-/*
- * Copyright 2001-2006 Internet2
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-#include "internal.h"
-
-#include <saml/SAMLConfig.h>
-#include <saml/binding/MessageDecoder.h>
-#include <saml/binding/MessageEncoder.h>
-#include <saml/binding/URLEncoder.h>
-#include <saml/saml2/metadata/MetadataProvider.h>
-#include <saml/security/X509TrustEngine.h>
-
-using namespace saml2md;
-using namespace xmlsignature;
-
-class SAMLBindingBaseTestCase : public MessageDecoder::HTTPRequest, public MessageEncoder::HTTPResponse
-{
-protected:
- CredentialResolver* m_creds;
- MetadataProvider* m_metadata;
- opensaml::X509TrustEngine* m_trust;
- map<string,string> m_fields;
- map<string,string> m_headers;
- string m_method,m_url;
-
-public:
- void setUp() {
- m_creds=NULL;
- m_metadata=NULL;
- m_trust=NULL;
- m_fields.clear();
- m_headers.clear();
- m_method.erase();
- m_url.erase();
-
- try {
- string config = data_path + "binding/ExampleMetadataProvider.xml";
- ifstream in(config.c_str());
- DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in);
- XercesJanitor<DOMDocument> janitor(doc);
-
- auto_ptr_XMLCh path("path");
- string s = data_path + "binding/example-metadata.xml";
- auto_ptr_XMLCh file(s.c_str());
- doc->getDocumentElement()->setAttributeNS(NULL,path.get(),file.get());
-
- m_metadata = SAMLConfig::getConfig().MetadataProviderManager.newPlugin(
- FILESYSTEM_METADATA_PROVIDER,doc->getDocumentElement()
- );
- m_metadata->init();
-
- config = data_path + "FilesystemCredentialResolver.xml";
- ifstream in2(config.c_str());
- DOMDocument* doc2=XMLToolingConfig::getConfig().getParser().parse(in2);
- XercesJanitor<DOMDocument> janitor2(doc2);
- m_creds = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(
- FILESYSTEM_CREDENTIAL_RESOLVER,doc2->getDocumentElement()
- );
-
- m_trust = dynamic_cast<X509TrustEngine*>(
- SAMLConfig::getConfig().TrustEngineManager.newPlugin(EXPLICIT_KEY_SAMLTRUSTENGINE, NULL)
- );
- }
- catch (XMLToolingException& ex) {
- TS_TRACE(ex.what());
- tearDown();
- throw;
- }
-
- }
-
- void tearDown() {
- delete m_creds;
- delete m_metadata;
- delete m_trust;
- m_creds=NULL;
- m_metadata=NULL;
- m_trust=NULL;
- m_fields.clear();
- m_headers.clear();
- m_method.erase();
- m_url.erase();
- }
-
- // HTTPRequest methods
-
- const char* getMethod() const {
- return m_method.c_str();
- }
-
- const char* getRequestURL() const {
- return m_url.c_str();
- }
-
- const char* getRequestBody() const {
- return NULL;
- }
-
- const char* getQueryString() const {
- return NULL;
- }
-
- string getRemoteUser() const {
- return "";
- }
-
- string getHeader(const char* name) const {
- map<string,string>::const_iterator i=m_headers.find(name);
- return i==m_headers.end() ? "" : i->second;
- }
-
- const char* getParameter(const char* name) const {
- map<string,string>::const_iterator i=m_fields.find(name);
- return i==m_fields.end() ? NULL : i->second.c_str();
- }
-
- vector<const char*>::size_type getParameters(const char* name, vector<const char*>& values) const {
- values.clear();
- map<string,string>::const_iterator i=m_fields.find(name);
- if (i!=m_fields.end())
- values.push_back(i->second.c_str());
- return values.size();
- }
-
- // HTTPResponse methods
-
- void setHeader(const char* name, const char* value) {
- m_headers[name] = value ? value : "";
- }
-
- void setCookie(const char* name, const char* value) {
- m_headers["Set-Cookie"] = string(name) + "=" + (value ? value : "");
- }
-
- // The amount of error checking missing from this is incredible, but as long
- // as the test data isn't unexpected or malformed, it should work.
-
- long sendRedirect(const char* url) {
- m_method = "GET";
- char* dup = strdup(url);
- char* pch = strchr(dup,'?');
- if (pch) {
- *pch++=0;
- char* name=pch;
- while (name && *name) {
- pch=strchr(pch,'=');
- *pch++=0;
- char* value=pch;
- pch=strchr(pch,'&');
- if (pch)
- *pch++=0;
- SAMLConfig::getConfig().getURLEncoder()->decode(value);
- m_fields[name] = value;
- name = pch;
- }
- }
- m_url = dup;
- free(dup);
- return m_fields.size();
- }
-
- string html_decode(const string& s) const {
- string decoded;
- const char* ch=s.c_str();
- while (*ch) {
- if (*ch=='&') {
- if (!strncmp(ch,"<",4)) {
- decoded+='<'; ch+=4;
- }
- else if (!strncmp(ch,">",4)) {
- decoded+='>'; ch+=4;
- }
- else if (!strncmp(ch,""",6)) {
- decoded+='"'; ch+=6;
- }
- else if (*++ch=='#') {
- decoded+=(char)atoi(++ch);
- ch=strchr(ch,';')+1;
- }
- }
- else {
- decoded+=*ch++;
- }
- }
- return decoded;
- }
-
- long sendResponse(std::istream& inputStream, int status = 200, const char* contentType = "text/html") {
- m_method="POST";
- string page,line;
- while (getline(inputStream,line))
- page += line + '\n';
-
- const char* pch=strstr(page.c_str(),"action=\"");
- pch+=strlen("action=\"");
- m_url = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));
-
- while (pch=strstr(pch,"<input type=\"hidden\" name=\"")) {
- pch+=strlen("<input type=\"hidden\" name=\"");
- string name = page.substr(pch-page.c_str(),strchr(pch,'"')-pch);
- pch=strstr(pch,"value=\"");
- pch+=strlen("value=\"");
- m_fields[name] = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));
- }
- return m_fields.size();
- }
-};
+/*\r
+ * Copyright 2001-2007 Internet2\r
+ * \r
+ * Licensed under the Apache License, Version 2.0 (the "License");\r
+ * you may not use this file except in compliance with the License.\r
+ * You may obtain a copy of the License at\r
+ *\r
+ * http://www.apache.org/licenses/LICENSE-2.0\r
+ *\r
+ * Unless required by applicable law or agreed to in writing, software\r
+ * distributed under the License is distributed on an "AS IS" BASIS,\r
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.\r
+ * See the License for the specific language governing permissions and\r
+ * limitations under the License.\r
+ */\r
+\r
+#include "internal.h"\r
+\r
+#include <saml/SAMLConfig.h>\r
+#include <saml/binding/MessageDecoder.h>\r
+#include <saml/binding/MessageEncoder.h>\r
+#include <saml/binding/SecurityPolicyRule.h>\r
+#include <saml/saml2/metadata/Metadata.h>\r
+#include <saml/saml2/metadata/MetadataProvider.h>\r
+#include <xmltooling/io/HTTPRequest.h>\r
+#include <xmltooling/io/HTTPResponse.h>\r
+#include <xmltooling/security/TrustEngine.h>\r
+#include <xmltooling/util/URLEncoder.h>\r
+\r
+using namespace opensaml::saml2md;\r
+using namespace opensaml;\r
+using namespace xmlsignature;\r
+\r
+class SAMLBindingBaseTestCase : public HTTPRequest, public HTTPResponse\r
+{\r
+protected:\r
+ CredentialResolver* m_creds; \r
+ MetadataProvider* m_metadata;\r
+ TrustEngine* m_trust;\r
+ map<string,string> m_fields;\r
+ map<string,string> m_headers;\r
+ string m_method,m_url,m_query;\r
+ vector<XSECCryptoX509*> m_clientCerts;\r
+ vector<const SecurityPolicyRule*> m_rules;\r
+\r
+public:\r
+ void setUp() {\r
+ m_creds=NULL;\r
+ m_metadata=NULL;\r
+ m_trust=NULL;\r
+ m_fields.clear();\r
+ m_headers.clear();\r
+ m_method.erase();\r
+ m_url.erase();\r
+ m_query.erase();\r
+\r
+ try {\r
+ string config = data_path + "binding/ExampleMetadataProvider.xml";\r
+ ifstream in(config.c_str());\r
+ DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in);\r
+ XercesJanitor<DOMDocument> janitor(doc);\r
+ \r
+ auto_ptr_XMLCh path("path");\r
+ string s = data_path + "binding/example-metadata.xml";\r
+ auto_ptr_XMLCh file(s.c_str());\r
+ doc->getDocumentElement()->setAttributeNS(NULL,path.get(),file.get());\r
+ \r
+ m_metadata = SAMLConfig::getConfig().MetadataProviderManager.newPlugin(\r
+ XML_METADATA_PROVIDER,doc->getDocumentElement()\r
+ );\r
+ m_metadata->init();\r
+\r
+ config = data_path + "FilesystemCredentialResolver.xml";\r
+ ifstream in2(config.c_str());\r
+ DOMDocument* doc2=XMLToolingConfig::getConfig().getParser().parse(in2);\r
+ XercesJanitor<DOMDocument> janitor2(doc2);\r
+ m_creds = XMLToolingConfig::getConfig().CredentialResolverManager.newPlugin(\r
+ FILESYSTEM_CREDENTIAL_RESOLVER,doc2->getDocumentElement()\r
+ );\r
+ \r
+ m_trust = XMLToolingConfig::getConfig().TrustEngineManager.newPlugin(EXPLICIT_KEY_TRUSTENGINE, NULL);\r
+\r
+ m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(MESSAGEFLOW_POLICY_RULE,NULL));\r
+ m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(SIMPLESIGNING_POLICY_RULE,NULL));\r
+ m_rules.push_back(SAMLConfig::getConfig().SecurityPolicyRuleManager.newPlugin(XMLSIGNING_POLICY_RULE,NULL));\r
+ }\r
+ catch (XMLToolingException& ex) {\r
+ TS_TRACE(ex.what());\r
+ tearDown();\r
+ throw;\r
+ }\r
+\r
+ }\r
+ \r
+ void tearDown() {\r
+ for_each(m_rules.begin(), m_rules.end(), xmltooling::cleanup<SecurityPolicyRule>());\r
+ m_rules.clear();\r
+ delete m_creds;\r
+ delete m_metadata;\r
+ delete m_trust;\r
+ m_creds=NULL;\r
+ m_metadata=NULL;\r
+ m_trust=NULL;\r
+ m_fields.clear();\r
+ m_headers.clear();\r
+ m_method.erase();\r
+ m_url.erase();\r
+ m_query.erase();\r
+ }\r
+\r
+ // HTTPRequest methods\r
+\r
+ const char* getMethod() const {\r
+ return m_method.c_str();\r
+ }\r
+\r
+ const char* getScheme() const {\r
+ return "https";\r
+ }\r
+\r
+ const char* getHostname() const {\r
+ return "localhost";\r
+ }\r
+\r
+ int getPort() const {\r
+ return 443;\r
+ }\r
+\r
+ string getContentType() const {\r
+ return "application/x-www-form-urlencoded";\r
+ }\r
+\r
+ long getContentLength() const {\r
+ return -1;\r
+ }\r
+\r
+ const char* getRequestURI() const {\r
+ return "/";\r
+ }\r
+\r
+ const char* getRequestURL() const {\r
+ return m_url.c_str();\r
+ }\r
+ \r
+ const char* getRequestBody() const {\r
+ return NULL;\r
+ }\r
+ \r
+ const char* getQueryString() const {\r
+ return m_query.c_str();\r
+ }\r
+ \r
+ string getRemoteUser() const {\r
+ return "";\r
+ }\r
+\r
+ string getRemoteAddr() const {\r
+ return "127.0.0.1";\r
+ }\r
+\r
+ const std::vector<XSECCryptoX509*>& getClientCertificates() const {\r
+ return m_clientCerts;\r
+ }\r
+\r
+ string getHeader(const char* name) const {\r
+ map<string,string>::const_iterator i=m_headers.find(name);\r
+ return i==m_headers.end() ? "" : i->second;\r
+ }\r
+ \r
+ const char* getParameter(const char* name) const {\r
+ map<string,string>::const_iterator i=m_fields.find(name);\r
+ return i==m_fields.end() ? NULL : i->second.c_str();\r
+ }\r
+\r
+ vector<const char*>::size_type getParameters(const char* name, vector<const char*>& values) const {\r
+ values.clear();\r
+ map<string,string>::const_iterator i=m_fields.find(name);\r
+ if (i!=m_fields.end())\r
+ values.push_back(i->second.c_str());\r
+ return values.size();\r
+ }\r
+ \r
+ // HTTPResponse methods\r
+ \r
+ void setResponseHeader(const char* name, const char* value) {\r
+ m_headers[name] = value ? value : "";\r
+ }\r
+\r
+ // The amount of error checking missing from this is incredible, but as long\r
+ // as the test data isn't unexpected or malformed, it should work.\r
+ \r
+ long sendRedirect(const char* url) {\r
+ m_method = "GET";\r
+ char* dup = strdup(url);\r
+ char* pch = strchr(dup,'?');\r
+ if (pch) {\r
+ *pch++=0;\r
+ m_query = pch;\r
+ char* name=pch;\r
+ while (name && *name) {\r
+ pch=strchr(pch,'=');\r
+ *pch++=0;\r
+ char* value=pch;\r
+ pch=strchr(pch,'&');\r
+ if (pch)\r
+ *pch++=0;\r
+ XMLToolingConfig::getConfig().getURLEncoder()->decode(value);\r
+ m_fields[name] = value;\r
+ name = pch; \r
+ }\r
+ }\r
+ m_url = dup;\r
+ free(dup);\r
+ return m_fields.size();\r
+ }\r
+ \r
+ string html_decode(const string& s) const {\r
+ string decoded;\r
+ const char* ch=s.c_str();\r
+ while (*ch) {\r
+ if (*ch=='&') {\r
+ if (!strncmp(ch,"<",4)) {\r
+ decoded+='<'; ch+=4;\r
+ }\r
+ else if (!strncmp(ch,">",4)) {\r
+ decoded+='>'; ch+=4;\r
+ }\r
+ else if (!strncmp(ch,""",6)) {\r
+ decoded+='"'; ch+=6;\r
+ }\r
+ else if (*++ch=='#') {\r
+ decoded+=(char)atoi(++ch);\r
+ ch=strchr(ch,';')+1;\r
+ }\r
+ }\r
+ else {\r
+ decoded+=*ch++;\r
+ }\r
+ }\r
+ return decoded;\r
+ }\r
+ \r
+ using HTTPResponse::sendResponse;\r
+\r
+ long sendResponse(std::istream& inputStream, long status) {\r
+ m_method="POST";\r
+ string page,line;\r
+ while (getline(inputStream,line))\r
+ page += line + '\n';\r
+ \r
+ const char* pch=strstr(page.c_str(),"action=\"");\r
+ pch+=strlen("action=\"");\r
+ m_url = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));\r
+\r
+ while (pch=strstr(pch,"<input type=\"hidden\" name=\"")) {\r
+ pch+=strlen("<input type=\"hidden\" name=\"");\r
+ string name = page.substr(pch-page.c_str(),strchr(pch,'"')-pch);\r
+ pch=strstr(pch,"value=\"");\r
+ pch+=strlen("value=\"");\r
+ m_fields[name] = html_decode(page.substr(pch-page.c_str(),strchr(pch,'"')-pch));\r
+ }\r
+ return m_fields.size();\r
+ }\r
+};\r