tests: add a SSO test with DSA keys to python bindings tests
This commit is contained in:
parent
f8ea3cda2d
commit
050afd2246
|
@ -272,6 +272,34 @@ class LoginTestCase(unittest.TestCase):
|
|||
sp_login.processAuthnResponseMsg(idp_login.msgBody)
|
||||
sp_login.acceptSso()
|
||||
|
||||
def test07(self):
|
||||
'''SAMLv2 SSO with DSA key for the IdP'''
|
||||
sp = lasso.Server(
|
||||
os.path.join(dataDir, 'sp5-saml2/metadata.xml'),
|
||||
os.path.join(dataDir, 'sp5-saml2/private-key.pem'))
|
||||
assert sp
|
||||
sp.addProvider(
|
||||
lasso.PROVIDER_ROLE_IDP,
|
||||
os.path.join(dataDir, 'idp12-dsa-saml2/metadata.xml'))
|
||||
sp_login = lasso.Login(sp)
|
||||
assert sp_login
|
||||
sp_login.initAuthnRequest(None, lasso.HTTP_METHOD_REDIRECT)
|
||||
sp_login.buildAuthnRequestMsg()
|
||||
idp = lasso.Server(
|
||||
os.path.join(dataDir, 'idp12-dsa-saml2/metadata.xml'),
|
||||
os.path.join(dataDir, 'idp12-dsa-saml2/private-key.pem'))
|
||||
idp.signatureMethod = lasso.SIGNATURE_METHOD_DSA_SHA1
|
||||
idp.addProvider(
|
||||
lasso.PROVIDER_ROLE_SP,
|
||||
os.path.join(dataDir, 'sp5-saml2/metadata.xml'))
|
||||
idp_login = lasso.Login(idp)
|
||||
print sp_login.msgUrl
|
||||
idp_login.processAuthnRequestMsg(sp_login.msgUrl.split('?')[1])
|
||||
idp_login.protocolProfile = lasso.LOGIN_PROTOCOL_PROFILE_BRWS_POST;
|
||||
idp_login.validateRequestMsg(True, True)
|
||||
idp_login.buildAssertion("None", "None", "None", "None", "None")
|
||||
idp_login.buildAuthnResponseMsg()
|
||||
|
||||
class LogoutTestCase(unittest.TestCase):
|
||||
def test01(self):
|
||||
"""SP logout without session and identity; testing initRequest."""
|
||||
|
|
|
@ -0,0 +1,94 @@
|
|||
<?xml version="1.0"?>
|
||||
<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"
|
||||
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
|
||||
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
|
||||
entityID="http://idp5/metadata">
|
||||
<IDPSSODescriptor
|
||||
WantAuthnRequestsSigned="true"
|
||||
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
|
||||
<KeyDescriptor use="signing">
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
<ds:X509Data><ds:X509Certificate>
|
||||
MIIDsDCCA3CgAwIBAgIBATAJBgcqhkjOOAQDMIGFMQswCQYDVQQGEwJVUzELMAkG
|
||||
A1UECBMCQ0ExCzAJBgNVBAcTAlNKMREwDwYDVQQKEwhJcm9uUG9ydDELMAkGA1UE
|
||||
CxMCcWExHDAaBgNVBAMME0RTQTEwMjRfU0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0B
|
||||
CQEWD2hiYXJ6aW5AbWFpbC5xYTAeFw0xMjA0MDQwMDI3MDBaFw0xMzA0MDQwMDI3
|
||||
MDBaMIGFMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNKMREw
|
||||
DwYDVQQKEwhJcm9uUG9ydDELMAkGA1UECxMCcWExHDAaBgNVBAMME0RTQTEwMjRf
|
||||
U0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0BCQEWD2hiYXJ6aW5AbWFpbC5xYTCCAbgw
|
||||
ggEsBgcqhkjOOAQBMIIBHwKBgQCcShHE1F8mmcKpd4dSPX5SB+SrlTyBGBBhlLyx
|
||||
iW7/VhMy9wQ/CL8bTOLh8QH1cB80TzYzHxDfYRGO/lEd6RyFjTxiug3s8ca91M2R
|
||||
H3dPIC1p5b7obs0jXJNGY52+54G4UFk9eFTRmcf7pE3GuPOtTtHxHkLvuzQJWHS8
|
||||
5xAPiwIVAKMz1hUnqArzTw0TJPtpHkT5cvtJAoGBAIAj9xJRC0xeXhlzvEXFLqnJ
|
||||
XTIrBEeQiwtH7yoGJCZVRkPB28pKFszDnt61IkdU5H+zhEqgiMOo+hGHH3imePCS
|
||||
xLGNnmAx/PR7qqPJPEK+nweLMixCFgjg3FzVc/Re3PbRbW0Rx9yIZjwnSFSq0som
|
||||
QACzJqZfTe421NGJilBuA4GFAAKBgQCW2Ts1hQ/2dPM+Qcuh+iCrHhhdvSda+4D+
|
||||
k/defiMm7Bmdj56Xrgjv9j9ZEXaZBHJkx1XnXbrEXfYQkSIK77+d+MLorC/SM5Yz
|
||||
2xXatP8tnSmQE9cE4Lb9/OfNFbs+JBNKjiBi5ZrB8phiPQULdh4vkE2QAj77DB3R
|
||||
feAGMljBHqNvMG0wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUopBgnBRcDnmbgd42
|
||||
wcHXpHV94WMwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDAeBglghkgB
|
||||
hvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMAkGByqGSM44BAMDLwAwLAIUNrgbrTIl
|
||||
xUCNFUTbcILsXO2J4awCFF7XlpaByAVaK3OZxd+7C6sPq6yi
|
||||
</ds:X509Certificate></ds:X509Data>
|
||||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
<KeyDescriptor use="encryption">
|
||||
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
|
||||
<ds:KeyValue>
|
||||
|
||||
MIIDsDCCA3CgAwIBAgIBATAJBgcqhkjOOAQDMIGFMQswCQYDVQQGEwJVUzELMAkG
|
||||
A1UECBMCQ0ExCzAJBgNVBAcTAlNKMREwDwYDVQQKEwhJcm9uUG9ydDELMAkGA1UE
|
||||
CxMCcWExHDAaBgNVBAMME0RTQTEwMjRfU0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0B
|
||||
CQEWD2hiYXJ6aW5AbWFpbC5xYTAeFw0xMjA0MDQwMDI3MDBaFw0xMzA0MDQwMDI3
|
||||
MDBaMIGFMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExCzAJBgNVBAcTAlNKMREw
|
||||
DwYDVQQKEwhJcm9uUG9ydDELMAkGA1UECxMCcWExHDAaBgNVBAMME0RTQTEwMjRf
|
||||
U0hBMV9TRVJWRVIxHjAcBgkqhkiG9w0BCQEWD2hiYXJ6aW5AbWFpbC5xYTCCAbgw
|
||||
ggEsBgcqhkjOOAQBMIIBHwKBgQCcShHE1F8mmcKpd4dSPX5SB+SrlTyBGBBhlLyx
|
||||
iW7/VhMy9wQ/CL8bTOLh8QH1cB80TzYzHxDfYRGO/lEd6RyFjTxiug3s8ca91M2R
|
||||
H3dPIC1p5b7obs0jXJNGY52+54G4UFk9eFTRmcf7pE3GuPOtTtHxHkLvuzQJWHS8
|
||||
5xAPiwIVAKMz1hUnqArzTw0TJPtpHkT5cvtJAoGBAIAj9xJRC0xeXhlzvEXFLqnJ
|
||||
XTIrBEeQiwtH7yoGJCZVRkPB28pKFszDnt61IkdU5H+zhEqgiMOo+hGHH3imePCS
|
||||
xLGNnmAx/PR7qqPJPEK+nweLMixCFgjg3FzVc/Re3PbRbW0Rx9yIZjwnSFSq0som
|
||||
QACzJqZfTe421NGJilBuA4GFAAKBgQCW2Ts1hQ/2dPM+Qcuh+iCrHhhdvSda+4D+
|
||||
k/defiMm7Bmdj56Xrgjv9j9ZEXaZBHJkx1XnXbrEXfYQkSIK77+d+MLorC/SM5Yz
|
||||
2xXatP8tnSmQE9cE4Lb9/OfNFbs+JBNKjiBi5ZrB8phiPQULdh4vkE2QAj77DB3R
|
||||
feAGMljBHqNvMG0wDAYDVR0TAQH/BAIwADAdBgNVHQ4EFgQUopBgnBRcDnmbgd42
|
||||
wcHXpHV94WMwCwYDVR0PBAQDAgXgMBEGCWCGSAGG+EIBAQQEAwIGQDAeBglghkgB
|
||||
hvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMAkGByqGSM44BAMDLwAwLAIUNrgbrTIl
|
||||
xUCNFUTbcILsXO2J4awCFF7XlpaByAVaK3OZxd+7C6sPq6yi
|
||||
</ds:KeyValue>
|
||||
</ds:KeyInfo>
|
||||
</KeyDescriptor>
|
||||
|
||||
<ArtifactResolutionService isDefault="true" index="0"
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://idp5/artifact" />
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://idp5/singleLogoutSOAP" />
|
||||
<SingleLogoutService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://idp5/singleLogout"
|
||||
ResponseLocation="http://idp5/singleLogoutReturn" />
|
||||
<ManageNameIDService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://idp5/manageNameIdSOAP" />
|
||||
<ManageNameIDService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://idp5/manageNameId"
|
||||
ResponseLocation="http://idp5/manageNameIdReturn" />
|
||||
<SingleSignOnService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
|
||||
Location="http://idp5/singleSignOn" />
|
||||
<SingleSignOnService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
|
||||
Location="http://idp5/singleSignOnSOAP" />
|
||||
<SingleSignOnService
|
||||
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
|
||||
Location="http://idp5/singleSignOnArtifact" />
|
||||
</IDPSSODescriptor>
|
||||
<Organization>
|
||||
<OrganizationName xml:lang="en">Entr'ouvert</OrganizationName>
|
||||
</Organization>
|
||||
|
||||
</EntityDescriptor>
|
|
@ -0,0 +1,12 @@
|
|||
-----BEGIN DSA PRIVATE KEY-----
|
||||
MIIBvAIBAAKBgQCcShHE1F8mmcKpd4dSPX5SB+SrlTyBGBBhlLyxiW7/VhMy9wQ/
|
||||
CL8bTOLh8QH1cB80TzYzHxDfYRGO/lEd6RyFjTxiug3s8ca91M2RH3dPIC1p5b7o
|
||||
bs0jXJNGY52+54G4UFk9eFTRmcf7pE3GuPOtTtHxHkLvuzQJWHS85xAPiwIVAKMz
|
||||
1hUnqArzTw0TJPtpHkT5cvtJAoGBAIAj9xJRC0xeXhlzvEXFLqnJXTIrBEeQiwtH
|
||||
7yoGJCZVRkPB28pKFszDnt61IkdU5H+zhEqgiMOo+hGHH3imePCSxLGNnmAx/PR7
|
||||
qqPJPEK+nweLMixCFgjg3FzVc/Re3PbRbW0Rx9yIZjwnSFSq0somQACzJqZfTe42
|
||||
1NGJilBuAoGBAJbZOzWFD/Z08z5By6H6IKseGF29J1r7gP6T915+IybsGZ2Pnpeu
|
||||
CO/2P1kRdpkEcmTHVeddusRd9hCRIgrvv534wuisL9IzljPbFdq0/y2dKZAT1wTg
|
||||
tv38580Vuz4kE0qOIGLlmsHymGI9BQt2Hi+QTZACPvsMHdF94AYyWMEeAhRv7V+3
|
||||
CzayXAXi95cvJTWAbc7dEQ==
|
||||
-----END DSA PRIVATE KEY-----
|
Loading…
Reference in New Issue