Redirect on 303 in SAML plugin

The SAML plugin handles redirects in a custom manner but currently only checks for the 302 redirect code. This doesn't cover the mod_auth_mellon case which responds with a 303. Also handle the 303 redirect case. Change-Id: Idab5f381fcbfb8c561184845d3aa5c8aab142ecd Closes-Bug: #1501918 (cherry picked from commit 9cd71c064c77a22a0a58084a2abab77b023017b5)
author: Jamie Lennox <jamielennox@redhat.com> 2015-10-02 07:17:21 +1000
committer: Jamie Lennox <jamielennox@redhat.com> 2015-10-02 11:47:16 +1000
commit: 805c9d6563f5920ed8a1763fa0b1007f549b998e (patch)
tree: 8127fc4d75b9acfbcc76d51f653425ece309f4a2 /keystoneclient/tests/unit
parent: 7d243119abc04ccc0a29eaa2ab715924e17f7adb (diff)
download: python-keystoneclient-805c9d6563f5920ed8a1763fa0b1007f549b998e.tar.gz
1 files changed, 26 insertions, 1 deletions
diff --git a/keystoneclient/tests/unit/v3/test_auth_saml2.py b/keystoneclient/tests/unit/v3/test_auth_saml2.py
index 33bfdac..ac10d2d 100644
--- a/keystoneclient/tests/unit/v3/test_auth_saml2.py
+++ b/keystoneclient/tests/unit/v3/test_auth_saml2.py
@@ -282,7 +282,32 @@ class AuthenticateviaSAML2Tests(utils.TestCase):
         self.assertEqual(self.FEDERATION_AUTH_URL,
                          response.headers['location'])
 
-        response = self.saml2plugin._handle_http_302_ecp_redirect(
+        response = self.saml2plugin._handle_http_ecp_redirect(
+            self.session, response, 'GET')
+
+        self.assertEqual(self.FEDERATION_AUTH_URL, response.request.url)
+        self.assertEqual('GET', response.request.method)
+
+    def test_custom_303_redirection(self):
+        self.requests_mock.post(
+            self.SHIB_CONSUMER_URL,
+            text='BODY',
+            headers={'location': self.FEDERATION_AUTH_URL},
+            status_code=303)
+
+        self.requests_mock.get(
+            self.FEDERATION_AUTH_URL,
+            json=saml2_fixtures.UNSCOPED_TOKEN,
+            headers={'X-Subject-Token': saml2_fixtures.UNSCOPED_TOKEN_HEADER})
+
+        self.session.redirect = False
+        response = self.session.post(
+            self.SHIB_CONSUMER_URL, data='CLIENT BODY')
+        self.assertEqual(303, response.status_code)
+        self.assertEqual(self.FEDERATION_AUTH_URL,
+                         response.headers['location'])
+
+        response = self.saml2plugin._handle_http_ecp_redirect(
             self.session, response, 'GET')
 
         self.assertEqual(self.FEDERATION_AUTH_URL, response.request.url)
author	Jamie Lennox <jamielennox@redhat.com>	2015-10-02 07:17:21 +1000
committer	Jamie Lennox <jamielennox@redhat.com>	2015-10-02 11:47:16 +1000
commit	805c9d6563f5920ed8a1763fa0b1007f549b998e (patch)
tree	8127fc4d75b9acfbcc76d51f653425ece309f4a2 /keystoneclient/tests/unit
parent	7d243119abc04ccc0a29eaa2ab715924e17f7adb (diff)
download	python-keystoneclient-805c9d6563f5920ed8a1763fa0b1007f549b998e.tar.gz