3 # Copyright (C) 2015 Ipsilon project Contributors, for license see COPYING
5 from helpers.common import IpsilonTestBase # pylint: disable=relative-import
6 from helpers.http import HttpSessions # pylint: disable=relative-import
10 from string import Template
13 idp_g = {'TEMPLATES': '${TESTDIR}/templates/install',
14 'CONFDIR': '${TESTDIR}/etc',
15 'DATADIR': '${TESTDIR}/lib',
16 'CACHEDIR': '${TESTDIR}/cache',
17 'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
18 'STATICDIR': '${ROOTDIR}',
19 'BINDIR': '${ROOTDIR}/ipsilon',
20 'WSGI_SOCKET_PREFIX': '${TESTDIR}/${NAME}/logs/wsgi'}
23 idp_a = {'hostname': '${ADDRESS}:${PORT}',
24 'admin_user': '${TEST_USER}',
25 'system_user': '${TEST_USER}',
26 'instance': '${NAME}',
32 'server_debugging': 'True'}
35 sp_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
36 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
37 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
38 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
41 sp_a = {'hostname': '${ADDRESS}:${PORT}',
42 'saml_idp_metadata': 'http://127.0.0.10:45080/idp1/saml2/metadata',
43 'saml_secure_setup': 'False',
45 'httpd_user': '${TEST_USER}'}
48 sp2_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
49 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
50 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
51 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
54 sp2_a = {'hostname': '${ADDRESS}:${PORT}',
55 'saml_idp_metadata': 'http://127.0.0.10:45080/idp1/saml2/metadata',
56 'saml_secure_setup': 'False',
58 'httpd_user': '${TEST_USER}'}
60 sp3_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
61 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
62 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
63 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
66 sp3_a = {'hostname': '${ADDRESS}:${PORT}',
67 'saml_idp_metadata': 'http://127.0.0.10:45080/idp1/saml2/metadata',
68 'saml_secure_setup': 'False',
70 'httpd_user': '${TEST_USER}'}
73 def fixup_sp_httpd(httpdir, alias):
76 Alias /${ALIAS} ${HTTPDIR}/sp
78 <Directory ${HTTPDIR}/${ALIAS}>
84 t = Template(location)
85 text = t.substitute({'HTTPDIR': httpdir, 'ALIAS': alias})
86 with open(httpdir + '/conf.d/ipsilon-saml.conf', 'a') as f:
89 os.mkdir(httpdir + '/sp')
90 with open(httpdir + '/sp/index.html', 'w') as f:
94 class IpsilonTest(IpsilonTestBase):
97 super(IpsilonTest, self).__init__('testrest', __file__)
99 def setup_servers(self, env=None):
100 print "Installing IDP server"
104 idp = self.generate_profile(idp_g, idp_a, name, addr, port)
105 conf = self.setup_idp_server(idp, name, addr, port, env)
107 print "Starting IDP's httpd server"
108 self.start_http_server(conf, env)
110 print "Installing SP server"
114 sp = self.generate_profile(sp_g, sp_a, name, addr, port)
115 conf = self.setup_sp_server(sp, name, addr, port, env)
116 fixup_sp_httpd(os.path.dirname(conf), name)
118 print "Starting SP's httpd server"
119 self.start_http_server(conf, env)
121 print "Installing second SP server"
125 sp2 = self.generate_profile(sp2_g, sp2_a, name, addr, port)
126 conf = self.setup_sp_server(sp2, name, addr, port, env)
127 fixup_sp_httpd(os.path.dirname(conf), name)
129 print "Starting SP's httpd server"
130 self.start_http_server(conf, env)
132 print "Installing third SP server"
136 sp3 = self.generate_profile(sp3_g, sp3_a, name, addr, port)
137 conf = self.setup_sp_server(sp3, name, addr, port, env)
138 fixup_sp_httpd(os.path.dirname(conf), name)
140 print "Starting SP's httpd server"
141 self.start_http_server(conf, env)
144 if __name__ == '__main__':
149 sp3name = 'sp3.invalid'
150 user = pwd.getpwuid(os.getuid())[0]
152 sess = HttpSessions()
153 sess.add_server(idpname, 'http://127.0.0.10:45080', user, 'ipsilon')
154 sess.add_server(spname, 'http://127.0.0.11:45081')
155 sess.add_server(sp2name, 'http://127.0.0.10:45082')
156 sess.add_server(sp3name, 'http://127.0.0.10:45083')
158 print "testrest: Authenticate to IDP ...",
160 sess.auth_to_idp(idpname)
161 except Exception, e: # pylint: disable=broad-except
162 print >> sys.stderr, " ERROR: %s" % repr(e)
166 print "testrest: List initial Service Providers via REST ...",
168 result = sess.get_rest_sp(idpname)
169 if len(result['result']) != 0:
171 'Expected no SP and got %d' % len(result['result'])
173 except ValueError, e:
174 print >> sys.stderr, " ERROR: %s" % repr(e)
178 print "testrest: Add SP Metadata to IDP via admin ...",
180 sess.add_sp_metadata(idpname, spname)
181 except Exception, e: # pylint: disable=broad-except
182 print >> sys.stderr, " ERROR: %s" % repr(e)
186 print "testrest: List Service Providers via REST ...",
188 result = sess.get_rest_sp(idpname)
189 if len(result['result']) != 1:
191 'Expected 1 SP and got %d' % len(result['result'])
193 if result['result'][0].get('provider') != spname:
195 'Expected %s and got %s' %
196 (spname, result['result'][0].get('provider'))
198 except ValueError, e:
199 print >> sys.stderr, " ERROR: %s" % repr(e)
203 print "testrest: Add Service Provider via REST ...",
205 sess.add_sp_metadata(idpname, sp2name, rest=True)
206 except ValueError, e:
207 print >> sys.stderr, " ERROR: %s" % repr(e)
211 print "testrest: List Service Providers via REST ...",
213 result = sess.get_rest_sp(idpname)
214 if len(result['result']) != 2:
216 'Expected 2 SPs and got %d' % len(result['result'])
218 except ValueError, e:
219 print >> sys.stderr, " ERROR: %s" % repr(e)
223 print "testrest: List Specific Service Providers via REST ...",
225 result = sess.get_rest_sp(idpname, spname)
226 if len(result['result']) != 1:
228 'Expected 1 SPs and got %d' % len(result['result'])
230 if result['result'][0].get('provider') != spname:
232 'Expected %s and got %s' %
233 (spname, result['result'][0].get('provider'))
235 except ValueError, e:
236 print >> sys.stderr, " ERROR: %s" % repr(e)
240 # Now for some negative testing
242 print "testrest: Add illegally named Service Provider via REST ...",
244 sess.add_sp_metadata(idpname, sp3name, rest=True)
245 except ValueError, e:
248 print >> sys.stderr, "ERROR: " \
249 "Adding SP with invalid name should have failed and it didn't"
252 print "testrest: Fetch non-existent REST endpoint ...",
254 result = sess.fetch_rest_page(
256 '/%s/rest/providers/saml2/notfound' % idpname
258 except ValueError, e:
259 if '(501)' not in e.message:
260 print >> sys.stderr, " ERROR: %s" % repr(e)
265 print >> sys.stderr, "ERROR: should have returned a 404"
268 print "testrest: Fetch non-existent SP via REST ...",
270 result = sess.get_rest_sp(idpname, 'foo')
271 except ValueError, e:
272 if '(404)' not in e.message:
273 print >> sys.stderr, " ERROR: %s" % repr(e)
278 print >> sys.stderr, "ERROR: should have returned a 404"
281 print "testrest: Re-add Service Provider via REST ...",
283 sess.add_sp_metadata(idpname, sp2name, rest=True)
284 except ValueError, e:
287 print >> sys.stderr, "ERROR: " \
288 "Adding duplicate SP should have failed and it didn't"