Skip to content

Commit

Permalink
feat(incommon): tests
Browse files Browse the repository at this point in the history
  • Loading branch information
Rudyard Richter committed Jun 26, 2019
1 parent 480df90 commit d954728
Show file tree
Hide file tree
Showing 2 changed files with 84 additions and 4 deletions.
13 changes: 9 additions & 4 deletions fence/blueprints/login/fence_login.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -91,10 +91,12 @@ def get(self):
try:
content = get_disco_feed()
except EnvironmentError:
response = flask.jsonify(
{"error": "couldn't reach endpoint on shibboleth provider"}
return flask.Response(
response=flask.jsonify(
{"error": "couldn't reach endpoint on shibboleth provider"}
),
status=500,
)
return response, 500
if not content:
raise NotFound("this endpoint is unavailable")
return flask.jsonify(content)
Expand Down Expand Up @@ -123,7 +125,10 @@ def get_disco_feed():
if not fence_idp_url:
return None
disco_feed_url = fence_idp_url.rstrip("/") + "/Shibboleth.sso/DiscoFeed"
response = requests.get(disco_feed_url, timeout=3)
try:
response = requests.get(disco_feed_url, timeout=3)
except requests.RequestException:
raise EnvironmentError("couldn't reach fence IDP")
if response.status_code != 200:
# if it's 404 that's fine---just no shibboleth. otherwise there could be an
# actual problem
Expand Down
75 changes: 75 additions & 0 deletions tests/login/test_fence_login.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
from authutils.oauth2.client import OAuthClient
import mock
import pytest
import requests

import fence
from fence.config import config
Expand Down Expand Up @@ -80,3 +81,77 @@ def test_redirect_login_fence(app, client, config_idp_in_client):
assert r.status_code == 302
assert "/oauth2/authorize" in r.location
assert config["OPENID_CONNECT"]["fence"]["api_base_url"] in r.location


def test_downstream_idps_no_idp(app, client):
"""
If we don't include the config here, then the client doesn't have any fence IDP, so
this endpoint should return 404.
"""
response = client.get("/login/downstream-idps")
assert response.status_code == 404


def test_downstream_idps_no_shibboleth(app, client, config_idp_in_client):
"""
If we include the config pointing to a fence IDP but the IDP fence doesn't have
shibboleth, that request will 404, and this request should also return 404.
"""

def mock_get_404(*args, **kwargs):
mocked_response = mock.MagicMock(requests.Response)
mocked_response.status_code = 404
return mocked_response

with mock.patch("fence.blueprints.login.fence_login.requests.get", mock_get_404):
response = client.get("/login/downstream-idps")
assert response.status_code == 404


def test_downstream_idps(app, client, config_idp_in_client):
"""
Test that if we mock the request to `/Shibboleth.sso/DiscoFeed` on the IDP fence,
this client fence will correctly return the same response from
`/login-downstream-idps`.
"""
entityID = "urn:mace:incommon:uchicago.edu"

def mock_get(*args, **kwargs):
mocked_response = mock.MagicMock(requests.Response)
mocked_response.status_code = 200
mocked_response.json.return_value = [{
"entityID": entityID,
"DisplayNames": [
{
"value": "University of Chicago",
"lang": "en"
}
],
"Descriptions": [
{
"value": "The University of Chicago Web Single Sign-On servce",
"lang": "en"
}
],
"PrivacyStatementURLs": [
{
"value": "https://its.uchicago.edu/acceptable-use-policy/",
"lang": "en"
}
],
"Logos": [
{
"value": "https://shibboleth2.uchicago.edu/idp/shib_img/idplogo.png",
"height": "83",
"width": "350",
"lang": "en"
}
]
}]
return mocked_response

with mock.patch("fence.blueprints.login.fence_login.requests.get", mock_get):
response = client.get("/login/downstream-idps")
assert len(response.json) == 1
assert [entity for entity in response.json if entity["entityID"] == entityID]
assert response.status_code == 200

0 comments on commit d954728

Please sign in to comment.