def testUsingTestData(self):
"""Test attribute_statement_from_string() using test data"""
attr_statem = saml.attribute_statement_from_string(saml2_data.TEST_ATTRIBUTE_STATEMENT)
assert attr_statem.attribute[0].name == "testAttribute"
assert attr_statem.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem.attribute[0].friendly_name == "test attribute"
assert attr_statem.attribute[0].attribute_value[0].text.strip() == self.text[1]
assert attr_statem.attribute[0].attribute_value[1].text.strip() == self.text[2]
assert attr_statem.attribute[1].name == "http://www.example.com/testAttribute2"
assert attr_statem.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem.attribute[1].friendly_name == "test attribute2"
assert attr_statem.attribute[1].attribute_value[0].text.strip() == self.text[3]
assert attr_statem.attribute[1].attribute_value[1].text.strip() == self.text[4]
# test again
attr_statem2 = saml.attribute_statement_from_string(attr_statem.to_string())
assert attr_statem2.attribute[0].name == "testAttribute"
assert attr_statem2.attribute[0].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert attr_statem2.attribute[0].friendly_name == "test attribute"
assert attr_statem2.attribute[0].attribute_value[0].text.strip() == self.text[1]
assert attr_statem2.attribute[0].attribute_value[1].text.strip() == self.text[2]
assert attr_statem2.attribute[1].name == "http://www.example.com/testAttribute2"
assert attr_statem2.attribute[1].name_format == saml.NAME_FORMAT_URI
assert attr_statem2.attribute[1].friendly_name == "test attribute2"
assert attr_statem2.attribute[1].attribute_value[0].text.strip() == self.text[3]
assert attr_statem2.attribute[1].attribute_value[1].text.strip() == self.text[4]
def testAccessors(self):
"""Test for Assertion accessors"""
self.assertion.id = "assertion id"
self.assertion.version = saml2.VERSION
self.assertion.issue_instant = "2007-08-31T01:05:02Z"
self.assertion.issuer = saml.issuer_from_string(saml2_data.TEST_ISSUER)
self.assertion.signature = ds.signature_from_string(ds_data.TEST_SIGNATURE)
self.assertion.subject = saml.subject_from_string(saml2_data.TEST_SUBJECT)
self.assertion.conditions = saml.conditions_from_string(saml2_data.TEST_CONDITIONS)
self.assertion.advice = saml.Advice()
self.assertion.statement.append(saml.Statement())
self.assertion.authn_statement.append(saml.authn_statement_from_string(saml2_data.TEST_AUTHN_STATEMENT))
self.assertion.authz_decision_statement.append(saml.AuthzDecisionStatement())
self.assertion.attribute_statement.append(
saml.attribute_statement_from_string(saml2_data.TEST_ATTRIBUTE_STATEMENT)
)
new_assertion = saml.assertion_from_string(self.assertion.to_string())
assert new_assertion.id == "assertion id"
assert new_assertion.version == saml2.VERSION
assert new_assertion.issue_instant == "2007-08-31T01:05:02Z"
assert isinstance(new_assertion.issuer, saml.Issuer)
assert isinstance(new_assertion.signature, ds.Signature)
assert isinstance(new_assertion.subject, saml.Subject)
assert isinstance(new_assertion.conditions, saml.Conditions)
assert isinstance(new_assertion.advice, saml.Advice)
assert isinstance(new_assertion.statement[0], saml.Statement)
assert isinstance(new_assertion.authn_statement[0], saml.AuthnStatement)
assert isinstance(new_assertion.authz_decision_statement[0], saml.AuthzDecisionStatement)
assert isinstance(new_assertion.attribute_statement[0], saml.AttributeStatement)
def testAccessors(self):
"""Test for Attribute accessors"""
self.attr_statem.attribute.append(saml.Attribute())
self.attr_statem.attribute.append(saml.Attribute())
self.attr_statem.attribute[0].name = "testAttribute"
self.attr_statem.attribute[0].name_format = saml.NAME_FORMAT_URI
self.attr_statem.attribute[0].friendly_name = "test attribute"
self.attr_statem.attribute[0].attribute_value.append(saml.AttributeValue())
self.attr_statem.attribute[0].attribute_value[0].text = self.text[0]
self.attr_statem.attribute[1].name = "testAttribute2"
self.attr_statem.attribute[1].name_format = saml.NAME_FORMAT_UNSPECIFIED
self.attr_statem.attribute[1].friendly_name = self.text[2]
self.attr_statem.attribute[1].attribute_value.append(saml.AttributeValue())
self.attr_statem.attribute[1].attribute_value[0].text = self.text[2]
new_as = saml.attribute_statement_from_string(self.attr_statem.to_string())
assert new_as.attribute[0].name == "testAttribute"
assert new_as.attribute[0].name_format == saml.NAME_FORMAT_URI
assert new_as.attribute[0].friendly_name == "test attribute"
assert new_as.attribute[0].attribute_value[0].text.strip() == self.text[0]
assert new_as.attribute[1].name == "testAttribute2"
assert new_as.attribute[1].name_format == saml.NAME_FORMAT_UNSPECIFIED
assert new_as.attribute[1].friendly_name == "value2 of test attribute"
assert new_as.attribute[1].attribute_value[0].text.strip() == self.text[2]
def test_ava_fro_1(self):
ats = saml.attribute_statement_from_string(STATEMENT1)
# print(ats)
ava = None
for ac in self.acs:
try:
ava = ac.fro(ats)
except attribute_converter.UnknownNameFormat:
pass
# break if we have something
if ava:
break
print(ava.keys())
assert _eq(
ava.keys(),
[
"givenName",
"displayName",
"uid",
"eduPersonNickname",
"street",
"eduPersonScopedAffiliation",
"employeeType",
"eduPersonAffiliation",
"eduPersonPrincipalName",
"sn",
"postalCode",
"physicalDeliveryOfficeName",
"ou",
"eduPersonTargetedID",
"cn",
],
)
def test_callback():
cb = Callback()
attr_statem = saml.attribute_statement_from_string(TEST_ATTRIBUTE_STATEMENT)
msg = cb(attr_statem)
assert msg
def test_ava_fro_2(self):
ats = saml.attribute_statement_from_string(STATEMENT2)
# print(ats)
ava = {}
for ac in self.acs:
ava.update(ac.fro(ats))
print(ava.keys())
assert _eq(ava.keys(), ["eduPersonEntitlement", "eduPersonAffiliation", "uid", "mail", "givenName", "sn"])
def test_ava_fro_2(self):
ats = saml.attribute_statement_from_string(STATEMENT2)
#print ats
ava = {}
for ac in self.acs:
ava.update(ac.fro(ats))
print ava.keys()
assert _eq(ava.keys(), ['eduPersonEntitlement', 'eduPersonAffiliation',
'uid', 'mail', 'givenName', 'sn'])
def test_mixed_attributes_1(self):
ats = saml.attribute_statement_from_string(STATEMENT_MIXED)
ava = to_local(self.acs, ats)
assert ava == {'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'], 'sn': ['Hedberg'],
'uid': ['demouser'], 'user_id': ['bob']}
# Allow unknown
ava = to_local(self.acs, ats, True)
assert ava == {'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'], 'sn': ['Hedberg'],
'swissEduPersonHomeOrganizationType': ['others'],
'uid': ['demouser'], 'urn:example:com:foo': ['Thing'],
'user_id': ['bob']}
def test_to_local_name_from_unspecified(self):
_xml = """<?xml version='1.0' encoding='UTF-8'?>
<ns0:AttributeStatement xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion">
<ns0:Attribute
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="EmailAddress"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns0:AttributeValue xsi:type="xs:string">[email protected]</ns0:AttributeValue>
</ns0:Attribute></ns0:AttributeStatement>"""
attr = attribute_statement_from_string(_xml)
ava = attribute_converter.to_local(self.acs, attr)
assert _eq(list(ava.keys()), ['EmailAddress'])
def test_to_local_name_from_unspecified(self):
_xml = """<?xml version='1.0' encoding='UTF-8'?>
<ns0:AttributeStatement xmlns:ns0="urn:oasis:names:tc:SAML:2.0:assertion">
<ns0:Attribute
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
Name="EmailAddress"
NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified">
<ns0:AttributeValue xsi:type="xs:string">[email protected]</ns0:AttributeValue>
</ns0:Attribute></ns0:AttributeStatement>"""
attr = attribute_statement_from_string(_xml)
ava = attribute_converter.to_local(self.acs, attr)
assert _eq(list(ava.keys()), ['EmailAddress'])
def test_decrypt(self):
attr_stat = saml.attribute_statement_from_string(
open("encrypted_attribute_statement.xml").read())
assert len(attr_stat.attribute) == 0
assert len(attr_stat.encrypted_attribute) == 4
xmlsec = get_xmlsec_binary()
sec = SecurityContext(xmlsec, key_file="private_key.pem")
resp = AuthnResponse(sec, None, "entity_id")
resp.decrypt_attributes(attr_stat)
assert len(attr_stat.attribute) == 4
assert len(attr_stat.encrypted_attribute) == 4
def test_ava_fro_2(self):
ats = saml.attribute_statement_from_string(STATEMENT2)
#print ats
ava = None
for ac in self.acs:
try:
ava = ac.fro(ats)
break
except attribute_converter.UnknownNameFormat:
pass
print ava.keys()
assert _eq(ava.keys(),['uid', 'swissedupersonuniqueid',
'swissedupersonhomeorganizationtype',
'eduPersonEntitlement', 'eduPersonAffiliation',
'sn', 'mail', 'swissedupersonhomeorganization',
'givenName'])
def test_ava_fro_2(self):
ats = saml.attribute_statement_from_string(STATEMENT2)
#print ats
ava = None
for ac in self.acs:
try:
ava = ac.fro(ats)
break
except attribute_converter.UnknownNameFormat:
pass
print ava.keys()
assert _eq(ava.keys(),['uid', 'swissedupersonuniqueid',
'swissedupersonhomeorganizationtype',
'eduPersonEntitlement', 'eduPersonAffiliation',
'sn', 'mail', 'swissedupersonhomeorganization',
'givenName'])
def test_ava_fro_1(self):
ats = saml.attribute_statement_from_string(STATEMENT1)
#print ats
ava = None
for ac in self.acs:
try:
ava = ac.fro(ats)
break
except attribute_converter.UnknownNameFormat:
pass
print ava.keys()
assert _eq(ava.keys(),['givenName', 'displayName', 'uid',
'eduPersonNickname', 'street', 'eduPersonScopedAffiliation',
'employeeType', 'eduPersonAffiliation', 'eduPersonPrincipalName',
'sn', 'postalCode', 'physicalDeliveryOfficeName', 'ou',
'eduPersonTargetedID', 'cn'])
def test_ava_fro_1(self):
ats = saml.attribute_statement_from_string(STATEMENT1)
#print ats
ava = None
for ac in self.acs:
try:
ava = ac.fro(ats)
break
except attribute_converter.UnknownNameFormat:
pass
print ava.keys()
assert _eq(ava.keys(), ['givenName', 'displayName', 'uid',
'eduPersonNickname', 'street',
'eduPersonScopedAffiliation',
'employeeType', 'eduPersonAffiliation',
'eduPersonPrincipalName', 'sn', 'postalCode',
'physicalDeliveryOfficeName', 'ou',
'eduPersonTargetedID', 'cn'])
def test_mixed_attributes_1(self):
ats = saml.attribute_statement_from_string(STATEMENT_MIXED)
ava = to_local(self.acs, ats)
assert ava == {
"eduPersonAffiliation": ["staff"],
"givenName": ["Roland"],
"sn": ["Hedberg"],
"uid": ["demouser"],
"user_id": ["bob"],
}
# Allow unknown
ava = to_local(self.acs, ats, True)
assert ava == {
"eduPersonAffiliation": ["staff"],
"givenName": ["Roland"],
"sn": ["Hedberg"],
"swissEduPersonHomeOrganizationType": ["others"],
"uid": ["demouser"],
"urn:example:com:foo": ["Thing"],
"user_id": ["bob"],
}
def test_mixed_attributes_1(self):
ats = saml.attribute_statement_from_string(STATEMENT_MIXED)
ava = to_local(self.acs, ats)
assert ava == {
'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'],
'sn': ['Hedberg'],
'uid': ['demouser'],
'user_id': ['bob']
}
# Allow unknown
ava = to_local(self.acs, ats, True)
assert ava == {
'eduPersonAffiliation': ['staff'],
'givenName': ['Roland'],
'sn': ['Hedberg'],
'swissEduPersonHomeOrganizationType': ['others'],
'uid': ['demouser'],
'urn:example:com:foo': ['Thing'],
'user_id': ['bob']
}
def test_unspecified_name_format(self):
ats = saml.attribute_statement_from_string(STATEMENT4)
ava = to_local(self.acs, ats)
assert ava == {'user_id': ['bob'], 'NameID': ['bobsnameagain']}
def test_unspecified_name_format(self):
ats = saml.attribute_statement_from_string(STATEMENT4)
ava = to_local(self.acs, ats)
assert ava == {"user_id": ["bob"], "NameID": ["bobsnameagain"]}
def test_unspecified_name_format(self):
ats = saml.attribute_statement_from_string(STATEMENT4)
ava = to_local(self.acs, ats)
assert ava == {'user_id': ['bob'], 'NameID': ['bobsnameagain']}
