public void testErrorHandling() throws Exception {
ErrorServlet.authError = null;
Client client = ClientBuilder.newClient();
// make sure
Response response = client.target(APP_SERVER_BASE_URL + "/employee-sig/").request().get();
response.close();
SAML2ErrorResponseBuilder builder =
new SAML2ErrorResponseBuilder()
.destination(APP_SERVER_BASE_URL + "/employee-sig/saml")
.issuer(AUTH_SERVER_URL + "/realms/demo")
.status(JBossSAMLURIConstants.STATUS_REQUEST_DENIED.get());
BaseSAML2BindingBuilder binding = new BaseSAML2BindingBuilder().relayState(null);
Document document = builder.buildDocument();
URI uri =
binding
.redirectBinding(document)
.generateURI(APP_SERVER_BASE_URL + "/employee-sig/saml", false);
response = client.target(uri).request().get();
String errorPage = response.readEntity(String.class);
response.close();
Assert.assertTrue(errorPage.contains("Error Page"));
client.close();
Assert.assertNotNull(ErrorServlet.authError);
SamlAuthenticationError error = (SamlAuthenticationError) ErrorServlet.authError;
Assert.assertEquals(SamlAuthenticationError.Reason.ERROR_STATUS, error.getReason());
Assert.assertNotNull(error.getStatus());
ErrorServlet.authError = null;
}
public void testMissingAssertionSignature() {
ErrorServlet.authError = null;
driver.navigate().to(APP_SERVER_BASE_URL + "/missing-assertion-sig/");
assertAtLoginPagePostBinding();
loginPage.login("bburke", "password");
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/missing-assertion-sig/saml");
System.out.println(driver.getPageSource());
Assert.assertNotNull(ErrorServlet.authError);
SamlAuthenticationError error = (SamlAuthenticationError) ErrorServlet.authError;
Assert.assertEquals(SamlAuthenticationError.Reason.INVALID_SIGNATURE, error.getReason());
ErrorServlet.authError = null;
}
public void testPostBadRealmSignature() {
ErrorServlet.authError = null;
driver.navigate().to(APP_SERVER_BASE_URL + "/bad-realm-sales-post-sig/");
assertEquals(driver.getCurrentUrl(), AUTH_SERVER_URL + "/realms/demo/protocol/saml");
loginPage.login("bburke", "password");
assertEquals(driver.getCurrentUrl(), APP_SERVER_BASE_URL + "/bad-realm-sales-post-sig/");
System.out.println(driver.getPageSource());
Assert.assertNotNull(ErrorServlet.authError);
SamlAuthenticationError error = (SamlAuthenticationError) ErrorServlet.authError;
Assert.assertEquals(SamlAuthenticationError.Reason.INVALID_SIGNATURE, error.getReason());
ErrorServlet.authError = null;
}