/** Test that the condition is properly added if there are multiple assertions in the response. */
  @Test
  public void testMultipleAssertion() throws Exception {
    final Response response = SAML1ActionTestingSupport.buildResponse();
    response.getAssertions().add(SAML1ActionTestingSupport.buildAssertion());
    response.getAssertions().add(SAML1ActionTestingSupport.buildAssertion());
    response.getAssertions().add(SAML1ActionTestingSupport.buildAssertion());

    final ProfileRequestContext prc =
        new RequestContextBuilder().setOutboundMessage(response).buildProfileRequestContext();

    action.execute(prc);
    ActionTestingSupport.assertProceedEvent(prc);

    Assert.assertNotNull(response.getAssertions());
    Assert.assertEquals(response.getAssertions().size(), 3);

    for (Assertion assertion : response.getAssertions()) {
      Assert.assertNotNull(assertion.getConditions());
      Assert.assertEquals(assertion.getConditions().getAudienceRestrictionConditions().size(), 1);
      final AudienceRestrictionCondition audcond =
          assertion.getConditions().getAudienceRestrictionConditions().get(0);
      Assert.assertEquals(audcond.getAudiences().size(), 2);
      Assert.assertEquals(audcond.getAudiences().get(0).getUri(), AUDIENCE1);
      Assert.assertEquals(audcond.getAudiences().get(1).getUri(), AUDIENCE2);
    }
  }
  /** Test that an addition condition is not added if an assertion already contains one. */
  @Test
  public void testSingleAssertionWithExistingAudienceCondition() throws Exception {
    final SAMLObjectBuilder<AudienceRestrictionCondition> conditionBuilder =
        (SAMLObjectBuilder<AudienceRestrictionCondition>)
            XMLObjectProviderRegistrySupport.getBuilderFactory()
                .getBuilder(AudienceRestrictionCondition.DEFAULT_ELEMENT_NAME);
    final AudienceRestrictionCondition condition = conditionBuilder.buildObject();

    final SAMLObjectBuilder<Conditions> conditionsBuilder =
        (SAMLObjectBuilder<Conditions>)
            XMLObjectProviderRegistrySupport.getBuilderFactory()
                .getBuilder(Conditions.DEFAULT_ELEMENT_NAME);
    final Conditions conditions = conditionsBuilder.buildObject();
    conditions.getAudienceRestrictionConditions().add(condition);

    final Assertion assertion = SAML1ActionTestingSupport.buildAssertion();
    assertion.setConditions(conditions);

    final Response response = SAML1ActionTestingSupport.buildResponse();
    response.getAssertions().add(assertion);

    final ProfileRequestContext prc =
        new RequestContextBuilder().setOutboundMessage(response).buildProfileRequestContext();

    action.execute(prc);
    ActionTestingSupport.assertProceedEvent(prc);

    Assert.assertNotNull(assertion.getConditions());
    Assert.assertEquals(assertion.getConditions().getAudienceRestrictionConditions().size(), 1);
    final AudienceRestrictionCondition audcond =
        assertion.getConditions().getAudienceRestrictionConditions().get(0);
    Assert.assertEquals(audcond.getAudiences().size(), 2);
    Assert.assertEquals(audcond.getAudiences().get(0).getUri(), AUDIENCE1);
    Assert.assertEquals(audcond.getAudiences().get(1).getUri(), AUDIENCE2);
  }
Exemplo n.º 3
0
 /**
  * New conditions element.
  *
  * @param issuedAt the issued at
  * @param audienceUri the service id
  * @param issueLength the issue length
  * @return the conditions
  */
 public Conditions newConditions(
     final ZonedDateTime issuedAt, final String audienceUri, final long issueLength) {
   final Conditions conditions = newSamlObject(Conditions.class);
   conditions.setNotBefore(DateTimeUtils.dateTimeOf(issuedAt));
   conditions.setNotOnOrAfter(
       DateTimeUtils.dateTimeOf(issuedAt.plus(issueLength, ChronoUnit.MILLIS)));
   final AudienceRestrictionCondition audienceRestriction =
       newSamlObject(AudienceRestrictionCondition.class);
   final Audience audience = newSamlObject(Audience.class);
   audience.setUri(audienceUri);
   audienceRestriction.getAudiences().add(audience);
   conditions.getAudienceRestrictionConditions().add(audienceRestriction);
   return conditions;
 }