def test_authnrequest_bad_acs_url(self):
for new_acs_url in self.BAD_ACS_URLS:
self.login(self.user)
original_request = self.REQUEST_DATA['SAMLRequest']
xml = lxml.etree.fromstring(
codex.decode_saml_xml(original_request))
xml.set('AssertionConsumerServiceURL', new_acs_url)
new_request = codex.deflate_and_base64_encode(
base.c14n(xml)).decode('utf-8')
with self.client.session_transaction() as sess:
sess.update({
**self.REQUEST_DATA,
'SAMLRequest': new_request,
})
response = self.client.get(self.login_process_url)
assert response.status_code == 400
def decode_saml_string(self, saml_string: str) -> bytes:
"""Decode an incoming SAMLResponse into an XML string."""
return codex.decode_saml_xml(saml_string)