-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
✅ [#2263] Add tests for setup config for DigiD SAML
- Loading branch information
Showing
2 changed files
with
240 additions
and
0 deletions.
There are no files selected for viewing
82 changes: 82 additions & 0 deletions
82
src/open_inwoner/configurations/tests/bootstrap/files/digid-metadata.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,82 @@ | ||
| <?xml version="1.0" encoding="UTF-8"?> | ||
| <md:EntityDescriptor xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" ID="_8aeffce5e70efe56f47d80f1f0322e9a5dbf6bf0" entityID="https://was-preprod1.digid.nl/saml/idp/metadata"><ds:Signature><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/><ds:Reference URI="#_8aeffce5e70efe56f47d80f1f0322e9a5dbf6bf0"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="ds saml samlp xs"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/><ds:DigestValue>NoOIwQlJT+i8sPfoZAqpxlGTh7hqWVGeVHcu9vhQ+xA=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>ixScWp/yrGs4LRQHqnF9Zr/Jn1MOIS5TwiWwiUc3d5sv+jMbVFGSw4fHE0Yu6yp5kOajK3wCY8TbfcIb++na5XWlHDfMD3MhiNBTdr2vIw6tdqetSCng02r5BQN1wug1qH1RY8FRH39X0opOVbs/V9HsCoquRvVRxjidz9L5Q3PNx/VPGHWkW4iclJKsJT4UPqTR6ZQww3Krd7XzUA3pnTx97WxJegfwmg70H/WQiasV1eI4tWm3PFHhhS2TuVshxoWxa2Qzz6HHYsOX+jWVnL9M3YF/RXuoMdt3cOtde7/EX6Cw2r50hAODnClQgRoxuPMBhdTXAyq6NirmPR9dKg==</ds:SignatureValue><ds:KeyInfo><ds:KeyName>7593b799e735055fcd479caa35d44d455576cefc</ds:KeyName></ds:KeyInfo></ds:Signature><md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"><md:KeyDescriptor use="signing"><ds:KeyInfo><ds:KeyName>7593b799e735055fcd479caa35d44d455576cefc</ds:KeyName><ds:X509Data><ds:X509Certificate>MIIG+zCCBOOgAwIBAgIUJmQio80TiqOX3LMrbzeG1dh0ngEwDQYJKoZIhvcN | ||
| AQELBQAwgYAxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBUcnVz | ||
| dGxpbmsgQi5WLjEXMBUGA1UEYQwOTlRSTkwtMzAyMzc0NTkxNjA0BgNVBAMM | ||
| LVF1b1ZhZGlzIFBLSW92ZXJoZWlkIFByaXZhdGUgU2VydmljZXMgQ0EgLSBH | ||
| MTAeFw0yMzA5MjExOTEyNTlaFw0yNjA5MjExOTA3MDBaMF4xCzAJBgNVBAYT | ||
| Ak5MMQ8wDQYDVQQKDAZMb2dpdXMxHTAbBgNVBAUTFDAwMDAwMDA0MTY2OTA5 | ||
| OTEzMDAwMR8wHQYDVQQDDBZzYW1sLXNpZ24ucHAxLmRpZ2lkLm5sMIIBIjAN | ||
| BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5r8GtcRfX3UN3f7I8Iobhy/N | ||
| U0Y+MV6DEXTmDRvRDZjwjr6ammB/cd1fsDz7D5CU+eax205aDRH69mMZk11x | ||
| cIKDjISvtBFLQVxwWXgTGpUSBogFHfp70/yfvcC7vq8gE7zjRN9gNzZCC0Ak | ||
| D7ZwAfFBbwI9nBSiMby9MY41MjS/W10uik1I6s5Ok2u/WfUe6FjcnaoU1O7O | ||
| tpJGAkW/yDC5HWypqeTG1fSPee/0GjvU8FH+Bu73fAFHa86KSO15eaCUR6Ea | ||
| 7qCjpLsfPizweP9Adehlal1blfxsfJdFunq/jnO8NhYnQ7DC0aBd6ET8Wo/O | ||
| 1ZacGsYmJWq9dqeleQIDAQABo4ICjDCCAogwHwYDVR0jBBgwFoAUuWymE7q7 | ||
| LzRjgzEu+X5JHd8A9WMwfQYIKwYBBQUHAQEEcTBvMD4GCCsGAQUFBzAChjJo | ||
| dHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3BraW9wcml2c2Vydmcx | ||
| LmNydDAtBggrBgEFBQcwAYYhaHR0cDovL3NsLm9jc3AucXVvdmFkaXNnbG9i | ||
| YWwuY29tMCEGA1UdEQQaMBiCFnNhbWwtc2lnbi5wcDEuZGlnaWQubmwwggEw | ||
| BgNVHSAEggEnMIIBIzCCAR8GCmCEEAGHawECCAYwggEPMDQGCCsGAQUFBwIB | ||
| FihodHRwOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MIHW | ||
| BggrBgEFBQcCAjCByQyBxlJlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUg | ||
| YnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgcmVsZXZh | ||
| bnQgUXVvVmFkaXMgQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg | ||
| YW5kIG90aGVyIGRvY3VtZW50cyBpbiB0aGUgUXVvVmFkaXMgcmVwb3NpdG9y | ||
| eSAoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20pLjAdBgNVHSUEFjAU | ||
| BggrBgEFBQcDAgYIKwYBBQUHAwEwQQYDVR0fBDowODA2oDSgMoYwaHR0cDov | ||
| L2NybC5xdW92YWRpc2dsb2JhbC5jb20vcGtpb3ByaXZzZXJ2ZzEuY3JsMB0G | ||
| A1UdDgQWBBRZAjjqOD74qry7CXrnZUyjOI33CzAOBgNVHQ8BAf8EBAMCBaAw | ||
| DQYJKoZIhvcNAQELBQADggIBABiPLzZxV8YAFV0OIvK35Qh11zDZYPEp09RN | ||
| 9NDsb+kOvShIBQirgejYA1SVZ73vMzFUmVNW/LyKoflH/N3ziU5NoMHK/31G | ||
| yP3W5Ffeezo42wLqqv1Ttfod3Tg56LC/jZb0a7R4LoosfFuEvHwWM8vJO8oy | ||
| IFuNSclSXOR0UArdeUl6fXsYExFOkdKgsrjcDBH+DOs/LlDPwL9qL3aK6vOG | ||
| WMXlfaFfRVhmcqs1ZVXLc+ylyT2DKf96oQSXE/pIB/yCcl3MuG3Xb0mp4MEq | ||
| AcAvEa4bIW0c1ULmlmxfw7F8rR2pVWN3wl8fqsxYxg6SNp3+ZKjOvX5GVGz+ | ||
| 2nGWC+W2szqpRL/uvNWquSZaFHRiFkbJLtZNMy9HF7F0P62ler7BuZ4resb1 | ||
| l5d+rRRUocPwBv6GrBv6WE6QXpKkYZyuElkl7u3W+/L5UGaz+rAaMYJ1DdQL | ||
| XgAdq4KIuh9VR/YsFpttXUz2ieRBm1s2t0otk/sr0zFT23mt22lVVSaHmfCB | ||
| X8xCL9z8Y+XlbhPWhoXf8hvKI9KLcpf+e9OiS84+MYq4xJxoESNoq31oYirM | ||
| I1g9TNGKXAKrXIv9laeinsIJnn7zhSFu0LWz8XuvjuxPXtPzi9mOh98wIp6H | ||
| +AbyNMBwYTQKpOAd8jsD6+2d1gK5WHtwce5cWxgVdo1czCvY | ||
| </ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:KeyDescriptor use="encryption"><ds:KeyInfo><ds:KeyName>7593b799e735055fcd479caa35d44d455576cefc</ds:KeyName><ds:X509Data><ds:X509Certificate>MIIG+zCCBOOgAwIBAgIUJmQio80TiqOX3LMrbzeG1dh0ngEwDQYJKoZIhvcN | ||
| AQELBQAwgYAxCzAJBgNVBAYTAk5MMSAwHgYDVQQKDBdRdW9WYWRpcyBUcnVz | ||
| dGxpbmsgQi5WLjEXMBUGA1UEYQwOTlRSTkwtMzAyMzc0NTkxNjA0BgNVBAMM | ||
| LVF1b1ZhZGlzIFBLSW92ZXJoZWlkIFByaXZhdGUgU2VydmljZXMgQ0EgLSBH | ||
| MTAeFw0yMzA5MjExOTEyNTlaFw0yNjA5MjExOTA3MDBaMF4xCzAJBgNVBAYT | ||
| Ak5MMQ8wDQYDVQQKDAZMb2dpdXMxHTAbBgNVBAUTFDAwMDAwMDA0MTY2OTA5 | ||
| OTEzMDAwMR8wHQYDVQQDDBZzYW1sLXNpZ24ucHAxLmRpZ2lkLm5sMIIBIjAN | ||
| BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5r8GtcRfX3UN3f7I8Iobhy/N | ||
| U0Y+MV6DEXTmDRvRDZjwjr6ammB/cd1fsDz7D5CU+eax205aDRH69mMZk11x | ||
| cIKDjISvtBFLQVxwWXgTGpUSBogFHfp70/yfvcC7vq8gE7zjRN9gNzZCC0Ak | ||
| D7ZwAfFBbwI9nBSiMby9MY41MjS/W10uik1I6s5Ok2u/WfUe6FjcnaoU1O7O | ||
| tpJGAkW/yDC5HWypqeTG1fSPee/0GjvU8FH+Bu73fAFHa86KSO15eaCUR6Ea | ||
| 7qCjpLsfPizweP9Adehlal1blfxsfJdFunq/jnO8NhYnQ7DC0aBd6ET8Wo/O | ||
| 1ZacGsYmJWq9dqeleQIDAQABo4ICjDCCAogwHwYDVR0jBBgwFoAUuWymE7q7 | ||
| LzRjgzEu+X5JHd8A9WMwfQYIKwYBBQUHAQEEcTBvMD4GCCsGAQUFBzAChjJo | ||
| dHRwOi8vdHJ1c3QucXVvdmFkaXNnbG9iYWwuY29tL3BraW9wcml2c2Vydmcx | ||
| LmNydDAtBggrBgEFBQcwAYYhaHR0cDovL3NsLm9jc3AucXVvdmFkaXNnbG9i | ||
| YWwuY29tMCEGA1UdEQQaMBiCFnNhbWwtc2lnbi5wcDEuZGlnaWQubmwwggEw | ||
| BgNVHSAEggEnMIIBIzCCAR8GCmCEEAGHawECCAYwggEPMDQGCCsGAQUFBwIB | ||
| FihodHRwOi8vd3d3LnF1b3ZhZGlzZ2xvYmFsLmNvbS9yZXBvc2l0b3J5MIHW | ||
| BggrBgEFBQcCAjCByQyBxlJlbGlhbmNlIG9uIHRoaXMgY2VydGlmaWNhdGUg | ||
| YnkgYW55IHBhcnR5IGFzc3VtZXMgYWNjZXB0YW5jZSBvZiB0aGUgcmVsZXZh | ||
| bnQgUXVvVmFkaXMgQ2VydGlmaWNhdGlvbiBQcmFjdGljZSBTdGF0ZW1lbnQg | ||
| YW5kIG90aGVyIGRvY3VtZW50cyBpbiB0aGUgUXVvVmFkaXMgcmVwb3NpdG9y | ||
| eSAoaHR0cDovL3d3dy5xdW92YWRpc2dsb2JhbC5jb20pLjAdBgNVHSUEFjAU | ||
| BggrBgEFBQcDAgYIKwYBBQUHAwEwQQYDVR0fBDowODA2oDSgMoYwaHR0cDov | ||
| L2NybC5xdW92YWRpc2dsb2JhbC5jb20vcGtpb3ByaXZzZXJ2ZzEuY3JsMB0G | ||
| A1UdDgQWBBRZAjjqOD74qry7CXrnZUyjOI33CzAOBgNVHQ8BAf8EBAMCBaAw | ||
| DQYJKoZIhvcNAQELBQADggIBABiPLzZxV8YAFV0OIvK35Qh11zDZYPEp09RN | ||
| 9NDsb+kOvShIBQirgejYA1SVZ73vMzFUmVNW/LyKoflH/N3ziU5NoMHK/31G | ||
| yP3W5Ffeezo42wLqqv1Ttfod3Tg56LC/jZb0a7R4LoosfFuEvHwWM8vJO8oy | ||
| IFuNSclSXOR0UArdeUl6fXsYExFOkdKgsrjcDBH+DOs/LlDPwL9qL3aK6vOG | ||
| WMXlfaFfRVhmcqs1ZVXLc+ylyT2DKf96oQSXE/pIB/yCcl3MuG3Xb0mp4MEq | ||
| AcAvEa4bIW0c1ULmlmxfw7F8rR2pVWN3wl8fqsxYxg6SNp3+ZKjOvX5GVGz+ | ||
| 2nGWC+W2szqpRL/uvNWquSZaFHRiFkbJLtZNMy9HF7F0P62ler7BuZ4resb1 | ||
| l5d+rRRUocPwBv6GrBv6WE6QXpKkYZyuElkl7u3W+/L5UGaz+rAaMYJ1DdQL | ||
| XgAdq4KIuh9VR/YsFpttXUz2ieRBm1s2t0otk/sr0zFT23mt22lVVSaHmfCB | ||
| X8xCL9z8Y+XlbhPWhoXf8hvKI9KLcpf+e9OiS84+MYq4xJxoESNoq31oYirM | ||
| I1g9TNGKXAKrXIv9laeinsIJnn7zhSFu0LWz8XuvjuxPXtPzi9mOh98wIp6H | ||
| +AbyNMBwYTQKpOAd8jsD6+2d1gK5WHtwce5cWxgVdo1czCvY | ||
| </ds:X509Certificate></ds:X509Data></ds:KeyInfo></md:KeyDescriptor><md:ArtifactResolutionService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="https://was-preprod1.digid.nl/saml/idp/resolve_artifact" index="0"/><md:SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://preprod1.digid.nl/saml/idp/request_logout"/><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://preprod1.digid.nl/saml/idp/request_authentication"/><md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="https://preprod1.digid.nl/saml/idp/request_authentication"/></md:IDPSSODescriptor></md:EntityDescriptor> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,14 +1,23 @@ | ||
| import urllib.error | ||
| from unittest import skip | ||
| from unittest.mock import patch | ||
|
|
||
| from django.test import TestCase, override_settings | ||
|
|
||
| import requests | ||
| import requests_mock | ||
| from digid_eherkenning.choices import ( | ||
| DigestAlgorithms, | ||
| SignatureAlgorithms, | ||
| XMLContentTypes, | ||
| ) | ||
| from digid_eherkenning.models import DigidConfiguration | ||
| from django_setup_configuration.exceptions import ConfigurationRunFailed | ||
| from mozilla_django_oidc_db.models import ( | ||
| OpenIDConnectConfig, | ||
| UserInformationClaimsSources, | ||
| ) | ||
| from simple_certmanager.constants import CertificateTypes | ||
|
|
||
| from digid_eherkenning_oidc_generics.models import ( | ||
| OpenIDConnectDigiDConfig, | ||
|
|
@@ -17,6 +26,7 @@ | |
|
|
||
| from ...bootstrap.auth import ( | ||
| AdminOIDCConfigurationStep, | ||
| DigiDConfigurationStep, | ||
| DigiDOIDCConfigurationStep, | ||
| eHerkenningOIDCConfigurationStep, | ||
| ) | ||
|
|
@@ -33,6 +43,10 @@ | |
| "jwks_uri": f"{IDENTITY_PROVIDER}protocol/openid-connect/certs", | ||
| } | ||
|
|
||
| DIGID_XML_METADATA_PATH = ( | ||
| "src/open_inwoner/configurations/tests/bootstrap/files/digid-metadata.xml" | ||
| ) | ||
|
|
||
|
|
||
| @override_settings( | ||
| DIGID_OIDC_OIDC_RP_CLIENT_ID="client-id", | ||
|
|
@@ -656,3 +670,147 @@ def test_is_configured(self): | |
| config.configure() | ||
|
|
||
| self.assertTrue(config.is_configured()) | ||
|
|
||
|
|
||
| @override_settings( | ||
| DIGID_CERTIFICATE_LABEL="DigiD certificate", | ||
| DIGID_CERTIFICATE_TYPE=CertificateTypes.key_pair, | ||
| DIGID_CERTIFICATE_PUBLIC_CERTIFICATE="/tmp/certificate.crt", | ||
| DIGID_CERTIFICATE_PRIVATE_KEY="/tmp/key.key", | ||
| DIGID_METADATA_FILE_SOURCE="http://metadata.local/file.xml", | ||
| DIGID_ENTITY_ID="1234", | ||
| DIGID_BASE_URL="http://digid.local", | ||
| DIGID_SERVICE_NAME="OIP", | ||
| DIGID_SERVICE_DESCRIPTION="Open Inwoner", | ||
| DIGID_WANT_ASSERTIONS_SIGNED=False, | ||
| DIGID_WANT_ASSERTIONS_ENCRYPTED=True, | ||
| DIGID_ARTIFACT_RESOLVE_CONTENT_TYPE=XMLContentTypes.text_xml, | ||
| DIGID_KEY_PASSPHRASE="foo", | ||
| DIGID_SIGNATURE_ALGORITHM=SignatureAlgorithms.dsa_sha1, | ||
| DIGID_DIGEST_ALGORITHM=DigestAlgorithms.sha512, | ||
| DIGID_TECHNICAL_CONTACT_PERSON_TELEPHONE="0612345678", | ||
| DIGID_TECHNICAL_CONTACT_PERSON_EMAIL="[email protected]", | ||
| DIGID_ORGANIZATION_URL="http://open-inwoner.local", | ||
| DIGID_ORGANIZATION_NAME="Open Inwoner", | ||
| DIGID_ATTRIBUTE_CONSUMING_SERVICE_INDEX="2", | ||
| DIGID_REQUESTED_ATTRIBUTES=[ | ||
| {"name": "bsn", "required": True}, | ||
| {"name": "email", "required": False}, | ||
| ], | ||
| DIGID_SLO=False, | ||
| ) | ||
| class DigiDConfigurationTests(TestCase): | ||
| def test_configure(self): | ||
| with open(DIGID_XML_METADATA_PATH) as f: | ||
| with patch( | ||
| "onelogin.saml2.idp_metadata_parser.urllib2.urlopen", return_value=f | ||
| ): | ||
| DigiDConfigurationStep().configure() | ||
|
|
||
| config = DigidConfiguration.get_solo() | ||
|
|
||
| self.assertEqual(config.certificate.label, "DigiD certificate") | ||
| self.assertEqual(config.certificate.type, CertificateTypes.key_pair) | ||
| self.assertEqual(config.certificate.public_certificate, "/tmp/certificate.crt") | ||
| self.assertEqual(config.certificate.private_key, "/tmp/key.key") | ||
| self.assertEqual(config.key_passphrase, "foo") | ||
| self.assertEqual(config.metadata_file_source, "http://metadata.local/file.xml") | ||
| self.assertEqual( | ||
| config.idp_service_entity_id, | ||
| "https://was-preprod1.digid.nl/saml/idp/metadata", | ||
| ) | ||
| self.assertTrue(config.idp_metadata_file.path.endswith(".xml")) | ||
| self.assertEqual(config.entity_id, "1234") | ||
| self.assertEqual(config.base_url, "http://digid.local") | ||
| self.assertEqual(config.service_name, "OIP") | ||
| self.assertEqual(config.service_description, "Open Inwoner") | ||
| self.assertEqual(config.want_assertions_signed, False) | ||
| self.assertEqual(config.want_assertions_encrypted, True) | ||
| self.assertEqual(config.artifact_resolve_content_type, XMLContentTypes.text_xml) | ||
| self.assertEqual(config.signature_algorithm, SignatureAlgorithms.dsa_sha1) | ||
| self.assertEqual(config.digest_algorithm, DigestAlgorithms.sha512) | ||
| self.assertEqual(config.technical_contact_person_telephone, "0612345678") | ||
| self.assertEqual(config.technical_contact_person_email, "[email protected]") | ||
| self.assertEqual(config.organization_url, "http://open-inwoner.local") | ||
| self.assertEqual(config.organization_name, "Open Inwoner") | ||
| self.assertEqual(config.attribute_consuming_service_index, "2") | ||
| self.assertEqual( | ||
| config.requested_attributes, | ||
| [{"name": "bsn", "required": True}, {"name": "email", "required": False}], | ||
| ) | ||
| self.assertEqual(config.slo, False) | ||
|
|
||
| # TODO asserts | ||
|
|
||
| @override_settings( | ||
| DIGID_WANT_ASSERTIONS_SIGNED=None, | ||
| DIGID_WANT_ASSERTIONS_ENCRYPTED=None, | ||
| DIGID_ARTIFACT_RESOLVE_CONTENT_TYPE=None, | ||
| DIGID_KEY_PASSPHRASE=None, | ||
| DIGID_SIGNATURE_ALGORITHM=None, | ||
| DIGID_DIGEST_ALGORITHM=None, | ||
| DIGID_ATTRIBUTE_CONSUMING_SERVICE_INDEX=None, | ||
| DIGID_REQUESTED_ATTRIBUTES=None, | ||
| DIGID_SLO=None, | ||
| ) | ||
| def test_configure_use_defaults(self): | ||
| with open(DIGID_XML_METADATA_PATH) as f: | ||
| with patch( | ||
| "onelogin.saml2.idp_metadata_parser.urllib2.urlopen", return_value=f | ||
| ): | ||
| DigiDConfigurationStep().configure() | ||
|
|
||
| config = DigidConfiguration.get_solo() | ||
|
|
||
| self.assertEqual(config.key_passphrase, "") | ||
| self.assertEqual(config.want_assertions_signed, True) | ||
| self.assertEqual(config.want_assertions_encrypted, False) | ||
| self.assertEqual(config.artifact_resolve_content_type, XMLContentTypes.soap_xml) | ||
| self.assertEqual(config.signature_algorithm, SignatureAlgorithms.rsa_sha1) | ||
| self.assertEqual(config.digest_algorithm, DigestAlgorithms.sha1) | ||
| self.assertEqual(config.attribute_consuming_service_index, "1") | ||
| self.assertEqual( | ||
| config.requested_attributes, | ||
| [{"name": "bsn", "required": True}], | ||
| ) | ||
| self.assertEqual(config.slo, True) | ||
|
|
||
| # TODO asserts | ||
|
|
||
| def test_configure_failure(self): | ||
| exceptions = (urllib.error.HTTPError, urllib.error.URLError) | ||
| for exception in exceptions: | ||
| with self.subTest(exception=exception): | ||
| with patch( | ||
| "onelogin.saml2.idp_metadata_parser.urllib2.urlopen", | ||
| side_effect=exception, | ||
| ): | ||
| with self.assertRaises(ConfigurationRunFailed): | ||
| DigiDConfigurationStep().configure() | ||
|
|
||
| config = DigidConfiguration.get_solo() | ||
|
|
||
| self.assertFalse(config.certificate, None) | ||
|
|
||
| @skip("Testing config for DigiD OIDC is not implemented yet") | ||
| @requests_mock.Mocker() | ||
| def test_configuration_check_ok(self, m): | ||
| raise NotImplementedError | ||
|
|
||
| @skip("Testing config for DigiD OIDC is not implemented yet") | ||
| @requests_mock.Mocker() | ||
| def test_configuration_check_failures(self, m): | ||
| raise NotImplementedError | ||
|
|
||
| def test_is_configured(self): | ||
| config = DigiDConfigurationStep() | ||
|
|
||
| self.assertFalse(config.is_configured()) | ||
|
|
||
| with open(DIGID_XML_METADATA_PATH) as f: | ||
| with patch( | ||
| "onelogin.saml2.idp_metadata_parser.urllib2.urlopen", return_value=f | ||
| ): | ||
| config.configure() | ||
|
|
||
| self.assertTrue(config.is_configured()) | ||