@Test public void testX509Helpers() throws Exception { KeyPair keyPair = SAMLUtils.generateRandomKeyPair(); String privateKeyString = SAMLUtils.savePrivateKey(keyPair.getPrivate()); String publicKeyString = SAMLUtils.savePublicKey(keyPair.getPublic()); PrivateKey privateKey = SAMLUtils.loadPrivateKey(privateKeyString); PublicKey publicKey = SAMLUtils.loadPublicKey(publicKeyString); assertTrue(privateKey.equals(keyPair.getPrivate())); assertTrue(publicKey.equals(keyPair.getPublic())); }
@Test public void testAuthenticate() throws Exception { SAML2LoginAPIAuthenticatorCmd cmd = Mockito.spy(new SAML2LoginAPIAuthenticatorCmd()); Field apiServerField = SAML2LoginAPIAuthenticatorCmd.class.getDeclaredField("_apiServer"); apiServerField.setAccessible(true); apiServerField.set(cmd, apiServer); Field managerField = SAML2LoginAPIAuthenticatorCmd.class.getDeclaredField("_samlAuthManager"); managerField.setAccessible(true); managerField.set(cmd, samlAuthManager); Field accountServiceField = BaseCmd.class.getDeclaredField("_accountService"); accountServiceField.setAccessible(true); accountServiceField.set(cmd, accountService); Field domainMgrField = SAML2LoginAPIAuthenticatorCmd.class.getDeclaredField("_domainMgr"); domainMgrField.setAccessible(true); domainMgrField.set(cmd, domainMgr); Field userAccountDaoField = SAML2LoginAPIAuthenticatorCmd.class.getDeclaredField("_userAccountDao"); userAccountDaoField.setAccessible(true); userAccountDaoField.set(cmd, userAccountDao); String spId = "someSPID"; String url = "someUrl"; KeyPair kp = SAMLUtils.generateRandomKeyPair(); X509Certificate cert = SAMLUtils.generateRandomX509Certificate(kp); SAMLProviderMetadata providerMetadata = new SAMLProviderMetadata(); providerMetadata.setEntityId("random"); providerMetadata.setSigningCertificate(cert); providerMetadata.setEncryptionCertificate(cert); providerMetadata.setKeyPair(kp); providerMetadata.setSsoUrl("http://test.local"); providerMetadata.setSloUrl("http://test.local"); Mockito.when(session.getAttribute(Mockito.anyString())).thenReturn(null); Mockito.when(domain.getId()).thenReturn(1L); Mockito.when(domainMgr.getDomain(Mockito.anyString())).thenReturn(domain); UserAccountVO user = new UserAccountVO(); user.setId(1000L); Mockito.when(userAccountDao.getUserAccount(Mockito.anyString(), Mockito.anyLong())) .thenReturn(user); Mockito.when(apiServer.verifyUser(Mockito.anyLong())).thenReturn(false); Mockito.when(samlAuthManager.getSPMetadata()).thenReturn(providerMetadata); Mockito.when(samlAuthManager.getIdPMetadata(Mockito.anyString())).thenReturn(providerMetadata); Map<String, Object[]> params = new HashMap<String, Object[]>(); // SSO redirection test cmd.authenticate( "command", params, session, InetAddress.getByName("127.0.0.1"), HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp); Mockito.verify(resp, Mockito.times(1)).sendRedirect(Mockito.anyString()); // SSO SAMLResponse verification test, this should throw ServerApiException for auth failure params.put(SAMLPluginConstants.SAML_RESPONSE, new String[] {"Some String"}); Mockito.stub(cmd.processSAMLResponse(Mockito.anyString())).toReturn(buildMockResponse()); try { cmd.authenticate( "command", params, session, InetAddress.getByName("127.0.0.1"), HttpUtils.RESPONSE_TYPE_JSON, new StringBuilder(), req, resp); } catch (ServerApiException ignored) { } Mockito.verify(userAccountDao, Mockito.times(0)) .getUserAccount(Mockito.anyString(), Mockito.anyLong()); Mockito.verify(apiServer, Mockito.times(0)).verifyUser(Mockito.anyLong()); }