# -*- coding: utf-8 -*-
# Copyright 2019 The Matrix.org Foundation C.I.C.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
import logging
import unittest
from typing import Optional
from . import create_mapping_provider
logging.basicConfig()
def _make_test_saml_response(
provider_config: dict,
source_attribute_value: str,
display_name: Optional[str] = None
):
"""Create a fake object based off of saml2.response.AuthnResponse
Args:
provider_config: The config dictionary used when creating the provider object
source_attribute_value: The desired value that the mapping provider will
pull out of the response object to turn into a Matrix UserID.
display_name: The desired displayname that the mapping provider will pull
out of the response object to turn into a Matrix user displayname.
Returns:
An object masquerading as a saml2.response.AuthnResponse object
"""
class FakeResponse(object):
def __init__(self):
self.ava = {
provider_config["mxid_source_attribute"]: [source_attribute_value],
}
if display_name:
self.ava["displayName"] = [display_name]
return FakeResponse()
class SamlUserAttributeTestCase(unittest.TestCase):
def _attribute_test(
self,
input_uid: str,
input_displayname: Optional[str],
output_localpart: str,
output_displayname: Optional[str],
):
"""Creates a dummy response, feeds it to the provider and checks the output
Args:
input_uid: The value of the mxid_source_attribute that the provider will
base the generated localpart off of.
input_displayname: The saml auth response displayName value that the
provider will generate a Matrix user displayname from.
output_localpart: The expected mxid localpart.
output_displayname: The expected matrix displayname.
"""
provider, config = create_mapping_provider()
response = _make_test_saml_response(config, input_uid, input_displayname)
attribute_dict = provider.saml_response_to_user_attributes(response)
self.assertEqual(attribute_dict["mxid_localpart"], output_localpart)
self.assertEqual(attribute_dict["displayname"], output_displayname)
def test_normal_user(self):
self._attribute_test("john*doe2000#@example.com", None, "john.doe2000", None)
def test_normal_user_displayname(self):
self._attribute_test(
"john*doe2000#@example.com", "Jonny", "john.doe2000", "Jonny"
)
def test_multiple_adjacent_symbols(self):
self._attribute_test("bob%^$&#!bobby@example.com", None, "bob.bobby", None)
def test_username_does_not_end_with_dot(self):
"""This is allowed in mxid syntax, but is not aesthetically pleasing"""
self._attribute_test("bob.bobby$@example.com", None, "bob.bobby", None)
def test_username_no_email(self):
self._attribute_test("bob.bobby", None, "bob.bobby", None)
def test_username_starting_with_underscore(self):
self._attribute_test(
"_twilight (sparkle)@somewhere.com", None, "twilight.sparkle", None
)
def test_existing_user(self):
provider, config = create_mapping_provider()
response = _make_test_saml_response(config, "wibble%@wobble.com", None)
attribute_dict = provider.saml_response_to_user_attributes(response)
# Simulate a failure on the first attempt
attribute_dict = provider.saml_response_to_user_attributes(response, failures=1)
self.assertEqual(attribute_dict["mxid_localpart"], "wibble1")
self.assertEqual(attribute_dict["displayname"], None)