authentik.sources.saml.tests.test_views
SAML Source tests
1"""SAML Source tests""" 2 3from base64 import b64encode 4 5from django.test import RequestFactory, TestCase 6from django.urls import reverse 7from freezegun import freeze_time 8 9from authentik.core.tests.utils import create_test_flow 10from authentik.flows.planner import PLAN_CONTEXT_REDIRECT, FlowPlan 11from authentik.flows.views.executor import SESSION_KEY_PLAN 12from authentik.lib.generators import generate_id 13from authentik.lib.tests.utils import load_fixture 14from authentik.sources.saml.models import SAMLSource 15 16 17class TestViews(TestCase): 18 """Test SAML Views""" 19 20 def setUp(self): 21 self.factory = RequestFactory() 22 self.source = SAMLSource.objects.create( 23 name=generate_id(), 24 slug=generate_id(), 25 issuer="authentik", 26 allow_idp_initiated=True, 27 pre_authentication_flow=create_test_flow(), 28 ) 29 30 @freeze_time("2022-10-14T14:15:00") 31 def test_enroll(self): 32 """Enroll""" 33 flow = create_test_flow() 34 self.source.enrollment_flow = flow 35 self.source.save() 36 37 response = self.client.post( 38 reverse( 39 "authentik_sources_saml:acs", 40 kwargs={ 41 "source_slug": self.source.slug, 42 }, 43 ), 44 data={ 45 "SAMLResponse": b64encode( 46 load_fixture("fixtures/response_success.xml").encode() 47 ).decode() 48 }, 49 ) 50 self.assertEqual(response.status_code, 302) 51 self.assertRedirects( 52 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 53 ) 54 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 55 self.assertIsNotNone(plan) 56 57 @freeze_time("2022-10-14T14:15:00") 58 def test_enroll_redirect(self): 59 """Enroll when attempting to access a provider""" 60 initial_redirect = f"http://{generate_id()}" 61 62 session = self.client.session 63 old_plan = FlowPlan(generate_id()) 64 old_plan.context[PLAN_CONTEXT_REDIRECT] = initial_redirect 65 session[SESSION_KEY_PLAN] = old_plan 66 session.save() 67 68 flow = create_test_flow() 69 self.source.enrollment_flow = flow 70 self.source.save() 71 72 response = self.client.post( 73 reverse( 74 "authentik_sources_saml:acs", 75 kwargs={ 76 "source_slug": self.source.slug, 77 }, 78 ), 79 data={ 80 "SAMLResponse": b64encode( 81 load_fixture("fixtures/response_success.xml").encode() 82 ).decode() 83 }, 84 ) 85 self.assertEqual(response.status_code, 302) 86 self.assertRedirects( 87 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 88 ) 89 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 90 self.assertIsNotNone(plan) 91 self.assertEqual(plan.context.get(PLAN_CONTEXT_REDIRECT), initial_redirect)
class
TestViews(django.test.testcases.TestCase):
18class TestViews(TestCase): 19 """Test SAML Views""" 20 21 def setUp(self): 22 self.factory = RequestFactory() 23 self.source = SAMLSource.objects.create( 24 name=generate_id(), 25 slug=generate_id(), 26 issuer="authentik", 27 allow_idp_initiated=True, 28 pre_authentication_flow=create_test_flow(), 29 ) 30 31 @freeze_time("2022-10-14T14:15:00") 32 def test_enroll(self): 33 """Enroll""" 34 flow = create_test_flow() 35 self.source.enrollment_flow = flow 36 self.source.save() 37 38 response = self.client.post( 39 reverse( 40 "authentik_sources_saml:acs", 41 kwargs={ 42 "source_slug": self.source.slug, 43 }, 44 ), 45 data={ 46 "SAMLResponse": b64encode( 47 load_fixture("fixtures/response_success.xml").encode() 48 ).decode() 49 }, 50 ) 51 self.assertEqual(response.status_code, 302) 52 self.assertRedirects( 53 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 54 ) 55 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 56 self.assertIsNotNone(plan) 57 58 @freeze_time("2022-10-14T14:15:00") 59 def test_enroll_redirect(self): 60 """Enroll when attempting to access a provider""" 61 initial_redirect = f"http://{generate_id()}" 62 63 session = self.client.session 64 old_plan = FlowPlan(generate_id()) 65 old_plan.context[PLAN_CONTEXT_REDIRECT] = initial_redirect 66 session[SESSION_KEY_PLAN] = old_plan 67 session.save() 68 69 flow = create_test_flow() 70 self.source.enrollment_flow = flow 71 self.source.save() 72 73 response = self.client.post( 74 reverse( 75 "authentik_sources_saml:acs", 76 kwargs={ 77 "source_slug": self.source.slug, 78 }, 79 ), 80 data={ 81 "SAMLResponse": b64encode( 82 load_fixture("fixtures/response_success.xml").encode() 83 ).decode() 84 }, 85 ) 86 self.assertEqual(response.status_code, 302) 87 self.assertRedirects( 88 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 89 ) 90 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 91 self.assertIsNotNone(plan) 92 self.assertEqual(plan.context.get(PLAN_CONTEXT_REDIRECT), initial_redirect)
Test SAML Views
def
setUp(self):
21 def setUp(self): 22 self.factory = RequestFactory() 23 self.source = SAMLSource.objects.create( 24 name=generate_id(), 25 slug=generate_id(), 26 issuer="authentik", 27 allow_idp_initiated=True, 28 pre_authentication_flow=create_test_flow(), 29 )
Hook method for setting up the test fixture before exercising it.
@freeze_time('2022-10-14T14:15:00')
def
test_enroll(self):
31 @freeze_time("2022-10-14T14:15:00") 32 def test_enroll(self): 33 """Enroll""" 34 flow = create_test_flow() 35 self.source.enrollment_flow = flow 36 self.source.save() 37 38 response = self.client.post( 39 reverse( 40 "authentik_sources_saml:acs", 41 kwargs={ 42 "source_slug": self.source.slug, 43 }, 44 ), 45 data={ 46 "SAMLResponse": b64encode( 47 load_fixture("fixtures/response_success.xml").encode() 48 ).decode() 49 }, 50 ) 51 self.assertEqual(response.status_code, 302) 52 self.assertRedirects( 53 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 54 ) 55 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 56 self.assertIsNotNone(plan)
Enroll
@freeze_time('2022-10-14T14:15:00')
def
test_enroll_redirect(self):
58 @freeze_time("2022-10-14T14:15:00") 59 def test_enroll_redirect(self): 60 """Enroll when attempting to access a provider""" 61 initial_redirect = f"http://{generate_id()}" 62 63 session = self.client.session 64 old_plan = FlowPlan(generate_id()) 65 old_plan.context[PLAN_CONTEXT_REDIRECT] = initial_redirect 66 session[SESSION_KEY_PLAN] = old_plan 67 session.save() 68 69 flow = create_test_flow() 70 self.source.enrollment_flow = flow 71 self.source.save() 72 73 response = self.client.post( 74 reverse( 75 "authentik_sources_saml:acs", 76 kwargs={ 77 "source_slug": self.source.slug, 78 }, 79 ), 80 data={ 81 "SAMLResponse": b64encode( 82 load_fixture("fixtures/response_success.xml").encode() 83 ).decode() 84 }, 85 ) 86 self.assertEqual(response.status_code, 302) 87 self.assertRedirects( 88 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 89 ) 90 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 91 self.assertIsNotNone(plan) 92 self.assertEqual(plan.context.get(PLAN_CONTEXT_REDIRECT), initial_redirect)
Enroll when attempting to access a provider