def test_missing_data(self):
for key in ['SAMLRequest', 'SigAlg', 'Signature']:
qs = copy(self.querystring)
del qs[key]
parser = HTTPRedirectRequestParser(qs)
with pytest.raises(RequestParserError) as excinfo:
parser.parse()
exc = excinfo.value
self.assertEqual("Dato mancante nella request: '{}'".format(key),
exc.args[0])
def test_decoding_failure(self):
for key in ['SAMLRequest', 'Signature']:
qs = copy(self.querystring)
qs[key] = 'XXX_not_base64_data_XXX'
parser = HTTPRedirectRequestParser(qs)
with pytest.raises(RequestParserError) as excinfo:
parser.parse()
exc = excinfo.value
self.assertEqual(
"Impossibile decodificare l'elemento '{}'".format(key),
exc.args[0])
def test_valid_request(self):
parser = HTTPRedirectRequestParser(self.querystring)
parsed = parser.parse()
self.assertEqual(parsed.saml_request, b'saml_request')
self.assertEqual(parsed.sig_alg, 'sig_alg')
self.assertEqual(parsed.relay_state, 'relay_state')
self.assertEqual(parsed.signature, b'signature')
signed_data = urlencode([
('SAMLRequest', self.querystring['SAMLRequest']),
('RelayState', self.querystring['RelayState']),
('SigAlg', self.querystring['SigAlg']),
]).encode('ascii')
self.assertEqual(parsed.signed_data, signed_data)
def _handle_http_redirect(self, action):
# FIXME: replace the following code with a call to a function
# in the parser.py module after metadata refactoring.
# The IdpServer class should not
# be responsible of request parsing, or know anything
# about request parsing *at all*.
saml_msg = self.unpack_args(request.args)
request_data = HTTPRedirectRequestParser(saml_msg).parse()
deserializer = get_http_redirect_request_deserializer(
request_data, action, self.server.metadata)
saml_tree = deserializer.deserialize()
certs = self._get_certificates_by_issuer(saml_tree.issuer.text)
for cert in certs:
HTTPRedirectSignatureVerifier(cert, request_data).verify()
return SPIDRequest(request_data, saml_tree)
def test_relay_state_is_optional(self):
del self.querystring['RelayState']
parser = HTTPRedirectRequestParser(self.querystring)
parsed = parser.parse()
self.assertIsNone(parsed.relay_state)