125 lines
5.1 KiB
Python
125 lines
5.1 KiB
Python
import mock
|
|
import urlparse
|
|
|
|
from django.contrib.auth.models import AnonymousUser
|
|
|
|
from combo.utils import requests, check_query
|
|
|
|
class MockSAMLUser(object):
|
|
name_id = 'r2d2'
|
|
|
|
class MockUser(object):
|
|
email = 'foo@example.net'
|
|
def is_authenticated(self):
|
|
return True
|
|
|
|
def __init__(self, samlized=True):
|
|
class MockSAMLUsers(object):
|
|
def exists(self):
|
|
return True
|
|
def first(self):
|
|
return MockSAMLUser()
|
|
if samlized:
|
|
self.saml_identifiers = MockSAMLUsers()
|
|
|
|
|
|
def test_nosign():
|
|
with mock.patch('combo.utils.RequestsSession.request') as request:
|
|
requests.get('http://example.org/foo/bar/')
|
|
assert request.call_args[0][1] == 'http://example.org/foo/bar/'
|
|
|
|
def test_sign():
|
|
remote_service = {'url': 'http://example.org', 'secret': 'secret', 'orig': 'myself'}
|
|
with mock.patch('combo.utils.RequestsSession.request') as request:
|
|
requests.get('/foo/bar/', remote_service=remote_service)
|
|
url = request.call_args[0][1]
|
|
assert url.startswith('http://example.org/foo/bar/?')
|
|
scheme, netloc, path, params, querystring, fragment = urlparse.urlparse(url)
|
|
query = urlparse.parse_qs(querystring, keep_blank_values=True)
|
|
assert query['orig'][0] == 'myself'
|
|
assert query['email'][0]== ''
|
|
assert query['NameID'][0]== ''
|
|
assert check_query(querystring, 'secret') == True
|
|
|
|
requests.get('/foo/bar/', remote_service=remote_service, without_user=True)
|
|
url = request.call_args[0][1]
|
|
assert url.startswith('http://example.org/foo/bar/?')
|
|
scheme, netloc, path, params, querystring, fragment = urlparse.urlparse(url)
|
|
query = urlparse.parse_qs(querystring, keep_blank_values=True)
|
|
assert query['orig'][0] == 'myself'
|
|
assert 'email' not in query
|
|
assert 'NameID' not in query
|
|
assert check_query(querystring, 'secret') == True
|
|
|
|
|
|
def test_auto_sign():
|
|
with mock.patch('combo.utils.RequestsSession.request') as request:
|
|
requests.get('http://example.org/foo/bar/', remote_service='auto')
|
|
url = request.call_args[0][1]
|
|
assert url.startswith('http://example.org/foo/bar/?')
|
|
scheme, netloc, path, params, querystring, fragment = urlparse.urlparse(url)
|
|
query = urlparse.parse_qs(querystring, keep_blank_values=True)
|
|
assert query['orig'][0] == 'combo'
|
|
assert check_query(querystring, 'combo') == True
|
|
|
|
requests.get('http://doesnotexist/foo/bar/', remote_service='auto')
|
|
assert request.call_args[0][1] == 'http://doesnotexist/foo/bar/'
|
|
|
|
|
|
def test_sign_user():
|
|
remote_service = {'url': 'http://example.org', 'secret': 'secret', 'orig': 'myself'}
|
|
with mock.patch('combo.utils.RequestsSession.request') as request:
|
|
|
|
user = MockUser(samlized=True)
|
|
|
|
requests.get('/foo/bar/', remote_service=remote_service, user=user)
|
|
url = request.call_args[0][1]
|
|
assert url.startswith('http://example.org/foo/bar/?')
|
|
scheme, netloc, path, params, querystring, fragment = urlparse.urlparse(url)
|
|
query = urlparse.parse_qs(querystring, keep_blank_values=True)
|
|
assert query['NameID'][0] == 'r2d2'
|
|
assert 'email' not in query
|
|
assert query['orig'][0] == 'myself'
|
|
assert check_query(querystring, 'secret') == True
|
|
|
|
requests.get('/foo/bar/', remote_service=remote_service, user=user,
|
|
federation_key='email')
|
|
url = request.call_args[0][1]
|
|
assert url.startswith('http://example.org/foo/bar/?')
|
|
scheme, netloc, path, params, querystring, fragment = urlparse.urlparse(url)
|
|
query = urlparse.parse_qs(querystring, keep_blank_values=True)
|
|
assert query['email'][0] == 'foo@example.net'
|
|
assert 'NameID' not in query
|
|
assert query['orig'][0] == 'myself'
|
|
assert check_query(querystring, 'secret') == True
|
|
|
|
|
|
user = MockUser(samlized=False)
|
|
|
|
requests.get('/foo/bar/', remote_service=remote_service, user=user)
|
|
url = request.call_args[0][1]
|
|
assert url.startswith('http://example.org/foo/bar/?')
|
|
scheme, netloc, path, params, querystring, fragment = urlparse.urlparse(url)
|
|
query = urlparse.parse_qs(querystring, keep_blank_values=True)
|
|
assert 'NameID' not in query
|
|
assert query['email'][0] == 'foo@example.net'
|
|
assert query['orig'][0] == 'myself'
|
|
assert check_query(querystring, 'secret') == True
|
|
|
|
|
|
def test_sign_anonymous_user():
|
|
remote_service = {'url': 'http://example.org', 'secret': 'secret', 'orig': 'myself'}
|
|
with mock.patch('combo.utils.RequestsSession.request') as request:
|
|
|
|
user = AnonymousUser()
|
|
|
|
requests.get('/foo/bar/', remote_service=remote_service, user=user)
|
|
url = request.call_args[0][1]
|
|
assert url.startswith('http://example.org/foo/bar/?')
|
|
scheme, netloc, path, params, querystring, fragment = urlparse.urlparse(url)
|
|
query = urlparse.parse_qs(querystring, keep_blank_values=True)
|
|
assert query['NameID'][0] == ''
|
|
assert query['email'][0] == ''
|
|
assert query['orig'][0] == 'myself'
|
|
assert check_query(querystring, 'secret') == True
|