def test_pop_light_response_not_found(self):
self.cache_mock.get_and_remove.return_value = None
self.assertIsNone(self.storage.pop_light_response('abc'))
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache(self.RESPONSE_CACHE_NAME),
call.get_cache().get_and_remove('abc')
])
def test_put_without_prefix(self):
storage = AuxiliaryIgniteStorage(self.HOST, self.PORT, self.CACHE_NAME,
33)
storage.put('abc', {"foo": True})
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache(self.CACHE_NAME),
call.get_cache().put('abc', '{"foo": true}')
])
def test_get_cache_single_client_created(self):
storage = AuxiliaryIgniteStorage(self.HOST, self.PORT, self.CACHE_NAME,
33, self.PREFIX)
self.assertIs(storage.get_cache("cache1"), self.cache_mock)
self.assertIs(storage.get_cache("cache2"), self.cache_mock)
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache("cache1"),
call.get_cache("cache2")
])
def test_get_cache_single_client_created(self):
self.assertIs(self.storage.get_cache(self.REQUEST_CACHE_NAME),
self.cache_mock)
self.assertIs(self.storage.get_cache(self.RESPONSE_CACHE_NAME),
self.cache_mock)
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache(self.REQUEST_CACHE_NAME),
call.get_cache(self.RESPONSE_CACHE_NAME)
])
def test_pop_without_prefix(self):
self.cache_mock.get_and_remove.return_value = '{"foo": true}'
storage = AuxiliaryIgniteStorage(self.HOST, self.PORT, self.CACHE_NAME,
33)
self.assertEqual(storage.pop('abc'), {"foo": True})
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache(self.CACHE_NAME),
call.get_cache().get_and_remove('abc')
])
def test_pop_not_found(self):
self.cache_mock.get_and_remove.return_value = None
storage = AuxiliaryIgniteStorage(self.HOST, self.PORT, self.CACHE_NAME,
33, self.PREFIX)
self.assertIsNone(storage.pop('abc'))
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache(self.CACHE_NAME),
call.get_cache().get_and_remove('test-prefix-abc')
])
def test_put_light_response(self):
with cast(TextIO, (DATA_DIR / 'light_response.xml').open('r')) as f:
data = f.read()
response = LightResponse.load_xml(parse_xml(data))
self.storage.put_light_response('abc', response)
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache(self.RESPONSE_CACHE_NAME),
call.get_cache().put('abc', data)
])
def test_pop_light_response_found(self):
with cast(BinaryIO, (DATA_DIR / 'light_response.xml').open('rb')) as f:
data = f.read()
self.cache_mock.get_and_remove.return_value = data.decode('utf-8')
self.assertEqual(LightResponse.load_xml(parse_xml(data)),
self.storage.pop_light_response('abc'))
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=33)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect(self.HOST, self.PORT),
call.get_cache(self.RESPONSE_CACHE_NAME),
call.get_cache().get_and_remove('abc')
])
def test_post_load_auxiliary_data(self):
with cast(BinaryIO, (DATA_DIR / 'saml_response.xml').open('rb')) as f:
saml_request_xml = f.read()
self.cache_mock.get_and_remove.return_value = "{}"
response = self.client.post(self.url, {'SAMLResponse': b64encode(saml_request_xml).decode('ascii'),
'RelayState': 'relay123'})
self.assertEqual(response.status_code, 200)
self.maxDiff = None
self.assertSequenceEqual(self.client_mock.mock_calls[:4], [
call.connect('test.example.net', 1234),
call.get_cache('aux-cache'),
call.get_cache().get_and_remove('aux-test-saml-request-id'),
call.connect('test.example.net', 1234)])
def test_post_load_auxiliary_data(self):
self.maxDiff = None
light_response = self.get_light_response()
self.cache_mock.get_and_remove.side_effect = [
dump_xml(light_response.export_xml()).decode('utf-8'),
"{}",
]
token, encoded = self.get_token()
response = self.client.post(self.url, {'test_response_token': encoded})
self.assertEqual(response.status_code, 200)
self.maxDiff = None
self.assertSequenceEqual(self.client_mock.mock_calls[-3:], [
call.connect('test.example.net', 1234),
call.get_cache('aux-cache'),
call.get_cache().get_and_remove('aux-test-saml-request-id')
])
def test_get_light_request_success(self):
orig_light_request = LightRequest(**LIGHT_REQUEST_DICT)
self.cache_mock.get_and_remove.return_value = dump_xml(orig_light_request.export_xml()).decode('utf-8')
token, encoded = self.get_token()
view = ProxyServiceRequestView()
view.request = self.factory.post(self.url, {'test_token': encoded})
view.light_token = token
view.storage = IgniteStorage('test.example.net', 1234, 'test-proxy-service-request-cache', '')
light_request = view.get_light_request()
self.assertEqual(light_request, orig_light_request)
self.maxDiff = None
self.assertEqual(self.client_mock.mock_calls,
[call.connect('test.example.net', 1234),
call.get_cache('test-proxy-service-request-cache'),
call.get_cache().get_and_remove('request-token-id')])
def test_get_light_response_success(self):
orig_light_response = self.get_light_response()
self.cache_mock.get_and_remove.return_value = dump_xml(
orig_light_response.export_xml()).decode('utf-8')
token, encoded = self.get_token()
view = ConnectorResponseView()
view.request = self.factory.post(self.url, {'test_token': encoded})
view.light_token = token
view.storage = IgniteStorage('test.example.net', 1234, '',
'test-connector-response-cache')
light_response = view.get_light_response()
self.assertEqual(light_response, orig_light_response)
self.maxDiff = None
self.assertEqual(self.client_mock.mock_calls, [
call.connect('test.example.net', 1234),
call.get_cache('test-connector-response-cache'),
call.get_cache().get_and_remove('response-token-id')
])
def test_post_success(self, uuid_mock: MagicMock):
with cast(BinaryIO, (DATA_DIR / 'saml_response.xml').open('rb')) as f:
saml_request_xml = f.read()
response = self.client.post(self.url, {'SAMLResponse': b64encode(saml_request_xml).decode('ascii'),
'RelayState': 'relay123'})
# Context
self.assertIn('token', response.context)
self.assertEqual(response.context['token_parameter'], 'test_token')
self.assertEqual(response.context['eidas_url'], 'https://test.example.net/SpecificProxyServiceResponse')
self.assertEqual(response.context['error'], None)
# Token
encoded_token = response.context['token']
token = LightToken.decode(encoded_token, 'sha256', 'response-token-secret')
self.assertEqual(token.id, 'T0uuid4')
self.assertEqual(token.issuer, 'response-token-issuer')
self.assertEqual(token.created, datetime(2017, 12, 11, 14, 12, 5))
# Storing light response
light_response_data = LIGHT_RESPONSE_DICT.copy()
light_response_data.update({
'status': Status(**light_response_data['status']),
'id': 'test-saml-response-id', # Preserved
'in_response_to_id': 'test-saml-request-id', # Preserved
'issuer': 'https://test.example.net/node-proxy-service-response', # Replaced
})
light_response = LightResponse(**light_response_data)
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=66)])
self.assertEqual(self.client_mock.mock_calls,
[call.connect('test.example.net', 1234),
call.get_cache('test-proxy-service-response-cache'),
call.get_cache().put('T0uuid4', dump_xml(light_response.export_xml()).decode('utf-8'))])
# Rendering
self.assertContains(response, 'Redirect to eIDAS Node is in progress')
self.assertContains(response,
'<form class="auto-submit" action="https://test.example.net/SpecificProxyServiceResponse"')
self.assertContains(response, '<input type="hidden" name="test_token" value="{}"'.format(encoded_token))
self.assertNotIn(b'An error occurred', response.content)
def test_post_remember_name_id_format(self):
request = LightRequest(**LIGHT_REQUEST_DICT)
self.cache_mock.get_and_remove.return_value = dump_xml(request.export_xml()).decode('utf-8')
token, encoded = self.get_token()
response = self.client.post(self.url, {'test_token': encoded})
self.assertEqual(response.status_code, 200)
self.assertEqual(
self.client_mock.mock_calls,
[
call.connect('test.example.net', 1234),
call.get_cache('test-proxy-service-request-cache'),
call.get_cache().get_and_remove('request-token-id'),
call.connect('test.example.net', 1234),
call.get_cache('aux-cache'),
call.get_cache().put(
'aux-test-light-request-id',
'{"name_id_format": "urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"}'
),
]
)
def test_post_remember_country_codes(self):
request = LightRequest(**LIGHT_REQUEST_DICT)
self.cache_mock.get_and_remove.return_value = dump_xml(request.export_xml()).decode('utf-8')
token, encoded = self.get_token()
response = self.client.post(self.url, {'test_token': encoded})
self.assertEqual(response.status_code, 200)
self.assertEqual(
self.client_mock.mock_calls,
[
call.connect('test.example.net', 1234),
call.get_cache('test-proxy-service-request-cache'),
call.get_cache().get_and_remove('request-token-id'),
call.connect('test.example.net', 1234),
call.get_cache('aux-cache'),
call.get_cache().put(
'aux-test-light-request-id',
'{"citizen_country": "CA", "origin_country": "CA"}'
),
]
)
def test_post_remember_country_codes(self, uuid_mock):
self.maxDiff = None
saml_request_xml, saml_request_encoded = self.load_saml_request(
signed=True)
light_request = LightRequest(**LIGHT_REQUEST_DICT)
light_request.issuer = 'https://example.net/EidasNode/ConnectorMetadata'
self.cache_mock.get_and_remove.return_value = dump_xml(
light_request.export_xml()).decode('utf-8')
response = self.client.post(
self.url, {
'SAMLRequest': saml_request_encoded,
'RelayState': 'relay123',
'country_param': 'ca'
})
self.assertEqual(response.status_code, 200)
self.assertSequenceEqual(self.client_mock.mock_calls[-3:], [
call.connect('test.example.net', 1234),
call.get_cache('aux-cache'),
call.get_cache().put(
'aux-test-saml-request-id',
'{"citizen_country": "CA", "origin_country": "CA"}'),
])
def test_post_success(self, uuid_mock: MagicMock):
self.maxDiff = None
saml_request_xml, saml_request_encoded = self.load_saml_request(
signed=True)
light_request = LightRequest(**LIGHT_REQUEST_DICT)
light_request.issuer = 'https://example.net/EidasNode/ConnectorMetadata'
self.cache_mock.get_and_remove.return_value = dump_xml(
light_request.export_xml()).decode('utf-8')
response = self.client.post(
self.url, {
'SAMLRequest': saml_request_encoded,
'RelayState': 'relay123',
'country_param': 'ca'
})
# Context
self.assertIn('token', response.context)
self.assertEqual(response.context['token_parameter'],
'test_request_token')
self.assertEqual(response.context['eidas_url'],
'http://test.example.net/SpecificConnectorRequest')
self.assertEqual(response.context['error'], None)
# Token
encoded_token = response.context['token']
token = LightToken.decode(encoded_token, 'sha256',
'request-token-secret')
self.assertEqual(token.id, 'T0uuid4')
self.assertEqual(token.issuer, 'request-token-issuer')
self.assertEqual(token.created, datetime(2017, 12, 11, 14, 12, 5))
# Storing light request
light_request_data = LIGHT_REQUEST_DICT.copy()
light_request_data.update({
'id': 'test-saml-request-id',
'issuer': 'test-connector-request-issuer',
})
light_request = LightRequest(**light_request_data)
light_request.requested_attributes = light_request.requested_attributes.copy(
)
del light_request.requested_attributes[
'http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute']
del light_request.requested_attributes[
'http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute']
self.assertEqual(self.client_class_mock.mock_calls, [call(timeout=66)])
self.assertEqual(self.client_mock.mock_calls, [
call.connect('test.example.net', 1234),
call.get_cache('test-connector-request-cache'),
call.get_cache().put(
'T0uuid4',
dump_xml(light_request.export_xml()).decode('utf-8'))
])
# Rendering
self.assertContains(response, 'Redirect to eIDAS Node is in progress')
self.assertContains(response, 'eidas_node/connector/formautosubmit.js')
self.assertContains(
response, '<form class="auto-submit" '
'action="http://test.example.net/SpecificConnectorRequest"')
self.assertContains(
response,
'<input type="hidden" name="test_request_token" value="{}"'.format(
encoded_token))
self.assertNotIn(b'An error occurred', response.content)