From bf4a27ab704581b68ddc24c74d92fc724ea0f124 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Fri, 27 Jun 2014 23:10:12 -0400 Subject: Add test that checks attrs are properly returned Uses the info_nss module to source attirbutes from the system user Signed-off-by: Simo Sorce Reviewed-by: Patrick Uiterwijk --- Makefile | 1 + tests/attrs.py | 161 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 162 insertions(+) create mode 100755 tests/attrs.py diff --git a/Makefile b/Makefile index fc8795a..7426acb 100644 --- a/Makefile +++ b/Makefile @@ -48,6 +48,7 @@ wrappers: tests: wrappers PYTHONPATH=./ ./tests/tests.py --test=test1 + PYTHONPATH=./ ./tests/tests.py --test=attrs test: lp-test tests PYTHONPATH=./ ./ipsilon/tools/saml2metadata.py diff --git a/tests/attrs.py b/tests/attrs.py new file mode 100755 index 0000000..f01dae4 --- /dev/null +++ b/tests/attrs.py @@ -0,0 +1,161 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Simo Sorce +# +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +from helpers.common import IpsilonTestBase # pylint: disable=relative-import +from helpers.http import HttpSessions # pylint: disable=relative-import +import os +import pwd +import sys +from string import Template + + +idp_g = {'TEMPLATES': '${TESTDIR}/templates/install', + 'CONFDIR': '${TESTDIR}/etc', + 'DATADIR': '${TESTDIR}/lib', + 'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d', + 'STATICDIR': '${ROOTDIR}', + 'BINDIR': '${ROOTDIR}/ipsilon', + 'WSGI_SOCKET_PREFIX': '${TESTDIR}/${NAME}/logs/wsgi'} + + +idp_a = {'hostname': '${ADDRESS}:${PORT}', + 'admin_user': '${TEST_USER}', + 'system_user': '${TEST_USER}', + 'instance': '${NAME}', + 'secure': 'no', + 'testauth': 'yes', + 'info_nss': 'yes', + 'pam': 'no', + 'krb': 'no', + 'ipa': 'no', + 'server_debugging': 'True'} + + +sp_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d', + 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf', + 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf', + 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'} + + +sp_a = {'hostname': '${ADDRESS}:${PORT}', + 'saml_idp_metadata': 'http://127.0.0.10:45080/idp1/saml2/metadata', + 'saml_secure_setup': 'False', + 'saml_auth': '/sp', + 'httpd_user': '${TEST_USER}'} + + +def fixup_sp_httpd(httpdir): + merge = """ + MellonSetEnv "UID" "uidNumber" + MellonSetEnv "GID" "gidNumber" + MellonSetEnv "HOME" "homeDirectory" + MellonSetEnv "GECOS" "gecos" + MellonSetEnv "SHELL" "loginShell" +""" + with open(httpdir + '/conf.d/ipsilon-saml.conf', 'r') as f: + conf = f.read() + conf = conf.replace('', merge, 1) + with open(httpdir + '/conf.d/ipsilon-saml.conf', 'w') as f: + f.write(conf) + + location = """ + +Alias /sp ${HTTPDIR}/sp + + + Require all granted + Options +Includes + +""" + t = Template(location) + text = t.substitute({'HTTPDIR': httpdir}) + with open(httpdir + '/conf.d/ipsilon-saml.conf', 'a') as f: + f.write(text) + + index = """""" + os.mkdir(httpdir + '/sp') + with open(httpdir + '/sp/index.shtml', 'w') as f: + f.write(index) + + +class IpsilonTest(IpsilonTestBase): + + def __init__(self): + super(IpsilonTest, self).__init__('attrs', __file__) + + def setup_servers(self, env=None): + print "Installing IDP server" + name = 'idp1' + addr = '127.0.0.10' + port = '45080' + idp = self.generate_profile(idp_g, idp_a, name, addr, port) + conf = self.setup_idp_server(idp, name, addr, port, env) + + print "Starting IDP's httpd server" + self.start_http_server(conf, env) + + print "Installing SP server" + name = 'sp1' + addr = '127.0.0.11' + port = '45081' + sp = self.generate_profile(sp_g, sp_a, name, addr, port) + conf = self.setup_sp_server(sp, name, addr, port, env) + fixup_sp_httpd(os.path.dirname(conf)) + + print "Starting SP's httpd server" + self.start_http_server(conf, env) + + +if __name__ == '__main__': + + idpname = 'idp1' + spname = 'sp1' + userpwd = pwd.getpwuid(os.getuid()) + user = userpwd[0] + + sess = HttpSessions() + sess.add_server(idpname, 'http://127.0.0.10:45080', user, 'ipsilon') + sess.add_server(spname, 'http://127.0.0.11:45081') + + print "attrs: Authenticate to IDP ...", + try: + sess.auth_to_idp(idpname) + except Exception, e: # pylint: disable=broad-except + print >> sys.stderr, " ERROR: %s" % repr(e) + sys.exit(1) + print " SUCCESS" + + print "attrs: Add SP Metadata to IDP ...", + try: + sess.add_sp_metadata(idpname, spname) + except Exception, e: # pylint: disable=broad-except + print >> sys.stderr, " ERROR: %s" % repr(e) + sys.exit(1) + print " SUCCESS" + + print "attrs: Access SP Protected Area Variables...", + try: + page = sess.fetch_page(idpname, + 'http://127.0.0.11:45081/sp/index.shtml') + page.expected_value('text()', str(userpwd[2])) + except ValueError, e: + print >> sys.stderr, " ERROR: %s" % repr(e) + sys.exit(1) + print " SUCCESS" -- cgit