def test_valid_saml_auth(self, mock_datetime): mock_datetime.now.return_value = datetime(2019, 4, 9, 21, 35, 0, tzinfo=timezone.utc) mock_datetime.strptime = datetime.strptime a = SAMLAuthenticator() signed_xml = a._verify_saml_signature(self.metadata_etree, self.response_etree) assert etree.tostring(signed_xml) == etree.tostring( self.verified_signed_xml) response_is_valid, signed_xml = a._test_valid_saml_response( self.metadata_etree, self.response_etree) assert response_is_valid # Check the signed xml is the subset of the xml that is returned by signxml assert etree.tostring(signed_xml) == etree.tostring( self.verified_signed_xml)
def test_no_metadata_cert(self): a = SAMLAuthenticator() no_cert_metadata_etree = etree.fromstring( test_constants.sample_metadata_no_cert_xml) bad_signed_xml = a._verify_saml_signature(no_cert_metadata_etree, self.response_etree) assert bad_signed_xml is None response_is_valid, signed_xml = a._test_valid_saml_response( no_cert_metadata_etree, self.response_etree) assert not response_is_valid assert signed_xml is None
def test_tampered_saml_response(self): a = SAMLAuthenticator() tampered_etree = etree.fromstring( test_constants.tampered_sample_response_xml) bad_signed_xml = a._verify_saml_signature(self.metadata_etree, tampered_etree) assert bad_signed_xml is None response_is_valid, signed_xml = a._test_valid_saml_response( self.metadata_etree, tampered_etree) assert not response_is_valid assert signed_xml is None