diff options
author | Rebecka Gulliksson <rebecka.gulliksson@umu.se> | 2015-12-28 19:25:08 +0100 |
---|---|---|
committer | Rebecka Gulliksson <rebecka.gulliksson@umu.se> | 2015-12-28 19:25:08 +0100 |
commit | 7a7b02d792a5ad17aa88336165069263fd387d89 (patch) | |
tree | 35001524083386fd5d4be75db81ffcdaf06c2b7d /tests/test_20_assertion.py | |
parent | 344ba4a66badec2513701b4da6c8309c7d18cfe7 (diff) | |
download | pysaml2-7a7b02d792a5ad17aa88336165069263fd387d89.tar.gz |
Match the attribute name of optional attributes in the same way as for required attributes.
Diffstat (limited to 'tests/test_20_assertion.py')
-rw-r--r-- | tests/test_20_assertion.py | 222 |
1 files changed, 119 insertions, 103 deletions
diff --git a/tests/test_20_assertion.py b/tests/test_20_assertion.py index 67e22a54..4b3c0ea9 100644 --- a/tests/test_20_assertion.py +++ b/tests/test_20_assertion.py @@ -50,6 +50,7 @@ mail = to_dict(md.RequestedAttribute(name="urn:oid:0.9.2342.19200300.100.1.3", friendly_name="mail", name_format=NAME_FORMAT_URI), ONTS) + # --------------------------------------------------------------------------- @@ -76,6 +77,20 @@ def test_filter_on_attributes_1(): assert list(ava.keys()) == ["serialNumber"] assert ava["serialNumber"] == ["12345"] + +def test_filter_on_attributes_without_friendly_name(): + ava = {"eduPersonTargetedID": "test@example.com", "eduPersonAffiliation": "test", + "extra": "foo"} + eptid = to_dict(Attribute(name="urn:oid:1.3.6.1.4.1.5923.1.1.1.10", name_format=NAME_FORMAT_URI), ONTS) + ep_affiliation = to_dict( + Attribute(name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1", name_format=NAME_FORMAT_URI), ONTS) + + restricted_ava = filter_on_attributes(ava, required=[eptid], optional=[ep_affiliation], + acs=ac_factory()) + assert restricted_ava == {"eduPersonTargetedID": "test@example.com", + "eduPersonAffiliation": "test"} + + # ---------------------------------------------------------------------- def test_lifetime_1(): @@ -173,8 +188,8 @@ def test_ava_filter_2(): "mail": "derek@example.com"} # mail removed because it doesn't match the regular expression - _ava =policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', None, [mail], - [gn, sn]) + _ava = policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', None, [mail], + [gn, sn]) assert _eq(sorted(list(_ava.keys())), ["givenName", "surName"]) @@ -214,7 +229,7 @@ def test_ava_filter_dont_fail(): # mail removed because it doesn't match the regular expression # So it should fail if the 'fail_on_ ...' flag wasn't set - _ava = policy.filter(ava,'urn:mace:umu.se:saml:roland:sp', None, + _ava = policy.filter(ava, 'urn:mace:umu.se:saml:roland:sp', None, [mail], [gn, sn]) assert _ava @@ -228,6 +243,7 @@ def test_ava_filter_dont_fail(): assert _ava + def test_filter_attribute_value_assertions_0(AVA): p = Policy({ "default": { @@ -382,9 +398,9 @@ def test_filter_values_req_2(): def test_filter_values_req_3(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345")]), ONTS) required = [a] ava = {"serialNumber": ["12345"]} @@ -396,9 +412,9 @@ def test_filter_values_req_3(): def test_filter_values_req_4(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")]), ONTS) required = [a] ava = {"serialNumber": ["12345"]} @@ -408,9 +424,9 @@ def test_filter_values_req_4(): def test_filter_values_req_5(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345")]), ONTS) required = [a] ava = {"serialNumber": ["12345", "54321"]} @@ -422,9 +438,9 @@ def test_filter_values_req_5(): def test_filter_values_req_6(): a = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")]), ONTS) required = [a] ava = {"serialNumber": ["12345", "54321"]} @@ -436,13 +452,13 @@ def test_filter_values_req_6(): def test_filter_values_req_opt_0(): r = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")]), ONTS) o = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345")]), ONTS) ava = {"serialNumber": ["12345", "54321"]} @@ -453,14 +469,14 @@ def test_filter_values_req_opt_0(): def test_filter_values_req_opt_1(): r = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="54321")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="54321")]), ONTS) o = to_dict( - Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, - friendly_name="serialNumber", - attribute_value=[AttributeValue(text="12345"), - AttributeValue(text="abcd0")]), ONTS) + Attribute(name="urn:oid:2.5.4.5", name_format=NAME_FORMAT_URI, + friendly_name="serialNumber", + attribute_value=[AttributeValue(text="12345"), + AttributeValue(text="abcd0")]), ONTS) ava = {"serialNumber": ["12345", "54321"]} @@ -472,30 +488,30 @@ def test_filter_values_req_opt_1(): def test_filter_values_req_opt_2(): r = [ to_dict( - Attribute( - friendly_name="surName", - name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS), + Attribute( + friendly_name="surName", + name="urn:oid:2.5.4.4", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + ONTS), to_dict( - Attribute( - friendly_name="givenName", - name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS), + Attribute( + friendly_name="givenName", + name="urn:oid:2.5.4.42", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + ONTS), to_dict( - Attribute( - friendly_name="mail", - name="urn:oid:0.9.2342.19200300.100.1.3", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS)] + Attribute( + friendly_name="mail", + name="urn:oid:0.9.2342.19200300.100.1.3", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + ONTS)] o = [ to_dict( - Attribute( - friendly_name="title", - name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), - ONTS)] + Attribute( + friendly_name="title", + name="urn:oid:2.5.4.12", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + ONTS)] ava = {"surname": ["Hedberg"], "givenName": ["Roland"], "eduPersonAffiliation": ["staff"], "uid": ["rohe0002"]} @@ -509,18 +525,18 @@ def test_filter_values_req_opt_2(): def test_filter_values_req_opt_4(): r = [ Attribute( - friendly_name="surName", - name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + friendly_name="surName", + name="urn:oid:2.5.4.4", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), Attribute( - friendly_name="givenName", - name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + friendly_name="givenName", + name="urn:oid:2.5.4.42", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] o = [ Attribute( - friendly_name="title", - name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + friendly_name="title", + name="urn:oid:2.5.4.12", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] acs = attribute_converter.ac_factory(full_path("attributemaps")) @@ -541,15 +557,15 @@ def test_filter_values_req_opt_4(): def test_filter_ava_0(): policy = Policy( - { - "default": { - "lifetime": {"minutes": 15}, - "attribute_restrictions": None # means all I have - }, - "urn:mace:example.com:saml:roland:sp": { - "lifetime": {"minutes": 5}, + { + "default": { + "lifetime": {"minutes": 15}, + "attribute_restrictions": None # means all I have + }, + "urn:mace:example.com:saml:roland:sp": { + "lifetime": {"minutes": 5}, + } } - } ) ava = {"givenName": ["Derek"], "surName": ["Jeter"], @@ -665,30 +681,30 @@ def test_filter_ava_4(): def test_req_opt(): req = [ to_dict( - md.RequestedAttribute( - friendly_name="surname", name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="true"), ONTS), + md.RequestedAttribute( + friendly_name="surname", name="urn:oid:2.5.4.4", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + is_required="true"), ONTS), to_dict( - md.RequestedAttribute( - friendly_name="givenname", - name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="true"), ONTS), + md.RequestedAttribute( + friendly_name="givenname", + name="urn:oid:2.5.4.42", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + is_required="true"), ONTS), to_dict( - md.RequestedAttribute( - friendly_name="edupersonaffiliation", - name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="true"), ONTS)] + md.RequestedAttribute( + friendly_name="edupersonaffiliation", + name="urn:oid:1.3.6.1.4.1.5923.1.1.1.1", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + is_required="true"), ONTS)] opt = [ to_dict( - md.RequestedAttribute( - friendly_name="title", - name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", - is_required="false"), ONTS)] + md.RequestedAttribute( + friendly_name="title", + name="urn:oid:2.5.4.12", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri", + is_required="false"), ONTS)] policy = Policy() ava = {'givenname': 'Roland', 'surname': 'Hedberg', @@ -702,18 +718,18 @@ def test_req_opt(): def test_filter_on_wire_representation_1(): r = [ Attribute( - friendly_name="surName", - name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + friendly_name="surName", + name="urn:oid:2.5.4.4", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), Attribute( - friendly_name="givenName", - name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + friendly_name="givenName", + name="urn:oid:2.5.4.42", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] o = [ Attribute( - friendly_name="title", - name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + friendly_name="title", + name="urn:oid:2.5.4.12", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] acs = attribute_converter.ac_factory(full_path("attributemaps")) @@ -727,18 +743,18 @@ def test_filter_on_wire_representation_1(): def test_filter_on_wire_representation_2(): r = [ Attribute( - friendly_name="surName", - name="urn:oid:2.5.4.4", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), + friendly_name="surName", + name="urn:oid:2.5.4.4", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri"), Attribute( - friendly_name="givenName", - name="urn:oid:2.5.4.42", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + friendly_name="givenName", + name="urn:oid:2.5.4.42", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] o = [ Attribute( - friendly_name="title", - name="urn:oid:2.5.4.12", - name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] + friendly_name="title", + name="urn:oid:2.5.4.12", + name_format="urn:oasis:names:tc:SAML:2.0:attrname-format:uri")] acs = attribute_converter.ac_factory(full_path("attributemaps")) @@ -784,7 +800,7 @@ def test_assertion_with_noop_attribute_conv(): # THis test doesn't work without a MetadataStore instance -#def test_filter_ava_5(): +# def test_filter_ava_5(): # policy = Policy({ # "default": { # "lifetime": {"minutes": 15}, |