From 28539d7772e67f73653176373c368e28a8b9f9c3 Mon Sep 17 00:00:00 2001
From: Benjamin Dauvergne <bdauvergne@entrouvert.com>
Date: Thu, 15 Dec 2022 17:32:25 +0100
Subject: [PATCH 5/5] test: modify test to test on a real form (#67090)

---
 tests/test_saml_auth.py | 27 ++++++++++++++++++++-------
 1 file changed, 20 insertions(+), 7 deletions(-)

diff --git a/tests/test_saml_auth.py b/tests/test_saml_auth.py
index 514a852bd..31d4f3ff8 100644
--- a/tests/test_saml_auth.py
+++ b/tests/test_saml_auth.py
@@ -16,6 +16,8 @@ import pytest
 from quixote import get_session_manager
 from quixote.errors import RequestError
 
+from wcs.categories import Category
+from wcs.formdef import FormDef
 from wcs.qommon import x509utils
 from wcs.qommon.http_request import HTTPRequest
 from wcs.qommon.ident.idp import MethodAdminDirectory
@@ -592,15 +594,26 @@ def test_saml_idp_logout(pub):
 
 
 def test_opened_session_cookie(pub):
+    Category.wipe()
+    cat = Category(name='foobar')
+    cat.store()
+
+    FormDef.wipe()
+    formdef = FormDef()
+    formdef.name = 'test'
+    formdef.category_id = str(cat.id)
+    formdef.fields = []
+    formdef.store()
+
     app = get_app(pub)
     app.set_cookie('IDP_OPENED_SESSION', '1')
-    resp = app.get('/')
+    resp = app.get('/foobar/test/')
     assert resp.status_int == 200
     pub.site_options.set('options', 'idp_session_cookie_name', 'IDP_OPENED_SESSION')
     with open(os.path.join(pub.app_dir, 'site-options.cfg'), 'w') as fd:
         pub.site_options.write(fd)
 
-    resp = app.get('/?parameter=value')
+    resp = app.get('/foobar/test/?parameter=value')
     cookie_name = '%s-passive-auth-tried' % pub.config.session_cookie_name
     cookie_store = http.cookies.SimpleCookie()
     cookie_store.load(resp.headers['Set-Cookie'])
@@ -611,17 +624,17 @@ def test_opened_session_cookie(pub):
     assert resp.status_int == 302
     assert (
         resp.location
-        == 'http://example.net/login/?ReturnUrl=http%3A//example.net/%3Fparameter%3Dvalue&IsPassive=true'
+        == 'http://example.net/login/?ReturnUrl=http%3A//example.net/foobar/test/%3Fparameter%3Dvalue&IsPassive=true'
     )
     assert cookie_name in app.cookies
 
     # if we try again, no passive authentication occurs
-    resp = app.get('/?parameter=value')
+    resp = app.get('/foobar/test/?parameter=value').maybe_follow()
     assert resp.status_int != 302
 
     # if IDP_OPENED_SESSION is modified, then passive authentication is tried again
     app.set_cookie('IDP_OPENED_SESSION', '2')
-    resp = app.get('/?parameter=value')
+    resp = app.get('/foobar/test/?parameter=value')
     assert resp.status_int == 302
 
     # simulate a saml login
@@ -640,7 +653,7 @@ def test_opened_session_cookie(pub):
     app.set_cookie(pub.config.session_cookie_name, session.id)
     assert get_session(app).opened_session_value == '2'
 
-    resp = app.get('/?parameter=value')
+    resp = app.get('/foobar/test/?parameter=value')
     assert resp.status_int == 200
     assert get_session(app).opened_session_value == '2'
     assert get_session(app).user == user.id
@@ -649,7 +662,7 @@ def test_opened_session_cookie(pub):
 
     # if OPENED_SESSION_COOKIE change then we are logged out
     app.set_cookie('IDP_OPENED_SESSION', '3')
-    resp = app.get('/?parameter=value')
+    resp = app.get('/foobar/test/?parameter=value')
     assert not get_session(app)
     assert not get_session_manager().session_class.get(session.id, ignore_errors=True)
 
-- 
2.37.2