openstack/deb-python-pysaml2
Code Issues Proposed changes

Updated tests

Browse Source
This commit is contained in:
Roland Hedberg
2013-05-16 21:23:21 +02:00
parent b5622c228f
commit ba8f3be8da
8 changed files with 416 additions and 359 deletions
Download Patch File Download Diff File Expand all files Collapse all files

41
tests/idp_all_conf.py
View File

@@ -12,11 +12,11 @@ from pathutils import full_path
BASE = "http://localhost:8088" BASE = "http://localhost:8088"
CONFIG = { CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:idp", "entityid": "urn:mace:example.com:saml:roland:idp",
"name" : "Rolands IdP", "name": "Rolands IdP",
"service": { "service": {
"aa": { "aa": {
"endpoints" : { "endpoints": {
"attribute_service": [ "attribute_service": [
("%s/aap" % BASE, BINDING_HTTP_POST), ("%s/aap" % BASE, BINDING_HTTP_POST),
("%s/aas" % BASE, BINDING_SOAP) ("%s/aas" % BASE, BINDING_SOAP)
@@ -24,15 +24,15 @@ CONFIG = {
}, },
}, },
"aq": { "aq": {
"endpoints" : { "endpoints": {
"authn_query_service": [ "authn_query_service": [
("%s/aqs" % BASE, BINDING_SOAP) ("%s/aqs" % BASE, BINDING_SOAP)
] ]
}, },
}, },
"idp": { "idp": {
"endpoints" : { "endpoints": {
"single_sign_on_service" : [ "single_sign_on_service": [
("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT), ("%s/sso/redirect" % BASE, BINDING_HTTP_REDIRECT),
("%s/sso/post" % BASE, BINDING_HTTP_POST), ("%s/sso/post" % BASE, BINDING_HTTP_POST),
("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT), ("%s/sso/art" % BASE, BINDING_HTTP_ARTIFACT),
@@ -42,7 +42,7 @@ CONFIG = {
("%s/slo/soap" % BASE, BINDING_SOAP), ("%s/slo/soap" % BASE, BINDING_SOAP),
("%s/slo/post" % BASE, BINDING_HTTP_POST) ("%s/slo/post" % BASE, BINDING_HTTP_POST)
], ],
"artifact_resolution_service":[ "artifact_resolution_service": [
("%s/ars" % BASE, BINDING_SOAP) ("%s/ars" % BASE, BINDING_SOAP)
], ],
"assertion_id_request_service": [ "assertion_id_request_service": [
@@ -51,13 +51,13 @@ CONFIG = {
"authn_query_service": [ "authn_query_service": [
("%s/aqs" % BASE, BINDING_SOAP) ("%s/aqs" % BASE, BINDING_SOAP)
], ],
"manage_name_id_service":[ "manage_name_id_service": [
("%s/mni/soap" % BASE, BINDING_SOAP), ("%s/mni/soap" % BASE, BINDING_SOAP),
("%s/mni/post" % BASE, BINDING_HTTP_POST), ("%s/mni/post" % BASE, BINDING_HTTP_POST),
("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT), ("%s/mni/redirect" % BASE, BINDING_HTTP_REDIRECT),
("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT) ("%s/mni/art" % BASE, BINDING_HTTP_ARTIFACT)
], ],
"name_id_mapping_service":[ "name_id_mapping_service": [
("%s/nim/soap" % BASE, BINDING_SOAP), ("%s/nim/soap" % BASE, BINDING_SOAP),
("%s/nim/post" % BASE, BINDING_HTTP_POST), ("%s/nim/post" % BASE, BINDING_HTTP_POST),
("%s/nim/redirect" % BASE, BINDING_HTTP_REDIRECT), ("%s/nim/redirect" % BASE, BINDING_HTTP_REDIRECT),
@@ -66,7 +66,7 @@ CONFIG = {
}, },
"policy": { "policy": {
"default": { "default": {
"lifetime": {"minutes":15}, "lifetime": {"minutes": 15},
"attribute_restrictions": None, # means all I have "attribute_restrictions": None, # means all I have
"name_form": NAME_FORMAT_URI, "name_form": NAME_FORMAT_URI,
}, },
@@ -82,25 +82,26 @@ CONFIG = {
#"subject_data": ("mongodb", "foo"), #"subject_data": ("mongodb", "foo"),
}, },
}, },
"debug" : 1, "debug": 1,
"key_file" : full_path("test.key"), "key_file": full_path("test.key"),
"cert_file" : full_path("test.pem"), "cert_file": full_path("test.pem"),
"xmlsec_binary" : None, "xmlsec_binary": None,
"metadata": { "metadata": {
"local": [full_path("servera.xml"), "local": [full_path("servera.xml"),
full_path("vo_metadata.xml")], full_path("vo_metadata.xml")],
}, },
"attribute_map_dir" : full_path("attributemaps"), "attribute_map_dir": full_path("attributemaps"),
"organization": { "organization": {
"name": "Exempel AB", "name": "Exempel AB",
"display_name": [("Exempel ÄB","se"),("Example Co.","en")], "display_name": [("Exempel ÄB", "se"), ("Example Co.", "en")],
"url":"http://www.example.com/roland", "url": "http://www.example.com/roland",
}, },
"contact_person": [{ "contact_person": [
"given_name":"John", {
"given_name": "John",
"sur_name": "Smith", "sur_name": "Smith",
"email_address": ["john.smith@example.com"], "email_address": ["john.smith@example.com"],
"contact_type": "technical", "contact_type": "technical",
}, },
], ],
} }

7
tests/idp_conf.py
View File

@@ -1,8 +1,11 @@
from saml2 import BINDING_SOAP, BINDING_HTTP_REDIRECT, BINDING_HTTP_POST from saml2 import BINDING_SOAP
from saml2 import BINDING_HTTP_REDIRECT
from saml2 import BINDING_HTTP_POST
from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.saml import NAMEID_FORMAT_PERSISTENT
from saml2.saml import NAME_FORMAT_URI from saml2.saml import NAME_FORMAT_URI
from pathutils import full_path from pathutils import full_path
from pathutils import xmlsec_path
BASE = "http://localhost:8088" BASE = "http://localhost:8088"
@@ -41,7 +44,7 @@ CONFIG = {
"debug": 1, "debug": 1,
"key_file": full_path("test.key"), "key_file": full_path("test.key"),
"cert_file": full_path("test.pem"), "cert_file": full_path("test.pem"),
"xmlsec_binary": None, "xmlsec_binary": xmlsec_path,
"metadata": { "metadata": {
"local": [full_path("metadata_sp_1.xml"), "local": [full_path("metadata_sp_1.xml"),
full_path("vo_metadata.xml")], full_path("vo_metadata.xml")],

10
tests/pathutils.py
View File

@@ -12,3 +12,13 @@ def dotname(module):
return 'tests.' + module return 'tests.' + module
else: else:
return module return module
try:
from saml2.sigver import get_xmlsec_binary
except ImportError:
get_xmlsec_binary = None
if get_xmlsec_binary:
xmlsec_path = get_xmlsec_binary(["/opt/local/bin"])
else:
xmlsec_path = '/usr/bin/xmlsec1'

5
tests/server_conf.py
View File

@@ -1,6 +1,7 @@
from pathutils import full_path from pathutils import full_path
from pathutils import xmlsec_path
CONFIG={ CONFIG = {
"entityid" : "urn:mace:example.com:saml:roland:sp", "entityid" : "urn:mace:example.com:saml:roland:sp",
"name" : "urn:mace:example.com:saml:roland:sp", "name" : "urn:mace:example.com:saml:roland:sp",
"description": "My own SP", "description": "My own SP",
@@ -19,7 +20,7 @@ CONFIG={
"key_file": full_path("test.key"), "key_file": full_path("test.key"),
"cert_file": full_path("test.pem"), "cert_file": full_path("test.pem"),
"ca_certs": full_path("cacerts.txt"), "ca_certs": full_path("cacerts.txt"),
"xmlsec_binary": None, "xmlsec_binary": xmlsec_path,
"metadata": { "metadata": {
"local": [full_path("idp.xml"), full_path("vo_metadata.xml")], "local": [full_path("idp.xml"), full_path("vo_metadata.xml")],
}, },

2
tests/servera_conf.py
View File

@@ -49,7 +49,7 @@ CONFIG = {
"key_file": full_path("test.key"), "key_file": full_path("test.key"),
"cert_file": full_path("test.pem"), "cert_file": full_path("test.pem"),
"ca_certs": full_path("cacerts.txt"), "ca_certs": full_path("cacerts.txt"),
"xmlsec_binary" : None, "xmlsec_binary": None,
"metadata": { "metadata": {
"local": [full_path("idp_all.xml"), full_path("vo_metadata.xml")], "local": [full_path("idp_all.xml"), full_path("vo_metadata.xml")],
}, },

142
tests/test_02_saml.py
View File

@@ -42,7 +42,7 @@ from saml2.saml import NAMEID_FORMAT_EMAILADDRESS
class TestExtensionElement: class TestExtensionElement:
def test_loadd(self): def test_loadd(self):
ava = { ava = {
"attributes": {"attr":"loa", "info":"source"}, "attributes": {"attr": "loa", "info": "source"},
"tag": "tag", "tag": "tag",
"namespace": "urn:mace:example.com", "namespace": "urn:mace:example.com",
"text": "free text" "text": "free text"
@@ -65,29 +65,31 @@ class TestExtensionElement:
def test_find_children(self): def test_find_children(self):
ava = { ava = {
"attributes": {"attr":"loa", "info":"source"}, "attributes": {"attr": "loa", "info": "source"},
"tag": "tag", "tag": "tag",
"namespace": "urn:mace:example.com", "namespace": "urn:mace:example.com",
"text": "free text", "text": "free text",
"children": [{ "children": [{
"attributes": {"foo":"bar","special":"app"}, "attributes": {"foo": "bar", "special": "app"},
"tag": "tag2", "tag": "tag2",
"namespace": "urn:mace:example.com", "namespace": "urn:mace:example.com",
"text": "Just a line" "text": "Just a line"
}, },
{ {
"attributes": {"static":"attribute","dynamic":"orgname"}, "attributes": {"static": "attribute",
"dynamic": "orgname"},
"tag": "tag3", "tag": "tag3",
"namespace": "urn:mace:example.com", "namespace": "urn:mace:example.com",
"text": "Another line of text", "text": "Another line of text",
"children": [{ "children": [{
"tag": "subtag", "tag": "subtag",
"namespace": "urn:mace:example.org", "namespace": "urn:mace:example.org",
"text": "grandchild" "text": "grandchild"
}] }]
}, },
{ {
"attributes": {"entitlement":"xyz"}, "attributes": {"entitlement": "xyz"},
"tag": "tag4", "tag": "tag4",
"namespace": "urn:mace:example.org", "namespace": "urn:mace:example.org",
"text": "A comment" "text": "A comment"
@@ -126,16 +128,17 @@ class TestExtensionElement:
c = ee.find_children() c = ee.find_children()
assert len(c) == 3 assert len(c) == 3
class TestExtensionContainer: class TestExtensionContainer:
def test_find_extensions(self): def test_find_extensions(self):
avas = [{ avas = [{
"attributes": {"foo":"bar","special":"app"}, "attributes": {"foo": "bar", "special": "app"},
"tag": "tag2", "tag": "tag2",
"namespace": "urn:mace:example.com", "namespace": "urn:mace:example.com",
"text": "Just a line" "text": "Just a line"
}, },
{ {
"attributes": {"static":"attribute","dynamic":"orgname"}, "attributes": {"static": "attribute", "dynamic": "orgname"},
"tag": "tag3", "tag": "tag3",
"namespace": "urn:mace:example.com", "namespace": "urn:mace:example.com",
"text": "Another line of text", "text": "Another line of text",
@@ -146,7 +149,7 @@ class TestExtensionContainer:
}] }]
}, },
{ {
"attributes": {"entitlement":"xyz"}, "attributes": {"entitlement": "xyz"},
"tag": "tag4", "tag": "tag4",
"namespace": "urn:mace:example.org", "namespace": "urn:mace:example.org",
"text": "A comment" "text": "A comment"
@@ -194,6 +197,7 @@ class TestExtensionContainer:
assert len(ec.extension_attributes) == 1 assert len(ec.extension_attributes) == 1
assert ec.extension_attributes.keys()[0] == "foo" assert ec.extension_attributes.keys()[0] == "foo"
class TestSAMLBase: class TestSAMLBase:
def test_make_vals_dict(self): def test_make_vals_dict(self):
ava = { ava = {
@@ -229,13 +233,13 @@ class TestSAMLBase:
def test_to_string_nspair(self): def test_to_string_nspair(self):
foo = saml2.make_vals("lions", AttributeValue, part=True) foo = saml2.make_vals("lions", AttributeValue, part=True)
str = foo.to_string() txt = foo.to_string()
nsstr = foo.to_string({"saml":saml.NAMESPACE}) nsstr = foo.to_string({"saml": saml.NAMESPACE})
assert nsstr != str assert nsstr != txt
print str print txt
print nsstr print nsstr
assert "saml:AttributeValue" in nsstr assert "saml:AttributeValue" in nsstr
assert "saml:AttributeValue" not in str assert "saml:AttributeValue" not in txt
def test_set_text(self): def test_set_text(self):
av = AttributeValue() av = AttributeValue()
@@ -260,8 +264,8 @@ class TestSAMLBase:
foo = saml2.make_vals(False, AttributeValue, part=True) foo = saml2.make_vals(False, AttributeValue, part=True)
assert foo.text == "false" assert foo.text == "false"
class TestNameID:
class TestNameID:
def setup_class(self): def setup_class(self):
self.name_id = saml.NameID() self.name_id = saml.NameID()
@@ -332,7 +336,6 @@ class TestNameID:
class TestIssuer: class TestIssuer:
def setup_class(self): def setup_class(self):
self.issuer = saml.Issuer() self.issuer = saml.Issuer()
@@ -357,7 +360,6 @@ class TestIssuer:
class TestSubjectLocality: class TestSubjectLocality:
def setup_class(self): def setup_class(self):
self.subject_locality = saml.SubjectLocality() self.subject_locality = saml.SubjectLocality()
@@ -388,7 +390,6 @@ class TestSubjectLocality:
class TestAuthnContextClassRef: class TestAuthnContextClassRef:
def setup_class(self): def setup_class(self):
self.authn_context_class_ref = saml.AuthnContextClassRef() self.authn_context_class_ref = saml.AuthnContextClassRef()
self.text = "http://www.example.com/authnContextClassRef" self.text = "http://www.example.com/authnContextClassRef"
@@ -411,7 +412,6 @@ class TestAuthnContextClassRef:
class TestAuthnContextDeclRef: class TestAuthnContextDeclRef:
def setup_class(self): def setup_class(self):
self.authn_context_decl_ref = saml.AuthnContextDeclRef() self.authn_context_decl_ref = saml.AuthnContextDeclRef()
self.ref = "http://www.example.com/authnContextDeclRef" self.ref = "http://www.example.com/authnContextDeclRef"
@@ -434,7 +434,6 @@ class TestAuthnContextDeclRef:
class TestAuthnContextDecl: class TestAuthnContextDecl:
def setup_class(self): def setup_class(self):
self.authn_context_decl = saml.AuthnContextDecl() self.authn_context_decl = saml.AuthnContextDecl()
self.text = "http://www.example.com/authnContextDecl" self.text = "http://www.example.com/authnContextDecl"
@@ -457,7 +456,6 @@ class TestAuthnContextDecl:
class TestAuthenticatingAuthority: class TestAuthenticatingAuthority:
def setup_class(self): def setup_class(self):
self.authenticating_authority = saml.AuthenticatingAuthority() self.authenticating_authority = saml.AuthenticatingAuthority()
self.text = "http://www.example.com/authenticatingAuthority" self.text = "http://www.example.com/authenticatingAuthority"
@@ -478,8 +476,8 @@ class TestAuthenticatingAuthority:
saml2_data.TEST_AUTHENTICATING_AUTHORITY) saml2_data.TEST_AUTHENTICATING_AUTHORITY)
assert authenticating_authority.text.strip() == self.text assert authenticating_authority.text.strip() == self.text
class TestAuthnContext:
class TestAuthnContext:
def setup_class(self): def setup_class(self):
self.authn_context = saml.AuthnContext() self.authn_context = saml.AuthnContext()
@@ -511,13 +509,13 @@ class TestAuthnContext:
def testUsingTestData(self): def testUsingTestData(self):
"""Test authn_context_from_string() using test data""" """Test authn_context_from_string() using test data"""
authn_context = saml.authn_context_from_string(saml2_data.TEST_AUTHN_CONTEXT) authn_context = saml.authn_context_from_string(
saml2_data.TEST_AUTHN_CONTEXT)
assert authn_context.authn_context_class_ref.text.strip() == \ assert authn_context.authn_context_class_ref.text.strip() == \
saml.AUTHN_PASSWORD saml.AUTHN_PASSWORD
class TestAuthnStatement: class TestAuthnStatement:
def setup_class(self): def setup_class(self):
self.authn_statem = saml.AuthnStatement() self.authn_statem = saml.AuthnStatement()
@@ -556,7 +554,8 @@ class TestAuthnStatement:
def testUsingTestData(self): def testUsingTestData(self):
"""Test authn_statement_from_string() using test data""" """Test authn_statement_from_string() using test data"""
authn_statem = saml.authn_statement_from_string(saml2_data.TEST_AUTHN_STATEMENT) authn_statem = saml.authn_statement_from_string(
saml2_data.TEST_AUTHN_STATEMENT)
assert authn_statem.authn_instant == "2007-08-31T01:05:02Z" assert authn_statem.authn_instant == "2007-08-31T01:05:02Z"
assert authn_statem.session_not_on_or_after == "2007-09-14T01:05:02Z" assert authn_statem.session_not_on_or_after == "2007-09-14T01:05:02Z"
assert authn_statem.authn_context.authn_context_class_ref.text.strip() == \ assert authn_statem.authn_context.authn_context_class_ref.text.strip() == \
@@ -564,7 +563,6 @@ class TestAuthnStatement:
class TestAttributeValue: class TestAttributeValue:
def setup_class(self): def setup_class(self):
self.attribute_value = saml.AttributeValue() self.attribute_value = saml.AttributeValue()
self.text = "value for test attribute" self.text = "value for test attribute"
@@ -584,6 +582,7 @@ class TestAttributeValue:
saml2_data.TEST_ATTRIBUTE_VALUE) saml2_data.TEST_ATTRIBUTE_VALUE)
assert attribute_value.text.strip() == self.text assert attribute_value.text.strip() == self.text
BASIC_STR_AV = """<?xml version="1.0" encoding="utf-8"?> BASIC_STR_AV = """<?xml version="1.0" encoding="utf-8"?>
<Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion" <Attribute xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
@@ -650,8 +649,8 @@ FriendlyName="pre_auth_req">
<AttributeValue xsi:type="xs:integer">1</AttributeValue> <AttributeValue xsi:type="xs:integer">1</AttributeValue>
</Attribute>""" </Attribute>"""
class TestAttribute:
class TestAttribute:
def setup_class(self): def setup_class(self):
self.attribute = saml.Attribute() self.attribute = saml.Attribute()
self.text = ["value of test attribute", self.text = ["value of test attribute",
@@ -714,15 +713,15 @@ class TestAttribute:
print attribute print attribute
assert attribute.attribute_value[0].text.lower() == "false" assert attribute.attribute_value[0].text.lower() == "false"
class TestAttributeStatement:
class TestAttributeStatement:
def setup_class(self): def setup_class(self):
self.attr_statem = saml.AttributeStatement() self.attr_statem = saml.AttributeStatement()
self.text = ["value of test attribute", self.text = ["value of test attribute",
"value1 of test attribute", "value1 of test attribute",
"value2 of test attribute", "value2 of test attribute",
"value1 of test attribute2", "value1 of test attribute2",
"value2 of test attribute2",] "value2 of test attribute2", ]
def testAccessors(self): def testAccessors(self):
"""Test for Attribute accessors""" """Test for Attribute accessors"""
@@ -731,56 +730,73 @@ class TestAttributeStatement:
self.attr_statem.attribute[0].name = "testAttribute" self.attr_statem.attribute[0].name = "testAttribute"
self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI
self.attr_statem.attribute[0].friendly_name = "test attribute" self.attr_statem.attribute[0].friendly_name = "test attribute"
self.attr_statem.attribute[0].attribute_value.append(saml.AttributeValue()) self.attr_statem.attribute[0].attribute_value.append(
saml.AttributeValue())
self.attr_statem.attribute[0].attribute_value[0].text = self.text[0] self.attr_statem.attribute[0].attribute_value[0].text = self.text[0]
self.attr_statem.attribute[1].name = "testAttribute2" self.attr_statem.attribute[1].name = "testAttribute2"
self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED
self.attr_statem.attribute[1].friendly_name = self.text[2] self.attr_statem.attribute[1].friendly_name = self.text[2]
self.attr_statem.attribute[1].attribute_value.append(saml.AttributeValue()) self.attr_statem.attribute[1].attribute_value.append(
saml.AttributeValue())
self.attr_statem.attribute[1].attribute_value[0].text = self.text[2] self.attr_statem.attribute[1].attribute_value[0].text = self.text[2]
new_as = saml.attribute_statement_from_string(self.attr_statem.to_string()) new_as = saml.attribute_statement_from_string(
self.attr_statem.to_string())
assert new_as.attribute[0].name == "testAttribute" assert new_as.attribute[0].name == "testAttribute"
assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI
assert new_as.attribute[0].friendly_name == "test attribute" assert new_as.attribute[0].friendly_name == "test attribute"
assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[0] assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[
0]
assert new_as.attribute[1].name == "testAttribute2" assert new_as.attribute[1].name == "testAttribute2"
assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert new_as.attribute[1].friendly_name == "value2 of test attribute" assert new_as.attribute[1].friendly_name == "value2 of test attribute"
assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[2] assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[
2]
def testUsingTestData(self): def testUsingTestData(self):
"""Test attribute_statement_from_string() using test data""" """Test attribute_statement_from_string() using test data"""
attr_statem = saml.attribute_statement_from_string( \ attr_statem = saml.attribute_statement_from_string( \
saml2_data.TEST_ATTRIBUTE_STATEMENT) saml2_data.TEST_ATTRIBUTE_STATEMENT)
assert attr_statem.attribute[0].name == "testAttribute" assert attr_statem.attribute[0].name == "testAttribute"
assert attr_statem.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED assert attr_statem.attribute[
0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem.attribute[0].friendly_name == "test attribute" assert attr_statem.attribute[0].friendly_name == "test attribute"
assert attr_statem.attribute[0].attribute_value[0].text.strip() == self.text[1] assert attr_statem.attribute[0].attribute_value[0].text.strip() == \
assert attr_statem.attribute[0].attribute_value[1].text.strip() == self.text[2] self.text[1]
assert attr_statem.attribute[1].name == "http://www.example.com/testAttribute2" assert attr_statem.attribute[0].attribute_value[1].text.strip() == \
self.text[2]
assert attr_statem.attribute[
1].name == "http://www.example.com/testAttribute2"
assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem.attribute[1].friendly_name == "test attribute2" assert attr_statem.attribute[1].friendly_name == "test attribute2"
assert attr_statem.attribute[1].attribute_value[0].text.strip() == self.text[3] assert attr_statem.attribute[1].attribute_value[0].text.strip() == \
assert attr_statem.attribute[1].attribute_value[1].text.strip() == self.text[4] self.text[3]
assert attr_statem.attribute[1].attribute_value[1].text.strip() == \
self.text[4]
# test again # test again
attr_statem2 = saml.attribute_statement_from_string(attr_statem.to_string()) attr_statem2 = saml.attribute_statement_from_string(
attr_statem.to_string())
assert attr_statem2.attribute[0].name == "testAttribute" assert attr_statem2.attribute[0].name == "testAttribute"
assert attr_statem2.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED assert attr_statem2.attribute[
0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem2.attribute[0].friendly_name == "test attribute" assert attr_statem2.attribute[0].friendly_name == "test attribute"
assert attr_statem2.attribute[0].attribute_value[0].text.strip() == self.text[1] assert attr_statem2.attribute[0].attribute_value[0].text.strip() == \
assert attr_statem2.attribute[0].attribute_value[1].text.strip() == self.text[2] self.text[1]
assert attr_statem2.attribute[1].name == "http://www.example.com/testAttribute2" assert attr_statem2.attribute[0].attribute_value[1].text.strip() == \
self.text[2]
assert attr_statem2.attribute[
1].name == "http://www.example.com/testAttribute2"
assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem2.attribute[1].friendly_name == "test attribute2" assert attr_statem2.attribute[1].friendly_name == "test attribute2"
assert attr_statem2.attribute[1].attribute_value[0].text.strip() == self.text[3] assert attr_statem2.attribute[1].attribute_value[0].text.strip() == \
assert attr_statem2.attribute[1].attribute_value[1].text.strip() == self.text[4] self.text[3]
assert attr_statem2.attribute[1].attribute_value[1].text.strip() == \
self.text[4]
class TestSubjectConfirmationData: class TestSubjectConfirmationData:
def setup_class(self): def setup_class(self):
self.scd = saml.SubjectConfirmationData() self.scd = saml.SubjectConfirmationData()
@@ -792,7 +808,8 @@ class TestSubjectConfirmationData:
self.scd.recipient = "recipient" self.scd.recipient = "recipient"
self.scd.in_response_to = "responseID" self.scd.in_response_to = "responseID"
self.scd.address = "127.0.0.1" self.scd.address = "127.0.0.1"
new_scd = saml.subject_confirmation_data_from_string(self.scd.to_string()) new_scd = saml.subject_confirmation_data_from_string(
self.scd.to_string())
assert new_scd.not_before == "2007-08-31T01:05:02Z" assert new_scd.not_before == "2007-08-31T01:05:02Z"
assert new_scd.not_on_or_after == "2007-09-14T01:05:02Z" assert new_scd.not_on_or_after == "2007-09-14T01:05:02Z"
assert new_scd.recipient == "recipient" assert new_scd.recipient == "recipient"
@@ -812,7 +829,6 @@ class TestSubjectConfirmationData:
class TestSubjectConfirmation: class TestSubjectConfirmation:
def setup_class(self): def setup_class(self):
self.sc = saml.SubjectConfirmation() self.sc = saml.SubjectConfirmation()
@@ -848,7 +864,6 @@ class TestSubjectConfirmation:
class TestSubject: class TestSubject:
def setup_class(self): def setup_class(self):
self.subject = saml.Subject() self.subject = saml.Subject()
@@ -877,7 +892,6 @@ class TestSubject:
class TestCondition: class TestCondition:
def setup_class(self): def setup_class(self):
self.condition = saml.Condition() self.condition = saml.Condition()
self.name = "{%s}type" % saml.XSI_NAMESPACE self.name = "{%s}type" % saml.XSI_NAMESPACE
@@ -888,7 +902,8 @@ class TestCondition:
self.condition.extension_attributes['ExtendedAttribute'] = "value" self.condition.extension_attributes['ExtendedAttribute'] = "value"
new_condition = saml.condition_from_string(self.condition.to_string()) new_condition = saml.condition_from_string(self.condition.to_string())
assert new_condition.extension_attributes[self.name] == "test" assert new_condition.extension_attributes[self.name] == "test"
assert new_condition.extension_attributes["ExtendedAttribute"] == "value" assert new_condition.extension_attributes[
"ExtendedAttribute"] == "value"
def testUsingTestData(self): def testUsingTestData(self):
"""Test for condition_from_string() using test data.""" """Test for condition_from_string() using test data."""
@@ -898,7 +913,6 @@ class TestCondition:
class TestAudience: class TestAudience:
def setup_class(self): def setup_class(self):
self.audience = saml.Audience() self.audience = saml.Audience()
@@ -940,7 +954,6 @@ class TestAudienceRestriction:
class TestOneTimeUse: class TestOneTimeUse:
def setup_class(self): def setup_class(self):
self.one_time_use = saml.OneTimeUse() self.one_time_use = saml.OneTimeUse()
@@ -951,13 +964,13 @@ class TestOneTimeUse:
def testUsingTestData(self): def testUsingTestData(self):
"""Test one_time_use_from_string() using test data""" """Test one_time_use_from_string() using test data"""
one_time_use = saml.one_time_use_from_string(saml2_data.TEST_ONE_TIME_USE) one_time_use = saml.one_time_use_from_string(
saml2_data.TEST_ONE_TIME_USE)
assert isinstance(one_time_use, saml.OneTimeUse) assert isinstance(one_time_use, saml.OneTimeUse)
assert isinstance(one_time_use, saml.ConditionAbstractType_) assert isinstance(one_time_use, saml.ConditionAbstractType_)
class TestProxyRestriction: class TestProxyRestriction:
def setup_class(self): def setup_class(self):
self.proxy_restriction = saml.ProxyRestriction() self.proxy_restriction = saml.ProxyRestriction()
@@ -983,8 +996,8 @@ class TestProxyRestriction:
assert proxy_restriction.audience[0].text.strip() == \ assert proxy_restriction.audience[0].text.strip() == \
"http://www.example.com/Audience" "http://www.example.com/Audience"
class TestConditions:
class TestConditions:
def setup_class(self): def setup_class(self):
self.conditions = saml.Conditions() self.conditions = saml.Conditions()
@@ -996,7 +1009,8 @@ class TestConditions:
self.conditions.audience_restriction.append(saml.AudienceRestriction()) self.conditions.audience_restriction.append(saml.AudienceRestriction())
self.conditions.one_time_use.append(saml.OneTimeUse()) self.conditions.one_time_use.append(saml.OneTimeUse())
self.conditions.proxy_restriction.append(saml.ProxyRestriction()) self.conditions.proxy_restriction.append(saml.ProxyRestriction())
new_conditions = saml.conditions_from_string(self.conditions.to_string()) new_conditions = saml.conditions_from_string(
self.conditions.to_string())
assert new_conditions.not_before == "2007-08-31T01:05:02Z" assert new_conditions.not_before == "2007-08-31T01:05:02Z"
assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z" assert new_conditions.not_on_or_after == "2007-09-14T01:05:02Z"
assert isinstance(new_conditions.condition[0], saml.Condition) assert isinstance(new_conditions.condition[0], saml.Condition)
@@ -1020,8 +1034,8 @@ class TestConditions:
assert isinstance(new_conditions.proxy_restriction[0], assert isinstance(new_conditions.proxy_restriction[0],
saml.ProxyRestriction) saml.ProxyRestriction)
class TestAssertionIDRef:
class TestAssertionIDRef:
def setup_class(self): def setup_class(self):
self.assertion_id_ref = saml.AssertionIDRef() self.assertion_id_ref = saml.AssertionIDRef()
@@ -1042,7 +1056,6 @@ class TestAssertionIDRef:
class TestAssertionURIRef: class TestAssertionURIRef:
def setup_class(self): def setup_class(self):
self.assertion_uri_ref = saml.AssertionURIRef() self.assertion_uri_ref = saml.AssertionURIRef()
@@ -1063,7 +1076,6 @@ class TestAssertionURIRef:
class TestAction: class TestAction:
def setup_class(self): def setup_class(self):
self.action = saml.Action() self.action = saml.Action()
@@ -1080,7 +1092,6 @@ class TestAction:
class TestEvidence: class TestEvidence:
def setup_class(self): def setup_class(self):
self.evidence = saml.Evidence() self.evidence = saml.Evidence()
@@ -1110,7 +1121,6 @@ class TestEvidence:
class TestAuthzDecisionStatement: class TestAuthzDecisionStatement:
def setup_class(self): def setup_class(self):
self.authz_decision_statement = saml.AuthzDecisionStatement() self.authz_decision_statement = saml.AuthzDecisionStatement()
@@ -1139,8 +1149,8 @@ class TestAuthzDecisionStatement:
# TODO: # TODO:
pass pass
class TestAdvice:
class TestAdvice:
def setup_class(self): def setup_class(self):
self.advice = saml.Advice() self.advice = saml.Advice()
@@ -1167,7 +1177,6 @@ class TestAdvice:
class TestAssertion: class TestAssertion:
def setup_class(self): def setup_class(self):
self.assertion = saml.Assertion() self.assertion = saml.Assertion()
@@ -1179,7 +1188,8 @@ class TestAssertion:
self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER) self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER)
self.assertion.signature = ds.signature_from_string( self.assertion.signature = ds.signature_from_string(
ds_data.TEST_SIGNATURE) ds_data.TEST_SIGNATURE)
self.assertion.subject = saml.subject_from_string(saml2_data.TEST_SUBJECT) self.assertion.subject = saml.subject_from_string(
saml2_data.TEST_SUBJECT)
self.assertion.conditions = saml.conditions_from_string( self.assertion.conditions = saml.conditions_from_string(
saml2_data.TEST_CONDITIONS) saml2_data.TEST_CONDITIONS)
self.assertion.advice = saml.Advice() self.assertion.advice = saml.Advice()

136
tests/test_03_saml2.py
View File

@@ -19,7 +19,7 @@ except ImportError:
from elementtree import ElementTree from elementtree import ElementTree
ITEMS = { ITEMS = {
NameID:["""<?xml version="1.0" encoding="utf-8"?> NameID: ["""<?xml version="1.0" encoding="utf-8"?>
<NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion" <NameID xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"
SPProvidedID="sp provided id"> SPProvidedID="sp provided id">
@@ -35,7 +35,7 @@ Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"
NameQualifier="http://authentic.example.com/saml/metadata" NameQualifier="http://authentic.example.com/saml/metadata"
SPNameQualifier="http://auth.example.com/saml/metadata">test SPNameQualifier="http://auth.example.com/saml/metadata">test
</NameID>"""], </NameID>"""],
Issuer:"""<?xml version="1.0" encoding="utf-8"?> Issuer: """<?xml version="1.0" encoding="utf-8"?>
<Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion"> <Issuer xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
http://www.example.com/test http://www.example.com/test
</Issuer> </Issuer>
@@ -45,7 +45,7 @@ SPNameQualifier="http://auth.example.com/saml/metadata">test
Address="127.0.0.1" DNSName="localhost"/> Address="127.0.0.1" DNSName="localhost"/>
""", """,
SubjectConfirmationData: SubjectConfirmationData:
"""<?xml version="1.0" encoding="utf-8"?> """<?xml version="1.0" encoding="utf-8"?>
<SubjectConfirmationData xmlns="urn:oasis:names:tc:SAML:2.0:assertion" <SubjectConfirmationData xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
InResponseTo="_1683146e27983964fbe7bf8f08961108d166a652e5" InResponseTo="_1683146e27983964fbe7bf8f08961108d166a652e5"
NotOnOrAfter="2010-02-18T13:52:13.959Z" NotOnOrAfter="2010-02-18T13:52:13.959Z"
@@ -69,9 +69,10 @@ InResponseTo="_59B3A01B03334032C31E434C63F89E3E"/></SubjectConfirmation>"""
# for tcl,xml in ITEMS.items(): # for tcl,xml in ITEMS.items():
# metafunc.addcall(funcargs={"target_class":tcl,"xml_string":xml}) # metafunc.addcall(funcargs={"target_class":tcl,"xml_string":xml})
def _eq(l1,l2): def _eq(l1, l2):
return set(l1) == set(l2) return set(l1) == set(l2)
def test_create_class_from_xml_string_nameid(): def test_create_class_from_xml_string_nameid():
kl = create_class_from_xml_string(NameID, ITEMS[NameID][0]) kl = create_class_from_xml_string(NameID, ITEMS[NameID][0])
assert kl != None assert kl != None
@@ -101,6 +102,7 @@ def test_create_class_from_xml_string_nameid():
'text']) 'text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID" assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:NameID"
def test_create_class_from_xml_string_issuer(): def test_create_class_from_xml_string_issuer():
kl = create_class_from_xml_string(Issuer, ITEMS[Issuer]) kl = create_class_from_xml_string(Issuer, ITEMS[Issuer])
assert kl != None assert kl != None
@@ -108,13 +110,16 @@ def test_create_class_from_xml_string_issuer():
assert _eq(kl.keyswv(), ['text']) assert _eq(kl.keyswv(), ['text'])
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:Issuer" assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:Issuer"
def test_create_class_from_xml_string_subject_locality(): def test_create_class_from_xml_string_subject_locality():
kl = create_class_from_xml_string(SubjectLocality, ITEMS[SubjectLocality]) kl = create_class_from_xml_string(SubjectLocality, ITEMS[SubjectLocality])
assert kl != None assert kl != None
assert _eq(kl.keyswv(), ['address', "dns_name"]) assert _eq(kl.keyswv(), ['address', "dns_name"])
assert kl.address == "127.0.0.1" assert kl.address == "127.0.0.1"
assert kl.dns_name == "localhost" assert kl.dns_name == "localhost"
assert class_name(kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality" assert class_name(
kl) == "urn:oasis:names:tc:SAML:2.0:assertion:SubjectLocality"
def test_create_class_from_xml_string_subject_confirmation_data(): def test_create_class_from_xml_string_subject_confirmation_data():
kl = create_class_from_xml_string(SubjectConfirmationData, kl = create_class_from_xml_string(SubjectConfirmationData,
@@ -129,6 +134,7 @@ def test_create_class_from_xml_string_subject_confirmation_data():
assert class_name(kl) == \ assert class_name(kl) == \
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData" "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmationData"
def test_create_class_from_xml_string_subject_confirmation(): def test_create_class_from_xml_string_subject_confirmation():
kl = create_class_from_xml_string(SubjectConfirmation, kl = create_class_from_xml_string(SubjectConfirmation,
ITEMS[SubjectConfirmation]) ITEMS[SubjectConfirmation])
@@ -143,7 +149,8 @@ def test_create_class_from_xml_string_subject_confirmation():
assert name_id.text.strip() == "test@example.com" assert name_id.text.strip() == "test@example.com"
subject_confirmation_data = kl.subject_confirmation_data subject_confirmation_data = kl.subject_confirmation_data
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after', assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient', 'in_response_to']) 'recipient',
'in_response_to'])
assert subject_confirmation_data.recipient == \ assert subject_confirmation_data.recipient == \
"http://auth.example.com/saml/proxySingleSignOnRedirect" "http://auth.example.com/saml/proxySingleSignOnRedirect"
assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z" assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
@@ -152,11 +159,13 @@ def test_create_class_from_xml_string_subject_confirmation():
assert class_name(kl) == \ assert class_name(kl) == \
"urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation" "urn:oasis:names:tc:SAML:2.0:assertion:SubjectConfirmation"
def test_create_class_from_xml_string_wrong_class_spec(): def test_create_class_from_xml_string_wrong_class_spec():
kl = create_class_from_xml_string(SubjectConfirmationData, kl = create_class_from_xml_string(SubjectConfirmationData,
ITEMS[SubjectConfirmation]) ITEMS[SubjectConfirmation])
assert kl == None assert kl == None
def test_ee_1(): def test_ee_1():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?><foo>bar</foo>""") """<?xml version='1.0' encoding='UTF-8'?><foo>bar</foo>""")
@@ -168,17 +177,19 @@ def test_ee_1():
assert ee.children == [] assert ee.children == []
assert ee.text == "bar" assert ee.text == "bar"
def test_ee_2(): def test_ee_2():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?><foo id="xyz">bar</foo>""") """<?xml version='1.0' encoding='UTF-8'?><foo id="xyz">bar</foo>""")
assert ee != None assert ee != None
print ee.__dict__ print ee.__dict__
assert ee.attributes == {"id":"xyz"} assert ee.attributes == {"id": "xyz"}
assert ee.tag == "foo" assert ee.tag == "foo"
assert ee.namespace == None assert ee.namespace == None
assert ee.children == [] assert ee.children == []
assert ee.text == "bar" assert ee.text == "bar"
def test_ee_3(): def test_ee_3():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -186,12 +197,13 @@ def test_ee_3():
id="xyz">bar</foo>""") id="xyz">bar</foo>""")
assert ee != None assert ee != None
print ee.__dict__ print ee.__dict__
assert ee.attributes == {"id":"xyz"} assert ee.attributes == {"id": "xyz"}
assert ee.tag == "foo" assert ee.tag == "foo"
assert ee.namespace == "urn:mace:example.com:saml:ns" assert ee.namespace == "urn:mace:example.com:saml:ns"
assert ee.children == [] assert ee.children == []
assert ee.text == "bar" assert ee.text == "bar"
def test_ee_4(): def test_ee_4():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -204,17 +216,18 @@ def test_ee_4():
assert ee.namespace == "urn:mace:example.com:saml:ns" assert ee.namespace == "urn:mace:example.com:saml:ns"
assert len(ee.children) == 2 assert len(ee.children) == 2
assert ee.text.strip() == "" assert ee.text.strip() == ""
id = ee.find_children("id", "urn:mace:example.com:saml:namespace") cid = ee.find_children("id", "urn:mace:example.com:saml:namespace")
assert id == [] assert cid == []
ids = ee.find_children("id", "urn:mace:example.com:saml:ns") ids = ee.find_children("id", "urn:mace:example.com:saml:ns")
assert ids != [] assert ids != []
id = ids[0] cid = ids[0]
print id.__dict__ print cid.__dict__
assert id.attributes == {} assert cid.attributes == {}
assert id.tag == "id" assert cid.tag == "id"
assert id.namespace == "urn:mace:example.com:saml:ns" assert cid.namespace == "urn:mace:example.com:saml:ns"
assert id.children == [] assert cid.children == []
assert id.text.strip() == "xyz" assert cid.text.strip() == "xyz"
def test_ee_5(): def test_ee_5():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
@@ -242,12 +255,13 @@ def test_ee_5():
assert len(child) == 1 assert len(child) == 1
child = ee.find_children(namespace="urn:mace:example.com:saml:ns") child = ee.find_children(namespace="urn:mace:example.com:saml:ns")
assert len(child) == 0 assert len(child) == 0
child = ee.find_children("educause","urn:mace:example.com:saml:cu") child = ee.find_children("educause", "urn:mace:example.com:saml:cu")
assert len(child) == 1 assert len(child) == 1
child = ee.find_children("edugain","urn:mace:example.com:saml:cu") child = ee.find_children("edugain", "urn:mace:example.com:saml:cu")
assert len(child) == 0 assert len(child) == 0
print ee.to_string() print ee.to_string()
def test_ee_6(): def test_ee_6():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -277,9 +291,9 @@ def test_ee_6():
assert len(child) == 1 assert len(child) == 1
child = pee.find_children(namespace="urn:mace:example.com:saml:ns") child = pee.find_children(namespace="urn:mace:example.com:saml:ns")
assert len(child) == 0 assert len(child) == 0
child = pee.find_children("educause","urn:mace:example.com:saml:cu") child = pee.find_children("educause", "urn:mace:example.com:saml:cu")
assert len(child) == 1 assert len(child) == 1
child = pee.find_children("edugain","urn:mace:example.com:saml:cu") child = pee.find_children("edugain", "urn:mace:example.com:saml:cu")
assert len(child) == 0 assert len(child) == 0
print pee.to_string() print pee.to_string()
@@ -294,6 +308,7 @@ NAMEID_WITH_ATTRIBUTE_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
</NameID> </NameID>
""" """
def test_nameid_with_extension(): def test_nameid_with_extension():
kl = create_class_from_xml_string(NameID, NAMEID_WITH_ATTRIBUTE_EXTENSION) kl = create_class_from_xml_string(NameID, NAMEID_WITH_ATTRIBUTE_EXTENSION)
assert kl != None assert kl != None
@@ -309,6 +324,7 @@ def test_nameid_with_extension():
assert kl.extension_attributes == { assert kl.extension_attributes == {
'{urn:mace:example.com:saml:assertion}Foo': 'BAR'} '{urn:mace:example.com:saml:assertion}Foo': 'BAR'}
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION = """<?xml version="1.0" encoding="utf-8"?> SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION = """<?xml version="1.0" encoding="utf-8"?>
<SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion" <SubjectConfirmation xmlns="urn:oasis:names:tc:SAML:2.0:assertion"
Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> Method="urn:oasis:names:tc:SAML:2.0:cm:bearer">
@@ -325,6 +341,7 @@ Excellent
</local:Trustlevel> </local:Trustlevel>
</SubjectConfirmation>""" </SubjectConfirmation>"""
def test_subject_confirmation_with_extension(): def test_subject_confirmation_with_extension():
kl = create_class_from_xml_string(SubjectConfirmation, kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
@@ -339,7 +356,8 @@ def test_subject_confirmation_with_extension():
assert name_id.text.strip() == "test@example.com" assert name_id.text.strip() == "test@example.com"
subject_confirmation_data = kl.subject_confirmation_data subject_confirmation_data = kl.subject_confirmation_data
assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after', assert _eq(subject_confirmation_data.keyswv(), ['not_on_or_after',
'recipient', 'in_response_to']) 'recipient',
'in_response_to'])
assert subject_confirmation_data.recipient == \ assert subject_confirmation_data.recipient == \
"http://auth.example.com/saml/proxySingleSignOnRedirect" "http://auth.example.com/saml/proxySingleSignOnRedirect"
assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z" assert subject_confirmation_data.not_on_or_after == "2010-02-17T17:02:38Z"
@@ -351,11 +369,12 @@ def test_subject_confirmation_with_extension():
assert ee.namespace == "urn:mace:example.com:saml:assertion" assert ee.namespace == "urn:mace:example.com:saml:assertion"
assert ee.text.strip() == "Excellent" assert ee.text.strip() == "Excellent"
def test_to_fro_string_1(): def test_to_fro_string_1():
kl = create_class_from_xml_string(SubjectConfirmation, kl = create_class_from_xml_string(SubjectConfirmation,
SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION) SUBJECT_CONFIRMATION_WITH_MEMBER_EXTENSION)
str = kl.to_string() txt = kl.to_string()
cpy = create_class_from_xml_string(SubjectConfirmation, str) cpy = create_class_from_xml_string(SubjectConfirmation, txt)
print kl.__dict__ print kl.__dict__
print cpy.__dict__ print cpy.__dict__
@@ -371,15 +390,17 @@ def test_to_fro_string_1():
def test_make_vals_str(): def test_make_vals_str():
kl = make_vals("Jeter",md.GivenName, part=True) kl = make_vals("Jeter", md.GivenName, part=True)
assert isinstance(kl, md.GivenName) assert isinstance(kl, md.GivenName)
assert kl.text == "Jeter" assert kl.text == "Jeter"
def test_make_vals_list_of_strs(): def test_make_vals_list_of_strs():
cp = md.ContactPerson() cp = md.ContactPerson()
make_vals(["Derek","Sanderson"], md.GivenName, cp, "given_name") make_vals(["Derek", "Sanderson"], md.GivenName, cp, "given_name")
assert len(cp.given_name) == 2 assert len(cp.given_name) == 2
assert _eq([i.text for i in cp.given_name],["Sanderson","Derek"]) assert _eq([i.text for i in cp.given_name], ["Sanderson", "Derek"])
def test_attribute_element_to_extension_element(): def test_attribute_element_to_extension_element():
attr = create_class_from_xml_string(Attribute, saml2_data.TEST_ATTRIBUTE) attr = create_class_from_xml_string(Attribute, saml2_data.TEST_ATTRIBUTE)
@@ -387,7 +408,7 @@ def test_attribute_element_to_extension_element():
print ee.__dict__ print ee.__dict__
assert ee.tag == "Attribute" assert ee.tag == "Attribute"
assert ee.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion' assert ee.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion'
assert _eq(ee.attributes.keys(),['FriendlyName', 'Name', 'NameFormat']) assert _eq(ee.attributes.keys(), ['FriendlyName', 'Name', 'NameFormat'])
assert ee.attributes["FriendlyName"] == 'test attribute' assert ee.attributes["FriendlyName"] == 'test attribute'
assert ee.attributes["Name"] == "testAttribute" assert ee.attributes["Name"] == "testAttribute"
assert ee.attributes["NameFormat"] == \ assert ee.attributes["NameFormat"] == \
@@ -398,6 +419,7 @@ def test_attribute_element_to_extension_element():
assert child.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion' assert child.namespace == 'urn:oasis:names:tc:SAML:2.0:assertion'
assert child.tag == "AttributeValue" assert child.tag == "AttributeValue"
def test_ee_7(): def test_ee_7():
ee = saml2.extension_element_from_string( ee = saml2.extension_element_from_string(
"""<?xml version='1.0' encoding='UTF-8'?> """<?xml version='1.0' encoding='UTF-8'?>
@@ -418,17 +440,17 @@ def test_ee_7():
assert len(ee.children) == 2 assert len(ee.children) == 2
for child in ee.children: for child in ee.children:
assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert _eq(["AssertingEntity","RetrievalEndpoint"], assert _eq(["AssertingEntity", "RetrievalEndpoint"],
[c.tag for c in ee.children]) [c.tag for c in ee.children])
aes = [c for c in ee.children if c.tag == "AssertingEntity"] aes = [c for c in ee.children if c.tag == "AssertingEntity"]
assert len(aes) == 1 assert len(aes) == 1
assert len(aes[0].children) == 1 assert len(aes[0].children) == 1
assert _eq(aes[0].attributes.keys(),[]) assert _eq(aes[0].attributes.keys(), [])
nid = aes[0].children[0] nid = aes[0].children[0]
assert nid.tag == "NameID" assert nid.tag == "NameID"
assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert len(nid.children) == 0 assert len(nid.children) == 0
assert _eq(nid.attributes.keys(),["Format"]) assert _eq(nid.attributes.keys(), ["Format"])
assert nid.text.strip() == "http://federationX.org" assert nid.text.strip() == "http://federationX.org"
@@ -439,18 +461,20 @@ def test_extension_element_loadd():
'children': [{ 'children': [{
"tag": "AssertingEntity", "tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [{ "children": [{
"tag":"NameID", "tag": "NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "http://federationX.org", "text": "http://federationX.org",
"attributes":{ "attributes": {
"Format":"urn:oasis:names:tc:SAML:2.0:nameid-format:entity" "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
}, },
}] }]
}, { }, {
"tag":"RetrievalEndpoint", "tag": "RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata"
"text":"https://federationX.org/?ID=a87s76a5765da76576a57as", ":dynamicsaml",
"text": "https://federationX.org/?ID=a87s76a5765da76576a57as",
}], }],
} }
@@ -459,42 +483,46 @@ def test_extension_element_loadd():
assert len(ee.children) == 2 assert len(ee.children) == 2
for child in ee.children: for child in ee.children:
assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert _eq(["AssertingEntity","RetrievalEndpoint"], assert _eq(["AssertingEntity", "RetrievalEndpoint"],
[c.tag for c in ee.children]) [c.tag for c in ee.children])
aes = [c for c in ee.children if c.tag == "AssertingEntity"] aes = [c for c in ee.children if c.tag == "AssertingEntity"]
assert len(aes) == 1 assert len(aes) == 1
assert len(aes[0].children) == 1 assert len(aes[0].children) == 1
assert _eq(aes[0].attributes.keys(),[]) assert _eq(aes[0].attributes.keys(), [])
nid = aes[0].children[0] nid = aes[0].children[0]
assert nid.tag == "NameID" assert nid.tag == "NameID"
assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert len(nid.children) == 0 assert len(nid.children) == 0
assert _eq(nid.attributes.keys(),["Format"]) assert _eq(nid.attributes.keys(), ["Format"])
assert nid.text.strip() == "http://federationX.org" assert nid.text.strip() == "http://federationX.org"
def test_extensions_loadd(): def test_extensions_loadd():
ava = {"extension_elements":[{'attributes': {}, ava = {"extension_elements": [
{
'attributes': {},
'tag': 'ExternalEntityAttributeAuthority', 'tag': 'ExternalEntityAttributeAuthority',
'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml', 'namespace': 'urn:oasis:names:tc:SAML:metadata:dynamicsaml',
'children': [{ 'children': [
"tag": "AssertingEntity", {"tag": "AssertingEntity",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"children": [{ "children": [
"tag":"NameID", {"tag": "NameID",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text": "http://federationX.org", "text": "http://federationX.org",
"attributes":{ "attributes": {
"Format":"urn:oasis:names:tc:SAML:2.0:nameid-format:entity" "Format": "urn:oasis:names:tc:SAML:2.0:nameid-format:entity"
}, },
}] }]
}, { },
"tag":"RetrievalEndpoint", {
"tag": "RetrievalEndpoint",
"namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml", "namespace": "urn:oasis:names:tc:SAML:metadata:dynamicsaml",
"text":"https://federationX.org/?ID=a87s76a5765da76576a57as", "text": "https://federationX.org/?ID=a87s76a5765da76576a57as",
}], }],
}], }],
"extension_attributes": { "extension_attributes": {
"foo":"bar", "foo": "bar",
} }
} }
@@ -507,17 +535,17 @@ def test_extensions_loadd():
assert len(ee.children) == 2 assert len(ee.children) == 2
for child in ee.children: for child in ee.children:
assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" assert child.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert _eq(["AssertingEntity","RetrievalEndpoint"], assert _eq(["AssertingEntity", "RetrievalEndpoint"],
[c.tag for c in ee.children]) [c.tag for c in ee.children])
aes = [c for c in ee.children if c.tag == "AssertingEntity"] aes = [c for c in ee.children if c.tag == "AssertingEntity"]
assert len(aes) == 1 assert len(aes) == 1
assert len(aes[0].children) == 1 assert len(aes[0].children) == 1
assert _eq(aes[0].attributes.keys(),[]) assert _eq(aes[0].attributes.keys(), [])
nid = aes[0].children[0] nid = aes[0].children[0]
assert nid.tag == "NameID" assert nid.tag == "NameID"
assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml" assert nid.namespace == "urn:oasis:names:tc:SAML:metadata:dynamicsaml"
assert len(nid.children) == 0 assert len(nid.children) == 0
assert _eq(nid.attributes.keys(),["Format"]) assert _eq(nid.attributes.keys(), ["Format"])
assert nid.text.strip() == "http://federationX.org" assert nid.text.strip() == "http://federationX.org"
assert extension.extension_attributes.keys() == ["foo"] assert extension.extension_attributes.keys() == ["foo"]

18
tests/test_60_sp.py
View File

@@ -56,16 +56,15 @@ class TestSP():
ava = { "givenName": ["Derek"], "surName": ["Jeter"], ava = { "givenName": ["Derek"], "surName": ["Jeter"],
"mail": ["derek@nyy.mlb.com"], "title":["The man"]} "mail": ["derek@nyy.mlb.com"], "title":["The man"]}
resp_str = "%s" % self.server.create_authn_response(ava, "id1", resp_str = "%s" % self.server.create_authn_response(
"http://lingon.catalogix.se:8087/", ava, "id1", "http://lingon.catalogix.se:8087/",
"urn:mace:example.com:saml:roland:sp", "urn:mace:example.com:saml:roland:sp", trans_name_policy,
trans_name_policy, "foba0001@example.com", authn=AUTHN)
"foba0001@example.com",
authn=AUTHN)
resp_str = base64.encodestring(resp_str) resp_str = base64.encodestring(resp_str)
self.sp.outstanding_queries = {"id1":"http://www.example.com/service"} self.sp.outstanding_queries = {"id1":"http://www.example.com/service"}
session_info = self.sp._eval_authn_response({},{"SAMLResponse":resp_str}) session_info = self.sp._eval_authn_response({},
{"SAMLResponse": resp_str})
assert len(session_info) > 1 assert len(session_info) > 1
assert session_info["came_from"] == 'http://www.example.com/service' assert session_info["came_from"] == 'http://www.example.com/service'
@@ -73,3 +72,8 @@ class TestSP():
'mail': ['derek@nyy.mlb.com'], 'mail': ['derek@nyy.mlb.com'],
'sn': ['Jeter'], 'sn': ['Jeter'],
'title': ['The man']} 'title': ['The man']}
if __name__ == "__main__":
_sp = TestSP()
_sp.setup_class()
_sp.test_identify()