diff options
| author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2015-12-11 13:02:49 +0100 |
|---|---|---|
| committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2015-12-11 13:02:49 +0100 |
| commit | 6200f158dbad1acf9bf6982a738c58620452f813 (patch) | |
| tree | 3fd0a53efa2cc70cae8b72289fa5cb7f39bdea7f /tests/test_31_config.py | |
| parent | 82d3b4da6ebd19f556d2f4d377236a05bb64cd75 (diff) | |
| download | pysaml2-6200f158dbad1acf9bf6982a738c58620452f813.tar.gz | |
Reworked the security backend so you should now be able to use a HSM again for XML security. Support for non-XML crypto using HSMs are on the way.
Diffstat (limited to 'tests/test_31_config.py')
| -rw-r--r-- | tests/test_31_config.py | 39 |
1 files changed, 38 insertions, 1 deletions
diff --git a/tests/test_31_config.py b/tests/test_31_config.py index 570f321d..623c944f 100644 --- a/tests/test_31_config.py +++ b/tests/test_31_config.py @@ -12,6 +12,7 @@ from py.test import raises from saml2 import root_logger from pathutils import dotname, full_path +from saml2.sigver import security_context, CryptoBackendXMLSecurity sp1 = { "entityid": "urn:mace:umu.se:saml:roland:sp", @@ -166,6 +167,33 @@ ECP_SP = { #"xmlsec_binary" : "/opt/local/bin/xmlsec1", } +IDP_XMLSECURITY = { + "entityid": "urn:mace:umu.se:saml:roland:idp", + "name": "Rolands IdP", + "service": { + "idp": { + "endpoints": { + "single_sign_on_service": ["http://localhost:8088/"], + "single_logout_service": [ + ("http://localhost:8088/", BINDING_HTTP_REDIRECT)], + }, + "policy": { + "default": { + "attribute_restrictions": { + "givenName": None, + "surName": None, + "eduPersonAffiliation": ["(member|staff)"], + "mail": [".*@example.com"], + } + }, + "urn:mace:umu.se:saml:roland:sp": None + }, + } + }, + "key_file": "pkcs11:///usr/lunasa/lib/libCryptoki2_64.so:1/eduID dev SAML signing key?pin=123456", + "crypto_backend": "XMLSecurity" +} + def _eq(l1, l2): return set(l1) == set(l2) @@ -371,5 +399,14 @@ def test_assertion_consumer_service(): assert acs[0][ "location"] == 'https://www.zimride.com/Shibboleth.sso/SAML2/POST' + +def test_crypto_backend(): + idpc = IdPConfig() + idpc.load(IDP_XMLSECURITY) + + assert idpc.crypto_backend == 'XMLSecurity' + sec = security_context(idpc) + assert isinstance(sec.crypto, CryptoBackendXMLSecurity) + if __name__ == "__main__": - test_2() + test_crypto_backend() |