tests: add tests for saml settings pages
This commit is contained in:
parent
7e90b505d7
commit
d1d9520d13
|
|
@ -2,6 +2,11 @@ import os
|
|||
import shutil
|
||||
import StringIO
|
||||
|
||||
try:
|
||||
import lasso
|
||||
except ImportError:
|
||||
lasso = None
|
||||
|
||||
import pytest
|
||||
|
||||
from quixote import cleanup, get_publisher
|
||||
|
|
@ -1270,3 +1275,70 @@ def test_settings_texts():
|
|||
resp = resp.forms[0].submit('restore-default')
|
||||
assert resp.location == 'http://example.net/admin/settings/texts/'
|
||||
assert pub.cfg['texts']['text-top-of-login'] == None
|
||||
|
||||
@pytest.mark.skipif('lasso is None')
|
||||
def test_settings_auth():
|
||||
pub.user_class.wipe() # makes sure there are no users
|
||||
pub.cfg['identification'] = {}
|
||||
pub.write_cfg()
|
||||
app = get_app(pub)
|
||||
|
||||
resp = app.get('/admin/settings/')
|
||||
assert not 'identification/password/' in resp.body
|
||||
assert not 'identification/idp/' in resp.body
|
||||
|
||||
resp = resp.click('Identification')
|
||||
assert resp.forms[0]['methods$elementidp'].checked is False
|
||||
assert resp.forms[0]['methods$elementpassword'].checked is False
|
||||
resp.forms[0]['methods$elementidp'].checked = True
|
||||
resp = resp.forms[0].submit()
|
||||
resp = resp.follow()
|
||||
assert 'identification/idp/' in resp.body
|
||||
assert pub.cfg['identification']['methods'] == ['idp']
|
||||
|
||||
resp = resp.click('Identification')
|
||||
assert resp.forms[0]['methods$elementidp'].checked is True
|
||||
assert resp.forms[0]['methods$elementpassword'].checked is False
|
||||
resp.forms[0]['methods$elementidp'].checked = False
|
||||
resp.forms[0]['methods$elementpassword'].checked = True
|
||||
resp = resp.forms[0].submit()
|
||||
resp = resp.follow()
|
||||
assert 'identification/password/' in resp.body
|
||||
assert pub.cfg['identification']['methods'] == ['password']
|
||||
|
||||
@pytest.mark.skipif('lasso is None')
|
||||
def test_settings_idp():
|
||||
pub.user_class.wipe() # makes sure there are no users
|
||||
pub.cfg['identification'] = {'methods': ['idp']}
|
||||
pub.write_cfg()
|
||||
app = get_app(pub)
|
||||
app.get('/saml/metadata', status=404)
|
||||
resp = app.get('/admin/settings/')
|
||||
resp = resp.click(href='identification/idp/')
|
||||
resp = resp.click('Service Provider')
|
||||
resp = resp.forms[0].submit()
|
||||
resp = resp.follow()
|
||||
resp_metadata = app.get('/saml/metadata', status=200)
|
||||
assert resp_metadata.body.startswith('<?xml')
|
||||
resp2 = resp.click('Identity Providers')
|
||||
resp2.click('New') # this would then require file upload support
|
||||
|
||||
from test_saml_auth import setup_environment
|
||||
setup_environment(pub)
|
||||
|
||||
resp = resp.click('Identity Providers')
|
||||
assert 'http://sso.example.net/' in resp.body
|
||||
resp2 = resp.click(href='http-sso.example.net-saml2-metadata/', index=0)
|
||||
assert 'ns0:EntityDescriptor' in resp2.body
|
||||
resp = resp.click(href='http-sso.example.net-saml2-metadata/edit')
|
||||
resp = resp.forms[0].submit('submit')
|
||||
resp = resp.follow()
|
||||
|
||||
# test that login initiates a SSO
|
||||
login_resp = app.get('/login/', status=302)
|
||||
assert login_resp.location.startswith('http://sso.example.net/saml2/sso?SAMLRequest')
|
||||
|
||||
resp = resp.click(href='/admin/settings/identification/idp/idp/') # breadcrumb
|
||||
resp = resp.click(href='http-sso.example.net-saml2-metadata/delete')
|
||||
resp = resp.forms[0].submit() # confirm delete
|
||||
assert len(pub.cfg['idp']) == 0
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ def setup_module(module):
|
|||
global pub
|
||||
pub = create_temporary_pub()
|
||||
|
||||
def setup_environment(idp_number=1):
|
||||
def setup_environment(pub, idp_number=1):
|
||||
pub.cfg = {}
|
||||
pub.cfg['sp'] = {
|
||||
'saml2_metadata': 'saml2-metadata.xml',
|
||||
|
|
@ -83,7 +83,7 @@ def teardown_module(module):
|
|||
shutil.rmtree(pub.APP_DIR)
|
||||
|
||||
def test_login():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
req = HTTPRequest(None, {
|
||||
'SERVER_NAME': 'example.net',
|
||||
'SCRIPT_NAME': '',
|
||||
|
|
@ -132,7 +132,7 @@ def get_assertion_consumer_request():
|
|||
return req
|
||||
|
||||
def test_saml_metadata():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
req = HTTPRequest(None, {'SERVER_NAME': 'example.net', 'SCRIPT_NAME': '', })
|
||||
pub._set_request(req)
|
||||
|
||||
|
|
@ -142,7 +142,7 @@ def test_saml_metadata():
|
|||
assert req.response.content_type == 'text/xml'
|
||||
|
||||
def test_saml_public_key():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
req = HTTPRequest(None, {'SERVER_NAME': 'example.net', 'SCRIPT_NAME': '', })
|
||||
pub._set_request(req)
|
||||
|
||||
|
|
@ -152,7 +152,7 @@ def test_saml_public_key():
|
|||
assert req.response.content_type == 'application/octet-stream'
|
||||
|
||||
def test_assertion_consumer():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
req = get_assertion_consumer_request()
|
||||
saml2 = Saml2Directory()
|
||||
body = saml2.assertionConsumerPost()
|
||||
|
|
@ -163,7 +163,7 @@ def test_assertion_consumer():
|
|||
|
||||
def test_assertion_consumer_existing_federation():
|
||||
# 1st pass to generate a name id
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
req = get_assertion_consumer_request()
|
||||
saml2 = Saml2Directory()
|
||||
saml_response_body = req.form['SAMLResponse']
|
||||
|
|
@ -199,7 +199,7 @@ def test_assertion_consumer_existing_federation():
|
|||
assert req.session.user == 17
|
||||
|
||||
def test_assertion_consumer_redirect_after_url():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
req = get_assertion_consumer_request()
|
||||
req.session.after_url = '/foobar'
|
||||
saml2 = Saml2Directory()
|
||||
|
|
@ -208,13 +208,13 @@ def test_assertion_consumer_redirect_after_url():
|
|||
assert req.response.headers['location'] == 'http://example.net/foobar'
|
||||
|
||||
def test_saml_login_page():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
resp = get_app(pub).get('/login/')
|
||||
assert resp.status_int == 302
|
||||
assert resp.location.startswith('http://sso.example.net/saml2/sso?SAMLRequest=')
|
||||
|
||||
def test_saml_login_page_several_idp():
|
||||
setup_environment(idp_number=4)
|
||||
setup_environment(pub, idp_number=4)
|
||||
# even if there are multiple IdP, /login/ will initiate SSO with the first
|
||||
# one.
|
||||
resp = get_app(pub).get('/login/')
|
||||
|
|
@ -222,7 +222,7 @@ def test_saml_login_page_several_idp():
|
|||
assert resp.location.startswith('http://sso.example.net/saml2/sso?SAMLRequest=')
|
||||
|
||||
def test_saml_register():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
get_app(pub).get('/register/', status=404)
|
||||
pub.cfg['saml_identities'] = {'identity-creation': 'self'}
|
||||
pub.write_cfg()
|
||||
|
|
@ -249,7 +249,7 @@ def test_saml_register():
|
|||
assert resp.location == 'http://sso.example.net/registration?next_url=http%3A%2F%2Fexample.net%2Fregister%2F'
|
||||
|
||||
def test_saml_logout():
|
||||
setup_environment()
|
||||
setup_environment(pub)
|
||||
req = get_assertion_consumer_request()
|
||||
saml2 = Saml2Directory()
|
||||
saml2.assertionConsumerPost()
|
||||
|
|
|
|||
Loading…
Reference in New Issue