コード例 #1
0
  @Test
  public void failOnWrongDestination() throws Exception {
    response.setStatus(SAMLUtil.createStatus(StatusCode.SUCCESS_URI));
    response.setDestination("http://consumer");
    Assertion assertion =
        TestHelper.buildAssertion(
            spMetadata.getAssertionConsumerServiceLocation(0), spMetadata.getEntityID());
    response.getAssertions().add(assertion);

    final String xml = TestHelper.signObject(response, credential);
    context.checking(
        new Expectations() {
          {
            atLeast(1).of(req).getParameter(Constants.SAML_SAMLRESPONSE);
            will(returnValue(Base64.encodeBytes(xml.getBytes())));
            allowing(req).getParameter(Constants.SAML_RELAYSTATE);
            will(returnValue(""));
          }
        });

    try {
      sh.handlePost(ctx);
      fail("Wrong destination, should  fail");
    } catch (RuntimeException e) {
    }
  }
コード例 #2
0
  @Test
  public void handleSuccess() throws Exception {
    response.setStatus(SAMLUtil.createStatus(StatusCode.SUCCESS_URI));
    response.setDestination(spMetadata.getAssertionConsumerServiceLocation(0));

    Assertion assertion =
        TestHelper.buildAssertion(
            spMetadata.getAssertionConsumerServiceLocation(0), spMetadata.getEntityID());
    response.getAssertions().add(assertion);

    final String xml = TestHelper.signObject(response, credential);
    context.checking(
        new Expectations() {
          {
            atLeast(1).of(req).getParameter(Constants.SAML_SAMLRESPONSE);
            will(returnValue(Base64.encodeBytes(xml.getBytes())));
            allowing(req).getParameter(Constants.SAML_RELAYSTATE);
            will(
                returnValue(
                    handler.saveRequest(
                        new Request("uri", "query", "GET", new HashMap<String, String[]>()))));
            one(session)
                .setAttribute(
                    with(equal(Constants.SESSION_USER_ASSERTION)), with(any(UserAssertion.class)));
            one(res).sendRedirect("uri?query");
            one(req).getCookies();
            will(returnValue(null));
            one(session).getMaxInactiveInterval();
            will(returnValue(30));
          }
        });

    expectCacheHeaders();
    sh.handlePost(ctx);
  }
コード例 #3
0
  @Test(expected = RuntimeException.class)
  public void failOnMissingSignature() throws Exception {
    response.setStatus(SAMLUtil.createStatus(StatusCode.SUCCESS_URI));
    final String encoded = encodeResponse(response);

    context.checking(
        new Expectations() {
          {
            atLeast(1).of(req).getParameter(Constants.SAML_SAMLRESPONSE);
            will(returnValue(encoded));
            allowing(req).getParameter(Constants.SAML_RELAYSTATE);
            will(returnValue(""));
          }
        });

    sh.handlePost(ctx);
  }
コード例 #4
0
  @Test
  public void failOnNoAssertions() throws Exception {
    response.setStatus(SAMLUtil.createStatus(StatusCode.SUCCESS_URI));

    final String xml = TestHelper.signObject(response, credential);
    context.checking(
        new Expectations() {
          {
            atLeast(1).of(req).getParameter(Constants.SAML_SAMLRESPONSE);
            will(returnValue(Base64.encodeBytes(xml.getBytes())));
            allowing(req).getParameter(Constants.SAML_RELAYSTATE);
            will(returnValue(""));
          }
        });

    try {
      sh.handlePost(ctx);
      fail("No assertions in response");
    } catch (RuntimeException e) {
    }
  }