Skip to content

Commit

Permalink
Fix test suite
Browse files Browse the repository at this point in the history
  • Loading branch information
@pitbulk
pitbulk committed Sep 4, 2014
1 parent 7f6b527 commit eb784f8
Show file tree
Hide file tree
Showing 3 changed files with 88 additions and 110 deletions.
1 change: 1 addition & 0 deletions onelogin/saml/__init__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
ResponseValidationError,
ResponseNameIDError,
ResponseConditionError,
ResponseSubjectConfirmationError,
)
import AuthRequest
import SignatureVerifier
99 changes: 87 additions & 12 deletions onelogin/saml/test/TestResponse.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@
ResponseValidationError,
ResponseNameIDError,
ResponseConditionError,
ResponseSubjectConfirmationError,
)

test_response = """<samlp:Response
Expand Down Expand Up @@ -92,14 +93,17 @@ def test__init__(self):
from_string.returns('foo document')

request_data = {
'http_host': 'example.com',
'script_name': 'index.html'
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response='foo response',
signature='foo signature',
issuer='https://sp.example.com/SAML2',
_base64=fake_base64,
_etree=fake_etree,
)
Expand All @@ -110,9 +114,18 @@ def test__init__(self):
@fudge.with_fakes
def test_get_name_id_simple(self):
encoded_response = base64.b64encode(test_response)
request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature=None,
issuer='https://sp.example.com/SAML2',
)
name_id = res.name_id

Expand Down Expand Up @@ -178,9 +191,19 @@ def test_get_name_id_multiple(self):
</samlp:Response>
"""
encoded_response = base64.b64encode(response)

request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature=None,
issuer='https://sp.example.com/SAML2',
)
msg = assert_raises(
ResponseNameIDError,
Expand Down Expand Up @@ -244,9 +267,19 @@ def test_get_name_id_none(self):
</samlp:Response>
"""
encoded_response = base64.b64encode(response)

request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature=None,
issuer='https://sp.example.com/SAML2',
)
msg = assert_raises(
ResponseNameIDError,
Expand Down Expand Up @@ -315,9 +348,18 @@ def test_is_valid_not_before_missing(self):
</samlp:Response>
"""
encoded_response = base64.b64encode(response)
request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature='foo signature',
issuer='https://sp.example.com/SAML2',
)

fake_verifier = fudge.Fake(
Expand Down Expand Up @@ -390,71 +432,105 @@ def test_is_valid_not_on_or_after_missing(self):
</samlp:Response>
"""
encoded_response = base64.b64encode(response)
request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature=None,
issuer='https://sp.example.com/SAML2',
)
msg = assert_raises(
ResponseConditionError,
ResponseSubjectConfirmationError,
res.is_valid,
)

eq(
str(msg),
('There was a problem validating a condition:' +
' Did not find NotOnOrAfter condition'),
('There was a problem validating the response, no valid SubjectConfirmation' +
' found: A valid SubjectConfirmation was not found on this Response'),
)

@fudge.with_fakes
def test_is_valid_current_time_earlier(self):
encoded_response = base64.b64encode(test_response)
request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature=None,
)

def fake_clock():
return datetime(2004, 12, 05, 9, 16, 45, 462796)
msg = assert_raises(
ResponseValidationError,
ResponseConditionError,
res.is_valid,
_clock=fake_clock,
)

eq(
str(msg),
('There was a problem validating the response: Current time is ' +
'earlier than NotBefore condition'),
('There was a problem validating a condition: Timing issue'),
)

@fudge.with_fakes
def test_is_valid_current_time_on_or_after(self):
encoded_response = base64.b64encode(test_response)

request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature=None,
issuer='https://sp.example.com/SAML2',
)

def fake_clock():
return datetime(2004, 12, 05, 9, 30, 45, 462796)
msg = assert_raises(
ResponseValidationError,
ResponseConditionError,
res.is_valid,
_clock=fake_clock,
)

eq(
str(msg),
('There was a problem validating the response: Current time is ' +
'on or after NotOnOrAfter condition'),
('There was a problem validating a condition: Timing issue'),
)

@fudge.with_fakes
def test_is_valid_simple(self):
encoded_response = base64.b64encode(test_response)
request_data = {
'server_port': '443',
'http_host': 'sp.example.com',
'path_info': '/SAML2/SSO/POST',
'script_name': ''
}

res = Response(
request_data=request_data,
response=encoded_response,
signature='foo signature',
issuer='https://sp.example.com/SAML2',
)

def fake_clock():
Expand All @@ -466,7 +542,6 @@ def fake_clock():
)
fake_verifier.times_called(1)
fake_verifier.with_args(res._document, 'foo signature')

fake_verifier.returns(True)

msg = res.is_valid(
Expand Down
98 changes: 0 additions & 98 deletions onelogin/saml/test/TestSignatureVerifier.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,104 +13,6 @@ class TestSignatureVerifier(object):
def setUp(self):
fudge.clear_expectations()

@fudge.with_fakes
def test_verify_simple(self):
document = etree.XML('<Response>foo doc</Response>')

fake_etree = fudge.Fake('etree')
fake_etree.remember_order()
to_string = fake_etree.expects('tostring')
to_string.with_args(document)
to_string.returns('<Response>foo doc</Response>')

fake_tempfile = fudge.Fake('tempfile')
fake_tempfile.remember_order()
named_xmlfile = fake_tempfile.expects(
'NamedTemporaryFile'
)
named_xmlfile.with_args(delete=False)
xmlfile = named_xmlfile.returns_fake()
xmlfile.remember_order()

enter = xmlfile.expects('__enter__')
enter.with_arg_count(0)
enter.returns(xmlfile)

write = xmlfile.expects('write')
write.with_args('<Response>foo doc</Response>')
seek = xmlfile.expects('seek')
seek.with_args(0)

exit = xmlfile.expects('__exit__')
exit.with_args(None, None, None)

xmlfile.has_attr(name='xmlfile')

named_certfile = fake_tempfile.next_call(
'NamedTemporaryFile'
)
named_certfile.with_args(delete=False)
certfile = named_certfile.returns_fake()
certfile.remember_order()

enter = certfile.expects('__enter__')
enter.with_arg_count(0)
enter.returns(certfile)

write = certfile.expects('write')
write.with_args(
('-----BEGIN CERTIFICATE-----\nfoo signature\n'
+ '-----END CERTIFICATE-----'
)
)
seek = certfile.expects('seek')
seek.with_args(0)

exit = certfile.expects('__exit__')
exit.with_args(None, None, None)

certfile.has_attr(name='certfile')

fake_subprocess = fudge.Fake('subprocess')
fake_subprocess.remember_order()
popen = fake_subprocess.expects('Popen')
fake_subprocess.has_attr(PIPE=1)
popen.with_args(
[
'xmlsec1',
'--verify',
'--pubkey-cert-pem',
'certfile',
'--id-attr:ID',
'urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
'xmlfile',
],
stderr=1,
stdout=1,
)
proc = popen.returns_fake()
proc.remember_order()
wait = proc.expects('wait')
wait.with_arg_count(0)
stderr = StringIO('OK')
proc.has_attr(stderr=stderr)

fake_os = fudge.Fake('os')
fake_os.remember_order()
remove = fake_os.expects('remove')
remove.with_args('certfile')
remove = fake_os.next_call('remove')
remove.with_args('xmlfile')

SignatureVerifier.verify(
document,
'foo signature',
_etree=fake_etree,
_tempfile=fake_tempfile,
_subprocess=fake_subprocess,
_os=fake_os,
)

@fudge.with_fakes
def test_get_xmlsec_bin_default(self):
fake_platform = fudge.Fake('platform')
Expand Down

0 comments on commit eb784f8

Please sign in to comment.