Bug #24531
crash tests tox avec lasso 2.6.0-1~eob90+1
Statut:
Fermé
Priorité:
Normal
Assigné à:
-
Version cible:
-
Début:
14 juin 2018
Echéance:
% réalisé:
0%
Temps estimé:
Patch proposed:
Oui
Planning:
Description
mis à jour python-lasso et liblasso3, et neuf des tests, lancés avec tox pour n'importe quel virtualenv défini dans tox.ini, foirent avec des erreurs lasso.
Il semblerait que les métadonnées relatives aux fournisseurs SAML échouent au chargement.
Un exemple :
_______________________________________________________________________________ test_sp_initiated_login_chosen ________________________________________________________________________________
private_settings = <django.conf.LazySettings object at 0x7f997171b390>, client = <django.test.client.Client object at 0x7f996f69a450>
def test_sp_initiated_login_chosen(private_settings, client):
private_settings.MELLON_IDENTITY_PROVIDERS = [{
'METADATA': open('tests/metadata.xml').read(),
}]
qs = urlencode({
'entityID': 'http://idp5/metadata',
'next': '/whatever',
})
response = client.get('/login/?' + qs)
> assert response.status_code == 302
E assert 400 == 302
E + where 400 = <django.http.response.HttpResponseBadRequest object at 0x7f996faf7cd0>.status_code
tests/test_views.py:184: AssertionError
-------------------------------------------------------------------------------------- Captured log call --------------------------------------------------------------------------------------
lasso.py 7709 WARNING 2018-06-14 05:25:40 Could not read KeyInfo from encryption KeyDescriptor
lasso.py 7709 WARNING 2018-06-14 05:25:40 Could not load public encryption key of http://idp5/metadata
lasso.py 7709 ERROR 2018-06-14 05:25:40 (server.c/:76) Failed to add new provider.
utils.py 84 ERROR bad metadata in idp 'http://idp5/metadata'
lasso.py 8137 ERROR 2018-06-14 05:25:40 (login.c/:1558) The identifier of a provider is unknown to #LassoServer. To register a provider in a #LassoServer object, you must use the methods lasso_server_add_provider() or lasso_server_add_provider_from_buffer().
----------------------------------------------------- generated xml file: /home/paul/src/django-mellon/junit-coverage-py2-dj18-sqlite.xml -----------------------------------------------------
---------- coverage: platform linux2, python 2.7.15-final-0 ----------
Coverage XML written to file coverage.xml
======================================================================== 9 failed, 24 passed, 4 error in 3.66 seconds =========================================================================
Est-ce que je suis le seul dans ce cas ?
(Mon dépôt mellon est bien calé sur origin/master -- commit d4d0b859444)
Fichiers
Demandes liées
Révisions associées
Historique
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
Ok, j'ai déprécié le chargement d'un format de métadonnées invalides qu'on supportait avant, plus exactement cette forme (tests/metadata.xml):
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:KeyValue>
MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
+3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
LlTxKnCrWAXftSm1rNtewTsF
</ds:KeyValue>
</ds:KeyInfo>
J'ai corrigé les métadonnées dans les tests lasso mais pas ici, voir le commit http://git.entrouvert.org/lasso.git/commit/?id=877f9e7888c4608448c9e192379122e6a5709722 sur lasso. Le plus simple ce serait de supprimer la déclaration d'une clé de chiffrement qui de toute façon ne sera pas utilisée.
Mis à jour par Paul Marillonnet il y a presque 6 ans
Encore un test qui échoue, avec ces modifs :
paul@eosandbox:~/src/django-mellon$ git diff
diff --git a/tests/metadata.xml b/tests/metadata.xml
index 9c8963f..a2ac0b8 100644
--- a/tests/metadata.xml
+++ b/tests/metadata.xml
@@ -32,33 +32,6 @@ LlTxKnCrWAXftSm1rNtewTsF
</ds:X509Certificate></ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
-<KeyDescriptor use="encryption">
- <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:KeyValue>
-MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
-MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
-dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
-MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
-UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
-DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
-h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
-6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
-uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
-ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
-+3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
-AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
-ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
-A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
-AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
-BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
-pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
-fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
-NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
-LlTxKnCrWAXftSm1rNtewTsF
-</ds:KeyValue>
- </ds:KeyInfo>
- </KeyDescriptor>
-
<ArtifactResolutionService isDefault="true" index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://idp5/artifact" />
Ce qui donne :
tox -e coverage-py2-dj18-sqlite
coverage-py2-dj18-sqlite develop-inst-nodeps: /home/paul/src/django-mellon
coverage-py2-dj18-sqlite installed: atomicwrites==1.1.5,attrs==18.1.0,beautifulsoup4==4.6.0,certifi==2018.4.16,chardet==3.0.4,coverage==4.5.1,cssselect==1.0.3,Django==1.8.19,-e git://repos.entrouvert.org/django-mellon.git@d4d0b859444b39743054e6dca4f87e2ea2524200#egg=django_mellon,django-webtest==1.9.2,funcsigs==1.0.2,httmock==1.2.6,idna==2.7,isodate==0.6.0,lxml==4.2.1,mock==2.0.0,more-itertools==4.2.0,pbr==4.0.4,pluggy==0.6.0,py==1.5.3,pyquery==1.4.0,pytest==3.6.1,pytest-cov==2.5.1,pytest-django==3.2.1,pytest-mock==1.10.0,pytest-random==0.2,pytz==2018.4,requests==2.19.0,six==1.11.0,urllib3==1.23,waitress==1.1.0,WebOb==1.8.2,WebTest==2.0.29
coverage-py2-dj18-sqlite runtests: PYTHONHASHSEED='2714249100'
coverage-py2-dj18-sqlite runtests: commands[0] | ./getlasso.sh
'/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/lasso.py' -> '/usr/lib/python2.7/dist-packages/lasso.py'
'/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/_lasso.x86_64-linux-gnu.so' -> '/usr/lib/python2.7/dist-packages/_lasso.x86_64-linux-gnu.so'
coverage-py2-dj18-sqlite runtests: commands[1] | py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests
===================================================================================== test session starts =====================================================================================
platform linux2 -- Python 2.7.15, pytest-3.6.1, py-1.5.3, pluggy-0.6.0
Tests are shuffled using seed number 391418290207.
Django settings: testsettings (from environment variable)
rootdir: /home/paul/src/django-mellon, inifile:
plugins: random-0.2, mock-1.10.0, django-3.2.1, cov-2.5.1, django-webtest-1.9.2
collected 37 items
tests/test_sso_slo.py F [ 2%]
tests/test_views.py . [ 5%]
tests/test_default_adapter.py . [ 8%]
tests/test_views.py . [ 10%]
tests/test_default_adapter.py . [ 13%]
tests/test_views.py . [ 16%]
tests/test_sso_slo.py E [ 18%]
tests/test_utils.py . [ 21%]
tests/test_default_adapter.py . [ 24%]
tests/test_views.py . [ 27%]
tests/test_utils.py . [ 29%]
tests/test_views.py ... [ 37%]
tests/test_default_adapter.py . [ 40%]
tests/test_sso_slo.py E [ 43%]
tests/test_default_adapter.py . [ 45%]
tests/test_utils.py .. [ 51%]
tests/test_views.py . [ 54%]
tests/test_sso_slo.py E [ 56%]
tests/test_views.py . [ 59%]
tests/test_utils.py . [ 62%]
tests/test_views.py . [ 64%]
tests/test_utils.py .. [ 70%]
tests/test_default_adapter.py . [ 72%]
tests/test_utils.py . [ 75%]
tests/test_default_adapter.py . [ 78%]
tests/test_utils.py . [ 81%]
tests/test_sso_slo.py E [ 83%]
tests/test_views.py . [ 86%]
tests/test_default_adapter.py .. [ 91%]
tests/test_views.py . [ 94%]
tests/test_utils.py .. [100%]
=========================================================================================== ERRORS ============================================================================================
__________________________________________________________________________ ERROR at setup of test_sso_request_denied __________________________________________________________________________
sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0>
idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n'
idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n'
sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n'
@fixture
def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata):
> return MockIdp(idp_metadata, idp_private_key, sp_metadata)
tests/test_sso_slo.py:120:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
tests/test_sso_slo.py:60: in __init__
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata)
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer
Error.raise_on_rc(rc)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rc = -202
@staticmethod
def raise_on_rc(rc):
global exceptions_dict
if rc != 0:
exception = exceptions_dict.get(rc, Error())
exception.code = rc
> raise exception
E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.>
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError
------------------------------------------------------------------------------------- Captured log setup --------------------------------------------------------------------------------------
lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not read KeyInfo from signing KeyDescriptor
lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not load public signing key of http://testserver/metadata/
lasso.py 7709 ERROR 2018-06-14 07:01:38 (server.c/:76) Failed to add new provider.
_______________________________________________________________________________ ERROR at setup of test_sso_slo ________________________________________________________________________________
sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0>
idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n'
idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n'
sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n'
@fixture
def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata):
> return MockIdp(idp_metadata, idp_private_key, sp_metadata)
tests/test_sso_slo.py:120:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
tests/test_sso_slo.py:60: in __init__
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata)
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer
Error.raise_on_rc(rc)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rc = -202
@staticmethod
def raise_on_rc(rc):
global exceptions_dict
if rc != 0:
exception = exceptions_dict.get(rc, Error())
exception.code = rc
> raise exception
E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.>
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError
------------------------------------------------------------------------------------- Captured log setup --------------------------------------------------------------------------------------
lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not read KeyInfo from signing KeyDescriptor
lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not load public signing key of http://testserver/metadata/
lasso.py 7709 ERROR 2018-06-14 07:01:38 (server.c/:76) Failed to add new provider.
________________________________________________________________________ ERROR at setup of test_sso_slo_pass_next_url _________________________________________________________________________
sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0>
idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n'
idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n'
sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n'
@fixture
def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata):
> return MockIdp(idp_metadata, idp_private_key, sp_metadata)
tests/test_sso_slo.py:120:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
tests/test_sso_slo.py:60: in __init__
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata)
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer
Error.raise_on_rc(rc)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rc = -202
@staticmethod
def raise_on_rc(rc):
global exceptions_dict
if rc != 0:
exception = exceptions_dict.get(rc, Error())
exception.code = rc
> raise exception
E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.>
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError
------------------------------------------------------------------------------------- Captured log setup --------------------------------------------------------------------------------------
lasso.py 7709 WARNING 2018-06-14 07:01:39 Could not read KeyInfo from signing KeyDescriptor
lasso.py 7709 WARNING 2018-06-14 07:01:39 Could not load public signing key of http://testserver/metadata/
lasso.py 7709 ERROR 2018-06-14 07:01:39 (server.c/:76) Failed to add new provider.
_________________________________________________________________________________ ERROR at setup of test_sso __________________________________________________________________________________
sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0>
idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n'
idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n'
sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n'
@fixture
def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata):
> return MockIdp(idp_metadata, idp_private_key, sp_metadata)
tests/test_sso_slo.py:120:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
tests/test_sso_slo.py:60: in __init__
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata)
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer
Error.raise_on_rc(rc)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rc = -202
@staticmethod
def raise_on_rc(rc):
global exceptions_dict
if rc != 0:
exception = exceptions_dict.get(rc, Error())
exception.code = rc
> raise exception
E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.>
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError
------------------------------------------------------------------------------------- Captured log setup --------------------------------------------------------------------------------------
lasso.py 7709 WARNING 2018-06-14 07:01:40 Could not read KeyInfo from signing KeyDescriptor
lasso.py 7709 WARNING 2018-06-14 07:01:40 Could not load public signing key of http://testserver/metadata/
lasso.py 7709 ERROR 2018-06-14 07:01:40 (server.c/:76) Failed to add new provider.
========================================================================================== FAILURES ===========================================================================================
______________________________________________________________________________________ test_sso_artifact ______________________________________________________________________________________
db = None, app = <django_webtest.DjangoTestApp object at 0x7fb979604c50>, caplog = <_pytest.logging.LogCaptureFixture object at 0x7fb979604dd0>
sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0>
idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n'
idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n'
rf = <django.test.client.RequestFactory object at 0x7fb979604f90>
def test_sso_artifact(db, app, caplog, sp_settings, idp_metadata, idp_private_key, rf):
sp_settings.MELLON_DEFAULT_ASSERTION_CONSUMER_BINDING = 'artifact'
request = rf.get('/')
sp_metadata = create_metadata(request)
> idp = MockIdp(idp_metadata, idp_private_key, sp_metadata)
tests/test_sso_slo.py:164:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
tests/test_sso_slo.py:60: in __init__
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata)
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer
Error.raise_on_rc(rc)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rc = -202
@staticmethod
def raise_on_rc(rc):
global exceptions_dict
if rc != 0:
exception = exceptions_dict.get(rc, Error())
exception.code = rc
> raise exception
E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.>
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError
-------------------------------------------------------------------------------------- Captured log call --------------------------------------------------------------------------------------
lasso.py 7709 WARNING 2018-06-14 07:01:37 Could not read KeyInfo from signing KeyDescriptor
lasso.py 7709 WARNING 2018-06-14 07:01:37 Could not load public signing key of http://testserver/metadata/
lasso.py 7709 ERROR 2018-06-14 07:01:37 (server.c/:76) Failed to add new provider.
----------------------------------------------------- generated xml file: /home/paul/src/django-mellon/junit-coverage-py2-dj18-sqlite.xml -----------------------------------------------------
---------- coverage: platform linux2, python 2.7.15-final-0 ----------
Coverage XML written to file coverage.xml
======================================================================== 1 failed, 32 passed, 4 error in 4.11 seconds =========================================================================
ERROR: InvocationError for command '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/bin/py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests' (exited with code 1)
___________________________________________________________________________________________ summary ___________________________________________________________________________________________
ERROR: coverage-py2-dj18-sqlite: commands failed
(à noter les avertissements de lasso sur l'absence de clé de chiffrement déclarée pour le fournisseur, malgré le caractère obsolète de la chose).
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
Là c'est le chargement des métadonnées du SP, générées par mellon, rien n'a changé de ce coté, essaye de les imprimer pour voir (print avant la ligne addProvider qui pose problème, --capture=no passé à py.test).
Mis à jour par Paul Marillonnet il y a presque 6 ans
Voilà ce que l'affichage des métadonnées de SP donne :
paul@eosandbox:~/src/django-mellon$ tox -e coverage-py2-dj18-sqlite -- tests/test_sso_slo.py::test_sso_artifact --capture=no
coverage-py2-dj18-sqlite develop-inst-nodeps: /home/paul/src/django-mellon
coverage-py2-dj18-sqlite installed: atomicwrites==1.1.5,attrs==18.1.0,beautifulsoup4==4.6.0,certifi==2018.4.16,chardet==3.0.4,coverage==4.5.1,cssselect==1.0.3,Django==1.8.19,-e git://repos.entrouvert.org/django-mellon.git@d4d0b859444b39743054e6dca4f87e2ea2524200#egg=django_mellon,django-webtest==1.9.2,funcsigs==1.0.2,httmock==1.2.6,idna==2.7,isodate==0.6.0,lxml==4.2.1,mock==2.0.0,more-itertools==4.2.0,pbr==4.0.4,pluggy==0.6.0,py==1.5.3,pyquery==1.4.0,pytest==3.6.1,pytest-cov==2.5.1,pytest-django==3.3.0,pytest-mock==1.10.0,pytest-random==0.2,pytz==2018.4,requests==2.19.1,six==1.11.0,urllib3==1.23,waitress==1.1.0,WebOb==1.8.2,WebTest==2.0.29
coverage-py2-dj18-sqlite runtests: PYTHONHASHSEED='3439710411'
coverage-py2-dj18-sqlite runtests: commands[0] | ./getlasso.sh
'/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/lasso.py' -> '/usr/lib/python2.7/dist-packages/lasso.py'
'/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/_lasso.x86_64-linux-gnu.so' -> '/usr/lib/python2.7/dist-packages/_lasso.x86_64-linux-gnu.so'
coverage-py2-dj18-sqlite runtests: commands[1] | py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests/test_sso_slo.py::test_sso_artifact --capture=no
===================================== test session starts =====================================
platform linux2 -- Python 2.7.15, pytest-3.6.1, py-1.5.3, pluggy-0.6.0
Tests are shuffled using seed number 391547705510.
Django settings: testsettings (from environment variable)
rootdir: /home/paul/src/django-mellon, inifile:
plugins: random-0.2, mock-1.10.0, django-3.3.0, cov-2.5.1, django-webtest-1.9.2
collected 1 item
tests/test_sso_slo.py <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<EntityDescriptor
entityID="http://testserver/metadata/"
xmlns="urn:oasis:names:tc:SAML:2.0:metadata">
<SPSSODescriptor
AuthnRequestsSigned="true"
WantAssertionsSigned="true"
protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<Extensions>
<idpdisc:DiscoveryResponse index="1"
xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol"
Location="http://testserver/login/"/>
</Extensions>
<KeyDescriptor>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:X509Data>
<ds:X509Certificate>-----BEGIN CERTIFICATE-----
MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP
MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91
dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5
MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF
UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw
DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq
h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m
6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u
uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH
ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi
+3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA
AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0
ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G
A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB
AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ
BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa
pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew
fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP
NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR
LlTxKnCrWAXftSm1rNtewTsF
-----END CERTIFICATE-----
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</KeyDescriptor>
<SingleLogoutService
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://testserver/logout/" />
<AssertionConsumerService
index="0"
isDefault="true"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
Location="http://testserver/login/" />
<AssertionConsumerService
index="1"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://testserver/login/" />
</SPSSODescriptor>
</EntityDescriptor>
F
========================================== FAILURES ===========================================
______________________________________ test_sso_artifact ______________________________________
db = None, app = <django_webtest.DjangoTestApp object at 0x7f8ef60f41d0>
caplog = <_pytest.logging.LogCaptureFixture object at 0x7f8ef60f4350>
sp_settings = <django.conf.LazySettings object at 0x7f8ef7e99650>
idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n'
idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n'
rf = <django.test.client.RequestFactory object at 0x7f8ef60f4510>
def test_sso_artifact(db, app, caplog, sp_settings, idp_metadata, idp_private_key, rf):
sp_settings.MELLON_DEFAULT_ASSERTION_CONSUMER_BINDING = 'artifact'
request = rf.get('/')
sp_metadata = create_metadata(request)
> idp = MockIdp(idp_metadata, idp_private_key, sp_metadata)
tests/test_sso_slo.py:165:
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
tests/test_sso_slo.py:61: in __init__
server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata)
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7878: in addProviderFromBuffer
Error.raise_on_rc(rc)
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _
rc = -202
@staticmethod
def raise_on_rc(rc):
global exceptions_dict
if rc != 0:
exception = exceptions_dict.get(rc, Error())
exception.code = rc
> raise exception
E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.>
/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError
-------------------------------------- Captured log call --------------------------------------
lasso.py 7877 WARNING 2018-06-20 03:27:05 Could not read KeyInfo from signing KeyDescriptor
lasso.py 7877 WARNING 2018-06-20 03:27:05 Could not load public signing key of http://testserver/metadata/
lasso.py 7877 ERROR 2018-06-20 03:27:05 (server.c/:76) Failed to add new provider.
----- generated xml file: /home/paul/src/django-mellon/junit-coverage-py2-dj18-sqlite.xml -----
---------- coverage: platform linux2, python 2.7.15-final-0 ----------
Coverage XML written to file coverage.xml
================================== 1 failed in 1.13 seconds ===================================
ERROR: InvocationError for command '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/bin/py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests/test_sso_slo.py::test_sso_artifact --capture=no' (exited with code 1)
___________________________________________ summary ___________________________________________
ERROR: coverage-py2-dj18-sqlite: commands failed
Mis à jour par Frédéric Péters il y a presque 6 ans
<ds:X509Certificate>-----BEGIN CERTIFICATE-----
Ce n'est plus accepté par Lasso, dégage. les lignes "BEGIN CERTIFICATE" (et END...); cf le premier commentaire de Benjamin.
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
En fait dans mon premier commentaire je disais que c'était le format KeyValue qui était exclu, il y a effectivement aussi ce deuxième changement, pas d'entête PEM dans X509Certificate.
Mis à jour par Paul Marillonnet il y a presque 6 ans
- Fichier 0001-tests-adapt-to-lasso-PEM-formatting-deprecation-2453.patch 0001-tests-adapt-to-lasso-PEM-formatting-deprecation-2453.patch ajouté
- Patch proposed changé de Non à Oui
Merci, j'avais lu trop vite ton premier commentaire.
Mis à jour par Paul Marillonnet il y a presque 6 ans
- Lié à Development #19396: pouvoir charger un fichier de fédération ajouté
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
- Statut changé de Nouveau à Solution validée
Pousse donc.
Mis à jour par Paul Marillonnet il y a presque 6 ans
Poussé en milieu de semaine dernière, oublié de mettre à jour le ticket :
commit c5fddd13cd41bb5aba85e64973e41cd0bc914300
Author: Paul Marillonnet <pmarillonnet@entrouvert.com>
Date: Wed Jun 20 11:09:38 2018 +0200
tests: adapt to lasso PEM-formatting deprecation (#24531)
Mis à jour par Frédéric Péters il y a presque 6 ans
- Statut changé de Solution validée à Résolu (à déployer)
(il faut marquer le ticket en "résolu (à déployer)".)
Mis à jour par Benjamin Dauvergne il y a plus de 5 ans
- Statut changé de Résolu (à déployer) à Fermé
tests: adapt to lasso PEM-formatting deprecation (#24531)