authentik.providers.saml.tests.test_schema
Test Requests and Responses against schema
1"""Test Requests and Responses against schema""" 2 3from base64 import b64encode 4 5from django.test import TestCase 6from guardian.shortcuts import get_anonymous_user 7from lxml import etree # nosec 8 9from authentik.blueprints.tests import apply_blueprint 10from authentik.core.models import Application 11from authentik.core.tests.utils import RequestFactory, create_test_cert, create_test_flow 12from authentik.lib.xml import lxml_from_string 13from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider 14from authentik.providers.saml.processors.assertion import AssertionProcessor 15from authentik.providers.saml.processors.authn_request_parser import AuthNRequestParser 16from authentik.sources.saml.models import SAMLBindingTypes, SAMLSource 17from authentik.sources.saml.processors.request import RequestProcessor 18 19 20class TestSchema(TestCase): 21 """Test Requests and Responses against schema""" 22 23 @apply_blueprint("system/providers-saml.yaml") 24 def setUp(self): 25 cert = create_test_cert() 26 self.provider: SAMLProvider = SAMLProvider.objects.create( 27 authorization_flow=create_test_flow(), 28 acs_url="http://testserver/source/saml/provider/acs/", 29 signing_kp=cert, 30 verification_kp=cert, 31 ) 32 self.provider.property_mappings.set(SAMLPropertyMapping.objects.all()) 33 self.provider.save() 34 Application.objects.create( 35 name="test-app", 36 slug="test-app", 37 provider=self.provider, 38 ) 39 self.source = SAMLSource.objects.create( 40 slug="provider", 41 issuer="authentik", 42 signing_kp=cert, 43 pre_authentication_flow=create_test_flow(), 44 binding_type=SAMLBindingTypes.POST, 45 ) 46 self.request_factory = RequestFactory() 47 48 def test_request_schema(self): 49 """Test generated AuthNRequest against Schema""" 50 http_request = self.request_factory.get("/") 51 52 # First create an AuthNRequest 53 request_proc = RequestProcessor(self.source, http_request, "test_state") 54 request = request_proc.build_auth_n() 55 56 metadata = lxml_from_string(request) 57 58 schema = etree.XMLSchema( 59 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 60 ) 61 self.assertTrue(schema.validate(metadata)) 62 63 def test_response_schema(self): 64 """Test generated AuthNRequest against Schema""" 65 http_request = self.request_factory.get("/") 66 http_request.user = get_anonymous_user() 67 68 # First create an AuthNRequest 69 request_proc = RequestProcessor(self.source, http_request, "test_state") 70 request = request_proc.build_auth_n() 71 72 # To get an assertion we need a parsed request (parsed by provider) 73 parsed_request = AuthNRequestParser(self.provider).parse( 74 b64encode(request.encode()).decode(), "test_state" 75 ) 76 # Now create a response and convert it to string (provider) 77 response_proc = AssertionProcessor(self.provider, http_request, parsed_request) 78 response = response_proc.build_response() 79 80 metadata = lxml_from_string(response) 81 82 schema = etree.XMLSchema( 83 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 84 ) 85 self.assertTrue(schema.validate(metadata))
class
TestSchema(django.test.testcases.TestCase):
21class TestSchema(TestCase): 22 """Test Requests and Responses against schema""" 23 24 @apply_blueprint("system/providers-saml.yaml") 25 def setUp(self): 26 cert = create_test_cert() 27 self.provider: SAMLProvider = SAMLProvider.objects.create( 28 authorization_flow=create_test_flow(), 29 acs_url="http://testserver/source/saml/provider/acs/", 30 signing_kp=cert, 31 verification_kp=cert, 32 ) 33 self.provider.property_mappings.set(SAMLPropertyMapping.objects.all()) 34 self.provider.save() 35 Application.objects.create( 36 name="test-app", 37 slug="test-app", 38 provider=self.provider, 39 ) 40 self.source = SAMLSource.objects.create( 41 slug="provider", 42 issuer="authentik", 43 signing_kp=cert, 44 pre_authentication_flow=create_test_flow(), 45 binding_type=SAMLBindingTypes.POST, 46 ) 47 self.request_factory = RequestFactory() 48 49 def test_request_schema(self): 50 """Test generated AuthNRequest against Schema""" 51 http_request = self.request_factory.get("/") 52 53 # First create an AuthNRequest 54 request_proc = RequestProcessor(self.source, http_request, "test_state") 55 request = request_proc.build_auth_n() 56 57 metadata = lxml_from_string(request) 58 59 schema = etree.XMLSchema( 60 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 61 ) 62 self.assertTrue(schema.validate(metadata)) 63 64 def test_response_schema(self): 65 """Test generated AuthNRequest against Schema""" 66 http_request = self.request_factory.get("/") 67 http_request.user = get_anonymous_user() 68 69 # First create an AuthNRequest 70 request_proc = RequestProcessor(self.source, http_request, "test_state") 71 request = request_proc.build_auth_n() 72 73 # To get an assertion we need a parsed request (parsed by provider) 74 parsed_request = AuthNRequestParser(self.provider).parse( 75 b64encode(request.encode()).decode(), "test_state" 76 ) 77 # Now create a response and convert it to string (provider) 78 response_proc = AssertionProcessor(self.provider, http_request, parsed_request) 79 response = response_proc.build_response() 80 81 metadata = lxml_from_string(response) 82 83 schema = etree.XMLSchema( 84 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 85 ) 86 self.assertTrue(schema.validate(metadata))
Test Requests and Responses against schema
@apply_blueprint('system/providers-saml.yaml')
def
setUp(self):
24 @apply_blueprint("system/providers-saml.yaml") 25 def setUp(self): 26 cert = create_test_cert() 27 self.provider: SAMLProvider = SAMLProvider.objects.create( 28 authorization_flow=create_test_flow(), 29 acs_url="http://testserver/source/saml/provider/acs/", 30 signing_kp=cert, 31 verification_kp=cert, 32 ) 33 self.provider.property_mappings.set(SAMLPropertyMapping.objects.all()) 34 self.provider.save() 35 Application.objects.create( 36 name="test-app", 37 slug="test-app", 38 provider=self.provider, 39 ) 40 self.source = SAMLSource.objects.create( 41 slug="provider", 42 issuer="authentik", 43 signing_kp=cert, 44 pre_authentication_flow=create_test_flow(), 45 binding_type=SAMLBindingTypes.POST, 46 ) 47 self.request_factory = RequestFactory()
Hook method for setting up the test fixture before exercising it.
def
test_request_schema(self):
49 def test_request_schema(self): 50 """Test generated AuthNRequest against Schema""" 51 http_request = self.request_factory.get("/") 52 53 # First create an AuthNRequest 54 request_proc = RequestProcessor(self.source, http_request, "test_state") 55 request = request_proc.build_auth_n() 56 57 metadata = lxml_from_string(request) 58 59 schema = etree.XMLSchema( 60 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 61 ) 62 self.assertTrue(schema.validate(metadata))
Test generated AuthNRequest against Schema
def
test_response_schema(self):
64 def test_response_schema(self): 65 """Test generated AuthNRequest against Schema""" 66 http_request = self.request_factory.get("/") 67 http_request.user = get_anonymous_user() 68 69 # First create an AuthNRequest 70 request_proc = RequestProcessor(self.source, http_request, "test_state") 71 request = request_proc.build_auth_n() 72 73 # To get an assertion we need a parsed request (parsed by provider) 74 parsed_request = AuthNRequestParser(self.provider).parse( 75 b64encode(request.encode()).decode(), "test_state" 76 ) 77 # Now create a response and convert it to string (provider) 78 response_proc = AssertionProcessor(self.provider, http_request, parsed_request) 79 response = response_proc.build_response() 80 81 metadata = lxml_from_string(response) 82 83 schema = etree.XMLSchema( 84 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 85 ) 86 self.assertTrue(schema.validate(metadata))
Test generated AuthNRequest against Schema