testdir = os.path.dirname(os.path.abspath(inspect.getfile(
inspect.currentframe())))
fixup_sp_httpd(os.path.dirname(conf), testdir)
print "Starting SP's httpd server"
self.start_http_server(conf, env)
if __name__ == '__main__':
idpname = 'idp1'
sp1name = 'sp1'
user = pwd.getpwuid(os.getuid())[0]
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
sess.add_server(sp1name, 'https://127.0.0.11:45081')
print "openid: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname)
except Exception as e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "openid: Run OpenID Protocol ...",
try:
page = sess.fetch_page(idpname,
'https://127.0.0.11:45081/?extensions=NO')
page.expected_value('text()', 'SUCCESS, WITHOUT EXTENSIONS')
sp_g, sp_a, nameid, addr, str(port), nameid
)
conf = self.setup_sp_server(sp_prof, nameid, addr, str(port), env)
fixup_sp_httpd(os.path.dirname(conf))
self.setup_step("Starting SP's httpd server")
self.start_http_server(conf, env)
if __name__ == '__main__':
idpname = 'idp1'
user = pwd.getpwuid(os.getuid())[0]
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
for sp in splist:
spname = sp['nameid']
spurl = 'https://%s:%s' % (sp['addr'], sp['port'])
sess.add_server(spname, spurl)
with TC.case('Authenticate to IdP'):
sess.auth_to_idp(idpname)
for sp in splist:
spname = sp['nameid']
with TC.case('Add SP Metadata for %s to IdP' % spname):
sess.add_sp_metadata(idpname, spname)
with TC.case('Logout without logging into SP'):
page = sess.fetch_page(idpname, '%s/%s?%s' % (
user = pwd.getpwuid(os.getuid())[0]
testdir = os.environ['TESTDIR']
krb5conf = os.path.join(testdir, 'krb5.conf')
kenv = {
'PATH': '/sbin:/bin:/usr/sbin:/usr/bin',
'KRB5_CONFIG': krb5conf,
'KRB5CCNAME': 'FILE:' + os.path.join(testdir, 'ccaches/user')
}
for key in kenv:
os.environ[key] = kenv[key]
sess = HttpSessions()
sess.add_server(idpname, 'https://%s:45080' % WRAP_HOSTNAME, user,
'ipsilon')
sess.add_server(sp1name, 'https://127.0.0.11:45081')
sess.add_server(sp2name, 'https://127.0.0.11:45082')
with TC.case('Authenticate to IdP'):
sess.auth_to_idp(idpname, krb=True)
with TC.case('Add first SP Metadata to IdP'):
sess.add_sp_metadata(idpname, sp1name)
with TC.case('Access first SP Protected Area'):
page = sess.fetch_page(idpname, 'https://127.0.0.11:45081/sp/')
page.expected_value('text()', 'WORKS!')
with TC.case('Access second SP Protected Area'):
page = sess.fetch_page(idpname, 'https://127.0.0.11:45082/sp/')
sp = self.generate_profile(sp_g, sp_a, name, addr, port)
conf = self.setup_sp_server(sp, name, addr, port, env)
fixup_sp_httpd(os.path.dirname(conf))
print "Starting SP's httpd server"
self.start_http_server(conf, env)
if __name__ == '__main__':
idpname = 'idp1'
spname = 'sp1'
user = '******'
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'tuser')
sess.add_server(spname, 'https://127.0.0.11:45081')
print "test1: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "test1: Add SP Metadata to IDP ...",
try:
sess.add_sp_metadata(idpname, spname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
else:
sp_prof = self.generate_profile(sp_g, sp_a, nameid, addr, str(port), nameid)
conf = self.setup_sp_server(sp_prof, nameid, addr, str(port), env)
fixup_sp_httpd(os.path.dirname(conf))
print "Starting SP's httpd server"
self.start_http_server(conf, env)
if __name__ == "__main__":
idpname = "idp1"
user = pwd.getpwuid(os.getuid())[0]
sess = HttpSessions()
sess.add_server(idpname, "https://127.0.0.10:45080", user, "ipsilon")
for sp in splist:
spname = sp["nameid"]
spurl = "https://%s:%s" % (sp["addr"], sp["port"])
sess.add_server(spname, spurl)
print "testlogout: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
for sp in splist:
spname = sp["nameid"]
testdir = os.path.dirname(os.path.abspath(inspect.getfile(
inspect.currentframe())))
fixup_sp_httpd(os.path.dirname(conf), testdir)
self.setup_step("Starting SP's httpd server")
self.start_http_server(conf, env)
if __name__ == '__main__':
idpname = 'idp1'
sp1name = 'sp1'
user = pwd.getpwuid(os.getuid())[0]
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
sess.add_server(sp1name, 'https://127.0.0.11:45081')
with TC.case('Authenticate to IdP'):
sess.auth_to_idp(idpname)
with TC.case('Run OpenID Protocol'):
page = sess.fetch_page(idpname,
'https://127.0.0.11:45081/?extensions=NO',
require_consent=True)
page.expected_value('text()', 'SUCCESS, WITHOUT EXTENSIONS')
with TC.case('Run OpenID Protocol without consent'):
page = sess.fetch_page(idpname,
'https://127.0.0.11:45081/?extensions=NO',
require_consent=False)
self.start_http_server(conf, env)
self.setup_step("Installing SP server")
name = 'sp1'
addr = '127.0.0.11'
port = '45081'
sp = self.generate_profile(sp_g, sp_a, name, addr, port)
conf = self.setup_sp_server(sp, name, addr, port, env)
fixup_sp_httpd(os.path.dirname(conf))
self.setup_step("Starting SP's httpd server")
self.start_http_server(conf, env)
if __name__ == '__main__':
idpname = 'idp1'
spname = 'sp1'
user = '******'
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'tuser')
sess.add_server(spname, 'https://127.0.0.11:45081')
with TC.case('Authenticate to Idp with no LDAP backend'):
sess.auth_to_idp(
idpname,
rule='//div[@class="alert alert-danger"]/p/text()',
expected="Internal system error"
)
if exit_code:
sys.exit(exit_code)
# Now kill the last http server
os.killpg(http_server.pid, signal.SIGTERM)
self.processes.remove(http_server)
def run(self, env):
for version in range(ipsilon.util.data.CURRENT_SCHEMA_VERSION):
self.test_upgrade_from(env, version)
if __name__ == '__main__':
from_version = sys.argv[1]
idpname = sys.argv[2]
url = sys.argv[3]
user = pwd.getpwuid(os.getuid())[0]
sess = HttpSessions()
sess.add_server(idpname, 'https://%s' % url, user,
'ipsilon')
print "dbupgrades: From v%s: Authenticate to IDP ..." % from_version,
try:
sess.auth_to_idp(idpname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
sp1name = 'sp1'
sp2name = 'sp2'
user = pwd.getpwuid(os.getuid())[0]
testdir = os.environ['TESTDIR']
krb5conf = os.path.join(testdir, 'krb5.conf')
kenv = {'PATH': '/sbin:/bin:/usr/sbin:/usr/bin',
'KRB5_CONFIG': krb5conf,
'KRB5CCNAME': 'FILE:' + os.path.join(testdir, 'ccaches/user')}
for key in kenv:
os.environ[key] = kenv[key]
sess = HttpSessions()
sess.add_server(idpname, 'https://%s:45080' % WRAP_HOSTNAME, user,
'ipsilon')
sess.add_server(sp1name, 'https://127.0.0.11:45081')
sess.add_server(sp2name, 'https://127.0.0.11:45082')
print "testgssapi: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname, krb=True)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "testgssapi: Add first SP Metadata to IDP ...",
try:
sess.add_sp_metadata(idpname, sp1name)
except Exception, e: # pylint: disable=broad-except
kenv = {
"PATH": "/sbin:/bin:/usr/sbin:/usr/bin",
"KRB5_CONFIG": krb5conf,
"KRB5CCNAME": "FILE:" + os.path.join(testdir, "ccaches/user"),
}
for kkey in kenv:
os.environ[kkey] = kenv[kkey]
sp_list = generate_sp_list()
for sp in sp_list:
krb = False
spname = sp["nameid"]
spurl = "https://%s:%s" % (sp["addr"], sp["port"])
sess = HttpSessions()
sess.add_server(idpname, "https://%s:45080" % WRAP_HOSTNAME, user, "ipsilon")
sess.add_server(spname, spurl)
print ""
print "testnameid: Testing NameID format %s ..." % spname
if spname == "kerberos":
krb = True
print "testnameid: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname, krb=krb)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
kenv = {
'PATH': '/sbin:/bin:/usr/sbin:/usr/bin',
'KRB5_CONFIG': krb5conf,
'KRB5CCNAME': 'FILE:' + os.path.join(testdir, 'ccaches/user')
}
for kkey in kenv:
os.environ[kkey] = kenv[kkey]
sp_list = generate_sp_list()
for sp in sp_list:
krb = False
spname = sp['nameid']
spurl = 'https://%s:%s' % (sp['addr'], sp['port'])
sess = HttpSessions()
sess.add_server(idpname, 'https://%s:45080' % WRAP_HOSTNAME, user,
'ipsilon')
sess.add_server(spname, spurl)
TC.info('Testing NameID format %s' % spname)
if spname == 'kerberos':
krb = True
with TC.case('Authenticate to IdP'):
sess.auth_to_idp(idpname, krb=krb)
with TC.case('Add SP Metadata to IdP'):
sess.add_sp_metadata(idpname, spname)
with TC.case('Set supported Name ID formats'):
sess.set_sp_default_nameids(idpname, spname, [spname])
print "Starting SP's httpd server"
self.start_http_server(conf, env)
if __name__ == '__main__':
idpname = 'idp1'
user = pwd.getpwuid(os.getuid())[0]
sp = sp_list[0]
spurl = 'https://%s:%s' % (sp['addr'], sp['port'])
# Set global mapping and allowed attributes, then test fetch from
# SP.
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
sess.add_server(sp['name'], spurl)
print "testmapping: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "testmapping: Add SP Metadata to IDP ...",
try:
sess.add_sp_metadata(idpname, sp['name'])
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
def run(self, env):
overall_exit_code = 0
overall_results = []
for version in range(ipsilon.util.data.CURRENT_SCHEMA_VERSION):
for with_readonly in [True, False]:
exit_code, results = self.test_upgrade_from(
env, version, with_readonly)
if exit_code != 0:
overall_exit_code = 1
overall_results.extend(results)
return overall_exit_code, overall_results
if __name__ == '__main__':
from_version = sys.argv[1]
with_ro = sys.argv[2]
idpname = sys.argv[3]
url = sys.argv[4]
user = pwd.getpwuid(os.getuid())[0]
sess = HttpSessions()
sess.add_server(idpname, 'https://%s' % url, user, 'ipsilon')
with TC.case('From v%s %s: Authenticate to IdP' % (from_version, with_ro)):
sess.auth_to_idp(idpname)
