keystoneauth1.tests.unit.extras.saml2 package¶

Subpackages¶

Submodules¶

keystoneauth1.tests.unit.extras.saml2.test_auth_adfs module¶

class keystoneauth1.tests.unit.extras.saml2.test_auth_adfs.AuthenticateviaADFSTests(*args, **kwargs)¶

Bases: keystoneauth1.tests.unit.extras.saml2.utils.TestCase

ADDRESS_XPATH = '/s:Envelope/s:Body/trust:RequestSecurityToken/wsp:AppliesTo/wsa:EndpointReference/wsa:Address'¶

GROUP = 'auth'¶

NAMESPACES = {'a': 'http://www.w3.org/2005/08/addressing', 'wsp': 'http://schemas.xmlsoap.org/ws/2004/09/policy', 'trust': 'http://docs.oasis-open.org/ws-sx/ws-trust/200512', 'o': 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd', 's': 'http://www.w3.org/2003/05/soap-envelope', 'wsa': 'http://www.w3.org/2005/08/addressing'}¶

PASSWORD_XPATH = '/s:Envelope/s:Header/o:Security/o:UsernameToken/o:Password'¶

PROTOCOL = 'saml2'¶

TEST_TOKEN = 'aa1edaff8d7a49bbb1c7984492ba5058'¶

TO_XPATH = '/s:Envelope/s:Header/a:To'¶

USER_XPATH = '/s:Envelope/s:Header/o:Security/o:UsernameToken/o:Username'¶

setUp()¶

test_access_sp_no_cookies_fail()¶

test_adfs_request_password()¶

test_adfs_request_to()¶

test_adfs_request_user()¶

test_check_valid_token_when_authenticated()¶

test_end_to_end_workflow()¶

test_get_adfs_security_token()¶

Test ADFSPassword._get_adfs_security_token().

test_get_adfs_security_token_authn_fail()¶

Test proper parsing XML fault after bad authentication.

An exceptions.AuthorizationFailure should be raised including error message from the XML message indicating where was the problem.

test_get_adfs_security_token_bad_response()¶

Test proper handling HTTP 500 and mangled (non XML) response.

This should never happen yet, keystoneauth1 should be prepared and correctly raise exceptions.InternalServerError once it cannot parse XML fault message

test_prepare_adfs_request_address()¶

test_prepare_adfs_request_custom_endpointreference()¶

test_prepare_sp_request()¶

test_send_assertion_to_service_provider_bad_status()¶

keystoneauth1.tests.unit.extras.saml2.test_auth_saml2 module¶

class keystoneauth1.tests.unit.extras.saml2.test_auth_saml2.AuthenticateviaSAML2Tests(*args, **kwargs)¶

Bases: keystoneauth1.tests.unit.extras.saml2.utils.TestCase

TEST_AUTH_URL = 'http://keystone.test:5000/v3/'¶

TEST_CONSUMER_URL = 'https://openstack4.local/Shibboleth.sso/SAML2/ECP'¶

TEST_IDP = 'tester'¶

TEST_IDP_URL = 'https://idp.test'¶

TEST_PASS = 'pass'¶

TEST_PROTOCOL = 'saml2'¶

TEST_USER = 'user'¶

basic_header(username='user', password='pass')¶

calls¶

get_plugin(**kwargs)¶

setUp()¶

sp_url(**kwargs)¶

test_consumer_mismatch_error_workflow()¶

test_initial_sp_call_invalid_response()¶

Send initial SP HTTP request and receive wrong server response.

test_workflow()¶

class keystoneauth1.tests.unit.extras.saml2.test_auth_saml2.SamlAuth2PluginTests(*args, **kwargs)¶

Bases: keystoneauth1.tests.unit.extras.saml2.utils.TestCase

These test ONLY the standalone requests auth plugin.

Tests for the auth plugin are later so that hopefully these can be extracted into it’s own module.

HEADER_MEDIA_TYPE_SEPARATOR = ','¶

TEST_CONSUMER_URL = 'https://openstack4.local/Shibboleth.sso/SAML2/ECP'¶

TEST_IDP_URL = 'http://idp.test'¶

TEST_PASS = 'pass'¶

TEST_SP_URL = 'http://sp.test'¶

TEST_USER = 'user'¶

basic_header(username='user', password='pass')¶

calls¶

get_plugin(**kwargs)¶

test_200_without_paos_header()¶

test_consumer_mismatch_error_workflow()¶

test_initial_sp_call_invalid_response()¶

Send initial SP HTTP request and receive wrong server response.

test_passed_when_not_200()¶

test_request_accept_headers()¶

test_standard_workflow_302_redirect()¶

test_standard_workflow_303_redirect()¶

keystoneauth1.tests.unit.extras.saml2.utils module¶

class keystoneauth1.tests.unit.extras.saml2.utils.TestCase(*args, **kwargs)¶

Bases: keystoneauth1.tests.unit.utils.TestCase

TEST_URL = 'https://keystone:5000/v3'¶

setUp()¶

keystoneauth1.tests.unit.extras.saml2.utils.make_oneline(s)¶

Module contents¶