def testGetNameIdData(self): """ Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest """ expected_name_id_data = { 'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c', 'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', 'SPNameQualifier': 'http://idp.example.com/' } request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml')) name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request) self.assertEqual(expected_name_id_data, name_id_data) dom = parseString(request) name_id_data_2 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom.toxml()) self.assertEqual(expected_name_id_data, name_id_data_2) request_2 = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_encrypted_nameid.xml')) with self.assertRaises(Exception) as context: OneLogin_Saml2_Logout_Request.get_nameid(request_2) exception = context.exception self.assertIn("Key is required in order to decrypt the NameID", str(exception)) settings = OneLogin_Saml2_Settings(self.loadSettingsJSON()) key = settings.get_sp_key() name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(request_2, key) expected_name_id_data = { 'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69', 'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress', 'SPNameQualifier': 'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php' } self.assertEqual(expected_name_id_data, name_id_data_4) dom_2 = parseString(request_2) encrypted_id_nodes = dom_2.getElementsByTagName('saml:EncryptedID') encrypted_data = encrypted_id_nodes[0].firstChild.nextSibling encrypted_id_nodes[0].removeChild(encrypted_data) with self.assertRaises(Exception) as context: OneLogin_Saml2_Logout_Request.get_nameid(dom_2.toxml(), key) exception = context.exception self.assertIn("Not NameID found in the Logout Request", str(exception)) inv_request = self.file_contents(join(self.data_path, 'logout_requests', 'invalids', 'no_nameId.xml')) with self.assertRaises(Exception) as context: OneLogin_Saml2_Logout_Request.get_nameid(inv_request) exception = context.exception self.assertIn("Not NameID found in the Logout Request", str(exception))
def testConstructorWithoutNameIdFormat(self): """ Tests the OneLogin_Saml2_LogoutRequest Constructor. Case: Checks that NameIDFormat is not added """ settings_info = self.loadSettingsJSON() name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c' name_id_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified' settings_info['sp']['NameIDFormat'] = name_id_format settings = OneLogin_Saml2_Settings(settings_info) logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id) logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(logout_request.get_request()) name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request_xml) expected_name_id_data = { 'Value': name_id } self.assertEqual(expected_name_id_data, name_id_data)
def testConstructorWithoutNameIdFormat(self): """ Tests the OneLogin_Saml2_LogoutRequest Constructor. Case: Checks that NameIDFormat is not added """ settings_info = self.loadSettingsJSON() name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c' name_id_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified' settings_info['sp']['NameIDFormat'] = name_id_format settings = OneLogin_Saml2_Settings(settings_info) logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id) logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate( logout_request.get_request()) name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data( logout_request_xml) expected_name_id_data = {'Value': name_id} self.assertEqual(expected_name_id_data, name_id_data)
def testConstructorWithNameIdFormatOnSettings(self): """ Tests the OneLogin_Saml2_LogoutRequest Constructor. Case: Defines NameIDFormat from settings """ settings_info = self.loadSettingsJSON() name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c' name_id_format = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient' settings_info['sp']['NameIDFormat'] = name_id_format settings = OneLogin_Saml2_Settings(settings_info) logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id) logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate( logout_request.get_request()) name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data( logout_request_xml) expected_name_id_data = {'Value': name_id, 'Format': name_id_format} self.assertEqual(expected_name_id_data, name_id_data)
def testConstructorWithNameIdFormatOnSettings(self): """ Tests the OneLogin_Saml2_LogoutRequest Constructor. Case: Defines NameIDFormat from settings """ settings_info = self.loadSettingsJSON() name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c' name_id_format = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient' settings_info['sp']['NameIDFormat'] = name_id_format settings = OneLogin_Saml2_Settings(settings_info) logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id) logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(logout_request.get_request()) name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request_xml) expected_name_id_data = { 'Value': name_id, 'Format': name_id_format } self.assertEqual(expected_name_id_data, name_id_data)
def testGetNameIdData(self): """ Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest """ expected_name_id_data = { 'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c', 'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified', 'SPNameQualifier': 'http://idp.example.com/' } request = self.file_contents( join(self.data_path, 'logout_requests', 'logout_request.xml')) name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request) self.assertEqual(expected_name_id_data, name_id_data) dom = parseString(request) name_id_data_2 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom) self.assertEqual(expected_name_id_data, name_id_data_2) request_2 = self.file_contents( join(self.data_path, 'logout_requests', 'logout_request_encrypted_nameid.xml')) with self.assertRaisesRegexp( OneLogin_Saml2_Error, 'Key is required in order to decrypt the NameID'): OneLogin_Saml2_Logout_Request.get_nameid_data(request_2) settings = OneLogin_Saml2_Settings(self.loadSettingsJSON()) key = settings.get_sp_key() name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data( request_2, key) expected_name_id_data = { 'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69', 'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress', 'SPNameQualifier': 'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php' } self.assertEqual(expected_name_id_data, name_id_data_4) dom_2 = parseString(request_2) encrypted_id_nodes = dom_2.getElementsByTagName('saml:EncryptedID') encrypted_data = encrypted_id_nodes[0].firstChild.nextSibling encrypted_id_nodes[0].removeChild(encrypted_data) with self.assertRaisesRegexp(OneLogin_Saml2_ValidationError, 'NameID not found in the Logout Request'): OneLogin_Saml2_Logout_Request.get_nameid_data(dom_2.toxml(), key) idp_data = settings.get_idp_data() sp_data = settings.get_sp_data() expected_name_id_data = { 'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress', 'NameQualifier': idp_data['entityId'], 'SPNameQualifier': sp_data['entityId'], 'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69' } inv_request = self.file_contents( join(self.data_path, 'logout_requests', 'invalids', 'no_nameId.xml')) with self.assertRaisesRegexp(OneLogin_Saml2_ValidationError, 'NameID not found in the Logout Request'): OneLogin_Saml2_Logout_Request.get_nameid_data(inv_request) logout_request = OneLogin_Saml2_Logout_Request( settings, None, expected_name_id_data['Value'], None, idp_data['entityId'], expected_name_id_data['Format']) dom = parseString(logout_request.get_xml()) name_id_data_3 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom) self.assertEqual(expected_name_id_data, name_id_data_3) expected_name_id_data = { 'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress', 'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69' } logout_request = OneLogin_Saml2_Logout_Request( settings, None, expected_name_id_data['Value'], None, None, expected_name_id_data['Format']) dom = parseString(logout_request.get_xml()) name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom) self.assertEqual(expected_name_id_data, name_id_data_4) expected_name_id_data = { 'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity', 'Value': 'http://idp.example.com/' } logout_request = OneLogin_Saml2_Logout_Request(settings) dom = parseString(logout_request.get_xml()) name_id_data_5 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom) self.assertEqual(expected_name_id_data, name_id_data_5)
def testGetNameIdData(self): """ Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest """ expected_name_id_data = { 'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c', 'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified', 'SPNameQualifier': 'http://idp.example.com/' } request = self.file_contents( join(self.data_path, 'logout_requests', 'logout_request.xml')) name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request) self.assertEqual(expected_name_id_data, name_id_data) dom = parseString(request) name_id_data_2 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom) self.assertEqual(expected_name_id_data, name_id_data_2) request_2 = self.file_contents( join(self.data_path, 'logout_requests', 'logout_request_encrypted_nameid.xml')) try: OneLogin_Saml2_Logout_Request.get_nameid_data(request_2) self.assertTrue(False) except Exception as e: self.assertIn('Key is required in order to decrypt the NameID', e.message) settings = OneLogin_Saml2_Settings(self.loadSettingsJSON()) key = settings.get_sp_key() name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data( request_2, key) expected_name_id_data = { 'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69', 'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress', 'SPNameQualifier': 'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php' } self.assertEqual(expected_name_id_data, name_id_data_4) dom_2 = parseString(request_2) encrypted_id_nodes = dom_2.getElementsByTagName('saml:EncryptedID') encrypted_data = encrypted_id_nodes[0].firstChild.nextSibling encrypted_id_nodes[0].removeChild(encrypted_data) try: OneLogin_Saml2_Logout_Request.get_nameid_data(dom_2.toxml(), key) self.assertTre(False) except Exception as e: self.assertIn('Not NameID found in the Logout Request', e.message) inv_request = self.file_contents( join(self.data_path, 'logout_requests', 'invalids', 'no_nameId.xml')) try: OneLogin_Saml2_Logout_Request.get_nameid_data(inv_request) self.assertTre(False) except Exception as e: self.assertIn('Not NameID found in the Logout Request', e.message)