X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=samltest%2Fsaml2%2Fprofile%2FSAML2PolicyTest.h;h=1a7c6cddaa3a0d4e92e822924687db06164090be;hb=f1208cd2f514700244816377443c4951dc22c848;hp=f4cc1d822c5377bd19f4383b4955691d20971e38;hpb=c3cd4ec3fa87d0ad3c6f65c1a5e15f548b1b6cc2;p=shibboleth%2Fcpp-opensaml.git diff --git a/samltest/saml2/profile/SAML2PolicyTest.h b/samltest/saml2/profile/SAML2PolicyTest.h index f4cc1d8..1a7c6cd 100644 --- a/samltest/saml2/profile/SAML2PolicyTest.h +++ b/samltest/saml2/profile/SAML2PolicyTest.h @@ -1,22 +1,27 @@ -/* - * Copyright 2001-2007 Internet2 +/** + * Licensed to the University Corporation for Advanced Internet + * Development, Inc. (UCAID) under one or more contributor license + * agreements. See the NOTICE file distributed with this work for + * additional information regarding copyright ownership. * - * Licensed under the Apache License, Version 2.0 (the "License"); - * you may not use this file except in compliance with the License. - * You may obtain a copy of the License at + * UCAID licenses this file to you under the Apache License, + * Version 2.0 (the "License"); you may not use this file except + * in compliance with the License. You may obtain a copy of the + * License at * - * http://www.apache.org/licenses/LICENSE-2.0 + * http://www.apache.org/licenses/LICENSE-2.0 * - * Unless required by applicable law or agreed to in writing, software - * distributed under the License is distributed on an "AS IS" BASIS, - * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - * See the License for the specific language governing permissions and - * limitations under the License. + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, + * either express or implied. See the License for the specific + * language governing permissions and limitations under the License. */ #include "internal.h" #include +#include #include #include @@ -24,18 +29,18 @@ using namespace opensaml; class SAML2PolicyTest : public CxxTest::TestSuite { SecurityPolicy* m_policy; - SecurityPolicyRule* m_rule; + vector m_rules; public: void setUp() { - m_policy = NULL; - m_rule = NULL; - m_rule = SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(CONDITIONS_POLICY_RULE, NULL); + m_policy = nullptr; + m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(CONDITIONS_POLICY_RULE, nullptr)); + m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(BEARER_POLICY_RULE, nullptr)); m_policy = new SecurityPolicy(); - m_policy->getRules().push_back(m_rule); + m_policy->getRules().assign(m_rules.begin(), m_rules.end()); } void tearDown() { - delete m_rule; + for_each(m_rules.begin(), m_rules.end(), xmltooling::cleanup()); delete m_policy; } @@ -51,10 +56,18 @@ public: ); janitor.release(); + auto_ptr_XMLCh requestID("_12345"); + m_policy->setCorrelationID(requestID.get()); + TSM_ASSERT_THROWS("Policy should have tripped on AudienceRestriction", m_policy->evaluate(*assertion.get()), SecurityPolicyException); auto_ptr_XMLCh recipient("https://sp.example.org"); - m_policy->setRecipient(recipient.get()); + m_policy->getAudiences().push_back(recipient.get()); + TSM_ASSERT_THROWS("Policy should have tripped on InResponseTo correlation", m_policy->evaluate(*assertion.get()), SecurityPolicyException); + + dynamic_cast( + assertion->getSubject()->getSubjectConfirmations().front()->getSubjectConfirmationData() + )->setInResponseTo(requestID.get()); m_policy->evaluate(*assertion.get()); } catch (exception& ex) {