def test_login_error_cases_runtime_exception(self):
# given login page after authentication failure
login_error_page_result = self._a_page_of_authentication_failure()
# then runtime exception is raised
with pytest.raises(RuntimeError):
# when a login page after failed authentication is extracted
roles_assertion_extractor.extract(login_error_page_result)
def test_login_error_causes_error_and_exit(self, capsys):
# given login page after authentication failure
login_error_page_result = self._a_page_of_authentication_failure()
# Error is printed and exit is called
with pytest.raises(SystemExit):
# when a login page after failed authentication is extracted
roles_assertion_extractor.extract(login_error_page_result)
out, err = capsys.readouterr()
assert err.startswith("Login error: Incorrect user ID or password")
def test_login_error_causes_error_and_exit(self, capsys):
# given login page after authentication failure
login_error_page_result = self._a_page_of_authentication_failure()
# Error is printed and exit is called
with pytest.raises(SystemExit):
# when a login page after failed authentication is extracted
roles_assertion_extractor.extract(login_error_page_result)
out, err = capsys.readouterr()
assert err.startswith("Login error: Incorrect user ID or password")
def test_beer_roles_are_extracted(self):
# when after successful authentication adfs responded with page containing available roles
roles, assertion, _ = roles_assertion_extractor.extract(self.a_page_of_allowed_beer_roles())
# then two beer roles are extracted
assert len(roles) == 2
assert assertion is not None
def test_missing_saml_assertion_causes_to_return_nothing(self):
# when a returned result page doesn't contain saml (perhaps session expired)
roles, assertion, _ = roles_assertion_extractor.extract(self._a_page_of_expired_login())
# the return nothing - perhaps re-authentication is needed
assert roles is None
assert assertion is None
def test_beer_roles_are_extracted(self):
# when after successful authentication adfs responded with page containing available roles
roles, assertion, _ = roles_assertion_extractor.extract(
self.a_page_of_allowed_beer_roles())
# then two beer roles are extracted
assert len(roles) == 2
assert assertion is not None
def test_missing_saml_assertion_causes_to_return_nothing(self):
# when a returned result page doesn't contain saml (perhaps session expired)
roles, assertion, _ = roles_assertion_extractor.extract(
self._a_page_of_expired_login())
# the return nothing - perhaps re-authentication is needed
assert roles is None
assert assertion is None
def test_provides_default_session_duration_when_it_is_missing_in_response(
self):
# when after successful authentican adfs responds with saml response
# without session duration setup
roles, assertion, extracted_session_duration = roles_assertion_extractor.extract(
self.a_page_with_saml_without_session_duration())
# then extracted session duration has default value for boto
assert extracted_session_duration == roles_assertion_extractor.default_session_duration
def test_provides_default_session_duration_when_it_is_missing_in_response(self):
# when after successful authentican adfs responds with saml response
# without session duration setup
roles, assertion, extracted_session_duration = roles_assertion_extractor.extract(
self.a_page_with_saml_without_session_duration()
)
# then extracted session duration has default value for boto
assert extracted_session_duration == roles_assertion_extractor.default_session_duration
def test_provides_existing_in_response_session_duration(self):
# adfs has configured aws session duration
session_duration_configured_in_adfs = 7200
# when after successful authentican adfs responds with saml response
# containing session duration
roles, assertion, extracted_session_duration = roles_assertion_extractor.extract(
self.a_page_with_saml_containing_session_duration(
session_duration_configured_in_adfs))
# then responded session duration is extracted
assert extracted_session_duration == session_duration_configured_in_adfs
def test_provides_existing_in_response_session_duration(self):
# adfs has configured aws session duration
session_duration_configured_in_adfs = 7200
# when after successful authentican adfs responds with saml response
# containing session duration
roles, assertion, extracted_session_duration = roles_assertion_extractor.extract(
self.a_page_with_saml_containing_session_duration(session_duration_configured_in_adfs)
)
# then responded session duration is extracted
assert extracted_session_duration == session_duration_configured_in_adfs
