sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
sess.add_server(sp1name, 'https://127.0.0.11:45081')
sess.add_server(sp2name, 'https://127.0.0.11:45082')
print "test1: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "test1: Add first SP Metadata to IDP ...",
try:
sess.add_sp_metadata(idpname, sp1name)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "test1: Access first SP Protected Area ...",
try:
page = sess.fetch_page(idpname, 'https://127.0.0.11:45081/sp/')
page.expected_value('text()', 'WORKS!')
except ValueError, e:
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "test1: Access second SP Protected Area ...",
sp1name = 'sp1'
user = pwd.getpwuid(os.getuid())[0]
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
sess.add_server(sp1name, 'https://127.0.0.11:45081')
with TC.case('Verify logged out state'):
page = sess.fetch_page(idpname, 'https://127.0.0.10:45080/idp1/')
page.expected_value('//div[@id="content"]/p/a/text()', 'Log In')
with TC.case('Authenticating to IdP'):
sess.auth_to_idp(idpname)
with TC.case('Add SP Metadata to IdP'):
sess.add_sp_metadata(idpname, sp1name)
with TC.case('Access first SP Protected Area'):
page = sess.fetch_page(idpname, 'https://127.0.0.11:45081/sp/')
page.expected_value('text()', 'WORKS!')
with TC.case('Verify logged in state'):
page = sess.fetch_page(idpname, 'https://127.0.0.10:45080/idp1/')
page.expected_value('//div[@id="content"]/p/a/text()', None)
with TC.case('Checking that SAML2 sessions were created'):
sess_db = os.path.join(os.environ['TESTDIR'],
'lib/idp1/saml2.sessions.db.sqlite')
conn = sqlite3.connect(sess_db)
cur = conn.cursor()
cur.execute('SELECT * FROM saml2_sessions;')
sess.add_server(spname, 'https://127.0.0.11:45081')
sess.add_server(sp2name, 'https://127.0.0.10:45082')
sess.add_server(sp3name, 'https://127.0.0.10:45083')
with TC.case('Authenticate to IdP'):
sess.auth_to_idp(idpname)
with TC.case('List initial Service Providers via REST'):
result = sess.get_rest_sp(idpname)
if len(result['result']) != 0:
raise ValueError(
'Expected no SP and got %d' % len(result['result'])
)
with TC.case('Add SP Metadata to IdP via admin'):
sess.add_sp_metadata(idpname, spname)
with TC.case('List Service Providers via REST'):
result = sess.get_rest_sp(idpname)
if len(result['result']) != 1:
raise ValueError(
'Expected 1 SP and got %d' % len(result['result'])
)
if result['result'][0].get('provider') != spname:
raise ValueError(
'Expected %s and got %s' %
(spname, result['result'][0].get('provider'))
)
with TC.case('Add Service Provider via REST'):
sess.add_sp_metadata(idpname, sp2name, rest=True)
print "testrest: List initial Service Providers via REST ...",
try:
result = sess.get_rest_sp(idpname)
if len(result['result']) != 0:
raise ValueError(
'Expected no SP and got %d' % len(result['result'])
)
except ValueError, e:
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "testrest: Add SP Metadata to IDP via admin ...",
try:
sess.add_sp_metadata(idpname, spname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "testrest: List Service Providers via REST ...",
try:
result = sess.get_rest_sp(idpname)
if len(result['result']) != 1:
raise ValueError(
'Expected 1 SP and got %d' % len(result['result'])
)
if result['result'][0].get('provider') != spname:
raise ValueError(
'Expected %s and got %s' %
idpname = 'idp1'
user = pwd.getpwuid(os.getuid())[0]
sp = sp_list[0]
spurl = 'https://%s:%s' % (sp['addr'], sp['port'])
# Set global mapping and allowed attributes, then test fetch from
# SP.
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
sess.add_server(sp['name'], spurl)
with TC.case('Authenticate to IdP'):
sess.auth_to_idp(idpname)
with TC.case('Add SP Metadata to IdP'):
sess.add_sp_metadata(idpname, sp['name'])
with TC.case('Test default mapping and attrs'):
expect = {
'NAME_ID': user,
'fullname': 'Test User %s' % user,
'surname': user,
'givenname': u'Test User 一',
'email': '*****@*****.**' % user,
'groups': user,
}
check_info_plugin(sess, idpname, spurl, expect)
with TC.case('Set default global mapping'):
sess.set_attributes_and_mapping(
idpname,
# SP.
sess = HttpSessions()
sess.add_server(idpname, 'https://127.0.0.10:45080', user, 'ipsilon')
sess.add_server(sp['name'], spurl)
print "testmapping: Authenticate to IDP ...",
try:
sess.auth_to_idp(idpname)
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
print "testmapping: Add SP Metadata to IDP ...",
try:
sess.add_sp_metadata(idpname, sp['name'])
except Exception, e: # pylint: disable=broad-except
print >> sys.stderr, " ERROR: %s" % repr(e)
sys.exit(1)
print " SUCCESS"
try:
print "testmapping: Test default mapping and attrs ...",
expect = {
'NAME_ID': user,
'fullname': 'Test User %s' % user,
'surname': user,
'givenname': u'Test User 一',
'email': '*****@*****.**' % user,
'groups': user,
}
