3 # Copyright (C) 2014 Simo Sorce <simo@redhat.com>
5 # see file 'COPYING' for use and warranty information
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation, either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
21 from helpers.common import IpsilonTestBase # pylint: disable=relative-import
22 from helpers.http import HttpSessions # pylint: disable=relative-import
27 from string import Template
32 idpaddr = '127.0.0.10'
39 idp_g = {'TEMPLATES': '${TESTDIR}/templates/install',
40 'CONFDIR': '${TESTDIR}/etc',
41 'DATADIR': '${TESTDIR}/lib',
42 'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
43 'STATICDIR': '${ROOTDIR}',
44 'BINDIR': '${ROOTDIR}/ipsilon',
45 'WSGI_SOCKET_PREFIX': '${TESTDIR}/${NAME}/logs/wsgi'}
48 idp_a = {'hostname': '${ADDRESS}:${PORT}',
49 'admin_user': '${TEST_USER}',
50 'system_user': '${TEST_USER}',
51 'instance': '${NAME}',
57 'server_debugging': 'True'}
61 global enabled = testauth
63 global enabled = openid,saml2
64 openid endpoint url = ${IDPURI}/openid/
65 openid identity_url_template = ${IDPURI}/openid/id/%(username)s
66 saml2 idp key file = ${TESTDIR}/lib/${NAME}/saml2/idp.key
67 saml2 idp storage path = ${TESTDIR}/lib/${NAME}/saml2
68 saml2 idp metadata file = metadata.xml
69 saml2 idp certificate file = ${TESTDIR}/lib/${NAME}/saml2/idp.pem
70 saml2 idp nameid salt = ${IDPSALT}
72 811d0231-9362-46c9-a105-a01a64818904 id = http://${SPADDR}:${SPPORT}/saml2
73 811d0231-9362-46c9-a105-a01a64818904 type = SP
74 811d0231-9362-46c9-a105-a01a64818904 name = ${SPNAME}
75 811d0231-9362-46c9-a105-a01a64818904 metadata = ${SPMETA}
78 sp_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
79 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
80 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
81 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
84 sp_a = {'hostname': '${ADDRESS}:${PORT}',
85 'saml_idp_metadata': '${TESTDIR}/lib/idp1/saml2/metadata.xml',
86 'saml_secure_setup': 'False',
88 'httpd_user': '${TEST_USER}'}
91 def fixup_sp_httpd(httpdir):
94 Alias /sp ${HTTPDIR}/sp
96 <Directory ${HTTPDIR}/sp>
102 t = Template(location)
103 text = t.substitute({'HTTPDIR': httpdir})
104 with open(httpdir + '/conf.d/ipsilon-saml.conf', 'a') as f:
107 os.mkdir(httpdir + '/sp')
108 with open(httpdir + '/sp/index.html', 'w') as f:
112 def fixup_idp_conf(testdir):
114 with open(os.path.join(testdir, spname, 'saml2',
115 '%s:%s' % (spaddr, spport), 'metadata.xml')) as f:
117 spmeta = spmeta.replace("\n", "")
119 idpuri = "http://%s:%s/%s" % (idpaddr, idpport, idpname)
121 idpsalt = uuid.uuid4().hex
122 t = Template(idp_file_conf)
123 text = t.substitute({'NAME': idpname, 'IDPURI': idpuri,
124 'SPNAME': spname, 'SPADDR': spaddr, 'SPPORT': spport,
125 'SPMETA': spmeta, 'TESTDIR': testdir,
128 adminconf = os.path.join(testdir, 'etc/admin.conf')
129 with open(adminconf, 'w+') as f:
132 ipsilonconf = os.path.join(testdir, 'etc', idpname, 'ipsilon.conf')
133 newconf = ConfigParser.ConfigParser()
134 with open(ipsilonconf, 'r') as f:
136 with open(ipsilonconf, 'w+') as f:
137 newconf.set('global', 'admin.config.db',
138 '"configfile://%s"' % adminconf)
141 os.remove(os.path.join(testdir, 'lib', idpname, 'adminconfig.sqlite'))
144 class IpsilonTest(IpsilonTestBase):
147 super(IpsilonTest, self).__init__('fconf', __file__)
149 def setup_servers(self, env=None):
150 print "Installing IDP server"
151 idp = self.generate_profile(idp_g, idp_a, idpname, idpaddr, idpport)
152 idpconf = self.setup_idp_server(idp, idpname, idpaddr, idpport, env)
154 print "Installing SP server"
155 sp = self.generate_profile(sp_g, sp_a, spname, spaddr, spport)
156 spconf = self.setup_sp_server(sp, spname, spaddr, spport, env)
157 fixup_sp_httpd(os.path.dirname(spconf))
159 fixup_idp_conf(self.testdir)
161 print "Starting IDP's httpd server"
162 self.start_http_server(idpconf, env)
164 print "Starting SP's httpd server"
165 self.start_http_server(spconf, env)
168 if __name__ == '__main__':
170 user = pwd.getpwuid(os.getuid())[0]
172 sess = HttpSessions()
173 sess.add_server(idpname, 'http://127.0.0.10:45080', user, 'ipsilon')
174 sess.add_server(spname, 'http://127.0.0.11:45081')
176 print "test1: Access SP Protected Area ...",
178 page = sess.fetch_page(idpname, 'http://127.0.0.11:45081/sp/')
179 page.expected_value('text()', 'WORKS!')
180 except ValueError, e:
181 print >> sys.stderr, " ERROR: %s" % repr(e)