keystoneauth1.tests.unit.extras.saml2 package

Submodules

keystoneauth1.tests.unit.extras.saml2.test_auth_adfs module

class keystoneauth1.tests.unit.extras.saml2.test_auth_adfs.AuthenticateviaADFSTests(*args, **kwargs)

Bases: keystoneauth1.tests.unit.extras.saml2.utils.TestCase

ADDRESS_XPATH = ‘/s:Envelope/s:Body/trust:RequestSecurityToken/wsp:AppliesTo/wsa:EndpointReference/wsa:Address’
GROUP = ‘auth’
NAMESPACES = {‘s’: ‘http://www.w3.org/2003/05/soap-envelope’, ‘wsp’: ‘http://schemas.xmlsoap.org/ws/2004/09/policy’, ‘trust’: ‘http://docs.oasis-open.org/ws-sx/ws-trust/200512’, ‘a’: ‘http://www.w3.org/2005/08/addressing’, ‘wsa’: ‘http://www.w3.org/2005/08/addressing’, ‘o’: ‘http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd’}
PASSWORD_XPATH = ‘/s:Envelope/s:Header/o:Security/o:UsernameToken/o:Password’
PROTOCOL = ‘saml2’
TEST_TOKEN = ‘7643742c89ff4ae7bec6bca2d0cdb4f2’
TO_XPATH = ‘/s:Envelope/s:Header/a:To’
USER_XPATH = ‘/s:Envelope/s:Header/o:Security/o:UsernameToken/o:Username’
setUp()
test_access_sp_no_cookies_fail()
test_adfs_request_password()
test_adfs_request_to()
test_adfs_request_user()
test_check_valid_token_when_authenticated()
test_end_to_end_workflow()
test_get_adfs_security_token()

Test ADFSPassword._get_adfs_security_token().

test_get_adfs_security_token_authn_fail()

Test proper parsing XML fault after bad authentication.

An exceptions.AuthorizationFailure should be raised including error message from the XML message indicating where was the problem.

test_get_adfs_security_token_bad_response()

Test proper handling HTTP 500 and mangled (non XML) response.

This should never happen yet, keystoneauth1 should be prepared and correctly raise exceptions.InternalServerError once it cannot parse XML fault message

test_prepare_adfs_request_address()
test_prepare_adfs_request_custom_endpointreference()
test_prepare_sp_request()
test_send_assertion_to_service_provider_bad_status()

keystoneauth1.tests.unit.extras.saml2.test_auth_saml2 module

class keystoneauth1.tests.unit.extras.saml2.test_auth_saml2.AuthenticateviaSAML2Tests(*args, **kwargs)

Bases: keystoneauth1.tests.unit.extras.saml2.utils.TestCase

TEST_AUTH_URL = ‘http://keystone.test:5000/v3/’
TEST_CONSUMER_URL = ‘https://openstack4.local/Shibboleth.sso/SAML2/ECP’
TEST_IDP = ‘tester’
TEST_IDP_URL = ‘https://idp.test’
TEST_PASS = ‘pass’
TEST_PROTOCOL = ‘saml2’
TEST_USER = ‘user’
basic_header(username=’user’, password=’pass’)
calls
get_plugin(**kwargs)
setUp()
sp_url(**kwargs)
test_consumer_mismatch_error_workflow()
test_initial_sp_call_invalid_response()

Send initial SP HTTP request and receive wrong server response.

test_workflow()
class keystoneauth1.tests.unit.extras.saml2.test_auth_saml2.SamlAuth2PluginTests(*args, **kwargs)

Bases: keystoneauth1.tests.unit.extras.saml2.utils.TestCase

These test ONLY the standalone requests auth plugin.

Tests for the auth plugin are later so that hopefully these can be extracted into it’s own module.

HEADER_MEDIA_TYPE_SEPARATOR = ‘,’
TEST_CONSUMER_URL = ‘https://openstack4.local/Shibboleth.sso/SAML2/ECP’
TEST_IDP_URL = ‘http://idp.test’
TEST_PASS = ‘pass’
TEST_SP_URL = ‘http://sp.test’
TEST_USER = ‘user’
basic_header(username=’user’, password=’pass’)
calls
get_plugin(**kwargs)
test_200_without_paos_header()
test_consumer_mismatch_error_workflow()
test_initial_sp_call_invalid_response()

Send initial SP HTTP request and receive wrong server response.

test_passed_when_not_200()
test_request_accept_headers()
test_standard_workflow_302_redirect()
test_standard_workflow_303_redirect()

keystoneauth1.tests.unit.extras.saml2.utils module

class keystoneauth1.tests.unit.extras.saml2.utils.TestCase(*args, **kwargs)

Bases: keystoneauth1.tests.unit.utils.TestCase

TEST_URL = ‘https://keystone:5000/v3’
setUp()
keystoneauth1.tests.unit.extras.saml2.utils.make_oneline(s)

Module contents