def test_user_can_get_an_identity_provider(self): idp = PROVIDERS.federation_api.create_idp( uuid.uuid4().hex, unit.new_identity_provider_ref()) with self.test_client() as c: c.get('/v3/OS-FEDERATION/identity_providers/%s' % idp['id'], headers=self.headers)
def test_user_cannot_delete_identity_providers(self): idp = PROVIDERS.federation_api.create_idp( uuid.uuid4().hex, unit.new_identity_provider_ref()) with self.test_client() as c: c.delete('/v3/OS-FEDERATION/identity_providers/%s' % idp['id'], headers=self.headers, expected_status_code=http_client.FORBIDDEN)
def test_user_can_update_identity_providers(self): idp = PROVIDERS.federation_api.create_idp( uuid.uuid4().hex, unit.new_identity_provider_ref()) update = {'identity_provider': {'enabled': False}} with self.test_client() as c: c.patch('/v3/OS-FEDERATION/identity_providers/%s' % idp['id'], json=update, headers=self.headers)
def _create_protocol_and_deps(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref()) protocol = unit.new_protocol_ref(mapping_id=mapping['id']) protocol = PROVIDERS.federation_api.create_protocol( identity_provider['id'], protocol['id'], protocol) return (protocol, mapping, identity_provider)
def test_user_can_list_identity_providers(self): expected_idp_ids = [] idp = PROVIDERS.federation_api.create_idp( uuid.uuid4().hex, unit.new_identity_provider_ref()) expected_idp_ids.append(idp['id']) with self.test_client() as c: r = c.get('/v3/OS-FEDERATION/identity_providers', headers=self.headers) for idp in r.json['identity_providers']: self.assertIn(idp['id'], expected_idp_ids)
def _create_protocol_and_deps(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider ) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref() ) protocol = unit.new_protocol_ref(mapping_id=mapping['id']) protocol = PROVIDERS.federation_api.create_protocol( identity_provider['id'], protocol['id'], protocol ) return (protocol, mapping, identity_provider)
def test_user_cannot_create_protocols(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref()) protocol_id = 'saml2' create = {'protocol': {'mapping_id': mapping['id']}} with self.test_client() as c: path = ('/v3/OS-FEDERATION/identity_providers/%s/protocols/%s' % (identity_provider['id'], protocol_id)) c.put(path, json=create, headers=self.headers, expected_status_code=http_client.FORBIDDEN)
def test_user_cannot_create_protocols(self): identity_provider = unit.new_identity_provider_ref() identity_provider = PROVIDERS.federation_api.create_idp( identity_provider['id'], identity_provider ) mapping = PROVIDERS.federation_api.create_mapping( uuid.uuid4().hex, unit.new_mapping_ref() ) protocol_id = 'saml2' create = {'protocol': {'mapping_id': mapping['id']}} with self.test_client() as c: path = ( '/v3/OS-FEDERATION/identity_providers/%s/protocols/%s' % (identity_provider['id'], protocol_id) ) c.put( path, json=create, headers=self.headers, expected_status_code=http_client.FORBIDDEN )