3 # Copyright (C) 2014 Ipsilon project Contributors, for license see COPYING
5 from helpers.common import IpsilonTestBase # pylint: disable=relative-import
6 from helpers.http import HttpSessions # pylint: disable=relative-import
10 from string import Template
12 idp_g = {'TEMPLATES': '${TESTDIR}/templates/install',
13 'CONFDIR': '${TESTDIR}/etc',
14 'DATADIR': '${TESTDIR}/lib',
15 'CACHEDIR': '${TESTDIR}/cache',
16 'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
17 'STATICDIR': '${ROOTDIR}',
18 'BINDIR': '${ROOTDIR}/ipsilon',
19 'WSGI_SOCKET_PREFIX': '${TESTDIR}/${NAME}/logs/wsgi'}
22 idp_a = {'hostname': '${ADDRESS}:${PORT}',
23 'admin_user': '${TEST_USER}',
24 'system_user': '${TEST_USER}',
25 'instance': '${NAME}',
31 'server_debugging': 'True'}
34 sp_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
35 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
36 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
37 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
40 sp_a = {'hostname': '${ADDRESS}:${PORT}',
41 'saml_idp_metadata': 'http://127.0.0.10:45080/idp1/saml2/metadata',
42 'saml_secure_setup': 'False',
44 'httpd_user': '${TEST_USER}'}
46 sp2_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
47 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
48 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
49 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
51 sp2_a = {'hostname': '${ADDRESS}:${PORT}',
52 'saml_idp_url': 'http://127.0.0.10:45080/idp1',
53 'admin_user': '${TEST_USER}',
54 'admin_password': '${TESTDIR}/pw.txt',
55 'saml_sp_name': 'sp2',
56 'saml_secure_setup': 'False',
58 'httpd_user': '${TEST_USER}'}
61 def fixup_sp_httpd(httpdir):
64 Alias /sp ${HTTPDIR}/sp
66 <Directory ${HTTPDIR}/sp>
72 t = Template(location)
73 text = t.substitute({'HTTPDIR': httpdir})
74 with open(httpdir + '/conf.d/ipsilon-saml.conf', 'a') as f:
77 os.mkdir(httpdir + '/sp')
78 with open(httpdir + '/sp/index.html', 'w') as f:
82 class IpsilonTest(IpsilonTestBase):
85 super(IpsilonTest, self).__init__('test1', __file__)
87 def setup_servers(self, env=None):
88 print "Installing IDP server"
92 idp = self.generate_profile(idp_g, idp_a, name, addr, port)
93 conf = self.setup_idp_server(idp, name, addr, port, env)
95 print "Starting IDP's httpd server"
96 self.start_http_server(conf, env)
98 print "Installing first SP server"
102 sp = self.generate_profile(sp_g, sp_a, name, addr, port)
103 conf = self.setup_sp_server(sp, name, addr, port, env)
104 fixup_sp_httpd(os.path.dirname(conf))
106 print "Starting first SP's httpd server"
107 self.start_http_server(conf, env)
109 print "Installing second SP server"
113 sp = self.generate_profile(sp2_g, sp2_a, name, addr, port)
114 with open(os.path.dirname(sp) + '/pw.txt', 'a') as f:
116 conf = self.setup_sp_server(sp, name, addr, port, env)
117 os.remove(os.path.dirname(sp) + '/pw.txt')
118 fixup_sp_httpd(os.path.dirname(conf))
120 print "Starting second SP's httpd server"
121 self.start_http_server(conf, env)
124 if __name__ == '__main__':
129 user = pwd.getpwuid(os.getuid())[0]
131 sess = HttpSessions()
132 sess.add_server(idpname, 'http://127.0.0.10:45080', user, 'ipsilon')
133 sess.add_server(sp1name, 'http://127.0.0.11:45081')
134 sess.add_server(sp2name, 'http://127.0.0.11:45082')
136 print "test1: Authenticate to IDP ...",
138 sess.auth_to_idp(idpname)
139 except Exception, e: # pylint: disable=broad-except
140 print >> sys.stderr, " ERROR: %s" % repr(e)
144 print "test1: Add first SP Metadata to IDP ...",
146 sess.add_sp_metadata(idpname, sp1name)
147 except Exception, e: # pylint: disable=broad-except
148 print >> sys.stderr, " ERROR: %s" % repr(e)
152 print "test1: Access first SP Protected Area ...",
154 page = sess.fetch_page(idpname, 'http://127.0.0.11:45081/sp/')
155 page.expected_value('text()', 'WORKS!')
156 except ValueError, e:
157 print >> sys.stderr, " ERROR: %s" % repr(e)
161 print "test1: Access second SP Protected Area ...",
163 page = sess.fetch_page(idpname, 'http://127.0.0.11:45082/sp/')
164 page.expected_value('text()', 'WORKS!')
165 except ValueError, e:
166 print >> sys.stderr, " ERROR: %s" % repr(e)
170 print "test1: Try authentication failure ...",
171 newsess = HttpSessions()
172 newsess.add_server(idpname, 'http://127.0.0.10:45080', user, 'wrong')
174 newsess.auth_to_idp(idpname)
175 print >> sys.stderr, " ERROR: Authentication should have failed"
177 except Exception, e: # pylint: disable=broad-except