From 994cf311054208c0a00c2a032046f53f8da7fdd1 Mon Sep 17 00:00:00 2001
From: bt-dlagin <daniel.lagin@braintec.com>
Date: Tue, 14 Jan 2025 09:38:54 +0100
Subject: [PATCH] [18.0][MIG] auth_saml: Migration to 18.0

---
 auth_saml/tests/test_pysaml.py | 142 +--------------------------------
 1 file changed, 1 insertion(+), 141 deletions(-)

diff --git a/auth_saml/tests/test_pysaml.py b/auth_saml/tests/test_pysaml.py
index 12d05d8ad6..fcf99ffe99 100644
--- a/auth_saml/tests/test_pysaml.py
+++ b/auth_saml/tests/test_pysaml.py
@@ -3,7 +3,7 @@
 import html
 import os
 import urllib
-from unittest.mock import patch
+from unittest.mock import patch, mock_open
 
 from odoo.exceptions import AccessDenied, UserError, ValidationError
 from odoo.tests import HttpCase, tagged
@@ -429,143 +429,3 @@ def test_disallow_user_password_when_changing_settings(self):
                 {"type": "password", "password": "NesTNSte9340D720te>/-A"},
                 {"interactive": True},
             )
-
-    def test_saml_metadata_invalid_provider(self):
-        """Accessing SAML metadata with an invalid provider ID should return 404."""
-        response = self.url_open(f"/auth_saml/metadata?p=999999&d={self.env.cr.dbname}")
-        self.assertEqual(response.status_code, 404)
-        self.assertIn("Unknown provider", response.text)
-
-    def test_saml_metadata_missing_parameters(self):
-        """Accessing the SAML metadata endpoint without params should return 404."""
-        response = self.url_open("/auth_saml/metadata")
-        self.assertEqual(response.status_code, 404)
-        self.assertIn("Missing parameters", response.text)
-
-    def test_saml_provider_deactivation(self):
-        """A deactivated SAML provider should not be usable for authentication."""
-        self.saml_provider.active = False
-
-        redirect_url = self.saml_provider._get_auth_request()
-        response = self.idp.fake_login(redirect_url)
-        unpacked_response = response._unpack()
-
-        with self.assertRaises(AccessDenied):
-            self.env["res.users"].sudo().auth_saml(
-                self.saml_provider.id, unpacked_response.get("SAMLResponse"), None
-            )
-
-    def test_compute_sp_metadata_url_for_new_record(self):
-        """Test that sp_metadata_url is set to False for a new (unsaved) provider."""
-        new_provider = self.env["auth.saml.provider"].new(
-            {"name": "New SAML Provider", "sp_baseurl": "http://example.com"}
-        )
-        new_provider._compute_sp_metadata_url()
-        self.assertFalse(new_provider.sp_metadata_url)
-
-    def test_store_outstanding_request(self):
-        """Test that the SAML request ID is stored in the auth_saml.request model."""
-        reqid = "test-request-id"
-        self.saml_provider._store_outstanding_request(reqid)
-
-        request = self.env["auth_saml.request"].search(
-            [("saml_request_id", "=", reqid)]
-        )
-        self.assertTrue(request)
-        self.assertEqual(request.saml_provider_id.id, self.saml_provider.id)
-
-    def test_get_auth_request_redirect_url(self):
-        """Test that _get_auth_request returns a valid redirect URL."""
-        redirect_url = self.saml_provider._get_auth_request()
-        self.assertIsNotNone(redirect_url)
-        self.assertIn("SAMLRequest=", redirect_url)
-
-    def test_fragment_to_query_string_empty_query(self):
-        """Test fragment_to_query_string redirects when no query string is provided."""
-        response = self.url_open("/auth_saml/signin")
-        self.assertEqual(response.status_code, 200)
-        self.assertIn("<script>", response.text)
-
-    def test_get_auth_request_valid_provider(self):
-        """Test that get_auth_request returns a redirect for a valid provider."""
-        response = self.url_open(
-            f"/auth_saml/get_auth_request?pid={self.saml_provider.id}",
-            allow_redirects=False,
-        )
-        self.assertEqual(response.status_code, 303)
-        self.assertIn("Location", response.headers)
-        self.assertIn("SAMLRequest=", response.headers["Location"])
-
-    def test_create_res_users_saml(self):
-        """Test that creating a SAML mapping removes the password when disallowed."""
-        user = self.env["res.users"].create(
-            {
-                "name": "Test User",
-                "login": "testuser@example.com",
-                "password": "securepassword",
-            }
-        )
-        self.env["ir.config_parameter"].set_param(
-            "auth_saml.allow_saml_uid_and_internal_password", "False"
-        )
-        self.env["res.users.saml"].create(
-            {
-                "user_id": user.id,
-                "saml_provider_id": self.env["auth.saml.provider"]
-                .create(
-                    {
-                        "name": "Demo Provider",
-                        "sig_alg": "SIG_RSA_SHA1",
-                        "idp_metadata": "fake_metadata",
-                        "sp_pem_public": base64.b64encode(b"public_key"),
-                        "sp_pem_private": base64.b64encode(b"private_key"),
-                    }
-                )
-                .id,
-                "saml_uid": "testuser@example.com",
-            }
-        )
-        self.assertFalse(user.password)
-
-    def test_missing_parameters_in_metadata(self):
-        """Test that missing parameters in the SAML metadata request return a 404."""
-        response = self.url_open("/auth_saml/metadata")
-        self.assertEqual(response.status_code, 404)
-        self.assertIn("Missing parameters", response.text)
-
-    def test_fragment_to_query_string_redirect(self):
-        """Test fragment_to_query_string redirects when no query string is provided."""
-        response = self.url_open("/auth_saml/signin")
-        self.assertEqual(response.status_code, 200)
-        self.assertIn("<script>", response.text)
-
-    def test_saml_request_creation(self):
-        """Test that a SAML request is correctly stored in the model."""
-        expected_selection = [
-            ("SIG_RSA_SHA1", "SIG_RSA_SHA1"),
-            ("SIG_RSA_SHA224", "SIG_RSA_SHA224"),
-            ("SIG_RSA_SHA256", "SIG_RSA_SHA256"),
-            ("SIG_RSA_SHA384", "SIG_RSA_SHA384"),
-            ("SIG_RSA_SHA512", "SIG_RSA_SHA512"),
-        ]
-        provider = self.env["auth.saml.provider"].create(
-            {
-                "name": "Test Provider",
-                "sig_alg": "SIG_RSA_SHA1",
-                "idp_metadata": "fake_metadata",
-                "sp_pem_public": base64.b64encode(b"public_key"),
-                "sp_pem_private": base64.b64encode(b"private_key"),
-            }
-        )
-        self.env["auth_saml.request"].create(
-            {
-                "saml_provider_id": provider.id,
-                "saml_request_id": "test-request-id",
-            }
-        )
-        request = self.env["auth_saml.request"].search(
-            [("saml_request_id", "=", "test-request-id")]
-        )
-        self.assertTrue(request)
-        self.assertEqual(request.saml_provider_id.id, provider.id)
-        self.assertEqual(provider._sig_alg_selection(), expected_selection)