2
# -*- coding: utf-8 -*-
5
from saml2.authn_context import INTERNETPROTOCOLPASSWORD
6
from saml2.saml import NAMEID_FORMAT_TRANSIENT
7
from saml2.samlp import NameIDPolicy
8
from s2repoze.plugins.sp import make_plugin
9
from saml2.server import Server
11
ENV1 = {'SERVER_SOFTWARE': 'CherryPy/3.1.2 WSGI Server',
13
'ACTUAL_SERVER_PROTOCOL': 'HTTP/1.1',
14
'REQUEST_METHOD': 'GET',
15
'PATH_INFO': '/krissms',
16
'SERVER_PROTOCOL': 'HTTP/1.1',
18
'REMOTE_ADDR': '127.0.0.1',
20
'Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_2; en-us) ',
21
'HTTP_CONNECTION': 'keep-alive',
22
'SERVER_NAME': 'lingon-catalogix-se-2.local',
23
'REMOTE_PORT': '57309',
24
'wsgi.url_scheme': 'http',
25
'SERVER_PORT': '8087',
26
'HTTP_HOST': '127.0.0.1:8087',
27
'wsgi.multithread': True,
29
'application/xml,application/xhtml+xml,text/html;q=0.9,'
30
'text/plain;q=0.8,image/png,*/*;q=0.5',
31
'wsgi.version': (1, 0),
32
'wsgi.run_once': False,
33
'wsgi.multiprocess': False,
34
'HTTP_ACCEPT_LANGUAGE': 'en-us',
35
'HTTP_ACCEPT_ENCODING': 'gzip, deflate'}
37
trans_name_policy = NameIDPolicy(format=NAMEID_FORMAT_TRANSIENT,
41
"class_ref": INTERNETPROTOCOLPASSWORD,
42
"authn_auth": "http://www.example.com/login"
47
def setup_class(self):
48
self.sp = make_plugin("rem", saml_conf="server_conf")
49
self.server = Server(config_file="idp_conf")
51
def teardown_class(self):
57
def test_identify(self):
58
# Create a SAMLResponse
59
ava = {"givenName": ["Derek"], "surName": ["Jeter"],
60
"mail": ["derek@nyy.mlb.com"], "title": ["The man"]}
62
resp_str = "%s" % self.server.create_authn_response(
63
ava, "id1", "http://lingon.catalogix.se:8087/",
64
"urn:mace:example.com:saml:roland:sp", trans_name_policy,
65
"foba0001@example.com", authn=AUTHN)
67
resp_str = base64.encodestring(resp_str)
68
self.sp.outstanding_queries = {"id1": "http://www.example.com/service"}
69
session_info = self.sp._eval_authn_response(
70
{}, {"SAMLResponse": [resp_str]})
72
assert len(session_info) > 1
73
assert session_info["came_from"] == 'http://www.example.com/service'
74
assert session_info["ava"] == {'givenName': ['Derek'],
75
'mail': ['derek@nyy.mlb.com'],
80
if __name__ == "__main__":