[5497] | 1 | """OpenID IdP Validation unit test package |
---|
| 2 | |
---|
| 3 | NERC DataGrid Project |
---|
| 4 | """ |
---|
| 5 | __author__ = "P J Kershaw" |
---|
| 6 | __date__ = "16/07/09" |
---|
| 7 | __copyright__ = "(C) 2009 Science and Technology Facilities Council" |
---|
| 8 | __license__ = "BSD - see LICENSE file in top-level directory" |
---|
| 9 | __contact__ = "Philip.Kershaw@stfc.ac.uk" |
---|
[7077] | 10 | __revision__ = '$Id$' |
---|
[5497] | 11 | import logging |
---|
| 12 | logging.basicConfig(level=logging.DEBUG) |
---|
| 13 | |
---|
| 14 | import os |
---|
| 15 | import unittest |
---|
[5499] | 16 | from ndg.security.test.unit import BaseTestCase, mkDataDirPath |
---|
[6276] | 17 | from ndg.security.server.wsgi.openid.relyingparty.validation import ( |
---|
| 18 | IdPValidator, IdPValidationDriver, IdPInvalidException, |
---|
| 19 | SSLIdPValidationDriver, SSLClientAuthNValidator) |
---|
[5497] | 20 | |
---|
[5828] | 21 | |
---|
[5497] | 22 | class ProviderWhitelistValidator(IdPValidator): |
---|
[5499] | 23 | """Test stub for Whitelist validator""" |
---|
[5497] | 24 | def __init__(self): |
---|
| 25 | pass |
---|
| 26 | |
---|
[5499] | 27 | def initialize(self, **parameters): |
---|
[5497] | 28 | '''@raise ConfigException:''' |
---|
[5499] | 29 | assert('config-file' in parameters) |
---|
| 30 | |
---|
[5497] | 31 | def validate(self, idpEndpoint, idpIdentity): |
---|
| 32 | '''@raise IdPInvalidException: |
---|
| 33 | @raise ConfigException:''' |
---|
| 34 | pass |
---|
| 35 | |
---|
| 36 | |
---|
| 37 | class ProviderIdentifierTestValidator(IdPValidator): |
---|
[5499] | 38 | """Test stub for identifier validator - fixed to reject all IdPs""" |
---|
[5497] | 39 | def __init__(self): |
---|
| 40 | pass |
---|
| 41 | |
---|
[5499] | 42 | def initialize(self, **parameters): |
---|
[5497] | 43 | '''@raise ConfigException:''' |
---|
[5499] | 44 | assert('config-file' in parameters) |
---|
[5497] | 45 | |
---|
| 46 | def validate(self, idpEndpoint, idpIdentity): |
---|
[5499] | 47 | '''Test method hard wired to raise an invalid IdP exception |
---|
| 48 | @raise IdPInvalidException: |
---|
[5497] | 49 | @raise ConfigException:''' |
---|
[5499] | 50 | raise IdPInvalidException("%s is invalid" % idpEndpoint) |
---|
[5497] | 51 | |
---|
| 52 | |
---|
| 53 | class DiscoveryInfoPlaceHolder(object): |
---|
[5779] | 54 | getOPEndpoint = lambda self: 'https://localhost/openid/provider' |
---|
[5497] | 55 | |
---|
| 56 | |
---|
| 57 | class IdentifierPlaceHolder(object): |
---|
[5779] | 58 | getIdentifier = lambda self: 'myid' |
---|
[5497] | 59 | |
---|
[5499] | 60 | from M2Crypto import X509 |
---|
[5497] | 61 | |
---|
[5499] | 62 | class X509StoreCtxPlaceHolder(object): |
---|
| 63 | x509CertFilePath = mkDataDirPath(os.path.join('pki', 'localhost.crt')) |
---|
| 64 | |
---|
[6447] | 65 | def get1_chain(self): |
---|
| 66 | return [X509.load_cert(X509StoreCtxPlaceHolder.x509CertFilePath)] |
---|
[5499] | 67 | |
---|
| 68 | class IdPValidationTestCase(BaseTestCase): |
---|
[5497] | 69 | thisDir = os.path.dirname(os.path.abspath(__file__)) |
---|
[5828] | 70 | IDP_CONFIG_FILEPATH = os.path.join(thisDir, 'idpvalidator.xml') |
---|
[5497] | 71 | os.environ['NDGSEC_UNITTEST_IDPVALIDATION_DIR'] = thisDir |
---|
| 72 | |
---|
| 73 | def test01IdPConfigFileEnvVarNotSet(self): |
---|
| 74 | identifier = IdentifierPlaceHolder() |
---|
| 75 | discoveries = [DiscoveryInfoPlaceHolder()] |
---|
| 76 | |
---|
| 77 | idPValidationDriver = IdPValidationDriver() |
---|
| 78 | validDiscoveries = idPValidationDriver.performIdPValidation(identifier, |
---|
| 79 | discoveries) |
---|
| 80 | # Expect no discoveries returned because the IDP_CONFIG_FILE |
---|
| 81 | # environment variable is not set |
---|
| 82 | self.assert_(len(validDiscoveries) == 1) |
---|
| 83 | |
---|
[5499] | 84 | def test02WithIdPConfigFile(self): |
---|
[5828] | 85 | identifier = 'https://pjk.badc.rl.ac.uk' |
---|
[5497] | 86 | |
---|
[5828] | 87 | os.environ[IdPValidationDriver.IDP_CONFIG_FILEPATH_ENV_VARNAME |
---|
| 88 | ] = IdPValidationTestCase.IDP_CONFIG_FILEPATH |
---|
| 89 | |
---|
[5497] | 90 | idPValidationDriver = IdPValidationDriver() |
---|
[5828] | 91 | validDiscoveries = idPValidationDriver.performIdPValidation(identifier) |
---|
| 92 | self.assert_(len(validDiscoveries) == 2) |
---|
[5497] | 93 | |
---|
[5499] | 94 | def test03SSLValidation(self): |
---|
| 95 | idpConfigFilePath = os.path.join(IdPValidationTestCase.thisDir, |
---|
| 96 | 'ssl-idp-validator.xml') |
---|
| 97 | idPValidationDriver = SSLIdPValidationDriver( |
---|
| 98 | idpConfigFilePath=idpConfigFilePath) |
---|
| 99 | |
---|
| 100 | # preVerifyOK set to 1 to indicate all is otherwise OK with |
---|
| 101 | # verification |
---|
| 102 | idPValidationDriver(1, X509StoreCtxPlaceHolder()) |
---|
| 103 | |
---|
[5828] | 104 | |
---|
[5497] | 105 | if __name__ == "__main__": |
---|
| 106 | unittest.main() |
---|