cmd = ['/usr/bin/createdb', '-h', addr, '-p', port, d]
subprocess.check_call(cmd, env=env)
+ def setup_ldap(self, env):
+ ldapdir = os.path.join(self.testdir, 'ldap')
+ os.mkdir(ldapdir)
+ with open(os.path.join(self.rootdir, 'tests/slapd.conf')) as f:
+ t = Template(f.read())
+ text = t.substitute({'ldapdir': ldapdir})
+ filename = os.path.join(ldapdir, 'slapd.conf')
+ with open(filename, 'w+') as f:
+ f.write(text)
+ subprocess.check_call(['/usr/sbin/slapadd', '-f', filename, '-l',
+ 'tests/ldapdata.ldif'], env=env)
+
+ return filename
+
+ def start_ldap_server(self, conf, addr, port, env):
+ p = subprocess.Popen(['/usr/sbin/slapd', '-d', '0', '-f', conf,
+ '-h', 'ldap://%s:%s' % (addr, port)],
+ env=env, preexec_fn=os.setsid)
+ self.processes.append(p)
+
def wait(self):
for p in self.processes:
os.killpg(p.pid, signal.SIGTERM)
--- /dev/null
+#!/usr/bin/python
+#
+# Copyright (C) 2015 Ipsilon Contributors, see COPYING for license
+
+
+from helpers.common import IpsilonTestBase # pylint: disable=relative-import
+from helpers.http import HttpSessions # pylint: disable=relative-import
+import os
+import sys
+from string import Template
+
+
+idp_g = {'TEMPLATES': '${TESTDIR}/templates/install',
+ 'CONFDIR': '${TESTDIR}/etc',
+ 'DATADIR': '${TESTDIR}/lib',
+ 'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
+ 'STATICDIR': '${ROOTDIR}',
+ 'BINDIR': '${ROOTDIR}/ipsilon',
+ 'WSGI_SOCKET_PREFIX': '${TESTDIR}/${NAME}/logs/wsgi'}
+
+
+idp_a = {'hostname': '${ADDRESS}:${PORT}',
+ 'admin_user': 'tuser',
+ 'system_user': '${TEST_USER}',
+ 'instance': '${NAME}',
+ 'secure': 'no',
+ 'pam': 'no',
+ 'krb': 'no',
+ 'ipa': 'no',
+ 'ldap': 'yes',
+ 'ldap_server_url': 'ldap://${ADDRESS}:45389/',
+ 'ldap_bind_dn_template':
+ 'uid=%(username)s,ou=People,dc=example,dc=com',
+ 'ldap_tls_level': 'NoTLS',
+ 'server_debugging': 'True'}
+
+
+sp_g = {'HTTPDCONFD': '${TESTDIR}/${NAME}/conf.d',
+ 'SAML2_TEMPLATE': '${TESTDIR}/templates/install/saml2/sp.conf',
+ 'SAML2_CONFFILE': '${TESTDIR}/${NAME}/conf.d/ipsilon-saml.conf',
+ 'SAML2_HTTPDIR': '${TESTDIR}/${NAME}/saml2'}
+
+
+sp_a = {'hostname': '${ADDRESS}:${PORT}',
+ 'saml_idp_metadata': 'http://127.0.0.10:45080/idp1/saml2/metadata',
+ 'saml_secure_setup': 'False',
+ 'saml_auth': '/sp',
+ 'httpd_user': '${TEST_USER}'}
+
+
+def fixup_sp_httpd(httpdir):
+ merge = """
+ MellonSetEnv "GROUPS" "groups"
+ MellonMergeEnvVars On
+</Location>"""
+ with open(httpdir + '/conf.d/ipsilon-saml.conf', 'r') as f:
+ conf = f.read()
+ conf = conf.replace('</Location>', merge, 1)
+ with open(httpdir + '/conf.d/ipsilon-saml.conf', 'w') as f:
+ f.write(conf)
+
+ location = """
+
+Alias /sp ${HTTPDIR}/sp
+
+<Directory ${HTTPDIR}/sp>
+ Require all granted
+ Options +Includes
+</Directory>
+"""
+ t = Template(location)
+ text = t.substitute({'HTTPDIR': httpdir})
+ with open(httpdir + '/conf.d/ipsilon-saml.conf', 'a') as f:
+ f.write(text)
+
+ index = """<!--#echo var="MELLON_GROUPS" -->"""
+ os.mkdir(httpdir + '/sp')
+ with open(httpdir + '/sp/index.shtml', 'w') as f:
+ f.write(index)
+
+
+class IpsilonTest(IpsilonTestBase):
+
+ def __init__(self):
+ super(IpsilonTest, self).__init__('ldap', __file__)
+
+ def setup_servers(self, env=None):
+
+ print "Installing IDP's ldap server"
+ addr = '127.0.0.10'
+ port = '45389'
+ conf = self.setup_ldap(env)
+
+ print "Starting IDP's ldap server"
+ self.start_ldap_server(conf, addr, port, env)
+
+ print "Installing IDP server"
+ name = 'idp1'
+ addr = '127.0.0.10'
+ port = '45080'
+ idp = self.generate_profile(idp_g, idp_a, name, addr, port)
+ conf = self.setup_idp_server(idp, name, addr, port, env)
+
+ print "Starting IDP's httpd server"
+ self.start_http_server(conf, env)
+
+ print "Installing SP server"
+ name = 'sp1'
+ addr = '127.0.0.11'
+ port = '45081'
+ sp = self.generate_profile(sp_g, sp_a, name, addr, port)
+ conf = self.setup_sp_server(sp, name, addr, port, env)
+ fixup_sp_httpd(os.path.dirname(conf))
+
+ print "Starting SP's httpd server"
+ self.start_http_server(conf, env)
+
+
+if __name__ == '__main__':
+
+ idpname = 'idp1'
+ spname = 'sp1'
+ user = 'tuser'
+
+ sess = HttpSessions()
+ sess.add_server(idpname, 'http://127.0.0.10:45080', user, 'tuser')
+ sess.add_server(spname, 'http://127.0.0.11:45081')
+
+ print "test1: Authenticate to IDP ...",
+ try:
+ sess.auth_to_idp(idpname)
+ except Exception, e: # pylint: disable=broad-except
+ print >> sys.stderr, " ERROR: %s" % repr(e)
+ sys.exit(1)
+ print " SUCCESS"
+
+ print "test1: Add SP Metadata to IDP ...",
+ try:
+ sess.add_sp_metadata(idpname, spname)
+ except Exception, e: # pylint: disable=broad-except
+ print >> sys.stderr, " ERROR: %s" % repr(e)
+ sys.exit(1)
+ print " SUCCESS"
+
+ print "test1: Access SP Protected Area ...",
+ try:
+ page = sess.fetch_page(idpname,
+ 'http://127.0.0.11:45081/sp/index.shtml')
+ page.expected_value('text()', 'Test Group;Test Group 2')
+ except ValueError, e:
+ print >> sys.stderr, " ERROR: %s" % repr(e)
+ sys.exit(1)
+ print " SUCCESS"
--- /dev/null
+dn: dc=example,dc=com
+dc: example
+description: tests tree
+objectClass: dcObject
+objectClass: organization
+o: Example
+
+dn: ou=People,dc=example,dc=com
+ou: People
+objectClass: organizationalUnit
+description: Test People
+
+dn: uid=tuser,ou=People,dc=example,dc=com
+objectClass: inetOrgPerson
+uid: tuser
+cn: Test User
+sn: Doe
+# password: tuser
+userPassword: {SSHA}g+LImPDfqn8HSf6LpJaN0Lpdp12OCbKf
+
+dn: uid=tuser2,ou=People,dc=example,dc=com
+objectClass: inetOrgPerson
+uid: tuser2
+cn: Test User 2
+sn: Doe
+# password: tuser
+userPassword: {SSHA}g+LImPDfqn8HSf6LpJaN0Lpdp12OCbKf
+
+dn: ou=Group,dc=example,dc=com
+ou: Group
+objectClass: organizationalUnit
+description: Groups of People
+
+dn: cn=Test Group,ou=Group,dc=example,dc=com
+cn: Test Group
+objectClass: posixGroup
+gidNumber: 100
+memberUid: tuser
+
+dn: cn=Test Group 2,ou=Group,dc=example,dc=com
+cn: Test Group 2
+objectClass: posixGroup
+gidNumber: 101
+memberUid: tuser
+memberUid: tuser2
projects / cascardo / ipsilon.git / commitdiff