tests/test_schema_validator.py


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88

from pathutils import full_path as expand_full_path
from pytest import mark
from pytest import raises

from saml2.xml.schema import XMLSchemaError
from saml2.xml.schema import validate as validate_doc_with_schema


@mark.parametrize("doc", ["invalid_metadata_file.xml", "empty_metadata_file.xml"])
def test_invalid_saml_metadata_doc(doc):
    with raises(XMLSchemaError):
        validate_doc_with_schema(expand_full_path(doc))


@mark.parametrize(
    "doc",
    [
        "InCommon-metadata.xml",
        "idp.xml",
        "idp_2.xml",
        "idp_aa.xml",
        "idp_all.xml",
        "idp_example.xml",
        "idp_soap.xml",
        "entity_cat_re.xml",
        "entity_cat_re_nren.xml",
        "entity_cat_rs.xml",
        "entity_cat_sfs_hei.xml",
        "entity_esi_and_coco_sp.xml",
        "entity_no_friendly_name_sp.xml",
        "extended.xml",
        "idp_slo_redirect.xml",
        "idp_uiinfo.xml",
        "metadata.aaitest.xml",
        "metadata.xml",
        "metadata_cert.xml",
        "metadata_example.xml",
        "metadata_sp_1.xml",
        "metadata_sp_1_no_encryption.xml",
        "metadata_sp_2.xml",
        "metasp.xml",
        "pdp_meta.xml",
        "servera.xml",
        "sp.xml",
        "sp_slo_redirect.xml",
        # XXX "swamid-1.0.xml",
        # XXX "swamid-2.0.xml",
        # TODO include the fed namespace
        # TODO see https://docs.oasis-open.org/wsfed/federation/v1.2/os/ws-federation-1.2-spec-os.html
        "urn-mace-swami.se-swamid-test-1.0-metadata.xml",
        "uu.xml",
        "vo_metadata.xml",
    ],
)
def test_valid_saml_metadata_doc(doc):
    result = validate_doc_with_schema(expand_full_path(doc))
    assert result == None


@mark.parametrize(
    "doc",
    [
        "attribute_response.xml",
        "okta_response.xml",
        "simplesamlphp_authnresponse.xml",
        "saml2_response.xml",
        "saml_false_signed.xml",
        "saml_hok.xml",
        "saml_hok_invalid.xml",
        "saml_signed.xml",
        "saml_unsigned.xml",
    ],
)
def test_valid_saml_response_doc(doc):
    result = validate_doc_with_schema(expand_full_path(doc))
    assert result == None


@mark.parametrize("doc", ["encrypted_attribute_statement.xml"])
def test_valid_saml_partial_doc(doc):
    result = validate_doc_with_schema(expand_full_path(doc))
    assert result == None


@mark.parametrize("doc", ["eidas_response.xml"])
def test_valid_eidas_saml_response_doc(doc):
    result = validate_doc_with_schema(expand_full_path(doc))
    assert result == None