/* Tests to ensure that invalid SAML version throws the correct exception */ @Test(expected = InvalidSAMLRequestException.class) public void testValidate2d() throws InvalidSAMLRequestException { IdentifierCache cache = createMock(IdentifierCache.class); replay(cache); SAMLRequestValidatorImpl validator = new SAMLRequestValidatorImpl(cache, 100); RequestAbstractType request = new AuthnRequest(); request.setID("1234"); /* GMT timezone */ SimpleTimeZone gmt = new SimpleTimeZone(0, "UTC"); /* GregorianCalendar with the GMT time zone */ GregorianCalendar calendar = new GregorianCalendar(gmt); XMLGregorianCalendar xmlCalendar = new XMLGregorianCalendarImpl(calendar); request.setIssueInstant(xmlCalendar); NameIDType issuer = new NameIDType(); issuer.setValue("testcase"); request.setIssuer(issuer); request.setVersion("SAML-TC"); validator.validate(request); verify(cache); }
/* Tests to ensure that replay attack generates the correct exception */ @Test(expected = InvalidSAMLRequestException.class) public void testValidate2g() throws InvalidSAMLRequestException { IdentifierCache cache = createMock(IdentifierCache.class); try { cache.registerIdentifier("1234"); } catch (IdentifierCollisionException e) { e.printStackTrace(); fail("IdentifierCollisionException not expected in this test"); } expectLastCall().andThrow(new IdentifierCollisionException("testcase")); replay(cache); SAMLRequestValidatorImpl validator = new SAMLRequestValidatorImpl(cache, 100); RequestAbstractType request = new AuthnRequest(); request.setID("1234"); /* GMT timezone */ SimpleTimeZone gmt = new SimpleTimeZone(0, "UTC"); /* GregorianCalendar with the GMT time zone */ GregorianCalendar calendar = new GregorianCalendar(gmt); XMLGregorianCalendar xmlCalendar = new XMLGregorianCalendarImpl(calendar); request.setIssueInstant(xmlCalendar); NameIDType issuer = new NameIDType(); issuer.setValue("testcase"); request.setIssuer(issuer); request.setVersion(VersionConstants.saml20); Status status = new Status(); StatusCode code = new StatusCode(); code.setValue("success"); status.setStatusCode(code); validator.validate(request); verify(cache); }