Added unit tests for new relying party configuration mechanism.
authorwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 12 Sep 2006 18:13:10 +0000 (18:13 +0000)
committerwassa <wassa@ab3bd59b-922f-494d-bb5f-6f0a3c29deca>
Tue, 12 Sep 2006 18:13:10 +0000 (18:13 +0000)
git-svn-id: https://subversion.switch.ch/svn/shibboleth/java-idp/trunk@2026 ab3bd59b-922f-494d-bb5f-6f0a3c29deca

data/relyingParty-metadata.xml [new file with mode: 0644]
data/relyingPartyMapper1.xml [new file with mode: 0644]
data/relyingPartyMapper2.xml [new file with mode: 0644]
tests/edu/internet2/middleware/shibboleth/common/RelyingPartyMapperTests.java [new file with mode: 0644]

diff --git a/data/relyingParty-metadata.xml b/data/relyingParty-metadata.xml
new file mode 100644 (file)
index 0000000..9c17df2
--- /dev/null
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<EntitiesDescriptor xmlns="urn:oasis:names:tc:SAML:2.0:metadata" 
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+       xsi:schemaLocation="urn:oasis:names:tc:SAML:2.0:metadata ../schemas/sstc-saml-schema-metadata-2.0.xsd urn:mace:shibboleth:metadata:1.0 ../schemas/shibboleth-metadata-1.0.xsd" 
+       Name="urn-x:testgroup" validUntil="3010-01-01T00:00:00Z">
+       <EntityDescriptor entityID="urn-x:test:1">
+               <SPSSODescriptor 
+                       protocolSupportEnumeration="urn:oasis:names:tc:SAML:1.1:protocol">
+                       <AssertionConsumerService index="1" 
+                               Binding="urn:oasis:names:tc:SAML:1.0:profiles:artifact-01" 
+                               Location="https://www.example.org/Shibboleth.shire"/>
+               </SPSSODescriptor>
+       </EntityDescriptor>
+</EntitiesDescriptor>
\ No newline at end of file
diff --git a/data/relyingPartyMapper1.xml b/data/relyingPartyMapper1.xml
new file mode 100644 (file)
index 0000000..c78a29a
--- /dev/null
@@ -0,0 +1,46 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<IdPConfig 
+       xmlns="urn:mace:shibboleth:idp:config:1.0" 
+       xmlns:cred="urn:mace:shibboleth:credentials:1.0" 
+       xmlns:name="urn:mace:shibboleth:namemapper:1.0" 
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+       xsi:schemaLocation="urn:mace:shibboleth:idp:config:1.0 ../schemas/shibboleth-idpconfig-1.0.xsd">
+               
+       <RelyingParty 
+               name="urn-x:test:1" 
+               providerId="urn-x:test:id1"
+               signingCredential="test"
+               passThruErrors="true" 
+               defaultNameID="foo" />
+       
+<!-- Add back later <AttributeResolver config="$IDP_HOME$/etc/resolver.xml"/>-->
+       
+       <ReleasePolicyEngine>
+               <ArpRepository implementation="edu.internet2.middleware.shibboleth.aa.arp.provider.FileSystemArpRepository">
+                       <Path>$IDP_HOME$/etc/arps/</Path>
+               </ArpRepository>
+       </ReleasePolicyEngine>
+
+       <Logging>
+               <ErrorLog level="WARN" location="$IDP_HOME$/logs/shib-error.log" />
+               <TransactionLog level="INFO" location="$IDP_HOME$/logs/shib-access.log" />
+       </Logging>
+
+       <Credentials xmlns="urn:mace:shibboleth:credentials:1.0">
+               <KeyStoreResolver Id="test" storeType="JKS">
+                       <Path>/conf/keystore.jks</Path>
+                       <KeyAlias>shibhs</KeyAlias>
+                       <CertAlias>shibhs</CertAlias>
+                       <StorePassword>shibhs</StorePassword>
+                       <KeyPassword>shibhs</KeyPassword>
+               </KeyStoreResolver>
+       </Credentials>
+
+       <ProtocolHandler type="ShibbolethV1SSOHandler">
+               <Location>https?://[^:/]+(:(443|80))?/$IDP_WEBAPP_NAME$/SSO</Location> 
+       </ProtocolHandler>
+
+       <MetadataProvider type="edu.internet2.middleware.shibboleth.metadata.FilesystemMetadataProvider"
+                path="$IDP_HOME$/etc/example-metadata.xml"/>
+
+</IdPConfig>
\ No newline at end of file
diff --git a/data/relyingPartyMapper2.xml b/data/relyingPartyMapper2.xml
new file mode 100644 (file)
index 0000000..82303aa
--- /dev/null
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<IdPConfig 
+       xmlns="urn:mace:shibboleth:idp:config:1.0" 
+       xmlns:cred="urn:mace:shibboleth:credentials:1.0" 
+       xmlns:name="urn:mace:shibboleth:namemapper:1.0" 
+       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
+       xsi:schemaLocation="urn:mace:shibboleth:idp:config:1.0 ../schemas/shibboleth-idpconfig-1.0.xsd">
+               
+       <RelyingParty 
+               name="urn-x:testgroup" 
+               providerId="urn-x:test:id1"
+               signingCredential="test"
+               passThruErrors="true" 
+               defaultNameID="foo" />
+       
+       <AnonymousRelyingParty 
+               providerId="urn-x:test:anonId" 
+               signingCredential="test"
+               defaultNameID="foo" />
+       
+       <DefaultRelyingParty 
+               providerId="urn-x:test:defId" 
+               signingCredential="test"
+               defaultNameID="foo" />
+       
+<!-- Add back later <AttributeResolver config="$IDP_HOME$/etc/resolver.xml"/>-->
+       
+       <ReleasePolicyEngine>
+               <ArpRepository implementation="edu.internet2.middleware.shibboleth.aa.arp.provider.FileSystemArpRepository">
+                       <Path>$IDP_HOME$/etc/arps/</Path>
+               </ArpRepository>
+       </ReleasePolicyEngine>
+
+       <Logging>
+               <ErrorLog level="WARN" location="$IDP_HOME$/logs/shib-error.log" />
+               <TransactionLog level="INFO" location="$IDP_HOME$/logs/shib-access.log" />
+       </Logging>
+
+       <Credentials xmlns="urn:mace:shibboleth:credentials:1.0">
+               <KeyStoreResolver Id="test" storeType="JKS">
+                       <Path>/conf/keystore.jks</Path>
+                       <KeyAlias>shibhs</KeyAlias>
+                       <CertAlias>shibhs</CertAlias>
+                       <StorePassword>shibhs</StorePassword>
+                       <KeyPassword>shibhs</KeyPassword>
+               </KeyStoreResolver>
+       </Credentials>
+
+       
+       <ProtocolHandler type="ShibbolethV1SSOHandler">
+               <Location>https?://[^:/]+(:(443|80))?/$IDP_WEBAPP_NAME$/SSO</Location> 
+       </ProtocolHandler>
+
+       <MetadataProvider type="edu.internet2.middleware.shibboleth.metadata.FilesystemMetadataProvider"
+                path="$IDP_HOME$/etc/example-metadata.xml"/>
+
+</IdPConfig>
\ No newline at end of file
diff --git a/tests/edu/internet2/middleware/shibboleth/common/RelyingPartyMapperTests.java b/tests/edu/internet2/middleware/shibboleth/common/RelyingPartyMapperTests.java
new file mode 100644 (file)
index 0000000..13148b5
--- /dev/null
@@ -0,0 +1,212 @@
+/*
+ * Copyright [2005] [University Corporation for Advanced Internet Development, Inc.]
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package edu.internet2.middleware.shibboleth.common;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+import junit.framework.TestCase;
+
+import org.apache.log4j.BasicConfigurator;
+import org.apache.log4j.Level;
+import org.apache.log4j.Logger;
+import org.opensaml.Configuration;
+import org.opensaml.SAMLException;
+import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.w3c.dom.Element;
+import org.w3c.dom.NodeList;
+import org.xml.sax.InputSource;
+import org.xml.sax.SAXException;
+
+import edu.internet2.middleware.shibboleth.xml.Parser;
+
+/**
+ * Validation suite for the <code>RelyingPartyMapper</code>.
+ * 
+ * @author Walter Hoehn
+ */
+
+public class RelyingPartyMapperTests extends TestCase {
+
+       private Parser.DOMParser parser = new Parser.DOMParser(true);
+
+       public RelyingPartyMapperTests(String name) {
+
+               super(name);
+               BasicConfigurator.resetConfiguration();
+               BasicConfigurator.configure();
+               Logger.getRootLogger().setLevel(Level.OFF);
+       }
+
+       public static void main(String[] args) {
+
+               junit.textui.TestRunner.run(RelyingPartyMapperTests.class);
+               BasicConfigurator.configure();
+               Logger.getRootLogger().setLevel(Level.OFF);
+       }
+
+       protected void setUp() throws Exception {
+
+               super.setUp();
+       }
+
+       public void testBasicFunction() {
+
+               try {
+                       // Parse IdP config file
+                       InputStream inStream = new FileInputStream("data/relyingPartyMapper1.xml");
+                       parser.parse(new InputSource(inStream));
+
+                       // We have to get a credentials set in order to init the mapper
+                       NodeList credentialNodes = parser.getDocument().getDocumentElement().getElementsByTagNameNS(
+                                       Credentials.credentialsNamespace, "Credentials");
+                       Credentials credentials = new Credentials((Element) credentialNodes.item(0));
+
+                       RelyingPartyMapper mapper = new RelyingPartyMapper(parser.getDocument().getDocumentElement(), credentials);
+
+                       // Make sure we have anonymous support turned off
+                       assertFalse("Anonymous relying party support should be turned off.", mapper.anonymousSuported());
+
+                       // Make sure we have defaulting turned off
+                       assertNull("Expected no relying party.", mapper.getRelyingParty("foobar"));
+
+                       // Make sure we can lookup by providerId
+                       assertNotNull("Expected relying party lookup to succeed.", mapper.getRelyingParty("urn-x:test:1"));
+
+                       // Check the config data for the relying party
+                       assertEquals("Incorrect providerId for relying party.", "urn-x:test:id1", mapper.getRelyingParty(
+                                       "urn-x:test:1").getIdentityProvider().getProviderId());
+                       assertTrue("Incorrect passThruErrors value for relying party.", mapper.getRelyingParty("urn-x:test:1")
+                                       .passThruErrors());
+                       assertNotNull("Missing signing credential for relying party.", mapper.getRelyingParty("urn-x:test:1")
+                                       .getIdentityProvider().getSigningCredential());
+
+               } catch (SAXException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (IOException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (SAMLException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (RelyingPartyMapperException e) {
+                       fail("Unable to load relying party mapper: " + e.getMessage());
+               }
+       }
+
+       public void testAnonymousRelyingParty() {
+
+               try {
+                       // Parse IdP config file
+                       InputStream inStream = new FileInputStream("data/relyingPartyMapper2.xml");
+                       parser.parse(new InputSource(inStream));
+
+                       // We have to get a credentials set in order to init the mapper
+                       NodeList credentialNodes = parser.getDocument().getDocumentElement().getElementsByTagNameNS(
+                                       Credentials.credentialsNamespace, "Credentials");
+                       Credentials credentials = new Credentials((Element) credentialNodes.item(0));
+
+                       RelyingPartyMapper mapper = new RelyingPartyMapper(parser.getDocument().getDocumentElement(), credentials);
+
+                       // Make sure we have anonymous support turned on
+                       assertTrue("Anonymous relying party support should be turned on.", mapper.anonymousSuported());
+                       assertNotNull("Unable to lookup anonymous relying party.", mapper.getAnonymousRelyingParty());
+
+                       // Make sure we got the correct relying party
+                       assertEquals("Wrong providerId.", "urn-x:test:anonId", mapper.getAnonymousRelyingParty()
+                                       .getIdentityProvider().getProviderId());
+
+               } catch (SAXException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (IOException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (SAMLException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (RelyingPartyMapperException e) {
+                       fail("Unable to load relying party mapper: " + e.getMessage());
+               }
+       }
+
+       public void testDefaultRelyingParty() {
+
+               try {
+                       // Parse IdP config file
+                       InputStream inStream = new FileInputStream("data/relyingPartyMapper2.xml");
+                       parser.parse(new InputSource(inStream));
+
+                       // We have to get a credentials set in order to init the mapper
+                       NodeList credentialNodes = parser.getDocument().getDocumentElement().getElementsByTagNameNS(
+                                       Credentials.credentialsNamespace, "Credentials");
+                       Credentials credentials = new Credentials((Element) credentialNodes.item(0));
+
+                       RelyingPartyMapper mapper = new RelyingPartyMapper(parser.getDocument().getDocumentElement(), credentials);
+
+                       // Make sure we have defaulting turned on
+                       assertNotNull("Expected no relying party.", mapper.getRelyingParty("foobar"));
+
+                       // Make sure we got the correct relying party
+                       assertEquals("Wrong providerId.", "urn-x:test:defId", mapper.getRelyingParty("foobar")
+                                       .getIdentityProvider().getProviderId());
+
+               } catch (SAXException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (IOException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (SAMLException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (RelyingPartyMapperException e) {
+                       fail("Unable to load relying party mapper: " + e.getMessage());
+               }
+       }
+
+       public void testGroupLookup() {
+
+               try {
+                       // Parse IdP config file
+                       InputStream inStream = new FileInputStream("data/relyingPartyMapper2.xml");
+                       parser.parse(new InputSource(inStream));
+
+                       // We have to get a credentials set in order to init the mapper
+                       NodeList credentialNodes = parser.getDocument().getDocumentElement().getElementsByTagNameNS(
+                                       Credentials.credentialsNamespace, "Credentials");
+                       Credentials credentials = new Credentials((Element) credentialNodes.item(0));
+
+                       RelyingPartyMapper mapper = new RelyingPartyMapper(parser.getDocument().getDocumentElement(), credentials);
+                       Configuration.init();
+                       MetadataProvider metadata = new FilesystemMetadataProvider(new File("data/relyingParty-metadata.xml"));
+                       mapper.setMetadata(metadata);
+
+                       // Make sure we can lookup by group
+                       assertNotNull("Expected relying party lookup by group to succeed.", mapper.getRelyingParty("urn-x:test:1"));
+                       assertEquals("Expected relying party lookup by group to have correct providerId.", "urn-x:test:id1", mapper
+                                       .getRelyingParty("urn-x:test:1").getIdentityProvider().getProviderId());
+
+               } catch (SAXException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (IOException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (SAMLException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               } catch (RelyingPartyMapperException e) {
+                       fail("Unable to load relying party mapper: " + e.getMessage());
+               } catch (MetadataProviderException e) {
+                       fail("Error in test specification: " + e.getMessage());
+               }
+       }
+}
\ No newline at end of file