#!/usr/share/ucs-test/runner python
## desc: Test handling of multiple certs in cert.pem
## tags: [saml]
## bugs: [47700]
## join: true
## roles: [domaincontroller_master]
## exposure: dangerous
## tags:
##  - skip_admember

from __future__ import print_function
import os

import samltest
import univention.testing.utils as utils


def main():
	cert_folder = samltest.SPCertificate.get_server_cert_folder()
	with open(os.path.join(cert_folder, 'cert.pem'), 'rb') as cert_file:
		cert = cert_file.read()
	with open('/etc/univention/ssl/ucsCA/CAcert.pem', 'rb') as ca_file:
		cert += '\n' + ca_file.read()
	with samltest.SPCertificate(cert):
		saml_check()


def saml_check():
	account = utils.UCSTestDomainAdminCredentials()
	SamlSession = samltest.SamlTest(account.username, account.bindpw)
	try:
		SamlSession.login_with_new_session_at_IdP()
		SamlSession.test_login()
		SamlSession.logout_at_IdP()
		SamlSession.test_logout_at_IdP()
		SamlSession.test_logout()
	except samltest.SamlError as exc:
		utils.fail(exc.message)


if __name__ == '__main__':
	main()
	print("####Success: SSO login is working####")
