def handle(self, *args, **options):
should_pull_saml_metadata = options.get('pull', False)
if not should_pull_saml_metadata:
raise CommandError(
"Command can only be used with '--pull' option.")
log_handler = logging.StreamHandler(self.stdout)
log_handler.setLevel(logging.DEBUG)
log = logging.getLogger('common.djangoapps.third_party_auth.tasks')
log.propagate = False
log.addHandler(log_handler)
total, skipped, attempted, updated, failed, failure_messages = fetch_saml_metadata(
)
self.stdout.write(u"\nDone."
u"\n{total} provider(s) found in database."
u"\n{skipped} skipped and {attempted} attempted."
u"\n{updated} updated and {failed} failed.\n".format(
total=total,
skipped=skipped,
attempted=attempted,
updated=updated,
failed=failed,
))
if failed > 0:
raise CommandError(
u"Command finished with the following exceptions:\n\n{failures}"
.format(failures="\n\n".join(failure_messages)))
def test_configure_testshib_provider_with_cache_duration(self):
""" Enable and configure the TestShib SAML IdP as a third_party_auth provider """
kwargs = {}
kwargs.setdefault('name', self.PROVIDER_NAME)
kwargs.setdefault('enabled', True)
kwargs.setdefault('visible', True)
kwargs.setdefault('slug', self.PROVIDER_IDP_SLUG)
kwargs.setdefault('entity_id', TESTSHIB_ENTITY_ID)
kwargs.setdefault('metadata_source',
TESTSHIB_METADATA_URL_WITH_CACHE_DURATION)
kwargs.setdefault('icon_class', 'fa-university')
kwargs.setdefault(
'attr_email',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.6') # eduPersonPrincipalName
self.configure_saml_provider(**kwargs)
assert httpretty.is_enabled()
num_total, num_skipped, num_attempted, num_updated, num_failed, failure_messages = fetch_saml_metadata(
)
assert num_total == 1
assert num_skipped == 0
assert num_attempted == 1
assert num_updated == 1
assert num_failed == 0
assert len(failure_messages) == 0
def _configure_testshib_provider(self, **kwargs):
""" Enable and configure the TestShib SAML IdP as a third_party_auth provider """
fetch_metadata = kwargs.pop('fetch_metadata', True)
assert_metadata_updates = kwargs.pop('assert_metadata_updates', True)
kwargs.setdefault('name', self.PROVIDER_NAME)
kwargs.setdefault('enabled', True)
kwargs.setdefault('visible', True)
kwargs.setdefault("backend_name", "tpa-saml")
kwargs.setdefault('slug', self.PROVIDER_IDP_SLUG)
kwargs.setdefault('entity_id', TESTSHIB_ENTITY_ID)
kwargs.setdefault('metadata_source', TESTSHIB_METADATA_URL)
kwargs.setdefault('icon_class', 'fa-university')
kwargs.setdefault(
'attr_email',
'urn:oid:1.3.6.1.4.1.5923.1.1.1.6') # eduPersonPrincipalName
kwargs.setdefault('max_session_length', None)
kwargs.setdefault('send_to_registration_first', False)
kwargs.setdefault('skip_email_verification', False)
saml_provider = self.configure_saml_provider(**kwargs) # pylint: disable=no-member
if fetch_metadata:
assert httpretty.is_enabled() # lint-amnesty, pylint: disable=no-member
num_total, num_skipped, num_attempted, num_updated, num_failed, failure_messages = fetch_saml_metadata(
)
if assert_metadata_updates:
assert num_total == 1 # lint-amnesty, pylint: disable=no-member
assert num_skipped == 0 # lint-amnesty, pylint: disable=no-member
assert num_attempted == 1 # lint-amnesty, pylint: disable=no-member
assert num_updated == 1 # lint-amnesty, pylint: disable=no-member
assert num_failed == 0 # lint-amnesty, pylint: disable=no-member
assert len(failure_messages) == 0 # lint-amnesty, pylint: disable=no-member
return saml_provider
