private Response buildMockResponse() throws Exception {
Response samlMessage = new ResponseBuilder().buildObject();
samlMessage.setID("foo");
samlMessage.setVersion(SAMLVersion.VERSION_20);
samlMessage.setIssueInstant(new DateTime(0));
Issuer issuer = new IssuerBuilder().buildObject();
issuer.setValue("MockedIssuer");
samlMessage.setIssuer(issuer);
Status status = new StatusBuilder().buildObject();
StatusCode statusCode = new StatusCodeBuilder().buildObject();
statusCode.setValue(StatusCode.SUCCESS_URI);
status.setStatusCode(statusCode);
samlMessage.setStatus(status);
Assertion assertion = new AssertionBuilder().buildObject();
Subject subject = new SubjectBuilder().buildObject();
NameID nameID = new NameIDBuilder().buildObject();
nameID.setValue("SOME-UNIQUE-ID");
nameID.setFormat(NameIDType.PERSISTENT);
subject.setNameID(nameID);
assertion.setSubject(subject);
AuthnStatement authnStatement = new AuthnStatementBuilder().buildObject();
authnStatement.setSessionIndex("Some Session String");
assertion.getAuthnStatements().add(authnStatement);
AttributeStatement attributeStatement = new AttributeStatementBuilder().buildObject();
assertion.getAttributeStatements().add(attributeStatement);
samlMessage.getAssertions().add(assertion);
return samlMessage;
}
@Test(expected = ValidationException.class)
public void validatePassiveNotAllowed() throws Exception {
srt.getAssertions().clear();
srt.setStatus(SAMLUtil.createStatus(StatusCode.RESPONDER_URI));
StatusCode code = SAMLUtil.buildXMLObject(StatusCode.class);
code.setValue(StatusCode.NO_PASSIVE_URI);
srt.getStatus().getStatusCode().setStatusCode(code);
response.validateResponse(srt.getDestination(), cert, false);
}
@Test
public void isPassiveIgnoresOuterStatus() throws Exception {
srt.getAssertions().clear();
srt.setStatus(SAMLUtil.createStatus(StatusCode.REQUESTER_URI));
StatusCode code = SAMLUtil.buildXMLObject(StatusCode.class);
code.setValue(StatusCode.NO_PASSIVE_URI);
srt.getStatus().getStatusCode().setStatusCode(code);
assertTrue(response.isPassive());
}
@Test
public void validatePassiveAllowed() throws Exception {
srt.getAssertions().clear();
srt.setStatus(SAMLUtil.createStatus(StatusCode.RESPONDER_URI));
StatusCode code = SAMLUtil.buildXMLObject(StatusCode.class);
code.setValue(StatusCode.NO_PASSIVE_URI);
srt.getStatus().getStatusCode().setStatusCode(code);
Element elm = SAMLUtil.marshallObject(srt);
srt.setDOM(elm);
OIOResponse oioResponse = new OIOResponse(srt);
oioResponse.sign(credential);
response.validateResponse(srt.getDestination(), cert, true);
}
private Status buildStatus(String status, String statMsg) {
Status stat = new StatusBuilder().buildObject();
// Set the status code
StatusCode statCode = new StatusCodeBuilder().buildObject();
statCode.setValue(status);
stat.setStatusCode(statCode);
// Set the status Message
if (statMsg != null) {
StatusMessage statMesssage = new StatusMessageBuilder().buildObject();
statMesssage.setMessage(statMsg);
stat.setStatusMessage(statMesssage);
}
return stat;
}