Exemplo n.º 1
0
 def test_signature_mismatch(self):
     saml_request = self.saml_request.format(
         break_digest='',
         signature_value=self.signature_value,
         signed_info=self.signed_info.format(sig_alg=self.sig_alg,
                                             break_signature='broken'),
         certificate=self.cert,
     )
     relay_state = 'relay_state'
     request = HTTPPostRequest(saml_request=saml_request,
                               relay_state=relay_state)
     verifier = HTTPPostSignatureVerifier(self.cert, request)
     with pytest.raises(SignatureVerificationError) as excinfo:
         verifier.verify()
     exc = excinfo.value
     self.assertEqual('Verifica della firma fallita.', exc.args[0])
Exemplo n.º 2
0
 def test_certificate_mismatch(self):
     saml_request = self.saml_request.format(
         break_digest='',
         signature_value=self.signature_value,
         signed_info=self.signed_info.format(sig_alg=self.sig_alg,
                                             break_signature=''),
         certificate='fake cert',
     )
     relay_state = 'relay_state'
     request = HTTPPostRequest(saml_request=saml_request,
                               relay_state=relay_state)
     verifier = HTTPPostSignatureVerifier(self.cert, request)
     with pytest.raises(SignatureVerificationError) as excinfo:
         verifier.verify()
     exc = excinfo.value
     self.assertEqual(
         'Il certificato X509 contenuto nella request è differente '
         'rispetto a quello contenuto nei metadata del Service Provider.',
         exc.args[0])
Exemplo n.º 3
0
 def test_deprecated_algorithm(self):
     sig_alg = 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'
     saml_request = self.saml_request.format(
         break_digest='',
         signature_value=self.signature_value,
         signed_info=self.signed_info.format(sig_alg=sig_alg,
                                             break_signature=''),
         certificate=self.cert,
     )
     relay_state = 'relay_state'
     request = HTTPPostRequest(saml_request=saml_request,
                               relay_state=relay_state)
     verifier = HTTPPostSignatureVerifier(self.cert, request)
     with pytest.raises(SignatureVerificationError) as excinfo:
         verifier.verify()
     exc = excinfo.value
     self.assertEqual(
         "L'algoritmo 'http://www.w3.org/2000/09/xmldsig#rsa-sha1' è considerato deprecato. "
         "Si prega di utilizzare uno dei seguenti: {}".format(
             self.supported_sig_alg), exc.args[0])
Exemplo n.º 4
0
 def test_unknown_algorithm(self):
     sig_alg = 'unknown_sig_alg'
     saml_request = self.saml_request.format(
         break_digest='',
         signature_value=self.signature_value,
         signed_info=self.signed_info.format(sig_alg=sig_alg,
                                             break_signature=''),
         certificate=self.cert,
     )
     relay_state = 'relay_state'
     request = HTTPPostRequest(saml_request=saml_request,
                               relay_state=relay_state)
     verifier = HTTPPostSignatureVerifier(self.cert, request)
     with pytest.raises(SignatureVerificationError) as excinfo:
         verifier.verify()
     exc = excinfo.value
     self.assertEqual(
         "L'algoritmo 'unknown_sig_alg' è sconosciuto o non supportato. Si prega di "
         "utilizzare uno dei seguenti: {}".format(self.supported_sig_alg),
         exc.args[0])
Exemplo n.º 5
0
 def test_valid_signature(self):
     saml_request = self.saml_request.format(
         break_digest='',
         signature_value=self.signature_value,
         signed_info=self.signed_info.format(sig_alg=self.sig_alg,
                                             break_signature=''),
         certificate=self.cert,
     )
     relay_state = 'relay_state'
     request = HTTPPostRequest(saml_request=saml_request,
                               relay_state=relay_state)
     verifier = HTTPPostSignatureVerifier(self.cert, request)
     self.assertIsNone(verifier.verify())