X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=samltest%2Fbinding.h;h=33551445b74205cc625fcdee853ab6d60daf0738;hb=19a320b1a8d5c733503a4b1aa842865d59b25d24;hp=474e88294c74f1b6c3db6c59cf8d43b500a0b1f3;hpb=bce5046d6d2fd42e4b2b270bb2db557acfd4581c;p=shibboleth%2Fcpp-opensaml.git diff --git a/samltest/binding.h b/samltest/binding.h index 474e882..3355144 100644 --- a/samltest/binding.h +++ b/samltest/binding.h @@ -1,101 +1,271 @@ -/* - * Copyright 2001-2006 Internet2 - * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. - */ - -#include "internal.h" - -#include -#include -#include -#include -#include - -using namespace saml2md; -using namespace xmlsignature; - -class SAMLBindingBaseTestCase : public MessageDecoder::HTTPRequest -{ -protected: - CredentialResolver* m_creds; - MetadataProvider* m_metadata; - opensaml::X509TrustEngine* m_trust; - map m_fields; - -public: - void setUp() { - m_creds=NULL; - m_metadata=NULL; - m_trust=NULL; - m_fields.clear(); - - try { - string config = data_path + "binding/ExampleMetadataProvider.xml"; - ifstream in(config.c_str()); - DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in); - XercesJanitor janitor(doc); - - auto_ptr_XMLCh path("path"); - string s = data_path + "binding/example-metadata.xml"; - auto_ptr_XMLCh file(s.c_str()); - doc->getDocumentElement()->setAttributeNS(NULL,path.get(),file.get()); - - m_metadata = SAMLConfig::getConfig().MetadataProviderManager.newPlugin( - FILESYSTEM_METADATA_PROVIDER,doc->getDocumentElement() - ); - m_metadata->init(); - - config = data_path + "FilesystemCredentialResolver.xml"; - ifstream in2(config.c_str()); - DOMDocument* doc2=XMLToolingConfig::getConfig().getParser().parse(in2); - XercesJanitor janitor2(doc2); - m_creds = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin( - FILESYSTEM_CREDENTIAL_RESOLVER,doc2->getDocumentElement() - ); - - m_trust = dynamic_cast( - SAMLConfig::getConfig().TrustEngineManager.newPlugin(EXPLICIT_KEY_SAMLTRUSTENGINE, NULL) - ); - } - catch (XMLToolingException& ex) { - TS_TRACE(ex.what()); - tearDown(); - throw; - } - - } - - void tearDown() { - delete m_creds; - delete m_metadata; - delete m_trust; - m_creds=NULL; - m_metadata=NULL; - m_trust=NULL; - m_fields.clear(); - } - - const char* getParameter(const char* name) const { - map::const_iterator i=m_fields.find(name); - return i==m_fields.end() ? NULL : i->second.c_str(); - } - - vector::size_type getParameters(const char* name, vector& values) const { - values.clear(); - map::const_iterator i=m_fields.find(name); - if (i!=m_fields.end()) - values.push_back(i->second.c_str()); - return values.size(); - } -}; +/* + * Copyright 2001-2007 Internet2 + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +#include "internal.h" + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +using namespace opensaml::saml2md; +using namespace opensaml; +using namespace xmlsignature; + +class SAMLBindingBaseTestCase : public HTTPRequest, public HTTPResponse +{ +protected: + CredentialResolver* m_creds; + MetadataProvider* m_metadata; + TrustEngine* m_trust; + map m_fields; + map m_headers; + string m_method,m_url,m_query; + vector m_clientCerts; + vector m_rules1; + vector m_rules2; + +public: + void setUp() { + m_creds=NULL; + m_metadata=NULL; + m_trust=NULL; + m_fields.clear(); + m_headers.clear(); + m_method.erase(); + m_url.erase(); + m_query.erase(); + + try { + string config = data_path + "binding/ExampleMetadataProvider.xml"; + ifstream in(config.c_str()); + DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in); + XercesJanitor janitor(doc); + + auto_ptr_XMLCh path("path"); + string s = data_path + "binding/example-metadata.xml"; + auto_ptr_XMLCh file(s.c_str()); + doc->getDocumentElement()->setAttributeNS(NULL,path.get(),file.get()); + + m_metadata = SAMLConfig::getConfig().MetadataProviderManager.newPlugin( + XML_METADATA_PROVIDER,doc->getDocumentElement() + ); + m_metadata->init(); + + config = data_path + "FilesystemCredentialResolver.xml"; + ifstream in2(config.c_str()); + DOMDocument* doc2=XMLToolingConfig::getConfig().getParser().parse(in2); + XercesJanitor janitor2(doc2); + m_creds = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin( + FILESYSTEM_CREDENTIAL_RESOLVER,doc2->getDocumentElement() + ); + + m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(EXPLICIT_KEY_TRUSTENGINE, NULL); + + m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SAML1MESSAGE_POLICY_RULE,NULL)); + m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(MESSAGEFLOW_POLICY_RULE,NULL)); + m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SIMPLESIGNING_POLICY_RULE,NULL)); + m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(XMLSIGNING_POLICY_RULE,NULL)); + + m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SAML2MESSAGE_POLICY_RULE,NULL)); + m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(MESSAGEFLOW_POLICY_RULE,NULL)); + m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SIMPLESIGNING_POLICY_RULE,NULL)); + m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(XMLSIGNING_POLICY_RULE,NULL)); + } + catch (XMLToolingException& ex) { + TS_TRACE(ex.what()); + tearDown(); + throw; + } + + } + + void tearDown() { + for_each(m_rules1.begin(), m_rules1.end(), xmltooling::cleanup()); + m_rules1.clear(); + for_each(m_rules2.begin(), m_rules2.end(), xmltooling::cleanup()); + m_rules2.clear(); + delete m_creds; + delete m_metadata; + delete m_trust; + m_creds=NULL; + m_metadata=NULL; + m_trust=NULL; + m_fields.clear(); + m_headers.clear(); + m_method.erase(); + m_url.erase(); + m_query.erase(); + } + + // HTTPRequest methods + + const char* getMethod() const { + return m_method.c_str(); + } + + const char* getScheme() const { + return "https"; + } + + const char* getHostname() const { + return "localhost"; + } + + int getPort() const { + return 443; + } + + string getContentType() const { + return "application/x-www-form-urlencoded"; + } + + long getContentLength() const { + return -1; + } + + const char* getRequestURI() const { + return "/"; + } + + const char* getRequestURL() const { + return m_url.c_str(); + } + + const char* getRequestBody() const { + return NULL; + } + + const char* getQueryString() const { + return m_query.c_str(); + } + + string getRemoteUser() const { + return ""; + } + + string getRemoteAddr() const { + return "127.0.0.1"; + } + + const std::vector& getClientCertificates() const { + return m_clientCerts; + } + + string getHeader(const char* name) const { + map::const_iterator i=m_headers.find(name); + return i==m_headers.end() ? "" : i->second; + } + + const char* getParameter(const char* name) const { + map::const_iterator i=m_fields.find(name); + return i==m_fields.end() ? NULL : i->second.c_str(); + } + + vector::size_type getParameters(const char* name, vector& values) const { + values.clear(); + map::const_iterator i=m_fields.find(name); + if (i!=m_fields.end()) + values.push_back(i->second.c_str()); + return values.size(); + } + + // HTTPResponse methods + + void setResponseHeader(const char* name, const char* value) { + m_headers[name] = value ? value : ""; + } + + // The amount of error checking missing from this is incredible, but as long + // as the test data isn't unexpected or malformed, it should work. + + long sendRedirect(const char* url) { + m_method = "GET"; + char* dup = strdup(url); + char* pch = strchr(dup,'?'); + if (pch) { + *pch++=0; + m_query = pch; + char* name=pch; + while (name && *name) { + pch=strchr(pch,'='); + *pch++=0; + char* value=pch; + pch=strchr(pch,'&'); + if (pch) + *pch++=0; + XMLToolingConfig::getConfig().getURLEncoder()->decode(value); + m_fields[name] = value; + name = pch; + } + } + m_url = dup; + free(dup); + return m_fields.size(); + } + + string html_decode(const string& s) const { + string decoded; + const char* ch=s.c_str(); + while (*ch) { + if (*ch=='&') { + if (!strncmp(ch,"<",4)) { + decoded+='<'; ch+=4; + } + else if (!strncmp(ch,">",4)) { + decoded+='>'; ch+=4; + } + else if (!strncmp(ch,""",6)) { + decoded+='"'; ch+=6; + } + else if (*++ch=='#') { + decoded+=(char)atoi(++ch); + ch=strchr(ch,';')+1; + } + } + else { + decoded+=*ch++; + } + } + return decoded; + } + + long sendResponse(std::istream& inputStream, long status) { + m_method="POST"; + string page,line; + while (getline(inputStream,line)) + page += line + '\n'; + + const char* pch=strstr(page.c_str(),"action=\""); + pch+=strlen("action=\""); + m_url = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch)); + + while (pch=strstr(pch,"