+++ /dev/null
-package edu.internet2.middleware.shibboleth.serviceprovider;
-
-import com.mockrunner.mock.web.MockFilterConfig;
-import com.mockrunner.mock.web.MockHttpServletRequest;
-import com.mockrunner.mock.web.MockHttpServletResponse;
-import com.mockrunner.mock.web.MockServletContext;
-import com.mockrunner.mock.web.WebMockObjectFactory;
-import com.mockrunner.servlet.ServletTestModule;
-
-import edu.internet2.middleware.shibboleth.idp.IdPResponder;
-
-/**
- * Establish initialized IdP to respond to requests.
- *
- * <p>The IdP is initialized when the IdpResponder servlet init() is
- * called. This establishes the static context of tables that
- * allow the IdP to issue a Subject and then respond when that
- * Subject is returned in an Attribute Query.</p>
- *
- * <p>This class creates the Mockrunner control blocks needed to
- * call the IdP and, by creating the IdP Servlet object, also
- * initializes an instance of the IdP. It depends on a configuration
- * file located as a resource in the classpath, typically in the
- * /testresources directory of the project.</p>
- */
-public class IdpTestContext {
-
- // Default to a configuration in /testresources
- public static String defaultConfigFileName = "/basicIdpHome/idpconfig.xml";
-
- // The Factory creates the Request, Response, Session, etc.
- public WebMockObjectFactory factory = new WebMockObjectFactory();
-
- // The TestModule runs the Servlet and Filter methods in the simulated container
- public ServletTestModule testModule = new ServletTestModule(factory);
-
- // Now simulated Servlet API objects
- MockServletContext servletContext= factory.getMockServletContext();
- MockFilterConfig filterConfig= factory.getMockFilterConfig();
- MockHttpServletResponse response = factory.getMockResponse();
- MockHttpServletRequest request = factory.getMockRequest();
-
-
- // The IdP Servlet that processes SSO, AA, and Artifact requests
- // The object is created by Mockrunner
- public IdPResponder idpServlet;
-
- /**
- * Construct with the default configuration file
- */
- public IdpTestContext() {
- this(defaultConfigFileName);
- }
-
- /**
- * Construct using a specified IdP configuration file.
- */
- public IdpTestContext(String configFileName) {
-
- // ServletContext
- servletContext.setServletContextName("dummy IdP Context");
- servletContext.setInitParameter("IdPConfigFile", configFileName);
-
-
- // Create instance of Filter class, add to chain, call its init()
- idpServlet = (IdPResponder) testModule.createServlet(IdPResponder.class);
-
- // Initialize the unchanging properties of the HttpServletRequest
- request.setRemoteAddr("127.0.0.1");
- request.setContextPath("/shibboleth-idp");
- request.setProtocol("HTTP/1.1");
- request.setScheme("https");
- request.setServerName("idp.example.org");
- request.setServerPort(443);
-
- }
-
- /**
- * Set all fields of the HttpServletRequest that relate to a particular
- * Servlet, extra path, and query.
- * @param suffix Everything after the context (no leading "/")
- */
- void setRequestUrls(String suffix) {
- request.setRequestURI("https://idp.example.org/shibboleth-idp/"+suffix);
- request.setRequestURL("https://idp.example.org/shibboleth-idp/"+suffix);
- request.setServletPath("/shibboleth.idp/"+suffix);
-
- }
-
-}
+++ /dev/null
-/*
- * Copyright 2001-2005 Internet2
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-package edu.internet2.middleware.shibboleth.serviceprovider;
-
-import java.io.BufferedReader;
-import java.io.StringReader;
-import java.net.MalformedURLException;
-
-import org.apache.xml.security.c14n.CanonicalizationException;
-import org.apache.xml.security.c14n.Canonicalizer;
-import org.apache.xml.security.c14n.InvalidCanonicalizerException;
-import org.opensaml.BindingException;
-import org.opensaml.SAMLBinding;
-import org.opensaml.SAMLConfig;
-import org.opensaml.SAMLException;
-import org.opensaml.SAMLRequest;
-import org.opensaml.SAMLResponse;
-import org.opensaml.XML;
-import org.opensaml.provider.SOAPHTTPBindingProvider;
-import org.w3c.dom.Element;
-import org.xml.sax.InputSource;
-import org.xml.sax.SAXException;
-
-
-/**
- * This is a replacement for SOAPHTTPBindingProvider in OpenSAML. While that
- * module builds a URL and URLConnection to send a request to a Web Server
- * hosting the IdP, this code generates a direct call to the AA or Artifact
- * Resolver through the IdP Servlet.
- *
- * <p>Call setDefaultBindingProvider() to change the SAML configuration
- * to use this class to access the IdP.</p>
- *
- * <p>Sanity Check: In order for the AA or Artifact query to work, the IdP
- * has to have received an SSO, and we have to go back to the same Servlet
- * object with the same configuration and caches that vended the SSO. So
- * this code must depend on a prior initialization of both the IdP and the
- * testing environment generated by either a previous test or at least a
- * setup phase.<p>
- *
- */
-public class MockHTTPBindingProvider
- extends SOAPHTTPBindingProvider {
-
-
- private static SAMLConfig config = SAMLConfig.instance();
-
- /**
- * Static initialization routine that must be called so OpenSAML uses
- * this class.
- */
- public static void setDefaultBindingProvider() {
- config.setDefaultBindingProvider(SAMLBinding.SOAP,"edu.internet2.middleware.shibboleth.serviceprovider.MockHTTPBindingProvider" );
- }
-
- public static IdpTestContext idp = null;
-
- /** OpenSAML will construct this object. */
- public MockHTTPBindingProvider(String binding, Element e) throws SAMLException {
- super(binding, e);
- }
-
- /**
- * Based on the Http version of this code, this method replaces the URL and
- * URLConnection with operations on the Mock HttpRequest.
- */
- public SAMLResponse send(String endpoint, SAMLRequest request, Object callCtx)
- throws SAMLException
- {
- try {
- Element envelope = sendRequest(request, callCtx);
-
- /*
- * Prepare the Mockrunner blocks for the Query
- */
- idp.request.setLocalPort(8443);
- idp.request.setRequestURI(endpoint);
- idp.request.setRequestURL(endpoint);
- if (endpoint.endsWith("/AA")) {
- idp.request.setServletPath("/shibboleth.idp/AA");
- } else {
- idp.request.setServletPath("/shibboleth.idp/Artifact");
- }
-
- idp.request.setContentType("text/xml; charset=UTF-8");
- idp.request.setHeader("SOAPAction","http://www.oasis-open.org/committees/security");
-// Code in the overridden method is left as commentary
-// ((HttpURLConnection)conn).setRequestMethod("POST");
-// ((HttpURLConnection)conn).setRequestProperty("Content-Type","text/xml; charset=UTF-8");
-// ((HttpURLConnection)conn).setRequestProperty("SOAPAction","http://www.oasis-open.org/committees/security");
-
-
-
- Canonicalizer c = Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_OMIT_COMMENTS);
-// conn.getOutputStream().write(c.canonicalizeSubtree(envelope));
- byte[] bs = c.canonicalizeSubtree(envelope);
- idp.request.setBodyContent(bs);
-
- idp.testModule.doPost();
-
- String content_type=idp.response.getContentType();
-
- if (content_type == null || !content_type.startsWith("text/xml")) {
- String outputStreamContent = idp.response.getOutputStreamContent();
- StringReader outputreader = new StringReader(outputStreamContent);
- BufferedReader reader=new BufferedReader(outputreader);
-// BufferedReader reader=new BufferedReader(new InputStreamReader(conn.getInputStream()));
- throw new BindingException(
- "MockHTTPBindingProvider.send() detected an invalid content type ("
- + (content_type!=null ? content_type : "none")
- + ") in the response.");
- }
-
- envelope=XML.parserPool.parse(
-// new InputSource(conn.getInputStream()),
- new InputSource(new StringReader(idp.response.getOutputStreamContent())),
- (request.getMinorVersion()>0) ? XML.parserPool.getSchemaSAML11() : XML.parserPool.getSchemaSAML10()
- ).getDocumentElement();
-
- SAMLResponse ret = recvResponse(envelope, callCtx);
-
- if (!ret.getInResponseTo().equals(request.getId())) {
- throw new BindingException("MockHTTPBindingProvider.send() unable to match SAML InResponseTo value to request");
- }
- return ret;
- }
- catch (MalformedURLException ex) {
- throw new SAMLException("SAMLSOAPBinding.send() detected a malformed URL in the binding provided", ex);
- }
- catch (SAXException ex) {
- throw new SAMLException("SAMLSOAPBinding.send() caught an XML exception while parsing the response", ex);
- }
- catch (InvalidCanonicalizerException ex) {
- throw new SAMLException("SAMLSOAPBinding.send() caught a C14N exception while serializing the request", ex);
- }
- catch (CanonicalizationException ex) {
- throw new SAMLException("SAMLSOAPBinding.send() caught a C14N exception while serializing the request", ex);
- }
- catch (java.io.IOException ex) {
- throw new SAMLException("SAMLSOAPBinding.send() caught an I/O exception", ex);
- }
- finally {
- }
- }
-
-
-}
+++ /dev/null
-package edu.internet2.middleware.shibboleth.serviceprovider;
-
-import org.apache.log4j.ConsoleAppender;
-import org.apache.log4j.Layout;
-import org.apache.log4j.Level;
-import org.apache.log4j.Logger;
-import org.apache.log4j.PatternLayout;
-
-import edu.internet2.middleware.shibboleth.common.ShibbolethConfigurationException;
-
-import junit.framework.TestCase;
-
-/**
- * A base class that sets up Log4J. Real tests extend it.
- */
-public class SPTestCase extends TestCase {
-
- public static String defaultConfigFileName = "/basicSpHome/spconfig.xml";
-
- public SPTestCase() {
- Logger root = Logger.getRootLogger();
- Layout initLayout = new PatternLayout("%d{HH:mm} %-5p %m%n");
- ConsoleAppender consoleAppender= new ConsoleAppender(initLayout,ConsoleAppender.SYSTEM_OUT);
- root.addAppender(consoleAppender);
- root.setLevel(Level.ERROR);
- }
-
- static ServiceProviderContext context = ServiceProviderContext.getInstance();
-
- /**
- * Load an SP configuration file.
- * @param configFileName URL format string pointing to configuration file
- * @throws ShibbolethConfigurationException
- */
- public void initServiceProvider(String configFileName)
- throws ShibbolethConfigurationException{
-
- context.initialize();
- ServiceProviderConfig config = new ServiceProviderConfig();
- context.setServiceProviderConfig(config);
- config.loadConfigObjects(configFileName);
- }
-
- public void initServiceProvider()
- throws ShibbolethConfigurationException {
- initServiceProvider(defaultConfigFileName);
- }
-
-}
+++ /dev/null
-package edu.internet2.middleware.shibboleth.serviceprovider;
-
-import org.apache.commons.codec.binary.Base64;
-import org.opensaml.SAMLException;
-
-import edu.internet2.middleware.shibboleth.idp.provider.ShibbolethV1SSOHandler;
-import edu.internet2.middleware.shibboleth.resource.FilterSupport.NewSessionData;
-
-/**
- * Test the IdP SSO function and the attribute fetch
- * @author gilbert
- *
- */
-public class SSOTest extends SPTestCase {
-
- // The Mockrunner control blocks and the initialized IdP Servlet
- IdpTestContext idp;
-
-
- // data returned from SSO
- private String bin64assertion;
- private String assertion;
- private String handlerURL;
- private String targetURL;
-
- protected void setUp() throws Exception {
- super.setUp();
-
- // Initialize OpenSAML
- MockHTTPBindingProvider.setDefaultBindingProvider();
-
- // Initialize the IdP with the default configuration file.
- idp=new IdpTestContext();
- MockHTTPBindingProvider.idp=idp;
-
- // Initialize an SP Context and Confg
- initServiceProvider();
- }
-
-
- public void testAttributePush() throws SAMLException {
-
- // Set the URL suffix that triggers SSO processing
- idp.setRequestUrls("SSO");
-
- // Add the WAYF/RM parameters
- idp.testModule.addRequestParameter("target", "https://nonsense");
- idp.testModule.addRequestParameter("shire","https://sp.example.org/Shibboleth.sso/SAML/POST");
- idp.testModule.addRequestParameter("providerId", "https://sp.example.org/shibboleth");
-
- // Add a userid, as if provided by Basic Authentication or a Filter
- idp.request.setRemoteUser("BozoTClown");
-
- // Force Attribute Push
- ShibbolethV1SSOHandler.pushAttributeDefault=true;
-
- // Call the IdP
- idp.testModule.doGet();
-
- /*
- * Sanity check: The IdP normally ends by transferring control to a
- * JSP page that generates the FORM. However, we have not set up
- * Mockrunner to perform the transfer, because the form would just
- * create parsing work. Rather, the following code extracts the
- * information from the request attributes that the JSP would have
- * used as its source.
- */
-
- bin64assertion = (String) idp.request.getAttribute("assertion");
- assertion = new String(Base64.decodeBase64(bin64assertion.getBytes()));
- handlerURL = (String) idp.request.getAttribute("shire");
- targetURL = (String) idp.request.getAttribute("target");
-
-
- /*
- * We could create Mockrunner control blocks to present this data
- * to the AuthenticationConsumer Servlet, but this level of
- * intergration testing is supposed to check the processing of the
- * SAML objects. All the real work is done in SessionManager, so
- * we might just as well go to it directly.
- */
-
- NewSessionData data = new NewSessionData();
- data.applicationId="default";
- data.handlerURL=handlerURL;
- data.ipaddr=idp.request.getRemoteAddr();
- data.providerId="https://sp.example.org/shibboleth";
- data.SAMLResponse = bin64assertion;
- data.target=targetURL;
- String sessionId = AssertionConsumerServlet.createSessionFromData(data);
-
- /*
- * Within the prevous call, the SAML assertion was presented to OpenSAML
- * for processing and the Attributes were stored.
- */
-
- // Now get what was created in case you want to test it.
- Session session = context.getSessionManager().findSession(sessionId, "default");
-
- }
-
- public void testAttributeQuery() throws SAMLException {
-
- // Set the URL suffix that triggers SSO processing
- idp.setRequestUrls("SSO");
-
- // Add the WAYF/RM parameters
- idp.testModule.addRequestParameter("target", "https://nonsense");
- idp.testModule.addRequestParameter("shire","https://sp.example.org/Shibboleth.sso/SAML/POST");
- idp.testModule.addRequestParameter("providerId", "https://sp.example.org/shibboleth");
-
- // Add a userid, as if provided by Basic Authentication or a Filter
- idp.request.setRemoteUser("BozoTClown");
-
- // Force Attribute Push
- //ShibbolethV1SSOHandler.pushAttributeDefault=true;
-
- // Call the IdP
- idp.testModule.doGet();
-
- bin64assertion = (String) idp.request.getAttribute("assertion");
- assertion = new String(Base64.decodeBase64(bin64assertion.getBytes()));
- handlerURL = (String) idp.request.getAttribute("shire");
- targetURL = (String) idp.request.getAttribute("target");
-
-
-
- NewSessionData data = new NewSessionData();
- data.applicationId="default";
- data.handlerURL=handlerURL;
- data.ipaddr=idp.request.getRemoteAddr();
- data.providerId="https://sp.example.org/shibboleth";
- data.SAMLResponse = bin64assertion;
- data.target=targetURL;
- String sessionId = AssertionConsumerServlet.createSessionFromData(data);
-
-
- // Now get what was created in case you want to test it.
- Session session = context.getSessionManager().findSession(sessionId, "default");
-
- }
-
-}
projects / java-idp.git / commitdiff