663a147a601be33c00d0bbed77180dded8d0a699
[java-idp.git] / tests / edu / internet2 / middleware / shibboleth / idp / SSOTest.java
1 /*
2  * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16 package edu.internet2.middleware.shibboleth.idp;
17
18 import java.io.File;
19
20 import org.apache.commons.codec.binary.Base64;
21
22 import edu.internet2.middleware.shibboleth.utils.FileUtils;
23
24 /**
25  * MockObject unit tests for Shibboleth IdP Single Sign On component
26  * 
27  * @author Will Norris (wnorris@memphis.edu)
28  */
29 public class SSOTest extends IdpTestCase {
30
31         /**
32          * Initialize SSO request object
33          */
34         private void initRequest() {
35                 request.setRemoteAddr("127.0.0.1");
36                 request.setContextPath("/shibboleth-idp");
37                 request.setProtocol("HTTP/1.1");
38                 request.setScheme("https");
39                 request.setServerName("idp.example.org");
40                 request.setServerPort(443);
41
42                 request.setMethod("GET");
43                 request.setRequestURL("https://idp.example.org/shibboleth-idp/SSO");
44                 request.setRequestURI("https://idp.example.org/shibboleth-idp/SSO");
45         }
46
47         /**
48          * Basic working SSO flow using Artifact
49          * 
50          * @throws Exception
51          */
52         public void testBasicSsoArtifactFlow() throws Exception {
53                 resetServlet("data/idp/blackbox/conf/standard");
54
55                 initRequest();
56                 request.setupAddParameter("target",
57                                 "https://sp.example.org/cgi-bin/login.cgi");
58                 request.setupAddParameter("shire",
59                                 "https://sp.example.org/Shibboleth.sso/SAML/Artifact");
60                 request.setupAddParameter("providerId", "urn:x-shibtest:SP");
61                 request.setRemoteUser("gpburdell");
62
63                 testModule.doGet();
64
65                 assertTrue(response
66                                 .getHeader("Location")
67                                 .matches(
68                                                 "https://sp.example.org/Shibboleth.sso/SAML/Artifact?.*"
69                                                                 + "TARGET=https%3A%2F%2Fsp.example.org%2Fcgi-bin%2Flogin.cgi"
70                                                                 + "&SAMLart=[^&]+" + "&SAMLart=[^&]+"));
71         }
72
73         /**
74          * Basic working SSO flow using POST
75          * 
76          * @throws Exception
77          */
78         public void testBasicSsoPostFlow() throws Exception {
79                 resetServlet("data/idp/blackbox/conf/ssoPost");
80
81                 initRequest();
82                 request.setupAddParameter("target",
83                                 "https://sp.example.org/cgi-bin/login.cgi");
84                 request.setupAddParameter("shire",
85                                 "https://sp.example.org/Shibboleth.sso/SAML/POST");
86                 request.setupAddParameter("providerId", "urn:x-shibtest:SP");
87                 request.setRemoteUser("gpburdell");
88
89                 testModule.doGet();
90
91                 String bin64assertion = (String) request.getAttribute("assertion");
92                 String assertion = new String(Base64.decodeBase64(bin64assertion
93                                 .getBytes()));
94
95                 assertTrue(responsesAreEqual(FileUtils.readFileToString(new File(
96                                 "data/idp/blackbox/sso/response01.txt"), "utf-8"), assertion));
97         }
98
99         /**
100          * Basic working 1.1 SSO flow
101          * 
102          * @throws Exception
103          */
104         public void testBasic11SsoFlow() throws Exception {
105                 resetServlet("data/idp/blackbox/conf/standard");
106
107                 initRequest();
108                 request.setupAddParameter("target",
109                                 "https://sp.example.org/cgi-bin/login.cgi");
110                 request.setupAddParameter("shire",
111                                 "https://sp.example.org/Shibboleth.shire");
112                 request.setRemoteUser("gpburdell");
113
114                 testModule.doGet();
115
116                 String bin64assertion = (String) request.getAttribute("assertion");
117                 String assertion = new String(Base64.decodeBase64(bin64assertion
118                                 .getBytes()));
119
120                 assertTrue(responsesAreEqual(FileUtils.readFileToString(new File(
121                                 "data/idp/blackbox/sso/response02.txt"), "utf-8"), assertion));
122         }
123
124         /**
125          * SSO flow with invalid SP Acceptance URL
126          * 
127          * @throws Exception
128          */
129         public void testSsoFlowWithInvalidSpAcceptanceUrl() throws Exception {
130                 resetServlet("data/idp/blackbox/conf/standard");
131
132                 initRequest();
133                 request.setupAddParameter("target",
134                                 "https://sp.example.org/cgi-bin/login.cgi");
135                 request.setupAddParameter("shire",
136                                 "https://invalid.edu/Shibboleth.sso/SAML/Artifact");
137                 request.setupAddParameter("providerId", "urn:x-shibtest:SP");
138                 request.setRemoteUser("gpburdell");
139
140                 testModule.doGet();
141
142                 assertEquals(
143                                 "org.opensaml.SAMLException: Invalid assertion consumer service URL.",
144                                 request.getAttribute("errorText"));
145         }
146
147         /**
148          * SSO flow with signed assertions
149          * 
150          * @throws Exception
151          */
152         public void testSsoFlowWithSignedAssertions() throws Exception {
153                 resetServlet("data/idp/blackbox/conf/signAssertions");
154
155                 initRequest();
156                 request.setupAddParameter("target",
157                                 "https://sp.example.org/cgi-bin/login.cgi");
158                 request.setupAddParameter("shire",
159                                 "https://sp.example.org/Shibboleth.sso/SAML/POST");
160                 request.setupAddParameter("providerId", "urn:x-shibtest:SP");
161                 request.setRemoteUser("gpburdell");
162
163                 testModule.doGet();
164
165                 String bin64assertion = (String) request.getAttribute("assertion");
166                 String assertion = new String(Base64.decodeBase64(bin64assertion
167                                 .getBytes()));
168
169                 assertTrue(responsesAreEqual(FileUtils.readFileToString(new File(
170                                 "data/idp/blackbox/sso/response03.txt"), "utf-8"), assertion));
171         }
172
173 }