public void testAutoCredentialCreation() {
AssertionCredentialsManager cm = null;
try {
cm = Utils.getAssertionCredentialsManager();
X509Certificate cert = cm.getIdPCertificate();
assertNotNull(cert);
assertNotNull(cm.getIdPKey());
String expectedSub = Utils.CA_SUBJECT_PREFIX + ",CN=" + AssertionCredentialsManager.CERT_DN;
assertEquals(expectedSub, cert.getSubjectDN().toString());
SAMLAssertion saml =
cm.getAuthenticationAssertion(TEST_UID, TEST_FIRST_NAME, TEST_LAST_NAME, TEST_EMAIL);
verifySAMLAssertion(saml, cm);
String xml = SAMLUtils.samlAssertionToString(saml);
SAMLAssertion saml2 = SAMLUtils.stringToSAMLAssertion(xml);
verifySAMLAssertion(saml2, cm);
} catch (Exception e) {
FaultUtil.printFault(e);
assertTrue(false);
} finally {
try {
cm.clearDatabase();
} catch (Exception e) {
e.printStackTrace();
}
}
}
public void testAutoCredentialCreationNoRenewal() {
AssertionCredentialsManager cm = null;
try {
IdentityProviderProperties props = Utils.getIdentityProviderProperties();
props.setAutoRenewAssertingCredentials(false);
cm = new AssertionCredentialsManager(props, ca, db);
X509Certificate cert = cm.getIdPCertificate();
assertNotNull(cert);
assertNotNull(cm.getIdPKey());
String expectedSub = Utils.CA_SUBJECT_PREFIX + ",CN=" + AssertionCredentialsManager.CERT_DN;
assertEquals(expectedSub, cert.getSubjectDN().toString());
String subject = cert.getSubjectDN().toString();
KeyPair pair = KeyUtil.generateRSAKeyPair1024();
GregorianCalendar cal = new GregorianCalendar();
Date start = cal.getTime();
cal.add(Calendar.SECOND, 2);
Date end = cal.getTime();
cm.deleteAssertingCredentials();
X509Certificate shortCert = ca.signCertificate(subject, pair.getPublic(), start, end);
cm.storeCredentials(shortCert, pair.getPrivate());
if (cert.equals(shortCert)) {
assertTrue(false);
}
Thread.sleep(2500);
assertTrue(CertUtil.isExpired(shortCert));
try {
cm.getIdPCertificate();
assertTrue(false);
} catch (DorianInternalFault fault) {
}
} catch (Exception e) {
FaultUtil.printFault(e);
assertTrue(false);
} finally {
try {
cm.clearDatabase();
} catch (Exception e) {
e.printStackTrace();
}
}
}
public void testAutoCredentialCreationRenew() {
AssertionCredentialsManager cm = null;
try {
cm = Utils.getAssertionCredentialsManager();
X509Certificate cert = cm.getIdPCertificate();
assertNotNull(cert);
assertNotNull(cm.getIdPKey());
String expectedSub = Utils.CA_SUBJECT_PREFIX + ",CN=" + AssertionCredentialsManager.CERT_DN;
assertEquals(expectedSub, cert.getSubjectDN().toString());
String subject = cert.getSubjectDN().toString();
KeyPair pair = KeyUtil.generateRSAKeyPair1024();
GregorianCalendar cal = new GregorianCalendar();
Date start = cal.getTime();
cal.add(Calendar.SECOND, 6);
Date end = cal.getTime();
cm.deleteAssertingCredentials();
X509Certificate shortCert = ca.signCertificate(subject, pair.getPublic(), start, end);
cm.storeCredentials(shortCert, pair.getPrivate());
X509Certificate idpShortCert = cm.getIdPCertificate();
assertEquals(shortCert, idpShortCert);
if (cert.equals(idpShortCert)) {
assertTrue(false);
}
Thread.sleep(6500);
assertTrue(CertUtil.isExpired(idpShortCert));
X509Certificate renewedCert = cm.getIdPCertificate();
assertNotNull(renewedCert);
PrivateKey renewedKey = cm.getIdPKey();
assertNotNull(renewedKey);
assertTrue(!CertUtil.isExpired(renewedCert));
if (renewedCert.equals(idpShortCert)) {
assertTrue(false);
}
if (renewedKey.equals(pair.getPrivate())) {
assertTrue(false);
}
SAMLAssertion saml =
cm.getAuthenticationAssertion(TEST_UID, TEST_FIRST_NAME, TEST_LAST_NAME, TEST_EMAIL);
verifySAMLAssertion(saml, cm);
String xml = SAMLUtils.samlAssertionToString(saml);
SAMLAssertion saml2 = SAMLUtils.stringToSAMLAssertion(xml);
verifySAMLAssertion(saml2, cm);
} catch (Exception e) {
FaultUtil.printFault(e);
assertTrue(false);
} finally {
try {
cm.clearDatabase();
} catch (Exception e) {
e.printStackTrace();
}
}
}