def test_get_light_token_wrong_issuer(self):
_token, encoded = self.get_token('wrong-issuer')
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url, {'test_token': encoded})
with self.assertRaisesMessage(SecurityError, 'Invalid token issuer'):
view.get_light_token('test_token', 'request-token-issuer', 'sha256', 'request-token-secret')
def test_get_light_request_not_found(self):
self.cache_mock.get_and_remove.return_value = None
token, encoded = self.get_token()
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url, {'test_token': encoded})
view.light_token = token
view.storage = IgniteStorage('test.example.net', 1234, 'test-proxy-service-request-cache', '')
with self.assertRaisesMessage(SecurityError, 'Request not found in light storage'):
view.get_light_request()
def test_create_saml_request_signed(self):
light_request = LightRequest(**LIGHT_REQUEST_DICT)
token, encoded = self.get_token()
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url, {'test_token': encoded})
view.light_token = token
view.light_request = light_request
saml_request = view.create_saml_request('https://test.example.net/saml/idp.xml', SIGNATURE_OPTIONS)
root = saml_request.document.getroot()
self.assertEqual(root.get('ID'), 'test-light-request-id')
self.assertEqual(root.get('IssueInstant'), '2017-12-11T14:12:05.000Z')
self.assertEqual(root.find(".//{}".format(Q_NAMES['saml2:Issuer'])).text,
'https://test.example.net/saml/idp.xml')
self.assertIsNotNone(root.find('./{}'.format(Q_NAMES['ds:Signature'])))
def test_get_light_request_success(self):
orig_light_request = LightRequest(**LIGHT_REQUEST_DICT)
self.cache_mock.get_and_remove.return_value = dump_xml(orig_light_request.export_xml()).decode('utf-8')
token, encoded = self.get_token()
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url, {'test_token': encoded})
view.light_token = token
view.storage = IgniteStorage('test.example.net', 1234, 'test-proxy-service-request-cache', '')
light_request = view.get_light_request()
self.assertEqual(light_request, orig_light_request)
self.maxDiff = None
self.assertEqual(self.client_mock.mock_calls,
[call.connect('test.example.net', 1234),
call.get_cache('test-proxy-service-request-cache'),
call.get_cache().get_and_remove('request-token-id')])
"""URLs for CZ NIA changes."""
from django.urls import path
from eidas_node.proxy_service.cznia.views import CzNiaResponseView
from eidas_node.proxy_service.views import ProxyServiceRequestView
urlpatterns = [
path('ProxyServiceRequest',
ProxyServiceRequestView.as_view(),
name='proxy-service-request'),
path('IdentityProviderResponse',
CzNiaResponseView.as_view(),
name='identity-provider-response'),
] # type: ignore
def test_get_light_token_success(self):
orig_token, encoded = self.get_token()
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url, {'test_token': encoded})
token = view.get_light_token('test_token', 'request-token-issuer', 'sha256', 'request-token-secret', 0)
self.assertEqual(token, orig_token)
def test_get_light_token_expired(self):
_token, encoded = self.get_token()
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url, {'test_token': encoded})
with self.assertRaisesMessage(SecurityError, 'Token has expired'):
view.get_light_token('test_token', 'request-token-issuer', 'sha256', 'request-token-secret', 1)
def test_get_light_token_no_token(self):
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url)
with self.assertRaisesMessage(ParseError, 'Token has wrong number of parts'):
view.get_light_token('test_token', 'request-token-issuer', 'sha256', 'request-token-secret')