def test_parse_does_not_raise_exception_when_xml_metadata_does_not_have_display_names(
self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(
fixtures.CORRECT_ONE_IDP_METADATA_WITHOUT_DISPLAY_NAMES)
# Assert
assert isinstance(result, list)
eq_(len(result), 1)
[result] = result
eq_(
result,
IdentityProviderMetadata(
entity_id=fixtures.IDP_1_ENTITY_ID,
ui_info=UIInfo(),
organization=Organization(),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_1_SSO_URL,
fixtures.IDP_1_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))
def test_parse_raises_exception_when_xml_metadata_has_incorrect_format(
self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
metadata_parser.parse(fixtures.INCORRECT_XML)
def test_parse_raises_exception_when_sp_metadata_does_not_contain_acs_service(
self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
metadata_parser.parse(
fixtures.INCORRECT_ONE_SP_METADATA_WITHOUT_ACS_SERVICE)
def test_parse_raises_exception_when_idp_metadata_contains_sso_service_with_wrong_binding(
self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
metadata_parser.parse(
fixtures.
INCORRECT_ONE_IDP_METADATA_WITH_SSO_SERVICE_WITH_WRONG_BINDING)
def test_validate(self, name, sp_xml_metadata, idp_xml_metadata,
expected_validation_result):
# Arrange
submitted_form_data = MultiDict()
if sp_xml_metadata is not None:
submitted_form_data.add(
configuration.SAMLConfiguration.SP_XML_METADATA,
sp_xml_metadata)
if idp_xml_metadata is not None:
submitted_form_data.add(
configuration.SAMLConfiguration.IDP_XML_METADATA,
idp_xml_metadata)
submitted_form = {'form': submitted_form_data}
settings = SAMLWebSSOAuthenticationProvider.SETTINGS
metadata_parser = SAMLMetadataParser()
validator = SAMLSettingsValidator(metadata_parser)
# Act
result = validator.validate(settings, submitted_form)
# Assert
if isinstance(result, ProblemDetail):
eq_(result.response, expected_validation_result.response)
else:
eq_(result, expected_validation_result)
def create(self, integration_owner):
"""
Creates a new instance of SAMLAuthenticationManager class
:param integration_owner: External integration owner
:type integration_owner: api.saml.configuration.ExternalIntegrationOwner
:return: SAML authentication manager
:rtype: SAMLAuthenticationManager
"""
configuration_storage = ConfigurationStorage(integration_owner)
configuration = SAMLConfiguration(configuration_storage, SAMLMetadataParser())
onelogin_configuration = SAMLOneLoginConfiguration(configuration)
subject_parser = SAMLSubjectParser()
authentication_manager = SAMLAuthenticationManager(onelogin_configuration, subject_parser)
return authentication_manager
def validator_factory():
return SAMLSettingsValidator(SAMLMetadataParser())
def test_parse_correctly_parses_one_idp_metadata(self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(fixtures.CORRECT_ONE_IDP_METADATA)
# Assert
assert isinstance(result, list)
eq_(len(result), 1)
[result] = result
eq_(
result,
IdentityProviderMetadata(
entity_id=fixtures.IDP_1_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_ES_DISPLAY_NAME, 'es')
], [
LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_DESCRIPTION,
'en')
], [
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_INFORMATION_URL, 'en')
], [
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_PRIVACY_STATEMENT_URL, 'en')
], [LocalizableMetadataItem(fixtures.IDP_1_UI_INFO_LOGO_URL)]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_URL,
'es')
],
),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_1_SSO_URL,
fixtures.IDP_1_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))
def test_parse_correctly_parses_one_sp_metadata(self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(fixtures.CORRECT_ONE_SP_METADATA)
# Assert
assert isinstance(result, list)
eq_(len(result), 1)
[result] = result
eq_(
result,
ServiceProviderMetadata(
entity_id=fixtures.SP_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.SP_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.SP_UI_INFO_ES_DISPLAY_NAME, 'es')
], [
LocalizableMetadataItem(fixtures.SP_UI_INFO_DESCRIPTION,
'en')
], [
LocalizableMetadataItem(
fixtures.SP_UI_INFO_INFORMATION_URL, 'en')
], [
LocalizableMetadataItem(
fixtures.SP_UI_INFO_PRIVACY_STATEMENT_URL, 'en')
], [LocalizableMetadataItem(fixtures.SP_UI_INFO_LOGO_URL)]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
SP_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
SP_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME, 'es')
],
[
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.SP_ORGANIZATION_ES_ORGANIZATION_URL, 'es')
],
),
name_id_format=NameIDFormat.UNSPECIFIED.value,
acs_service=Service(fixtures.SP_ACS_URL,
fixtures.SP_ACS_BINDING),
authn_requests_signed=False,
want_assertions_signed=False,
certificate=strip_certificate(fixtures.SIGNING_CERTIFICATE)))
def test_parse_correctly_parses_metadata_with_multiple_descriptors(self):
# Arrange
metadata_parser = SAMLMetadataParser()
# Act
result = metadata_parser.parse(fixtures.CORRECT_MULTIPLE_IDPS_METADATA)
# Assert
assert isinstance(result, list)
assert len(result) == 2
eq_(
result[0],
IdentityProviderMetadata(
entity_id=fixtures.IDP_1_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.IDP_1_UI_INFO_ES_DISPLAY_NAME, 'es')
]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
IDP_1_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.IDP_1_ORGANIZATION_ES_ORGANIZATION_URL,
'es')
],
),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_1_SSO_URL,
fixtures.IDP_1_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))
eq_(
result[1],
IdentityProviderMetadata(
entity_id=fixtures.IDP_2_ENTITY_ID,
ui_info=UIInfo([
LocalizableMetadataItem(
fixtures.IDP_2_UI_INFO_EN_DISPLAY_NAME, 'en'),
LocalizableMetadataItem(
fixtures.IDP_2_UI_INFO_ES_DISPLAY_NAME, 'es')
]),
organization=Organization(
[
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_EN_ORGANIZATION_NAME,
'en'),
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_ES_ORGANIZATION_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.
IDP_2_ORGANIZATION_EN_ORGANIZATION_DISPLAY_NAME,
'en'),
LocalizableMetadataItem(
fixtures.
IDP_2_ORGANIZATION_ES_ORGANIZATION_DISPLAY_NAME,
'es')
],
[
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_EN_ORGANIZATION_URL,
'en'),
LocalizableMetadataItem(
fixtures.IDP_2_ORGANIZATION_ES_ORGANIZATION_URL,
'es')
],
),
name_id_format=fixtures.NAME_ID_FORMAT_1,
sso_service=Service(fixtures.IDP_2_SSO_URL,
fixtures.IDP_2_SSO_BINDING),
want_authn_requests_signed=False,
signing_certificates=[
strip_certificate(fixtures.SIGNING_CERTIFICATE)
],
encryption_certificates=[
strip_certificate(fixtures.ENCRYPTION_CERTIFICATE)
]))