def test_init_saml_auth(self):
r = RequestFactory()
request = r.get('/sso/saml/?provider=MyProvider',
**dict(HTTP_HOST='example.com'))
req = prepare_django_request(request)
auth_obj = init_saml_auth(req)
self.assertTrue(
type(auth_obj) is onelogin.saml2.auth.OneLogin_Saml2_Auth)
def test_prepare_https_request_with_GET_plus_proxy(self):
r = RequestFactory()
request = r.get('/sso/saml/?provider=MyProvider', **dict(HTTP_X_FORWARDED_FOR='10.10.10.10', HTTP_X_FORWARDED_PROTO='https', HTTP_HOST='example.com'))
req = prepare_django_request(request)
self.assertEqual(req['get_data']['provider'], 'MyProvider')
self.assertEqual(req['https'], 'on')
self.assertEqual(req['script_name'], '/sso/saml/')
self.assertEqual(req['http_host'], 'example.com')
def test_prepare_https_request_with_GET_no_proxy(self):
r = RequestFactory()
request = r.get('/sso/saml/?provider=MyProvider', secure=True, **dict(HTTP_HOST='example.com'))
req = prepare_django_request(request)
self.assertEqual(req['get_data']['provider'], 'MyProvider')
self.assertEqual(req['https'], 'on')
self.assertEqual(req['script_name'], '/sso/saml/')
self.assertEqual(req['http_host'], 'example.com')
def metadata(request):
req = prepare_django_request(request)
auth = init_saml_auth(req)
saml_settings = auth.get_settings()
metadata = saml_settings.get_sp_metadata()
errors = saml_settings.validate_metadata(metadata)
if len(errors) == 0:
resp = HttpResponse(content=metadata, content_type='text/xml')
else:
resp = HttpResponseServerError(content=', '.join(errors))
return resp
def test_get_provider_config(self):
r = RequestFactory()
request = r.get('/sso/saml/?provider=MyProvider', **dict(HTTP_HOST='example.com'))
req = prepare_django_request(request)
config = get_provider_config(req)
mock_cfg = MOCK_SAML2_CONFIG[0]['MyProvider']
for top_attr in mock_cfg.keys():
if type(top_attr) is dict:
for key, value in top_attr.iteritems():
self.assertEqual(mock_cfg[key], config[key])
else:
self.assertEqual(mock_cfg[top_attr], config[top_attr])
def saml_login(request):
req = prepare_django_request(request)
auth = init_saml_auth(req)
if 'provider' in req['get_data']:
# SP Initiated
if hasattr(settings, 'SAML_REDIRECT'):
return HttpResponseRedirect(
auth.login(return_to=settings.SAML_REDIRECT))
elif REDIRECT_FIELD_NAME in req['get_data']:
return HttpResponseRedirect(
auth.login(return_to=req['get_data'][REDIRECT_FIELD_NAME]))
elif 'RelayState' in req['post_data']:
return HttpResponseRedirect(
auth.redirect_to(req['post_data']['RelayState']))
else:
redir = OneLogin_Saml2_Utils.get_self_url(
req) + request.get_full_path()
return HttpResponseRedirect(auth.login(return_to=redir))
else:
return HttpResponseRedirect(auth.login())
def acs(request):
attributes = None
req = prepare_django_request(request)
auth = init_saml_auth(req)
# IDP initiated
request_id = None
if 'AuthNRequestID' in request.session:
request_id = request.session['AuthNRequestID']
auth.process_response(request_id=request_id)
errors = auth.get_errors()
not_auth_warn = not auth.is_authenticated()
if not errors:
if 'AuthNRequestID' in request.session:
del request.session['AuthNRequestID']
request.session['samlUserdata'] = auth.get_attributes()
request.session['samlNameId'] = auth.get_nameid()
request.session['samlSessionIndex'] = auth.get_session_index()
attributes = request.session['samlUserdata'].items()
user = authenticate(request=request)
if user is None:
if hasattr(settings, 'SAML_FAIL_REDIRECT'):
return HttpResponseRedirect(settings.SAML_FAIL_REDIRECT)
raise SAMLError('FAILED TO AUTHENTICATE SAML USER WITH BACKEND')
login(request, user)
if hasattr(settings, 'SAML_REDIRECT'):
return HttpResponseRedirect(settings.SAML_REDIRECT)
elif 'RelayState' in req[
'post_data'] and OneLogin_Saml2_Utils.get_self_url(
req) != req['post_data']['RelayState']:
return HttpResponseRedirect(
auth.redirect_to(req['post_data']['RelayState']))
else:
return HttpResponseRedirect(OneLogin_Saml2_Utils.get_self_url(req))
else:
raise SAMLError('ERRORS FOUND IN SAML REQUEST: %s' % errors)
def test_get_provider_config_with_missing_provider(self):
r = RequestFactory()
request = r.get('/sso/saml/?provider=MissingProvider',
**dict(HTTP_HOST='example.com'))
req = prepare_django_request(request)
self.assertRaises(SAMLSettingsError, get_provider_config, req)
def test_get_provider_config_with_missing_query_str(self):
r = RequestFactory()
request = r.get('/sso/saml/', **dict(HTTP_HOST='example.com'))
req = prepare_django_request(request)
config = get_provider_config(req)
self.assertEqual(config['name'], 'MyProvider')
