Merge branch 'issue-88'
This commit is contained in:
parent
6f617027e9
commit
c1a4ba2fc0
|
@ -293,7 +293,6 @@ class BindingTestCase(unittest.TestCase):
|
|||
mdata = os.path.join(dataDir, 'sp7-saml2', 'metadata.xml')
|
||||
password = file(os.path.join(dataDir, 'sp7-saml2', 'password')).read().strip()
|
||||
server = lasso.Server(mdata, pkey, password)
|
||||
print server
|
||||
assert isinstance(server, lasso.Server)
|
||||
server_dump = server.dump()
|
||||
assert server_dump
|
||||
|
|
|
@ -208,6 +208,42 @@ class LoginTestCase(unittest.TestCase):
|
|||
self.failUnless('<action2>do action 2</action2>' in extensionsList[0])
|
||||
self.failUnless('<action3>do action 3</action3>' in extensionsList[0])
|
||||
|
||||
def test05(self):
|
||||
'''SAMLv2 Authn request emitted and received using Artifact binding'''
|
||||
|
||||
sp = lasso.Server(
|
||||
os.path.join(dataDir, 'sp5-saml2/metadata.xml'),
|
||||
os.path.join(dataDir, 'sp5-saml2/private-key.pem'))
|
||||
assert sp
|
||||
sp.addProvider(
|
||||
lasso.PROVIDER_ROLE_IDP,
|
||||
os.path.join(dataDir, 'idp5-saml2/metadata.xml'))
|
||||
sp_login = lasso.Login(sp)
|
||||
assert sp_login
|
||||
sp_login.initAuthnRequest(None, lasso.HTTP_METHOD_ARTIFACT_GET)
|
||||
sp_login.buildAuthnRequestMsg()
|
||||
sp_login_dump = sp_login.dump()
|
||||
idp = lasso.Server(
|
||||
os.path.join(dataDir, 'idp5-saml2/metadata.xml'),
|
||||
os.path.join(dataDir, 'idp5-saml2/private-key.pem'))
|
||||
idp.addProvider(
|
||||
lasso.PROVIDER_ROLE_SP,
|
||||
os.path.join(dataDir, 'sp5-saml2/metadata.xml'))
|
||||
idp_login = lasso.Login(idp)
|
||||
idp_login.initRequest(sp_login.msgUrl.split('?')[1], lasso.HTTP_METHOD_ARTIFACT_GET)
|
||||
idp_login.buildRequestMsg()
|
||||
sp_login2 = lasso.Login.newFromDump(sp, sp_login_dump)
|
||||
assert isinstance(sp_login2, lasso.Login)
|
||||
assert idp_login.msgBody
|
||||
sp_login2.processRequestMsg(idp_login.msgBody)
|
||||
sp_login2.buildResponseMsg()
|
||||
assert sp_login2.msgBody
|
||||
try:
|
||||
idp_login.processResponseMsg(sp_login2.msgBody)
|
||||
except:
|
||||
print idp_login.response
|
||||
raise
|
||||
assert isinstance(idp_login.request, lasso.Samlp2AuthnRequest)
|
||||
|
||||
class LogoutTestCase(unittest.TestCase):
|
||||
def test01(self):
|
||||
|
@ -294,21 +330,6 @@ class LogoutTestCase(unittest.TestCase):
|
|||
else:
|
||||
self.fail('Logout processResponseMsg should have failed.')
|
||||
|
||||
def test05(self):
|
||||
"""IDP logout; testing logout dump & newFromDump()."""
|
||||
|
||||
lassoServer = lasso.Server(
|
||||
os.path.join(dataDir, 'idp1-la/metadata.xml'),
|
||||
os.path.join(dataDir, 'idp1-la/private-key-raw.pem'),
|
||||
None,
|
||||
os.path.join(dataDir, 'idp1-la/certificate.pem'))
|
||||
lassoServer.addProvider(
|
||||
lasso.PROVIDER_ROLE_SP,
|
||||
os.path.join(dataDir, 'sp1-la/metadata.xml'),
|
||||
os.path.join(dataDir, 'sp1-la/public-key.pem'),
|
||||
os.path.join(dataDir, 'sp1-la/certificate.pem'))
|
||||
|
||||
|
||||
class DefederationTestCase(unittest.TestCase):
|
||||
def test01(self):
|
||||
"""IDP initiated defederation; testing processNotificationMsg with non Liberty query."""
|
||||
|
|
|
@ -52,6 +52,7 @@
|
|||
#include "../xml/saml-2.0/saml2_attribute_value.h"
|
||||
#include "../xml/saml-2.0/saml2_name_id.h"
|
||||
#include "../xml/saml-2.0/saml2_xsd.h"
|
||||
#include "../xml/saml-2.0/samlp2_artifact_response.h"
|
||||
|
||||
#include "../utils.h"
|
||||
|
||||
|
@ -1078,8 +1079,11 @@ lasso_saml20_login_process_response_msg(LassoLogin *login, gchar *response_msg)
|
|||
if (rc) {
|
||||
return rc;
|
||||
}
|
||||
|
||||
return lasso_saml20_login_process_response_status_and_assertion(login);
|
||||
if (LASSO_IS_SAMLP2_ARTIFACT_RESPONSE(login->parent.response)) {
|
||||
return lasso_saml20_login_process_authn_request_msg(login, NULL);
|
||||
} else {
|
||||
return lasso_saml20_login_process_response_status_and_assertion(login);
|
||||
}
|
||||
}
|
||||
|
||||
static gint
|
||||
|
|
|
@ -424,10 +424,16 @@ lasso_saml20_profile_process_artifact_response(LassoProfile *profile, const char
|
|||
goto_cleanup_if_fail_with_rc(profile->response != NULL,
|
||||
critical_error(LASSO_PROFILE_ERROR_INVALID_RESPONSE));
|
||||
if (artifact_response->any == NULL) {
|
||||
lasso_release_gobject(profile->response);
|
||||
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_RESPONSE);
|
||||
rc = LASSO_PROFILE_ERROR_MISSING_RESPONSE;
|
||||
} else {
|
||||
if (LASSO_IS_SAMLP2_REQUEST_ABSTRACT(artifact_response->any)) {
|
||||
lasso_assign_gobject(profile->request, artifact_response->any);
|
||||
} else if (LASSO_IS_SAMLP2_STATUS_RESPONSE(artifact_response->any)) {
|
||||
lasso_assign_gobject(profile->response, artifact_response->any);
|
||||
} else {
|
||||
rc = LASSO_PROFILE_ERROR_INVALID_RESPONSE;
|
||||
}
|
||||
}
|
||||
lasso_assign_gobject(profile->response, artifact_response->any);
|
||||
|
||||
cleanup:
|
||||
lasso_release_gobject(artifact_response);
|
||||
|
|
|
@ -82,6 +82,9 @@ LlTxKnCrWAXftSm1rNtewTsF
|
|||
<SingleSignOnService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://idp5/singleSignOnSOAP" />
|
||||
<SingleSignOnService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||
Location="http://idp5/singleSignOnArtifact" />
|
||||
</IDPSSODescriptor>
|
||||
<Organization>
|
||||
<OrganizationName xml:lang="en">Entr'ouvert</OrganizationName>
|
||||
|
|
|
@ -64,6 +64,9 @@ LlTxKnCrWAXftSm1rNtewTsF
|
|||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
|
||||
<ArtifactResolutionService isDefault="true" index="0"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://sp5/artifact" />
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://sp5/singleLogoutSOAP" />
|
||||
|
|
Loading…
Reference in New Issue