diff options
| author | Simo Sorce <simo@redhat.com> | 2014-11-07 15:25:43 -0500 |
|---|---|---|
| committer | Patrick Uiterwijk <puiterwijk@redhat.com> | 2014-11-12 23:47:56 +0100 |
| commit | 95174536c7068f7c233d98582b65d2bba7491ca2 (patch) | |
| tree | 17fe64834609e64a27151abc9aab8f9ff7236a8f | |
| parent | b07ee59ded4f926a38cd1b30d7f8de7b568840a8 (diff) | |
| download | ipsilon.git-95174536c7068f7c233d98582b65d2bba7491ca2.tar.gz ipsilon.git-95174536c7068f7c233d98582b65d2bba7491ca2.tar.xz ipsilon.git-95174536c7068f7c233d98582b65d2bba7491ca2.zip | |
Add test to check file based configuration works
This is a stripped down version of test1 that manually stored the
configuration of the IDP as well as the SP metadata in the admin.conf
file, and then check thatthe SP can be successfully used.
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
| -rw-r--r-- | Makefile | 1 | ||||
| -rwxr-xr-x | tests/fconf.py | 179 |
2 files changed, 180 insertions, 0 deletions
@@ -60,6 +60,7 @@ tests: wrappers PYTHONPATH=./ ./tests/tests.py --test=attrs PYTHONPATH=./ ./tests/tests.py --test=trans PYTHONPATH=./ ./tests/tests.py --test=pgdb + PYTHONPATH=./ ./tests/tests.py --test=fconf test: lp-test tests PYTHONPATH=./ ./ipsilon/tools/saml2metadata.py diff --git a/tests/fconf.py b/tests/fconf.py new file mode 100755 index 0000000..16738cb --- /dev/null +++ b/tests/fconf.py @@ -0,0 +1,179 @@ +#!/usr/bin/python +# +# Copyright (C) 2014 Simo Sorce <simo@redhat.com> +# +# see file 'COPYING' for use and warranty information +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + + +from helpers.common import IpsilonTestBase # pylint: disable=relative-import +from helpers.http import HttpSessions # pylint: disable=relative-import +import ConfigParser +import os +import pwd +import sys +from string import Template + + +idpname = 'idp1' +idpaddr = '127.0.0.10' +idpport = '45080' +spname = 'sp1' +spaddr = '127.0.0.11' +spport = '45081' + + +idp_g = {'TEMPLATES': '${TESTDIR}/templates/install', + 'CONFDIR': '${TESTDIR}/etc', + 'DATADIR': '${TESTDIR}/lib', + 'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d', + 'STATICDIR': '${ROOTDIR}', + 'BINDIR': '${ROOTDIR}/ipsilon', + 'WSGI_SOCKET_PREFIX': '${TESTDIR}/${NAME}/logs/wsgi'} + + +idp_a = {'hostname': '${ADDRESS}:${PORT}', + 'admin_user': '${TEST_USER}', + 'system_user': '${TEST_USER}', + 'instance': '${NAME}', + 'secure': 'no', + 'testauth': 'yes', + 'pam': 'no', + 'krb': 'no', + 'ipa': 'no', + 'server_debugging': 'True'} + +idp_file_conf = """ +[login_config] +global enabled = testauth +[provider_config] +global enabled = openid,saml2 +openid endpoint url = ${IDPURI}/openid/ +openid identity_url_template = ${IDPURI}/openid/id/%(username)s +saml2 idp key file = ${TESTDIR}/lib/${NAME}/saml2/idp.key +saml2 idp storage path = ${TESTDIR}/lib/${NAME}/saml2 +saml2 idp metadata file = metadata.xml +saml2 idp certificate file = ${TESTDIR}/lib/${NAME}/saml2/idp.pem +[saml2_data] +811d0231-9362-46c9-a105-a01a64818904 id = http://${SPADDR}:${SPPORT}/saml2 +811d0231-9362-46c9-a105-a01a64818904 type = SP +811d0231-9362-46c9-a105-a01a64818904 name = ${SPNAME} +811d0231-9362-46c9-a105-a01a64818904 metadata = ${SPMETA} +""" + +sp_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d', + 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf', + 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf', + 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'} + + +sp_a = {'hostname': '${ADDRESS}:${PORT}', + 'saml_idp_metadata': '${TESTDIR}/lib/idp1/saml2/metadata.xml', + 'saml_secure_setup': 'False', + 'saml_auth': '/sp', + 'httpd_user': '${TEST_USER}'} + + +def fixup_sp_httpd(httpdir): + location = """ + +Alias /sp ${HTTPDIR}/sp + +<Directory ${HTTPDIR}/sp> + Require all granted +</Directory> +""" + index = """WORKS!""" + + t = Template(location) + text = t.substitute({'HTTPDIR': httpdir}) + with open(httpdir + '/conf.d/ipsilon-saml.conf', 'a') as f: + f.write(text) + + os.mkdir(httpdir + '/sp') + with open(httpdir + '/sp/index.html', 'w') as f: + f.write(index) + + +def fixup_idp_conf(testdir): + + with open(os.path.join(testdir, spname, 'saml2', + '%s:%s' % (spaddr, spport), 'metadata.xml')) as f: + spmeta = f.read() + spmeta = spmeta.replace("\n", "") + + idpuri = "http://%s:%s/%s" % (idpaddr, idpport, idpname) + + t = Template(idp_file_conf) + text = t.substitute({'NAME': idpname, 'IDPURI': idpuri, + 'SPNAME': spname, 'SPADDR': spaddr, 'SPPORT': spport, + 'SPMETA': spmeta, 'TESTDIR': testdir}) + + adminconf = os.path.join(testdir, 'etc/admin.conf') + with open(adminconf, 'w+') as f: + f.write(text) + + ipsilonconf = os.path.join(testdir, 'etc', idpname, 'ipsilon.conf') + newconf = ConfigParser.ConfigParser() + with open(ipsilonconf, 'r') as f: + newconf.readfp(f) + with open(ipsilonconf, 'w+') as f: + newconf.set('global', 'admin.config.db', + '"configfile://%s"' % adminconf) + newconf.write(f) + + os.remove(os.path.join(testdir, 'lib', idpname, 'adminconfig.sqlite')) + + +class IpsilonTest(IpsilonTestBase): + + def __init__(self): + super(IpsilonTest, self).__init__('fconf', __file__) + + def setup_servers(self, env=None): + print "Installing IDP server" + idp = self.generate_profile(idp_g, idp_a, idpname, idpaddr, idpport) + idpconf = self.setup_idp_server(idp, idpname, idpaddr, idpport, env) + + print "Installing SP server" + sp = self.generate_profile(sp_g, sp_a, spname, spaddr, spport) + spconf = self.setup_sp_server(sp, spname, spaddr, spport, env) + fixup_sp_httpd(os.path.dirname(spconf)) + + fixup_idp_conf(self.testdir) + + print "Starting IDP's httpd server" + self.start_http_server(idpconf, env) + + print "Starting SP's httpd server" + self.start_http_server(spconf, env) + + +if __name__ == '__main__': + + user = pwd.getpwuid(os.getuid())[0] + + sess = HttpSessions() + sess.add_server(idpname, 'http://127.0.0.10:45080', user, 'ipsilon') + sess.add_server(spname, 'http://127.0.0.11:45081') + + print "test1: Access SP Protected Area ...", + try: + page = sess.fetch_page(idpname, 'http://127.0.0.11:45081/sp/') + page.expected_value('text()', 'WORKS!') + except ValueError, e: + print >> sys.stderr, " ERROR: %s" % repr(e) + sys.exit(1) + print " SUCCESS" |