def test_get_saml_request_without_country(self):
saml_request_xml, saml_request_encoded = self.load_saml_request()
view = ServiceProviderRequestView()
view.request = self.factory.post(self.url,
{'SAMLRequest': saml_request_encoded})
with self.assertRaisesMessage(MultiValueDictKeyError, 'country_param'):
view.get_saml_request('country_param', None)
def test_create_light_request_our_issuer_set(self):
saml_request_xml, _saml_request_encoded = self.load_saml_request()
view = ServiceProviderRequestView()
view.saml_request = SAMLRequest(parse_xml(saml_request_xml), 'ca',
'xyz')
light_request = view.create_light_request('test-saml-request-issuer',
'test-light-request-issuer')
self.assertEqual(light_request.issuer, 'test-light-request-issuer')
def test_create_light_request_wrong_issuer(self):
saml_request_xml, _saml_request_encoded = self.load_saml_request()
view = ServiceProviderRequestView()
view.saml_request = SAMLRequest(parse_xml(saml_request_xml), 'ca',
'xyz')
with self.assertRaisesMessage(SecurityError,
'Invalid SAML request issuer'):
view.create_light_request('wrong-saml-issuer',
'test-light-request-issuer')
def test_adjust_requested_attributes(self):
view = ServiceProviderRequestView()
attributes = {} # type: Dict[str, List[str]]
view.adjust_requested_attributes(attributes, set())
self.assertEqual(
attributes, {
EIDAS_NATURAL_PERSON_PREFIX + i: []
for i in ('PersonIdentifier', 'CurrentFamilyName',
'CurrentGivenName', 'DateOfBirth')
})
def test_get_saml_request_invalid_signature(self):
saml_request_xml, saml_request_encoded = self.load_saml_request(
signed=True)
view = ServiceProviderRequestView()
view.request = self.factory.post(self.url, {
'SAMLRequest': saml_request_encoded,
'country_param': 'ca'
})
self.assertRaises(SecurityError, view.get_saml_request,
'country_param', WRONG_CERT_FILE)
def test_adjust_requested_attributes_without_filter(self):
view = ServiceProviderRequestView()
attributes = {'unknown': []} # type: Dict[str, List[str]]
view.adjust_requested_attributes(attributes, set())
expected = {
EIDAS_NATURAL_PERSON_PREFIX + i: []
for i in ('PersonIdentifier', 'CurrentFamilyName',
'CurrentGivenName', 'DateOfBirth')
} # type: Dict[str, List[str]]
expected['unknown'] = []
self.assertEqual(attributes, expected)
def test_get_saml_request_valid_signature(self):
saml_request_xml, saml_request_encoded = self.load_saml_request(
signed=True)
view = ServiceProviderRequestView()
view.request = self.factory.post(self.url, {
'SAMLRequest': saml_request_encoded,
'country_param': 'ca'
})
saml_request = view.get_saml_request('country_param', CERT_FILE)
self.assertXMLEqual(
dump_xml(saml_request.document).decode('utf-8'), saml_request_xml)
def test_get_saml_request_without_relay_state(self):
saml_request_xml, saml_request_encoded = self.load_saml_request()
view = ServiceProviderRequestView()
view.request = self.factory.post(self.url, {
'SAMLRequest': saml_request_encoded,
'country_param': 'ca'
})
saml_request = view.get_saml_request('country_param', None)
self.assertXMLEqual(
dump_xml(saml_request.document).decode('utf-8'), saml_request_xml)
self.assertEqual(saml_request.citizen_country_code, 'CA')
self.assertEqual(saml_request.relay_state, None)
def test_adjust_requested_attributes_with_filter_nothing_unssuported(self):
view = ServiceProviderRequestView()
allowed = {EIDAS_NATURAL_PERSON_PREFIX + 'CurrentAddress'}
attributes = {
EIDAS_NATURAL_PERSON_PREFIX + 'CurrentAddress': [],
} # type: Dict[str, List[str]]
view.adjust_requested_attributes(attributes, allowed)
expected = {
EIDAS_NATURAL_PERSON_PREFIX + i: []
for i in ('PersonIdentifier', 'CurrentFamilyName',
'CurrentGivenName', 'DateOfBirth', 'CurrentAddress')
} # type: Dict[str, List[str]]
self.assertEqual(attributes, expected)
def test_create_light_token(self, uuid_mock: MagicMock):
view = ServiceProviderRequestView()
light_request_data = LIGHT_REQUEST_DICT.copy()
view.light_request = LightRequest(**light_request_data)
token, encoded_token = view.create_light_token('test-token-issuer',
'sha256', 'test-secret')
self.assertEqual(token.id, 'T0uuid4')
self.assertEqual(token.issuer, 'test-token-issuer')
self.assertEqual(token.created, datetime(2017, 12, 11, 16, 12, 5))
self.assertEqual(
token.encode('sha256', 'test-secret').decode('ascii'),
encoded_token)
self.assertEqual(uuid_mock.mock_calls, [call()])
def test_get_saml_request_without_saml_request(self):
view = ServiceProviderRequestView()
view.request = self.factory.post(self.url, {'country_param': 'ca'})
with self.assertRaisesMessage(ParseError, 'Document is empty'):
view.get_saml_request('country_param', None)