def test_check_role_fails(self):
a = SAMLAuthenticator()
a.allowed_roles = 'group1,group2,group3'
assert not a._check_role([])
assert not a._check_role(['nogroup1'])
assert not a._check_role(['nogroup1', 'nogroup2'])
def test_xpath_roles_call_methods_false_return(self):
a = SAMLAuthenticator()
a._valid_roles_in_assertion = MagicMock(
name='_valid_roles_in_assertion', return_value=False)
a.log.warning = MagicMock(name='warning')
a.allowed_roles = 'group1'
a.xpath_role_location = 'value'
assert a._valid_config_and_roles(None, None) == False
a._valid_roles_in_assertion.assert_called_once_with(None, None)
a.log.warning.assert_not_called()
def test_no_xpath_roles(self):
a = SAMLAuthenticator()
a.allowed_roles = 'value'
a._valid_roles_in_assertion = unittest.mock.create_autospec(
MagicMock(name='_valid_roles_in_assertion'))
a.log.warning = MagicMock(name='warning')
assert a._valid_config_and_roles(None, None)
a._valid_roles_in_assertion.assert_not_called()
print(a.log.warning.call_args_list)
a.log.warning.assert_called()
a.log.warning.assert_any_call(a._const_warn_explain)
a.log.warning.assert_any_call(a._const_warn_no_role_xpath)
def test_no_allowed_roles(self):
with patch('samlauthenticator.samlauthenticator.datetime'
) as mock_datetime:
mock_datetime.now.return_value = datetime(2020,
7,
1,
23,
0,
0,
tzinfo=timezone.utc)
mock_datetime.strptime = datetime.strptime
a = SAMLAuthenticator()
a.metadata_content = test_constants.sample_metadata_xml
a.xpath_role_location = '//saml:AttributeStatement/saml:Attribute[@Name="Roles"]/saml:AttributeValue/text()'
# The included XML should not have either of these roles.
a.allowed_roles = 'allowed_role_1,allowed_role_2'
assert a._authenticate(
None, {
a.login_post_field:
test_constants.b64encoded_response_xml_with_roles
}) is None
mock_datetime.now.assert_called_once_with(timezone.utc)
def test_check_role(self):
a = SAMLAuthenticator()
a.allowed_roles = 'group1'
assert a._check_role(['group1'])
assert a._check_role(['group1', 'group2'])
