From 477c4405575ab7ab5650743d73c9709a589f23b7 Mon Sep 17 00:00:00 2001 From: Ivan Kanakarakis Date: Wed, 29 May 2019 18:38:28 +0300 Subject: Format code Signed-off-by: Ivan Kanakarakis --- tests/test_02_saml.py | 34 +++++++++++-------- tests/test_93_hok.py | 92 +++++++++++++++++++++++++++++---------------------- 2 files changed, 72 insertions(+), 54 deletions(-) diff --git a/tests/test_02_saml.py b/tests/test_02_saml.py index b8083273..8ab6ca04 100644 --- a/tests/test_02_saml.py +++ b/tests/test_02_saml.py @@ -891,31 +891,37 @@ class TestSubjectConfirmation: def testHolderOfKeyUsingTestData(self): """Test subject_confirmation_from_string() using test data for 'holder-of-key' SubjectConfirmation""" + sc = saml.subject_confirmation_from_string( - saml2_data.TEST_HOLDER_OF_KEY_SUBJECT_CONFIRMATION) + saml2_data.TEST_HOLDER_OF_KEY_SUBJECT_CONFIRMATION + ) assert sc.verify() assert sc.method == saml.SCM_HOLDER_OF_KEY assert sc.subject_confirmation_data is not None assert sc.subject_confirmation_data.not_on_or_after == "2007-09-14T01:05:02Z" assert sc.subject_confirmation_data.recipient == "recipient" assert sc.subject_confirmation_data.in_response_to == "responseID" + key_info = sc.subject_confirmation_data.extensions_as_elements(ds.KeyInfo.c_tag, ds) assert len(key_info) == 1 assert len(key_info[0].x509_data) == 1 - expected_cert = """MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV - BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF - Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx - OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6 - ejEOMAwGA1UECgwFWnp6enoxDjAMBgNVBAsMBVp6enp6MQ0wCwYDVQQDDAR0ZXN0 - MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHcj80WU/XBsd9FlyQmfjPUdfm - edhCFDd6TEQmZNNqP/UG+VkGa+BXjRIHMfic/WxPTbGhCjv68ci0UDNomUXagFex - LGNpkwa7+CRVtoc/1xgq+ySE6M4nhcCutScoxNvWNn5eSQ66i3U0sTv91MgsXxqE - dTaiZg0BIufEc3dueQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGUV5B+USHvaRa8k - gCNJSuNpo6ARlv0ekrk8bbdNRBiEUdCMyoGJFfuM9K0zybX6Vr25wai3nvaog294 - Vx/jWjX2g5SDbjItH6VGy6C9GCGf1A07VxFRCfJn5tA9HuJjPKiE+g/BmrV5N4Ce - alzFxPHWYkNOzoRU8qI7OqUai1kL""".replace(' ', '') - assert key_info[0].x509_data[0].x509_certificate.text.strip() == expected_cert + expected_cert = ( + "MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV" + "BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF" + "Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx" + "OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6" + "ejEOMAwGA1UECgwFWnp6enoxDjAMBgNVBAsMBVp6enp6MQ0wCwYDVQQDDAR0ZXN0" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHcj80WU/XBsd9FlyQmfjPUdfm" + "edhCFDd6TEQmZNNqP/UG+VkGa+BXjRIHMfic/WxPTbGhCjv68ci0UDNomUXagFex" + "LGNpkwa7+CRVtoc/1xgq+ySE6M4nhcCutScoxNvWNn5eSQ66i3U0sTv91MgsXxqE" + "dTaiZg0BIufEc3dueQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGUV5B+USHvaRa8k" + "gCNJSuNpo6ARlv0ekrk8bbdNRBiEUdCMyoGJFfuM9K0zybX6Vr25wai3nvaog294" + "Vx/jWjX2g5SDbjItH6VGy6C9GCGf1A07VxFRCfJn5tA9HuJjPKiE+g/BmrV5N4Ce" + "alzFxPHWYkNOzoRU8qI7OqUai1kL" + ) + xcert = key_info[0].x509_data[0].x509_certificate + assert xcert.text.strip().replace("\n", "") == expected_cert class TestSubject: diff --git a/tests/test_93_hok.py b/tests/test_93_hok.py index 962d2be5..9d74f490 100644 --- a/tests/test_93_hok.py +++ b/tests/test_93_hok.py @@ -1,10 +1,14 @@ #!/usr/bin/env python # -*- coding: utf-8 -*- +from pathutils import dotname, full_path + +from pytest import raises + from saml2 import xmldsig as ds -from saml2.response import authn_response, VerificationError from saml2.config import config_factory +from saml2.response import VerificationError +from saml2.response import authn_response -from pathutils import dotname, full_path HOLDER_OF_KEY_RESPONSE_FILE = full_path("saml_hok.xml") INVALID_HOLDER_OF_KEY_RESPONSE_FILE = full_path("saml_hok_invalid.xml") @@ -16,43 +20,49 @@ class TestHolderOfKeyResponse: resp = self._get_test_response(HOLDER_OF_KEY_RESPONSE_FILE) resp.do_not_verify = True resp.parse_assertion() - assert resp.get_subject() is not None assert len(resp.assertion.subject.subject_confirmation) == 2 - key_infos = [sc.subject_confirmation_data.extensions_as_elements(ds.KeyInfo.c_tag, ds)[0] - for sc in resp.assertion.subject.subject_confirmation] - actual_hok_certs = [key_info_element.x509_data[0].x509_certificate.text.strip() - for key_info_element in key_infos] + + actual_hok_certs = [ + ki.x509_data[0].x509_certificate.text.strip() + for sc in resp.assertion.subject.subject_confirmation + for ki in sc.subject_confirmation_data.extensions_as_elements( + ds.KeyInfo.c_tag, ds + ) + ] assert actual_hok_certs == self._expected_hok_certs() def _expected_hok_certs(self): - certs = ["""MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV - BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF - Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx - OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6 - ejEOMAwGA1UECgwFWnp6enoxDjAMBgNVBAsMBVp6enp6MQ0wCwYDVQQDDAR0ZXN0 - MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHcj80WU/XBsd9FlyQmfjPUdfm - edhCFDd6TEQmZNNqP/UG+VkGa+BXjRIHMfic/WxPTbGhCjv68ci0UDNomUXagFex - LGNpkwa7+CRVtoc/1xgq+ySE6M4nhcCutScoxNvWNn5eSQ66i3U0sTv91MgsXxqE - dTaiZg0BIufEc3dueQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGUV5B+USHvaRa8k - gCNJSuNpo6ARlv0ekrk8bbdNRBiEUdCMyoGJFfuM9K0zybX6Vr25wai3nvaog294 - Vx/jWjX2g5SDbjItH6VGy6C9GCGf1A07VxFRCfJn5tA9HuJjPKiE+g/BmrV5N4Ce - alzFxPHWYkNOzoRU8qI7OqUai1kL""", - """MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV - BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF - Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx - OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6 - ejEOMAwGA1UECgwFWnp6enoxDjAMBgNVBAsMBVp6enp6MQ0wCwYDVQQDDAR0ZXN0 - MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjW0kJM+4baWKtvO24ZsGXNvNK - KkwTMz7OW5Z6BRqhSOq2WA0c5NCpMk6rD8Z2OTFEolPojEjf8dVyd/Ds/hrjFKQv - 8wQgbdXLN51YTIsgd6h+hBJO+vzhl0PT4aT7M0JKo5ALtS6qk4tsworW2BnwyvsG - SAinwfeWt4t/b1J3kwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFtj7WArQQBugmh/ - KQjjlfTQ5A052QeXfgTyO9vv1S6MRIi7qgiaEv49cGXnJv/TWbySkMKObPMUApjg - 6z8PqcxuShew5FCTkNvwhABFPiyu0fUj3e2FEPHfsBu76jz4ugtmhUqjqhzwFY9c - tnWRkkl6J0AjM3LnHOSgjNIclDZG"""] - for index, item in enumerate(certs): - item = item.replace(' ', '').replace('\n', '') - certs[index] = item + certs = [ + ( + "MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV" + "BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF" + "Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx" + "OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6" + "ejEOMAwGA1UECgwFWnp6enoxDjAMBgNVBAsMBVp6enp6MQ0wCwYDVQQDDAR0ZXN0" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDHcj80WU/XBsd9FlyQmfjPUdfm" + "edhCFDd6TEQmZNNqP/UG+VkGa+BXjRIHMfic/WxPTbGhCjv68ci0UDNomUXagFex" + "LGNpkwa7+CRVtoc/1xgq+ySE6M4nhcCutScoxNvWNn5eSQ66i3U0sTv91MgsXxqE" + "dTaiZg0BIufEc3dueQIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAGUV5B+USHvaRa8k" + "gCNJSuNpo6ARlv0ekrk8bbdNRBiEUdCMyoGJFfuM9K0zybX6Vr25wai3nvaog294" + "Vx/jWjX2g5SDbjItH6VGy6C9GCGf1A07VxFRCfJn5tA9HuJjPKiE+g/BmrV5N4Ce" + "alzFxPHWYkNOzoRU8qI7OqUai1kL" + ), + ( + "MIICITCCAYoCAQEwDQYJKoZIhvcNAQELBQAwWDELMAkGA1UEBhMCenoxCzAJBgNV" + "BAgMAnp6MQ0wCwYDVQQHDAR6enp6MQ4wDAYDVQQKDAVaenp6ejEOMAwGA1UECwwF" + "Wnp6enoxDTALBgNVBAMMBHRlc3QwIBcNMTkwNDEyMTk1MDM0WhgPMzAxODA4MTMx" + "OTUwMzRaMFgxCzAJBgNVBAYTAnp6MQswCQYDVQQIDAJ6ejENMAsGA1UEBwwEenp6" + "ejEOMAwGA1UECgwFWnp6enoxDjAMBgNVBAsMBVp6enp6MQ0wCwYDVQQDDAR0ZXN0" + "MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDjW0kJM+4baWKtvO24ZsGXNvNK" + "KkwTMz7OW5Z6BRqhSOq2WA0c5NCpMk6rD8Z2OTFEolPojEjf8dVyd/Ds/hrjFKQv" + "8wQgbdXLN51YTIsgd6h+hBJO+vzhl0PT4aT7M0JKo5ALtS6qk4tsworW2BnwyvsG" + "SAinwfeWt4t/b1J3kwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAFtj7WArQQBugmh/" + "KQjjlfTQ5A052QeXfgTyO9vv1S6MRIi7qgiaEv49cGXnJv/TWbySkMKObPMUApjg" + "6z8PqcxuShew5FCTkNvwhABFPiyu0fUj3e2FEPHfsBu76jz4ugtmhUqjqhzwFY9c" + "tnWRkkl6J0AjM3LnHOSgjNIclDZG" + ), + ] return certs def test_invalid_hok_response_fails_verification(self): @@ -60,16 +70,18 @@ class TestHolderOfKeyResponse: resp = self._get_test_response(INVALID_HOLDER_OF_KEY_RESPONSE_FILE) resp.do_not_verify = True - try: + with raises(VerificationError): resp.parse_assertion() - assert False, "parse_assertion() did not fail as expected" - except VerificationError as e: - assert e is not None def _get_test_response(self, path): conf = config_factory("idp", dotname("server_conf")) - resp = authn_response(conf, "https://sp:443/.auth/saml/login", asynchop=False, allow_unsolicited=True) - with open(path, 'r') as fp: + resp = authn_response( + conf, + "https://sp:443/.auth/saml/login", + asynchop=False, + allow_unsolicited=True, + ) + with open(path, "r") as fp: authn_response_xml = fp.read() resp.loads(authn_response_xml, False) return resp -- cgit v1.2.1