public void Saml2RedirectBinding_Bind_WithQueryIn_destinationUrl()
{
var message = new Saml2MessageImplementation
{
XmlData = ExampleXmlData,
DestinationUrl = new Uri("http://www.example.com/acs?aQueryParam=QueryParamValue"),
MessageName = "SAMLRequest"
};
var result = Saml2Binding.Get(Saml2BindingType.HttpRedirect).Bind(message);
var expected = new CommandResult()
{
Location = new Uri("http://www.example.com/acs?aQueryParam=QueryParamValue&SAMLRequest="
+ ExampleSerializedData),
HttpStatusCode = System.Net.HttpStatusCode.SeeOther,
};
result.ShouldBeEquivalentTo(expected);
}
public void LogoutCommand_Run_ThrowsOnMissingIssuerInReceivedMessage()
{
var msg = new Saml2MessageImplementation
{
MessageName = "SAMLRequest",
SigningCertificate = SignedXmlHelper.TestCert,
DestinationUrl = new Uri("http://localhost"),
XmlData = "<Xml />"
};
var url = Saml2Binding.Get(Saml2BindingType.HttpRedirect)
.Bind(msg).Location;
var request = new HttpRequestData("GET", url);
CommandFactory.GetCommand(CommandFactory.LogoutCommandName)
.Invoking(c => c.Run(request, StubFactory.CreateOptions()))
.Should().Throw <InvalidSignatureException>()
.WithMessage("There is no Issuer element in the message, so there is no way to know what certificate to use to validate the signature.");
}
public void Saml2RedirectBinding_Bind_With_RelayState()
{
var message = new Saml2MessageImplementation
{
XmlData = "Data",
RelayState = "SomeState that needs escaping #%=3",
DestinationUrl = new Uri("http://host"),
MessageName = "SAMLRequest"
};
var expected = new CommandResult()
{
Location = new Uri("http://host?SAMLRequest=c0ksSQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%3D%3D"
+ "&RelayState=" + Uri.EscapeDataString(message.RelayState)),
HttpStatusCode = System.Net.HttpStatusCode.SeeOther
};
var result = Saml2Binding.Get(Saml2BindingType.HttpRedirect).Bind(message);
CompareCommandResults(result, expected);
}
public void Saml2PostBinding_Bind_SignsXmlAndPreserversXmlDeclaration()
{
var message = new Saml2MessageImplementation
{
DestinationUrl = new Uri("http://www.example.com/acs"),
XmlData = "<root ID=\"id\">\r\n <content>data</content>\r\n</root>",
MessageName = "SAMLMessageName",
RelayState = "ABC1234",
SigningCertificate = SignedXmlHelper.TestCert,
SigningAlgorithm = SecurityAlgorithms.RsaSha256Signature
};
var signedXml = "<?xml version=\"1.0\" encoding=\"blaha\"?>\r\n"
+ SignedXmlHelper.SignXml(message.XmlData, true);
var expectedValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(signedXml));
var notificationCalled = false;
var result = Saml2Binding.Get(Saml2BindingType.HttpPost).Bind(message, null, (m, xd, bt) =>
{
xd.Declaration = new XDeclaration("1.0", "blaha", null);
m.Should().BeSameAs(message);
bt.Should().Be(Saml2BindingType.HttpPost);
notificationCalled = true;
});
var expected = new CommandResult()
{
ContentType = "text/html",
Content = @"<?xml version=""1.0"" encoding=""UTF-8""?>
<!DOCTYPE html PUBLIC ""-//W3C//DTD XHTML 1.1//EN""
""http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd"">
<html xmlns=""http://www.w3.org/1999/xhtml"" xml:lang=""en"">
<head>
<meta http-equiv=""Content-Security-Policy"" content=""script-src 'sha256-H3SVZBYrbqBt3ncrT/nNmOb6nwCjC12cPQzh5jnW4Y0='"">
</head>
<body>
<noscript>
<p>
<strong>Note:</strong> Since your browser does not support JavaScript,
you must press the Continue button once to proceed.
</p>
</noscript>
<form action=""http://www.example.com/acs"" method=""post"" name=""sustainsysSamlPostBindingSubmit"">
<div>
<input type=""hidden"" name=""RelayState"" value=""ABC1234""/>
<input type=""hidden"" name=""SAMLMessageName""
value=""" + expectedValue + @"""/>
</div>
<noscript>
<div>
<input type=""submit"" value=""Continue""/>
</div>
</noscript>
</form>
<script type=""text/javascript"">
document.forms.sustainsysSamlPostBindingSubmit.submit();
</script>
</body>
</html>"
};
result.Should().BeEquivalentTo(expected);
notificationCalled.Should().BeTrue();
}