public void BuildAuthnRequest_test_requested_authn_context_default_overwritten_multiple_contexts()
{
//ARRANGE
var requestUri = new Uri("http://localhost:59611/");
var federationPartyContextBuilder = new FederationPartyContextBuilderMock();
var federationContex = federationPartyContextBuilder.BuildContext("local", NameIdentifierFormats.Transient);
var requestedAuthnContextConfiguration = new Kernel.Federation.FederationPartner.RequestedAuthnContextConfiguration(AuthnContextComparisonType.Minimum.ToString());
requestedAuthnContextConfiguration.RequestedAuthnContexts.Add((new Kernel.Federation.Protocols.AuthnContext(AuthnContextType.AuthnContextClassRef.ToString(), new Uri(AuthnticationContexts.Password))));
requestedAuthnContextConfiguration.RequestedAuthnContexts.Add((new Kernel.Federation.Protocols.AuthnContext(AuthnContextType.AuthnContextClassRef.ToString(), new Uri(AuthnticationContexts.PasswordProtectedTransport))));
var federationPartyAuthnRequestConfiguration = new FederationPartyAuthnRequestConfiguration(requestedAuthnContextConfiguration, new DefaultNameId(new Uri(NameIdentifierFormats.Transient)));
federationContex.FederationPartyAuthnRequestConfiguration = federationPartyAuthnRequestConfiguration;
var supportedNameIdentifierFormats = new List <Uri> {
new Uri(NameIdentifierFormats.Transient)
};
var authnRequestContext = new AuthnRequestContext(requestUri, federationContex, supportedNameIdentifierFormats);
var requestConfiguration = federationContex.GetRequestConfigurationFromContext();
AuthnRequestHelper.GetBuilders = AuthnRequestBuildersFactoryMock.GetBuildersFactory();
//ACT
var authnRequest = AuthnRequestHelper.BuildAuthnRequest(authnRequestContext);
//ASSERT
Assert.NotNull(authnRequest);
Assert.IsNotNull(authnRequest.RequestedAuthnContext);
Assert.AreEqual(AuthnContextComparisonType.Minimum, authnRequest.RequestedAuthnContext.Comparison);
Assert.AreEqual(2, authnRequest.RequestedAuthnContext.Items.Length);
Assert.AreEqual(2, authnRequest.RequestedAuthnContext.ItemsElementName.Length);
Assert.AreEqual(AuthnContextType.AuthnContextClassRef, authnRequest.RequestedAuthnContext.ItemsElementName[0]);
Assert.AreEqual(AuthnticationContexts.Password, authnRequest.RequestedAuthnContext.Items[0]);
Assert.AreEqual(AuthnContextType.AuthnContextClassRef, authnRequest.RequestedAuthnContext.ItemsElementName[1]);
Assert.AreEqual(AuthnticationContexts.PasswordProtectedTransport, authnRequest.RequestedAuthnContext.Items[1]);
}
public FederationPartyConfiguration BuildContext(string federationPartyId, string defaultNameIdFormat, ScopingConfiguration scopingConfiguration, RequestedAuthnContextConfiguration requestedAuthnContextConfiguration)
{
var nameIdconfiguration = new DefaultNameId(new Uri(defaultNameIdFormat));
var federationPartyAuthnRequestConfiguration = new FederationPartyAuthnRequestConfiguration(requestedAuthnContextConfiguration, nameIdconfiguration, scopingConfiguration);
return(new FederationPartyConfiguration("local", "https://dg-mfb/idp/shibboleth")
{
MetadataContext = this._inlineMetadataContextBuilder.BuildContext(new MetadataGenerateRequest(MetadataType.SP, "local")),
FederationPartyAuthnRequestConfiguration = federationPartyAuthnRequestConfiguration
});
}
private FederationPartyAuthnRequestConfiguration BuildFederationPartyAuthnRequestConfiguration(AutnRequestSettings autnRequestSettings, string entityId)
{
if (autnRequestSettings == null)
{
throw new ArgumentNullException("autnRequestSettings");
}
RequestedAuthnContextConfiguration requestedAuthnContextConfiguration = null;
if (autnRequestSettings.RequitedAutnContext != null)
{
requestedAuthnContextConfiguration = new RequestedAuthnContextConfiguration(autnRequestSettings.RequitedAutnContext.Comparison.ToString());
autnRequestSettings.RequitedAutnContext.RequitedAuthnContexts.Aggregate(requestedAuthnContextConfiguration.RequestedAuthnContexts, (t, next) =>
{
t.Add(new Kernel.Federation.Protocols.AuthnContext(next.RefType.ToString(), new Uri(next.Value)));
return(t);
});
}
if (autnRequestSettings.NameIdConfiguration == null)
{
throw new ArgumentNullException("nameIdConfiguration");
}
var defaultNameUri = autnRequestSettings.NameIdConfiguration.DefaultNameIdFormat != null ? autnRequestSettings.NameIdConfiguration.DefaultNameIdFormat.Uri : NameIdentifierFormats.Unspecified;
var defaultNameId = new DefaultNameId(new Uri(defaultNameUri))
{
AllowCreate = autnRequestSettings.NameIdConfiguration.AllowCreate,
EncryptNameId = autnRequestSettings.NameIdConfiguration.EncryptNameId
};
var scopingConfiguration = autnRequestSettings.Scoping == null ? (ScopingConfiguration)null
: new ScopingConfiguration(entityId)
{
PoxyCount = autnRequestSettings.Scoping.MaxProxyCount
};
var configuration = new FederationPartyAuthnRequestConfiguration(requestedAuthnContextConfiguration, defaultNameId, scopingConfiguration)
{
ForceAuthn = autnRequestSettings.ForceAuthn,
IsPassive = autnRequestSettings.IsPassive,
Version = autnRequestSettings.Version ?? "2.0"
};
return(configuration);
}
private FederationPartyAuthnRequestConfiguration BuildFederationPartyAuthnRequestConfiguration(AutnRequestSettings autnRequestSettings)
{
if (autnRequestSettings == null)
{
throw new ArgumentNullException("autnRequestSettings");
}
if (autnRequestSettings.RequitedAutnContext == null)
{
throw new ArgumentNullException("requitedAutnContext");
}
var requestedAuthnContextConfiguration = new RequestedAuthnContextConfiguration(autnRequestSettings.RequitedAutnContext.Comparison.ToString());
autnRequestSettings.RequitedAutnContext.RequitedAuthnContexts.Aggregate(requestedAuthnContextConfiguration.RequestedAuthnContexts, (t, next) =>
{
t.Add(new Kernel.Federation.Protocols.AuthnContext(next.RefType.ToString(), new Uri(next.Value)));
return(t);
});
if (autnRequestSettings.NameIdConfiguration == null)
{
throw new ArgumentNullException("nameIdConfiguration");
}
var defaultNameId = new DefaultNameId(new Uri(autnRequestSettings.NameIdConfiguration.DefaultNameIdFormat.Uri))
{
AllowCreate = autnRequestSettings.NameIdConfiguration.AllowCreate,
EncryptNameId = autnRequestSettings.NameIdConfiguration.EncryptNameId
};
var configuration = new FederationPartyAuthnRequestConfiguration(requestedAuthnContextConfiguration, defaultNameId)
{
ForceAuthn = autnRequestSettings.ForceAuthn,
IsPassive = autnRequestSettings.IsPassive,
Version = autnRequestSettings.Version ?? "2.0"
};
return(configuration);
}
