diff options
author | Rob Crittenden <rcritten@redhat.com> | 2015-04-09 15:11:39 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2015-04-10 10:29:58 -0400 |
commit | 4bd041ffabb649f01e57a88f0307be881452ee11 (patch) | |
tree | fd846f8573ad95807d8ff0874ffe57c47012a12c /tests/helpers/http.py | |
parent | 7a8f322d5155e5273942d3152a6ae1653a317618 (diff) | |
download | ipsilon.git-ticket_25.tar.gz ipsilon.git-ticket_25.tar.xz ipsilon.git-ticket_25.zip |
Add test for per-SP allowed attributes and attribute mappingticket_25
This buidls up a specific global mapping and allowed attributes then
creates an SP-specific configuration which differs enough to confirm
that it is in fact overriding the default. It finishes by removing the
per-SP configuration and ensuring that it falls back to the IdP-default.
https://fedorahosted.org/ipsilon/ticket/25
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Diffstat (limited to 'tests/helpers/http.py')
-rwxr-xr-x | tests/helpers/http.py | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/tests/helpers/http.py b/tests/helpers/http.py index d8c56b3..dc7fbd5 100755 --- a/tests/helpers/http.py +++ b/tests/helpers/http.py @@ -282,6 +282,51 @@ class HttpSessions(object): if r.status_code != 200: raise ValueError('Failed to post SP data [%s]' % repr(r)) + # pylint: disable=dangerous-default-value + def set_attributes_and_mapping(self, idp, mapping=[], attrs=[], + spname=None): + """ + Set allowed attributes and mapping in the IDP or the SP. In the + case of the SP both allowed attributes and the mapping need to + be provided. An empty option for either means delete all values. + + mapping is a list of list of rules of the form: + [['from-1', 'to-1'], ['from-2', 'from-2']] + + ex. [['*', '*'], ['fullname', 'namefull']] + + attrs is the list of attributes that will be allowed: + ['fullname', 'givenname', 'surname'] + """ + idpsrv = self.servers[idp] + idpuri = idpsrv['baseuri'] + if spname: # per-SP setting + url = '%s/%s/admin/providers/saml2/admin/sp/%s' % ( + idpuri, idp, spname) + mapname = 'Attribute Mapping' + attrname = 'Allowed Attributes' + else: # global default + url = '%s/%s/admin/providers/saml2' % (idpuri, idp) + mapname = 'default attribute mapping' + attrname = 'default allowed attributes' + + headers = {'referer': url} + headers['content-type'] = 'application/x-www-form-urlencoded' + payload = {'submit': 'Submit'} + count = 0 + for m in mapping: + payload['%s %s-from' % (mapname, count)] = m[0] + payload['%s %s-to' % (mapname, count)] = m[1] + count += 1 + count = 0 + for attr in attrs: + payload['%s %s-name' % (attrname, count)] = attr + count += 1 + r = idpsrv['session'].post(url, headers=headers, + data=payload) + if r.status_code != 200: + raise ValueError('Failed to post IDP data [%s]' % repr(r)) + def fetch_rest_page(self, idpname, uri): """ idpname - the name of the IDP to fetch the page from |