def test_authentication_no_previous_session(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': 'hello123' }): with pytest.raises(Forbidden): sso.user_authz()
def test_authentication_no_previous_session(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': 'hello123'} ): with pytest.raises(Forbidden): sso.user_authz()
def test_authentication_generation(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': 'hello123' }) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 # sso and sig are different from the one reported in # https://meta.discourse.org/t/official-single-sign-on-for- # discourse/13045 # This because ruby and python include new lines in different # positions during the base64 encoding (of course they do not # matter for the base64 but the following URLencoding and # signature are slightly different) assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0mdXNlcm5hbWU9%0Ac2Ftc2FtJmVt' 'YWlsPXRlc3QlNDB0ZXN0LmNvbSZleHRlcm5' 'hbF9pZD1oZWxsbzEyMyZhZG1pbj1m%0AYWx' 'zZQ%3D%3D%0A&sig=a8ad52d665ddf2d2d5' '5de5d08d745f46d44a503d0b51b0273dd95' 'e1f2abe1cbd')
def test_authentication_generation_with_flags(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': '*****@*****.**', 'avatar': 'http://myAvatarURL', 'profile': 'http://myProfileURL' }) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 # sso and sig are different from the one reported in # https://meta.discourse.org/t/official-single-sign-on-for- # discourse/13045 # This because ruby and python include new lines in different # positions during the base64 encoding (of course they do not # matter for the base64 but the following URLencoding and # signature are slightly different) assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0mdXNlcm5hbWU9%0Ac2Ftc2FtJmVt' 'YWlsPXRlc3QlNDB0ZXN0LmNvbSZleHRlcm5' 'hbF9pZD1teS5uYW1lJTQwbXkuaWRw%0AJmF' '2YXRhcl91cmw9aHR0cCUzQS8vbXlBdmF0YX' 'JVUkwmYmlvPWh0dHAlM0EvL215UHJvZmlsZ' 'VVS%0ATCZhZG1pbj1mYWxzZSZyZXF1aXJlX' '2FjdGl2YXRpb249ZmFsc2U%3D%0A&sig=26' '8beaa221824d9c5ec9df3cb85e0655e86e1' 'ba49ce516155f3f2557d7340140')
def test_authentication_generation_with_avatar_bio(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': 'hello123', 'avatar': 'http://myAvatarURL', 'profile': 'http://myProfileURL' }) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 # sso and sig are different from the one reported in # https://meta.discourse.org/t/official-single-sign-on-for- # discourse/13045 # This because ruby and python include new lines in different # positions during the base64 encoding (of course they do not # matter for the base64 but the following URLencoding and # signature are slightly different) assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0mdXNlcm5hbWU9%0Ac2Ftc2FtJmVt' 'YWlsPXRlc3QlNDB0ZXN0LmNvbSZleHRlcm5' 'hbF9pZD1oZWxsbzEyMyZhdmF0YXJf%0AdXJ' 'sPWh0dHAlM0EvL215QXZhdGFyVVJMJmJpbz' '1odHRwJTNBLy9teVByb2ZpbGVVUkwmYWRta' 'W49%0AZmFsc2U%3D%0A&sig=61504842b6a' '130d0f2d6976de814313a8df539d5e95bd9' '32d693acbcf0b9df14')
def test_authentication_generation(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': 'hello123'} ) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 # sso and sig are different from the one reported in # https://meta.discourse.org/t/official-single-sign-on-for- # discourse/13045 # This because ruby and python include new lines in different # positions during the base64 encoding (of course they do not # matter for the base64 but the following URLencoding and # signature are slightly different) assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0mdXNlcm5hbWU9%0Ac2Ftc2FtJmVt' 'YWlsPXRlc3QlNDB0ZXN0LmNvbSZleHRlcm5' 'hbF9pZD1oZWxsbzEyMw%3D%3D%0A&sig=52' '92265340422c9ce2d528e25d2927a2e24b4' '81c3e91fa353516ad458d312ffd')
def test_authentication_generation_with_flags(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': '*****@*****.**', 'avatar': 'http://myAvatarURL', 'profile': 'http://myProfileURL'} ) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 # sso and sig are different from the one reported in # https://meta.discourse.org/t/official-single-sign-on-for- # discourse/13045 # This because ruby and python include new lines in different # positions during the base64 encoding (of course they do not # matter for the base64 but the following URLencoding and # signature are slightly different) assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0mdXNlcm5hbWU9%0Ac2Ftc2FtJmVt' 'YWlsPXRlc3QlNDB0ZXN0LmNvbSZleHRlcm5' 'hbF9pZD1teS5uYW1lJTQwbXkuaWRw%0AJmF' '2YXRhcl91cmw9aHR0cCUzQS8vbXlBdmF0YX' 'JVUkwmYmlvPWh0dHAlM0EvL215UHJvZmlsZ' 'VVS%0ATCZhZG1pbj1mYWxzZSZyZXF1aXJlX' '2FjdGl2YXRpb249ZmFsc2U%3D%0A&sig=26' '8beaa221824d9c5ec9df3cb85e0655e86e1' 'ba49ce516155f3f2557d7340140')
def test_authentication_generation_with_avatar_bio(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': '', 'username': '******', 'mail': '*****@*****.**', 'eppn': 'hello123', 'avatar': 'http://myAvatarURL', 'profile': 'http://myProfileURL'} ) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 # sso and sig are different from the one reported in # https://meta.discourse.org/t/official-single-sign-on-for- # discourse/13045 # This because ruby and python include new lines in different # positions during the base64 encoding (of course they do not # matter for the base64 but the following URLencoding and # signature are slightly different) assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0mdXNlcm5hbWU9%0Ac2Ftc2FtJmVt' 'YWlsPXRlc3QlNDB0ZXN0LmNvbSZleHRlcm5' 'hbF9pZD1oZWxsbzEyMyZhdmF0YXJf%0AdXJ' 'sPWh0dHAlM0EvL215QXZhdGFyVVJMJmJpbz' '1odHRwJTNBLy9teVByb2ZpbGVVUkwmYWRta' 'W49%0AZmFsc2U%3D%0A&sig=61504842b6a' '130d0f2d6976de814313a8df539d5e95bd9' '32d693acbcf0b9df14')
def test_authentication_generation_with_full_name(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': 'big', 'mail': '*****@*****.**', 'eppn': 'hello123' }) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0gYmlnJnVzZXJu%0AYW1lPXNhbWJp' 'Z19iNjQyJmVtYWlsPXRlc3QlNDB0ZXN0LmN' 'vbSZleHRlcm5hbF9pZD1oZWxsbzEy%0AMyZ' 'hZG1pbj1mYWxzZQ%3D%3D%0A&sig=8177ae' '45c294212a96767cfb2208db867a14fa099' '0bf7efb2f36dcac41d563e8')
def test_authentication_generation_with_full_name(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': 'big', 'mail': '*****@*****.**', 'eppn': 'hello123'} ) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0gYmlnJnVzZXJu%0AYW1lPXNhbWJp' 'Z19iNjQyJmVtYWlsPXRlc3QlNDB0ZXN0LmN' 'vbSZleHRlcm5hbF9pZD1oZWxsbzEy%0AMw%' '3D%3D%0A&sig=2371c654bbfbc5b322340a' '8fc61de880147ba00cba0fd6d29a751ad12' 'e87862b')
def test_authentication_generation_with_full_name(self): """Test the authentication are properly send to Discourse""" with app.test_request_context('/sso/auth', method='GET', environ_base={ 'givenName': 'sam', 'sn': 'big', 'mail': '*****@*****.**', 'eppn': 'hello123'} ) as req: req.session['nonce'] = 'nonce=cb68251eefb5211e58c00ff1395f0c0b' resp = sso.user_authz() assert resp.status_code == 302 assert resp.location == ('http://discuss.example.com/session/' 'sso_login?sso=bm9uY2U9Y2I2ODI1MWVlZ' 'mI1MjExZTU4YzAwZmYxMzk1ZjBjMGImbmFt' 'ZT1zYW0gYmlnJnVzZXJu%0AYW1lPXNhbWJp' 'Z19iNjQyJmVtYWlsPXRlc3QlNDB0ZXN0LmN' 'vbSZleHRlcm5hbF9pZD1oZWxsbzEy%0AMyZ' 'hZG1pbj1mYWxzZQ%3D%3D%0A&sig=8177ae' '45c294212a96767cfb2208db867a14fa099' '0bf7efb2f36dcac41d563e8')
def test_authentication_no_shibboleth_attributes(self): """Test the authentication when shibboleth do not provide attributes""" with app.test_request_context('/sso/auth', method='GET'): with pytest.raises(Forbidden): sso.user_authz()