import requests
import string
import urlparse
+import json
+from urllib import urlencode
class WrongPage(Exception):
return [method, self.new_url(referer, action_url),
{'headers': headers, 'data': payload}]
- def fetch_page(self, idp, target_url):
+ def fetch_page(self, idp, target_url, follow_redirect=True):
url = target_url
action = 'get'
args = {}
while True:
r = self.access(action, url, **args) # pylint: disable=star-args
if r.status_code == 303:
+ if not follow_redirect:
+ return PageTree(r)
url = r.headers['location']
action = 'get'
args = {}
return (idpuri, requests.get('%s/saml2/metadata' % spuri))
- def add_sp_metadata(self, idp, sp):
+ def add_sp_metadata(self, idp, sp, rest=False):
+ expected_status = 200
idpsrv = self.servers[idp]
(idpuri, m) = self.get_sp_metadata(idp, sp)
url = '%s/%s/admin/providers/saml2/admin/new' % (idpuri, idp)
- metafile = {'metafile': m.content}
headers = {'referer': url}
- payload = {'name': sp}
+ if rest:
+ expected_status = 201
+ payload = {'metadata': m.content}
+ headers['content-type'] = 'application/x-www-form-urlencoded'
+ url = '%s/%s/rest/providers/saml2/SPS/%s' % (idpuri, idp, sp)
+ r = idpsrv['session'].post(url, headers=headers,
+ data=urlencode(payload))
+ else:
+ metafile = {'metafile': m.content}
+ payload = {'name': sp}
+ r = idpsrv['session'].post(url, headers=headers,
+ data=payload, files=metafile)
+ if r.status_code != expected_status:
+ raise ValueError('Failed to post SP data [%s]' % repr(r))
+
+ if not rest:
+ page = PageTree(r)
+ page.expected_value('//div[@class="alert alert-success"]/p/text()',
+ 'SP Successfully added')
+
+ def set_sp_default_nameids(self, idp, sp, nameids):
+ """
+ nameids is a list of Name ID formats to enable
+ """
+ idpsrv = self.servers[idp]
+ idpuri = idpsrv['baseuri']
+ url = '%s/%s/admin/providers/saml2/admin/sp/%s' % (idpuri, idp, sp)
+ headers = {'referer': url}
+ headers['content-type'] = 'application/x-www-form-urlencoded'
+ payload = {'submit': 'Submit',
+ 'allowed_nameids': ', '.join(nameids)}
r = idpsrv['session'].post(url, headers=headers,
- data=payload, files=metafile)
+ data=payload)
if r.status_code != 200:
raise ValueError('Failed to post SP data [%s]' % repr(r))
- page = PageTree(r)
- page.expected_value('//div[@class="alert alert-success"]/p/text()',
- 'SP Successfully added')
+ # pylint: disable=dangerous-default-value
+ def set_attributes_and_mapping(self, idp, mapping=[], attrs=[],
+ spname=None):
+ """
+ Set allowed attributes and mapping in the IDP or the SP. In the
+ case of the SP both allowed attributes and the mapping need to
+ be provided. An empty option for either means delete all values.
+
+ mapping is a list of list of rules of the form:
+ [['from-1', 'to-1'], ['from-2', 'from-2']]
+
+ ex. [['*', '*'], ['fullname', 'namefull']]
+
+ attrs is the list of attributes that will be allowed:
+ ['fullname', 'givenname', 'surname']
+ """
+ idpsrv = self.servers[idp]
+ idpuri = idpsrv['baseuri']
+ if spname: # per-SP setting
+ url = '%s/%s/admin/providers/saml2/admin/sp/%s' % (
+ idpuri, idp, spname)
+ mapname = 'Attribute Mapping'
+ attrname = 'Allowed Attributes'
+ else: # global default
+ url = '%s/%s/admin/providers/saml2' % (idpuri, idp)
+ mapname = 'default attribute mapping'
+ attrname = 'default allowed attributes'
+
+ headers = {'referer': url}
+ headers['content-type'] = 'application/x-www-form-urlencoded'
+ payload = {'submit': 'Submit'}
+ count = 0
+ for m in mapping:
+ payload['%s %s-from' % (mapname, count)] = m[0]
+ payload['%s %s-to' % (mapname, count)] = m[1]
+ count += 1
+ count = 0
+ for attr in attrs:
+ payload['%s %s-name' % (attrname, count)] = attr
+ count += 1
+ r = idpsrv['session'].post(url, headers=headers,
+ data=payload)
+ if r.status_code != 200:
+ raise ValueError('Failed to post IDP data [%s]' % repr(r))
+
+ def fetch_rest_page(self, idpname, uri):
+ """
+ idpname - the name of the IDP to fetch the page from
+ uri - the URI of the page to retrieve
+
+ The URL for the request is built from known-information in
+ the session.
+
+ returns dict if successful
+ returns ValueError if the output is unparseable
+ """
+ baseurl = self.servers[idpname].get('baseuri')
+ page = self.fetch_page(
+ idpname,
+ '%s%s' % (baseurl, uri)
+ )
+ return json.loads(page.text)
+
+ def get_rest_sp(self, idpname, spname=None):
+ if spname is None:
+ uri = '/%s/rest/providers/saml2/SPS/' % idpname
+ else:
+ uri = '/%s/rest/providers/saml2/SPS/%s' % (idpname, spname)
+
+ return self.fetch_rest_page(idpname, uri)
projects / cascardo / ipsilon.git / blobdiff