X-Git-Url: http://www.project-moonshot.org/gitweb/?p=shibboleth%2Fcpp-opensaml.git;a=blobdiff_plain;f=samltest%2Fsaml1%2Fbinding%2FSAML1POSTTest.h;h=e485a76079e809311a8ff2933a6a359f73ffb8a5;hp=f84bf8a5f5383eaf6d730792ee200c3d2e9c74e6;hb=1bc8e721db3a50294df852662e1eddcdbdae8f9f;hpb=c0b92549e28e1fca5e7c4a8d09dc06fd09f65292 diff --git a/samltest/saml1/binding/SAML1POSTTest.h b/samltest/saml1/binding/SAML1POSTTest.h index f84bf8a..e485a76 100644 --- a/samltest/saml1/binding/SAML1POSTTest.h +++ b/samltest/saml1/binding/SAML1POSTTest.h @@ -31,69 +31,11 @@ public: SAMLBindingBaseTestCase::tearDown(); } - void testSAML1POSTTrusted() { + void testSAML1POST() { try { - // Read message to use from file. - string path = data_path + "saml1/binding/SAML1Response.xml"; - ifstream in(path.c_str()); - DOMDocument* doc=XMLToolingConfig::getConfig().getParser().parse(in); - XercesJanitor janitor(doc); - auto_ptr toSend( - dynamic_cast(XMLObjectBuilder::buildOneFromElement(doc->getDocumentElement(),true)) - ); - janitor.release(); - - // Freshen timestamp. - toSend->setIssueInstant(time(NULL)); - - // Encode message. - auto_ptr_XMLCh lit1("MessageEncoder"); - auto_ptr_XMLCh lit2("template"); - path = data_path + "binding/template.html"; - auto_ptr_XMLCh lit3(path.c_str()); - DOMDocument* encoder_config = XMLToolingConfig::getConfig().getParser().newDocument(); - XercesJanitor janitor2(encoder_config); - encoder_config->appendChild(encoder_config->createElementNS(NULL,lit1.get())); - encoder_config->getDocumentElement()->setAttributeNS(NULL,lit2.get(),lit3.get()); - auto_ptr encoder( - SAMLConfig::getConfig().MessageEncoderManager.newPlugin( - samlconstants::SAML1_PROFILE_BROWSER_POST, encoder_config->getDocumentElement() - ) - ); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/POST","https://sp.example.org/","state",m_creds); - toSend.release(); - - // Decode message. - string relayState; - const RoleDescriptor* issuer=NULL; - const XMLCh* securityMech=NULL; QName idprole(samlconstants::SAML20MD_NS, IDPSSODescriptor::LOCAL_NAME); - auto_ptr decoder( - SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML1_PROFILE_BROWSER_POST, NULL) - ); - Locker locker(m_metadata); - auto_ptr response( - dynamic_cast( - decoder->decode(relayState,issuer,securityMech,*this,m_metadata,&idprole,m_trust) - ) - ); - - // Test the results. - TSM_ASSERT_EQUALS("TARGET was not the expected result.", relayState, "state"); - TSM_ASSERT("SAML Response not decoded successfully.", response.get()); - TSM_ASSERT("Message was not verified.", issuer && securityMech && securityMech==samlconstants::SAML1P_NS); - auto_ptr_char entityID(dynamic_cast(issuer->getParent())->getEntityID()); - TSM_ASSERT("Issuer was not expected.", !strcmp(entityID.get(),"https://idp.example.org/")); - TSM_ASSERT_EQUALS("Assertion count was not correct.", response->getAssertions().size(), 1); - } - catch (XMLToolingException& ex) { - TS_TRACE(ex.what()); - throw; - } - } + SecurityPolicy policy(m_rules, m_metadata, &idprole, m_trust); - void testSAML1POSTUntrusted() { - try { // Read message to use from file. string path = data_path + "saml1/binding/SAML1Response.xml"; ifstream in(path.c_str()); @@ -104,7 +46,7 @@ public: ); janitor.release(); - // Freshen timestamp and clear ID. + // Freshen timestamp and ID. toSend->setIssueInstant(time(NULL)); toSend->setResponseID(NULL); @@ -122,36 +64,27 @@ public: samlconstants::SAML1_PROFILE_BROWSER_POST, encoder_config->getDocumentElement() ) ); - encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/POST","https://sp.example.org/","state"); + encoder->encode(*this,toSend.get(),"https://sp.example.org/SAML/POST","https://sp.example.org/","state",m_creds); toSend.release(); // Decode message. string relayState; - const RoleDescriptor* issuer=NULL; - const XMLCh* securityMech=NULL; - QName idprole(samlconstants::SAML20MD_NS, IDPSSODescriptor::LOCAL_NAME); auto_ptr decoder( SAMLConfig::getConfig().MessageDecoderManager.newPlugin(samlconstants::SAML1_PROFILE_BROWSER_POST, NULL) ); Locker locker(m_metadata); - auto_ptr response( - dynamic_cast( - decoder->decode(relayState,issuer,securityMech,*this,m_metadata,&idprole) - ) - ); + auto_ptr response(dynamic_cast(decoder->decode(relayState,*this,policy))); // Test the results. TSM_ASSERT_EQUALS("TARGET was not the expected result.", relayState, "state"); TSM_ASSERT("SAML Response not decoded successfully.", response.get()); - TSM_ASSERT("Message was verified.", issuer && !securityMech); - auto_ptr_char entityID(dynamic_cast(issuer->getParent())->getEntityID()); + TSM_ASSERT("Message was not verified.", policy.getIssuer()!=NULL); + auto_ptr_char entityID(policy.getIssuer()->getName()); TSM_ASSERT("Issuer was not expected.", !strcmp(entityID.get(),"https://idp.example.org/")); TSM_ASSERT_EQUALS("Assertion count was not correct.", response->getAssertions().size(), 1); // Trigger a replay. - TSM_ASSERT_THROWS("Did not catch the replay.", - decoder->decode(relayState,issuer,securityMech,*this,m_metadata,&idprole,m_trust), - BindingException); + TSM_ASSERT_THROWS("Did not catch the replay.", decoder->decode(relayState,*this,policy), BindingException); } catch (XMLToolingException& ex) { TS_TRACE(ex.what());