Skip to content

Commit eb784f8

Browse files
pitbulkpitbulk
committed
Fix test suite
1 parent 7f6b527 commit eb784f8

File tree

3 files changed

+88
-110
lines changed

3 files changed

+88
-110
lines changed

onelogin/saml/__init__.py

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@
33
ResponseValidationError,
44
ResponseNameIDError,
55
ResponseConditionError,
6+
ResponseSubjectConfirmationError,
67
)
78
import AuthRequest
89
import SignatureVerifier

onelogin/saml/test/TestResponse.py

Lines changed: 87 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,7 @@
1111
ResponseValidationError,
1212
ResponseNameIDError,
1313
ResponseConditionError,
14+
ResponseSubjectConfirmationError,
1415
)
1516

1617
test_response = """<samlp:Response
@@ -92,14 +93,17 @@ def test__init__(self):
9293
from_string.returns('foo document')
9394

9495
request_data = {
95-
'http_host': 'example.com',
96-
'script_name': 'index.html'
96+
'server_port': '443',
97+
'http_host': 'sp.example.com',
98+
'path_info': '/SAML2/SSO/POST',
99+
'script_name': ''
97100
}
98101

99102
res = Response(
100103
request_data=request_data,
101104
response='foo response',
102105
signature='foo signature',
106+
issuer='https://sp.example.com/SAML2',
103107
_base64=fake_base64,
104108
_etree=fake_etree,
105109
)
@@ -110,9 +114,18 @@ def test__init__(self):
110114
@fudge.with_fakes
111115
def test_get_name_id_simple(self):
112116
encoded_response = base64.b64encode(test_response)
117+
request_data = {
118+
'server_port': '443',
119+
'http_host': 'sp.example.com',
120+
'path_info': '/SAML2/SSO/POST',
121+
'script_name': ''
122+
}
123+
113124
res = Response(
125+
request_data=request_data,
114126
response=encoded_response,
115127
signature=None,
128+
issuer='https://sp.example.com/SAML2',
116129
)
117130
name_id = res.name_id
118131

@@ -178,9 +191,19 @@ def test_get_name_id_multiple(self):
178191
</samlp:Response>
179192
"""
180193
encoded_response = base64.b64encode(response)
194+
195+
request_data = {
196+
'server_port': '443',
197+
'http_host': 'sp.example.com',
198+
'path_info': '/SAML2/SSO/POST',
199+
'script_name': ''
200+
}
201+
181202
res = Response(
203+
request_data=request_data,
182204
response=encoded_response,
183205
signature=None,
206+
issuer='https://sp.example.com/SAML2',
184207
)
185208
msg = assert_raises(
186209
ResponseNameIDError,
@@ -244,9 +267,19 @@ def test_get_name_id_none(self):
244267
</samlp:Response>
245268
"""
246269
encoded_response = base64.b64encode(response)
270+
271+
request_data = {
272+
'server_port': '443',
273+
'http_host': 'sp.example.com',
274+
'path_info': '/SAML2/SSO/POST',
275+
'script_name': ''
276+
}
277+
247278
res = Response(
279+
request_data=request_data,
248280
response=encoded_response,
249281
signature=None,
282+
issuer='https://sp.example.com/SAML2',
250283
)
251284
msg = assert_raises(
252285
ResponseNameIDError,
@@ -315,9 +348,18 @@ def test_is_valid_not_before_missing(self):
315348
</samlp:Response>
316349
"""
317350
encoded_response = base64.b64encode(response)
351+
request_data = {
352+
'server_port': '443',
353+
'http_host': 'sp.example.com',
354+
'path_info': '/SAML2/SSO/POST',
355+
'script_name': ''
356+
}
357+
318358
res = Response(
359+
request_data=request_data,
319360
response=encoded_response,
320361
signature='foo signature',
362+
issuer='https://sp.example.com/SAML2',
321363
)
322364

323365
fake_verifier = fudge.Fake(
@@ -390,71 +432,105 @@ def test_is_valid_not_on_or_after_missing(self):
390432
</samlp:Response>
391433
"""
392434
encoded_response = base64.b64encode(response)
435+
request_data = {
436+
'server_port': '443',
437+
'http_host': 'sp.example.com',
438+
'path_info': '/SAML2/SSO/POST',
439+
'script_name': ''
440+
}
441+
393442
res = Response(
443+
request_data=request_data,
394444
response=encoded_response,
395445
signature=None,
446+
issuer='https://sp.example.com/SAML2',
396447
)
397448
msg = assert_raises(
398-
ResponseConditionError,
449+
ResponseSubjectConfirmationError,
399450
res.is_valid,
400451
)
401452

402453
eq(
403454
str(msg),
404-
('There was a problem validating a condition:' +
405-
' Did not find NotOnOrAfter condition'),
455+
('There was a problem validating the response, no valid SubjectConfirmation' +
456+
' found: A valid SubjectConfirmation was not found on this Response'),
406457
)
407458

408459
@fudge.with_fakes
409460
def test_is_valid_current_time_earlier(self):
410461
encoded_response = base64.b64encode(test_response)
462+
request_data = {
463+
'server_port': '443',
464+
'http_host': 'sp.example.com',
465+
'path_info': '/SAML2/SSO/POST',
466+
'script_name': ''
467+
}
468+
411469
res = Response(
470+
request_data=request_data,
412471
response=encoded_response,
413472
signature=None,
414473
)
415474

416475
def fake_clock():
417476
return datetime(2004, 12, 05, 9, 16, 45, 462796)
418477
msg = assert_raises(
419-
ResponseValidationError,
478+
ResponseConditionError,
420479
res.is_valid,
421480
_clock=fake_clock,
422481
)
423482

424483
eq(
425484
str(msg),
426-
('There was a problem validating the response: Current time is ' +
427-
'earlier than NotBefore condition'),
485+
('There was a problem validating a condition: Timing issue'),
428486
)
429487

430488
@fudge.with_fakes
431489
def test_is_valid_current_time_on_or_after(self):
432490
encoded_response = base64.b64encode(test_response)
491+
492+
request_data = {
493+
'server_port': '443',
494+
'http_host': 'sp.example.com',
495+
'path_info': '/SAML2/SSO/POST',
496+
'script_name': ''
497+
}
498+
433499
res = Response(
500+
request_data=request_data,
434501
response=encoded_response,
435502
signature=None,
503+
issuer='https://sp.example.com/SAML2',
436504
)
437505

438506
def fake_clock():
439507
return datetime(2004, 12, 05, 9, 30, 45, 462796)
440508
msg = assert_raises(
441-
ResponseValidationError,
509+
ResponseConditionError,
442510
res.is_valid,
443511
_clock=fake_clock,
444512
)
445513

446514
eq(
447515
str(msg),
448-
('There was a problem validating the response: Current time is ' +
449-
'on or after NotOnOrAfter condition'),
516+
('There was a problem validating a condition: Timing issue'),
450517
)
451518

452519
@fudge.with_fakes
453520
def test_is_valid_simple(self):
454521
encoded_response = base64.b64encode(test_response)
522+
request_data = {
523+
'server_port': '443',
524+
'http_host': 'sp.example.com',
525+
'path_info': '/SAML2/SSO/POST',
526+
'script_name': ''
527+
}
528+
455529
res = Response(
530+
request_data=request_data,
456531
response=encoded_response,
457532
signature='foo signature',
533+
issuer='https://sp.example.com/SAML2',
458534
)
459535

460536
def fake_clock():
@@ -466,7 +542,6 @@ def fake_clock():
466542
)
467543
fake_verifier.times_called(1)
468544
fake_verifier.with_args(res._document, 'foo signature')
469-
470545
fake_verifier.returns(True)
471546

472547
msg = res.is_valid(

onelogin/saml/test/TestSignatureVerifier.py

Lines changed: 0 additions & 98 deletions
Original file line numberDiff line numberDiff line change
@@ -13,104 +13,6 @@ class TestSignatureVerifier(object):
1313
def setUp(self):
1414
fudge.clear_expectations()
1515

16-
@fudge.with_fakes
17-
def test_verify_simple(self):
18-
document = etree.XML('<Response>foo doc</Response>')
19-
20-
fake_etree = fudge.Fake('etree')
21-
fake_etree.remember_order()
22-
to_string = fake_etree.expects('tostring')
23-
to_string.with_args(document)
24-
to_string.returns('<Response>foo doc</Response>')
25-
26-
fake_tempfile = fudge.Fake('tempfile')
27-
fake_tempfile.remember_order()
28-
named_xmlfile = fake_tempfile.expects(
29-
'NamedTemporaryFile'
30-
)
31-
named_xmlfile.with_args(delete=False)
32-
xmlfile = named_xmlfile.returns_fake()
33-
xmlfile.remember_order()
34-
35-
enter = xmlfile.expects('__enter__')
36-
enter.with_arg_count(0)
37-
enter.returns(xmlfile)
38-
39-
write = xmlfile.expects('write')
40-
write.with_args('<Response>foo doc</Response>')
41-
seek = xmlfile.expects('seek')
42-
seek.with_args(0)
43-
44-
exit = xmlfile.expects('__exit__')
45-
exit.with_args(None, None, None)
46-
47-
xmlfile.has_attr(name='xmlfile')
48-
49-
named_certfile = fake_tempfile.next_call(
50-
'NamedTemporaryFile'
51-
)
52-
named_certfile.with_args(delete=False)
53-
certfile = named_certfile.returns_fake()
54-
certfile.remember_order()
55-
56-
enter = certfile.expects('__enter__')
57-
enter.with_arg_count(0)
58-
enter.returns(certfile)
59-
60-
write = certfile.expects('write')
61-
write.with_args(
62-
('-----BEGIN CERTIFICATE-----\nfoo signature\n'
63-
+ '-----END CERTIFICATE-----'
64-
)
65-
)
66-
seek = certfile.expects('seek')
67-
seek.with_args(0)
68-
69-
exit = certfile.expects('__exit__')
70-
exit.with_args(None, None, None)
71-
72-
certfile.has_attr(name='certfile')
73-
74-
fake_subprocess = fudge.Fake('subprocess')
75-
fake_subprocess.remember_order()
76-
popen = fake_subprocess.expects('Popen')
77-
fake_subprocess.has_attr(PIPE=1)
78-
popen.with_args(
79-
[
80-
'xmlsec1',
81-
'--verify',
82-
'--pubkey-cert-pem',
83-
'certfile',
84-
'--id-attr:ID',
85-
'urn:oasis:names:tc:SAML:2.0:assertion:Assertion',
86-
'xmlfile',
87-
],
88-
stderr=1,
89-
stdout=1,
90-
)
91-
proc = popen.returns_fake()
92-
proc.remember_order()
93-
wait = proc.expects('wait')
94-
wait.with_arg_count(0)
95-
stderr = StringIO('OK')
96-
proc.has_attr(stderr=stderr)
97-
98-
fake_os = fudge.Fake('os')
99-
fake_os.remember_order()
100-
remove = fake_os.expects('remove')
101-
remove.with_args('certfile')
102-
remove = fake_os.next_call('remove')
103-
remove.with_args('xmlfile')
104-
105-
SignatureVerifier.verify(
106-
document,
107-
'foo signature',
108-
_etree=fake_etree,
109-
_tempfile=fake_tempfile,
110-
_subprocess=fake_subprocess,
111-
_os=fake_os,
112-
)
113-
11416
@fudge.with_fakes
11517
def test_get_xmlsec_bin_default(self):
11618
fake_platform = fudge.Fake('platform')

0 commit comments

Comments
 (0)