Refactor signature engines.

[shibboleth/cpp-opensaml.git] / samltest / security / ExplicitKeyTrustEngineTest.h

diff --git a/samltest/security/ExplicitKeyTrustEngineTest.h b/samltest/security/ExplicitKeyTrustEngineTest.h
index 78271bf..0af1958 100644 (file)
--- a/samltest/security/ExplicitKeyTrustEngineTest.h
+++ b/samltest/security/ExplicitKeyTrustEngineTest.h
@@ -1,5 +1,5 @@
 /*
- *  Copyright 2001-2006 Internet2
+ *  Copyright 2001-2007 Internet2
  * 
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -18,8 +18,9 @@
 #include <saml/SAMLConfig.h>
 #include <saml/saml2/core/Assertions.h>
 #include <saml/saml2/metadata/Metadata.h>
+#include <saml/saml2/metadata/MetadataCredentialCriteria.h>
 #include <saml/saml2/metadata/MetadataProvider.h>
-#include <xmltooling/security/TrustEngine.h>
+#include <xmltooling/security/SignatureTrustEngine.h>
 
 using namespace opensaml::saml2;
 using namespace opensaml::saml2md;
@@ -36,7 +37,7 @@ public:
     }
 
     void testExplicitKeyTrustEngine() {
-        string config = data_path + "security/FilesystemMetadataProvider.xml";
+        string config = data_path + "security/XMLMetadataProvider.xml";
         ifstream in(config.c_str());
         DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in);
         XercesJanitor<DOMDocument> janitor(doc);
@@ -48,7 +49,7 @@ public:
 
         // Build metadata provider.
         auto_ptr<MetadataProvider> metadataProvider(
-            SAMLConfig::getConfig().MetadataProviderManager.newPlugin(FILESYSTEM_METADATA_PROVIDER,doc->getDocumentElement())
+            opensaml::SAMLConfig::getConfig().MetadataProviderManager.newPlugin(XML_METADATA_PROVIDER,doc->getDocumentElement())
             );
         try {
             metadataProvider->init();
@@ -80,7 +81,10 @@ public:
         
         Signature* sig=assertion->getSignature();
         TSM_ASSERT("Signature not present", sig!=NULL);
-        TSM_ASSERT("Signature failed to validate.", trustEngine->validate(*sig, *role, metadataProvider->getKeyResolver()));
+
+        MetadataCredentialCriteria cc(*role);
+        cc.setPeerName("https://idp.example.org");
+        TSM_ASSERT("Signature failed to validate.", dynamic_cast<SignatureTrustEngine*>(trustEngine.get())->validate(*sig, *metadataProvider, &cc));
 
         descriptor = metadataProvider->getEntityDescriptor("https://idp2.example.org");
         TSM_ASSERT("Retrieved entity descriptor was null", descriptor!=NULL);
@@ -88,6 +92,8 @@ public:
         role=descriptor->getIDPSSODescriptors().front();
         TSM_ASSERT("Role not present", role!=NULL);
 
-        TSM_ASSERT("Signature validated.", !trustEngine->validate(*sig, *role, metadataProvider->getKeyResolver()));
+        MetadataCredentialCriteria cc2(*role);
+        cc2.setPeerName("https://idp2.example.org");
+        TSM_ASSERT("Signature validated.", !dynamic_cast<SignatureTrustEngine*>(trustEngine.get())->validate(*sig, *metadataProvider, &cc2));
     }
 };