public void ThrowsExceptionWhenAuthnContextAuthnContextDeclInvalid()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
new AuthnStatement()
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextDecl
}
};
var validator = new Saml20StatementValidator();
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenAuthnContextAuthenticatingAuthorityUriInvalid()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
AuthenticatingAuthority = new[]
{
"urn:aksdlfj",
"urn/invalid"
},
Items = new object[]
{
"urn:a:valid.uri:string",
"http://another/valid/uri.string"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextClassRef,
AuthnContextType.AuthnContextDeclRef
}
};
var validator = new Saml20StatementValidator();
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenAuthnContextHasMoreThanTwoItems()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
"urn:a.valid.uri:string",
"urn:a.valid.uri:string",
"urn:a.valid.uri:string"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextDeclRef,
AuthnContextType.AuthnContextDeclRef,
AuthnContextType.AuthnContextDeclRef
}
};
var validator = new Saml20StatementValidator();
// Act
validator.ValidateStatement(statement, true);
}
public void ThrowsExceptionWhenAuthnContextAuthnContextDeclRefUriInvalid()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
"urn:a.valid.uri:string",
"an/invalid/uri/string.aspx"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextClassRef,
AuthnContextType.AuthnContextDeclRef
}
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthnContextDeclRef has a value which is not a wellformed absolute uri");
}
public void ThrowsExceptionWhenAuthnContextAuthnContextDeclInvalid()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
new AuthnStatement()
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextDecl
}
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthnContextDecl elements are not allowed in this implementation");
}
public void ThrowsExceptionWhenAuthnContextFirstItemNotAuthnContextClassRef()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
"urn:a.valid.uri:string",
"urn:a.valid.uri:string"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextDeclRef,
AuthnContextType.AuthnContextClassRef
}
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthnContextClassRef must be in the first element");
}
public void ThrowsExceptionWhenAuthnContextHasMoreThanTwoItems()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
"urn:a.valid.uri:string",
"urn:a.valid.uri:string",
"urn:a.valid.uri:string"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextDeclRef,
AuthnContextType.AuthnContextDeclRef,
AuthnContextType.AuthnContextDeclRef
}
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthnContext MUST NOT contain more than two elements.");
}
//ExpectedMessage = "AuthnContextClassRef has a value which is not a wellformed absolute uri")]
public void ThrowsExceptionWhenAuthnContextAuthnContextClassRefUriInvalid()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
string.Empty,
"urn:a.valid.uri:string"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextClassRef,
AuthnContextType.AuthnContextDeclRef
}
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
validator.ValidateStatement(statement, true);
});
}
public void ThrowsExceptionWhenAuthnContextAuthnContextDeclRefUriInvalid()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
Items = new object[]
{
"urn:a.valid.uri:string",
"an/invalid/uri/string.aspx"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextClassRef,
AuthnContextType.AuthnContextDeclRef
}
};
var validator = new Saml20StatementValidator();
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenAuthnContextAuthenticatingAuthorityUriInvalid()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
statement.AuthnContext = new AuthnContext
{
AuthenticatingAuthority = new[]
{
"urn:aksdlfj",
"urn/invalid"
},
Items = new object[]
{
"urn:a:valid.uri:string",
"http://another/valid/uri.string"
},
ItemsElementName = new[]
{
AuthnContextType.AuthnContextClassRef,
AuthnContextType.AuthnContextDeclRef
}
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthenticatingAuthority array contains a value which is not a wellformed absolute uri");
}
public void ThrowsExceptionWhenEmptyAttributeList()
{
// Arrange
var statement = new AttributeStatement();
var validator = new Saml20StatementValidator();
statement.Items = new object[0];
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenAuthnInstantNull()
{
// Arrange
var statement = new AuthnStatement();
var validator = new Saml20StatementValidator();
statement.AuthnInstant = null;
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenAttributeElementEmptyName()
{
// Arrange
var statement = new AttributeStatement();
var validator = new Saml20StatementValidator();
statement.Items = new object[] { new SamlAttribute() };
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenMissingResourceEmpty()
{
// Arrange
var statement = new AuthzDecisionStatement();
var validator = new Saml20StatementValidator();
statement.Resource = null;
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenMalformedResource()
{
// Arrange
var statement = new AuthzDecisionStatement();
var validator = new Saml20StatementValidator();
statement.Resource = "a malformed uri";
// Act
validator.ValidateStatement(statement);
}
public void ThrowsExceptionWhenNullAttributeList()
{
// Arrange
var statement = new AttributeStatement();
var validator = new Saml20StatementValidator();
statement.Items = null;
// Act
validator.ValidateStatement(statement, true);
}
public void ThrowsExceptionWhenMalformedResource()
{
// Arrange
var statement = new AuthzDecisionStatement();
var validator = new Saml20StatementValidator();
statement.Resource = "a malformed uri";
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"Resource attribute of AuthzDecisionStatement has a value which is not a wellformed absolute uri");
}
public void ThrowsExceptionWhenMissingResourceEmpty()
{
// Arrange
var statement = new AuthzDecisionStatement();
var validator = new Saml20StatementValidator();
statement.Resource = null;
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"Resource attribute of AuthzDecisionStatement is REQUIRED");
}
public void ThrowsExceptionWhenEmptyAttributeList()
{
// Arrange
var statement = new AttributeStatement();
var validator = new Saml20StatementValidator();
statement.Items = new object[0];
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AttributeStatement MUST contain at least one Attribute or EncryptedAttribute");
}
public void ThrowsExceptionWhenAttributeElementEmptyName()
{
// Arrange
var statement = new AttributeStatement();
var validator = new Saml20StatementValidator();
statement.Items = new object[] { new SamlAttribute() };
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"Name attribute of Attribute element MUST contain at least one non-whitespace character");
}
public void ThrowsExceptionWhenAuthnInstantNull()
{
// Arrange
var statement = new AuthnStatement();
var validator = new Saml20StatementValidator();
statement.AuthnInstant = null;
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthnStatement MUST have an AuthnInstant attribute");
}
public void ThrowsExceptionWhenAuthnContextNull()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
var validator = new Saml20StatementValidator();
// Act
validator.ValidateStatement(statement);
}
//ExpectedMessage = "Resource attribute of AuthzDecisionStatement is REQUIRED")]
public void ThrowsExceptionWhenMissingResourceEmpty()
{
// Arrange
var statement = new AuthzDecisionStatement();
var validator = new Saml20StatementValidator();
statement.Resource = null;
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
validator.ValidateStatement(statement, true);
});
}
//ExpectedMessage = "Name attribute of Attribute element MUST contain at least one non-whitespace character")]
public void ThrowsExceptionWhenAttributeElementEmptyName()
{
// Arrange
var statement = new AttributeStatement();
var validator = new Saml20StatementValidator();
statement.Items = new object[] { new SamlAttribute() };
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
validator.ValidateStatement(statement, true);
});
}
//ExpectedMessage = "Resource attribute of AuthzDecisionStatement has a value which is not a wellformed absolute uri")]
public void ThrowsExceptionWhenMalformedResource()
{
// Arrange
var statement = new AuthzDecisionStatement();
var validator = new Saml20StatementValidator();
statement.Resource = "a malformed uri";
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
validator.ValidateStatement(statement, true);
});
}
//ExpectedMessage = "AuthnStatement MUST have an AuthnInstant attribute")]
public void ThrowsExceptionWhenAuthnInstantNull()
{
// Arrange
var statement = new AuthnStatement();
var validator = new Saml20StatementValidator();
statement.AuthnInstant = null;
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
validator.ValidateStatement(statement, true);
});
}
//ExpectedMessage = "AttributeStatement MUST contain at least one Attribute or EncryptedAttribute")]
public void ThrowsExceptionWhenNullAttributeList()
{
// Arrange
var statement = new AttributeStatement();
var validator = new Saml20StatementValidator();
statement.Items = null;
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
validator.ValidateStatement(statement, true);
});
}
public void ThrowsExceptionWhenAuthnContextNull()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthnStatement MUST have an AuthnContext element");
}
public void ThrowsExceptionWhenAuthnContextItemsNull()
{
// Arrange
var statement = new AuthnStatement
{
AuthnContext = new AuthnContext(),
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws <Saml20FormatException>(() => validator.ValidateStatement(statement),
"AuthnContext element MUST contain at least one AuthnContextClassRef, AuthnContextDecl or AuthnContextDeclRef element");
}
//ExpectedMessage = "AuthnStatement MUST have an AuthnContext element")]
public void ThrowsExceptionWhenAuthnContextNull()
{
// Arrange
var statement = new AuthnStatement
{
AuthnInstant = DateTime.UtcNow,
SessionNotOnOrAfter = DateTime.UtcNow.AddHours(1)
};
var validator = new Saml20StatementValidator();
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
validator.ValidateStatement(statement, true);
});
}
