diff options
author | Roland Hedberg <roland.hedberg@adm.umu.se> | 2012-11-14 13:36:08 +0100 |
---|---|---|
committer | Roland Hedberg <roland.hedberg@adm.umu.se> | 2012-11-14 13:36:08 +0100 |
commit | 74cf8659e15223d14586b99265a71924e3f939f9 (patch) | |
tree | 26daf3da88e1db38ae17445cdd2fe43aaaa5d663 /tests | |
parent | cc8e91e84ddc53d94715584f100bc4054a2dd20a (diff) | |
download | pysaml2-74cf8659e15223d14586b99265a71924e3f939f9.tar.gz |
All tests works now
Diffstat (limited to 'tests')
-rw-r--r-- | tests/idp_conf.py | 9 | ||||
-rw-r--r-- | tests/idp_sp_conf.py | 2 | ||||
-rw-r--r-- | tests/server3_conf.py | 2 | ||||
-rw-r--r-- | tests/server_conf.py | 1 | ||||
-rw-r--r-- | tests/sp_1_conf.py | 2 | ||||
-rw-r--r-- | tests/test_30_metadata.py | 112 | ||||
-rw-r--r-- | tests/test_31_config.py | 44 | ||||
-rw-r--r-- | tests/test_41_response.py | 20 | ||||
-rw-r--r-- | tests/test_44_authnresp.py | 41 | ||||
-rw-r--r-- | tests/test_50_server.py | 106 | ||||
-rw-r--r-- | tests/test_51_client.py | 181 | ||||
-rw-r--r-- | tests/test_60_sp.py | 21 | ||||
-rw-r--r-- | tests/test_61_makemeta.py | 8 |
13 files changed, 286 insertions, 263 deletions
diff --git a/tests/idp_conf.py b/tests/idp_conf.py index 33b9c8a7..53cae8b4 100644 --- a/tests/idp_conf.py +++ b/tests/idp_conf.py @@ -7,6 +7,7 @@ try: except ImportError: xmlsec_path = '/opt/local/bin/xmlsec1' +BASE = "http://localhost:8088" CONFIG = { "entityid" : "urn:mace:example.com:saml:roland:idp", @@ -15,10 +16,10 @@ CONFIG = { "idp": { "endpoints" : { "single_sign_on_service" : [ - ("http://localhost:8088/sso", BINDING_HTTP_REDIRECT)], + ("%s/sso" % BASE, BINDING_HTTP_REDIRECT)], "single_logout_service": [ - ("http://localhost:8088/slo", BINDING_SOAP), - ("http://localhost:8088/slop",BINDING_HTTP_POST)] + ("%s/slo" % BASE, BINDING_SOAP), + ("%s/slop" % BASE,BINDING_HTTP_POST)] }, "policy": { "default": { @@ -43,7 +44,7 @@ CONFIG = { "cert_file" : "test.pem", "xmlsec_binary" : xmlsec_path, "metadata": { - "local": ["metadata.xml", "vo_metadata.xml"], + "local": ["metadata_sp_1.xml", "vo_metadata.xml"], }, "attribute_map_dir" : "attributemaps", "organization": { diff --git a/tests/idp_sp_conf.py b/tests/idp_sp_conf.py index cd3f166c..1204b113 100644 --- a/tests/idp_sp_conf.py +++ b/tests/idp_sp_conf.py @@ -53,7 +53,7 @@ CONFIG = { "debug" : 1, "key_file" : "test.key", "cert_file" : "test.pem", - #"xmlsec_binary" : xmlsec_path, + "xmlsec_binary" : xmlsec_path, "metadata": { "local": ["metadata.xml", "vo_metadata.xml"], }, diff --git a/tests/server3_conf.py b/tests/server3_conf.py index d09c1f0b..5450bc86 100644 --- a/tests/server3_conf.py +++ b/tests/server3_conf.py @@ -21,7 +21,7 @@ CONFIG = { "debug" : 1, "key_file" : "test.key", "cert_file" : "test.pem", - #"xmlsec_binary" : xmlsec_path, + "xmlsec_binary" : xmlsec_path, "metadata": { "local": ["idp_aa.xml", "vo_metadata.xml"], }, diff --git a/tests/server_conf.py b/tests/server_conf.py index 4c6802b8..38046ee4 100644 --- a/tests/server_conf.py +++ b/tests/server_conf.py @@ -34,6 +34,7 @@ CONFIG={ "subject_data": "subject_data.db", "accepted_time_diff": 60, "attribute_map_dir" : "attributemaps", + "valid_for": 6, "organization": { "name": ("AB Exempel", "se"), "display_name": ("AB Exempel", "se"), diff --git a/tests/sp_1_conf.py b/tests/sp_1_conf.py index 649375a9..bb80bd3f 100644 --- a/tests/sp_1_conf.py +++ b/tests/sp_1_conf.py @@ -20,7 +20,7 @@ CONFIG = { "debug" : 1, "key_file" : "test.key", "cert_file" : "test.pem", - #"xmlsec_binary" : xmlsec_path, + "xmlsec_binary" : xmlsec_path, "metadata": { "local": ["idp.xml", "vo_metadata.xml"], }, diff --git a/tests/test_30_metadata.py b/tests/test_30_metadata.py index cb9e8d7f..d01ca31d 100644 --- a/tests/test_30_metadata.py +++ b/tests/test_30_metadata.py @@ -8,7 +8,7 @@ from saml2 import BINDING_SOAP from saml2 import md, saml, samlp from saml2 import time_util from saml2.saml import NAMEID_FORMAT_TRANSIENT, NAME_FORMAT_URI -from saml2.attribute_converter import ac_factory +from saml2.attribute_converter import ac_factory, to_local_name #from py.test import raises @@ -48,38 +48,41 @@ def test_swami_1(): md.import_metadata(_read_file(SWAMI_METADATA),"-") print len(md.entity) assert len(md.entity) - idps = dict([(id,ent["idp_sso"]) for id,ent in md.entity.items() \ - if "idp_sso" in ent]) + idps = dict([(id,ent["idpsso"]) for id,ent in md.entity.items() \ + if "idpsso" in ent]) print idps assert idps.keys() - idp_sso = md.single_sign_on_services( + idpsso = md.single_sign_on_services( 'https://idp.umu.se/saml2/idp/metadata.php') assert md.name('https://idp.umu.se/saml2/idp/metadata.php') == ( u'Ume\xe5 University (SAML2)') - assert len(idp_sso) == 1 - assert idp_sso == ['https://idp.umu.se/saml2/idp/SSOService.php'] + assert len(idpsso) == 1 + assert idpsso == ['https://idp.umu.se/saml2/idp/SSOService.php'] print md._loc_key['https://idp.umu.se/saml2/idp/SSOService.php'] ssocerts = md.certs('https://idp.umu.se/saml2/idp/SSOService.php', "signing") print ssocerts assert len(ssocerts) == 1 - print md._wants.keys() - assert _eq(md._wants.keys(),['https://sp.swamid.se/shibboleth', - 'https://connect8.sunet.se/shibboleth', - 'https://beta.lobber.se/shibboleth', - 'https://connect.uninett.no/shibboleth', - 'https://www.diva-portal.org/shibboleth', - 'https://connect.sunet.se/shibboleth', - 'https://crowd.nordu.net/shibboleth']) - - print md.wants('https://www.diva-portal.org/shibboleth') - assert _eq(md.wants('https://www.diva-portal.org/shibboleth')[1].keys(), + sps = dict([(id,ent["spsso"]) for id,ent in md.entity.items()\ + if "spsso" in ent]) + + acs_sp = [] + for nam, desc in sps.items(): + if desc[0].attribute_consuming_service: + acs_sp.append(nam) + + #print md.wants('https://www.diva-portal.org/shibboleth') + wants = md.attribute_requirement('https://connect8.sunet.se/shibboleth') + lnamn = [to_local_name(md.attrconv, attr) for attr in wants[1]] + assert _eq(lnamn, ['mail', 'givenName', 'eduPersonPrincipalName', 'sn', 'eduPersonScopedAffiliation']) - assert md.wants('https://connect.sunet.se/shibboleth')[0] == {} - assert _eq(md.wants('https://connect.sunet.se/shibboleth')[1].keys(), - ['mail', 'givenName', 'eduPersonPrincipalName', 'sn', - 'eduPersonScopedAffiliation']) + wants = md.attribute_requirement('https://beta.lobber.se/shibboleth') + assert wants[0] == [] + lnamn = [to_local_name(md.attrconv, attr) for attr in wants[1]] + assert _eq(lnamn, + ['eduPersonScopedAffiliation', 'eduPersonEntitlement', + 'eduPersonPrincipalName', 'sn', 'mail', 'givenName']) def test_incommon_1(): md = metadata.MetaData(attrconv=ATTRCONV) @@ -87,23 +90,39 @@ def test_incommon_1(): print len(md.entity) assert len(md.entity) == 442 idps = dict([ - (id,ent["idp_sso"]) for id,ent in md.entity.items() if "idp_sso" in ent]) + (id,ent["idpsso"]) for id,ent in md.entity.items() if "idpsso" in ent]) print idps.keys() assert len(idps) == 53 # !!!!???? < 10% assert md.single_sign_on_services('urn:mace:incommon:uiuc.edu') == [] - idp_sso = md.single_sign_on_services('urn:mace:incommon:alaska.edu') - assert len(idp_sso) == 1 - print idp_sso - print md.wants - assert idp_sso == ['https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO'] - + idpsso = md.single_sign_on_services('urn:mace:incommon:alaska.edu') + assert len(idpsso) == 1 + print idpsso + assert idpsso == ['https://idp.alaska.edu/idp/profile/SAML2/Redirect/SSO'] + + sps = dict([(id,ent["spsso"]) for id,ent in md.entity.items()\ + if "spsso" in ent]) + + acs_sp = [] + for nam, desc in sps.items(): + if desc[0].attribute_consuming_service: + acs_sp.append(nam) + + assert len(acs_sp) == 0 + + # Look for attribute authorities + aas = dict([(id,ent["attribute_authority"]) for id,ent in md.entity.items()\ + if "attribute_authority" in ent]) + + print aas.keys() + assert len(aas) == 53 + def test_example(): md = metadata.MetaData(attrconv=ATTRCONV) md.import_metadata(_read_file(EXAMPLE_METADATA), "-") print len(md.entity) assert len(md.entity) == 1 - idps = dict([(id,ent["idp_sso"]) for id,ent in md.entity.items() \ - if "idp_sso" in ent]) + idps = dict([(id,ent["idpsso"]) for id,ent in md.entity.items() \ + if "idpsso" in ent]) assert idps.keys() == [ 'http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php'] print md._loc_key['http://xenosmilus.umdc.umu.se/simplesaml/saml2/idp/metadata.php'] @@ -119,14 +138,14 @@ def test_switch_1(): md.import_metadata(_read_file(SWITCH_METADATA), "-") print len(md.entity) assert len(md.entity) == 90 - idps = dict([(id,ent["idp_sso"]) for id,ent in md.entity.items() \ - if "idp_sso" in ent]) + idps = dict([(id,ent["idpsso"]) for id,ent in md.entity.items() \ + if "idpsso" in ent]) print idps.keys() - idp_sso = md.single_sign_on_services( + idpsso = md.single_sign_on_services( 'https://aai-demo-idp.switch.ch/idp/shibboleth') - assert len(idp_sso) == 1 - print idp_sso - assert idp_sso == [ + assert len(idpsso) == 1 + print idpsso + assert idpsso == [ 'https://aai-demo-idp.switch.ch/idp/profile/SAML2/Redirect/SSO'] assert len(idps) == 16 aas = dict([(id,ent["attribute_authority"]) for id,ent in md.entity.items() \ @@ -138,7 +157,7 @@ def test_switch_1(): assert len(aad.attribute_service) == 1 assert len(aad.name_id_format) == 2 dual = dict([(id,ent) for id,ent in md.entity.items() \ - if "idp_sso" in ent and "sp_sso" in ent]) + if "idpsso" in ent and "spsso" in ent]) print len(dual) assert len(dual) == 0 @@ -150,25 +169,18 @@ def test_sp_metadata(): assert len(md.entity) == 1 assert md.entity.keys() == ['urn:mace:umu.se:saml:roland:sp'] assert _eq(md.entity['urn:mace:umu.se:saml:roland:sp'].keys(), [ - 'valid_until',"organization","sp_sso", + 'valid_until',"organization","spsso", 'contact_person']) - print md.entity['urn:mace:umu.se:saml:roland:sp']["sp_sso"][0].keyswv() - (req,opt) = md.attribute_consumer('urn:mace:umu.se:saml:roland:sp') + print md.entity['urn:mace:umu.se:saml:roland:sp']["spsso"][0].keyswv() + (req,opt) = md.attribute_requirement('urn:mace:umu.se:saml:roland:sp') print req assert len(req) == 3 assert len(opt) == 1 assert opt[0].name == 'urn:oid:2.5.4.12' assert opt[0].friendly_name == 'title' - assert _eq([n.name for n in req],['urn:oid:2.5.4.4', 'urn:oid:2.5.4.42', - 'urn:oid:0.9.2342.19200300.100.1.3']) + assert _eq([n.name for n in req],['urn:oid:2.5.4.4', 'urn:oid:2.5.4.42', + 'urn:oid:0.9.2342.19200300.100.1.3']) assert _eq([n.friendly_name for n in req],['surName', 'givenName', 'mail']) - print md.wants - - assert md._wants.keys() == ['urn:mace:umu.se:saml:roland:sp'] - assert _eq(md.wants('urn:mace:umu.se:saml:roland:sp')[0].keys(), - ["mail", "givenName", "sn"]) - assert _eq(md.wants('urn:mace:umu.se:saml:roland:sp')[1].keys(), - ["title"]) KALMAR2_URL = "https://kalmar2.org/simplesaml/module.php/aggregator/?id=kalmarcentral2&set=saml2" KALMAR2_CERT = "kalmar2.pem" @@ -180,7 +192,7 @@ KALMAR2_CERT = "kalmar2.pem" # print len(md.entity) # assert len(md.entity) > 20 # idps = dict([ -# (id,ent["idp_sso"]) for id,ent in md.entity.items() if "idp_sso" in ent]) +# (id,ent["idpsso"]) for id,ent in md.entity.items() if "idpsso" in ent]) # print idps.keys() # assert len(idps) > 1 # assert "https://idp.umu.se/saml2/idp/metadata.php" in idps diff --git a/tests/test_31_config.py b/tests/test_31_config.py index bb130c2f..15624d75 100644 --- a/tests/test_31_config.py +++ b/tests/test_31_config.py @@ -163,15 +163,15 @@ def test_1(): c = SPConfig().load(sp1) c.context = "sp" print c - assert c.endpoints - assert c.name - assert c.idp + assert c._sp_endpoints + assert c._sp_name + assert c._sp_idp md = c.metadata assert isinstance(md, MetaData) - assert len(c.idp) == 1 - assert c.idp.keys() == ["urn:mace:example.com:saml:roland:idp"] - assert c.idp.values() == [{'single_sign_on_service': + assert len(c._sp_idp) == 1 + assert c._sp_idp.keys() == ["urn:mace:example.com:saml:roland:idp"] + assert c._sp_idp.values() == [{'single_sign_on_service': {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': 'http://localhost:8088/sso/'}}] @@ -182,15 +182,16 @@ def test_2(): c.context = "sp" print c - assert c.endpoints - assert c.idp - assert c.optional_attributes + assert c._sp_endpoints + assert c.getattr("endpoints", "sp") + assert c._sp_idp + assert c._sp_optional_attributes assert c.name - assert c.required_attributes + assert c._sp_required_attributes - assert len(c.idp) == 1 - assert c.idp.keys() == [""] - assert c.idp.values() == ["https://example.com/saml2/idp/SSOService.php"] + assert len(c._sp_idp) == 1 + assert c._sp_idp.keys() == [""] + assert c._sp_idp.values() == ["https://example.com/saml2/idp/SSOService.php"] assert c.only_use_keys_in_metadata is None def test_minimum(): @@ -222,7 +223,7 @@ def test_idp_1(): print c assert c.endpoint("single_sign_on_service")[0] == 'http://localhost:8088/' - attribute_restrictions = c.policy.get_attribute_restriction("") + attribute_restrictions = c.getattr("policy","idp").get_attribute_restriction("") assert attribute_restrictions["eduPersonAffiliation"][0].match("staff") def test_idp_2(): @@ -235,7 +236,7 @@ def test_idp_2(): assert c.endpoint("single_logout_service", BINDING_HTTP_REDIRECT) == ["http://localhost:8088/"] - attribute_restrictions = c.policy.get_attribute_restriction("") + attribute_restrictions = c.getattr("policy","idp").get_attribute_restriction("") assert attribute_restrictions["eduPersonAffiliation"][0].match("staff") def test_wayf(): @@ -313,15 +314,12 @@ def test_sp(): def test_dual(): cnf = Config().load_file("idp_sp_conf") - assert cnf.serves() == ["sp", "idp"] - - spcnf = cnf.copy_into("sp") - assert isinstance(spcnf, SPConfig) - assert spcnf.context == "sp" - idpcnf = cnf.copy_into("idp") - assert isinstance(idpcnf, IdPConfig) - assert idpcnf.context == "idp" + spe = cnf.getattr("endpoints", "sp") + idpe = cnf.getattr("endpoints", "idp") + assert spe + assert idpe + assert spe != idpe def test_ecp(): cnf = SPConfig() diff --git a/tests/test_41_response.py b/tests/test_41_response.py index fbb25d85..c8b7f4a3 100644 --- a/tests/test_41_response.py +++ b/tests/test_41_response.py @@ -19,7 +19,11 @@ XML_RESPONSE_FILE2 = "saml2_response.xml" def _eq(l1,l2): return set(l1) == set(l2) - + +IDENTITY = {"eduPersonAffiliation": ["staff", "member"], + "surName": ["Jeter"], "givenName": ["Derek"], + "mail": ["foo@gmail.com"]} + class TestResponse: def setup_class(self): server = Server("idp_conf") @@ -27,28 +31,28 @@ class TestResponse: "urn:mace:example.com:saml:roland:sp", "id12") - self._resp_ = server.do_response( + self._resp_ = server.create_response( "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - {"eduPersonEntitlement":"Jeter"}, + IDENTITY, name_id = name_id ) - self._sign_resp_ = server.do_response( + self._sign_resp_ = server.create_response( "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - {"eduPersonEntitlement":"Jeter"}, + IDENTITY, name_id = name_id, - sign=True + sign_assertion=True ) - self._resp_authn = server.do_response( + self._resp_authn = server.create_response( "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - {"eduPersonEntitlement":"Jeter"}, + IDENTITY, name_id = name_id, authn=(saml.AUTHN_PASSWORD, "http://www.example.com/login") ) diff --git a/tests/test_44_authnresp.py b/tests/test_44_authnresp.py index a22af3ff..dc2db5e9 100644 --- a/tests/test_44_authnresp.py +++ b/tests/test_44_authnresp.py @@ -1,51 +1,48 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- -from saml2 import samlp, BINDING_HTTP_POST -from saml2 import saml, config, class_name, make_instance +from saml2 import saml from saml2.server import Server -from saml2.response import authn_response, StatusResponse +from saml2.response import authn_response from saml2.config import config_factory XML_RESPONSE_FILE = "saml_signed.xml" XML_RESPONSE_FILE2 = "saml2_response.xml" -import os - def _eq(l1,l2): return set(l1) == set(l2) - + +IDENTITY = {"eduPersonAffiliation": ["staff", "member"], + "surName": ["Jeter"], "givenName": ["Derek"], + "mail": ["foo@gmail.com"]} + class TestAuthnResponse: def setup_class(self): server = Server("idp_conf") name_id = server.ident.transient_nameid( "urn:mace:example.com:saml:roland:sp","id12") - - self._resp_ = server.do_response( + policy = server.conf.getattr("policy", "idp") + self._resp_ = server.create_response( "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - {"eduPersonEntitlement":"Jeter"}, - name_id = name_id - ) + IDENTITY, name_id = name_id, policy=policy) - self._sign_resp_ = server.do_response( + self._sign_resp_ = server.create_response( "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - {"eduPersonEntitlement":"Jeter"}, - name_id = name_id, - sign=True - ) + IDENTITY, + name_id = name_id, sign_assertion=True, policy=policy) - self._resp_authn = server.do_response( + self._resp_authn = server.create_response( "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - {"eduPersonEntitlement":"Jeter"}, + IDENTITY, name_id = name_id, - authn=(saml.AUTHN_PASSWORD, "http://www.example.com/login") - ) + authn=(saml.AUTHN_PASSWORD, "http://www.example.com/login"), + policy=policy) self.conf = config_factory("sp", "server_conf") self.ar = authn_response(self.conf, "http://lingon.catalogix.se:8087/") @@ -60,7 +57,7 @@ class TestAuthnResponse: print self.ar.__dict__ assert self.ar.came_from == 'http://localhost:8088/sso' assert self.ar.session_id() == "id12" - assert self.ar.ava == {'eduPersonEntitlement': ['Jeter'] } + assert self.ar.ava == IDENTITY assert self.ar.name_id assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' @@ -76,7 +73,7 @@ class TestAuthnResponse: print self.ar.__dict__ assert self.ar.came_from == 'http://localhost:8088/sso' assert self.ar.session_id() == "id12" - assert self.ar.ava == {'eduPersonEntitlement': ['Jeter'] } + assert self.ar.ava == IDENTITY assert self.ar.issuer() == 'urn:mace:example.com:saml:roland:idp' assert self.ar.name_id diff --git a/tests/test_50_server.py b/tests/test_50_server.py index 3048f614..b5354e95 100644 --- a/tests/test_50_server.py +++ b/tests/test_50_server.py @@ -139,26 +139,17 @@ class TestServer1(): assert status.status_code.value == samlp.STATUS_SUCCESS def test_parse_faulty_request(self): - authn_request = self.client.authn_request( - query_id = "id1", - destination = "http://www.example.com", - service_url = "http://www.example.org", - spentityid = "urn:mace:example.com:saml:roland:sp", - my_name = "My real name", - ) + authn_request = self.client.create_authn_request( + destination = "http://www.example.com", + id = "id1") intermed = s_utils.deflate_and_base64_encode("%s" % authn_request) # should raise an error because faulty spentityid raises(OtherError, self.server.parse_authn_request, intermed) def test_parse_faulty_request_to_err_status(self): - authn_request = self.client.authn_request( - query_id = "id1", - destination = "http://www.example.com", - service_url = "http://www.example.org", - spentityid = "urn:mace:example.com:saml:roland:sp", - my_name = "My real name", - ) + authn_request = self.client.create_authn_request( + destination = "http://www.example.com") intermed = s_utils.deflate_and_base64_encode("%s" % authn_request) try: @@ -178,20 +169,17 @@ class TestServer1(): assert status_code.status_code.value == samlp.STATUS_UNKNOWN_PRINCIPAL def test_parse_ok_request(self): - authn_request = self.client.authn_request( - query_id = "id1", - destination = "http://localhost:8088/sso", - service_url = "http://localhost:8087/", - spentityid = "urn:mace:example.com:saml:roland:sp", - my_name = "My real name", - ) + authn_request = self.client.create_authn_request( + id = "id1", + destination = "http://localhost:8088/sso") print authn_request intermed = s_utils.deflate_and_base64_encode("%s" % authn_request) + response = self.server.parse_authn_request(intermed) # returns a dictionary print response - assert response["consumer_url"] == "http://localhost:8087/" + assert response["consumer_url"] == "http://lingon.catalogix.se:8087/" assert response["id"] == "id1" name_id_policy = response["request"].name_id_policy assert _eq(name_id_policy.keyswv(), ["format", "allow_create"]) @@ -202,12 +190,16 @@ class TestServer1(): name_id = self.server.ident.transient_nameid( "urn:mace:example.com:saml:roland:sp", "id12") - resp = self.server.do_response( + resp = self.server.create_response( "id12", # in_response_to "http://localhost:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - { "eduPersonEntitlement": "Short stop"}, # identity - name_id + {"eduPersonEntitlement": "Short stop", + "surName": "Jeter", + "givenName": "Derek", + "mail": "derek.jeter@nyy.mlb.com"}, + name_id, + policy= self.server.conf.getattr("policy") ) print resp.keyswv() @@ -227,7 +219,7 @@ class TestServer1(): assert assertion.attribute_statement attribute_statement = assertion.attribute_statement print attribute_statement - assert len(attribute_statement.attribute) == 1 + assert len(attribute_statement.attribute) == 4 attribute = attribute_statement.attribute[0] assert len(attribute.attribute_value) == 1 assert attribute.friendly_name == "eduPersonEntitlement" @@ -245,7 +237,7 @@ class TestServer1(): assert confirmation.subject_confirmation_data.in_response_to == "id12" def test_sso_response_without_identity(self): - resp = self.server.do_response( + resp = self.server.create_response( "id12", # in_response_to "http://localhost:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id @@ -263,8 +255,9 @@ class TestServer1(): def test_sso_failure_response(self): exc = s_utils.MissingValue("eduPersonAffiliation missing") - resp = self.server.error_response("id12", "http://localhost:8087/", - "urn:mace:example.com:saml:roland:sp", exc ) + resp = self.server.create_error_response("id12", + "http://localhost:8087/", + exc ) print resp.keyswv() assert _eq(resp.keyswv(),['status', 'destination', 'in_response_to', @@ -291,14 +284,15 @@ class TestServer1(): ava = { "givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"]} - resp_str = self.server.authn_response(ava, - "id1", "http://local:8087/", - "urn:mace:example.com:saml:roland:sp", - samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT, - allow_create="true"), - "foba0001@example.com") + npolicy = samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT, + allow_create="true") + resp_str = "%s" % self.server.create_authn_response( + ava, "id1", "http://local:8087/", + "urn:mace:example.com:saml:roland:sp", + npolicy, + "foba0001@example.com") - response = samlp.response_from_string("\n".join(resp_str)) + response = samlp.response_from_string(resp_str) print response.keyswv() assert _eq(response.keyswv(),['status', 'destination', 'assertion', 'in_response_to', 'issue_instant', 'version', @@ -318,14 +312,16 @@ class TestServer1(): name_id = self.server.ident.transient_nameid( "urn:mace:example.com:saml:roland:sp", "id12") + ava = { "givenName": ["Derek"], "surName": ["Jeter"], + "mail": ["derek@nyy.mlb.com"]} - signed_resp = self.server.do_response( + signed_resp = self.server.create_response( "id12", # in_response_to "http://lingon.catalogix.se:8087/", # consumer_url "urn:mace:example.com:saml:roland:sp", # sp_entity_id - {"eduPersonEntitlement":"Jeter"}, + ava, name_id = name_id, - sign=True + sign_assertion=True ) print "%s" % signed_resp @@ -352,11 +348,11 @@ class TestServer1(): } self.client.users.add_information_about_person(sinfo) - logout_request = self.client.construct_logout_request( - subject_id="foba0001", - destination = "http://localhost:8088/slop", - issuer_entity_id = "urn:mace:example.com:saml:roland:idp", - reason = "I'm tired of this") + logout_request = self.client.create_logout_request( + destination = "http://localhost:8088/slop", + subject_id="foba0001", + issuer_entity_id = "urn:mace:example.com:saml:roland:idp", + reason = "I'm tired of this") intermed = s_utils.deflate_and_base64_encode("%s" % (logout_request,)) @@ -379,10 +375,11 @@ class TestServer1(): sp = client.Saml2Client(config_file="server_conf") sp.users.add_information_about_person(sinfo) - logout_request = sp.construct_logout_request(subject_id = "foba0001", - destination = "http://localhost:8088/slo", - issuer_entity_id = "urn:mace:example.com:saml:roland:idp", - reason = "I'm tired of this") + logout_request = sp.create_logout_request( + subject_id = "foba0001", + destination = "http://localhost:8088/slo", + issuer_entity_id = "urn:mace:example.com:saml:roland:idp", + reason = "I'm tired of this") _ = s_utils.deflate_and_base64_encode("%s" % (logout_request,)) @@ -402,10 +399,12 @@ class TestServer2(): self.server = Server("restrictive_idp_conf") def test_do_aa_reponse(self): - aa_policy = self.server.conf.policy + aa_policy = self.server.conf.getattr("policy", "idp") print aa_policy.__dict__ - response = self.server.do_aa_response("aaa", "http://example.com/sp/", - "urn:mace:example.com:sp:1", IDENTITY.copy()) + response = self.server.create_aa_response("aaa", + "http://example.com/sp/", + "urn:mace:example.com:sp:1", + IDENTITY.copy()) assert response is not None assert response.destination == "http://example.com/sp/" @@ -439,7 +438,7 @@ def _logout_request(conf_file): } sp.users.add_information_about_person(sinfo) - return sp.construct_logout_request( + return sp.create_logout_request( subject_id = "foba0001", destination = "http://localhost:8088/slo", issuer_entity_id = "urn:mace:example.com:saml:roland:idp", @@ -452,7 +451,8 @@ class TestServerLogout(): request = _logout_request("sp_slo_redirect_conf") print request bindings = [BINDING_HTTP_REDIRECT] - (resp, headers, message) = server.logout_response(request, bindings) + (resp, headers, message) = server.create_logout_response(request, + bindings) assert resp == '302 Found' assert len(headers) == 1 assert headers[0][0] == "Location" diff --git a/tests/test_51_client.py b/tests/test_51_client.py index 68aa5e98..4d86d15f 100644 --- a/tests/test_51_client.py +++ b/tests/test_51_client.py @@ -6,9 +6,12 @@ import urllib from urlparse import urlparse, parse_qs from saml2.client import Saml2Client, LogoutError -from saml2 import samlp, BINDING_HTTP_POST +from saml2 import samlp, BINDING_HTTP_POST, BINDING_HTTP_REDIRECT from saml2 import BINDING_SOAP from saml2 import saml, config, class_name +from saml2.discovery import discovery_service_request_url +from saml2.discovery import discovery_service_response +from saml2.saml import NAMEID_FORMAT_PERSISTENT from saml2.server import Server from saml2.s_utils import decode_base64_and_inflate from saml2.time_util import in_a_while @@ -62,10 +65,11 @@ class TestClient: self.client = Saml2Client(conf) def test_create_attribute_query1(self): - req = self.client.create_attribute_query("id1", - "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", - "https://idp.example.com/idp/", - nameid_format=saml.NAMEID_FORMAT_PERSISTENT) + req = self.client.create_attribute_query( + "https://idp.example.com/idp/", + "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", + nameid_format=saml.NAMEID_FORMAT_PERSISTENT, + id="id1") reqstr = "%s" % req.to_string() assert req.destination == "https://idp.example.com/idp/" @@ -93,9 +97,9 @@ class TestClient: assert attrq.subject.name_id.text == name_id.text def test_create_attribute_query2(self): - req = self.client.create_attribute_query("id1", - "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", + req = self.client.create_attribute_query( "https://idp.example.com/idp/", + "E8042FB4-4D5B-48C3-8E14-8EDD852790DD", attribute={ ("urn:oid:2.5.4.42", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri", @@ -106,7 +110,8 @@ class TestClient: ("urn:oid:1.2.840.113549.1.9.1", "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"):None, }, - nameid_format=saml.NAMEID_FORMAT_PERSISTENT) + nameid_format=saml.NAMEID_FORMAT_PERSISTENT, + id="id1") print req.to_string() assert req.destination == "https://idp.example.com/idp/" @@ -133,13 +138,14 @@ class TestClient: if getattr(attribute,"friendly_name"): assert False seen.append("email") - assert set(seen) == set(["givenName", "surname", "email"]) + assert set(seen) == {"givenName", "surname", "email"} def test_create_attribute_query_3(self): - req = self.client.create_attribute_query("id1", - "_e7b68a04488f715cda642fbdd90099f5", + req = self.client.create_attribute_query( "https://aai-demo-idp.switch.ch/idp/shibboleth", - nameid_format=saml.NAMEID_FORMAT_TRANSIENT ) + "_e7b68a04488f715cda642fbdd90099f5", + nameid_format=saml.NAMEID_FORMAT_TRANSIENT, + id="id1") assert isinstance(req, samlp.AttributeQuery) assert req.destination == "https://aai-demo-idp.switch.ch/idp/shibboleth" @@ -152,13 +158,13 @@ class TestClient: assert nameid.text == "_e7b68a04488f715cda642fbdd90099f5" def test_attribute_query(self): - req = self.client.attribute_query( - "_e7b68a04488f715cda642fbdd90099f5", - "https://aai-demo-idp.switch.ch/idp/shibboleth", + resp = self.client.do_attribute_query( + "urn:mace:example.com:saml:roland:idp", + "_e7b68a04488f715cda642fbdd90099f5", nameid_format=saml.NAMEID_FORMAT_TRANSIENT) # since no one is answering on the other end - assert req is None + assert resp is None # def test_idp_entry(self): # idp_entry = self.client.idp_entry(name="UmeƄ Universitet", @@ -179,19 +185,17 @@ class TestClient: # assert idp_entry.loc == ['http://localhost:8088/sso'] def test_create_auth_request_0(self): - ar_str = "%s" % self.client.authn_request("id1", + ar_str = "%s" % self.client.create_authn_request( "http://www.example.com/sso", - "http://www.example.org/service", - "urn:mace:example.org:saml:sp", - "My Name") + id="id1") ar = samlp.authn_request_from_string(ar_str) print ar - assert ar.assertion_consumer_service_url == "http://www.example.org/service" + assert ar.assertion_consumer_service_url == "http://lingon.catalogix.se:8087/" assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" - assert ar.provider_name == "My Name" - assert ar.issuer.text == "urn:mace:example.org:saml:sp" + assert ar.provider_name == "urn:mace:example.com:saml:roland:sp" + assert ar.issuer.text == "urn:mace:example.com:saml:roland:sp" nid_policy = ar.name_id_policy assert nid_policy.allow_create == "true" assert nid_policy.format == saml.NAMEID_FORMAT_TRANSIENT @@ -200,36 +204,34 @@ class TestClient: assert self.client.config.virtual_organization.keys() == [ "urn:mace:example.com:it:tek"] - ar_str = "%s" % self.client.authn_request("666", + ar_str = "%s" % self.client.create_authn_request( "http://www.example.com/sso", - "http://www.example.org/service", - "urn:mace:example.org:saml:sp", - "My Name", - vorg="urn:mace:example.com:it:tek") + "urn:mace:example.com:it:tek", # vo + nameid_format=NAMEID_FORMAT_PERSISTENT, + id="666") ar = samlp.authn_request_from_string(ar_str) print ar assert ar.id == "666" - assert ar.assertion_consumer_service_url == "http://www.example.org/service" + assert ar.assertion_consumer_service_url == "http://lingon.catalogix.se:8087/" assert ar.destination == "http://www.example.com/sso" assert ar.protocol_binding == BINDING_HTTP_POST assert ar.version == "2.0" - assert ar.provider_name == "My Name" - assert ar.issuer.text == "urn:mace:example.org:saml:sp" + assert ar.provider_name == "urn:mace:example.com:saml:roland:sp" + assert ar.issuer.text == "urn:mace:example.com:saml:roland:sp" nid_policy = ar.name_id_policy - assert nid_policy.allow_create == "true" + assert nid_policy.allow_create == "false" assert nid_policy.format == saml.NAMEID_FORMAT_PERSISTENT assert nid_policy.sp_name_qualifier == "urn:mace:example.com:it:tek" def test_sign_auth_request_0(self): #print self.client.config - ar_str = "%s" % self.client.authn_request("id1", + ar_str = "%s" % self.client.create_authn_request( "http://www.example.com/sso", - "http://www.example.org/service", - "urn:mace:example.org:saml:sp", - "My Name", sign=True) - + sign=True, + id="id1") + ar = samlp.authn_request_from_string(ar_str) assert ar @@ -251,17 +253,20 @@ class TestClient: def test_response(self): IDP = "urn:mace:example.com:saml:roland:idp" - ava = { "givenName": ["Derek"], "surname": ["Jeter"], + ava = { "givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"]} - resp_str = "\n".join(self.server.authn_response( - identity=ava, - in_response_to="id1", - destination="http://lingon.catalogix.se:8087/", - sp_entity_id="urn:mace:example.com:saml:roland:sp", - name_id_policy=samlp.NameIDPolicy( - format=saml.NAMEID_FORMAT_PERSISTENT), - userid="foba0001@example.com")) + nameid_policy=samlp.NameIDPolicy(allow_create="false", + format=saml.NAMEID_FORMAT_PERSISTENT) + + resp = self.server.create_authn_response(identity=ava, + in_response_to="id1", + destination="http://lingon.catalogix.se:8087/", + sp_entity_id="urn:mace:example.com:saml:roland:sp", + name_id_policy=nameid_policy, + userid="foba0001@example.com") + + resp_str = "%s" % resp resp_str = base64.encodestring(resp_str) @@ -274,7 +279,9 @@ class TestClient: session_info = authn_response.session_info() print session_info - assert session_info["ava"] == {'mail': ['derek@nyy.mlb.com'], 'givenName': ['Derek'], 'sn': ['Jeter']} + assert session_info["ava"] == {'mail': ['derek@nyy.mlb.com'], + 'givenName': ['Derek'], + 'surName': ['Jeter']} assert session_info["issuer"] == IDP assert session_info["came_from"] == "http://foo.example.com/service" response = samlp.response_from_string(authn_response.xmlstr) @@ -289,17 +296,16 @@ class TestClient: # --- authenticate another person - ava = { "givenName": ["Alfonson"], "surname": ["Soriano"], + ava = { "givenName": ["Alfonson"], "surName": ["Soriano"], "mail": ["alfonson@chc.mlb.com"]} - resp_str = "\n".join(self.server.authn_response( - identity=ava, - in_response_to="id2", - destination="http://lingon.catalogix.se:8087/", - sp_entity_id="urn:mace:example.com:saml:roland:sp", - name_id_policy=samlp.NameIDPolicy( - format=saml.NAMEID_FORMAT_PERSISTENT), - userid="also0001@example.com")) + resp_str = "%s" % self.server.create_authn_response( + identity=ava, + in_response_to="id2", + destination="http://lingon.catalogix.se:8087/", + sp_entity_id="urn:mace:example.com:saml:roland:sp", + name_id_policy=nameid_policy, + userid="also0001@example.com") resp_str = base64.encodestring(resp_str) @@ -317,7 +323,6 @@ class TestClient: entityid = self.client.config.entityid print entityid assert entityid == "urn:mace:example.com:saml:roland:sp" - print self.client.config.idp print self.client.config.metadata.idps() print self.client.config.idps() location = self.client._sso_location() @@ -332,10 +337,9 @@ class TestClient: def test_authenticate(self): print self.client.config.idps() - (sid, response) = self.client.authenticate( + response = self.client.do_authenticate( "urn:mace:example.com:saml:roland:idp", "http://www.example.com/relay_state") - assert sid is not None assert response[0] == "Location" o = urlparse(response[1]) qdict = parse_qs(o.query) @@ -343,13 +347,11 @@ class TestClient: saml_request = decode_base64_and_inflate(qdict["SAMLRequest"][0]) print saml_request authnreq = samlp.authn_request_from_string(saml_request) - assert authnreq.id == sid def test_authenticate_no_args(self): - (sid, request) = self.client.authenticate(relay_state="http://www.example.com/relay_state") - assert sid is not None - assert request[0] == "Location" - o = urlparse(request[1]) + response = self.client.do_authenticate(relay_state="http://www.example.com/relay_state") + assert response[0] == "Location" + o = urlparse(response[1]) qdict = parse_qs(o.query) assert _leq(qdict.keys(), ['SAMLRequest', 'RelayState']) saml_request = decode_base64_and_inflate(qdict["SAMLRequest"][0]) @@ -357,14 +359,13 @@ class TestClient: print saml_request authnreq = samlp.authn_request_from_string(saml_request) print authnreq.keyswv() - assert authnreq.id == sid assert authnreq.destination == "http://localhost:8088/sso" assert authnreq.assertion_consumer_service_url == "http://lingon.catalogix.se:8087/" assert authnreq.provider_name == "urn:mace:example.com:saml:roland:sp" - assert authnreq.protocol_binding == BINDING_HTTP_POST + assert authnreq.protocol_binding == BINDING_HTTP_REDIRECT name_id_policy = authnreq.name_id_policy - assert name_id_policy.allow_create == "true" - assert name_id_policy.format == "urn:oasis:names:tc:SAML:2.0:nameid-format:transient" + assert name_id_policy.allow_create == "false" + assert name_id_policy.format == NAMEID_FORMAT_PERSISTENT issuer = authnreq.issuer assert issuer.text == "urn:mace:example.com:saml:roland:sp" @@ -386,7 +387,8 @@ class TestClient: self.client.users.add_information_about_person(session_info) entity_ids = self.client.users.issuers_of_info("123456") assert entity_ids == ["urn:mace:example.com:saml:roland:idp"] - resp = self.client.global_logout("123456", "Tired", in_a_while(minutes=5)) + resp = self.client.global_logout("123456", "Tired", + in_a_while(minutes=5)) print resp assert resp assert resp[0] # a session_id @@ -401,7 +403,7 @@ class TestClient: assert session_info["reason"] == "Tired" assert session_info["operation"] == "SLO" assert session_info["entity_ids"] == entity_ids - assert session_info["sign"] == False + assert session_info["sign"] == True def test_logout_2(self): """ one IdP/AA with BINDING_SOAP, can't actually send something""" @@ -480,7 +482,7 @@ class TestClient: assert state_info["reason"] == "Tired" assert state_info["operation"] == "SLO" assert state_info["entity_ids"] == entity_ids - assert state_info["sign"] == False + assert state_info["sign"] == True def test_authz_decision_query(self): conf = config.SPConfig() @@ -503,7 +505,7 @@ class TestClient: conf.attribute_converters, policy, issuer=client._issuer()) - adq = client.authz_decision_query_using_assertion("entity_id", + adq = client.create_authz_decision_query_using_assertion("entity_id", assertion, "read", "http://example.com/text") @@ -517,11 +519,14 @@ class TestClient: def test_request_to_discovery_service(self): disc_url = "http://example.com/saml2/idp/disc" - url = self.client.discovery_service_request_url(disc_url) + url = discovery_service_request_url("urn:mace:example.com:saml:roland:sp", + disc_url) print url assert url == "http://example.com/saml2/idp/disc?entityID=urn%3Amace%3Aexample.com%3Asaml%3Aroland%3Asp" - url = self.client.discovery_service_request_url(disc_url, + url = discovery_service_request_url( + self.client.config.entityid, + disc_url, return_url= "http://example.org/saml2/sp/ds") print url @@ -532,15 +537,15 @@ class TestClient: params = urllib.urlencode(pdir) redirect_url = "http://example.com/saml2/sp/disc?%s" % params - entity_id = self.client.discovery_service_response(url=redirect_url) + entity_id = discovery_service_response(url=redirect_url) assert entity_id == "http://example.org/saml2/idp/sso" pdir = {"idpID": "http://example.org/saml2/idp/sso"} params = urllib.urlencode(pdir) redirect_url = "http://example.com/saml2/sp/disc?%s" % params - entity_id = self.client.discovery_service_response(url=redirect_url, - returnIDParam="idpID") + entity_id = discovery_service_response(url=redirect_url, + returnIDParam="idpID") assert entity_id == "http://example.org/saml2/idp/sso" @@ -559,17 +564,17 @@ class TestClient: IDP = "urn:mace:example.com:saml:roland:idp" - ava = { "givenName": ["Derek"], "surname": ["Jeter"], + ava = { "givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"]} - resp_str = "\n".join(self.server.authn_response( - identity=ava, - in_response_to="id1", - destination="http://lingon.catalogix.se:8087/", - sp_entity_id="urn:mace:example.com:saml:roland:sp", - name_id_policy=samlp.NameIDPolicy( - format=saml.NAMEID_FORMAT_PERSISTENT), - userid="foba0001@example.com")) + resp_str = "%s" % self.server.create_authn_response( + identity=ava, + in_response_to="id1", + destination="http://lingon.catalogix.se:8087/", + sp_entity_id="urn:mace:example.com:saml:roland:sp", + name_id_policy=samlp.NameIDPolicy( + format=saml.NAMEID_FORMAT_PERSISTENT), + userid="foba0001@example.com") resp_str = base64.encodestring(resp_str) @@ -582,7 +587,9 @@ class TestClient: session_info = authn_response.session_info() print session_info - assert session_info["ava"] == {'mail': ['derek@nyy.mlb.com'], 'givenName': ['Derek'], 'sn': ['Jeter']} + assert session_info["ava"] == {'mail': ['derek@nyy.mlb.com'], + 'givenName': ['Derek'], + 'surName': ['Jeter']} assert session_info["issuer"] == IDP assert session_info["came_from"] == "" response = samlp.response_from_string(authn_response.xmlstr) diff --git a/tests/test_60_sp.py b/tests/test_60_sp.py index 01b98932..b29b5468 100644 --- a/tests/test_60_sp.py +++ b/tests/test_60_sp.py @@ -2,6 +2,8 @@ # -*- coding: utf-8 -*- import base64 +from saml2.saml import NAMEID_FORMAT_TRANSIENT +from saml2.samlp import NameIDPolicy from s2repoze.plugins.sp import make_plugin from saml2.server import Server from saml2 import make_instance, samlp, saml @@ -30,7 +32,9 @@ ENV1 = {'SERVER_SOFTWARE': 'CherryPy/3.1.2 WSGI Server', 'wsgi.multiprocess': False, 'HTTP_ACCEPT_LANGUAGE': 'en-us', 'HTTP_ACCEPT_ENCODING': 'gzip, deflate'} - + +trans_name_policy = NameIDPolicy(format=NAMEID_FORMAT_TRANSIENT, + allow_create="true") class TestSP(): def setup_class(self): self.sp = make_plugin("rem", saml_conf="server_conf") @@ -42,15 +46,14 @@ class TestSP(): def test_identify(self): # Create a SAMLResponse - ava = { "givenName": ["Derek"], "surname": ["Jeter"], + ava = { "givenName": ["Derek"], "surName": ["Jeter"], "mail": ["derek@nyy.mlb.com"]} - resp_str = "\n".join(self.server.authn_response(ava, - "id1", "http://lingon.catalogix.se:8087/", - "urn:mace:example.com:saml:roland:sp", - samlp.NameIDPolicy(format=saml.NAMEID_FORMAT_TRANSIENT, - allow_create="true"), - "foba0001@example.com")) + resp_str = "%s" % self.server.create_authn_response(ava, "id1", + "http://lingon.catalogix.se:8087/", + "urn:mace:example.com:saml:roland:sp", + trans_name_policy, + "foba0001@example.com") resp_str = base64.encodestring(resp_str) self.sp.outstanding_queries = {"id1":"http://www.example.com/service"} @@ -60,4 +63,4 @@ class TestSP(): assert session_info["came_from"] == 'http://www.example.com/service' assert session_info["ava"] == {'givenName': ['Derek'], 'mail': ['derek@nyy.mlb.com'], - 'sn': ['Jeter']}
\ No newline at end of file + 'surName': ['Jeter']}
\ No newline at end of file diff --git a/tests/test_61_makemeta.py b/tests/test_61_makemeta.py index 49b2015a..591564a7 100644 --- a/tests/test_61_makemeta.py +++ b/tests/test_61_makemeta.py @@ -186,7 +186,7 @@ def test_optional_attributes(): def test_do_sp_sso_descriptor(): conf = SPConfig().load(SP, metadata_construction=True) - spsso = metadata.do_sp_sso_descriptor(conf) + spsso = metadata.do_spsso_descriptor(conf) assert isinstance(spsso, md.SPSSODescriptor) assert _eq(spsso.keyswv(), ['authn_requests_signed', @@ -215,7 +215,7 @@ def test_do_sp_sso_descriptor_2(): SP["service"]["sp"]["discovery_response"] = "http://example.com/sp/ds" conf = SPConfig().load(SP, metadata_construction=True) - spsso = metadata.do_sp_sso_descriptor(conf) + spsso = metadata.do_spsso_descriptor(conf) assert isinstance(spsso, md.SPSSODescriptor) print spsso.keyswv() @@ -242,7 +242,7 @@ def test_entity_description(): #confd = eval(open("../tests/server.config").read()) confd = SPConfig().load_file("server_conf") print confd.attribute_converters - entd = metadata.entity_descriptor(confd, 1) + entd = metadata.entity_descriptor(confd) assert entd is not None print entd.keyswv() assert _eq(entd.keyswv(), ['valid_until', 'entity_id', 'contact_person', @@ -252,7 +252,7 @@ def test_entity_description(): def test_do_idp_sso_descriptor(): conf = IdPConfig().load(IDP, metadata_construction=True) - idpsso = metadata.do_idp_sso_descriptor(conf) + idpsso = metadata.do_idpsso_descriptor(conf) assert isinstance(idpsso, md.IDPSSODescriptor) assert _eq(idpsso.keyswv(), ['protocol_support_enumeration', |