diff options
author | Johan Lundberg <lundberg@sunet.se> | 2022-12-09 11:12:19 +0100 |
---|---|---|
committer | Johan Lundberg <lundberg@sunet.se> | 2022-12-09 11:12:19 +0100 |
commit | 8185902f9f5db8f85bcc6f3362ebdee2ae595ba4 (patch) | |
tree | 4ef3b62a70251079b3a52331eeff471bb5eff6ac | |
parent | 5eb48c3f6c82889c6a3f8b950ac9848600dc5380 (diff) | |
download | pysaml2-8185902f9f5db8f85bcc6f3362ebdee2ae595ba4.tar.gz |
add test for requested subject id
-rw-r--r-- | tests/entity_esi_and_coco_sp.xml | 5 | ||||
-rw-r--r-- | tests/test_30_mdstore.py | 17 |
2 files changed, 21 insertions, 1 deletions
diff --git a/tests/entity_esi_and_coco_sp.xml b/tests/entity_esi_and_coco_sp.xml index a076535b..f4e0ccbb 100644 --- a/tests/entity_esi_and_coco_sp.xml +++ b/tests/entity_esi_and_coco_sp.xml @@ -7,6 +7,9 @@ <saml:AttributeValue>https://myacademicid.org/entity-categories/esi</saml:AttributeValue> <saml:AttributeValue>http://www.geant.net/uri/dataprotection-code-of-conduct/v1</saml:AttributeValue> </saml:Attribute> + <saml:Attribute xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" Name="urn:oasis:names:tc:SAML:profiles:subject-id:req" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"> + <saml:AttributeValue>any</saml:AttributeValue> + </saml:Attribute> </mdattr:EntityAttributes></ns0:Extensions> <ns0:SPSSODescriptor AuthnRequestsSigned="false" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <ns0:KeyDescriptor use="encryption"> @@ -65,7 +68,7 @@ wHyaxzYldWmVC5omkgZeAdCGpJ316GQF8Zwg/yDOUzm4cvGeIESf1Q6ZxBwI6zGE </ns0:KeyDescriptor> <ns0:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://esi-coco.example.edu/saml2/ls/"/> <ns0:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://esi-coco.example.edu/saml2/acs/" index="1"/> - <!-- Require eduPersonTargetedID --> + <!-- Require schacHomeOrganization and eduPersonScopedAffiliation --> <ns0:AttributeConsumingService index="0"> <ns0:ServiceName xml:lang="en">esi-coco-SP</ns0:ServiceName> <ns0:ServiceDescription xml:lang="en">ESI and COCO SP</ns0:ServiceDescription> diff --git a/tests/test_30_mdstore.py b/tests/test_30_mdstore.py index 1c67a701..013a6062 100644 --- a/tests/test_30_mdstore.py +++ b/tests/test_30_mdstore.py @@ -189,6 +189,12 @@ METADATACONF = { "metadata": [(full_path("empty_metadata_file.xml"),)], } ], + "17": [ + { + "class": "saml2.mdstore.MetaDataFile", + "metadata": [(full_path("entity_esi_and_coco_sp.xml"),)], + } + ], } @@ -654,6 +660,17 @@ def test_registration_info_no_policy(): assert registration_info["registration_policy"] == {} +def test_subject_id_requirement(): + mds = MetadataStore(ATTRCONV, sec_config, disable_ssl_certificate_validation=True) + mds.imp(METADATACONF["17"]) + required_subject_id = mds.subject_id_requirement(entity_id="https://esi-coco.example.edu/saml2/metadata/") + assert required_subject_id["__class__"] == "urn:oasis:names:tc:SAML:2.0:metadata&RequestedAttribute" + assert required_subject_id["name"] == "urn:oasis:names:tc:SAML:attribute:pairwise-id" + assert required_subject_id["name_format"] == "urn:oasis:names:tc:SAML:2.0:attrname-format:uri" + assert required_subject_id["friendly_name"] == "pairwise-id" + assert required_subject_id["is_required"] == "true" + + def test_extension(): mds = MetadataStore(ATTRCONV, None) # use ordered dict to force expected entity to be last |