def test_assertion_consumer_service_no_session(self):
settings.SAML_CONFIG = conf.create_conf(
sp_host='sp.example.com',
idp_hosts=['idp.example.com'],
metadata_file='remote_metadata_one_idp.xml',
)
# session_id should start with a letter since it is a NCName
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
self.add_outstanding_query(session_id, came_from)
# Authentication is confirmed.
saml_response = auth_response(session_id, 'student')
response = self.client.post(
reverse('saml2_acs'), {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
self.assertEqual(response.status_code, 302)
location = response['Location']
url = urlparse(location)
self.assertEqual(url.path, came_from)
# Session should no longer be in outstanding queries.
saml_response = auth_response(session_id, 'student')
response = self.client.post(
reverse('saml2_acs'), {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
self.assertEqual(response.status_code, 403)
def test_assertion_consumer_service_no_session(self):
settings.SAML_CONFIG = conf.create_conf(
sp_host='sp.example.com',
idp_hosts=['idp.example.com'],
metadata_file='remote_metadata_one_idp.xml',
)
# session_id should start with a letter since it is a NCName
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
self.add_outstanding_query(session_id, came_from)
# Authentication is confirmed.
saml_response = auth_response(session_id, 'student')
response = self.client.post(reverse('saml2_acs'), {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
self.assertEqual(response.status_code, 302)
location = response['Location']
url = urlparse(location)
self.assertEqual(url.path, came_from)
# Session should no longer be in outstanding queries.
saml_response = auth_response(session_id, 'student')
response = self.client.post(reverse('saml2_acs'), {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
self.assertEqual(response.status_code, 403)
def test_assertion_consumer_service(self):
# Get initial number of users
initial_user_count = User.objects.count()
settings.SAML_CONFIG = conf.create_conf(
sp_host='sp.example.com',
idp_hosts=['idp.example.com'],
metadata_file='remote_metadata_one_idp.xml',
)
response = self.client.get(reverse('saml2_login'))
saml2_req = saml2_from_httpredirect_request(response.url)
session_id = get_session_id_from_saml2(saml2_req)
# session_id should start with a letter since it is a NCName
came_from = '/another-view/'
self.add_outstanding_query(session_id, came_from)
# this will create a user
saml_response = auth_response(session_id, 'student')
_url = reverse('saml2_acs')
response = self.client.post(
_url, {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
self.assertEqual(response.status_code, 302)
location = response['Location']
url = urlparse(location)
self.assertEqual(url.path, came_from)
self.assertEqual(User.objects.count(), initial_user_count + 1)
user_id = self.client.session[SESSION_KEY]
user = User.objects.get(id=user_id)
self.assertEqual(user.username, 'student')
# let's create another user and log in with that one
new_user = User.objects.create(username='******', password='******')
# session_id = "a1111111111111111111111111111111"
client = Client()
response = client.get(reverse('saml2_login'))
saml2_req = saml2_from_httpredirect_request(response.url)
session_id = get_session_id_from_saml2(saml2_req)
came_from = '' # bad, let's see if we can deal with this
saml_response = auth_response(session_id, 'teacher')
self.add_outstanding_query(session_id, '/')
response = client.post(
reverse('saml2_acs'), {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
self.assertEqual(response.status_code, 302)
location = response['Location']
url = urlparse(location)
# as the RelayState is empty we have redirect to LOGIN_REDIRECT_URL
self.assertEqual(url.path, settings.LOGIN_REDIRECT_URL)
self.assertEqual(force_text(new_user.id), client.session[SESSION_KEY])
def test_assertion_consumer_service(self):
# Get initial number of users
initial_user_count = User.objects.count()
settings.SAML_CONFIG = conf.create_conf(
sp_host='sp.example.com',
idp_hosts=['idp.example.com'],
metadata_file='remote_metadata_one_idp.xml',
)
self.init_cookies()
# session_id should start with a letter since it is a NCName
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
self.add_outstanding_query(session_id, came_from)
# this will create a user
saml_response = auth_response(session_id, 'student')
response = self.client.post(
'/acs/', {
'SAMLResponse': base64.b64encode(saml_response),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
location = response['Location']
url = urlparse.urlparse(location)
self.assertEquals(url.hostname, 'testserver')
self.assertEquals(url.path, came_from)
self.assertEquals(User.objects.count(), initial_user_count + 1)
user_id = self.client.session[SESSION_KEY]
user = User.objects.get(id=user_id)
self.assertEquals(user.username, 'student')
# let's create another user and log in with that one
new_user = User.objects.create(username='******', password='******')
session_id = "a1111111111111111111111111111111"
came_from = '' # bad, let's see if we can deal with this
saml_response = auth_response(session_id, 'teacher')
self.add_outstanding_query(session_id, '/')
response = self.client.post(
'/acs/', {
'SAMLResponse': base64.b64encode(saml_response),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
location = response['Location']
url = urlparse.urlparse(location)
self.assertEquals(url.hostname, 'testserver')
# as the RelayState is empty we have redirect to LOGIN_REDIRECT_URL
self.assertEquals(url.path, '/accounts/profile/')
self.assertEquals(new_user.id, self.client.session[SESSION_KEY])
def test_assertion_consumer_service(self):
# Get initial number of users
initial_user_count = User.objects.count()
settings.SAML_CONFIG = conf.create_conf(
sp_host='sp.example.com',
idp_hosts=['idp.example.com'],
metadata_file='remote_metadata_one_idp.xml',
)
self.init_cookies()
# session_id should start with a letter since it is a NCName
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
self.add_outstanding_query(session_id, came_from)
# this will create a user
saml_response = auth_response(session_id, 'student')
response = self.client.post('/acs/', {
'SAMLResponse': base64.b64encode(saml_response),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
location = response['Location']
url = urlparse.urlparse(location)
self.assertEquals(url.hostname, 'testserver')
self.assertEquals(url.path, came_from)
self.assertEquals(User.objects.count(), initial_user_count + 1)
user_id = self.client.session[SESSION_KEY]
user = User.objects.get(id=user_id)
self.assertEquals(user.username, 'student')
# let's create another user and log in with that one
new_user = User.objects.create(username='******', password='******')
session_id = "a1111111111111111111111111111111"
came_from = '' # bad, let's see if we can deal with this
saml_response = auth_response(session_id, 'teacher')
self.add_outstanding_query(session_id, '/')
response = self.client.post('/acs/', {
'SAMLResponse': base64.b64encode(saml_response),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
location = response['Location']
url = urlparse.urlparse(location)
self.assertEquals(url.hostname, 'testserver')
# as the RelayState is empty we have redirect to LOGIN_REDIRECT_URL
self.assertEquals(url.path, '/accounts/profile/')
self.assertEquals(new_user.id, self.client.session[SESSION_KEY])
def test_assertion_consumer_service(self):
# Get initial number of users
initial_user_count = User.objects.count()
settings.SAML_CONFIG = conf.create_conf(sp_host='sp.example.com',
idp_hosts=['idp.example.com'])
config = get_config()
# session_id should start with a letter since it is a NCName
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
saml_response = auth_response({'uid': 'student'}, session_id, config)
self.init_cookies()
self.add_outstanding_query(session_id, came_from)
# this will create a user
response = self.client.post(
'/acs/', {
'SAMLResponse': base64.b64encode(str(saml_response)),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
location = response['Location']
url = urlparse.urlparse(location)
self.assertEquals(url.hostname, 'testserver')
self.assertEquals(url.path, came_from)
self.assertEquals(User.objects.count(), initial_user_count + 1)
user_id = self.client.session[SESSION_KEY]
user = User.objects.get(id=user_id)
self.assertEquals(user.username, 'student')
# let's create another user and log in with that one
new_user = User.objects.create(username='******', password='******')
session_id = "a1111111111111111111111111111111"
came_from = '/'
saml_response = auth_response({'uid': 'teacher'}, session_id, config)
self.add_outstanding_query(session_id, came_from)
response = self.client.post(
'/acs/', {
'SAMLResponse': base64.b64encode(str(saml_response)),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
self.assertEquals(new_user.id, self.client.session[SESSION_KEY])
def test_assertion_consumer_service(self):
# Get initial number of users
initial_user_count = User.objects.count()
settings.SAML_CONFIG = conf.create_conf(sp_host='sp.example.com',
idp_hosts=['idp.example.com'])
config = get_config()
# session_id should start with a letter since it is a NCName
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
saml_response = auth_response({'uid': 'student'}, session_id, config)
self.init_cookies()
self.add_outstanding_query(session_id, came_from)
# this will create a user
response = self.client.post('/acs/', {
'SAMLResponse': base64.b64encode(str(saml_response)),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
location = response['Location']
url = urlparse.urlparse(location)
self.assertEquals(url.hostname, 'testserver')
self.assertEquals(url.path, came_from)
self.assertEquals(User.objects.count(), initial_user_count + 1)
user_id = self.client.session[SESSION_KEY]
user = User.objects.get(id=user_id)
self.assertEquals(user.username, 'student')
# let's create another user and log in with that one
new_user = User.objects.create(username='******', password='******')
session_id = "a1111111111111111111111111111111"
came_from = '/'
saml_response = auth_response({'uid': 'teacher'}, session_id, config)
self.add_outstanding_query(session_id, came_from)
response = self.client.post('/acs/', {
'SAMLResponse': base64.b64encode(str(saml_response)),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
self.assertEquals(new_user.id, self.client.session[SESSION_KEY])
def do_login(self):
"""Auxiliary method used in several tests (mainly logout tests)"""
config = get_config()
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
saml_response = auth_response({'uid': 'student'}, session_id, config)
self.init_cookies()
self.add_outstanding_query(session_id, came_from)
# this will create a user
response = self.client.post('/acs/', {
'SAMLResponse': base64.b64encode(str(saml_response)),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
def do_login(self):
"""Auxiliary method used in several tests (mainly logout tests)"""
config = get_config()
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
saml_response = auth_response({'uid': 'student'}, session_id, config)
self.init_cookies()
self.add_outstanding_query(session_id, came_from)
# this will create a user
response = self.client.post('/acs/', {
'SAMLResponse': base64.b64encode(str(saml_response)),
'RelayState': came_from,
})
self.assertEquals(response.status_code, 302)
def do_login(self):
"""Auxiliary method used in several tests (mainly logout tests)"""
self.init_cookies()
session_id = "a0123456789abcdef0123456789abcdef"
came_from = '/another-view/'
self.add_outstanding_query(session_id, came_from)
saml_response = auth_response(session_id, 'student')
# this will create a user
response = self.client.post(reverse('saml2_acs'), {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
self.assertEqual(response.status_code, 302)
def do_login(self):
"""Auxiliary method used in several tests (mainly logout tests)"""
self.init_cookies()
response = self.client.get(reverse('saml2_login'))
saml2_req = saml2_from_httpredirect_request(response.url)
session_id = get_session_id_from_saml2(saml2_req)
# session_id should start with a letter since it is a NCName
came_from = '/another-view/'
self.add_outstanding_query(session_id, came_from)
saml_response = auth_response(session_id, 'student')
# this will create a user
response = self.client.post(
reverse('saml2_acs'), {
'SAMLResponse': self.b64_for_post(saml_response),
'RelayState': came_from,
})
subject_id = get_subject_id_from_saml2(saml_response)
self.assertEqual(response.status_code, 302)
return subject_id
