0001-tests-check-relaystate-forwarding-40722.patch
tests/test_idp_saml2.py | ||
---|---|---|
140 | 140 |
server = None |
141 | 141 |
binding = 'post' |
142 | 142 |
keys = None # pair of public and private key as PEM |
143 |
relay_state = 'relay-state' |
|
143 | 144 | |
144 | 145 |
def __init__(self, app, **kwargs): |
145 | 146 |
self.app = app |
... | ... | |
263 | 264 |
policy.format = format |
264 | 265 |
if sp_name_qualifier is not None: |
265 | 266 |
policy.spNameQualifier = sp_name_qualifier |
267 |
relay_state = relay_state or self.relay_state |
|
266 | 268 |
if relay_state is not None: |
267 | 269 |
login.msgRelayState = relay_state |
268 | 270 |
if not name_id_policy: |
269 | 271 |
request.nameIdPolicy = None |
272 |
if relay_state is not None: |
|
273 |
login.msgRelayState = force_str(relay_state) |
|
270 | 274 |
login.buildAuthnRequestMsg() |
271 | 275 |
url_parsed = urlparse.urlparse(login.msgUrl) |
272 | 276 |
assert url_parsed.path == reverse('a2-idp-saml-sso'), 'msgUrl should target the sso endpoint' |
... | ... | |
358 | 362 |
assert len(response.forms) == 1 |
359 | 363 |
assert response.form.action == '%s/sso/POST' % self.sp.base_url |
360 | 364 |
assert 'SAMLResponse' in response.form.fields |
365 |
if self.sp.relay_state is not None: |
|
366 |
assert response.form['RelayState'].value == self.sp.relay_state |
|
361 | 367 |
saml_response = response.form['SAMLResponse'].value |
362 | 368 |
decoded_saml_response = base64.b64decode(saml_response) |
363 | 369 |
assert b'rsa-sha256' in decoded_saml_response |
364 |
- |