tests: saml sp-initiated logout and public URLs

tests/test_saml_auth.py

@@ -133,6 +133,26 @@ def get_assertion_consumer_request():
     req.form['SAMLResponse'] = get_authn_response_msg()
     return req
 
+def test_saml_metadata():
+    setup_environment()
+    req = HTTPRequest(None, {'SERVER_NAME': 'example.net', 'SCRIPT_NAME': '', })
+    pub._set_request(req)
+
+    saml2 = Saml2Directory()
+    body = saml2.metadata()
+    assert '<EntityDescriptor' in body
+    assert req.response.content_type == 'text/xml'
+
+def test_saml_public_key():
+    setup_environment()
+    req = HTTPRequest(None, {'SERVER_NAME': 'example.net', 'SCRIPT_NAME': '', })
+    pub._set_request(req)
+
+    saml2 = Saml2Directory()
+    body = saml2.public_key()
+    assert body.startswith('-----BEGIN PUBLIC KEY-----')
+    assert req.response.content_type == 'application/octet-stream'
+
 def test_assertion_consumer():
     setup_environment()
     req = get_assertion_consumer_request()
@@ -229,3 +249,13 @@ def test_saml_register():
     pub.write_cfg()
     resp = get_app(pub).get('/register/')
     assert resp.location == 'http://sso.example.net/registration?next_url=http%3A%2F%2Fexample.net%2Fregister%2F'
+
+def test_saml_logout():
+    setup_environment()
+    req = get_assertion_consumer_request()
+    saml2 = Saml2Directory()
+    saml2.assertionConsumerPost()
+    assert req.session.user is not None
+    body = saml2.slo_sp()
+    assert req.response.headers['location'].startswith('http://sso.example.net/saml2/slo?SAMLRequest=')
+    assert req.session.user is None