#include <saml/SAMLConfig.h>
#include <saml/binding/MessageDecoder.h>
#include <saml/binding/MessageEncoder.h>
+#include <saml/binding/URLEncoder.h>
#include <saml/saml2/metadata/MetadataProvider.h>
#include <saml/security/X509TrustEngine.h>
using namespace saml2md;
using namespace xmlsignature;
-class SAMLBindingBaseTestCase : public MessageDecoder::HTTPRequest
+class SAMLBindingBaseTestCase : public MessageDecoder::HTTPRequest, public MessageEncoder::HTTPResponse
{
protected:
CredentialResolver* m_creds;
MetadataProvider* m_metadata;
opensaml::X509TrustEngine* m_trust;
map<string,string> m_fields;
+ map<string,string> m_headers;
+ string m_method,m_url;
public:
void setUp() {
m_metadata=NULL;
m_trust=NULL;
m_fields.clear();
+ m_headers.clear();
+ m_method.erase();
+ m_url.erase();
try {
string config = data_path + "binding/ExampleMetadataProvider.xml";
m_metadata=NULL;
m_trust=NULL;
m_fields.clear();
+ m_headers.clear();
+ m_method.erase();
+ m_url.erase();
}
+ // HTTPRequest methods
+
+ const char* getMethod() const {
+ return m_method.c_str();
+ }
+
+ const char* getRequestURL() const {
+ return m_url.c_str();
+ }
+
+ const char* getRequestBody() const {
+ return NULL;
+ }
+
+ const char* getQueryString() const {
+ return NULL;
+ }
+
+ string getRemoteUser() const {
+ return "";
+ }
+
+ string getHeader(const char* name) const {
+ map<string,string>::const_iterator i=m_headers.find(name);
+ return i==m_headers.end() ? "" : i->second;
+ }
+
const char* getParameter(const char* name) const {
map<string,string>::const_iterator i=m_fields.find(name);
return i==m_fields.end() ? NULL : i->second.c_str();
values.push_back(i->second.c_str());
return values.size();
}
+
+ // HTTPResponse methods
+
+ void setHeader(const char* name, const char* value) {
+ m_headers[name] = value ? value : "";
+ }
+
+ void setCookie(const char* name, const char* value) {
+ m_headers["Set-Cookie"] = string(name) + "=" + (value ? value : "");
+ }
+
+ // The amount of error checking missing from this is incredible, but as long
+ // as the test data isn't unexpected or malformed, it should work.
+
+ long sendRedirect(const char* url) {
+ m_method = "GET";
+ char* dup = strdup(url);
+ char* pch = strchr(dup,'?');
+ if (pch) {
+ *pch++=0;
+ char* name=pch;
+ while (name && *name) {
+ pch=strchr(pch,'=');
+ *pch++=0;
+ char* value=pch;
+ pch=strchr(pch,'&');
+ if (pch)
+ *pch++=0;
+ SAMLConfig::getConfig().getURLEncoder()->decode(value);
+ m_fields[name] = value;
+ name = pch;
+ }
+ }
+ m_url = dup;
+ free(dup);
+ return m_fields.size();
+ }
+
+ string html_decode(const string& s) const {
+ string decoded;
+ const char* ch=s.c_str();
+ while (*ch) {
+ if (*ch=='&') {
+ if (!strncmp(ch,"<",4)) {
+ decoded+='<'; ch+=4;
+ }
+ else if (!strncmp(ch,">",4)) {
+ decoded+='>'; ch+=4;
+ }
+ else if (!strncmp(ch,""",6)) {
+ decoded+='"'; ch+=6;
+ }
+ else if (*++ch=='#') {
+ decoded+=(char)atoi(++ch);
+ ch=strchr(ch,';')+1;
+ }
+ }
+ else {
+ decoded+=*ch++;
+ }
+ }
+ return decoded;
+ }
+
+ long sendResponse(std::istream& inputStream, int status = 200, const char* contentType = "text/html") {
+ m_method="POST";
+ string page,line;
+ while (getline(inputStream,line))
+ page += line + '\n';
+
+ const char* pch=strstr(page.c_str(),"action=\"");
+ pch+=strlen("action=\"");
+ m_url = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));
+
+ while (pch=strstr(pch,"<input type=\"hidden\" name=\"")) {
+ pch+=strlen("<input type=\"hidden\" name=\"");
+ string name = page.substr(pch-page.c_str(),strchr(pch,'"')-pch);
+ pch=strstr(pch,"value=\"");
+ pch+=strlen("value=\"");
+ m_fields[name] = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));
+ }
+ return m_fields.size();
+ }
};