def testGetNameIdData(self):
"""
Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest
"""
expected_name_id_data = {
'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c',
'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
'SPNameQualifier': 'http://idp.example.com/'
}
request = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request.xml'))
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request)
self.assertEqual(expected_name_id_data, name_id_data)
dom = parseString(request)
name_id_data_2 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom.toxml())
self.assertEqual(expected_name_id_data, name_id_data_2)
request_2 = self.file_contents(join(self.data_path, 'logout_requests', 'logout_request_encrypted_nameid.xml'))
with self.assertRaises(Exception) as context:
OneLogin_Saml2_Logout_Request.get_nameid(request_2)
exception = context.exception
self.assertIn("Key is required in order to decrypt the NameID", str(exception))
settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
key = settings.get_sp_key()
name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(request_2, key)
expected_name_id_data = {
'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69',
'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
'SPNameQualifier': 'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php'
}
self.assertEqual(expected_name_id_data, name_id_data_4)
dom_2 = parseString(request_2)
encrypted_id_nodes = dom_2.getElementsByTagName('saml:EncryptedID')
encrypted_data = encrypted_id_nodes[0].firstChild.nextSibling
encrypted_id_nodes[0].removeChild(encrypted_data)
with self.assertRaises(Exception) as context:
OneLogin_Saml2_Logout_Request.get_nameid(dom_2.toxml(), key)
exception = context.exception
self.assertIn("Not NameID found in the Logout Request", str(exception))
inv_request = self.file_contents(join(self.data_path, 'logout_requests', 'invalids', 'no_nameId.xml'))
with self.assertRaises(Exception) as context:
OneLogin_Saml2_Logout_Request.get_nameid(inv_request)
exception = context.exception
self.assertIn("Not NameID found in the Logout Request", str(exception))
def testConstructorWithoutNameIdFormat(self):
"""
Tests the OneLogin_Saml2_LogoutRequest Constructor.
Case: Checks that NameIDFormat is not added
"""
settings_info = self.loadSettingsJSON()
name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c'
name_id_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
settings_info['sp']['NameIDFormat'] = name_id_format
settings = OneLogin_Saml2_Settings(settings_info)
logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id)
logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(logout_request.get_request())
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request_xml)
expected_name_id_data = {
'Value': name_id
}
self.assertEqual(expected_name_id_data, name_id_data)
def testConstructorWithoutNameIdFormat(self):
"""
Tests the OneLogin_Saml2_LogoutRequest Constructor.
Case: Checks that NameIDFormat is not added
"""
settings_info = self.loadSettingsJSON()
name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c'
name_id_format = 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified'
settings_info['sp']['NameIDFormat'] = name_id_format
settings = OneLogin_Saml2_Settings(settings_info)
logout_request = OneLogin_Saml2_Logout_Request(settings,
name_id=name_id)
logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(
logout_request.get_request())
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(
logout_request_xml)
expected_name_id_data = {'Value': name_id}
self.assertEqual(expected_name_id_data, name_id_data)
def testConstructorWithNameIdFormatOnSettings(self):
"""
Tests the OneLogin_Saml2_LogoutRequest Constructor.
Case: Defines NameIDFormat from settings
"""
settings_info = self.loadSettingsJSON()
name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c'
name_id_format = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
settings_info['sp']['NameIDFormat'] = name_id_format
settings = OneLogin_Saml2_Settings(settings_info)
logout_request = OneLogin_Saml2_Logout_Request(settings,
name_id=name_id)
logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(
logout_request.get_request())
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(
logout_request_xml)
expected_name_id_data = {'Value': name_id, 'Format': name_id_format}
self.assertEqual(expected_name_id_data, name_id_data)
def testConstructorWithNameIdFormatOnSettings(self):
"""
Tests the OneLogin_Saml2_LogoutRequest Constructor.
Case: Defines NameIDFormat from settings
"""
settings_info = self.loadSettingsJSON()
name_id = 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c'
name_id_format = 'urn:oasis:names:tc:SAML:2.0:nameid-format:transient'
settings_info['sp']['NameIDFormat'] = name_id_format
settings = OneLogin_Saml2_Settings(settings_info)
logout_request = OneLogin_Saml2_Logout_Request(settings, name_id=name_id)
logout_request_xml = OneLogin_Saml2_Utils.decode_base64_and_inflate(logout_request.get_request())
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(logout_request_xml)
expected_name_id_data = {
'Value': name_id,
'Format': name_id_format
}
self.assertEqual(expected_name_id_data, name_id_data)
def testGetNameIdData(self):
"""
Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest
"""
expected_name_id_data = {
'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c',
'Format': 'urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified',
'SPNameQualifier': 'http://idp.example.com/'
}
request = self.file_contents(
join(self.data_path, 'logout_requests', 'logout_request.xml'))
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request)
self.assertEqual(expected_name_id_data, name_id_data)
dom = parseString(request)
name_id_data_2 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom)
self.assertEqual(expected_name_id_data, name_id_data_2)
request_2 = self.file_contents(
join(self.data_path, 'logout_requests',
'logout_request_encrypted_nameid.xml'))
with self.assertRaisesRegexp(
OneLogin_Saml2_Error,
'Key is required in order to decrypt the NameID'):
OneLogin_Saml2_Logout_Request.get_nameid_data(request_2)
settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
key = settings.get_sp_key()
name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(
request_2, key)
expected_name_id_data = {
'Value':
'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69',
'Format':
'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
'SPNameQualifier':
'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php'
}
self.assertEqual(expected_name_id_data, name_id_data_4)
dom_2 = parseString(request_2)
encrypted_id_nodes = dom_2.getElementsByTagName('saml:EncryptedID')
encrypted_data = encrypted_id_nodes[0].firstChild.nextSibling
encrypted_id_nodes[0].removeChild(encrypted_data)
with self.assertRaisesRegexp(OneLogin_Saml2_ValidationError,
'NameID not found in the Logout Request'):
OneLogin_Saml2_Logout_Request.get_nameid_data(dom_2.toxml(), key)
idp_data = settings.get_idp_data()
sp_data = settings.get_sp_data()
expected_name_id_data = {
'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
'NameQualifier': idp_data['entityId'],
'SPNameQualifier': sp_data['entityId'],
'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69'
}
inv_request = self.file_contents(
join(self.data_path, 'logout_requests', 'invalids',
'no_nameId.xml'))
with self.assertRaisesRegexp(OneLogin_Saml2_ValidationError,
'NameID not found in the Logout Request'):
OneLogin_Saml2_Logout_Request.get_nameid_data(inv_request)
logout_request = OneLogin_Saml2_Logout_Request(
settings, None, expected_name_id_data['Value'], None,
idp_data['entityId'], expected_name_id_data['Format'])
dom = parseString(logout_request.get_xml())
name_id_data_3 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom)
self.assertEqual(expected_name_id_data, name_id_data_3)
expected_name_id_data = {
'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
'Value': 'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69'
}
logout_request = OneLogin_Saml2_Logout_Request(
settings, None, expected_name_id_data['Value'], None, None,
expected_name_id_data['Format'])
dom = parseString(logout_request.get_xml())
name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom)
self.assertEqual(expected_name_id_data, name_id_data_4)
expected_name_id_data = {
'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:entity',
'Value': 'http://idp.example.com/'
}
logout_request = OneLogin_Saml2_Logout_Request(settings)
dom = parseString(logout_request.get_xml())
name_id_data_5 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom)
self.assertEqual(expected_name_id_data, name_id_data_5)
def testGetNameIdData(self):
"""
Tests the get_nameid_data method of the OneLogin_Saml2_LogoutRequest
"""
expected_name_id_data = {
'Value': 'ONELOGIN_1e442c129e1f822c8096086a1103c5ee2c7cae1c',
'Format': 'urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified',
'SPNameQualifier': 'http://idp.example.com/'
}
request = self.file_contents(
join(self.data_path, 'logout_requests', 'logout_request.xml'))
name_id_data = OneLogin_Saml2_Logout_Request.get_nameid_data(request)
self.assertEqual(expected_name_id_data, name_id_data)
dom = parseString(request)
name_id_data_2 = OneLogin_Saml2_Logout_Request.get_nameid_data(dom)
self.assertEqual(expected_name_id_data, name_id_data_2)
request_2 = self.file_contents(
join(self.data_path, 'logout_requests',
'logout_request_encrypted_nameid.xml'))
try:
OneLogin_Saml2_Logout_Request.get_nameid_data(request_2)
self.assertTrue(False)
except Exception as e:
self.assertIn('Key is required in order to decrypt the NameID',
e.message)
settings = OneLogin_Saml2_Settings(self.loadSettingsJSON())
key = settings.get_sp_key()
name_id_data_4 = OneLogin_Saml2_Logout_Request.get_nameid_data(
request_2, key)
expected_name_id_data = {
'Value':
'ONELOGIN_9c86c4542ab9d6fce07f2f7fd335287b9b3cdf69',
'Format':
'urn:oasis:names:tc:SAML:2.0:nameid-format:emailAddress',
'SPNameQualifier':
'https://pitbulk.no-ip.org/newonelogin/demo1/metadata.php'
}
self.assertEqual(expected_name_id_data, name_id_data_4)
dom_2 = parseString(request_2)
encrypted_id_nodes = dom_2.getElementsByTagName('saml:EncryptedID')
encrypted_data = encrypted_id_nodes[0].firstChild.nextSibling
encrypted_id_nodes[0].removeChild(encrypted_data)
try:
OneLogin_Saml2_Logout_Request.get_nameid_data(dom_2.toxml(), key)
self.assertTre(False)
except Exception as e:
self.assertIn('Not NameID found in the Logout Request', e.message)
inv_request = self.file_contents(
join(self.data_path, 'logout_requests', 'invalids',
'no_nameId.xml'))
try:
OneLogin_Saml2_Logout_Request.get_nameid_data(inv_request)
self.assertTre(False)
except Exception as e:
self.assertIn('Not NameID found in the Logout Request', e.message)
