openstack/deb-python-pysaml2
Code Issues Proposed changes

Updated tests

Browse Source
This commit is contained in:
Roland Hedberg
2013-05-16 21:23:21 +02:00
parent b5622c228f
commit ba8f3be8da
8 changed files with 416 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
tests/idp_all_conf.py
View File

@@ -96,7 +96,8 @@ CONFIG = {
"display_name": [("Exempel ÄB", "se"), ("Example Co.", "en")], "display_name": [("Exempel ÄB", "se"), ("Example Co.", "en")],
"url": "http://www.example.com/roland", "url": "http://www.example.com/roland",
}, },
"contact_person": [{ "contact_person": [
{
"given_name": "John", "given_name": "John",
"sur_name": "Smith", "sur_name": "Smith",
"email_address": ["john.smith@example.com"], "email_address": ["john.smith@example.com"],

7
tests/idp_conf.py
View File

@@ -1,8 +1,11 @@
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST from saml2 import BINDING_SOAP
from saml2 import BINDING_HTTP_REDIRECT
from saml2 import BINDING_HTTP_POST
from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI from saml2.saml import NAME_FORMAT_URI
from pathutils import full_path from pathutils import full_path
from pathutils import xmlsec_path
BASE = "http://localhost:8088" BASE = "http://localhost:8088"
@@ -41,7 +44,7 @@ CONFIG = {
"debug": 1, "debug": 1,
"key_file": full_path("test.key"), "key_file": full_path("test.key"),
"cert_file": full_path("test.pem"), "cert_file": full_path("test.pem"),
"xmlsec_binary": None, "xmlsec_binary": xmlsec_path,
"metadata": { "metadata": {
"local": [full_path("metadata_sp_1.xml"), "local": [full_path("metadata_sp_1.xml"),
full_path("vo_metadata.xml")], full_path("vo_metadata.xml")],

10
tests/pathutils.py
View File

@@ -12,3 +12,13 @@ def dotname(module):
return 'tests.' + module return 'tests.' + module
else: else:
return module return module
try:
from saml2.sigver import get_xmlsec_binary
except ImportError:
get_xmlsec_binary = None
if get_xmlsec_binary:
xmlsec_path = get_xmlsec_binary(["/opt/local/bin"])
else:
xmlsec_path = '/usr/bin/xmlsec1'

3
tests/server_conf.py
View File

@@ -1,4 +1,5 @@
from pathutils import full_path from pathutils import full_path
from pathutils import xmlsec_path
CONFIG = { CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:sp", "entityid" : "urn:mace:example.com:saml:roland:sp",
@@ -19,7 +20,7 @@ CONFIG={
"key_file": full_path("test.key"), "key_file": full_path("test.key"),
"cert_file": full_path("test.pem"), "cert_file": full_path("test.pem"),
"ca_certs": full_path("cacerts.txt"), "ca_certs": full_path("cacerts.txt"),
"xmlsec_binary": None, "xmlsec_binary": xmlsec_path,
"metadata": { "metadata": {
"local": [full_path("idp.xml"), full_path("vo_metadata.xml")], "local": [full_path("idp.xml"), full_path("vo_metadata.xml")],
}, },

124
tests/test_02_saml.py
View File

@@ -76,13 +76,15 @@ class TestExtensionElement:
"text": "Just a line" "text": "Just a line"
}, },
{ {
"attributes": {"static":"attribute","dynamic":"orgname"}, "attributes": {"static": "attribute",
"dynamic": "orgname"},
"tag": "tag3", "tag": "tag3",
"namespace": "urn:mace:example.com", "namespace": "urn:mace:example.com",
"text": "Another line of text", "text": "Another line of text",
"children": [{ "children": [{
"tag": "subtag", "tag": "subtag",
"namespace": "urn:mace:example.org", "namespace": "urn:mace:example.org",
"text": "grandchild" "text": "grandchild"
}] }]
}, },
@@ -126,6 +128,7 @@ class TestExtensionElement:
c = ee.find_children() c = ee.find_children()
assert len(c) == 3 assert len(c) == 3
class TestExtensionContainer: class TestExtensionContainer:
def test_find_extensions(self): def test_find_extensions(self):
avas = [{ avas = [{
@@ -194,6 +197,7 @@ class TestExtensionContainer:
assert len(ec.extension_attributes) == 1 assert len(ec.extension_attributes) == 1
assert ec.extension_attributes.keys()[0] == "foo" assert ec.extension_attributes.keys()[0] == "foo"
class TestSAMLBase: class TestSAMLBase:
def test_make_vals_dict(self): def test_make_vals_dict(self):
ava = { ava = {
@@ -229,13 +233,13 @@ class TestSAMLBase:
def test_to_string_nspair(self): def test_to_string_nspair(self):
foo = saml2.make_vals("lions", AttributeValue, part=True) foo = saml2.make_vals("lions", AttributeValue, part=True)
str = foo.to_string() txt = foo.to_string()
nsstr = foo.to_string({"saml": saml.NAMESPACE}) nsstr = foo.to_string({"saml": saml.NAMESPACE})
assert nsstr != str assert nsstr != txt
print str print txt
print nsstr print nsstr
assert "saml:AttributeValue" in nsstr assert "saml:AttributeValue" in nsstr
assert "saml:AttributeValue" not in str assert "saml:AttributeValue" not in txt
def test_set_text(self): def test_set_text(self):
av = AttributeValue() av = AttributeValue()
@@ -260,8 +264,8 @@ class TestSAMLBase:
foo = saml2.make_vals(False, AttributeValue, part=True) foo = saml2.make_vals(False, AttributeValue, part=True)
assert foo.text == "false" assert foo.text == "false"
class TestNameID:
class TestNameID:
def setup_class(self): def setup_class(self):
self.name_id = saml.NameID() self.name_id = saml.NameID()
@@ -332,7 +336,6 @@ class TestNameID:
class TestIssuer: class TestIssuer:
def setup_class(self): def setup_class(self):
self.issuer = saml.Issuer() self.issuer = saml.Issuer()
@@ -357,7 +360,6 @@ class TestIssuer:
class TestSubjectLocality: class TestSubjectLocality:
def setup_class(self): def setup_class(self):
self.subject_locality = saml.SubjectLocality() self.subject_locality = saml.SubjectLocality()
@@ -388,7 +390,6 @@ class TestSubjectLocality:
class TestAuthnContextClassRef: class TestAuthnContextClassRef:
def setup_class(self): def setup_class(self):
self.authn_context_class_ref = saml.AuthnContextClassRef() self.authn_context_class_ref = saml.AuthnContextClassRef()
self.text = "http://www.example.com/authnContextClassRef" self.text = "http://www.example.com/authnContextClassRef"
@@ -411,7 +412,6 @@ class TestAuthnContextClassRef:
class TestAuthnContextDeclRef: class TestAuthnContextDeclRef:
def setup_class(self): def setup_class(self):
self.authn_context_decl_ref = saml.AuthnContextDeclRef() self.authn_context_decl_ref = saml.AuthnContextDeclRef()
self.ref = "http://www.example.com/authnContextDeclRef" self.ref = "http://www.example.com/authnContextDeclRef"
@@ -434,7 +434,6 @@ class TestAuthnContextDeclRef:
class TestAuthnContextDecl: class TestAuthnContextDecl:
def setup_class(self): def setup_class(self):
self.authn_context_decl = saml.AuthnContextDecl() self.authn_context_decl = saml.AuthnContextDecl()
self.text = "http://www.example.com/authnContextDecl" self.text = "http://www.example.com/authnContextDecl"
@@ -457,7 +456,6 @@ class TestAuthnContextDecl:
class TestAuthenticatingAuthority: class TestAuthenticatingAuthority:
def setup_class(self): def setup_class(self):
self.authenticating_authority = saml.AuthenticatingAuthority() self.authenticating_authority = saml.AuthenticatingAuthority()
self.text = "http://www.example.com/authenticatingAuthority" self.text = "http://www.example.com/authenticatingAuthority"
@@ -478,8 +476,8 @@ class TestAuthenticatingAuthority:
saml2_data.TEST_AUTHENTICATING_AUTHORITY) saml2_data.TEST_AUTHENTICATING_AUTHORITY)
assert authenticating_authority.text.strip() == self.text assert authenticating_authority.text.strip() == self.text
class TestAuthnContext:
class TestAuthnContext:
def setup_class(self): def setup_class(self):
self.authn_context = saml.AuthnContext() self.authn_context = saml.AuthnContext()
@@ -511,13 +509,13 @@ class TestAuthnContext:
def testUsingTestData(self): def testUsingTestData(self):
"""Test authn_context_from_string() using test data""" """Test authn_context_from_string() using test data"""
authn_context = saml.authn_context_from_string(saml2_data.TEST_AUTHN_CONTEXT) authn_context = saml.authn_context_from_string(
saml2_data.TEST_AUTHN_CONTEXT)
assert authn_context.authn_context_class_ref.text.strip() == \ assert authn_context.authn_context_class_ref.text.strip() == \
saml.AUTHN_PASSWORD saml.AUTHN_PASSWORD
class TestAuthnStatement: class TestAuthnStatement:
def setup_class(self): def setup_class(self):
self.authn_statem = saml.AuthnStatement() self.authn_statem = saml.AuthnStatement()
@@ -556,7 +554,8 @@ class TestAuthnStatement:
def testUsingTestData(self): def testUsingTestData(self):
"""Test authn_statement_from_string() using test data""" """Test authn_statement_from_string() using test data"""
authn_statem = saml.authn_statement_from_string(saml2_data.TEST_AUTHN_STATEMENT) authn_statem = saml.authn_statement_from_string(
saml2_data.TEST_AUTHN_STATEMENT)
assert authn_statem.authn_instant == "2007-08-31T01:05:02Z" assert authn_statem.authn_instant == "2007-08-31T01:05:02Z"
assert authn_statem.session_not_on_or_after == "2007-09-14T01:05:02Z" assert authn_statem.session_not_on_or_after == "2007-09-14T01:05:02Z"
assert authn_statem.authn_context.authn_context_class_ref.text.strip() == \ assert authn_statem.authn_context.authn_context_class_ref.text.strip() == \
@@ -564,7 +563,6 @@ class TestAuthnStatement:
class TestAttributeValue: class TestAttributeValue:
def setup_class(self): def setup_class(self):
self.attribute_value = saml.AttributeValue() self.attribute_value = saml.AttributeValue()
self.text = "value for test attribute" self.text = "value for test attribute"
@@ -584,6 +582,7 @@ class TestAttributeValue:
saml2_data.TEST_ATTRIBUTE_VALUE) saml2_data.TEST_ATTRIBUTE_VALUE)
assert attribute_value.text.strip() == self.text assert attribute_value.text.strip() == self.text
BASIC_STR_AV = """<?xml version="1.0" encoding="utf-8"?> BASIC_STR_AV = """<?xml version="1.0" encoding="utf-8"?>
<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -650,8 +649,8 @@ FriendlyName="pre_auth_req">
<AttributeValue xsi:type="xs:integer">1</AttributeValue> <AttributeValue xsi:type="xs:integer">1</AttributeValue>
</Attribute>""" </Attribute>"""
class TestAttribute:
class TestAttribute:
def setup_class(self): def setup_class(self):
self.attribute = saml.Attribute() self.attribute = saml.Attribute()
self.text = ["value of test attribute", self.text = ["value of test attribute",
@@ -714,8 +713,8 @@ class TestAttribute:
print attribute print attribute
assert attribute.attribute_value[0].text.lower() == "false" assert attribute.attribute_value[0].text.lower() == "false"
class TestAttributeStatement:
class TestAttributeStatement:
def setup_class(self): def setup_class(self):
self.attr_statem = saml.AttributeStatement() self.attr_statem = saml.AttributeStatement()
self.text = ["value of test attribute", self.text = ["value of test attribute",
@@ -731,56 +730,73 @@ class TestAttributeStatement:
self.attr_statem.attribute[0].name = "testAttribute" self.attr_statem.attribute[0].name = "testAttribute"
self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI
self.attr_statem.attribute[0].friendly_name = "test attribute" self.attr_statem.attribute[0].friendly_name = "test attribute"
self.attr_statem.attribute[0].attribute_value.append(saml.AttributeValue()) self.attr_statem.attribute[0].attribute_value.append(
saml.AttributeValue())
self.attr_statem.attribute[0].attribute_value[0].text = self.text[0] self.attr_statem.attribute[0].attribute_value[0].text = self.text[0]
self.attr_statem.attribute[1].name = "testAttribute2" self.attr_statem.attribute[1].name = "testAttribute2"
self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED
self.attr_statem.attribute[1].friendly_name = self.text[2] self.attr_statem.attribute[1].friendly_name = self.text[2]
self.attr_statem.attribute[1].attribute_value.append(saml.AttributeValue()) self.attr_statem.attribute[1].attribute_value.append(
saml.AttributeValue())
self.attr_statem.attribute[1].attribute_value[0].text = self.text[2] self.attr_statem.attribute[1].attribute_value[0].text = self.text[2]
new_as = saml.attribute_statement_from_string(self.attr_statem.to_string()) new_as = saml.attribute_statement_from_string(
self.attr_statem.to_string())
assert new_as.attribute[0].name == "testAttribute" assert new_as.attribute[0].name == "testAttribute"
assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI
assert new_as.attribute[0].friendly_name == "test attribute" assert new_as.attribute[0].friendly_name == "test attribute"
assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[0] assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[
0]
assert new_as.attribute[1].name == "testAttribute2" assert new_as.attribute[1].name == "testAttribute2"
assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert new_as.attribute[1].friendly_name == "value2 of test attribute" assert new_as.attribute[1].friendly_name == "value2 of test attribute"
assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[2] assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[
2]
def testUsingTestData(self): def testUsingTestData(self):
"""Test attribute_statement_from_string() using test data""" """Test attribute_statement_from_string() using test data"""
attr_statem = saml.attribute_statement_from_string( \ attr_statem = saml.attribute_statement_from_string( \
saml2_data.TEST_ATTRIBUTE_STATEMENT) saml2_data.TEST_ATTRIBUTE_STATEMENT)
assert attr_statem.attribute[0].name == "testAttribute" assert attr_statem.attribute[0].name == "testAttribute"
assert attr_statem.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED assert attr_statem.attribute[
0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem.attribute[0].friendly_name == "test attribute" assert attr_statem.attribute[0].friendly_name == "test attribute"
assert attr_statem.attribute[0].attribute_value[0].text.strip() == self.text[1] assert attr_statem.attribute[0].attribute_value[0].text.strip() == \
assert attr_statem.attribute[0].attribute_value[1].text.strip() == self.text[2] self.text[1]
assert attr_statem.attribute[1].name == "http://www.example.com/testAttribute2" assert attr_statem.attribute[0].attribute_value[1].text.strip() == \
self.text[2]
assert attr_statem.attribute[
1].name == "http://www.example.com/testAttribute2"
assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem.attribute[1].friendly_name == "test attribute2" assert attr_statem.attribute[1].friendly_name == "test attribute2"
assert attr_statem.attribute[1].attribute_value[0].text.strip() == self.text[3] assert attr_statem.attribute[1].attribute_value[0].text.strip() == \
assert attr_statem.attribute[1].attribute_value[1].text.strip() == self.text[4] self.text[3]
assert attr_statem.attribute[1].attribute_value[1].text.strip() == \
self.text[4]
# test again # test again
attr_statem2 = saml.attribute_statement_from_string(attr_statem.to_string()) attr_statem2 = saml.attribute_statement_from_string(
attr_statem.to_string())
assert attr_statem2.attribute[0].name == "testAttribute" assert attr_statem2.attribute[0].name == "testAttribute"
assert attr_statem2.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED assert attr_statem2.attribute[
0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem2.attribute[0].friendly_name == "test attribute" assert attr_statem2.attribute[0].friendly_name == "test attribute"
assert attr_statem2.attribute[0].attribute_value[0].text.strip() == self.text[1] assert attr_statem2.attribute[0].attribute_value[0].text.strip() == \
assert attr_statem2.attribute[0].attribute_value[1].text.strip() == self.text[2] self.text[1]
assert attr_statem2.attribute[1].name == "http://www.example.com/testAttribute2" assert attr_statem2.attribute[0].attribute_value[1].text.strip() == \
self.text[2]
assert attr_statem2.attribute[
1].name == "http://www.example.com/testAttribute2"
assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem2.attribute[1].friendly_name == "test attribute2" assert attr_statem2.attribute[1].friendly_name == "test attribute2"
assert attr_statem2.attribute[1].attribute_value[0].text.strip() == self.text[3] assert attr_statem2.attribute[1].attribute_value[0].text.strip() == \
assert attr_statem2.attribute[1].attribute_value[1].text.strip() == self.text[4] self.text[3]
assert attr_statem2.attribute[1].attribute_value[1].text.strip() == \
self.text[4]
class TestSubjectConfirmationData: class TestSubjectConfirmationData:
def setup_class(self): def setup_class(self):
self.scd = saml.SubjectConfirmationData() self.scd = saml.SubjectConfirmationData()
@@ -792,7 +808,8 @@ class TestSubjectConfirmationData:
self.scd.recipient = "recipient" self.scd.recipient = "recipient"
self.scd.in_response_to = "responseID" self.scd.in_response_to = "responseID"
self.scd.address = "127.0.0.1" self.scd.address = "127.0.0.1"
new_scd = saml.subject_confirmation_data_from_string(self.scd.to_string()) new_scd = saml.subject_confirmation_data_from_string(
self.scd.to_string())
assert new_scd.not_before == "2007-08-31T01:05:02Z" assert new_scd.not_before == "2007-08-31T01:05:02Z"
assert new_scd.not_on_or_after == "2007-09-14T01:05:02Z" assert new_scd.not_on_or_after == "2007-09-14T01:05:02Z"
assert new_scd.recipient == "recipient" assert new_scd.recipient == "recipient"
@@ -812,7 +829,6 @@ class TestSubjectConfirmationData:
class TestSubjectConfirmation: class TestSubjectConfirmation:
def setup_class(self): def setup_class(self):
self.sc = saml.SubjectConfirmation() self.sc = saml.SubjectConfirmation()
@@ -848,7 +864,6 @@ class TestSubjectConfirmation:
class TestSubject: class TestSubject:
def setup_class(self): def setup_class(self):
self.subject = saml.Subject() self.subject = saml.Subject()
@@ -877,7 +892,6 @@ class TestSubject:
class TestCondition: class TestCondition:
def setup_class(self): def setup_class(self):
self.condition = saml.Condition() self.condition = saml.Condition()
self.name = "{%s}type" % saml.XSI_NAMESPACE self.name = "{%s}type" % saml.XSI_NAMESPACE
@@ -888,7 +902,8 @@ class TestCondition:
self.condition.extension_attributes['ExtendedAttribute'] = "value" self.condition.extension_attributes['ExtendedAttribute'] = "value"
new_condition = saml.condition_from_string(self.condition.to_string()) new_condition = saml.condition_from_string(self.condition.to_string())
assert new_condition.extension_attributes[self.name] == "test" assert new_condition.extension_attributes[self.name] == "test"
assert new_condition.extension_attributes["ExtendedAttribute"] == "value" assert new_condition.extension_attributes[
"ExtendedAttribute"] == "value"
def testUsingTestData(self): def testUsingTestData(self):
"""Test for condition_from_string() using test data.""" """Test for condition_from_string() using test data."""
@@ -898,7 +913,6 @@ class TestCondition:
class TestAudience: class TestAudience:
def setup_class(self): def setup_class(self):
self.audience = saml.Audience() self.audience = saml.Audience()
@@ -940,7 +954,6 @@ class TestAudienceRestriction:
class TestOneTimeUse: class TestOneTimeUse:
def setup_class(self): def setup_class(self):
self.one_time_use = saml.OneTimeUse() self.one_time_use = saml.OneTimeUse()
@@ -951,13 +964,13 @@ class TestOneTimeUse:
def testUsingTestData(self): def testUsingTestData(self):
"""Test one_time_use_from_string() using test data""" """Test one_time_use_from_string() using test data"""
one_time_use = saml.one_time_use_from_string(saml2_data.TEST_ONE_TIME_USE) one_time_use = saml.one_time_use_from_string(
saml2_data.TEST_ONE_TIME_USE)
assert isinstance(one_time_use, saml.OneTimeUse) assert isinstance(one_time_use, saml.OneTimeUse)
assert isinstance(one_time_use, saml.ConditionAbstractType_) assert isinstance(one_time_use, saml.ConditionAbstractType_)
class TestProxyRestriction: class TestProxyRestriction:
def setup_class(self): def setup_class(self):
self.proxy_restriction = saml.ProxyRestriction() self.proxy_restriction = saml.ProxyRestriction()
@@ -983,8 +996,8 @@ class TestProxyRestriction:
assert proxy_restriction.audience[0].text.strip() == \ assert proxy_restriction.audience[0].text.strip() == \
"http://www.example.com/Audience" "http://www.example.com/Audience"
class TestConditions:
class TestConditions:
def setup_class(self): def setup_class(self):
self.conditions = saml.Conditions() self.conditions = saml.Conditions()
@@ -996,7 +1009,8 @@ class TestConditions:
self.conditions.audience_restriction.append(saml.AudienceRestriction()) self.conditions.audience_restriction.append(saml.AudienceRestriction())
self.conditions.one_time_use.append(saml.OneTimeUse()) self.conditions.one_time_use.append(saml.OneTimeUse())
self.conditions.proxy_restriction.append(saml.ProxyRestriction()) self.conditions.proxy_restriction.append(saml.ProxyRestriction())
new_conditions = saml.conditions_from_string(self.conditions.to_string()) new_conditions = saml.conditions_from_string(
self.conditions.to_string())
assert new_conditions.not_before == "2007-08-31T01:05:02Z" assert new_conditions.not_before == "2007-08-31T01:05:02Z"
assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z" assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z"
assert isinstance(new_conditions.condition[0], saml.Condition) assert isinstance(new_conditions.condition[0], saml.Condition)
@@ -1020,8 +1034,8 @@ class TestConditions:
assert isinstance(new_conditions.proxy_restriction[0], assert isinstance(new_conditions.proxy_restriction[0],
saml.ProxyRestriction) saml.ProxyRestriction)
class TestAssertionIDRef:
class TestAssertionIDRef:
def setup_class(self): def setup_class(self):
self.assertion_id_ref = saml.AssertionIDRef() self.assertion_id_ref = saml.AssertionIDRef()
@@ -1042,7 +1056,6 @@ class TestAssertionIDRef:
class TestAssertionURIRef: class TestAssertionURIRef:
def setup_class(self): def setup_class(self):
self.assertion_uri_ref = saml.AssertionURIRef() self.assertion_uri_ref = saml.AssertionURIRef()
@@ -1063,7 +1076,6 @@ class TestAssertionURIRef:
class TestAction: class TestAction:
def setup_class(self): def setup_class(self):
self.action = saml.Action() self.action = saml.Action()
@@ -1080,7 +1092,6 @@ class TestAction:
class TestEvidence: class TestEvidence:
def setup_class(self): def setup_class(self):
self.evidence = saml.Evidence() self.evidence = saml.Evidence()
@@ -1110,7 +1121,6 @@ class TestEvidence:
class TestAuthzDecisionStatement: class TestAuthzDecisionStatement:
def setup_class(self): def setup_class(self):
self.authz_decision_statement = saml.AuthzDecisionStatement() self.authz_decision_statement = saml.AuthzDecisionStatement()
@@ -1139,8 +1149,8 @@ class TestAuthzDecisionStatement:
# TODO: # TODO:
pass pass
class TestAdvice:
class TestAdvice:
def setup_class(self): def setup_class(self):
self.advice = saml.Advice() self.advice = saml.Advice()
@@ -1167,7 +1177,6 @@ class TestAdvice:
class TestAssertion: class TestAssertion:
def setup_class(self): def setup_class(self):
self.assertion = saml.Assertion() self.assertion = saml.Assertion()
@@ -1179,7 +1188,8 @@ class TestAssertion:
self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER) self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER)
self.assertion.signature = ds.signature_from_string( self.assertion.signature = ds.signature_from_string(
ds_data.TEST_SIGNATURE) ds_data.TEST_SIGNATURE)
self.assertion.subject = saml.subject_from_string(saml2_data.TEST_SUBJECT) self.assertion.subject = saml.subject_from_string(
saml2_data.TEST_SUBJECT)
self.assertion.conditions = saml.conditions_from_string( self.assertion.conditions = saml.conditions_from_string(
saml2_data.TEST_CONDITIONS) saml2_data.TEST_CONDITIONS)
self.assertion.advice = saml.Advice() self.assertion.advice = saml.Advice()

70
tests/test_03_saml2.py
View File

@@ -72,6 +72,7 @@ InResponseTo="_59B3A01B03334032C31E434C63F89E3E"/></SubjectConfirmation>"""
def _eq(l1, l2): def _eq(l1, l2):
return set(l1) == set(l2) return set(l1) == set(l2)
def test_create_class_from_xml_string_nameid(): def test_create_class_from_xml_string_nameid():
kl = create_class_from_xml_string(NameID, ITEMS[NameID][0]) kl = create_class_from_xml_string(NameID, ITEMS[NameID][0])
assert kl != None assert kl != None
@@ -101,6 +102,7 @@ def test_create_class_from_xml_string_nameid():
'text']) 'text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID" assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
def test_create_class_from_xml_string_issuer(): def test_create_class_from_xml_string_issuer():
kl = create_class_from_xml_string(Issuer, ITEMS[Issuer]) kl = create_class_from_xml_string(Issuer, ITEMS[Issuer])
assert kl != None assert kl != None
@@ -108,13 +110,16 @@ def test_create_class_from_xml_string_issuer():
assert _eq(kl.keyswv(), ['text']) assert _eq(kl.keyswv(), ['text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:Issuer" assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:Issuer"
def test_create_class_from_xml_string_subject_locality(): def test_create_class_from_xml_string_subject_locality():
kl = create_class_from_xml_string(SubjectLocality, ITEMS[SubjectLocality]) kl = create_class_from_xml_string(SubjectLocality, ITEMS[SubjectLocality])
assert kl != None assert kl != None
assert _eq(kl.keyswv(), ['address', "dns_name"]) assert _eq(kl.keyswv(), ['address', "dns_name"])
assert kl.address == "127.0.0.1" assert kl.address == "127.0.0.1"
assert kl.dns_name == "localhost" assert kl.dns_name == "localhost"
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality" assert class_name(
kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality"
def test_create_class_from_xml_string_subject_confirmation_data(): def test_create_class_from_xml_string_subject_confirmation_data():
kl = create_class_from_xml_string(SubjectConfirmationData, kl = create_class_from_xml_string(SubjectConfirmationData,
@@ -129,6 +134,7 @@ def test_create_class_from_xml_string_subject_confirmation_data():
assert class_name(kl) == \ assert class_name(kl) == \
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData" "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData"
def test_create_class_from_xml_string_subject_confirmation(): def test_create_class_from_xml_string_subject_confirmation():
kl = create_class_from_xml_string(SubjectConfirmation, kl = create_class_from_xml_string(SubjectConfirmation,
ITEMS[SubjectConfirmation]) ITEMS[SubjectConfirmation])
@@ -143,7 +149,8 @@ def test_create_class_from_xml_string_subject_confirmation():
assert name_id.text.strip() == "test@example.com" assert name_id.text.strip() == "test@example.com"
subject_confirmation_data = kl.subject_confirmation_data subject_confirmation_data = kl.subject_confirmation_data
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after', assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient', 'in_response_to']) 'recipient',
'in_response_to'])
assert subject_confirmation_data.recipient == \ assert subject_confirmation_data.recipient == \
"http://auth.example.com/saml/proxySingleSignOnRedirect" "http://auth.example.com/saml/proxySingleSignOnRedirect"
assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z" assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
@@ -152,11 +159,13 @@ def test_create_class_from_xml_string_subject_confirmation():
assert class_name(kl) == \ assert class_name(kl) == \
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation" "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation"
def test_create_class_from_xml_string_wrong_class_spec(): def test_create_class_from_xml_string_wrong_class_spec():
kl = create_class_from_xml_string(SubjectConfirmationData, kl = create_class_from_xml_string(SubjectConfirmationData,
ITEMS[SubjectConfirmation]) ITEMS[SubjectConfirmation])
assert kl == None assert kl == None
def test_ee_1(): def test_ee_1():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?><foo>bar</foo>""") """<?xml version='1.0' encoding='UTF-8'?><foo>bar</foo>""")
@@ -168,6 +177,7 @@ def test_ee_1():
assert ee.children == [] assert ee.children == []
assert ee.text == "bar" assert ee.text == "bar"
def test_ee_2(): def test_ee_2():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?><foo id="xyz">bar</foo>""") """<?xml version='1.0' encoding='UTF-8'?><foo id="xyz">bar</foo>""")
@@ -179,6 +189,7 @@ def test_ee_2():
assert ee.children == [] assert ee.children == []
assert ee.text == "bar" assert ee.text == "bar"
def test_ee_3(): def test_ee_3():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -192,6 +203,7 @@ def test_ee_3():
assert ee.children == [] assert ee.children == []
assert ee.text == "bar" assert ee.text == "bar"
def test_ee_4(): def test_ee_4():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -204,17 +216,18 @@ def test_ee_4():
assert ee.namespace == "urn:mace:example.com:saml:ns" assert ee.namespace == "urn:mace:example.com:saml:ns"
assert len(ee.children) == 2 assert len(ee.children) == 2
assert ee.text.strip() == "" assert ee.text.strip() == ""
id = ee.find_children("id", "urn:mace:example.com:saml:namespace") cid = ee.find_children("id", "urn:mace:example.com:saml:namespace")
assert id == [] assert cid == []
ids = ee.find_children("id", "urn:mace:example.com:saml:ns") ids = ee.find_children("id", "urn:mace:example.com:saml:ns")
assert ids != [] assert ids != []
id = ids[0] cid = ids[0]
print id.__dict__ print cid.__dict__
assert id.attributes == {} assert cid.attributes == {}
assert id.tag == "id" assert cid.tag == "id"
assert id.namespace == "urn:mace:example.com:saml:ns" assert cid.namespace == "urn:mace:example.com:saml:ns"
assert id.children == [] assert cid.children == []
assert id.text.strip() == "xyz" assert cid.text.strip() == "xyz"
def test_ee_5(): def test_ee_5():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
@@ -248,6 +261,7 @@ def test_ee_5():
assert len(child) == 0 assert len(child) == 0
print ee.to_string() print ee.to_string()
def test_ee_6(): def test_ee_6():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -294,6 +308,7 @@ NAMEID_WITH_ATTRIBUTE_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
</NameID> </NameID>
""" """
def test_nameid_with_extension(): def test_nameid_with_extension():
kl = create_class_from_xml_string(NameID, NAMEID_WITH_ATTRIBUTE_EXTENSION) kl = create_class_from_xml_string(NameID, NAMEID_WITH_ATTRIBUTE_EXTENSION)
assert kl != None assert kl != None
@@ -309,6 +324,7 @@ def test_nameid_with_extension():
assert kl.extension_attributes == { assert kl.extension_attributes == {
'{urn:mace:example.com:saml:assertion}Foo': 'BAR'} '{urn:mace:example.com:saml:assertion}Foo': 'BAR'}
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION = """<?xml version="1.0" encoding="utf-8"?> SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
<SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion" <SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
@@ -325,6 +341,7 @@ Excellent
</local:Trustlevel> </local:Trustlevel>
</SubjectConfirmation>""" </SubjectConfirmation>"""
def test_subject_confirmation_with_extension(): def test_subject_confirmation_with_extension():
kl = create_class_from_xml_string(SubjectConfirmation, kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
@@ -339,7 +356,8 @@ def test_subject_confirmation_with_extension():
assert name_id.text.strip() == "test@example.com" assert name_id.text.strip() == "test@example.com"
subject_confirmation_data = kl.subject_confirmation_data subject_confirmation_data = kl.subject_confirmation_data
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after', assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient', 'in_response_to']) 'recipient',
'in_response_to'])
assert subject_confirmation_data.recipient == \ assert subject_confirmation_data.recipient == \
"http://auth.example.com/saml/proxySingleSignOnRedirect" "http://auth.example.com/saml/proxySingleSignOnRedirect"
assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z" assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
@@ -351,11 +369,12 @@ def test_subject_confirmation_with_extension():
assert ee.namespace == "urn:mace:example.com:saml:assertion" assert ee.namespace == "urn:mace:example.com:saml:assertion"
assert ee.text.strip() == "Excellent" assert ee.text.strip() == "Excellent"
def test_to_fro_string_1(): def test_to_fro_string_1():
kl = create_class_from_xml_string(SubjectConfirmation, kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
str = kl.to_string() txt = kl.to_string()
cpy = create_class_from_xml_string(SubjectConfirmation, str) cpy = create_class_from_xml_string(SubjectConfirmation, txt)
print kl.__dict__ print kl.__dict__
print cpy.__dict__ print cpy.__dict__
@@ -375,12 +394,14 @@ def test_make_vals_str():
assert isinstance(kl, md.GivenName) assert isinstance(kl, md.GivenName)
assert kl.text == "Jeter" assert kl.text == "Jeter"
def test_make_vals_list_of_strs(): def test_make_vals_list_of_strs():
cp = md.ContactPerson() cp = md.ContactPerson()
make_vals(["Derek", "Sanderson"], md.GivenName, cp, "given_name") make_vals(["Derek", "Sanderson"], md.GivenName, cp, "given_name")
assert len(cp.given_name) == 2 assert len(cp.given_name) == 2
assert _eq([i.text for i in cp.given_name], ["Sanderson", "Derek"]) assert _eq([i.text for i in cp.given_name], ["Sanderson", "Derek"])
def test_attribute_element_to_extension_element(): def test_attribute_element_to_extension_element():
attr = create_class_from_xml_string(Attribute, saml2_data.TEST_ATTRIBUTE) attr = create_class_from_xml_string(Attribute, saml2_data.TEST_ATTRIBUTE)
ee = saml2.element_to_extension_element(attr) ee = saml2.element_to_extension_element(attr)
@@ -398,6 +419,7 @@ def test_attribute_element_to_extension_element():
assert child.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion' assert child.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion'
assert child.tag == "AttributeValue" assert child.tag == "AttributeValue"
def test_ee_7(): def test_ee_7():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -439,6 +461,7 @@ def test_extension_element_loadd():
'children': [{ 'children': [{
"tag": "AssertingEntity", "tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [{ "children": [{
"tag": "NameID", "tag": "NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
@@ -449,7 +472,8 @@ def test_extension_element_loadd():
}] }]
}, { }, {
"tag": "RetrievalEndpoint", "tag": "RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata"
":dynamicsaml",
"text": "https://federationX.org/?ID=a87s76a5765da76576a57as", "text": "https://federationX.org/?ID=a87s76a5765da76576a57as",
}], }],
} }
@@ -472,22 +496,26 @@ def test_extension_element_loadd():
assert _eq(nid.attributes.keys(), ["Format"]) assert _eq(nid.attributes.keys(), ["Format"])
assert nid.text.strip() == "http://federationX.org" assert nid.text.strip() == "http://federationX.org"
def test_extensions_loadd(): def test_extensions_loadd():
ava = {"extension_elements":[{'attributes': {}, ava = {"extension_elements": [
{
'attributes': {},
'tag': 'ExternalEntityAttributeAuthority', 'tag': 'ExternalEntityAttributeAuthority',
'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml', 'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
'children': [{ 'children': [
"tag": "AssertingEntity", {"tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [{ "children": [
"tag":"NameID", {"tag": "NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "http://federationX.org", "text": "http://federationX.org",
"attributes": { "attributes": {
"Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity" "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
}, },
}] }]
}, { },
{
"tag": "RetrievalEndpoint", "tag": "RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "https://federationX.org/?ID=a87s76a5765da76576a57as", "text": "https://federationX.org/?ID=a87s76a5765da76576a57as",

18
tests/test_60_sp.py
View File

@@ -56,16 +56,15 @@ class TestSP():
ava = { "givenName": ["Derek"], "surName": ["Jeter"], ava = { "givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["derek@nyy.mlb.com"], "title":["The man"]} "mail": ["derek@nyy.mlb.com"], "title":["The man"]}
resp_str = "%s" % self.server.create_authn_response(ava, "id1", resp_str = "%s" % self.server.create_authn_response(
"http://lingon.catalogix.se:8087/", ava, "id1", "http://lingon.catalogix.se:8087/",
"urn:mace:example.com:saml:roland:sp", "urn:mace:example.com:saml:roland:sp", trans_name_policy,
trans_name_policy, "foba0001@example.com", authn=AUTHN)
"foba0001@example.com",
authn=AUTHN)
resp_str = base64.encodestring(resp_str) resp_str = base64.encodestring(resp_str)
self.sp.outstanding_queries = {"id1":"http://www.example.com/service"} self.sp.outstanding_queries = {"id1":"http://www.example.com/service"}
session_info = self.sp._eval_authn_response({},{"SAMLResponse":resp_str}) session_info = self.sp._eval_authn_response({},
{"SAMLResponse": resp_str})
assert len(session_info) > 1 assert len(session_info) > 1
assert session_info["came_from"] == 'http://www.example.com/service' assert session_info["came_from"] == 'http://www.example.com/service'
@@ -73,3 +72,8 @@ class TestSP():
'mail': ['derek@nyy.mlb.com'], 'mail': ['derek@nyy.mlb.com'],
'sn': ['Jeter'], 'sn': ['Jeter'],
'title': ['The man']} 'title': ['The man']}
if __name__ == "__main__":
_sp = TestSP()
_sp.setup_class()
_sp.test_identify()