import edu.internet2.middleware.shibboleth.common.AuthNPrincipal;
import edu.internet2.middleware.shibboleth.common.Credential;
import edu.internet2.middleware.shibboleth.common.IdentityProvider;
+import edu.internet2.middleware.shibboleth.common.InvalidNameIdentifierException;
import edu.internet2.middleware.shibboleth.common.NameIdentifierMapping;
import edu.internet2.middleware.shibboleth.common.NameIdentifierMappingException;
import edu.internet2.middleware.shibboleth.common.NameMapper;
public class NameMapperTests extends TestCase {
+ private static Logger log = Logger.getLogger(NameMapperTests.class.getName());
private Parser.DOMParser parser = new Parser.DOMParser(true);
public NameMapperTests(String name) {
}
+ public void testCryptoMappingExpiration() {
+
+ try {
+
+ NameMapper nameMapper = new NameMapper();
+
+ File file = new File("data/handle.jks");
+
+ String rawConfig = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>"
+ + "<NameMapping xmlns=\"urn:mace:shibboleth:namemapper:1.0\""
+ + " xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\""
+ + " xsi:schemaLocation=\"urn:mace:shibboleth:namemapper:1.0 namemapper.xsd\" "
+ + " id=\"cryptotest\" format=\"urn:mace:shibboleth:1.0:nameIdentifier\" "
+ + " type=\"CryptoHandleGenerator\" handleTTL=\"10\">" + " <KeyStorePath>"
+ + file.toURL().toString() + "</KeyStorePath>" + " <KeyStorePassword>shibhs</KeyStorePassword>"
+ + " <KeyStoreKeyAlias>handlekey</KeyStoreKeyAlias>"
+ + " <KeyStoreKeyPassword>shibhs</KeyStoreKeyPassword>" + " </NameMapping>";
+
+ parser.parse(new InputSource(new StringReader(rawConfig)));
+ nameMapper.addNameMapping(parser.getDocument().getDocumentElement());
+
+ SAMLNameIdentifier nameId = nameMapper.getNameIdentifierName("cryptotest", new AuthNPrincipal(
+ "testprincipal"), new BasicServiceProvider(), new BasicIdentityProvider("urn-x:testid"));
+
+ log.debug("Waiting 11 seconds for the handle to expire.");
+ Thread.sleep(22000);
+
+ AuthNPrincipal principal = nameMapper.getPrincipal(nameId, new BasicServiceProvider(),
+ new BasicIdentityProvider("urn-x:testid"));
+
+ fail("Error: crypto handle should have expired but appears to work.");
+
+ } catch (InvalidNameIdentifierException e) {
+ log.debug("As was expected, the handle was not valid: " + e);
+ // This is the exception we are supposed to get
+ } catch (MalformedURLException e) {
+ fail("Error in test specification: " + e.getMessage());
+ } catch (NameIdentifierMappingException e) {
+ fail("Error exercising NameMaper: " + e.getMessage());
+ } catch (Exception e) {
+ fail("Error exercising NameMaper: " + e.getMessage());
+ }
+
+ }
+
public void testCryptoMappingWithOverriddenAlgorithms() {
try {
fail("Expected failure for bad name qualifier.");
} catch (NameIdentifierMappingException e) {
- //This exception should be generated by this test
+ // This exception should be generated by this test
} catch (MalformedURLException e) {
fail("Error in test specification: " + e.getMessage());
fail("HSNameMapper defaulted to incorrect name mapping.");
- //This is only a failure if we don't get this exception
+ // This is only a failure if we don't get this exception
} catch (NameIdentifierMappingException e) {
} catch (Exception e) {
fail("Expected failure for bad name qualifier.");
} catch (NameIdentifierMappingException e) {
- //This exception should be generated by this test
+ // This exception should be generated by this test
} catch (MalformedURLException e) {
fail("Error in test specification: " + e.getMessage());
fail("Expected failure for bad name qualifier.");
} catch (NameIdentifierMappingException e) {
- //This exception should be generated by this test
+ // This exception should be generated by this test
} catch (MalformedURLException e) {
fail("Error in test specification: " + e.getMessage());