Skip to content

Commit b33f1e5

Browse files
peppelinuxpeppelinux
committed
tox.ini, mock in tests and pySAML2 upgrade (for security reasons)
2 parents 79fc814 + 52f72d4 commit b33f1e5

File tree

6 files changed

+58
-77
lines changed

6 files changed

+58
-77
lines changed

.github/workflows/python-package.yml

+35
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
# This workflow will install Python dependencies, run tests and lint with a variety of Python versions
2+
# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions
3+
4+
name: Python package
5+
6+
on:
7+
push:
8+
branches: [ master ]
9+
pull_request:
10+
branches: [ master ]
11+
12+
jobs:
13+
build:
14+
15+
runs-on: ubuntu-latest
16+
strategy:
17+
matrix:
18+
python-version: [3.6, 3.7, 3.8]
19+
django-version: ["2.2", "3.0", "master"]
20+
21+
steps:
22+
- uses: actions/checkout@v2
23+
- name: Set up Python ${{ matrix.python-version }}
24+
uses: actions/setup-python@v1
25+
with:
26+
python-version: ${{ matrix.python-version }}
27+
- name: Install dependencies and testing utilities
28+
run: |
29+
sudo apt-get update && sudo apt-get install xmlsec1
30+
python -m pip install --upgrade pip tox rstcheck setuptools codecov
31+
- name: Readme check
32+
if: ${{ matrix.python-version }} == 3.8 && ${{ matrix.django-version }} == "3.0"
33+
run: rstcheck README.rst
34+
- name: Tests
35+
run: tox -e py${{ matrix.python-version }}-django${{ matrix.django-version }}

.travis.yml

-51
This file was deleted.

djangosaml2/tests/__init__.py

+21-10
Original file line numberDiff line numberDiff line change
@@ -16,13 +16,10 @@
1616

1717
import base64
1818
import datetime
19+
import mock
1920
import re
20-
try:
21-
# Prefer PyPI mock over unittest.mock to benefit from backported mock
22-
# features (such as assert_called_once). Valid until Python 3.6.
23-
import mock
24-
except ImportError:
25-
from unittest import mock
21+
import sys
22+
2623
from unittest import skip
2724

2825
from django.conf import settings
@@ -59,6 +56,8 @@
5956

6057
User = get_user_model()
6158

59+
PY_VERSION = sys.version_info[:2]
60+
6261

6362
class SAML2Tests(TestCase):
6463

@@ -177,7 +176,10 @@ def test_login_one_idp(self):
177176
self.assertIn('RelayState', params)
178177

179178
saml_request = params['SAMLRequest'][0]
180-
expected_request = """<samlp:AuthnRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="http://sp.example.com/saml2/acs/" Destination="https://idp.example.com/simplesaml/saml2/idp/SSOService.php" ID="XXXXXXXXXXXXXXXXXXXXXX" IssueInstant="2010-01-01T00:00:00Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" /></samlp:AuthnRequest>"""
179+
if PY_VERSION < (3, 8):
180+
expected_request = """<samlp:AuthnRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="http://sp.example.com/saml2/acs/" Destination="https://idp.example.com/simplesaml/saml2/idp/SSOService.php" ID="XXXXXXXXXXXXXXXXXXXXXX" IssueInstant="2010-01-01T00:00:00Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" /></samlp:AuthnRequest>"""
181+
else:
182+
expected_request = """<samlp:AuthnRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="XXXXXXXXXXXXXXXXXXXXXX" Version="2.0" IssueInstant="2020-04-25T22:15:57Z" Destination="https://idp.example.com/simplesaml/saml2/idp/SSOService.php" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://sp.example.com/saml2/acs/"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" AllowCreate="false" /></samlp:AuthnRequest>"""
181183

182184
self.assertSAMLRequestsEquals(
183185
decode_base64_and_inflate(saml_request).decode('utf-8'),
@@ -231,7 +233,10 @@ def test_login_several_idps(self):
231233
self.assertIn('RelayState', params)
232234

233235
saml_request = params['SAMLRequest'][0]
234-
expected_request = """<samlp:AuthnRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="http://sp.example.com/saml2/acs/" Destination="https://idp2.example.com/simplesaml/saml2/idp/SSOService.php" ID="XXXXXXXXXXXXXXXXXXXXXX" IssueInstant="2010-01-01T00:00:00Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" /></samlp:AuthnRequest>"""
236+
if PY_VERSION < (3, 8):
237+
expected_request = """<samlp:AuthnRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceURL="http://sp.example.com/saml2/acs/" Destination="https://idp2.example.com/simplesaml/saml2/idp/SSOService.php" ID="XXXXXXXXXXXXXXXXXXXXXX" IssueInstant="2010-01-01T00:00:00Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:NameIDPolicy AllowCreate="false" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" /></samlp:AuthnRequest>"""
238+
else:
239+
expected_request = """<samlp:AuthnRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Version="2.0" Destination="https://idp2.example.com/simplesaml/saml2/idp/SSOService.php" ID="XXXXXXXXXXXXXXXXXXXXXX" IssueInstant="2010-01-01T00:00:00Z" ProtocolBinding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" AssertionConsumerServiceURL="http://sp.example.com/saml2/acs/"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" AllowCreate="false" /></samlp:AuthnRequest>"""
235240

236241
self.assertSAMLRequestsEquals(decode_base64_and_inflate(saml_request).decode('utf-8'),
237242
expected_request)
@@ -393,7 +398,10 @@ def test_logout_service_local(self):
393398
self.assertIn('SAMLRequest', params)
394399

395400
saml_request = params['SAMLRequest'][0]
396-
expected_request = """<samlp:LogoutRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php" ID="XXXXXXXXXXXXXXXXXXXXXX" IssueInstant="2010-01-01T00:00:00Z" Reason="" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" SPNameQualifier="http://sp.example.com/saml2/metadata/">58bcc81ea14700f66aeb707a0eff1360</saml:NameID><samlp:SessionIndex>a0123456789abcdef0123456789abcdef</samlp:SessionIndex></samlp:LogoutRequest>"""
401+
if PY_VERSION < (3, 8):
402+
expected_request = """<samlp:LogoutRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php" ID="XXXXXXXXXXXXXXXXXXXXXX" IssueInstant="2010-01-01T00:00:00Z" Reason="" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><saml:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient" SPNameQualifier="http://sp.example.com/saml2/metadata/">58bcc81ea14700f66aeb707a0eff1360</saml:NameID><samlp:SessionIndex>a0123456789abcdef0123456789abcdef</samlp:SessionIndex></samlp:LogoutRequest>"""
403+
else:
404+
expected_request = """<samlp:LogoutRequest xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="XXXXXXXXXXXXXXXXXXXXXX" Version="2.0" Destination="https://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php" Reason=""><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><saml:NameID SPNameQualifier="http://sp.example.com/saml2/metadata/" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:transient">1f87035b4c1325b296a53d92097e6b3fa36d7e30ee82e3fcb0680d60243c1f03</saml:NameID><samlp:SessionIndex>a0123456789abcdef0123456789abcdef</samlp:SessionIndex></samlp:LogoutRequest>"""
397405
self.assertSAMLRequestsEquals(decode_base64_and_inflate(saml_request).decode('utf-8'),
398406
expected_request)
399407

@@ -441,7 +449,10 @@ def test_logout_service_global(self):
441449
self.assertIn('SAMLResponse', params)
442450

443451
saml_response = params['SAMLResponse'][0]
444-
expected_response = """<samlp:LogoutResponse xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php" ID="a140848e7ce2bce834d7264ecdde0151" InResponseTo="_9961abbaae6d06d251226cb25e38bf8f468036e57e" IssueInstant="2010-09-05T09:10:12Z" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status></samlp:LogoutResponse>"""
452+
if PY_VERSION < (3, 8):
453+
expected_response = """<samlp:LogoutResponse xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php" ID="a140848e7ce2bce834d7264ecdde0151" InResponseTo="_9961abbaae6d06d251226cb25e38bf8f468036e57e" IssueInstant="2010-09-05T09:10:12Z" Version="2.0"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status></samlp:LogoutResponse>"""
454+
else:
455+
expected_response = """<samlp:LogoutResponse xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:2.0:protocol" ID="xxxxxxxxxxxx" InResponseTo="_9961abbaae6d06d251226cb25e38bf8f468036e57e" Version="2.0" IssueInstant="2020-04-25T22:16:54Z" Destination="https://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php"><saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">http://sp.example.com/saml2/metadata/</saml:Issuer><samlp:Status><samlp:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success" /></samlp:Status></samlp:LogoutResponse>"""
445456
self.assertSAMLRequestsEquals(decode_base64_and_inflate(saml_response).decode('utf-8'),
446457
expected_response)
447458

setup.py

+1-1
Original file line numberDiff line numberDiff line change
@@ -60,7 +60,7 @@ def read(*rnames):
6060
install_requires=[
6161
'defusedxml>=0.4.1',
6262
'Django>=2.2',
63-
'pysaml2>=4.6.0',
63+
'pysaml2>=5.0.0',
6464
],
6565
tests_require=[
6666
# Provides assert_called_once.

tests/testprofiles/tests.py

-12
Original file line numberDiff line numberDiff line change
@@ -19,22 +19,10 @@
1919
from django.contrib.auth import get_user_model
2020
from django.contrib.auth.models import User as DjangoUserModel
2121
from django.test import TestCase, override_settings
22-
2322
from djangosaml2.backends import Saml2Backend
2423

2524
User = get_user_model()
2625

27-
if sys.version_info < (3, 4):
28-
# Monkey-patch TestCase to add the assertLogs method introduced in
29-
# Python 3.4
30-
from unittest2.case import _AssertLogsContext
31-
32-
class LoggerTestCase(TestCase):
33-
def assertLogs(self, logger=None, level=None):
34-
return _AssertLogsContext(self, logger, level)
35-
36-
TestCase = LoggerTestCase
37-
3826

3927
class Saml2BackendTests(TestCase):
4028
def test_update_user(self):

tox.ini

+1-3
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,6 @@
11
[tox]
22
envlist =
3-
py{36,37,38}-django22
4-
py{36,37,38}-django30
5-
py{36,37,38}-djangomaster
3+
py{3.6,3.7,3.8}-django{2.2,3.0,master}
64

75
[testenv]
86
commands =

0 commit comments

Comments
 (0)