diff options
author | Rob Crittenden <rcritten@redhat.com> | 2015-04-09 15:11:39 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2015-04-10 10:41:22 -0400 |
commit | 1055b7bc810139d1e6ee3c225bcfba7b88e7aeab (patch) | |
tree | fd846f8573ad95807d8ff0874ffe57c47012a12c /tests/helpers/http.py | |
parent | cd0a566562d0279d13c3df08366bc38acf53011a (diff) | |
download | ipsilon-1055b7bc810139d1e6ee3c225bcfba7b88e7aeab.tar.gz ipsilon-1055b7bc810139d1e6ee3c225bcfba7b88e7aeab.tar.xz ipsilon-1055b7bc810139d1e6ee3c225bcfba7b88e7aeab.zip |
Add test for per-SP allowed and mapping attributes
This buidls up a specific global mapping and allowed attributes then
creates an SP-specific configuration which differs enough to confirm
that it is in fact overriding the default. It finishes by removing the
per-SP configuration and ensuring that it falls back to the IdP-default.
https://fedorahosted.org/ipsilon/ticket/25
Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'tests/helpers/http.py')
-rwxr-xr-x | tests/helpers/http.py | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/tests/helpers/http.py b/tests/helpers/http.py index d8c56b3..dc7fbd5 100755 --- a/tests/helpers/http.py +++ b/tests/helpers/http.py @@ -282,6 +282,51 @@ class HttpSessions(object): if r.status_code != 200: raise ValueError('Failed to post SP data [%s]' % repr(r)) + # pylint: disable=dangerous-default-value + def set_attributes_and_mapping(self, idp, mapping=[], attrs=[], + spname=None): + """ + Set allowed attributes and mapping in the IDP or the SP. In the + case of the SP both allowed attributes and the mapping need to + be provided. An empty option for either means delete all values. + + mapping is a list of list of rules of the form: + [['from-1', 'to-1'], ['from-2', 'from-2']] + + ex. [['*', '*'], ['fullname', 'namefull']] + + attrs is the list of attributes that will be allowed: + ['fullname', 'givenname', 'surname'] + """ + idpsrv = self.servers[idp] + idpuri = idpsrv['baseuri'] + if spname: # per-SP setting + url = '%s/%s/admin/providers/saml2/admin/sp/%s' % ( + idpuri, idp, spname) + mapname = 'Attribute Mapping' + attrname = 'Allowed Attributes' + else: # global default + url = '%s/%s/admin/providers/saml2' % (idpuri, idp) + mapname = 'default attribute mapping' + attrname = 'default allowed attributes' + + headers = {'referer': url} + headers['content-type'] = 'application/x-www-form-urlencoded' + payload = {'submit': 'Submit'} + count = 0 + for m in mapping: + payload['%s %s-from' % (mapname, count)] = m[0] + payload['%s %s-to' % (mapname, count)] = m[1] + count += 1 + count = 0 + for attr in attrs: + payload['%s %s-name' % (attrname, count)] = attr + count += 1 + r = idpsrv['session'].post(url, headers=headers, + data=payload) + if r.status_code != 200: + raise ValueError('Failed to post IDP data [%s]' % repr(r)) + def fetch_rest_page(self, idpname, uri): """ idpname - the name of the IDP to fetch the page from |