예제 #1
0
 def test06NotBeforeConditionInvalid(self):
     utcNow = datetime.utcnow()
     respDict = {
         'issueInstant': SAMLDateTime.toString(utcNow),
         'assertionIssueInstant': SAMLDateTime.toString(utcNow),
         'notBefore': SAMLDateTime.toString(utcNow + timedelta(seconds=1)),
         'notOnOrAfter': SAMLDateTime.toString(utcNow + timedelta(
                                                         seconds=60*60*8))
     }
     responseStr = self.__class__.RESPONSE % respDict
     response = self._parseResponse(responseStr)
     binding = SubjectQuerySOAPBinding()
     try:
         binding._verifyTimeConditions(response)
         self.fail("Expecting issue instant timestamp error")
     except AssertionConditionNotBeforeInvalid, e:
         print("PASSED: %s" % e)
예제 #2
0
 def test04AssertionConditionExpired(self):
     # issued 9 hours ago
     issueInstant = datetime.utcnow() - timedelta(seconds=60*60*9)
     respDict = {
         'issueInstant': SAMLDateTime.toString(issueInstant),
         'assertionIssueInstant': SAMLDateTime.toString(issueInstant),
         'notBefore': SAMLDateTime.toString(issueInstant),
         # It lasts for 8 hours so it's expired by one hour
         'notOnOrAfter': SAMLDateTime.toString(issueInstant + timedelta(
                                                         seconds=60*60*8))
     }
     responseStr = self.__class__.RESPONSE % respDict
     response = self._parseResponse(responseStr)
     binding = SubjectQuerySOAPBinding()
     try:
         binding._verifyTimeConditions(response)
         self.fail("Expecting not on or after timestamp error")
     except AssertionConditionNotOnOrAfterInvalid, e:
         print("PASSED: %s" % e)
예제 #3
0
 def test07ClockSkewCorrectedAssertionIssueInstantInvalid(self):
     utcNow = datetime.utcnow()
     respDict = {
         'issueInstant': SAMLDateTime.toString(utcNow),
         'assertionIssueInstant': SAMLDateTime.toString(utcNow + timedelta(
                                                                 seconds=1)),
         'notBefore': SAMLDateTime.toString(utcNow),
         'notOnOrAfter': SAMLDateTime.toString(utcNow + timedelta(
                                                         seconds=60*60*8))
     }
     responseStr = self.__class__.RESPONSE % respDict
     response = self._parseResponse(responseStr)
     binding = SubjectQuerySOAPBinding()
     
     # Set a skew to correct the error
     binding.clockSkewTolerance = 1
     
     try:
         binding._verifyTimeConditions(response)
     except AssertionIssueInstantInvalid, e:
         self.fail("issue instant timestamp error should be corrected for")
예제 #4
0
 def test08ClockSkewCorrectedAssertionConditionExpired(self):
     # Issued 9 hours ago
     issueInstant = datetime.utcnow() - timedelta(seconds=60*60*9)
     respDict = {
         'issueInstant': SAMLDateTime.toString(issueInstant),
         'assertionIssueInstant': SAMLDateTime.toString(issueInstant),
         'notBefore': SAMLDateTime.toString(issueInstant),
         # Assertion lasts 8 hours so it has expired by one hour
         'notOnOrAfter': SAMLDateTime.toString(issueInstant + timedelta(
                                                         seconds=60*60*8))
     }
     responseStr = self.__class__.RESPONSE % respDict
     response = self._parseResponse(responseStr)
     binding = SubjectQuerySOAPBinding()
     
     # Set a skew of over one hour to correct for the assertion expiry
     binding.clockSkewTolerance = 60*60 + 3
     
     try:
         binding._verifyTimeConditions(response)
         
     except AssertionConditionNotOnOrAfterInvalid:
         self.fail("Not on or after timestamp error should be corrected for")