def test_check_access_works(self): ServiceProvider.objects.create(entity_id='test_generic_sp', local_metadata=sp_metadata_xml) sp = get_sp_config('test_generic_sp') processor = sp.processor check_access(processor, HttpRequest())
def test_set_processor_defaults_to_base_processor(self): ServiceProvider.objects.create(entity_id='test_sp_with_no_processor', local_metadata=sp_metadata_xml, _attribute_mapping='{}') sp = get_sp_config('test_sp_with_no_processor') assert isinstance(sp.processor, BaseProcessor)
def test_set_processor_errors_if_processor_cannot_be_loaded(self): ServiceProvider.objects.create(entity_id='test_sp_with_bad_processor', local_metadata=sp_metadata_xml, _processor='this.does.not.exist') sp = get_sp_config('test_sp_with_bad_processor') with pytest.raises(Exception): _ = sp.processor
def test_get_processor_loads_custom_processor(self): ServiceProvider.objects.create( entity_id='test_sp_with_custom_processor', local_metadata=sp_metadata_xml, _processor='tests.test_views.CustomProcessor') sp = get_sp_config('test_sp_with_custom_processor') assert isinstance(sp.processor, CustomProcessor)
def test_set_sp_works_if_sp_defined(self, settings): ServiceProvider.objects.create(entity_id='test_generic_sp', local_metadata=sp_metadata_xml) sp = get_sp_config('test_generic_sp') assert sp._processor == SP_TESTING_CONFIGS['test_generic_sp'][ 'processor'] assert sp.attribute_mapping == SP_TESTING_CONFIGS['test_generic_sp'][ 'attribute_mapping']
def test_render_response_constructs_request_session_properly(self): (mixin, request, html_response) = self.compile_data_for_render_response() expected_session = {"saml_data": html_response} mixin.render_response(request, html_response, get_sp_config('test_generic_sp').processor) assert all(item in request.session.items() for item in expected_session.items())
def test_check_access_fails_when_it_should(self): ServiceProvider.objects.create( entity_id='test_sp_with_custom_processor_that_doesnt_allow_access', local_metadata=sp_metadata_xml, _processor='tests.test_views.CustomProcessorNoAccess') sp = get_sp_config( 'test_sp_with_custom_processor_that_doesnt_allow_access') processor = sp.processor with pytest.raises(PermissionDenied): check_access(processor, HttpRequest())
def test_redirects_multifactor_if_relevant(self): (mixin, request, html_response) = self.compile_data_for_render_response() def multifactor(self, user): return True # Bind enable_multifactor being true to mixin processor. processor = get_sp_config('test_generic_sp').processor processor.enable_multifactor = multifactor.__get__(processor) response = mixin.render_response(request, html_response, processor) assert isinstance(response, HttpResponseRedirect) assert response.url == "/login/process_multi_factor/"
def test_build_authn_response(self): ServiceProvider.objects.create(entity_id='test_generic_sp', local_metadata=sp_metadata_xml) sp = get_sp_config('test_generic_sp') user = User() authn = get_authn() resp_args = { "in_response_to": "SP_Initiated_Login", "destination": "https://sp.example.com/SAML2", } assert isinstance(build_authn_response(user, authn, resp_args, sp), Response)
def test_build_authn_response_unsupported_nameidformat(self): ServiceProvider.objects.create(entity_id='test_generic_sp', local_metadata=sp_metadata_xml) sp = get_sp_config('test_generic_sp') authn = get_authn() resp_args = { "in_response_to": "SP_Initiated_Login", "destination": "https://sp.example.com/SAML2", "name_id_policy": NAMEID_FORMAT_X509SUBJECTNAME, } with pytest.raises(ImproperlyConfigured): build_authn_response(User(), authn, resp_args, sp)
def compile_data_for_render_response(self): ServiceProvider.objects.create(entity_id='test_generic_sp', local_metadata=sp_metadata_xml) mixin = IdPHandlerViewMixin() _ = get_sp_config("test_generic_sp") user = User.objects.create() user.email = "*****@*****.**", user.first_name = 'First Name', user.last_name = 'Last Name', user.is_staff = True user.is_superuser = False request = HttpRequest() request.user = user request.session = {} html_response = {"type": "POST", "data": "<html></html>"} return mixin, request, html_response
def test_set_sp_errors_if_sp_not_defined(self): with pytest.raises(ImproperlyConfigured): get_sp_config('this_sp_does_not_exist')