Bug #24531
crash tests tox avec lasso 2.6.0-1~eob90+1
0%
Description
mis à jour python-lasso et liblasso3, et neuf des tests, lancés avec tox pour n'importe quel virtualenv défini dans tox.ini, foirent avec des erreurs lasso.
Il semblerait que les métadonnées relatives aux fournisseurs SAML échouent au chargement.
Un exemple :
_______________________________________________________________________________ test_sp_initiated_login_chosen ________________________________________________________________________________ private_settings = <django.conf.LazySettings object at 0x7f997171b390>, client = <django.test.client.Client object at 0x7f996f69a450> def test_sp_initiated_login_chosen(private_settings, client): private_settings.MELLON_IDENTITY_PROVIDERS = [{ 'METADATA': open('tests/metadata.xml').read(), }] qs = urlencode({ 'entityID': 'http://idp5/metadata', 'next': '/whatever', }) response = client.get('/login/?' + qs) > assert response.status_code == 302 E assert 400 == 302 E + where 400 = <django.http.response.HttpResponseBadRequest object at 0x7f996faf7cd0>.status_code tests/test_views.py:184: AssertionError -------------------------------------------------------------------------------------- Captured log call -------------------------------------------------------------------------------------- lasso.py 7709 WARNING 2018-06-14 05:25:40 Could not read KeyInfo from encryption KeyDescriptor lasso.py 7709 WARNING 2018-06-14 05:25:40 Could not load public encryption key of http://idp5/metadata lasso.py 7709 ERROR 2018-06-14 05:25:40 (server.c/:76) Failed to add new provider. utils.py 84 ERROR bad metadata in idp 'http://idp5/metadata' lasso.py 8137 ERROR 2018-06-14 05:25:40 (login.c/:1558) The identifier of a provider is unknown to #LassoServer. To register a provider in a #LassoServer object, you must use the methods lasso_server_add_provider() or lasso_server_add_provider_from_buffer(). ----------------------------------------------------- generated xml file: /home/paul/src/django-mellon/junit-coverage-py2-dj18-sqlite.xml ----------------------------------------------------- ---------- coverage: platform linux2, python 2.7.15-final-0 ---------- Coverage XML written to file coverage.xml ======================================================================== 9 failed, 24 passed, 4 error in 3.66 seconds =========================================================================
Est-ce que je suis le seul dans ce cas ?
(Mon dépôt mellon est bien calé sur origin/master -- commit d4d0b859444)
Fichiers
Demandes liées
Révisions associées
Historique
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
Ok, j'ai déprécié le chargement d'un format de métadonnées invalides qu'on supportait avant, plus exactement cette forme (tests/metadata.xml):
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:KeyValue> MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91 dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5 MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m 6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi +3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0 ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR LlTxKnCrWAXftSm1rNtewTsF </ds:KeyValue> </ds:KeyInfo>
J'ai corrigé les métadonnées dans les tests lasso mais pas ici, voir le commit http://git.entrouvert.org/lasso.git/commit/?id=877f9e7888c4608448c9e192379122e6a5709722 sur lasso. Le plus simple ce serait de supprimer la déclaration d'une clé de chiffrement qui de toute façon ne sera pas utilisée.
Mis à jour par Paul Marillonnet il y a presque 6 ans
Encore un test qui échoue, avec ces modifs :
paul@eosandbox:~/src/django-mellon$ git diff diff --git a/tests/metadata.xml b/tests/metadata.xml index 9c8963f..a2ac0b8 100644 --- a/tests/metadata.xml +++ b/tests/metadata.xml @@ -32,33 +32,6 @@ LlTxKnCrWAXftSm1rNtewTsF </ds:X509Certificate></ds:X509Data> </ds:KeyInfo> </KeyDescriptor> -<KeyDescriptor use="encryption"> - <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> - <ds:KeyValue> -MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP -MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91 -dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5 -MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF -UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw -DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq -h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m -6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u -uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH -ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi -+3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA -AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0 -ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G -A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB -AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ -BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa -pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew -fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP -NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR -LlTxKnCrWAXftSm1rNtewTsF -</ds:KeyValue> - </ds:KeyInfo> - </KeyDescriptor> - <ArtifactResolutionService isDefault="true" index="0" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Location="http://idp5/artifact" />
Ce qui donne :
tox -e coverage-py2-dj18-sqlite coverage-py2-dj18-sqlite develop-inst-nodeps: /home/paul/src/django-mellon coverage-py2-dj18-sqlite installed: atomicwrites==1.1.5,attrs==18.1.0,beautifulsoup4==4.6.0,certifi==2018.4.16,chardet==3.0.4,coverage==4.5.1,cssselect==1.0.3,Django==1.8.19,-e git://repos.entrouvert.org/django-mellon.git@d4d0b859444b39743054e6dca4f87e2ea2524200#egg=django_mellon,django-webtest==1.9.2,funcsigs==1.0.2,httmock==1.2.6,idna==2.7,isodate==0.6.0,lxml==4.2.1,mock==2.0.0,more-itertools==4.2.0,pbr==4.0.4,pluggy==0.6.0,py==1.5.3,pyquery==1.4.0,pytest==3.6.1,pytest-cov==2.5.1,pytest-django==3.2.1,pytest-mock==1.10.0,pytest-random==0.2,pytz==2018.4,requests==2.19.0,six==1.11.0,urllib3==1.23,waitress==1.1.0,WebOb==1.8.2,WebTest==2.0.29 coverage-py2-dj18-sqlite runtests: PYTHONHASHSEED='2714249100' coverage-py2-dj18-sqlite runtests: commands[0] | ./getlasso.sh '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/lasso.py' -> '/usr/lib/python2.7/dist-packages/lasso.py' '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/_lasso.x86_64-linux-gnu.so' -> '/usr/lib/python2.7/dist-packages/_lasso.x86_64-linux-gnu.so' coverage-py2-dj18-sqlite runtests: commands[1] | py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests ===================================================================================== test session starts ===================================================================================== platform linux2 -- Python 2.7.15, pytest-3.6.1, py-1.5.3, pluggy-0.6.0 Tests are shuffled using seed number 391418290207. Django settings: testsettings (from environment variable) rootdir: /home/paul/src/django-mellon, inifile: plugins: random-0.2, mock-1.10.0, django-3.2.1, cov-2.5.1, django-webtest-1.9.2 collected 37 items tests/test_sso_slo.py F [ 2%] tests/test_views.py . [ 5%] tests/test_default_adapter.py . [ 8%] tests/test_views.py . [ 10%] tests/test_default_adapter.py . [ 13%] tests/test_views.py . [ 16%] tests/test_sso_slo.py E [ 18%] tests/test_utils.py . [ 21%] tests/test_default_adapter.py . [ 24%] tests/test_views.py . [ 27%] tests/test_utils.py . [ 29%] tests/test_views.py ... [ 37%] tests/test_default_adapter.py . [ 40%] tests/test_sso_slo.py E [ 43%] tests/test_default_adapter.py . [ 45%] tests/test_utils.py .. [ 51%] tests/test_views.py . [ 54%] tests/test_sso_slo.py E [ 56%] tests/test_views.py . [ 59%] tests/test_utils.py . [ 62%] tests/test_views.py . [ 64%] tests/test_utils.py .. [ 70%] tests/test_default_adapter.py . [ 72%] tests/test_utils.py . [ 75%] tests/test_default_adapter.py . [ 78%] tests/test_utils.py . [ 81%] tests/test_sso_slo.py E [ 83%] tests/test_views.py . [ 86%] tests/test_default_adapter.py .. [ 91%] tests/test_views.py . [ 94%] tests/test_utils.py .. [100%] =========================================================================================== ERRORS ============================================================================================ __________________________________________________________________________ ERROR at setup of test_sso_request_denied __________________________________________________________________________ sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0> idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n' idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n' sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n' @fixture def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata): > return MockIdp(idp_metadata, idp_private_key, sp_metadata) tests/test_sso_slo.py:120: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ tests/test_sso_slo.py:60: in __init__ server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata) /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer Error.raise_on_rc(rc) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rc = -202 @staticmethod def raise_on_rc(rc): global exceptions_dict if rc != 0: exception = exceptions_dict.get(rc, Error()) exception.code = rc > raise exception E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.> /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError ------------------------------------------------------------------------------------- Captured log setup -------------------------------------------------------------------------------------- lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not read KeyInfo from signing KeyDescriptor lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not load public signing key of http://testserver/metadata/ lasso.py 7709 ERROR 2018-06-14 07:01:38 (server.c/:76) Failed to add new provider. _______________________________________________________________________________ ERROR at setup of test_sso_slo ________________________________________________________________________________ sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0> idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n' idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n' sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n' @fixture def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata): > return MockIdp(idp_metadata, idp_private_key, sp_metadata) tests/test_sso_slo.py:120: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ tests/test_sso_slo.py:60: in __init__ server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata) /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer Error.raise_on_rc(rc) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rc = -202 @staticmethod def raise_on_rc(rc): global exceptions_dict if rc != 0: exception = exceptions_dict.get(rc, Error()) exception.code = rc > raise exception E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.> /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError ------------------------------------------------------------------------------------- Captured log setup -------------------------------------------------------------------------------------- lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not read KeyInfo from signing KeyDescriptor lasso.py 7709 WARNING 2018-06-14 07:01:38 Could not load public signing key of http://testserver/metadata/ lasso.py 7709 ERROR 2018-06-14 07:01:38 (server.c/:76) Failed to add new provider. ________________________________________________________________________ ERROR at setup of test_sso_slo_pass_next_url _________________________________________________________________________ sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0> idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n' idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n' sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n' @fixture def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata): > return MockIdp(idp_metadata, idp_private_key, sp_metadata) tests/test_sso_slo.py:120: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ tests/test_sso_slo.py:60: in __init__ server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata) /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer Error.raise_on_rc(rc) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rc = -202 @staticmethod def raise_on_rc(rc): global exceptions_dict if rc != 0: exception = exceptions_dict.get(rc, Error()) exception.code = rc > raise exception E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.> /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError ------------------------------------------------------------------------------------- Captured log setup -------------------------------------------------------------------------------------- lasso.py 7709 WARNING 2018-06-14 07:01:39 Could not read KeyInfo from signing KeyDescriptor lasso.py 7709 WARNING 2018-06-14 07:01:39 Could not load public signing key of http://testserver/metadata/ lasso.py 7709 ERROR 2018-06-14 07:01:39 (server.c/:76) Failed to add new provider. _________________________________________________________________________________ ERROR at setup of test_sso __________________________________________________________________________________ sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0> idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n' idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n' sp_metadata = u'<?xml version="1.0" encoding="UTF-8" standalone="yes"?>\n<EntityDescriptor\n...tp://testserver/login/" />\n </SPSSODescriptor>\n \n \n\n</EntityDescriptor>\n' @fixture def idp(sp_settings, idp_metadata, idp_private_key, sp_metadata): > return MockIdp(idp_metadata, idp_private_key, sp_metadata) tests/test_sso_slo.py:120: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ tests/test_sso_slo.py:60: in __init__ server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata) /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer Error.raise_on_rc(rc) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rc = -202 @staticmethod def raise_on_rc(rc): global exceptions_dict if rc != 0: exception = exceptions_dict.get(rc, Error()) exception.code = rc > raise exception E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.> /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError ------------------------------------------------------------------------------------- Captured log setup -------------------------------------------------------------------------------------- lasso.py 7709 WARNING 2018-06-14 07:01:40 Could not read KeyInfo from signing KeyDescriptor lasso.py 7709 WARNING 2018-06-14 07:01:40 Could not load public signing key of http://testserver/metadata/ lasso.py 7709 ERROR 2018-06-14 07:01:40 (server.c/:76) Failed to add new provider. ========================================================================================== FAILURES =========================================================================================== ______________________________________________________________________________________ test_sso_artifact ______________________________________________________________________________________ db = None, app = <django_webtest.DjangoTestApp object at 0x7fb979604c50>, caplog = <_pytest.logging.LogCaptureFixture object at 0x7fb979604dd0> sp_settings = <django.conf.LazySettings object at 0x7fb97b3f73d0> idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n' idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n' rf = <django.test.client.RequestFactory object at 0x7fb979604f90> def test_sso_artifact(db, app, caplog, sp_settings, idp_metadata, idp_private_key, rf): sp_settings.MELLON_DEFAULT_ASSERTION_CONSUMER_BINDING = 'artifact' request = rf.get('/') sp_metadata = create_metadata(request) > idp = MockIdp(idp_metadata, idp_private_key, sp_metadata) tests/test_sso_slo.py:164: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ tests/test_sso_slo.py:60: in __init__ server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata) /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7710: in addProviderFromBuffer Error.raise_on_rc(rc) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rc = -202 @staticmethod def raise_on_rc(rc): global exceptions_dict if rc != 0: exception = exceptions_dict.get(rc, Error()) exception.code = rc > raise exception E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.> /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError -------------------------------------------------------------------------------------- Captured log call -------------------------------------------------------------------------------------- lasso.py 7709 WARNING 2018-06-14 07:01:37 Could not read KeyInfo from signing KeyDescriptor lasso.py 7709 WARNING 2018-06-14 07:01:37 Could not load public signing key of http://testserver/metadata/ lasso.py 7709 ERROR 2018-06-14 07:01:37 (server.c/:76) Failed to add new provider. ----------------------------------------------------- generated xml file: /home/paul/src/django-mellon/junit-coverage-py2-dj18-sqlite.xml ----------------------------------------------------- ---------- coverage: platform linux2, python 2.7.15-final-0 ---------- Coverage XML written to file coverage.xml ======================================================================== 1 failed, 32 passed, 4 error in 4.11 seconds ========================================================================= ERROR: InvocationError for command '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/bin/py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests' (exited with code 1) ___________________________________________________________________________________________ summary ___________________________________________________________________________________________ ERROR: coverage-py2-dj18-sqlite: commands failed
(à noter les avertissements de lasso sur l'absence de clé de chiffrement déclarée pour le fournisseur, malgré le caractère obsolète de la chose).
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
Là c'est le chargement des métadonnées du SP, générées par mellon, rien n'a changé de ce coté, essaye de les imprimer pour voir (print avant la ligne addProvider qui pose problème, --capture=no passé à py.test).
Mis à jour par Paul Marillonnet il y a presque 6 ans
Voilà ce que l'affichage des métadonnées de SP donne :
paul@eosandbox:~/src/django-mellon$ tox -e coverage-py2-dj18-sqlite -- tests/test_sso_slo.py::test_sso_artifact --capture=no coverage-py2-dj18-sqlite develop-inst-nodeps: /home/paul/src/django-mellon coverage-py2-dj18-sqlite installed: atomicwrites==1.1.5,attrs==18.1.0,beautifulsoup4==4.6.0,certifi==2018.4.16,chardet==3.0.4,coverage==4.5.1,cssselect==1.0.3,Django==1.8.19,-e git://repos.entrouvert.org/django-mellon.git@d4d0b859444b39743054e6dca4f87e2ea2524200#egg=django_mellon,django-webtest==1.9.2,funcsigs==1.0.2,httmock==1.2.6,idna==2.7,isodate==0.6.0,lxml==4.2.1,mock==2.0.0,more-itertools==4.2.0,pbr==4.0.4,pluggy==0.6.0,py==1.5.3,pyquery==1.4.0,pytest==3.6.1,pytest-cov==2.5.1,pytest-django==3.3.0,pytest-mock==1.10.0,pytest-random==0.2,pytz==2018.4,requests==2.19.1,six==1.11.0,urllib3==1.23,waitress==1.1.0,WebOb==1.8.2,WebTest==2.0.29 coverage-py2-dj18-sqlite runtests: PYTHONHASHSEED='3439710411' coverage-py2-dj18-sqlite runtests: commands[0] | ./getlasso.sh '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/lasso.py' -> '/usr/lib/python2.7/dist-packages/lasso.py' '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/lib/python2.7/site-packages/_lasso.x86_64-linux-gnu.so' -> '/usr/lib/python2.7/dist-packages/_lasso.x86_64-linux-gnu.so' coverage-py2-dj18-sqlite runtests: commands[1] | py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests/test_sso_slo.py::test_sso_artifact --capture=no ===================================== test session starts ===================================== platform linux2 -- Python 2.7.15, pytest-3.6.1, py-1.5.3, pluggy-0.6.0 Tests are shuffled using seed number 391547705510. Django settings: testsettings (from environment variable) rootdir: /home/paul/src/django-mellon, inifile: plugins: random-0.2, mock-1.10.0, django-3.3.0, cov-2.5.1, django-webtest-1.9.2 collected 1 item tests/test_sso_slo.py <?xml version="1.0" encoding="UTF-8" standalone="yes"?> <EntityDescriptor entityID="http://testserver/metadata/" xmlns="urn:oasis:names:tc:SAML:2.0:metadata"> <SPSSODescriptor AuthnRequestsSigned="true" WantAssertionsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <Extensions> <idpdisc:DiscoveryResponse index="1" xmlns:idpdisc="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Binding="urn:oasis:names:tc:SAML:profiles:SSO:idp-discovery-protocol" Location="http://testserver/login/"/> </Extensions> <KeyDescriptor> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:X509Data> <ds:X509Certificate>-----BEGIN CERTIFICATE----- MIIDnjCCAoagAwIBAgIBATANBgkqhkiG9w0BAQUFADBUMQswCQYDVQQGEwJGUjEP MA0GA1UECBMGRnJhbmNlMQ4wDAYDVQQHEwVQYXJpczETMBEGA1UEChMKRW50cm91 dmVydDEPMA0GA1UEAxMGRGFtaWVuMB4XDTA2MTAyNzA5MDc1NFoXDTExMTAyNjA5 MDc1NFowVDELMAkGA1UEBhMCRlIxDzANBgNVBAgTBkZyYW5jZTEOMAwGA1UEBxMF UGFyaXMxEzARBgNVBAoTCkVudHJvdXZlcnQxDzANBgNVBAMTBkRhbWllbjCCASIw DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM06Hx6VgHYR9wUf/tZVVTRkVWNq h9x+PvHA2qH4OYMuqGs4Af6lU2YsZvnrmRdcFWv0+UkdAgXhReCWAZgtB1pd/W9m 6qDRldCCyysow6xPPKRz/pOTwRXm/fM0QGPeXzwzj34BXOIOuFu+n764vKn18d+u uVAEzk1576pxTp4pQPzJfdNLrLeQ8vyCshoFU+MYJtp1UA+h2JoO0Y8oGvywbUxH ioHN5PvnzObfAM4XaDQohmfxM9Uc7Wp4xKAc1nUq5hwBrHpjFMRSz6UCfMoJSGIi +3xJMkNCjL0XEw5NKVc5jRKkzSkN5j8KTM/k1jPPsDHPRYzbWWhnNtd6JlkCAwEA AaN7MHkwCQYDVR0TBAIwADAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5lcmF0 ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFP2WWMDShux3iF74+SoO1xf6qhqaMB8G A1UdIwQYMBaAFGjl6TRXbQDHzSlZu+e8VeBaZMB5MA0GCSqGSIb3DQEBBQUAA4IB AQAZ/imK7UMognXbs5RfSB8cMW6iNAI+JZqe9XWjvtmLfIIPbHM96o953SiFvrvQ BZjGmmPMK3UH29cjzDx1R/RQaYTyMrHyTePLh3BMd5mpJ/9eeJCSxPzE2ECqWRUa pkjukecFXqmRItwgTxSIUE9QkpzvuQRb268PwmgroE0mwtiREADnvTFkLkdiEMew fiYxZfJJLPBqwlkw/7f1SyzXoPXnz5QbNwDmrHelga6rKSprYKb3pueqaIe8j/AP NC1/bzp8cGOcJ88BD5+Ny6qgPVCrMLE5twQumJ12V3SvjGNtzFBvg2c/9S5OmVqR LlTxKnCrWAXftSm1rNtewTsF -----END CERTIFICATE----- </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </KeyDescriptor> <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" Location="http://testserver/logout/" /> <AssertionConsumerService index="0" isDefault="true" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact" Location="http://testserver/login/" /> <AssertionConsumerService index="1" Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="http://testserver/login/" /> </SPSSODescriptor> </EntityDescriptor> F ========================================== FAILURES =========================================== ______________________________________ test_sso_artifact ______________________________________ db = None, app = <django_webtest.DjangoTestApp object at 0x7f8ef60f41d0> caplog = <_pytest.logging.LogCaptureFixture object at 0x7f8ef60f4350> sp_settings = <django.conf.LazySettings object at 0x7f8ef7e99650> idp_metadata = '<?xml version="1.0"?>\n<EntityDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata"\n xmlns:saml="urn:oasis:name...ization>\n <OrganizationName xml:lang="en">Entr\'ouvert</OrganizationName>\n</Organization>\n\n</EntityDescriptor>\n' idp_private_key = '-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAzTofHpWAdhH3BR/+1lVVNGRVY2qH3H4+8cDaofg5gy6oazgB\n/qVTZixm+euZF1wVa/...yaRYSgbdowxLM1XxDJMFIPR2uG6N+vi\nHzWkRxi2SXKU42vfs5eA0itHvQP2DfUx8VuvtwVbOxDGgntYia70\n-----END RSA PRIVATE KEY-----\n' rf = <django.test.client.RequestFactory object at 0x7f8ef60f4510> def test_sso_artifact(db, app, caplog, sp_settings, idp_metadata, idp_private_key, rf): sp_settings.MELLON_DEFAULT_ASSERTION_CONSUMER_BINDING = 'artifact' request = rf.get('/') sp_metadata = create_metadata(request) > idp = MockIdp(idp_metadata, idp_private_key, sp_metadata) tests/test_sso_slo.py:165: _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ tests/test_sso_slo.py:61: in __init__ server.addProviderFromBuffer(lasso.PROVIDER_ROLE_SP, sp_metadata) /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:7878: in addProviderFromBuffer Error.raise_on_rc(rc) _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ rc = -202 @staticmethod def raise_on_rc(rc): global exceptions_dict if rc != 0: exception = exceptions_dict.get(rc, Error()) exception.code = rc > raise exception E ServerAddProviderFailedError: <lasso.ServerAddProviderFailedError(-202): Failed to add new provider.> /tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/local/lib/python2.7/site-packages/lasso.py:62: ServerAddProviderFailedError -------------------------------------- Captured log call -------------------------------------- lasso.py 7877 WARNING 2018-06-20 03:27:05 Could not read KeyInfo from signing KeyDescriptor lasso.py 7877 WARNING 2018-06-20 03:27:05 Could not load public signing key of http://testserver/metadata/ lasso.py 7877 ERROR 2018-06-20 03:27:05 (server.c/:76) Failed to add new provider. ----- generated xml file: /home/paul/src/django-mellon/junit-coverage-py2-dj18-sqlite.xml ----- ---------- coverage: platform linux2, python 2.7.15-final-0 ---------- Coverage XML written to file coverage.xml ================================== 1 failed in 1.13 seconds =================================== ERROR: InvocationError for command '/tmp/tox-paul/django-mellon/coverage-py2-dj18-sqlite/bin/py.test --random --junit-xml=junit-coverage-py2-dj18-sqlite.xml --cov=mellon --cov-report xml tests/test_sso_slo.py::test_sso_artifact --capture=no' (exited with code 1) ___________________________________________ summary ___________________________________________ ERROR: coverage-py2-dj18-sqlite: commands failed
Mis à jour par Frédéric Péters il y a presque 6 ans
<ds:X509Certificate>-----BEGIN CERTIFICATE-----
Ce n'est plus accepté par Lasso, dégage. les lignes "BEGIN CERTIFICATE" (et END...); cf le premier commentaire de Benjamin.
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
En fait dans mon premier commentaire je disais que c'était le format KeyValue qui était exclu, il y a effectivement aussi ce deuxième changement, pas d'entête PEM dans X509Certificate.
Mis à jour par Paul Marillonnet il y a presque 6 ans
- Fichier 0001-tests-adapt-to-lasso-PEM-formatting-deprecation-2453.patch 0001-tests-adapt-to-lasso-PEM-formatting-deprecation-2453.patch ajouté
- Patch proposed changé de Non à Oui
Merci, j'avais lu trop vite ton premier commentaire.
Mis à jour par Paul Marillonnet il y a presque 6 ans
- Lié à Development #19396: pouvoir charger un fichier de fédération ajouté
Mis à jour par Benjamin Dauvergne il y a presque 6 ans
- Statut changé de Nouveau à Solution validée
Pousse donc.
Mis à jour par Paul Marillonnet il y a presque 6 ans
Poussé en milieu de semaine dernière, oublié de mettre à jour le ticket :
commit c5fddd13cd41bb5aba85e64973e41cd0bc914300 Author: Paul Marillonnet <pmarillonnet@entrouvert.com> Date: Wed Jun 20 11:09:38 2018 +0200 tests: adapt to lasso PEM-formatting deprecation (#24531)
Mis à jour par Frédéric Péters il y a presque 6 ans
- Statut changé de Solution validée à Résolu (à déployer)
(il faut marquer le ticket en "résolu (à déployer)".)
Mis à jour par Benjamin Dauvergne il y a plus de 5 ans
- Statut changé de Résolu (à déployer) à Fermé
tests: adapt to lasso PEM-formatting deprecation (#24531)