package edu.internet2.middleware.shibboleth.integration;
+import java.io.UnsupportedEncodingException;
+import java.net.URLDecoder;
import java.util.Enumeration;
import javax.naming.directory.Attributes;
import javax.naming.directory.BasicAttribute;
import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
import junit.framework.TestCase;
import org.apache.log4j.Level;
import org.opensaml.SAMLException;
+import com.mockrunner.mock.web.MockHttpServletResponse;
+
import edu.internet2.middleware.shibboleth.idp.provider.ShibbolethV1SSOHandler;
import edu.internet2.middleware.shibboleth.resource.FilterUtil;
import edu.internet2.middleware.shibboleth.resource.FilterSupport.NewSessionData;
// Initialize the Filter and create its separate
// Mockrunner simulated context.
filter= runner.getFilter();
-
- // Make changes to Filter init-param values before setUp.
+ // Note: If you are going to change the Filter init-param
+ // values, do it here before calling setUp()
filter.setUp();
- // Create attributes to be returned from the IdP
+ // Create the static collection of Attributes that are
+ // returned by the IdP for every principal.
// This could be done in each test, just as long as it
// is done before the SSO.
Attributes attributes = runner.getAttributesCollection();
// Call the IdP
idp.testModule.doGet();
- /*
- * Sanity check: The IdP normally ends by transferring control to a
- * JSP page that generates the FORM. However, we have not set up
- * Mockrunner to perform the transfer, because the form would just
- * create parsing work. Rather, the following code extracts the
- * information from the request attributes that the JSP would have
- * used as its source.
- */
+ /*
+ * Sanity check: The IdP normally ends by transferring control to a
+ * JSP page that generates the FORM. However, we have not set up
+ * Mockrunner to perform the transfer, because the form would just
+ * create parsing work. Rather, the following code extracts the
+ * information from the request attributes that the JSP would have
+ * used as its source.
+ */
String bin64assertion = (String) idp.request.getAttribute("assertion");
String assertion = new String(Base64.decodeBase64(bin64assertion.getBytes()));
String handlerURL = (String) idp.request.getAttribute("shire");
// Build the parameter for Session creation
NewSessionData data = new NewSessionData();
FilterUtil.sessionDataFromRequest(data,idp.request);
- data.SAMLResponse = bin64assertion; // test logic
- data.target=targetURL;
+ // there was no real redirect, so the next two fields are not
+ // in the places that sessionDataFromRequest expects.
+ data.SAMLResponse = bin64assertion;
+ data.target=targetURL;
data.applicationId="default";
data.handlerURL=handlerURL;
data.providerId="https://sp.example.org/shibboleth";
filter.setRequestUrls("test.txt");
filter.testModule.doFilter();
- /*
- * Sanity Check: doFilter runs just the Filter itself. On
- * input there was a Request and Response. When done, there
- * will be a replacement Request object created by the Filter
- * wrapping the original request and adding features.
- */
+ /*
+ * Sanity Check: doFilter runs just the Filter itself. On
+ * input there was a Request and Response. When done, there
+ * will be a replacement Request object created by the Filter
+ * wrapping the original request and adding features.
+ */
// Get the Request Wrapper object created by the Filter
HttpServletRequest filteredRequest =
}
}
+ public void testArtifact() throws SAMLException, UnsupportedEncodingException {
+
+ // Set the URL suffix that triggers SSO processing
+ idp.setRequestUrls("SSO");
+
+ // Add the WAYF/RM parameters
+ idp.testModule.addRequestParameter("target", "https://nonsense");
+ idp.testModule.addRequestParameter("shire","https://sp.example.org/Shibboleth.sso/SAML/Artifact");
+ idp.testModule.addRequestParameter("providerId", "https://sp.example.org/shibboleth");
+
+ // Add a userid, as if provided by Basic Authentication or a Filter
+ idp.request.setRemoteUser("BozoTClown");
+
+ // Attribute Push is implied by Artifact
+ ShibbolethV1SSOHandler.pushAttributeDefault=false;
+
+ // Call the IdP
+ idp.testModule.doGet();
+
+ MockHttpServletResponse response = idp.response;
+ String redirectURL = response.getHeader("Location");
+
+ String[] splits = redirectURL.split("\\&SAMLart=");
+ assertTrue(splits.length>0);
+ String[] samlArt = new String[splits.length-1];
+ for (int i=0;i<samlArt.length;i++) {
+ samlArt[i]=URLDecoder.decode(splits[i+1],"UTF-8");
+ }
+
+
+
+ // Build the parameter for Session creation
+ NewSessionData data = new NewSessionData();
+ FilterUtil.sessionDataFromRequest(data,idp.request);
+ data.SAMLArt=samlArt;
+ data.target="https://nonsense";
+ data.applicationId="default";
+ data.handlerURL="https://sp.example.org/Shibboleth.sso/SAML/Artifact";
+ data.providerId="https://sp.example.org/shibboleth";
+
+ // Create the Session
+ // Internally an AA Query will fetch the attributes through the
+ // MockHTTPBindingProvider
+ String sessionId = AssertionConsumerServlet.createSessionFromData(data);
+
+
+ // Now get what was created in case you want to test it.
+ ServiceProviderContext context = ServiceProviderContext.getInstance();
+ Session session = context.getSessionManager().findSession(sessionId, "default");
+ StringBuffer buffer = SessionManager.dumpAttributes(session);
+ System.out.println(buffer.toString());
+
+ // Pass the SessionId to the Filter, let it fetch the attributes
+ filter.testModule.addRequestParameter("ShibbolethSessionId", sessionId);
+ filter.setRequestUrls("test.txt"); // need any URL
+ filter.testModule.doFilter();
+
+ // Get the Request Wrapper object created by the Filter
+ HttpServletRequest filteredRequest = (HttpServletRequest) filter.testModule.getFilteredRequest();
+
+ // Now do something that uses Filter supplied logic
+ Enumeration headerNames = filteredRequest.getHeaderNames();
+ while (headerNames.hasMoreElements()) {
+ String name = (String) headerNames.nextElement();
+ String value = (String) filteredRequest.getHeader(name);
+ System.out.println(name+ "-"+value );
+ }
+ }
}
projects / java-idp.git / commitdiff