def test_tampered_response(self): a = SAMLAuthenticator() a.metadata_content = test_constants.sample_metadata_xml assert a._authenticate(None, { a.login_post_field: test_constants.tampered_sample_response_encoded }) is None
def _confirm_tom(self, saml_data, mock_datetime, mock_pwd): mock_datetime.now.return_value = saml_data.datetime_stamp mock_datetime.strptime = datetime.strptime mock_pwd.getpwnam.return_value = True a = SAMLAuthenticator() a.metadata_content = saml_data.metadata_xml assert 'tom' == a._authenticate( None, {a.login_post_field: saml_data.b64encoded_response}) mock_datetime.now.assert_called_once_with(timezone.utc) mock_pwd.getpwnam.assert_called_once_with('tom')
def test_no_allowed_roles(self): with patch('samlauthenticator.samlauthenticator.datetime' ) as mock_datetime: mock_datetime.now.return_value = datetime(2020, 7, 1, 23, 0, 0, tzinfo=timezone.utc) mock_datetime.strptime = datetime.strptime a = SAMLAuthenticator() a.metadata_content = test_constants.sample_metadata_xml a.xpath_role_location = '//saml:AttributeStatement/saml:Attribute[@Name="Roles"]/saml:AttributeValue/text()' # The included XML should not have either of these roles. a.allowed_roles = 'allowed_role_1,allowed_role_2' assert a._authenticate( None, { a.login_post_field: test_constants.b64encoded_response_xml_with_roles }) is None mock_datetime.now.assert_called_once_with(timezone.utc)
def test_add_user_fail(self): with patch('samlauthenticator.samlauthenticator.pwd') as mock_pwd, \ patch('samlauthenticator.samlauthenticator.datetime') as mock_datetime, \ patch('samlauthenticator.samlauthenticator.subprocess') as mock_subprocess: mock_pwd.getpwnam.side_effect = KeyError('No User') mock_datetime.now.return_value = datetime(2019, 4, 9, 21, 35, 0, tzinfo=timezone.utc) mock_datetime.strptime = datetime.strptime mock_subprocess.call.return_value = 1 a = SAMLAuthenticator() a.metadata_content = test_constants.sample_metadata_xml assert a._authenticate( None, {a.login_post_field: test_constants.b64encoded_response_xml }) is None mock_pwd.getpwnam.assert_called_once_with('bluedata') mock_datetime.now.assert_called_once_with(timezone.utc) mock_subprocess.call.assert_called_once_with( ['useradd', 'bluedata'])
def test_bad_metadata_config(self): a = SAMLAuthenticator() # None because we can't get the metadata assert a._authenticate( None, {a.login_post_field: test_constants.b64encoded_response_xml }) is None
def test_bad_post_data(self): a = SAMLAuthenticator() # None because we can't get the response assert a._authenticate(None, {}) is None