authentik.sources.saml.tests.test_views
SAML Source tests
1"""SAML Source tests""" 2 3from base64 import b64encode 4 5from django.test import RequestFactory, TestCase 6from django.urls import reverse 7 8from authentik.core.tests.utils import create_test_flow 9from authentik.flows.planner import PLAN_CONTEXT_REDIRECT, FlowPlan 10from authentik.flows.views.executor import SESSION_KEY_PLAN 11from authentik.lib.generators import generate_id 12from authentik.lib.tests.utils import load_fixture 13from authentik.sources.saml.models import SAMLSource 14 15 16class TestViews(TestCase): 17 """Test SAML Views""" 18 19 def setUp(self): 20 self.factory = RequestFactory() 21 self.source = SAMLSource.objects.create( 22 name=generate_id(), 23 slug=generate_id(), 24 issuer="authentik", 25 allow_idp_initiated=True, 26 pre_authentication_flow=create_test_flow(), 27 ) 28 29 def test_enroll(self): 30 """Enroll""" 31 flow = create_test_flow() 32 self.source.enrollment_flow = flow 33 self.source.save() 34 35 response = self.client.post( 36 reverse( 37 "authentik_sources_saml:acs", 38 kwargs={ 39 "source_slug": self.source.slug, 40 }, 41 ), 42 data={ 43 "SAMLResponse": b64encode( 44 load_fixture("fixtures/response_success.xml").encode() 45 ).decode() 46 }, 47 ) 48 self.assertEqual(response.status_code, 302) 49 self.assertRedirects( 50 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 51 ) 52 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 53 self.assertIsNotNone(plan) 54 55 def test_enroll_redirect(self): 56 """Enroll when attempting to access a provider""" 57 initial_redirect = f"http://{generate_id()}" 58 59 session = self.client.session 60 old_plan = FlowPlan(generate_id()) 61 old_plan.context[PLAN_CONTEXT_REDIRECT] = initial_redirect 62 session[SESSION_KEY_PLAN] = old_plan 63 session.save() 64 65 flow = create_test_flow() 66 self.source.enrollment_flow = flow 67 self.source.save() 68 69 response = self.client.post( 70 reverse( 71 "authentik_sources_saml:acs", 72 kwargs={ 73 "source_slug": self.source.slug, 74 }, 75 ), 76 data={ 77 "SAMLResponse": b64encode( 78 load_fixture("fixtures/response_success.xml").encode() 79 ).decode() 80 }, 81 ) 82 self.assertEqual(response.status_code, 302) 83 self.assertRedirects( 84 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 85 ) 86 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 87 self.assertIsNotNone(plan) 88 self.assertEqual(plan.context.get(PLAN_CONTEXT_REDIRECT), initial_redirect)
class
TestViews(django.test.testcases.TestCase):
17class TestViews(TestCase): 18 """Test SAML Views""" 19 20 def setUp(self): 21 self.factory = RequestFactory() 22 self.source = SAMLSource.objects.create( 23 name=generate_id(), 24 slug=generate_id(), 25 issuer="authentik", 26 allow_idp_initiated=True, 27 pre_authentication_flow=create_test_flow(), 28 ) 29 30 def test_enroll(self): 31 """Enroll""" 32 flow = create_test_flow() 33 self.source.enrollment_flow = flow 34 self.source.save() 35 36 response = self.client.post( 37 reverse( 38 "authentik_sources_saml:acs", 39 kwargs={ 40 "source_slug": self.source.slug, 41 }, 42 ), 43 data={ 44 "SAMLResponse": b64encode( 45 load_fixture("fixtures/response_success.xml").encode() 46 ).decode() 47 }, 48 ) 49 self.assertEqual(response.status_code, 302) 50 self.assertRedirects( 51 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 52 ) 53 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 54 self.assertIsNotNone(plan) 55 56 def test_enroll_redirect(self): 57 """Enroll when attempting to access a provider""" 58 initial_redirect = f"http://{generate_id()}" 59 60 session = self.client.session 61 old_plan = FlowPlan(generate_id()) 62 old_plan.context[PLAN_CONTEXT_REDIRECT] = initial_redirect 63 session[SESSION_KEY_PLAN] = old_plan 64 session.save() 65 66 flow = create_test_flow() 67 self.source.enrollment_flow = flow 68 self.source.save() 69 70 response = self.client.post( 71 reverse( 72 "authentik_sources_saml:acs", 73 kwargs={ 74 "source_slug": self.source.slug, 75 }, 76 ), 77 data={ 78 "SAMLResponse": b64encode( 79 load_fixture("fixtures/response_success.xml").encode() 80 ).decode() 81 }, 82 ) 83 self.assertEqual(response.status_code, 302) 84 self.assertRedirects( 85 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 86 ) 87 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 88 self.assertIsNotNone(plan) 89 self.assertEqual(plan.context.get(PLAN_CONTEXT_REDIRECT), initial_redirect)
Test SAML Views
def
setUp(self):
20 def setUp(self): 21 self.factory = RequestFactory() 22 self.source = SAMLSource.objects.create( 23 name=generate_id(), 24 slug=generate_id(), 25 issuer="authentik", 26 allow_idp_initiated=True, 27 pre_authentication_flow=create_test_flow(), 28 )
Hook method for setting up the test fixture before exercising it.
def
test_enroll(self):
30 def test_enroll(self): 31 """Enroll""" 32 flow = create_test_flow() 33 self.source.enrollment_flow = flow 34 self.source.save() 35 36 response = self.client.post( 37 reverse( 38 "authentik_sources_saml:acs", 39 kwargs={ 40 "source_slug": self.source.slug, 41 }, 42 ), 43 data={ 44 "SAMLResponse": b64encode( 45 load_fixture("fixtures/response_success.xml").encode() 46 ).decode() 47 }, 48 ) 49 self.assertEqual(response.status_code, 302) 50 self.assertRedirects( 51 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 52 ) 53 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 54 self.assertIsNotNone(plan)
Enroll
def
test_enroll_redirect(self):
56 def test_enroll_redirect(self): 57 """Enroll when attempting to access a provider""" 58 initial_redirect = f"http://{generate_id()}" 59 60 session = self.client.session 61 old_plan = FlowPlan(generate_id()) 62 old_plan.context[PLAN_CONTEXT_REDIRECT] = initial_redirect 63 session[SESSION_KEY_PLAN] = old_plan 64 session.save() 65 66 flow = create_test_flow() 67 self.source.enrollment_flow = flow 68 self.source.save() 69 70 response = self.client.post( 71 reverse( 72 "authentik_sources_saml:acs", 73 kwargs={ 74 "source_slug": self.source.slug, 75 }, 76 ), 77 data={ 78 "SAMLResponse": b64encode( 79 load_fixture("fixtures/response_success.xml").encode() 80 ).decode() 81 }, 82 ) 83 self.assertEqual(response.status_code, 302) 84 self.assertRedirects( 85 response, reverse("authentik_core:if-flow", kwargs={"flow_slug": flow.slug}) 86 ) 87 plan: FlowPlan = self.client.session.get(SESSION_KEY_PLAN) 88 self.assertIsNotNone(plan) 89 self.assertEqual(plan.context.get(PLAN_CONTEXT_REDIRECT), initial_redirect)
Enroll when attempting to access a provider