1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
|
#! /usr/bin/env python
# -*- coding: UTF-8 -*-
# PyLasso -- Python bindings for Lasso library
#
# Copyright (C) 2004 Entr'ouvert
# http://lasso.entrouvert.org
#
# Authors: Nicolas Clapies <nclapies@entrouvert.com>
# Valery Febvre <vfebvre@easter-eggs.com>
# Emmanuel Raviart <eraviart@entrouvert.com>
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
import unittest
import lasso
lasso.init()
class LoginTestCase(unittest.TestCase):
def generateIdentityProviderContextDump(self):
serverContext = lasso.Server.new(
"../../examples/data/idp-metadata.xml",
"../../examples/data/idp-public-key.pem",
"../../examples/data/idp-private-key.pem",
"../../examples/data/idp-crt.pem",
lasso.signatureMethodRsaSha1)
serverContext.add_provider(
"../../examples/data/sp-metadata.xml",
"../../examples/data/sp-public-key.pem",
"../../examples/data/ca-crt.pem")
serverContextDump = serverContext.dump()
serverContext.destroy()
return serverContextDump
def generateServiceProviderContextDump(self):
serverContext = lasso.Server.new(
"../../examples/data/sp-metadata.xml",
"../../examples/data/sp-public-key.pem",
"../../examples/data/sp-private-key.pem",
"../../examples/data/sp-crt.pem",
lasso.signatureMethodRsaSha1)
serverContext.add_provider(
"../../examples/data/idp-metadata.xml",
"../../examples/data/idp-public-key.pem",
"../../examples/data/ca-crt.pem")
serverContextDump = serverContext.dump()
serverContext.destroy()
return serverContextDump
def setUp(self):
pass
def tearDown(self):
pass
def test01_generateServersContextDumps(self):
"""Generate identity & service provider context dumps"""
identityProviderContextDump = self.generateIdentityProviderContextDump()
self.failUnless(identityProviderContextDump)
serviceProviderContextDump = self.generateServiceProviderContextDump()
self.failUnless(serviceProviderContextDump)
def test02_serviceProviderLogin(self):
"""Service provider initiated login"""
# Service provider login using HTTP redirect.
spContextDump = self.generateServiceProviderContextDump()
self.failUnless(spContextDump)
spContext = lasso.Server.new_from_dump(spContextDump)
spLoginContext = lasso.Login.new(spContext)
self.failUnlessEqual(spLoginContext.init_authn_request(
"https://identity-provider:1998/liberty-alliance/metadata"), 0)
spLoginContext.request.set_isPassive(False)
spLoginContext.request.set_nameIDPolicy(lasso.libNameIDPolicyTypeFederated)
spLoginContext.request.set_consent(lasso.libConsentObtained)
spLoginContext.request.set_relayState("fake")
self.failUnlessEqual(spLoginContext.build_authn_request_msg(), 0)
authnRequestUrl = spLoginContext.msg_url
authnRequestMsg = authnRequestUrl.split("?", 1)[1]
method = lasso.httpMethodRedirect
# Identity provider singleSignOn, for a user having no federation.
idpContextDump = self.generateIdentityProviderContextDump()
self.failUnless(idpContextDump)
idpContext = lasso.Server.new_from_dump(idpContextDump)
idpLoginContext = lasso.Login.new(idpContext)
self.failUnlessEqual(idpLoginContext.init_from_authn_request_msg(authnRequestMsg, method),
0)
self.failUnless(idpLoginContext.must_authenticate())
suite1 = unittest.makeSuite(LoginTestCase, 'test')
allTests = unittest.TestSuite((suite1,))
if __name__ == '__main__':
unittest.TextTestRunner(verbosity=2).run(allTests)
|
