Add version attribute to the SAML2 Assertion object.
Attribute ``version`` in the SAML2 Assertion should be non-empty. Change-Id: I46f4b0c45e38cc1315e320369a2ba7d2279eb16f Closes-Bug: #1373961
This commit is contained in:
parent
d8d1477d83
commit
1e985609f7
|
@ -262,6 +262,7 @@ class SAMLGenerator(object):
|
|||
assertion = saml.Assertion()
|
||||
assertion.id = self.assertion_id
|
||||
assertion.issue_instant = timeutils.isotime()
|
||||
assertion.version = '2.0'
|
||||
assertion.issuer = issuer
|
||||
assertion.signature = signature
|
||||
assertion.subject = subject
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
<ns0:Assertion xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns1="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="9a22528bfe194b2880edce5d60414d6a" IssueInstant="2014-08-19T10:53:57Z">
|
||||
<ns0:Assertion xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns1="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ID="9a22528bfe194b2880edce5d60414d6a" IssueInstant="2014-08-19T10:53:57Z" Version="2.0">
|
||||
<ns0:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://acme.com/FIM/sps/openstack/saml20</ns0:Issuer>
|
||||
<ns1:Signature>
|
||||
<ns1:SignedInfo>
|
||||
|
|
|
@ -1665,6 +1665,7 @@ class SAMLGenerationTests(FederationTests):
|
|||
ROLES = ['admin', 'member']
|
||||
PROJECT = 'development'
|
||||
SAML_GENERATION_ROUTE = '/auth/OS-FEDERATION/saml2'
|
||||
ASSERTION_VERSION = "2.0"
|
||||
|
||||
def setUp(self):
|
||||
super(SAMLGenerationTests, self).setUp()
|
||||
|
@ -1704,6 +1705,22 @@ class SAMLGenerationTests(FederationTests):
|
|||
self.assertEqual(self.PROJECT,
|
||||
project_attribute.attribute_value[0].text)
|
||||
|
||||
def test_verify_assertion_object(self):
|
||||
"""Test if the Assertion object is build properly.
|
||||
|
||||
The Assertion doesn't need to be signed in this test, so
|
||||
_sign_assertion method is patched and doesn't alter the assertion.
|
||||
|
||||
"""
|
||||
with mock.patch.object(keystone_idp, '_sign_assertion',
|
||||
side_effect=lambda x: x):
|
||||
generator = keystone_idp.SAMLGenerator()
|
||||
response = generator.samlize_token(self.ISSUER, self.RECIPIENT,
|
||||
self.SUBJECT, self.ROLES,
|
||||
self.PROJECT)
|
||||
assertion = response.assertion
|
||||
self.assertEqual(self.ASSERTION_VERSION, assertion.version)
|
||||
|
||||
def test_valid_saml_xml(self):
|
||||
"""Test the generated SAML object can become valid XML.
|
||||
|
||||
|
|
Loading…
Reference in New Issue