Ejemplo n.º 1
0
        public void TestBrokenSignature()
        {
            var xElement = XElement.Load(TestContext.CurrentContext.TestDirectory +
                                         "/Resources/oiosaml-examples/test-new-nemlogin-authentication-assertion-2.xml",
                                         LoadOptions.None);
            var assertion = new OioSamlAssertion(xElement);

            assertion.ValidateSignatureAndTrust(CredentialVaultTestUtil.GetOldIdpTestCredentialVault());

            var attributes = xElement.Descendants(SamlTags.Attribute.Ns + SamlTags.Attribute.TagName);
            var nameNode   =
                attributes.FirstOrDefault(
                    element => element.Attribute(SamlAttributes.Name).Value.Equals(OioSamlAttributes.CommonName));

            nameNode.Value = "Ronnie Romkugle";
            assertion      = new OioSamlAssertion(xElement);
            try
            {
                assertion.ValidateSignatureAndTrust(CredentialVaultTestUtil.GetOldIdpTestCredentialVault());
            }
            catch (ModelException e)
            {
                Assert.AreEqual("Signature on OIOSAMLAssertion is invalid", e.Message);
            }
        }
Ejemplo n.º 2
0
 private void AssertOioSamlAssertion(OioSamlAssertion assertion, UserIdCard idCard)
 {
     Assert.AreEqual("42634739", assertion.RidNumberIdentifier);
     Assert.AreEqual("CN=TRUST2408 Systemtest XIX CA, O=TRUST2408, C=DK", assertion.CertificateIssuer);
     Assert.IsFalse(assertion.IsYouthCertificate);
     Assert.AreEqual("5818C1A6", assertion.CertificateSerial);
     Assert.AreEqual("CVR:30808460-RID:42634739", assertion.Uid);
     Assert.IsNotNull(assertion.NotOnOrAfter);
     Assert.AreEqual("http://sundhed.dk/saml/SAMLAssertionConsumer", assertion.Recipient);
     Assert.AreEqual(idCard, assertion.UserIdCard);
     assertion.ValidateSignatureAndTrust(vocesVault);
 }
Ejemplo n.º 3
0
        public void ValidateNemLoginAssertion()
        {
            //InputSource inputSource = new InputSource(this.getClass().getResourceAsStream("/oiosaml-examples/NemLog-in_assertion_valid_signature.xml"));
            //Document document = XmlUtil.readXml(System.getProperties(), inputSource, false);
            var assertionXElement = XElement.Load(NUnit.Framework.TestContext.CurrentContext.TestDirectory +
                                                  "/Resources/oiosaml-examples/NemLog-in_assertion_valid_signature.xml");
            var assertion = new OioSamlAssertion(assertionXElement);

            assertion.ValidateSignatureAndTrust(CredentialVaultTestUtil.GetNewIdpTestCredentialVault());
            Assert.AreEqual("3", assertion.AssuranceLevel);
            Assert.AreEqual("25450442", assertion.CvrNumberIdentifier);
            Assert.AreEqual("27304742", assertion.RidNumberIdentifier);
        }
Ejemplo n.º 4
0
        public void TestUnsignedAssertion()
        {
            //expectedException.expect(ModelException.class);
            //       expectedException.expectMessage("OIOSAMLAssertion is not signed");

            var xElement = XElement.Load(TestContext.CurrentContext.TestDirectory +
                                         "/Resources/oiosaml-examples/test-new-nemlogin-authentication-assertion-2.xml");
            var signature = xElement.Descendants(DsTags.Signature.Ns + DsTags.Signature.TagName).FirstOrDefault();

            signature.Remove();
            var assertion = new OioSamlAssertion(xElement);
            var ex        =
                Assert.Throws <ModelException>(
                    () => assertion.ValidateSignatureAndTrust(CredentialVaultTestUtil.GetOldIdpTestCredentialVault()));

            Assert.AreEqual("OIOSAMLAssertion is not signed", ex.Message);
        }
Ejemplo n.º 5
0
        public void TestConstructionFromNewNemLoginSampleTwo()
        {
            var assertion = new OioSamlAssertion(XElement.Load(NUnit.Framework.TestContext.CurrentContext.TestDirectory +
                                                               "/Resources/oiosaml-examples/test-new-nemlogin-authentication-assertion-2.xml"));

            Assert.AreEqual("_5a49e560-5312-4237-8f32-2ed2b58cfcf7", assertion.Id);

            Assert.AreEqual("https://saml.test-nemlog-in.dk/", assertion.Issuer);

            Assert.AreEqual(DateTime.Parse("2012-09-27T08:51:13.884Z"), assertion.NotBefore);

            Assert.AreEqual(DateTime.Parse("2012-09-27T09:51:13.884Z"), assertion.NotOnOrAfter);

            Assert.AreEqual("3", assertion.AssuranceLevel);

            Assert.AreEqual("Amaja Christiansen", assertion.CommonName);

            Assert.AreEqual("", assertion.SurName);

            Assert.AreEqual("2408631478", assertion.Cpr);

            Assert.AreEqual("*****@*****.**", assertion.Email);

            Assert.AreEqual("25520041", assertion.CvrNumberIdentifier);

            Assert.AreEqual("TRIFORK SERVICES A/S // CVR:25520041", assertion.OrganizationName);

            Assert.AreEqual("42041556", assertion.RidNumberIdentifier);

            Assert.AreEqual("https://saml.fmk.staging.fmk-online.dk", assertion.AudienceRestriction);

            Assert.AreEqual(DateTime.Parse("2012-09-27T08:50:38.681Z"), assertion.UserAuthenticationInstant);

            Assert.AreEqual("DK-SAML-2.0", assertion.SpecVersion);

            Assert.AreEqual(
                "C=DK,O=TRIFORK SERVICES A/S // CVR:25520041,CN=Amaja Christiansen,Serial=CVR:25520041-RID:42041556",
                assertion.SubjectNameId);

            Assert.AreEqual("urn:oasis:names:tc:SAML:1.1:nameid-format:X509SubjectName", assertion.SubjectNameIdFormat);

            Assert.AreEqual("CN=TDC OCES Systemtest CA II, O=TDC, C=DK", assertion.CertificateIssuer);
            X509Certificate userCertificate = assertion.UserCertificate;

            Assert.IsNotNull(userCertificate);

            Assert.AreEqual(
                new X500DistinguishedName(
                    "CN=Amaja Christiansen + SERIALNUMBER=CVR:25520041-RID:42041556, O=TRIFORK SERVICES A/S // CVR:25520041, C=DK").Name,
                new X500DistinguishedName(userCertificate.Subject).Name);

            Assert.AreEqual("https://staging.fmk-online.dk/fmk/saml/SAMLAssertionConsumer", assertion.Recipient);
            assertion.ValidateSignatureAndTrust(CredentialVaultTestUtil.GetOldIdpTestCredentialVault());
            try
            {
                assertion.ValidateTimestamp();
            }
            catch (ModelException e)
            {
                Assert.IsTrue(e.Message.StartsWith("OIOSAML token no longer valid"));
            }
        }