def test_parse_does_not_raise_exception_when_xml_metadata_does_not_have_display_names( self): # Arrange metadata_parser = SAMLMetadataParser() # Act result = metadata_parser.parse( fixtures.CORRECT_ONE_IDP_METADATA_WITHOUT_DISPLAY_NAMES) # Assert assert isinstance(result, list) eq_(len(result), 1) [result] = result eq_( result, IdentityProviderMetadata( entity_id=fixtures.IDP_1_ENTITY_ID, ui_info=UIInfo(), organization=Organization(), name_id_format=fixtures.NAME_ID_FORMAT_1, sso_service=Service(fixtures.IDP_1_SSO_URL, fixtures.IDP_1_SSO_BINDING), want_authn_requests_signed=False, signing_certificates=[ strip_certificate(fixtures.SIGNING_CERTIFICATE) ], encryption_certificates=[ strip_certificate(fixtures.ENCRYPTION_CERTIFICATE) ]))
def test_parse_raises_exception_when_xml_metadata_has_incorrect_format( self): # Arrange metadata_parser = SAMLMetadataParser() # Act metadata_parser.parse(fixtures.INCORRECT_XML)
def test_parse_raises_exception_when_sp_metadata_does_not_contain_acs_service( self): # Arrange metadata_parser = SAMLMetadataParser() # Act metadata_parser.parse( fixtures.INCORRECT_ONE_SP_METADATA_WITHOUT_ACS_SERVICE)
def test_parse_raises_exception_when_idp_metadata_contains_sso_service_with_wrong_binding( self): # Arrange metadata_parser = SAMLMetadataParser() # Act metadata_parser.parse( fixtures. INCORRECT_ONE_IDP_METADATA_WITH_SSO_SERVICE_WITH_WRONG_BINDING)
def test_validate(self, name, sp_xml_metadata, idp_xml_metadata, expected_validation_result): # Arrange submitted_form_data = MultiDict() if sp_xml_metadata is not None: submitted_form_data.add( configuration.SAMLConfiguration.SP_XML_METADATA, sp_xml_metadata) if idp_xml_metadata is not None: submitted_form_data.add( configuration.SAMLConfiguration.IDP_XML_METADATA, idp_xml_metadata) submitted_form = {'form': submitted_form_data} settings = SAMLWebSSOAuthenticationProvider.SETTINGS metadata_parser = SAMLMetadataParser() validator = SAMLSettingsValidator(metadata_parser) # Act result = validator.validate(settings, submitted_form) # Assert if isinstance(result, ProblemDetail): eq_(result.response, expected_validation_result.response) else: eq_(result, expected_validation_result)
def create(self, integration_owner): """ Creates a new instance of SAMLAuthenticationManager class :param integration_owner: External integration owner :type integration_owner: api.saml.configuration.ExternalIntegrationOwner :return: SAML authentication manager :rtype: SAMLAuthenticationManager """ configuration_storage = ConfigurationStorage(integration_owner) configuration = SAMLConfiguration(configuration_storage, SAMLMetadataParser()) onelogin_configuration = SAMLOneLoginConfiguration(configuration) subject_parser = SAMLSubjectParser() authentication_manager = SAMLAuthenticationManager(onelogin_configuration, subject_parser) return authentication_manager
def validator_factory(): return SAMLSettingsValidator(SAMLMetadataParser())
def test_parse_correctly_parses_one_idp_metadata(self): # Arrange metadata_parser = SAMLMetadataParser() # Act result = metadata_parser.parse(fixtures.CORRECT_ONE_IDP_METADATA) # Assert assert isinstance(result, list) eq_(len(result), 1) [result] = result eq_( result, IdentityProviderMetadata( entity_id=fixtures.IDP_1_ENTITY_ID, ui_info=UIInfo([ LocalizableMetadataItem( fixtures.IDP_1_UI_INFO_EN_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures.IDP_1_UI_INFO_ES_DISPLAY_NAME, 'es') ], [ LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_DESCRIPTION, 'en') ], [ LocalizableMetadataItem( fixtures.IDP_1_UI_INFO_INFORMATION_URL, 'en') ], [ LocalizableMetadataItem( fixtures.IDP_1_UI_INFO_PRIVACY_STATEMENT_URL, 'en') ], [LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_LOGO_URL)]), organization=Organization( [ LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_NAME, 'en'), LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_NAME, 'es') ], [ LocalizableMetadataItem( fixtures. IDP_1_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures. IDP_1_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME, 'es') ], [ LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_URL, 'en'), LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_URL, 'es') ], ), name_id_format=fixtures.NAME_ID_FORMAT_1, sso_service=Service(fixtures.IDP_1_SSO_URL, fixtures.IDP_1_SSO_BINDING), want_authn_requests_signed=False, signing_certificates=[ strip_certificate(fixtures.SIGNING_CERTIFICATE) ], encryption_certificates=[ strip_certificate(fixtures.ENCRYPTION_CERTIFICATE) ]))
def test_parse_correctly_parses_one_sp_metadata(self): # Arrange metadata_parser = SAMLMetadataParser() # Act result = metadata_parser.parse(fixtures.CORRECT_ONE_SP_METADATA) # Assert assert isinstance(result, list) eq_(len(result), 1) [result] = result eq_( result, ServiceProviderMetadata( entity_id=fixtures.SP_ENTITY_ID, ui_info=UIInfo([ LocalizableMetadataItem( fixtures.SP_UI_INFO_EN_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures.SP_UI_INFO_ES_DISPLAY_NAME, 'es') ], [ LocalizableMetadataItem(fixtures.SP_UI_INFO_DESCRIPTION, 'en') ], [ LocalizableMetadataItem( fixtures.SP_UI_INFO_INFORMATION_URL, 'en') ], [ LocalizableMetadataItem( fixtures.SP_UI_INFO_PRIVACY_STATEMENT_URL, 'en') ], [LocalizableMetadataItem(fixtures.SP_UI_INFO_LOGO_URL)]), organization=Organization( [ LocalizableMetadataItem( fixtures.SP_ORGANIZATION_EN_ORGANIZATION_NAME, 'en'), LocalizableMetadataItem( fixtures.SP_ORGANIZATION_ES_ORGANIZATION_NAME, 'es') ], [ LocalizableMetadataItem( fixtures. SP_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures. SP_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME, 'es') ], [ LocalizableMetadataItem( fixtures.SP_ORGANIZATION_EN_ORGANIZATION_URL, 'en'), LocalizableMetadataItem( fixtures.SP_ORGANIZATION_ES_ORGANIZATION_URL, 'es') ], ), name_id_format=NameIDFormat.UNSPECIFIED.value, acs_service=Service(fixtures.SP_ACS_URL, fixtures.SP_ACS_BINDING), authn_requests_signed=False, want_assertions_signed=False, certificate=strip_certificate(fixtures.SIGNING_CERTIFICATE)))
def test_parse_correctly_parses_metadata_with_multiple_descriptors(self): # Arrange metadata_parser = SAMLMetadataParser() # Act result = metadata_parser.parse(fixtures.CORRECT_MULTIPLE_IDPS_METADATA) # Assert assert isinstance(result, list) assert len(result) == 2 eq_( result[0], IdentityProviderMetadata( entity_id=fixtures.IDP_1_ENTITY_ID, ui_info=UIInfo([ LocalizableMetadataItem( fixtures.IDP_1_UI_INFO_EN_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures.IDP_1_UI_INFO_ES_DISPLAY_NAME, 'es') ]), organization=Organization( [ LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_NAME, 'en'), LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_NAME, 'es') ], [ LocalizableMetadataItem( fixtures. IDP_1_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures. IDP_1_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME, 'es') ], [ LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_URL, 'en'), LocalizableMetadataItem( fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_URL, 'es') ], ), name_id_format=fixtures.NAME_ID_FORMAT_1, sso_service=Service(fixtures.IDP_1_SSO_URL, fixtures.IDP_1_SSO_BINDING), want_authn_requests_signed=False, signing_certificates=[ strip_certificate(fixtures.SIGNING_CERTIFICATE) ], encryption_certificates=[ strip_certificate(fixtures.ENCRYPTION_CERTIFICATE) ])) eq_( result[1], IdentityProviderMetadata( entity_id=fixtures.IDP_2_ENTITY_ID, ui_info=UIInfo([ LocalizableMetadataItem( fixtures.IDP_2_UI_INFO_EN_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures.IDP_2_UI_INFO_ES_DISPLAY_NAME, 'es') ]), organization=Organization( [ LocalizableMetadataItem( fixtures.IDP_2_ORGANIZATION_EN_ORGANIZATION_NAME, 'en'), LocalizableMetadataItem( fixtures.IDP_2_ORGANIZATION_ES_ORGANIZATION_NAME, 'es') ], [ LocalizableMetadataItem( fixtures. IDP_2_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME, 'en'), LocalizableMetadataItem( fixtures. IDP_2_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME, 'es') ], [ LocalizableMetadataItem( fixtures.IDP_2_ORGANIZATION_EN_ORGANIZATION_URL, 'en'), LocalizableMetadataItem( fixtures.IDP_2_ORGANIZATION_ES_ORGANIZATION_URL, 'es') ], ), name_id_format=fixtures.NAME_ID_FORMAT_1, sso_service=Service(fixtures.IDP_2_SSO_URL, fixtures.IDP_2_SSO_BINDING), want_authn_requests_signed=False, signing_certificates=[ strip_certificate(fixtures.SIGNING_CERTIFICATE) ], encryption_certificates=[ strip_certificate(fixtures.ENCRYPTION_CERTIFICATE) ]))