diff options
Diffstat (limited to 'tests/test_31_config.py')
-rw-r--r-- | tests/test_31_config.py | 159 |
1 files changed, 92 insertions, 67 deletions
diff --git a/tests/test_31_config.py b/tests/test_31_config.py index 20b5170a..34cda4ae 100644 --- a/tests/test_31_config.py +++ b/tests/test_31_config.py @@ -14,29 +14,31 @@ from saml2 import root_logger from pathutils import dotname, full_path sp1 = { - "entityid" : "urn:mace:umu.se:saml:roland:sp", + "entityid": "urn:mace:umu.se:saml:roland:sp", "service": { "sp": { - "endpoints" : { - "assertion_consumer_service" : ["http://lingon.catalogix.se:8087/"], + "endpoints": { + "assertion_consumer_service": [ + "http://lingon.catalogix.se:8087/"], }, "name": "test", - "idp" : { - "urn:mace:example.com:saml:roland:idp": {'single_sign_on_service': - {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': - 'http://localhost:8088/sso/'}}, + "idp": { + "urn:mace:example.com:saml:roland:idp": { + 'single_sign_on_service': + {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': + 'http://localhost:8088/sso/'}}, } } }, - "key_file" : full_path("test.key"), - "cert_file" : full_path("test.pem"), - "metadata": { - "local": [full_path("metadata.xml"), + "key_file": full_path("test.key"), + "cert_file": full_path("test.pem"), + "metadata": { + "local": [full_path("metadata.xml"), full_path("urn-mace-swami.se-swamid-test-1.0-metadata.xml")], }, - "virtual_organization" : { - "coip":{ - "nameid_format" : "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", + "virtual_organization": { + "coip": { + "nameid_format": "urn:oasis:names:tc:SAML:2.0:nameid-format:transient", "common_identifier": "eduPersonPrincipalName", "attribute_auth": [ "https://coip-test.sunet.se/idp/shibboleth", @@ -48,17 +50,18 @@ sp1 = { } sp2 = { - "entityid" : "urn:mace:umu.se:saml:roland:sp", - "name" : "Rolands SP", + "entityid": "urn:mace:umu.se:saml:roland:sp", + "name": "Rolands SP", "service": { "sp": { - "endpoints" : { - "assertion_consumer_service" : ["http://lingon.catalogix.se:8087/"], + "endpoints": { + "assertion_consumer_service": [ + "http://lingon.catalogix.se:8087/"], }, "required_attributes": ["surName", "givenName", "mail"], "optional_attributes": ["title"], "idp": { - "" : "https://example.com/saml2/idp/SSOService.php", + "": "https://example.com/saml2/idp/SSOService.php", } } }, @@ -66,12 +69,12 @@ sp2 = { } IDP1 = { - "entityid" : "urn:mace:umu.se:saml:roland:idp", - "name" : "Rolands IdP", + "entityid": "urn:mace:umu.se:saml:roland:idp", + "name": "Rolands IdP", "service": { "idp": { "endpoints": { - "single_sign_on_service" : ["http://localhost:8088/"], + "single_sign_on_service": ["http://localhost:8088/"], }, "policy": { "default": { @@ -90,15 +93,16 @@ IDP1 = { } IDP2 = { - "entityid" : "urn:mace:umu.se:saml:roland:idp", - "name" : "Rolands IdP", + "entityid": "urn:mace:umu.se:saml:roland:idp", + "name": "Rolands IdP", "service": { "idp": { "endpoints": { - "single_sign_on_service" : ["http://localhost:8088/"], - "single_logout_service" : [("http://localhost:8088/", BINDING_HTTP_REDIRECT)], + "single_sign_on_service": ["http://localhost:8088/"], + "single_logout_service": [ + ("http://localhost:8088/", BINDING_HTTP_REDIRECT)], }, - "policy":{ + "policy": { "default": { "attribute_restrictions": { "givenName": None, @@ -115,41 +119,42 @@ IDP2 = { } PDP = { - "entityid" : "http://example.org/pysaml2/pdp", - "name" : "Rolands PdP", + "entityid": "http://example.org/pysaml2/pdp", + "name": "Rolands PdP", "service": { "pdp": { "endpoints": { - "authz_service" : [("http://example.org/pysaml2/pdp/authz", + "authz_service": [("http://example.org/pysaml2/pdp/authz", BINDING_SOAP)], }, } }, - "key_file" : full_path("test.key"), - "cert_file" : full_path("test.pem"), + "key_file": full_path("test.key"), + "cert_file": full_path("test.pem"), "organization": { "name": "Exempel AB", - "display_name": [("Exempel AB","se"),("Example Co.","en")], - "url":"http://www.example.com/roland", + "display_name": [("Exempel AB", "se"), ("Example Co.", "en")], + "url": "http://www.example.com/roland", }, "contact_person": [{ - "given_name":"John", - "sur_name": "Smith", - "email_address": ["john.smith@example.com"], - "contact_type": "technical", - }, + "given_name": "John", + "sur_name": "Smith", + "email_address": ["john.smith@example.com"], + "contact_type": "technical", + }, ], } ECP_SP = { - "entityid" : "urn:mace:umu.se:saml:roland:ecpsp", - "name" : "Rolands ECP_SP", + "entityid": "urn:mace:umu.se:saml:roland:ecpsp", + "name": "Rolands ECP_SP", "service": { "sp": { - "endpoints" : { - "assertion_consumer_service" : ["http://lingon.catalogix.se:8087/"], + "endpoints": { + "assertion_consumer_service": [ + "http://lingon.catalogix.se:8087/"], }, - "ecp" : { + "ecp": { "130.239.": "http://example.com/idp", } } @@ -157,9 +162,11 @@ ECP_SP = { #"xmlsec_binary" : "/opt/local/bin/xmlsec1", } -def _eq(l1,l2): + +def _eq(l1, l2): return set(l1) == set(l2) + def test_1(): c = SPConfig().load(sp1) c.context = "sp" @@ -173,11 +180,13 @@ def test_1(): assert len(c._sp_idp) == 1 assert c._sp_idp.keys() == ["urn:mace:example.com:saml:roland:idp"] assert c._sp_idp.values() == [{'single_sign_on_service': - {'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': - 'http://localhost:8088/sso/'}}] + { + 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect': + 'http://localhost:8088/sso/'}}] assert c.only_use_keys_in_metadata + def test_2(): c = SPConfig().load(sp2) c.context = "sp" @@ -192,20 +201,22 @@ def test_2(): assert len(c._sp_idp) == 1 assert c._sp_idp.keys() == [""] - assert c._sp_idp.values() == ["https://example.com/saml2/idp/SSOService.php"] + assert c._sp_idp.values() == [ + "https://example.com/saml2/idp/SSOService.php"] assert c.only_use_keys_in_metadata is True - + + def test_minimum(): minimum = { - "entityid" : "urn:mace:example.com:saml:roland:sp", + "entityid": "urn:mace:example.com:saml:roland:sp", "service": { "sp": { - "endpoints" : { - "assertion_consumer_service" : ["http://sp.example.org/"], + "endpoints": { + "assertion_consumer_service": ["http://sp.example.org/"], }, - "name" : "test", + "name": "test", "idp": { - "" : "https://example.com/idp/SSOService.php", + "": "https://example.com/idp/SSOService.php", }, } }, @@ -216,7 +227,8 @@ def test_minimum(): c.context = "sp" assert c is not None - + + def test_idp_1(): c = IdPConfig().load(IDP1) c.context = "idp" @@ -224,8 +236,10 @@ def test_idp_1(): print c assert c.endpoint("single_sign_on_service")[0] == 'http://localhost:8088/' - attribute_restrictions = c.getattr("policy","idp").get_attribute_restriction("") - assert attribute_restrictions["eduPersonAffiliation"][0].match("staff") + attribute_restrictions = c.getattr("policy", + "idp").get_attribute_restriction("") + assert attribute_restrictions["edupersonaffiliation"][0].match("staff") + def test_idp_2(): c = IdPConfig().load(IDP2) @@ -235,11 +249,13 @@ def test_idp_2(): assert c.endpoint("single_logout_service", BINDING_SOAP) == [] assert c.endpoint("single_logout_service", - BINDING_HTTP_REDIRECT) == ["http://localhost:8088/"] + BINDING_HTTP_REDIRECT) == ["http://localhost:8088/"] + + attribute_restrictions = c.getattr("policy", + "idp").get_attribute_restriction("") + assert attribute_restrictions["edupersonaffiliation"][0].match("staff") + - attribute_restrictions = c.getattr("policy","idp").get_attribute_restriction("") - assert attribute_restrictions["eduPersonAffiliation"][0].match("staff") - def test_wayf(): c = SPConfig().load_file("server_conf") c.context = "sp" @@ -255,7 +271,7 @@ def test_wayf(): assert root_logger.level == logging.INFO assert len(root_logger.handlers) == 1 assert isinstance(root_logger.handlers[0], - logging.handlers.RotatingFileHandler) + logging.handlers.RotatingFileHandler) handler = root_logger.handlers[0] assert handler.backupCount == 5 try: @@ -266,6 +282,7 @@ def test_wayf(): assert root_logger.name == "saml2" assert root_logger.level == 20 + def test_conf_syslog(): c = SPConfig().load_file("server_conf_syslog") c.context = "sp" @@ -273,7 +290,7 @@ def test_conf_syslog(): # otherwise the logger setting is not changed root_logger.level = logging.NOTSET root_logger.handlers = [] - + print c.logger c.setup_logger() @@ -281,7 +298,7 @@ def test_conf_syslog(): assert root_logger.level == logging.INFO assert len(root_logger.handlers) == 1 assert isinstance(root_logger.handlers[0], - logging.handlers.SysLogHandler) + logging.handlers.SysLogHandler) handler = root_logger.handlers[0] print handler.__dict__ assert handler.facility == "local3" @@ -307,11 +324,13 @@ def test_3(): assert cnf.metadata is not None assert cnf.attribute_converters is not None + def test_sp(): cnf = SPConfig() cnf.load_file(dotname("sp_1_conf")) assert cnf.endpoint("assertion_consumer_service") == \ - ["http://lingon.catalogix.se:8087/"] + ["http://lingon.catalogix.se:8087/"] + def test_dual(): cnf = Config().load_file(dotname("idp_sp_conf")) @@ -322,16 +341,18 @@ def test_dual(): assert idpe assert spe != idpe + def test_ecp(): cnf = SPConfig() cnf.load(ECP_SP) assert cnf.endpoint("assertion_consumer_service") == \ - ["http://lingon.catalogix.se:8087/"] + ["http://lingon.catalogix.se:8087/"] eid = cnf.ecp_endpoint("130.239.16.3") assert eid == "http://example.com/idp" eid = cnf.ecp_endpoint("130.238.20.20") assert eid is None + def test_assertion_consumer_service(): c = IdPConfig() c.load_file(dotname("idp_conf")) @@ -342,4 +363,8 @@ def test_assertion_consumer_service(): entity_id = "https://www.zimride.com/shibboleth" acs = c.metadata.assertion_consumer_service(entity_id) assert len(acs) == 1 - assert acs[0]["location"] == 'https://www.zimride.com/Shibboleth.sso/SAML2/POST' + assert acs[0][ + "location"] == 'https://www.zimride.com/Shibboleth.sso/SAML2/POST' + +if __name__ == "__main__": + test_idp_1()
\ No newline at end of file |