import lasso
import os.path
import unittest

DATA_DIR = "./data"

class TestNoSha1(unittest.TestCase):
    def setUp(self):
        self.sp = lasso.Server(
                os.path.join(DATA_DIR, 'sp/metadata.xml'),
                os.path.join(DATA_DIR, 'sp/private-key.pem'))

        self.sp.addProvider(
                lasso.PROVIDER_ROLE_IDP,
                os.path.join(DATA_DIR, 'idp/metadata.xml'))

    def test_login_uses_strong_hash(self):
        """
        Asserting that sha256 is used as the default signature for login requests
        """
        sp_login = lasso.Login(self.sp)
        sp_login.initAuthnRequest(None, lasso.HTTP_METHOD_REDIRECT)
        login_dump = sp_login.dump()

        self.assertFalse('sha1' in login_dump)
        self.assertTrue('sha256' in login_dump)

    def test_loading_sha1_signed_metadata_is_forbidden(self):
        """
        Negative test: Asserting that sha-1 signed metadata does not load
        """
        self.assertRaises(self.sp.loadMetadata,
                          lasso.PROVIDER_ROLE_IDP,
                          os.path.join(DATA_DIR, 'metadata/renater-metadata.xml'),
                          os.path.join(DATA_DIR, 'rootCA.crt'),
                          None,
                          lasso.SERVER_LOAD_METADATA_FLAG_DEFAULT)

if __name__ == "__main__":
    unittest.main()