Merge branch 'issue-88'

This commit is contained in:
Benjamin Dauvergne 2010-06-29 09:15:02 +00:00
parent 6f617027e9
commit c1a4ba2fc0
6 changed files with 57 additions and 21 deletions

View File

@ -293,7 +293,6 @@ class BindingTestCase(unittest.TestCase):
mdata = os.path.join(dataDir, 'sp7-saml2', 'metadata.xml')
password = file(os.path.join(dataDir, 'sp7-saml2', 'password')).read().strip()
server = lasso.Server(mdata, pkey, password)
print server
assert isinstance(server, lasso.Server)
server_dump = server.dump()
assert server_dump

View File

@ -208,6 +208,42 @@ class LoginTestCase(unittest.TestCase):
self.failUnless('<action2>do action 2</action2>' in extensionsList[0])
self.failUnless('<action3>do action 3</action3>' in extensionsList[0])
def test05(self):
'''SAMLv2 Authn request emitted and received using Artifact binding'''
sp = lasso.Server(
os.path.join(dataDir, 'sp5-saml2/metadata.xml'),
os.path.join(dataDir, 'sp5-saml2/private-key.pem'))
assert sp
sp.addProvider(
lasso.PROVIDER_ROLE_IDP,
os.path.join(dataDir, 'idp5-saml2/metadata.xml'))
sp_login = lasso.Login(sp)
assert sp_login
sp_login.initAuthnRequest(None, lasso.HTTP_METHOD_ARTIFACT_GET)
sp_login.buildAuthnRequestMsg()
sp_login_dump = sp_login.dump()
idp = lasso.Server(
os.path.join(dataDir, 'idp5-saml2/metadata.xml'),
os.path.join(dataDir, 'idp5-saml2/private-key.pem'))
idp.addProvider(
lasso.PROVIDER_ROLE_SP,
os.path.join(dataDir, 'sp5-saml2/metadata.xml'))
idp_login = lasso.Login(idp)
idp_login.initRequest(sp_login.msgUrl.split('?')[1], lasso.HTTP_METHOD_ARTIFACT_GET)
idp_login.buildRequestMsg()
sp_login2 = lasso.Login.newFromDump(sp, sp_login_dump)
assert isinstance(sp_login2, lasso.Login)
assert idp_login.msgBody
sp_login2.processRequestMsg(idp_login.msgBody)
sp_login2.buildResponseMsg()
assert sp_login2.msgBody
try:
idp_login.processResponseMsg(sp_login2.msgBody)
except:
print idp_login.response
raise
assert isinstance(idp_login.request, lasso.Samlp2AuthnRequest)
class LogoutTestCase(unittest.TestCase):
def test01(self):
@ -294,21 +330,6 @@ class LogoutTestCase(unittest.TestCase):
else:
self.fail('Logout processResponseMsg should have failed.')
def test05(self):
"""IDP logout; testing logout dump & newFromDump()."""
lassoServer = lasso.Server(
os.path.join(dataDir, 'idp1-la/metadata.xml'),
os.path.join(dataDir, 'idp1-la/private-key-raw.pem'),
None,
os.path.join(dataDir, 'idp1-la/certificate.pem'))
lassoServer.addProvider(
lasso.PROVIDER_ROLE_SP,
os.path.join(dataDir, 'sp1-la/metadata.xml'),
os.path.join(dataDir, 'sp1-la/public-key.pem'),
os.path.join(dataDir, 'sp1-la/certificate.pem'))
class DefederationTestCase(unittest.TestCase):
def test01(self):
"""IDP initiated defederation; testing processNotificationMsg with non Liberty query."""

View File

@ -52,6 +52,7 @@
#include "../xml/saml-2.0/saml2_attribute_value.h"
#include "../xml/saml-2.0/saml2_name_id.h"
#include "../xml/saml-2.0/saml2_xsd.h"
#include "../xml/saml-2.0/samlp2_artifact_response.h"
#include "../utils.h"
@ -1078,8 +1079,11 @@ lasso_saml20_login_process_response_msg(LassoLogin *login, gchar *response_msg)
if (rc) {
return rc;
}
return lasso_saml20_login_process_response_status_and_assertion(login);
if (LASSO_IS_SAMLP2_ARTIFACT_RESPONSE(login->parent.response)) {
return lasso_saml20_login_process_authn_request_msg(login, NULL);
} else {
return lasso_saml20_login_process_response_status_and_assertion(login);
}
}
static gint

View File

@ -424,10 +424,16 @@ lasso_saml20_profile_process_artifact_response(LassoProfile *profile, const char
goto_cleanup_if_fail_with_rc(profile->response != NULL,
critical_error(LASSO_PROFILE_ERROR_INVALID_RESPONSE));
if (artifact_response->any == NULL) {
lasso_release_gobject(profile->response);
goto_cleanup_with_rc(LASSO_PROFILE_ERROR_MISSING_RESPONSE);
rc = LASSO_PROFILE_ERROR_MISSING_RESPONSE;
} else {
if (LASSO_IS_SAMLP2_REQUEST_ABSTRACT(artifact_response->any)) {
lasso_assign_gobject(profile->request, artifact_response->any);
} else if (LASSO_IS_SAMLP2_STATUS_RESPONSE(artifact_response->any)) {
lasso_assign_gobject(profile->response, artifact_response->any);
} else {
rc = LASSO_PROFILE_ERROR_INVALID_RESPONSE;
}
}
lasso_assign_gobject(profile->response, artifact_response->any);
cleanup:
lasso_release_gobject(artifact_response);

View File

@ -82,6 +82,9 @@ LlTxKnCrWAXftSm1rNtewTsF
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://idp5/singleSignOnSOAP" />
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
Location="http://idp5/singleSignOnArtifact" />
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en">Entr'ouvert</OrganizationName>

View File

@ -64,6 +64,9 @@ LlTxKnCrWAXftSm1rNtewTsF
</ds:KeyInfo>
</KeyDescriptor>
<ArtifactResolutionService isDefault="true" index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://sp5/artifact" />
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://sp5/singleLogoutSOAP" />