def test_authn_request_http_redirect_bad_signature(self): xml_message = generate_authn_request() encoded_message = deflate_and_base64_encode(xml_message) self.assertEqual(len(self.idp_server.ticket), 0) self.assertEqual(len(self.idp_server.responses), 0) response = self.test_client.get( '/sso-test?SAMLRequest={}&SigAlg={}&Signature=sign'.format( quote(encoded_message), quote(SIG_RSA_SHA256)), follow_redirects=True) self.assertEqual(response.status_code, 200) response_text = response.get_data(as_text=True) self.assertIn('Verifica della firma fallita.', response_text) self.assertEqual(len(self.idp_server.ticket), 0) self.assertEqual(len(self.idp_server.responses), 0)
def test_authn_request_http_redirect_missing_sigalg_and_signature_parameter( self): # See: https://github.com/italia/spid-testenv2/issues/36 xml_message = generate_authn_request() encoded_message = deflate_and_base64_encode(xml_message) self.assertEqual(len(self.idp_server.ticket), 0) self.assertEqual(len(self.idp_server.responses), 0) response = self.test_client.get('/sso-test?SAMLRequest={}'.format( quote(encoded_message), quote(SIG_RSA_SHA256)), follow_redirects=True) self.assertEqual(response.status_code, 200) response_text = response.get_data(as_text=True) self.assertIn('Dato mancante nella request: 'SigAlg'', response_text) self.assertEqual(len(self.idp_server.ticket), 0) self.assertEqual(len(self.idp_server.responses), 0)