tests: add a SSO test with DSA keys to python bindings tests

This commit is contained in:
Benjamin Dauvergne 2012-07-11 10:57:35 +02:00
parent f8ea3cda2d
commit 050afd2246
3 changed files with 134 additions and 0 deletions

View File

@ -272,6 +272,34 @@ class LoginTestCase(unittest.TestCase):
sp_login.processAuthnResponseMsg(idp_login.msgBody)
sp_login.acceptSso()
def test07(self):
'''SAMLv2 SSO with DSA key for the IdP'''
sp = lasso.Server(
os.path.join(dataDir, 'sp5-saml2/metadata.xml'),
os.path.join(dataDir, 'sp5-saml2/private-key.pem'))
assert sp
sp.addProvider(
lasso.PROVIDER_ROLE_IDP,
os.path.join(dataDir, 'idp12-dsa-saml2/metadata.xml'))
sp_login = lasso.Login(sp)
assert sp_login
sp_login.initAuthnRequest(None, lasso.HTTP_METHOD_REDIRECT)
sp_login.buildAuthnRequestMsg()
idp = lasso.Server(
os.path.join(dataDir, 'idp12-dsa-saml2/metadata.xml'),
os.path.join(dataDir, 'idp12-dsa-saml2/private-key.pem'))
idp.signatureMethod = lasso.SIGNATURE_METHOD_DSA_SHA1
idp.addProvider(
lasso.PROVIDER_ROLE_SP,
os.path.join(dataDir, 'sp5-saml2/metadata.xml'))
idp_login = lasso.Login(idp)
print sp_login.msgUrl
idp_login.processAuthnRequestMsg(sp_login.msgUrl.split('?')[1])
idp_login.protocolProfile = lasso.LOGIN_PROTOCOL_PROFILE_BRWS_POST;
idp_login.validateRequestMsg(True, True)
idp_login.buildAssertion("None", "None", "None", "None", "None")
idp_login.buildAuthnResponseMsg()
class LogoutTestCase(unittest.TestCase):
def test01(self):
"""SP logout without session and identity; testing initRequest."""

View File

@ -0,0 +1,94 @@
<?xml version="1.0"?>
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
entityID="http://idp5/metadata">
<IDPSSODescriptor
WantAuthnRequestsSigned="true"
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<KeyDescriptor use="signing">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data><ds:X509Certificate>
MIIDsDCCA3CgAwIBAgIBATAJBgcqhkjOOAQDMIGFMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCQ0ExCzAJBgNVBAcTAlNKMREwDwYDVQQKEwhJcm9uUG9ydDELMAkGA1UE
CxMCcWExHDAaBgNVBAMME0RTQTEwMjRfU0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0B
CQEWD2hiYXJ6aW5AbWFpbC5xYTAeFw0xMjA0MDQwMDI3MDBaFw0xMzA0MDQwMDI3
MDBaMIGFMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNKMREw
DwYDVQQKEwhJcm9uUG9ydDELMAkGA1UECxMCcWExHDAaBgNVBAMME0RTQTEwMjRf
U0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0BCQEWD2hiYXJ6aW5AbWFpbC5xYTCCAbgw
ggEsBgcqhkjOOAQBMIIBHwKBgQCcShHE1F8mmcKpd4dSPX5SB+SrlTyBGBBhlLyx
iW7/VhMy9wQ/CL8bTOLh8QH1cB80TzYzHxDfYRGO/lEd6RyFjTxiug3s8ca91M2R
H3dPIC1p5b7obs0jXJNGY52+54G4UFk9eFTRmcf7pE3GuPOtTtHxHkLvuzQJWHS8
5xAPiwIVAKMz1hUnqArzTw0TJPtpHkT5cvtJAoGBAIAj9xJRC0xeXhlzvEXFLqnJ
XTIrBEeQiwtH7yoGJCZVRkPB28pKFszDnt61IkdU5H+zhEqgiMOo+hGHH3imePCS
xLGNnmAx/PR7qqPJPEK+nweLMixCFgjg3FzVc/Re3PbRbW0Rx9yIZjwnSFSq0som
QACzJqZfTe421NGJilBuA4GFAAKBgQCW2Ts1hQ/2dPM+Qcuh+iCrHhhdvSda+4D+
k/defiMm7Bmdj56Xrgjv9j9ZEXaZBHJkx1XnXbrEXfYQkSIK77+d+MLorC/SM5Yz
2xXatP8tnSmQE9cE4Lb9/OfNFbs+JBNKjiBi5ZrB8phiPQULdh4vkE2QAj77DB3R
feAGMljBHqNvMG0wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUopBgnBRcDnmbgd42
wcHXpHV94WMwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDAeBglghkgB
hvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMAkGByqGSM44BAMDLwAwLAIUNrgbrTIl
xUCNFUTbcILsXO2J4awCFF7XlpaByAVaK3OZxd+7C6sPq6yi
</ds:X509Certificate></ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<KeyDescriptor use="encryption">
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyValue>
MIIDsDCCA3CgAwIBAgIBATAJBgcqhkjOOAQDMIGFMQswCQYDVQQGEwJVUzELMAkG
A1UECBMCQ0ExCzAJBgNVBAcTAlNKMREwDwYDVQQKEwhJcm9uUG9ydDELMAkGA1UE
CxMCcWExHDAaBgNVBAMME0RTQTEwMjRfU0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0B
CQEWD2hiYXJ6aW5AbWFpbC5xYTAeFw0xMjA0MDQwMDI3MDBaFw0xMzA0MDQwMDI3
MDBaMIGFMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNKMREw
DwYDVQQKEwhJcm9uUG9ydDELMAkGA1UECxMCcWExHDAaBgNVBAMME0RTQTEwMjRf
U0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0BCQEWD2hiYXJ6aW5AbWFpbC5xYTCCAbgw
ggEsBgcqhkjOOAQBMIIBHwKBgQCcShHE1F8mmcKpd4dSPX5SB+SrlTyBGBBhlLyx
iW7/VhMy9wQ/CL8bTOLh8QH1cB80TzYzHxDfYRGO/lEd6RyFjTxiug3s8ca91M2R
H3dPIC1p5b7obs0jXJNGY52+54G4UFk9eFTRmcf7pE3GuPOtTtHxHkLvuzQJWHS8
5xAPiwIVAKMz1hUnqArzTw0TJPtpHkT5cvtJAoGBAIAj9xJRC0xeXhlzvEXFLqnJ
XTIrBEeQiwtH7yoGJCZVRkPB28pKFszDnt61IkdU5H+zhEqgiMOo+hGHH3imePCS
xLGNnmAx/PR7qqPJPEK+nweLMixCFgjg3FzVc/Re3PbRbW0Rx9yIZjwnSFSq0som
QACzJqZfTe421NGJilBuA4GFAAKBgQCW2Ts1hQ/2dPM+Qcuh+iCrHhhdvSda+4D+
k/defiMm7Bmdj56Xrgjv9j9ZEXaZBHJkx1XnXbrEXfYQkSIK77+d+MLorC/SM5Yz
2xXatP8tnSmQE9cE4Lb9/OfNFbs+JBNKjiBi5ZrB8phiPQULdh4vkE2QAj77DB3R
feAGMljBHqNvMG0wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUopBgnBRcDnmbgd42
wcHXpHV94WMwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDAeBglghkgB
hvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMAkGByqGSM44BAMDLwAwLAIUNrgbrTIl
xUCNFUTbcILsXO2J4awCFF7XlpaByAVaK3OZxd+7C6sPq6yi
</ds:KeyValue>
</ds:KeyInfo>
</KeyDescriptor>
<ArtifactResolutionService isDefault="true" index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://idp5/artifact" />
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://idp5/singleLogoutSOAP" />
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://idp5/singleLogout"
ResponseLocation="http://idp5/singleLogoutReturn" />
<ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://idp5/manageNameIdSOAP" />
<ManageNameIDService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://idp5/manageNameId"
ResponseLocation="http://idp5/manageNameIdReturn" />
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://idp5/singleSignOn" />
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://idp5/singleSignOnSOAP" />
<SingleSignOnService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
Location="http://idp5/singleSignOnArtifact" />
</IDPSSODescriptor>
<Organization>
<OrganizationName xml:lang="en">Entr'ouvert</OrganizationName>
</Organization>
</EntityDescriptor>

View File

@ -0,0 +1,12 @@
-----BEGIN DSA PRIVATE KEY-----
MIIBvAIBAAKBgQCcShHE1F8mmcKpd4dSPX5SB+SrlTyBGBBhlLyxiW7/VhMy9wQ/
CL8bTOLh8QH1cB80TzYzHxDfYRGO/lEd6RyFjTxiug3s8ca91M2RH3dPIC1p5b7o
bs0jXJNGY52+54G4UFk9eFTRmcf7pE3GuPOtTtHxHkLvuzQJWHS85xAPiwIVAKMz
1hUnqArzTw0TJPtpHkT5cvtJAoGBAIAj9xJRC0xeXhlzvEXFLqnJXTIrBEeQiwtH
7yoGJCZVRkPB28pKFszDnt61IkdU5H+zhEqgiMOo+hGHH3imePCSxLGNnmAx/PR7
qqPJPEK+nweLMixCFgjg3FzVc/Re3PbRbW0Rx9yIZjwnSFSq0somQACzJqZfTe42
1NGJilBuAoGBAJbZOzWFD/Z08z5By6H6IKseGF29J1r7gP6T915+IybsGZ2Pnpeu
CO/2P1kRdpkEcmTHVeddusRd9hCRIgrvv534wuisL9IzljPbFdq0/y2dKZAT1wTg
tv38580Vuz4kE0qOIGLlmsHymGI9BQt2Hi+QTZACPvsMHdF94AYyWMEeAhRv7V+3
CzayXAXi95cvJTWAbc7dEQ==
-----END DSA PRIVATE KEY-----