public void ThrowsExceptionWhenXmlAttributeStatementAttributeAnyAttrSamlQualified()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List <StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attribute = (SamlAttribute)attributeStatments.Items[0];
var doc = new XmlDocument();
saml20Assertion.Items = statements.ToArray();
foreach (var samlns in Saml20Constants.SamlNamespaces)
{
attribute.AnyAttr = new[] { doc.CreateAttribute("someprefix", "SamlQualified", samlns) };
try
{
// Act
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
Assert.Fail("A SAML-qualified xml attribute extension on Attribute must not be valid");
}
catch (Saml20FormatException sfe)
{
Assert.AreEqual(sfe.Message, "Attribute extension xml attributes MUST NOT use a namespace reserved by SAML");
}
}
}
public void ThrowsWhenSubjectMethodIsNotWellFormedUri()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var subjectConfirmation = (SubjectConfirmation)Array.Find(saml20Assertion.Subject.Items, item => item is SubjectConfirmation);
subjectConfirmation.Method = "IllegalMethod";
// Act
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
}
public void ThrowsWhenSubjectMethodIsNotWellFormedUri()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var subjectConfirmation = (SubjectConfirmation)Array.Find(saml20Assertion.Subject.Items, item => item is SubjectConfirmation);
subjectConfirmation.Method = "IllegalMethod";
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"SubjectConfirmation element has Method attribute which is not a wellformed absolute uri.");
}
public void ThrowsExceptionWhenNoItemsArePresent()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var attributeStatement = (AttributeStatement)Array.Find(saml20Assertion.Items, x => x is AttributeStatement);
// Clear all the attributes.
attributeStatement.Items = new object[0];
// Act
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
}
public void ThrowsWhenSubjectElementIsNotPresent()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var subjectConfirmation = (SubjectConfirmation)Array.Find(saml20Assertion.Subject.Items, item => item is SubjectConfirmation);
subjectConfirmation.SubjectConfirmationData.NotOnOrAfter = DateTime.UtcNow;
subjectConfirmation.SubjectConfirmationData.NotBefore = null;
saml20Assertion.Subject = null;
// Act
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
}
public void ThrowsWhenAuthnContextClassRefIsNotWellFormedUri()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var authnStatement = (AuthnStatement)Array.Find(saml20Assertion.Items, stmnt => stmnt is AuthnStatement);
var index = Array.FindIndex(authnStatement.AuthnContext.Items, o => o is string && o.ToString() == "urn:oasis:names:tc:SAML:2.0:ac:classes:X509");
authnStatement.AuthnContext.Items[index] = "Hallelujagobble!!";
// Act
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
}
public void ThrowsExceptionWhenNoItemsArePresent()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var attributeStatement = (AttributeStatement)Array.Find(saml20Assertion.Items, x => x is AttributeStatement);
// Clear all the attributes.
attributeStatement.Items = new object[0];
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"AttributeStatement MUST contain at least one Attribute or EncryptedAttribute");
}
public void ThrowsWhenSubjectElementIsNotPresent()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var subjectConfirmation = (SubjectConfirmation)Array.Find(saml20Assertion.Subject.Items, item => item is SubjectConfirmation);
subjectConfirmation.SubjectConfirmationData.NotOnOrAfter = DateTime.UtcNow;
subjectConfirmation.SubjectConfirmationData.NotBefore = null;
saml20Assertion.Subject = null;
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"AuthnStatement, AuthzDecisionStatement and AttributeStatement require a subject.");
}
public void ThrowsWhenAuthnContextClassRefIsNotWellFormedUri()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var authnStatement = (AuthnStatement)Array.Find(saml20Assertion.Items, stmnt => stmnt is AuthnStatement);
var index = Array.FindIndex(authnStatement.AuthnContext.Items, o => o is string && o.ToString() == "urn:oasis:names:tc:SAML:2.0:ac:classes:X509");
authnStatement.AuthnContext.Items[index] = "Hallelujagobble!!";
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"AuthnContextClassRef has a value which is not a wellformed absolute uri");
}
public void ThrowsExceptionWhenXmlAttributeStatementEncryptedAttributeWithNoData()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List <StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attributes = new List <object>(attributeStatments.Items);
var ee = new EncryptedElement();
attributes.Add(ee);
attributeStatments.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
// Act
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
}
public void ThrowsExceptionWhenXmlAttributeStatementAttributeAnyAttrUnqualified()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List <StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attribute = (SamlAttribute)attributeStatments.Items[0];
var doc = new XmlDocument();
attribute.AnyAttr = new[] { doc.CreateAttribute(string.Empty, "Nonqualified", string.Empty) };
saml20Assertion.Items = statements.ToArray();
// Act
new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
}
public void ThrowsExceptionWhenXmlAttributeStatementEncryptedAttributeWithNoData()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List<StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attributes = new List<object>(attributeStatments.Items);
var ee = new EncryptedElement();
attributes.Add(ee);
attributeStatments.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"An EncryptedAttribute MUST contain an xenc:EncryptedData element");
}
public void ThrowsExceptionWhenXmlAttributeStatementAttributeAnyAttrUnqualified()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List<StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attribute = (SamlAttribute)attributeStatments.Items[0];
var doc = new XmlDocument();
attribute.AnyAttr = new[] { doc.CreateAttribute(string.Empty, "Nonqualified", string.Empty) };
saml20Assertion.Items = statements.ToArray();
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"Attribute extension xml attributes MUST BE namespace qualified");
}
public void ThrowsExceptionWhenXmlAttributeStatementAttributeAnyAttrSamlQualified()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List<StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attribute = (SamlAttribute)attributeStatments.Items[0];
var doc = new XmlDocument();
saml20Assertion.Items = statements.ToArray();
foreach (var samlns in Saml20Constants.SamlNamespaces)
{
attribute.AnyAttr = new[] { doc.CreateAttribute("someprefix", "SamlQualified", samlns) };
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"Attribute extension xml attributes MUST NOT use a namespace reserved by SAML");
}
}
public void ThrowsExceptionWhenXmlAttributeStatementEncryptedAttributeWrongType()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List<StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attributes = new List<object>(attributeStatments.Items);
var ee = new EncryptedElement
{
EncryptedData = new EncryptedData
{
Type = "SomeWrongType"
}
};
attributes.Add(ee);
attributeStatments.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"Type attribute of EncryptedData MUST have value " + Saml20Constants.Xenc + "Element" + " if it is present");
}
