def test_parse_does_not_raise_exception_when_xml_metadata_does_not_have_display_names(
self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(
fixtures.CORRECT_ONE_IDP_METADATA_WITHOUT_DISPLAY_NAMES)
# Assert
assert isinstance(result, list)
eq_(len(result), 1)
[result] = result
eq_(
result,
IdentityProviderMetadata(
entity_id=fixtures.IDP_1_ENTITY_ID,
ui_info=UIInfo(),
organization=Organization(),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_1_SSO_URL,
fixtures.IDP_1_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))
def _parse_ui_info(self, provider_node):
"""Parses IDPSSODescriptor/SPSSODescriptor's mdui:UIInfo and translates it into UIInfo object
:param provider_node: Parent IDPSSODescriptor/SPSSODescriptor node
:type provider_node: defusedxml.lxml.RestrictedElement
:return: UIInfo object
:rtype: UIInfo
:raise: MetadataParsingError
"""
display_names = self._parse_localizable_metadata_items(
provider_node, './md:Extensions/mdui:UIInfo/mdui:DisplayName')
descriptions = self._parse_localizable_metadata_items(
provider_node, './md:Extensions/mdui:UIInfo/mdui:Description')
information_urls = self._parse_localizable_metadata_items(
provider_node, './md:Extensions/mdui:UIInfo/mdui:InformationURL')
privacy_statement_urls = self._parse_localizable_metadata_items(
provider_node, './md:Extensions/mdui:UIInfo/mdui:PrivacyStatementURL')
logos = self._parse_localizable_metadata_items(
provider_node, './md:Extensions/mdui:UIInfo/mdui:Logo')
ui_info = UIInfo(
display_names,
descriptions,
information_urls,
privacy_statement_urls,
logos
)
return ui_info
import sqlalchemy
from mock import MagicMock, create_autospec, call
from nose.tools import eq_
from parameterized import parameterized
from api.saml.configuration import SAMLConfiguration, SAMLOneLoginConfiguration, SAMLConfigurationStorage
from api.saml.metadata import ServiceProviderMetadata, UIInfo, Service, NameIDFormat, IdentityProviderMetadata, \
Organization
from api.saml.parser import SAMLMetadataParser
from tests.saml import fixtures
from tests.saml.fixtures import strip_certificate
SERVICE_PROVIDER_WITHOUT_CERTIFICATE = ServiceProviderMetadata(
fixtures.SP_ENTITY_ID,
UIInfo(),
Organization(),
NameIDFormat.UNSPECIFIED.value,
Service(fixtures.SP_ACS_URL, fixtures.SP_ACS_BINDING),
)
SERVICE_PROVIDER_WITH_CERTIFICATE = ServiceProviderMetadata(
fixtures.SP_ENTITY_ID,
UIInfo(),
Organization(),
NameIDFormat.UNSPECIFIED.value,
Service(fixtures.SP_ACS_URL, fixtures.SP_ACS_BINDING),
certificate=fixtures.SIGNING_CERTIFICATE,
private_key=fixtures.PRIVATE_KEY)
IDENTITY_PROVIDERS = [
def test_parse_correctly_parses_one_idp_metadata(self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(fixtures.CORRECT_ONE_IDP_METADATA)
# Assert
assert isinstance(result, list)
eq_(len(result), 1)
[result] = result
eq_(
result,
IdentityProviderMetadata(
entity_id=fixtures.IDP_1_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_ES_DISPLAY_NAME, 'es')
], [
LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_DESCRIPTION,
'en')
], [
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_INFORMATION_URL, 'en')
], [
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_PRIVACY_STATEMENT_URL, 'en')
], [LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_LOGO_URL)]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_URL,
'es')
],
),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_1_SSO_URL,
fixtures.IDP_1_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))
def test_parse_correctly_parses_one_sp_metadata(self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(fixtures.CORRECT_ONE_SP_METADATA)
# Assert
assert isinstance(result, list)
eq_(len(result), 1)
[result] = result
eq_(
result,
ServiceProviderMetadata(
entity_id=fixtures.SP_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.SP_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.SP_UI_INFO_ES_DISPLAY_NAME, 'es')
], [
LocalizableMetadataItem(fixtures.SP_UI_INFO_DESCRIPTION,
'en')
], [
LocalizableMetadataItem(
fixtures.SP_UI_INFO_INFORMATION_URL, 'en')
], [
LocalizableMetadataItem(
fixtures.SP_UI_INFO_PRIVACY_STATEMENT_URL, 'en')
], [LocalizableMetadataItem(fixtures.SP_UI_INFO_LOGO_URL)]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
SP_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
SP_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME, 'es')
],
[
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_ES_ORGANIZATION_URL, 'es')
],
),
name_id_format=NameIDFormat.UNSPECIFIED.value,
acs_service=Service(fixtures.SP_ACS_URL,
fixtures.SP_ACS_BINDING),
authn_requests_signed=False,
want_assertions_signed=False,
certificate=strip_certificate(fixtures.SIGNING_CERTIFICATE)))
def test_parse_correctly_parses_metadata_with_multiple_descriptors(self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(fixtures.CORRECT_MULTIPLE_IDPS_METADATA)
# Assert
assert isinstance(result, list)
assert len(result) == 2
eq_(
result[0],
IdentityProviderMetadata(
entity_id=fixtures.IDP_1_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_ES_DISPLAY_NAME, 'es')
]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_URL,
'es')
],
),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_1_SSO_URL,
fixtures.IDP_1_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))
eq_(
result[1],
IdentityProviderMetadata(
entity_id=fixtures.IDP_2_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.IDP_2_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.IDP_2_UI_INFO_ES_DISPLAY_NAME, 'es')
]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
IDP_2_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
IDP_2_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_ES_ORGANIZATION_URL,
'es')
],
),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_2_SSO_URL,
fixtures.IDP_2_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))
import sqlalchemy
from mock import MagicMock, create_autospec, call
from nose.tools import eq_
from parameterized import parameterized
from api.saml.configuration import SAMLConfiguration, SAMLOneLoginConfiguration
from api.saml.metadata import ServiceProviderMetadata, UIInfo, Service, NameIDFormat, IdentityProviderMetadata, \
Organization
from api.saml.parser import SAMLMetadataParser
from core.model.configuration import ConfigurationStorage
from tests.saml import fixtures
from tests.saml.fixtures import strip_certificate
SERVICE_PROVIDER_WITHOUT_CERTIFICATE = ServiceProviderMetadata(
fixtures.SP_ENTITY_ID,
UIInfo(),
Organization(),
NameIDFormat.UNSPECIFIED.value,
Service(fixtures.SP_ACS_URL, fixtures.SP_ACS_BINDING),
)
SERVICE_PROVIDER_WITH_CERTIFICATE = ServiceProviderMetadata(
fixtures.SP_ENTITY_ID,
UIInfo(),
Organization(),
NameIDFormat.UNSPECIFIED.value,
Service(fixtures.SP_ACS_URL, fixtures.SP_ACS_BINDING),
certificate=fixtures.SIGNING_CERTIFICATE,
private_key=fixtures.PRIVATE_KEY
)
from nose.tools import eq_
from parameterized import parameterized
from api.authenticator import PatronData
from api.saml.auth import SAMLAuthenticationManager, SAMLAuthenticationManagerFactory
from api.saml.configuration import SAMLConfiguration, SAMLOneLoginConfiguration
from api.saml.metadata import ServiceProviderMetadata, NameIDFormat, UIInfo, Service, IdentityProviderMetadata, \
LocalizableMetadataItem, Subject, AttributeStatement, SAMLAttributes, SubjectJSONEncoder, Organization, Attribute
from api.saml.parser import SAMLSubjectParser
from api.saml.provider import SAMLWebSSOAuthenticationProvider, SAML_INVALID_SUBJECT
from core.util.problem_detail import ProblemDetail
from tests.saml import fixtures
from tests.saml.controller_test import ControllerTest
SERVICE_PROVIDER = ServiceProviderMetadata(
fixtures.SP_ENTITY_ID, UIInfo(), Organization(),
NameIDFormat.UNSPECIFIED.value,
Service(fixtures.SP_ACS_URL, fixtures.SP_ACS_BINDING))
IDENTITY_PROVIDER_WITH_DISPLAY_NAME = IdentityProviderMetadata(
fixtures.IDP_2_ENTITY_ID,
UIInfo(display_names=[
LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_ES_DISPLAY_NAME, 'es')
],
descriptions=[
LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_DESCRIPTION,
'en'),
LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_DESCRIPTION,
'es')
],