def test_login_redirected_due_to_no_role(self):
# set up session data
session = create_test_session(roles=['NONE'], uid='linda.kim', full_name='Linda Kim', idpSessionIndex='123', save_to_backend=True)
self.__config.testing_securitypolicy(session.get_session_id(), ['NONE'])
self.__request.url = 'http://example.com/dummy/page'
http = login(self.__request)
self.assertIsInstance(http, HTTPForbidden)
def test_login_with_existing_session(self):
self.__config.testing_securitypolicy(None, ['TEACHER'])
self.__request.url = 'http://example.com/dummy/page'
http = login(self.__request)
url = urlparse(http.location)
queries = urllib.parse.parse_qs(url.query)
relay_state = urlsplit(_get_cipher().decrypt(queries['RelayState'][0]))
self.assertEqual(relay_state.path, "/dummy/page")
def test_login_referred_by_protected_page(self):
self.__request.url = 'http://example.com/dummy/data'
http = login(self.__request)
actual_url = urlparse(http.location)
queries = urllib.parse.parse_qs(actual_url.query)
relay_state = urlsplit(_get_cipher().decrypt(queries['RelayState'][0]))
self.assertEqual(relay_state.path, "/dummy/data")
def test_login_with_existing_session(self):
self.__config.testing_securitypolicy(None, ['TEACHER'])
self.__request.url = 'http://example.com/dummy/page'
http = login(self.__request)
url = urlparse(http.location)
queries = urllib.parse.parse_qs(url.query)
relay_state = urlsplit(_get_cipher().decrypt(queries['RelayState'][0]))
self.assertEqual(relay_state.path, "/dummy/page")
def test_login_referred_by_protected_page(self):
self.__request.url = 'http://example.com/dummy/data'
http = login(self.__request)
actual_url = urlparse(http.location)
queries = urllib.parse.parse_qs(actual_url.query)
relay_state = urlsplit(_get_cipher().decrypt(queries['RelayState'][0]))
self.assertEqual(relay_state.path, "/dummy/data")
def test_login_with_xhr(self):
self.__request = EdAuthDummyRequest(True)
self.__request.url = 'http://example.com/dummy/data'
# Must set hook_zca to false to work with uniittest_with_sqlite
self.__config = testing.setUp(registry=self.registry, request=self.__request, hook_zca=False)
resp = login(self.__request)
self.assertIsInstance(resp, HTTPUnauthorized)
body = json.loads(resp.body.decode())
self.assertIsNotNone(body['redirect'])
def test_login_with_no_existing_session(self):
session = create_test_session(roles=['TEACHER'],
uid='linda.kim',
full_name='Linda Kim',
idpSessionIndex='123',
name_id='abc',
save_to_backend=True)
self.__config.testing_securitypolicy(session.get_session_id(),
['TEACHER'])
self.__request.url = 'http://example.com/dummy/page'
http = login(self.__request)
self.assertIsInstance(http, HTTPForbidden)
def test_login_redirected_due_to_no_role(self):
# set up session data
session = create_test_session(roles=['NONE'],
uid='linda.kim',
full_name='Linda Kim',
idpSessionIndex='123',
save_to_backend=True)
self.__config.testing_securitypolicy(session.get_session_id(),
['NONE'])
self.__request.url = 'http://example.com/dummy/page'
http = login(self.__request)
self.assertIsInstance(http, HTTPForbidden)
def test_login_with_xhr(self):
self.__request = EdAuthDummyRequest(True)
self.__request.url = 'http://example.com/dummy/data'
# Must set hook_zca to false to work with uniittest_with_sqlite
self.__config = testing.setUp(registry=self.registry,
request=self.__request,
hook_zca=False)
resp = login(self.__request)
self.assertIsInstance(resp, HTTPUnauthorized)
body = json.loads(resp.body.decode())
self.assertIsNotNone(body['redirect'])
def test_login_referred_by_login_page(self):
self.__request.url = 'http://example.com/dummy/login'
self.__request.referrer = 'http://example.com/r'
http = login(self.__request)
self.assertIsInstance(http, HTTPFound)
# Format: scheme://netloc/path;parameters?query#fragment
actual_url = urlparse(http.location)
expected_url = urlparse(self.__request.registry.settings['auth.saml.idp_server_login_url'])
self.assertEquals(actual_url.scheme, expected_url.scheme)
self.assertEquals(actual_url.netloc, actual_url.netloc)
queries = urllib.parse.parse_qs(actual_url.query)
self.assertTrue(len(queries) == 2)
self.assertIsNotNone(queries['SAMLRequest'])
relay_state = urlsplit(_get_cipher().decrypt(queries['RelayState'][0]))
self.assertEqual(relay_state.path, "/dummy/report")
def test_login_referred_by_login_page(self):
self.__request.url = 'http://example.com/dummy/login'
self.__request.referrer = 'http://example.com/r'
http = login(self.__request)
self.assertIsInstance(http, HTTPFound)
# Format: scheme://netloc/path;parameters?query#fragment
actual_url = urlparse(http.location)
expected_url = urlparse(
self.__request.registry.settings['auth.saml.idp_server_login_url'])
self.assertEquals(actual_url.scheme, expected_url.scheme)
self.assertEquals(actual_url.netloc, actual_url.netloc)
queries = urllib.parse.parse_qs(actual_url.query)
self.assertTrue(len(queries) == 2)
self.assertIsNotNone(queries['SAMLRequest'])
relay_state = urlsplit(_get_cipher().decrypt(queries['RelayState'][0]))
self.assertEqual(relay_state.path, "/dummy/report")
def test_login_with_no_existing_session(self):
session = create_test_session(roles=['TEACHER'], uid='linda.kim', full_name='Linda Kim', idpSessionIndex='123', name_id='abc', save_to_backend=True)
self.__config.testing_securitypolicy(session.get_session_id(), ['TEACHER'])
self.__request.url = 'http://example.com/dummy/page'
http = login(self.__request)
self.assertIsInstance(http, HTTPForbidden)
