3 # Copyright (C) 2014 Simo Sorce <simo@redhat.com>
5 # see file 'COPYING' for use and warranty information
7 # This program is free software; you can redistribute it and/or modify
8 # it under the terms of the GNU General Public License as published by
9 # the Free Software Foundation, either version 3 of the License, or
10 # (at your option) any later version.
12 # This program is distributed in the hope that it will be useful,
13 # but WITHOUT ANY WARRANTY; without even the implied warranty of
14 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 # GNU General Public License for more details.
17 # You should have received a copy of the GNU General Public License
18 # along with this program. If not, see <http://www.gnu.org/licenses/>.
21 from helpers.common import IpsilonTestBase # pylint: disable=relative-import
22 from helpers.http import HttpSessions # pylint: disable=relative-import
26 from string import Template
28 idp_g = {'TEMPLATES': '${TESTDIR}/templates/install',
29 'CONFDIR': '${TESTDIR}/etc',
30 'DATADIR': '${TESTDIR}/lib',
31 'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
32 'STATICDIR': '${ROOTDIR}',
33 'BINDIR': '${ROOTDIR}/ipsilon',
34 'WSGI_SOCKET_PREFIX': '${TESTDIR}/${NAME}/logs/wsgi'}
37 idp_a = {'hostname': '${ADDRESS}:${PORT}',
38 'admin_user': '${TEST_USER}',
39 'system_user': '${TEST_USER}',
40 'instance': '${NAME}',
46 'server_debugging': 'True'}
49 sp_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
50 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
51 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
52 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
55 sp_a = {'hostname': '${ADDRESS}:${PORT}',
56 'saml_idp_metadata': 'http://127.0.0.10:45080/idp1/saml2/metadata',
57 'saml_secure_setup': 'False',
59 'httpd_user': '${TEST_USER}'}
61 sp2_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
62 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
63 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
64 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
66 sp2_a = {'hostname': '${ADDRESS}:${PORT}',
67 'saml_idp_url': 'http://127.0.0.10:45080/idp1',
68 'admin_user': '${TEST_USER}',
69 'admin_password': '${TESTDIR}/pw.txt',
70 'saml_sp_name': 'sp2',
71 'saml_secure_setup': 'False',
73 'httpd_user': '${TEST_USER}'}
76 def fixup_sp_httpd(httpdir):
79 Alias /sp ${HTTPDIR}/sp
81 <Directory ${HTTPDIR}/sp>
87 t = Template(location)
88 text = t.substitute({'HTTPDIR': httpdir})
89 with open(httpdir + '/conf.d/ipsilon-saml.conf', 'a') as f:
92 os.mkdir(httpdir + '/sp')
93 with open(httpdir + '/sp/index.html', 'w') as f:
97 class IpsilonTest(IpsilonTestBase):
100 super(IpsilonTest, self).__init__('test1', __file__)
102 def setup_servers(self, env=None):
103 print "Installing IDP server"
107 idp = self.generate_profile(idp_g, idp_a, name, addr, port)
108 conf = self.setup_idp_server(idp, name, addr, port, env)
110 print "Starting IDP's httpd server"
111 self.start_http_server(conf, env)
113 print "Installing first SP server"
117 sp = self.generate_profile(sp_g, sp_a, name, addr, port)
118 conf = self.setup_sp_server(sp, name, addr, port, env)
119 fixup_sp_httpd(os.path.dirname(conf))
121 print "Starting first SP's httpd server"
122 self.start_http_server(conf, env)
124 print "Installing second SP server"
128 sp = self.generate_profile(sp2_g, sp2_a, name, addr, port)
129 with open(os.path.dirname(sp) + '/pw.txt', 'a') as f:
131 conf = self.setup_sp_server(sp, name, addr, port, env)
132 os.remove(os.path.dirname(sp) + '/pw.txt')
133 fixup_sp_httpd(os.path.dirname(conf))
135 print "Starting second SP's httpd server"
136 self.start_http_server(conf, env)
139 if __name__ == '__main__':
144 user = pwd.getpwuid(os.getuid())[0]
146 sess = HttpSessions()
147 sess.add_server(idpname, 'http://127.0.0.10:45080', user, 'ipsilon')
148 sess.add_server(sp1name, 'http://127.0.0.11:45081')
149 sess.add_server(sp2name, 'http://127.0.0.11:45082')
151 print "test1: Authenticate to IDP ...",
153 sess.auth_to_idp(idpname)
154 except Exception, e: # pylint: disable=broad-except
155 print >> sys.stderr, " ERROR: %s" % repr(e)
159 print "test1: Add first SP Metadata to IDP ...",
161 sess.add_sp_metadata(idpname, sp1name)
162 except Exception, e: # pylint: disable=broad-except
163 print >> sys.stderr, " ERROR: %s" % repr(e)
167 print "test1: Access first SP Protected Area ...",
169 page = sess.fetch_page(idpname, 'http://127.0.0.11:45081/sp/')
170 page.expected_value('text()', 'WORKS!')
171 except ValueError, e:
172 print >> sys.stderr, " ERROR: %s" % repr(e)
176 print "test1: Access second SP Protected Area ...",
178 page = sess.fetch_page(idpname, 'http://127.0.0.11:45082/sp/')
179 page.expected_value('text()', 'WORKS!')
180 except ValueError, e:
181 print >> sys.stderr, " ERROR: %s" % repr(e)
185 print "test1: Try authentication failure ...",
186 newsess = HttpSessions()
187 newsess.add_server(idpname, 'http://127.0.0.10:45080', user, 'wrong')
189 newsess.auth_to_idp(idpname)
190 print >> sys.stderr, " ERROR: Authentication should have failed"
192 except Exception, e: # pylint: disable=broad-except