanderson","Derek"])
assert _eq([i.text for i in cp.given_name], ["Sanderson", "Derek"])
def test_attribute_element_to_extension_element():
attr = create_class_from_xml_string(Attribute, saml2_data.TEST_ATTRIBUTE)
@@ -387,17 +408,18 @@ def test_attribute_element_to_extension_element():
print ee.__dict__
assert ee.tag == "Attribute"
assert ee.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion'
assert _eq(ee.attributes.keys(),['FriendlyName', 'Name', 'NameFormat'])
assert _eq(ee.attributes.keys(), ['FriendlyName', 'Name', 'NameFormat'])
assert ee.attributes["FriendlyName"] == 'test attribute'
assert ee.attributes["Name"] == "testAttribute"
assert ee.attributes["NameFormat"] == \
'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'
'urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified'
assert len(ee.children) == 2
for child in ee.children:
# children are also extension element instances
assert child.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion'
assert child.tag == "AttributeValue"
def test_ee_7():
ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?>
@@ -418,107 +440,113 @@ def test_ee_7():
assert len(ee.children) == 2
for child in ee.children:
assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert _eq(["AssertingEntity","RetrievalEndpoint"],
[c.tag for c in ee.children])
assert _eq(["AssertingEntity", "RetrievalEndpoint"],
[c.tag for c in ee.children])
aes = [c for c in ee.children if c.tag == "AssertingEntity"]
assert len(aes) == 1
assert len(aes[0].children) == 1
assert _eq(aes[0].attributes.keys(),[])
assert _eq(aes[0].attributes.keys(), [])
nid = aes[0].children[0]
assert nid.tag == "NameID"
assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert len(nid.children) == 0
assert _eq(nid.attributes.keys(),["Format"])
assert _eq(nid.attributes.keys(), ["Format"])
assert nid.text.strip() == "http://federationX.org"
def test_extension_element_loadd():
ava = {'attributes': {},
'tag': 'ExternalEntityAttributeAuthority',
'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
'children': [{
"tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [{
"tag":"NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "http://federationX.org",
"attributes":{
"Format":"urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
},
}]
}, {
"tag":"RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text":"https://federationX.org/?ID=a87s76a5765da76576a57as",
}],
}
ava = {'attributes': {},
'tag': 'ExternalEntityAttributeAuthority',
'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
'children': [{
"tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [{
"tag": "NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "http://federationX.org",
"attributes": {
"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
},
}]
}, {
"tag": "RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata"
":dynamicsaml",
"text": "https://federationX.org/?ID=a87s76a5765da76576a57as",
}],
}
ee = saml2.ExtensionElement(ava["tag"]).loadd(ava)
print ee.__dict__
assert len(ee.children) == 2
for child in ee.children:
assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert _eq(["AssertingEntity","RetrievalEndpoint"],
[c.tag for c in ee.children])
assert _eq(["AssertingEntity", "RetrievalEndpoint"],
[c.tag for c in ee.children])
aes = [c for c in ee.children if c.tag == "AssertingEntity"]
assert len(aes) == 1
assert len(aes[0].children) == 1
assert _eq(aes[0].attributes.keys(),[])
assert _eq(aes[0].attributes.keys(), [])
nid = aes[0].children[0]
assert nid.tag == "NameID"
assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert len(nid.children) == 0
assert _eq(nid.attributes.keys(),["Format"])
assert _eq(nid.attributes.keys(), ["Format"])
assert nid.text.strip() == "http://federationX.org"
def test_extensions_loadd():
ava = {"extension_elements":[{'attributes': {},
'tag': 'ExternalEntityAttributeAuthority',
'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
'children': [{
"tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [{
"tag":"NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "http://federationX.org",
"attributes":{
"Format":"urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
},
}]
}, {
"tag":"RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text":"https://federationX.org/?ID=a87s76a5765da76576a57as",
}],
}],
"extension_attributes": {
"foo":"bar",
}
}
ava = {"extension_elements": [
{
'attributes': {},
'tag': 'ExternalEntityAttributeAuthority',
'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
'children': [
{"tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [
{"tag": "NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "http://federationX.org",
"attributes": {
"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
},
}]
},
{
"tag": "RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "https://federationX.org/?ID=a87s76a5765da76576a57as",
}],
}],
"extension_attributes": {
"foo": "bar",
}
}
extension = saml2.SamlBase()
extension.loadd(ava)
print extension.__dict__
assert len(extension.extension_elements) == 1
ee = extension.extension_elements[0]
assert len(ee.children) == 2
for child in ee.children:
assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert _eq(["AssertingEntity","RetrievalEndpoint"],
[c.tag for c in ee.children])
assert _eq(["AssertingEntity", "RetrievalEndpoint"],
[c.tag for c in ee.children])
aes = [c for c in ee.children if c.tag == "AssertingEntity"]
assert len(aes) == 1
assert len(aes[0].children) == 1
assert _eq(aes[0].attributes.keys(),[])
assert _eq(aes[0].attributes.keys(), [])
nid = aes[0].children[0]
assert nid.tag == "NameID"
assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert len(nid.children) == 0
assert _eq(nid.attributes.keys(),["Format"])
assert _eq(nid.attributes.keys(), ["Format"])
assert nid.text.strip() == "http://federationX.org"
assert extension.extension_attributes.keys() == ["foo"]
assert extension.extension_attributes["foo"] == "bar"

20
tests/test_60_sp.py
View File

@@ -56,20 +56,24 @@ class TestSP():
ava = { "givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["derek@nyy.mlb.com"], "title":["The man"]}
resp_str = "%s" % self.server.create_authn_response(ava, "id1",
"http://lingon.catalogix.se:8087/",
"urn:mace:example.com:saml:roland:sp",
trans_name_policy,
"foba0001@example.com",
authn=AUTHN)
resp_str = "%s" % self.server.create_authn_response(
ava, "id1", "http://lingon.catalogix.se:8087/",
"urn:mace:example.com:saml:roland:sp", trans_name_policy,
"foba0001@example.com", authn=AUTHN)
resp_str = base64.encodestring(resp_str)
self.sp.outstanding_queries = {"id1":"http://www.example.com/service"}
session_info = self.sp._eval_authn_response({},{"SAMLResponse":resp_str})
session_info = self.sp._eval_authn_response({},
{"SAMLResponse": resp_str})
assert len(session_info) > 1
assert session_info["came_from"] == 'http://www.example.com/service'
assert session_info["ava"] == {'givenName': ['Derek'],
'mail': ['derek@nyy.mlb.com'],
'sn': ['Jeter'],
'title': ['The man']}
'title': ['The man']}
if __name__ == "__main__":
_sp = TestSP()
_sp.setup_class()
_sp.test_identify()