2 * Copyright 2001-2006 Internet2
\r
4 * Licensed under the Apache License, Version 2.0 (the "License");
\r
5 * you may not use this file except in compliance with the License.
\r
6 * You may obtain a copy of the License at
\r
8 * http://www.apache.org/licenses/LICENSE-2.0
\r
10 * Unless required by applicable law or agreed to in writing, software
\r
11 * distributed under the License is distributed on an "AS IS" BASIS,
\r
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
\r
13 * See the License for the specific language governing permissions and
\r
14 * limitations under the License.
\r
17 #include "internal.h"
\r
19 #include <saml/SAMLConfig.h>
\r
20 #include <saml/binding/HTTPRequest.h>
\r
21 #include <saml/binding/HTTPResponse.h>
\r
22 #include <saml/binding/MessageDecoder.h>
\r
23 #include <saml/binding/MessageEncoder.h>
\r
24 #include <saml/binding/SecurityPolicyRule.h>
\r
25 #include <saml/binding/URLEncoder.h>
\r
26 #include <saml/saml2/metadata/Metadata.h>
\r
27 #include <saml/saml2/metadata/MetadataProvider.h>
\r
28 #include <xmltooling/security/TrustEngine.h>
\r
30 using namespace opensaml::saml2md;
\r
31 using namespace xmlsignature;
\r
33 class SAMLBindingBaseTestCase : public HTTPRequest, public HTTPResponse
\r
36 CredentialResolver* m_creds;
\r
37 MetadataProvider* m_metadata;
\r
38 TrustEngine* m_trust;
\r
39 map<string,string> m_fields;
\r
40 map<string,string> m_headers;
\r
41 string m_method,m_url,m_query;
\r
42 vector<XSECCryptoX509*> m_clientCerts;
\r
43 vector<const SecurityPolicyRule*> m_rules1;
\r
44 vector<const SecurityPolicyRule*> m_rules2;
\r
58 string config = data_path + "binding/ExampleMetadataProvider.xml";
\r
59 ifstream in(config.c_str());
\r
60 DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in);
\r
61 XercesJanitor<DOMDocument> janitor(doc);
\r
63 auto_ptr_XMLCh path("path");
\r
64 string s = data_path + "binding/example-metadata.xml";
\r
65 auto_ptr_XMLCh file(s.c_str());
\r
66 doc->getDocumentElement()->setAttributeNS(NULL,path.get(),file.get());
\r
68 m_metadata = SAMLConfig::getConfig().MetadataProviderManager.newPlugin(
\r
69 XML_METADATA_PROVIDER,doc->getDocumentElement()
\r
73 config = data_path + "FilesystemCredentialResolver.xml";
\r
74 ifstream in2(config.c_str());
\r
75 DOMDocument* doc2=XMLToolingConfig::getConfig().getParser().parse(in2);
\r
76 XercesJanitor<DOMDocument> janitor2(doc2);
\r
77 m_creds = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(
\r
78 FILESYSTEM_CREDENTIAL_RESOLVER,doc2->getDocumentElement()
\r
81 m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(EXPLICIT_KEY_TRUSTENGINE, NULL);
\r
83 m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SAML1MESSAGE_POLICY_RULE,NULL));
\r
84 m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(MESSAGEFLOW_POLICY_RULE,NULL));
\r
85 m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SIMPLESIGNING_POLICY_RULE,NULL));
\r
86 m_rules1.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(XMLSIGNING_POLICY_RULE,NULL));
\r
88 m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SAML2MESSAGE_POLICY_RULE,NULL));
\r
89 m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(MESSAGEFLOW_POLICY_RULE,NULL));
\r
90 m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SIMPLESIGNING_POLICY_RULE,NULL));
\r
91 m_rules2.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(XMLSIGNING_POLICY_RULE,NULL));
\r
93 catch (XMLToolingException& ex) {
\r
94 TS_TRACE(ex.what());
\r
102 for_each(m_rules1.begin(), m_rules1.end(), xmltooling::cleanup<SecurityPolicyRule>());
\r
104 for_each(m_rules2.begin(), m_rules2.end(), xmltooling::cleanup<SecurityPolicyRule>());
\r
119 // HTTPRequest methods
\r
121 const char* getMethod() const {
\r
122 return m_method.c_str();
\r
125 const char* getScheme() const {
\r
129 const char* getHostname() const {
\r
130 return "localhost";
\r
133 int getPort() const {
\r
137 string getContentType() const {
\r
138 return "application/x-www-form-urlencoded";
\r
141 long getContentLength() const {
\r
145 const char* getRequestURI() const {
\r
149 const char* getRequestURL() const {
\r
150 return m_url.c_str();
\r
153 const char* getRequestBody() const {
\r
157 const char* getQueryString() const {
\r
158 return m_query.c_str();
\r
161 string getRemoteUser() const {
\r
165 string getRemoteAddr() const {
\r
166 return "127.0.0.1";
\r
169 const std::vector<XSECCryptoX509*>& getClientCertificates() const {
\r
170 return m_clientCerts;
\r
173 string getHeader(const char* name) const {
\r
174 map<string,string>::const_iterator i=m_headers.find(name);
\r
175 return i==m_headers.end() ? "" : i->second;
\r
178 const char* getParameter(const char* name) const {
\r
179 map<string,string>::const_iterator i=m_fields.find(name);
\r
180 return i==m_fields.end() ? NULL : i->second.c_str();
\r
183 vector<const char*>::size_type getParameters(const char* name, vector<const char*>& values) const {
\r
185 map<string,string>::const_iterator i=m_fields.find(name);
\r
186 if (i!=m_fields.end())
\r
187 values.push_back(i->second.c_str());
\r
188 return values.size();
\r
191 // HTTPResponse methods
\r
193 void setResponseHeader(const char* name, const char* value) {
\r
194 m_headers[name] = value ? value : "";
\r
197 // The amount of error checking missing from this is incredible, but as long
\r
198 // as the test data isn't unexpected or malformed, it should work.
\r
200 long sendRedirect(const char* url) {
\r
202 char* dup = strdup(url);
\r
203 char* pch = strchr(dup,'?');
\r
208 while (name && *name) {
\r
209 pch=strchr(pch,'=');
\r
212 pch=strchr(pch,'&');
\r
215 SAMLConfig::getConfig().getURLEncoder()->decode(value);
\r
216 m_fields[name] = value;
\r
222 return m_fields.size();
\r
225 string html_decode(const string& s) const {
\r
227 const char* ch=s.c_str();
\r
230 if (!strncmp(ch,"<",4)) {
\r
231 decoded+='<'; ch+=4;
\r
233 else if (!strncmp(ch,">",4)) {
\r
234 decoded+='>'; ch+=4;
\r
236 else if (!strncmp(ch,""",6)) {
\r
237 decoded+='"'; ch+=6;
\r
239 else if (*++ch=='#') {
\r
240 decoded+=(char)atoi(++ch);
\r
241 ch=strchr(ch,';')+1;
\r
251 long sendResponse(std::istream& inputStream, long status) {
\r
254 while (getline(inputStream,line))
\r
255 page += line + '\n';
\r
257 const char* pch=strstr(page.c_str(),"action=\"");
\r
258 pch+=strlen("action=\"");
\r
259 m_url = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));
\r
261 while (pch=strstr(pch,"<input type=\"hidden\" name=\"")) {
\r
262 pch+=strlen("<input type=\"hidden\" name=\"");
\r
263 string name = page.substr(pch-page.c_str(),strchr(pch,'"')-pch);
\r
264 pch=strstr(pch,"value=\"");
\r
265 pch+=strlen("value=\"");
\r
266 m_fields[name] = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));
\r
268 return m_fields.size();
\r