def test_convert_saml_slug_provider_id(self):
"""
Verify saml provider id/slug map to each other correctly.
"""
provider_names = {'saml-samltest': 'samltest', 'saml-example': 'example'}
for provider_id in provider_names:
# provider_id -> slug
assert convert_saml_slug_provider_id(provider_id) == provider_names[provider_id]
# slug -> provider_id
assert convert_saml_slug_provider_id(provider_names[provider_id]) == provider_id
def test_get_one_config_by_enterprise_uuid_found(self):
"""
GET auth/saml/v0/provider_config/?enterprise_customer_uuid=id=id
"""
# for GET to work, we need an association present
EnterpriseCustomerIdentityProvider.objects.get_or_create(
provider_id=convert_saml_slug_provider_id(
self.samlproviderconfig.slug),
enterprise_customer_id=ENTERPRISE_ID)
urlbase = reverse('saml_provider_config-list')
query_kwargs = {'enterprise_customer_uuid': ENTERPRISE_ID}
url = f'{urlbase}?{urlencode(query_kwargs)}'
response = self.client.get(url, format='json')
assert response.status_code == status.HTTP_200_OK
results = response.data['results']
assert len(results) == 1
assert results[0]['entity_id'] == SINGLE_PROVIDER_CONFIG['entity_id']
assert results[0]['metadata_source'] == SINGLE_PROVIDER_CONFIG[
'metadata_source']
assert response.data['results'][0][
'country'] == SINGLE_PROVIDER_CONFIG['country']
assert re.match(r"test-slug-\d{4}", results[0]['display_name'])
assert SAMLProviderConfig.objects.count() == 1
def test_create_one_config(self):
"""
POST auth/saml/v0/provider_config/ -d data
"""
url = reverse('saml_provider_config-list')
data = copy.copy(SINGLE_PROVIDER_CONFIG_2)
data['enterprise_customer_uuid'] = ENTERPRISE_ID
orig_count = SAMLProviderConfig.objects.count()
response = self.client.post(url, data)
assert response.status_code == status.HTTP_201_CREATED
assert SAMLProviderConfig.objects.count() == (orig_count + 1)
provider_config = SAMLProviderConfig.objects.get(
slug=SINGLE_PROVIDER_CONFIG_2['slug'])
assert provider_config.name == 'name-of-config-2'
assert provider_config.country == SINGLE_PROVIDER_CONFIG_2['country']
assert provider_config.attr_username == SINGLE_PROVIDER_CONFIG[
'attr_first_name']
assert provider_config.display_name == SINGLE_PROVIDER_CONFIG_2[
'display_name']
# check association has also been created
assert EnterpriseCustomerIdentityProvider.objects.filter(
provider_id=convert_saml_slug_provider_id(provider_config.slug)
).exists(
), 'Cannot find EnterpriseCustomer-->SAMLProviderConfig association'
def test_get_one_config_by_enterprise_uuid_found(self):
"""
GET auth/saml/v0/provider_config/?enterprise_customer_uuid=id=id
"""
# for GET to work, we need an association present
EnterpriseCustomerIdentityProvider.objects.get_or_create(
provider_id=convert_saml_slug_provider_id(
self.samlproviderconfig.slug),
enterprise_customer_id=ENTERPRISE_ID)
urlbase = reverse('saml_provider_config-list')
query_kwargs = {'enterprise_customer_uuid': ENTERPRISE_ID}
url = '{}?{}'.format(urlbase, urlencode(query_kwargs))
response = self.client.get(url, format='json')
self.assertEqual(response.status_code, status.HTTP_200_OK)
results = response.data['results']
self.assertEqual(len(results), 1)
self.assertEqual(results[0]['entity_id'],
SINGLE_PROVIDER_CONFIG['entity_id'])
self.assertEqual(results[0]['metadata_source'],
SINGLE_PROVIDER_CONFIG['metadata_source'])
self.assertEqual(response.data['results'][0]['country'],
SINGLE_PROVIDER_CONFIG['country'])
self.assertEqual(SAMLProviderConfig.objects.count(), 1)
def test_create_one_config(self):
"""
POST auth/saml/v0/provider_config/ -d data
"""
url = reverse('saml_provider_config-list')
data = copy.copy(SINGLE_PROVIDER_CONFIG_2)
data['enterprise_customer_uuid'] = ENTERPRISE_ID
orig_count = SAMLProviderConfig.objects.count()
response = self.client.post(url, data)
self.assertEqual(response.status_code, status.HTTP_201_CREATED)
self.assertEqual(SAMLProviderConfig.objects.count(), orig_count + 1)
provider_config = SAMLProviderConfig.objects.get(
slug=SINGLE_PROVIDER_CONFIG_2['slug'])
self.assertEqual(provider_config.name, 'name-of-config-2')
self.assertEqual(provider_config.country,
SINGLE_PROVIDER_CONFIG_2['country'])
# check association has also been created
self.assertTrue(
EnterpriseCustomerIdentityProvider.objects.filter(
provider_id=convert_saml_slug_provider_id(
provider_config.slug)).exists(),
'Cannot find EnterpriseCustomer-->SAMLProviderConfig association')
def test_create_one_config_fail_non_existent_enterprise_uuid(self):
"""
POST auth/saml/v0/provider_config/ -d data
"""
url = reverse('saml_provider_config-list')
data = copy.copy(SINGLE_PROVIDER_CONFIG_2)
data['enterprise_customer_uuid'] = ENTERPRISE_ID_NON_EXISTENT
orig_count = SAMLProviderConfig.objects.count()
response = self.client.post(url, data)
assert response.status_code == status.HTTP_403_FORBIDDEN
assert SAMLProviderConfig.objects.count() == orig_count
# check association has NOT been created
assert not EnterpriseCustomerIdentityProvider.objects.filter(provider_id=convert_saml_slug_provider_id(SINGLE_PROVIDER_CONFIG_2['slug'])).exists(), 'Did not expect to find EnterpriseCustomer-->SAMLProviderConfig association'
def setUpTestData(cls):
super().setUpTestData()
cls.user = UserFactory.create(username='******', password='******')
cls.site, _ = Site.objects.get_or_create(domain='example.com')
cls.enterprise_customer = EnterpriseCustomer.objects.create(
uuid=ENTERPRISE_ID, name='test-ep', slug='test-ep', site=cls.site)
cls.saml_provider_config, _ = SAMLProviderConfig.objects.get_or_create(
entity_id=SINGLE_PROVIDER_CONFIG['entity_id'],
metadata_source=SINGLE_PROVIDER_CONFIG['metadata_source'])
# the entity_id here must match that of the saml_provider_config
cls.saml_provider_data, _ = SAMLProviderData.objects.get_or_create(
entity_id=SINGLE_PROVIDER_DATA['entity_id'],
sso_url=SINGLE_PROVIDER_DATA['sso_url'],
fetched_at=SINGLE_PROVIDER_DATA['fetched_at'])
cls.enterprise_customer_idp, _ = EnterpriseCustomerIdentityProvider.objects.get_or_create(
provider_id=convert_saml_slug_provider_id(
cls.saml_provider_config.slug),
enterprise_customer_id=ENTERPRISE_ID)
def get_queryset(self):
"""
Find and return the matching providerid for the given enterprise uuid
Note: There is no direct association between samlproviderdata and enterprisecustomer.
So we make that association in code via samlproviderdata > samlproviderconfig ( via entity_id )
then, we fetch enterprisecustomer via samlproviderconfig > enterprisecustomer ( via association table )
"""
if self.requested_enterprise_uuid is None:
raise ParseError('Required enterprise_customer_uuid is missing')
enterprise_customer_idp = get_object_or_404(
EnterpriseCustomerIdentityProvider,
enterprise_customer__uuid=self.requested_enterprise_uuid
)
try:
saml_provider = SAMLProviderConfig.objects.current_set().get(
slug=convert_saml_slug_provider_id(enterprise_customer_idp.provider_id))
except SAMLProviderConfig.DoesNotExist:
raise Http404('No matching SAML provider found.')
return SAMLProviderData.objects.filter(entity_id=saml_provider.entity_id)
