authentik.providers.saml.tests.test_schema
Test Requests and Responses against schema
1"""Test Requests and Responses against schema""" 2 3from base64 import b64encode 4 5from django.test import TestCase 6from guardian.shortcuts import get_anonymous_user 7from lxml import etree # nosec 8 9from authentik.blueprints.tests import apply_blueprint 10from authentik.core.tests.utils import RequestFactory, create_test_cert, create_test_flow 11from authentik.lib.xml import lxml_from_string 12from authentik.providers.saml.models import SAMLPropertyMapping, SAMLProvider 13from authentik.providers.saml.processors.assertion import AssertionProcessor 14from authentik.providers.saml.processors.authn_request_parser import AuthNRequestParser 15from authentik.sources.saml.models import SAMLBindingTypes, SAMLSource 16from authentik.sources.saml.processors.request import RequestProcessor 17 18 19class TestSchema(TestCase): 20 """Test Requests and Responses against schema""" 21 22 @apply_blueprint("system/providers-saml.yaml") 23 def setUp(self): 24 cert = create_test_cert() 25 self.provider: SAMLProvider = SAMLProvider.objects.create( 26 authorization_flow=create_test_flow(), 27 acs_url="http://testserver/source/saml/provider/acs/", 28 signing_kp=cert, 29 verification_kp=cert, 30 ) 31 self.provider.property_mappings.set(SAMLPropertyMapping.objects.all()) 32 self.provider.save() 33 self.source = SAMLSource.objects.create( 34 slug="provider", 35 issuer="authentik", 36 signing_kp=cert, 37 pre_authentication_flow=create_test_flow(), 38 binding_type=SAMLBindingTypes.POST, 39 ) 40 self.request_factory = RequestFactory() 41 42 def test_request_schema(self): 43 """Test generated AuthNRequest against Schema""" 44 http_request = self.request_factory.get("/") 45 46 # First create an AuthNRequest 47 request_proc = RequestProcessor(self.source, http_request, "test_state") 48 request = request_proc.build_auth_n() 49 50 metadata = lxml_from_string(request) 51 52 schema = etree.XMLSchema( 53 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 54 ) 55 self.assertTrue(schema.validate(metadata)) 56 57 def test_response_schema(self): 58 """Test generated AuthNRequest against Schema""" 59 http_request = self.request_factory.get("/") 60 http_request.user = get_anonymous_user() 61 62 # First create an AuthNRequest 63 request_proc = RequestProcessor(self.source, http_request, "test_state") 64 request = request_proc.build_auth_n() 65 66 # To get an assertion we need a parsed request (parsed by provider) 67 parsed_request = AuthNRequestParser(self.provider).parse( 68 b64encode(request.encode()).decode(), "test_state" 69 ) 70 # Now create a response and convert it to string (provider) 71 response_proc = AssertionProcessor(self.provider, http_request, parsed_request) 72 response = response_proc.build_response() 73 74 metadata = lxml_from_string(response) 75 76 schema = etree.XMLSchema( 77 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 78 ) 79 self.assertTrue(schema.validate(metadata))
class
TestSchema(django.test.testcases.TestCase):
20class TestSchema(TestCase): 21 """Test Requests and Responses against schema""" 22 23 @apply_blueprint("system/providers-saml.yaml") 24 def setUp(self): 25 cert = create_test_cert() 26 self.provider: SAMLProvider = SAMLProvider.objects.create( 27 authorization_flow=create_test_flow(), 28 acs_url="http://testserver/source/saml/provider/acs/", 29 signing_kp=cert, 30 verification_kp=cert, 31 ) 32 self.provider.property_mappings.set(SAMLPropertyMapping.objects.all()) 33 self.provider.save() 34 self.source = SAMLSource.objects.create( 35 slug="provider", 36 issuer="authentik", 37 signing_kp=cert, 38 pre_authentication_flow=create_test_flow(), 39 binding_type=SAMLBindingTypes.POST, 40 ) 41 self.request_factory = RequestFactory() 42 43 def test_request_schema(self): 44 """Test generated AuthNRequest against Schema""" 45 http_request = self.request_factory.get("/") 46 47 # First create an AuthNRequest 48 request_proc = RequestProcessor(self.source, http_request, "test_state") 49 request = request_proc.build_auth_n() 50 51 metadata = lxml_from_string(request) 52 53 schema = etree.XMLSchema( 54 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 55 ) 56 self.assertTrue(schema.validate(metadata)) 57 58 def test_response_schema(self): 59 """Test generated AuthNRequest against Schema""" 60 http_request = self.request_factory.get("/") 61 http_request.user = get_anonymous_user() 62 63 # First create an AuthNRequest 64 request_proc = RequestProcessor(self.source, http_request, "test_state") 65 request = request_proc.build_auth_n() 66 67 # To get an assertion we need a parsed request (parsed by provider) 68 parsed_request = AuthNRequestParser(self.provider).parse( 69 b64encode(request.encode()).decode(), "test_state" 70 ) 71 # Now create a response and convert it to string (provider) 72 response_proc = AssertionProcessor(self.provider, http_request, parsed_request) 73 response = response_proc.build_response() 74 75 metadata = lxml_from_string(response) 76 77 schema = etree.XMLSchema( 78 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 79 ) 80 self.assertTrue(schema.validate(metadata))
Test Requests and Responses against schema
@apply_blueprint('system/providers-saml.yaml')
def
setUp(self):
23 @apply_blueprint("system/providers-saml.yaml") 24 def setUp(self): 25 cert = create_test_cert() 26 self.provider: SAMLProvider = SAMLProvider.objects.create( 27 authorization_flow=create_test_flow(), 28 acs_url="http://testserver/source/saml/provider/acs/", 29 signing_kp=cert, 30 verification_kp=cert, 31 ) 32 self.provider.property_mappings.set(SAMLPropertyMapping.objects.all()) 33 self.provider.save() 34 self.source = SAMLSource.objects.create( 35 slug="provider", 36 issuer="authentik", 37 signing_kp=cert, 38 pre_authentication_flow=create_test_flow(), 39 binding_type=SAMLBindingTypes.POST, 40 ) 41 self.request_factory = RequestFactory()
Hook method for setting up the test fixture before exercising it.
def
test_request_schema(self):
43 def test_request_schema(self): 44 """Test generated AuthNRequest against Schema""" 45 http_request = self.request_factory.get("/") 46 47 # First create an AuthNRequest 48 request_proc = RequestProcessor(self.source, http_request, "test_state") 49 request = request_proc.build_auth_n() 50 51 metadata = lxml_from_string(request) 52 53 schema = etree.XMLSchema( 54 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 55 ) 56 self.assertTrue(schema.validate(metadata))
Test generated AuthNRequest against Schema
def
test_response_schema(self):
58 def test_response_schema(self): 59 """Test generated AuthNRequest against Schema""" 60 http_request = self.request_factory.get("/") 61 http_request.user = get_anonymous_user() 62 63 # First create an AuthNRequest 64 request_proc = RequestProcessor(self.source, http_request, "test_state") 65 request = request_proc.build_auth_n() 66 67 # To get an assertion we need a parsed request (parsed by provider) 68 parsed_request = AuthNRequestParser(self.provider).parse( 69 b64encode(request.encode()).decode(), "test_state" 70 ) 71 # Now create a response and convert it to string (provider) 72 response_proc = AssertionProcessor(self.provider, http_request, parsed_request) 73 response = response_proc.build_response() 74 75 metadata = lxml_from_string(response) 76 77 schema = etree.XMLSchema( 78 etree.parse("schemas/saml-schema-protocol-2.0.xsd", parser=etree.XMLParser()) # nosec 79 ) 80 self.assertTrue(schema.validate(metadata))
Test generated AuthNRequest against Schema