def test_check_role_fails(self): a = SAMLAuthenticator() a.allowed_roles = 'group1,group2,group3' assert not a._check_role([]) assert not a._check_role(['nogroup1']) assert not a._check_role(['nogroup1', 'nogroup2'])
def test_get_username_from_saml_doc(self): a = SAMLAuthenticator() assert 'Bluedata' == a._get_username_from_saml_etree( self.verified_signed_xml) assert 'Bluedata' == a._get_username_from_saml_etree( self.response_etree) assert 'Bluedata' == a._get_username_from_saml_doc( self.verified_signed_xml, self.response_etree) a.xpath_username_location = 'string({})'.format( a.xpath_username_location) assert 'Bluedata' == a._get_username_from_saml_etree( self.verified_signed_xml) assert 'Bluedata' == a._get_username_from_saml_etree( self.response_etree) assert 'Bluedata' == a._get_username_from_saml_doc( self.verified_signed_xml, self.response_etree) a.xpath_username_location = 'substring-before({}, "data")'.format( a.xpath_username_location) assert 'Blue' == a._get_username_from_saml_etree( self.verified_signed_xml) assert 'Blue' == a._get_username_from_saml_etree(self.response_etree) assert 'Blue' == a._get_username_from_saml_doc( self.verified_signed_xml, self.response_etree)
def test_malformed_metadata(self): a = SAMLAuthenticator() bad_xml = 'not an xml document' a.metadata_content = bad_xml assert a._get_metadata_from_config() == bad_xml assert a._get_preferred_metadata_from_source() == bad_xml assert a._get_saml_metadata_etree() is None
def test_no_xpath_no_roles_run_default(self): a = SAMLAuthenticator() a._valid_roles_in_assertion = unittest.mock.create_autospec( MagicMock(name='_valid_roles_in_assertion')) a.log.warning = MagicMock(name='warning') assert a._valid_config_and_roles(None, None) a._valid_roles_in_assertion.assert_not_called() a.log.warning.assert_not_called()
def test_xpath_roles_call_methods_false_return(self): a = SAMLAuthenticator() a._valid_roles_in_assertion = MagicMock( name='_valid_roles_in_assertion', return_value=False) a.log.warning = MagicMock(name='warning') a.allowed_roles = 'group1' a.xpath_role_location = 'value' assert a._valid_config_and_roles(None, None) == False a._valid_roles_in_assertion.assert_called_once_with(None, None) a.log.warning.assert_not_called()
def test_get_roles_from_saml_doc(self): a = SAMLAuthenticator() a.xpath_role_location = '//saml:AttributeStatement/saml:Attribute[@Name="Roles"]/saml:AttributeValue/text()' assert self.sorted_roles == sorted( a._get_roles_from_saml_etree(self.verified_signed_xml)) assert self.sorted_roles == sorted( a._get_roles_from_saml_etree(self.response_etree)) assert self.sorted_roles == sorted( a._get_roles_from_saml_doc(self.verified_signed_xml, self.response_etree))