keystoneauth1.tests.unit.extras.saml2 package¶
Submodules¶
keystoneauth1.tests.unit.extras.saml2.test_auth_adfs module¶
-
class
keystoneauth1.tests.unit.extras.saml2.test_auth_adfs.
AuthenticateviaADFSTests
(*args, **kwargs)¶ Bases:
keystoneauth1.tests.unit.extras.saml2.utils.TestCase
-
ADDRESS_XPATH
= '/s:Envelope/s:Body/trust:RequestSecurityToken/wsp:AppliesTo/wsa:EndpointReference/wsa:Address'¶
-
GROUP
= 'auth'¶
-
NAMESPACES
= {'o': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 'wsa': 'http://www.w3.org/2005/08/addressing', 'a': 'http://www.w3.org/2005/08/addressing', 'trust': 'http://docs.oasis-open.org/ws-sx/ws-trust/200512', 'wsp': 'http://schemas.xmlsoap.org/ws/2004/09/policy', 's': 'http://www.w3.org/2003/05/soap-envelope'}¶
-
PASSWORD_XPATH
= '/s:Envelope/s:Header/o:Security/o:UsernameToken/o:Password'¶
-
PROTOCOL
= 'saml2'¶
-
TEST_TOKEN
= '78f55c6bdd66418aba77d02fda3dfc63'¶
-
TO_XPATH
= '/s:Envelope/s:Header/a:To'¶
-
USER_XPATH
= '/s:Envelope/s:Header/o:Security/o:UsernameToken/o:Username'¶
-
setUp
()¶
-
test_adfs_request_password
()¶
-
test_adfs_request_to
()¶
-
test_adfs_request_user
()¶
-
test_check_valid_token_when_authenticated
()¶
-
test_end_to_end_workflow
()¶
-
test_get_adfs_security_token
()¶ Test ADFSPassword._get_adfs_security_token().
-
test_get_adfs_security_token_authn_fail
()¶ Test proper parsing XML fault after bad authentication.
An exceptions.AuthorizationFailure should be raised including error message from the XML message indicating where was the problem.
-
test_get_adfs_security_token_bad_response
()¶ Test proper handling HTTP 500 and mangled (non XML) response.
This should never happen yet, keystoneauth1 should be prepared and correctly raise exceptions.InternalServerError once it cannot parse XML fault message
-
test_prepare_adfs_request_address
()¶
-
test_prepare_sp_request
()¶
-
test_send_assertion_to_service_provider_bad_status
()¶
-
keystoneauth1.tests.unit.extras.saml2.test_auth_saml2 module¶
-
class
keystoneauth1.tests.unit.extras.saml2.test_auth_saml2.
AuthenticateviaSAML2Tests
(*args, **kwargs)¶ Bases:
keystoneauth1.tests.unit.extras.saml2.utils.TestCase
-
TEST_AUTH_URL
= 'http://keystone.test:5000/v3/'¶
-
TEST_CONSUMER_URL
= 'https://openstack4.local/Shibboleth.sso/SAML2/ECP'¶
-
TEST_IDP
= 'tester'¶
-
TEST_IDP_URL
= 'https://idp.test'¶
-
TEST_PASS
= 'pass'¶
-
TEST_PROTOCOL
= 'saml2'¶
-
TEST_USER
= 'user'¶
-
basic_header
(username='user', password='pass')¶
-
calls
¶
-
get_plugin
(**kwargs)¶
-
setUp
()¶
-
sp_url
(**kwargs)¶
-
test_consumer_mismatch_error_workflow
()¶
-
test_initial_sp_call_invalid_response
()¶ Send initial SP HTTP request and receive wrong server response.
-
test_workflow
()¶
-
-
class
keystoneauth1.tests.unit.extras.saml2.test_auth_saml2.
SamlAuth2PluginTests
(*args, **kwargs)¶ Bases:
keystoneauth1.tests.unit.extras.saml2.utils.TestCase
These test ONLY the standalone requests auth plugin.
Tests for the auth plugin are later so that hopefully these can be extracted into it’s own module.
-
HEADER_MEDIA_TYPE_SEPARATOR
= ','¶
-
TEST_CONSUMER_URL
= 'https://openstack4.local/Shibboleth.sso/SAML2/ECP'¶
-
TEST_IDP_URL
= 'http://idp.test'¶
-
TEST_PASS
= 'pass'¶
-
TEST_SP_URL
= 'http://sp.test'¶
-
TEST_USER
= 'user'¶
-
basic_header
(username='user', password='pass')¶
-
calls
¶
-
get_plugin
(**kwargs)¶
-
test_200_without_paos_header
()¶
-
test_consumer_mismatch_error_workflow
()¶
-
test_initial_sp_call_invalid_response
()¶ Send initial SP HTTP request and receive wrong server response.
-
test_passed_when_not_200
()¶
-
test_request_accept_headers
()¶
-
test_standard_workflow_302_redirect
()¶
-
test_standard_workflow_303_redirect
()¶
-
keystoneauth1.tests.unit.extras.saml2.utils module¶
-
class
keystoneauth1.tests.unit.extras.saml2.utils.
TestCase
(*args, **kwargs)¶ Bases:
keystoneauth1.tests.unit.utils.TestCase
-
TEST_URL
= 'https://keystone:5000/v3'¶
-
setUp
()¶
-
-
keystoneauth1.tests.unit.extras.saml2.utils.
make_oneline
(s)¶