def test_logout_service_startingIDP(self):
self.config.testing_securitypolicy(userid='*****@*****.**',
permissive=True)
self.set_user_cookie('*****@*****.**')
came_from = '/afterlogin/'
session_id = self.add_outstanding_query(came_from)
saml_response = auth_response(session_id, "*****@*****.**")
# Log in through IDP SAMLResponse
res = self.testapp.post('/saml2/acs/', params={
'SAMLResponse': base64.b64encode(saml_response),
'RelayState': came_from,
})
res = self.testapp.get('/saml2/ls/', params={
'SAMLRequest': deflate_and_base64_encode(
logout_request(session_id)
),
'RelayState': 'testing-relay-state',
})
self.assertEqual(res.status, '302 Found')
self.assertIn('https://idp.example.com/simplesaml/saml2/idp/'
'SingleLogoutService.php?SAMLResponse=', res.location)
# Set a expired cookie (just the logout header)
self.assertIn('auth_tkt=""; Path=/; Domain=localhost; Max-Age=0; '
'Expires=Wed, 31-Dec-97 23:59:59 GMT',
res.headers.getall('Set-Cookie'))
def test_assertion_consumer_service(self):
came_from = '/afterlogin/'
session_id = self.add_outstanding_query(came_from)
saml_response = auth_response(session_id, "*****@*****.**")
res = self.testapp.post('/saml2/acs/', params={
'SAMLResponse': base64.b64encode(saml_response),
'RelayState': came_from,
})
self.assertEquals(res.status_code, 302)
self.assertEquals(res.location, 'http://localhost' + came_from)
def test_logout_loggedin(self):
came_from = '/afterlogin/'
session_id = self.add_outstanding_query(came_from)
saml_response = auth_response(session_id, "*****@*****.**")
res = self.testapp.post('/saml2/acs/', params={
'SAMLResponse': base64.b64encode(saml_response),
'RelayState': came_from,
})
cookies = res.cookies_set
res = self.testapp.get('/saml2/logout/',
headers={'cookies': cookies['auth_tkt']})
self.assertEqual(res.status, '302 Found')
self.assertIn('https://idp.example.com/simplesaml/saml2/idp/'
'SingleLogoutService.php', res.location)
