b4314dbb58252b1584beb22d605432e1717f4335
[java-idp.git] / tests / edu / internet2 / middleware / shibboleth / integration / FileAssertionTest.java
1 /*
2  * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
3  *
4  * Licensed under the Apache License, Version 2.0 (the "License");
5  * you may not use this file except in compliance with the License.
6  * You may obtain a copy of the License at
7  *
8  * http://www.apache.org/licenses/LICENSE-2.0
9  *
10  * Unless required by applicable law or agreed to in writing, software
11  * distributed under the License is distributed on an "AS IS" BASIS,
12  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13  * See the License for the specific language governing permissions and
14  * limitations under the License.
15  */
16
17 package edu.internet2.middleware.shibboleth.integration;
18
19 import java.util.Date;
20 import java.util.Enumeration;
21 import java.util.Iterator;
22 import java.util.Map;
23
24 import javax.naming.directory.Attributes;
25 import javax.naming.directory.BasicAttribute;
26 import javax.servlet.http.HttpServletRequest;
27
28 import junit.framework.TestCase;
29
30 import org.apache.commons.codec.binary.Base64;
31 import org.apache.log4j.Level;
32 import org.opensaml.SAMLResponse;
33
34 import edu.internet2.middleware.shibboleth.resource.AuthenticationFilter;
35 import edu.internet2.middleware.shibboleth.resource.FilterSupport.NewSessionData;
36 import edu.internet2.middleware.shibboleth.runner.MadSignertest;
37 import edu.internet2.middleware.shibboleth.runner.ShibbolethRunner;
38 import edu.internet2.middleware.shibboleth.serviceprovider.AssertionConsumerServlet;
39 import edu.internet2.middleware.shibboleth.serviceprovider.ServiceProviderConfig;
40 import edu.internet2.middleware.shibboleth.serviceprovider.ServiceProviderContext;
41 import edu.internet2.middleware.shibboleth.serviceprovider.Session;
42
43 /**
44  * A JUnit test case that exercises the IdP, SP, and Filter
45  * @author Howard Gilbert
46  */
47 public class FileAssertionTest extends TestCase {
48     
49     // Create some constants, both as parameters and to test responses
50     private static final String GIVENNAME = "Bozo";
51     public static final String SURNAME = "Clown";
52     private static final String TITLE = "clown";
53     public static final String AFFILIATION = "member";
54     public static final String SP_ENTITY = "https://sp.example.org/shibboleth";
55     public static final String POST_SHIRE = "https://sp.example.org/shibboleth-sp/Shibboleth.sso/SAML/POST";
56     public static final String ARTIFACT_SHIRE = "https://sp.example.org/shibboleth-sp/Shibboleth.sso/SAML/Artifact";
57     public static final String TARGET = "https://nonsense";
58     public static final String NETID = "BozoTClown";
59     public static final String APPLICATIONID = "default";
60     
61     ShibbolethRunner runner;
62     ShibbolethRunner.SPTestContext consumer;
63     ShibbolethRunner.AuthenticationFilterContext filter;
64     private NewSessionData newSessionData = new NewSessionData();
65     ServiceProviderContext context;
66     ServiceProviderConfig config;
67     
68     
69     /**
70      * TestCase setUp
71      */
72     protected void setUp() throws Exception {
73         super.setUp();
74
75         // Static call to set Log4J appenders and levels
76         ShibbolethRunner.loglevel = Level.DEBUG;
77         ShibbolethRunner.setupLogging();
78         
79         // Create the overall testing framework
80         runner = new ShibbolethRunner();
81         
82         
83         // Initialize the SP with the default config file.
84         runner.setSpConfigFileName("/basicSpHome/spconfig.xml"); 
85         
86         // Use one of two forms to initialize the SP
87         // Only calling AssertionConsumerServlet.createSessionFromData
88             //runner.initializeSP(); 
89         // Using either MockRunner or direct call to SP
90             consumer = ShibbolethRunner.consumer = runner.new SPTestContext();
91         
92         context=ServiceProviderContext.getInstance();
93         config = context.getServiceProviderConfig();
94         
95         // Initialize the Filter and create its separate
96         // Mockrunner simulated context. 
97         filter= runner.getFilter();
98             // Note: If you are going to change the Filter init-param
99             // values, do it here before calling setUp()
100         filter.setUp();
101   
102         newSessionData.applicationId=APPLICATIONID;
103         newSessionData.providerId=SP_ENTITY;
104           
105         
106         // Create the static collection of Attributes that are 
107         // returned by the IdP for every principal.
108         // This could be done in each test, just as long as it
109         // is done before the SSO.
110         Attributes attributes = runner.getAttributesCollection();
111         attributes.put(new BasicAttribute("eduPersonAffiliation", AFFILIATION));
112         // scoped
113         attributes.put(new BasicAttribute("eduPersonScopedAffiliation", AFFILIATION));
114         attributes.put(new BasicAttribute("title", TITLE));
115         attributes.put(new BasicAttribute("givenName", GIVENNAME));
116         attributes.put(new BasicAttribute("surname", SURNAME));
117         // not in AAP
118         attributes.put(new BasicAttribute("unacceptable","nonsense"));
119         // not in ARP
120         attributes.put(new BasicAttribute("unreleasable","foolishness"));
121     }
122     
123     /**
124      * Test the Post Profile, Attribute Push
125      * <p>Run SSO, call AssertionConsumerServlet directly, then Run Filter</p>
126      */
127     public void testAttributePush() throws Exception {
128         
129         MadSignertest signer = new MadSignertest("src/conf/idp-example.jks","exampleorg");
130         SAMLResponse samlresponse = 
131             signer.signResponseFile("data/AttributePushAssertion.xml", 
132                     "tomcat", new Date());
133         
134         
135         String bin64assertion = new String(samlresponse.toBase64());
136         String assertion = new String(Base64.decodeBase64(bin64assertion.getBytes()));
137         
138         newSessionData.SAMLResponse = bin64assertion; 
139         newSessionData.target=TARGET;
140         newSessionData.handlerURL=POST_SHIRE;
141         
142         // Create the session, extract pushed Attributes 
143         String sessionId = AssertionConsumerServlet.createSessionFromData(newSessionData);
144         
145         // Now get what was created in case you want to test it.
146         Session session = context.getSessionManager().findSession(sessionId, APPLICATIONID);
147         checkSession(session);
148         
149         // Pass the SessionId to the Filter, let it fetch the attributes
150         filter.resetRequest("test.txt");
151         filter.testModule.addRequestParameter(AuthenticationFilter.SESSIONPARM, sessionId);
152         filter.request.setMethod("GET");
153         filter.testModule.doFilter();
154         
155             /*
156              * Sanity Check: doFilter runs just the Filter itself. On 
157              * input there was a Request and Response. When done, there
158              * will be a replacement Request object created by the Filter
159              * wrapping the original request and adding features.
160              */
161
162         checkFilter();
163     }
164     
165     /**
166      * Verify correct operation of Filter and wrapped Request object,
167      * including attributes and headers.
168      */
169     private void checkFilter() {
170         // Get the Request Wrapper object created by the Filter
171         HttpServletRequest filteredRequest = 
172             (HttpServletRequest) filter.testModule.getFilteredRequest();
173         
174         assertEquals(NETID,filteredRequest.getRemoteUser());
175         assertEquals(NETID,filteredRequest.getHeader("REMOTE_USER"));
176         assertEquals(SURNAME,filteredRequest.getHeader("Shib-Person-surname"));
177         assertEquals(GIVENNAME,filteredRequest.getHeader("Shib-InetOrgPerson-givenName"));
178         assertEquals(TITLE,filteredRequest.getHeader("Shib-OrgPerson-title"));
179         
180         Map attributes = (Map) filteredRequest.getAttribute(AuthenticationFilter.SHIB_ATTRIBUTES_PREFIX);
181         Iterator iterator = attributes.entrySet().iterator();
182         while (iterator.hasNext()) {
183             Map.Entry entry = (Map.Entry) iterator.next();
184             String key = (String) entry.getKey();
185             String value = (String) entry.getValue();
186             System.out.println(key+" : "+value);
187         }
188         
189         
190         Enumeration headerNames = filteredRequest.getHeaderNames();
191         while (headerNames.hasMoreElements()) {
192             String name = (String) headerNames.nextElement();
193             String value = (String) filteredRequest.getHeader(name);
194             System.out.println(name+ " : "+value );
195         }
196     }
197     
198     /**
199      * Add Session object checking here.
200      */
201     private void checkSession(Session session) {
202         assertNotNull(session);
203         assertEquals(APPLICATIONID,session.getApplicationId());
204         
205         
206         
207     }
208     
209 }