Updated Python tests. Not finished but Valos want it to debug Lasso.

1 files changed, 68 insertions, 71 deletions

diff --git a/python/tests/ServiceProvider.py b/python/tests/ServiceProvider.py
index 2fd518a3..e23a9cf2 100644
--- a/python/tests/ServiceProvider.py
+++ b/python/tests/ServiceProvider.py
@@ -32,8 +32,8 @@ class ServiceProvider(Provider):
     idpSite = None # The identity provider, this service provider will use to authenticate users.
 
     def assertionConsumer(self, handler):
-        server = self.getServer()
-        login = lasso.Login.new(server)
+        lassoServer = self.getLassoServer()
+        login = lasso.Login.new(lassoServer)
 
         if handler.httpRequest.method == 'GET':
             login.init_request(handler.httpRequest.query, lasso.httpMethodRedirect)
@@ -72,66 +72,67 @@ class ServiceProvider(Provider):
         else:
             return handler.respond(
                 400,
-                'Bad Request: Method %s not handled by assertionConsumer' % handler.httpRequest.method)
+                'Bad Request: Method %s not handled by assertionConsumer'
+                    % handler.httpRequest.method)
 
         nameIdentifier = login.nameIdentifier
         failUnless(nameIdentifier)
 
         # Retrieve session dump, using name identifier or else try to use the client web session.
         # If session dump exists, give it to Lasso, so that it updates it.
-        webSession = self.getWebSessionFromNameIdentifier(nameIdentifier)
-        if webSession is None:
-            webSession = self.getWebSession(handler.httpRequest.client)
-        if webSession is not None:
-            sessionDump = webSession.sessionDump
-            if sessionDump is not None:
-                login.set_session_from_dump(sessionDump)
+        session = self.getSessionFromNameIdentifier(nameIdentifier)
+        if session is None:
+            session = handler.session
+        if session is not None:
+            lassoSessionDump = session.lassoSessionDump
+            if lassoSessionDump is not None:
+                login.set_session_from_dump(lassoSessionDump)
         # Retrieve identity dump, using name identifier or else try to retrieve him from web
         # session. If identity dump exists, give it to Lasso, so that it updates it.
-        webUser = self.getWebUserFromNameIdentifier(nameIdentifier)
-        if webUser is None:
-            webUser = self.getWebUserFromWebSession(webSession)
-        if webUser is not None:
-            identityDump = webUser.identityDump
-            if identityDump is not None:
-                login.set_identity_from_dump(identityDump)
+        user = self.getUserFromNameIdentifier(nameIdentifier)
+        if user is None:
+            user = self.getUserFromSession(session)
+        if user is not None:
+            lassoIdentityDump = user.lassoIdentityDump
+            if lassoIdentityDump is not None:
+                login.set_identity_from_dump(lassoIdentityDump)
 
         login.accept_sso()
-        if webUser is not None and identityDump is None:
+        if user is not None and lassoIdentityDump is None:
             failUnless(login.is_identity_dirty())
-        identity = login.get_identity()
-        failUnless(identity)
-        identityDump = identity.dump()
-        failUnless(identityDump)
+        lassoIdentity = login.get_identity()
+        failUnless(lassoIdentity)
+        lassoIdentityDump = lassoIdentity.dump()
+        failUnless(lassoIdentityDump)
         failUnless(login.is_session_dirty())
-        session = login.get_session()
-        failUnless(session)
-        sessionDump = session.dump()
-        failUnless(sessionDump)
+        lassoSession = login.get_session()
+        failUnless(lassoSession)
+        lassoSessionDump = lassoSession.dump()
+        failUnless(lassoSessionDump)
 
         # User is now authenticated.
 
         # If there was no web session yet, create it. Idem for the web user account.
-        if webSession is None:
-            webSession = self.createWebSession(handler.httpRequest.client)
-        if webUser is None:
+        if session is None:
+            session = self.createSession(handler.httpRequest.client)
+        if user is None:
             # A real service provider would ask user to login locally to create federation. Or it
             # would ask user informations to create a local account.
-            webUserId = handler.httpRequest.client.keyring.get(self.url, None)
-            userAuthenticated = webUserId in self.webUsers
+            userId = handler.httpRequest.client.keyring.get(self.url, None)
+            userAuthenticated = userId in self.users
             if not userAuthenticated:
                 return handler.respond(401, 'Access Unauthorized: User has no account.')
-            webUser = self.webUsers[webUserId]
+            user = self.users[userId]
 
-        webSession.webUserId = webUser.uniqueId
+        session.userId = user.uniqueId
 
         # Store the updated identity dump and session dump.
         if login.is_identity_dirty():
-            webUser.identityDump = identityDump
-        webSession.sessionDump = sessionDump
+            user.lassoIdentityDump = lassoIdentityDump
+        session.lassoSessionDump = lassoSessionDump
 
-        self.webUserIdsByNameIdentifier[nameIdentifier] = webUser.uniqueId
-        self.webSessionIdsByNameIdentifier[nameIdentifier] = webSession.uniqueId
+        self.userIdsByNameIdentifier[nameIdentifier] = user.uniqueId
+        self.sessionTokensByNameIdentifier[nameIdentifier] = session.token
 
         return handler.respond()
 
@@ -139,7 +140,7 @@ class ServiceProvider(Provider):
         libertyEnabled = handler.httpRequest.headers.get('Liberty-Enabled', None)
         userAgent = handler.httpRequest.headers.get('User-Agent', None)
         # FIXME: Lasso should have a function to compute useLecp.
-        # Or this should be done in lasso.Login.new(server, libertyEnabled, userAgent)
+        # Or this should be done in lasso.Login.new(lassoServer, libertyEnabled, userAgent)
         useLecp = False
         if libertyEnabled:
             useLecp = 'urn:liberty:iff:2003-08' in libertyEnabled
@@ -154,10 +155,10 @@ class ServiceProvider(Provider):
 
         forceAuthn = handler.httpRequest.getQueryBoolean('forceAuthn', False)
         isPassive = handler.httpRequest.getQueryBoolean('isPassive', False)
-        server = self.getServer()
+        lassoServer = self.getLassoServer()
         if useLecp:
-            lecp = lasso.Lecp.new(server)
-            lecp.init_authn_request(self.idpSite.providerId) # FIXME: The argument should be None.
+            lecp = lasso.Lecp.new(lassoServer)
+            lecp.init_authn_request()
             failUnlessEqual(lecp.request_type, lasso.messageTypeAuthnRequest)
 
             # FIXME: This protocol profile should be set by default by Lasso.
@@ -173,12 +174,8 @@ class ServiceProvider(Provider):
             relayState = 'fake'
             lecp.request.set_relayState(relayState)
 
-            # FIXME: In my opinion, this method should be the renamed to build_authn_request_msg.
             lecp.build_authn_request_envelope_msg()
             authnRequestEnvelopeMsg = lecp.msg_body
-            # FIXME: I don't understand why authnRequestEnvelopeMsg is base64 encoded.
-            import base64
-            authnRequestEnvelopeMsg = base64.decodestring(authnRequestEnvelopeMsg)
             failUnless(authnRequestEnvelopeMsg)
             # FIXME: Lasso should set a lecp.msg_content_type to
             # "application/vnd.liberty-request+xml". This should also be done for SOAP, etc, with
@@ -194,8 +191,8 @@ class ServiceProvider(Provider):
                     },
                 body = authnRequestEnvelopeMsg)
         else:
-            login = lasso.Login.new(server)
-            login.init_authn_request(self.idpSite.providerId)
+            login = lasso.Login.new(lassoServer)
+            login.init_authn_request()
             failUnlessEqual(login.request_type, lasso.messageTypeAuthnRequest)
             if forceAuthn:
                 login.request.set_forceAuthn(forceAuthn)
@@ -205,27 +202,27 @@ class ServiceProvider(Provider):
             login.request.set_consent(lasso.libConsentObtained)
             relayState = 'fake'
             login.request.set_relayState(relayState)
-            login.build_authn_request_msg()
+            login.build_authn_request_msg(self.idpSite.providerId)
             authnRequestUrl = login.msg_url
             failUnless(authnRequestUrl)
             return handler.respondRedirectTemporarily(authnRequestUrl)
 
     def logoutUsingSoap(self, handler):
-        webSession = self.getWebSession(handler.httpRequest.client)
-        if webSession is None:
+        session = handler.session
+        if session is None:
             return handler.respond(401, 'Access Unauthorized: User has no session opened.')
-        webUser = self.getWebUserFromWebSession(webSession)
-        if webUser is None:
+        user = self.getUserFromSession(session)
+        if user is None:
             return handler.respond(401, 'Access Unauthorized: User is not logged in.')
 
-        server = self.getServer()
-        logout = lasso.Logout.new(server, lasso.providerTypeSp)
-        identityDump = self.getIdentityDump(handler.httpRequest.client)
-        if identityDump is not None:
-            logout.set_identity_from_dump(identityDump)
-        sessionDump = self.getSessionDump(handler.httpRequest.client)
-        if sessionDump is not None:
-            logout.set_session_from_dump(sessionDump)
+        lassoServer = self.getLassoServer()
+        logout = lasso.Logout.new(lassoServer, lasso.providerTypeSp)
+        lassoIdentityDump = self.getIdentityDump(handler.httpRequest.client)
+        if lassoIdentityDump is not None:
+            logout.set_identity_from_dump(lassoIdentityDump)
+        lassoSessionDump = self.getLassoSessionDump(handler.httpRequest.client)
+        if lassoSessionDump is not None:
+            logout.set_session_from_dump(lassoSessionDump)
         logout.init_request()
         logout.build_request_msg()
 
@@ -241,24 +238,24 @@ class ServiceProvider(Provider):
         failIf(logout.is_identity_dirty())
         identity = logout.get_identity()
         failUnless(identity)
-        identityDump = identity.dump()
-        failUnless(identityDump)
+        lassoIdentityDump = identity.dump()
+        failUnless(lassoIdentityDump)
         failUnless(logout.is_session_dirty())
-        session = logout.get_session()
-        if session is None:
+        lassoSession = logout.get_session()
+        if lassoSession is None:
             # The user is no more authenticated on any identity provider. Log him out.
-            del webSession.sessionDump
-            del webSession.webUserId
+            del session.lassoSessionDump
+            del session.userId
             # We also delete the session, but it is not mandantory, since the user is logged out
             # anyway.
-            del self.webSessions[webSession.uniqueId] 
+            del self.sessions[session.token] 
         else:
             # The user is still logged in on some other identity providers.
-            sessionDump = session.dump()
-            failUnless(sessionDump)
-            webSession.sessionDump = sessionDump
+            lassoSessionDump = lassoSession.dump()
+            failUnless(lassoSessionDump)
+            session.lassoSessionDump = lassoSessionDump
         nameIdentifier = logout.nameIdentifier
         failUnless(nameIdentifier)
-        del self.webSessionIdsByNameIdentifier[nameIdentifier]
+        del self.sessionTokensByNameIdentifier[nameIdentifier]
 
         return handler.respond()