summary refs log tree commit diff
path: root/tests/handlers/test_saml.py
diff options
context:
space:
mode:
authorPatrick Cloke <clokep@users.noreply.github.com>2020-12-04 08:25:15 -0500
committerGitHub <noreply@github.com>2020-12-04 08:25:15 -0500
commit22c6c19f91d7325c82eddfada696826adad69e5b (patch)
tree7948c3f80aff6ad6f2ff11e2a56676a70c3346b5 /tests/handlers/test_saml.py
parentRemove version pin prometheus_client dependency (#8875) (diff)
downloadsynapse-22c6c19f91d7325c82eddfada696826adad69e5b.tar.xz
Fix a regression that mapping providers should be able to redirect users. (#8878)
This was broken in #8801.
Diffstat (limited to '')
-rw-r--r--tests/handlers/test_saml.py28
1 files changed, 28 insertions, 0 deletions
diff --git a/tests/handlers/test_saml.py b/tests/handlers/test_saml.py
index e1e13a5faf..45dc17aba5 100644
--- a/tests/handlers/test_saml.py
+++ b/tests/handlers/test_saml.py
@@ -14,6 +14,7 @@
 
 import attr
 
+from synapse.api.errors import RedirectException
 from synapse.handlers.sso import MappingException
 
 from tests.unittest import HomeserverTestCase, override_config
@@ -49,6 +50,13 @@ class TestMappingProvider:
         return {"mxid_localpart": localpart, "displayname": None}
 
 
+class TestRedirectMappingProvider(TestMappingProvider):
+    def saml_response_to_user_attributes(
+        self, saml_response, failures, client_redirect_url
+    ):
+        raise RedirectException(b"https://custom-saml-redirect/")
+
+
 class SamlHandlerTestCase(HomeserverTestCase):
     def default_config(self):
         config = super().default_config()
@@ -166,3 +174,23 @@ class SamlHandlerTestCase(HomeserverTestCase):
         self.assertEqual(
             str(e.value), "Unable to generate a Matrix ID from the SSO response"
         )
+
+    @override_config(
+        {
+            "saml2_config": {
+                "user_mapping_provider": {
+                    "module": __name__ + ".TestRedirectMappingProvider"
+                },
+            }
+        }
+    )
+    def test_map_saml_response_redirect(self):
+        saml_response = FakeAuthnResponse({"uid": "test", "username": "test_user"})
+        redirect_url = ""
+        e = self.get_failure(
+            self.handler._map_saml_response_to_user(
+                saml_response, redirect_url, "user-agent", "10.10.10.10"
+            ),
+            RedirectException,
+        )
+        self.assertEqual(e.value.location, b"https://custom-saml-redirect/")