Example #1
0
  @Test
  public void failOnWrongDestination() throws Exception {
    response.setStatus(SAMLUtil.createStatus(StatusCode.SUCCESS_URI));
    response.setDestination("http://consumer");
    Assertion assertion =
        TestHelper.buildAssertion(
            spMetadata.getAssertionConsumerServiceLocation(0), spMetadata.getEntityID());
    response.getAssertions().add(assertion);

    final String xml = TestHelper.signObject(response, credential);
    context.checking(
        new Expectations() {
          {
            atLeast(1).of(req).getParameter(Constants.SAML_SAMLRESPONSE);
            will(returnValue(Base64.encodeBytes(xml.getBytes())));
            allowing(req).getParameter(Constants.SAML_RELAYSTATE);
            will(returnValue(""));
          }
        });

    try {
      sh.handlePost(ctx);
      fail("Wrong destination, should  fail");
    } catch (RuntimeException e) {
    }
  }
Example #2
0
  @Test
  public void handleSuccess() throws Exception {
    response.setStatus(SAMLUtil.createStatus(StatusCode.SUCCESS_URI));
    response.setDestination(spMetadata.getAssertionConsumerServiceLocation(0));

    Assertion assertion =
        TestHelper.buildAssertion(
            spMetadata.getAssertionConsumerServiceLocation(0), spMetadata.getEntityID());
    response.getAssertions().add(assertion);

    final String xml = TestHelper.signObject(response, credential);
    context.checking(
        new Expectations() {
          {
            atLeast(1).of(req).getParameter(Constants.SAML_SAMLRESPONSE);
            will(returnValue(Base64.encodeBytes(xml.getBytes())));
            allowing(req).getParameter(Constants.SAML_RELAYSTATE);
            will(
                returnValue(
                    handler.saveRequest(
                        new Request("uri", "query", "GET", new HashMap<String, String[]>()))));
            one(session)
                .setAttribute(
                    with(equal(Constants.SESSION_USER_ASSERTION)), with(any(UserAssertion.class)));
            one(res).sendRedirect("uri?query");
            one(req).getCookies();
            will(returnValue(null));
            one(session).getMaxInactiveInterval();
            will(returnValue(30));
          }
        });

    expectCacheHeaders();
    sh.handlePost(ctx);
  }
Example #3
0
  @Before
  public void setUp() throws Exception {

    sh =
        new SAMLAssertionConsumerHandler(
            TestHelper.buildConfiguration(
                new HashMap<String, String>() {
                  {
                    put(Constants.PROP_VALIDATOR, OIOSAMLAssertionValidator.class.getName());
                  }
                }));

    response = SAMLUtil.buildXMLObject(Response.class);
    context.checking(
        new Expectations() {
          {
            allowing(req).getRequestURI();
            will(returnValue("uri"));
            allowing(req).getQueryString();
            will(returnValue("query"));
          }
        });
    ctx =
        new RequestContext(
            req,
            res,
            idpMetadata,
            spMetadata,
            credential,
            buildConfiguration(new HashMap<String, String>()),
            handler,
            bindingHandlerFactory);
  }
Example #4
0
  @Test
  public void failOnNoAssertions() throws Exception {
    response.setStatus(SAMLUtil.createStatus(StatusCode.SUCCESS_URI));

    final String xml = TestHelper.signObject(response, credential);
    context.checking(
        new Expectations() {
          {
            atLeast(1).of(req).getParameter(Constants.SAML_SAMLRESPONSE);
            will(returnValue(Base64.encodeBytes(xml.getBytes())));
            allowing(req).getParameter(Constants.SAML_RELAYSTATE);
            will(returnValue(""));
          }
        });

    try {
      sh.handlePost(ctx);
      fail("No assertions in response");
    } catch (RuntimeException e) {
    }
  }