public void AcsCommand_Run_HandlesExceptionWhenUnbindResultIsStillNull() { var issuer = new EntityId("http://bad.idp.example.com"); var artifact = Saml2ArtifactBinding.CreateArtifact(issuer, 0); // Just spoil it to force an exception. artifact[3] = 5; var artifactString = Convert.ToBase64String(artifact); var r = new HttpRequestData( "POST", new Uri("http://localhost"), "/ModulePath", new KeyValuePair <string, string[]>[] { new KeyValuePair <string, string[]>("SAMLart", new string[] { artifactString }) }, Enumerable.Empty <KeyValuePair <string, string> >(), null); Action a = () => new AcsCommand().Run(r, Options.FromConfiguration); // The real exception was masked by a NullRef in the exception // handler in AcsCommand.Run a.ShouldThrow <InvalidOperationException>(); }
public void Saml2ArtifactBinding_Bind_CreateArtifact_NullcheckIssuer() { Action a = () => Saml2ArtifactBinding.CreateArtifact(null, 17); a.ShouldThrow <ArgumentNullException>() .And.ParamName.Should().Be("issuer"); }
public void Saml2ArtifactBinding_Unbind_FromGet() { var issuer = new EntityId("https://idp.example.com"); var artifact = Uri.EscapeDataString( Convert.ToBase64String( Saml2ArtifactBinding.CreateArtifact(issuer, 0x1234))); var relayState = "relayState"; var r = new HttpRequestData( "GET", new Uri($"http://example.com/path/acs?SAMLart={artifact}&RelayState={relayState}"), null, null, new StoredRequestState(issuer, null, null, null)); StubServer.LastArtifactResolutionSoapActionHeader = null; var result = Saml2Binding.Get(Saml2BindingType.Artifact).Unbind(r, StubFactory.CreateOptions()); var xmlDocument = new XmlDocument() { PreserveWhitespace = true }; xmlDocument.LoadXml("<message> <child-node /> </message>"); var expected = new UnbindResult(xmlDocument.DocumentElement, relayState, TrustLevel.None); result.ShouldBeEquivalentTo(expected); StubServer.LastArtifactResolutionSoapActionHeader.Should().Be( "http://www.oasis-open.org/committees/security"); StubServer.LastArtifactResolutionWasSigned.Should().BeFalse(); }
public void Saml2ArtifactBinding_Unbind_FromPostWithoutRelayState() { var issuer = new EntityId("https://idp.example.com"); var artifact = Convert.ToBase64String( Saml2ArtifactBinding.CreateArtifact(issuer, 0x1234)); var r = new HttpRequestData( "POST", new Uri("http://example.com"), "/ModulePath", new KeyValuePair <string, string[]>[] { new KeyValuePair <string, string[]>("SAMLart", new[] { artifact }), }, null, null); StubServer.LastArtifactResolutionSoapActionHeader = null; var result = Saml2Binding.Get(Saml2BindingType.Artifact).Unbind(r, StubFactory.CreateOptions()); var xmlDocument = new XmlDocument() { PreserveWhitespace = true }; xmlDocument.LoadXml("<message> <child-node /> </message>"); var expected = new UnbindResult(xmlDocument.DocumentElement, null, TrustLevel.None); result.ShouldBeEquivalentTo(expected); StubServer.LastArtifactResolutionSoapActionHeader.Should().Be( "http://www.oasis-open.org/committees/security"); }
public void Saml2ArtifactBinding_Bind_CreateArtifact() { var issuer = new EntityId("http://idp.example.com"); var index = 0x1234; var artifact = Saml2ArtifactBinding.CreateArtifact(issuer, index); // Header artifact[0].Should().Be(0); artifact[1].Should().Be(4); //Endpoint index artifact[2].Should().Be(0x12); artifact[3].Should().Be(0x34); artifact.Length.Should().Be(44); var sourceID = new byte[20]; Array.Copy(artifact, 4, sourceID, 0, 20); sourceID.ShouldBeEquivalentTo( SHA1.Create().ComputeHash(Encoding.UTF8.GetBytes(issuer.Id))); // Can't test a random value, but check it's not 0 all over. artifact.Skip(24).Count(c => c == 0).Should().BeLessThan(10); }
public void Saml2ArtifactBinding_Unbind_FromPost() { var issuer = new EntityId("https://idp.example.com"); var artifact = Convert.ToBase64String( Saml2ArtifactBinding.CreateArtifact(issuer, 0x1234)); var relayState = MethodBase.GetCurrentMethod().Name; var r = new HttpRequestData( "POST", new Uri("http://example.com"), "/ModulePath", new KeyValuePair <string, IEnumerable <string> >[] { new KeyValuePair <string, IEnumerable <string> >("SAMLart", new[] { artifact }), new KeyValuePair <string, IEnumerable <string> >("RelayState", new[] { relayState }) }, new StoredRequestState(issuer, null, null, null)); StubServer.LastArtifactResolutionSoapActionHeader = null; var result = Saml2Binding.Get(Saml2BindingType.Artifact).Unbind(r, StubFactory.CreateOptions()); var xmlDocument = XmlHelpers.XmlDocumentFromString( "<message> <child-node /> </message>"); var expected = new UnbindResult(xmlDocument.DocumentElement, relayState, TrustLevel.None); result.ShouldBeEquivalentTo(expected); StubServer.LastArtifactResolutionSoapActionHeader.Should().Be( "http://www.oasis-open.org/committees/security"); }
public void Saml2ArtifactBinding_Unbind_FromGet_ArtifactIsntHashOfEntityId() { var issuer = new EntityId("https://idp.example.com"); var artifact = Uri.EscapeDataString( Convert.ToBase64String( Saml2ArtifactBinding.CreateArtifact( new EntityId("https://this.entityid.is.invalid"), 0x1234))); var relayState = "relayState"; var r = new HttpRequestData( "GET", new Uri($"http://example.com/path/acs?SAMLart={artifact}&RelayState={relayState}"), null, null, new StoredRequestState(issuer, null, null, null)); var result = Saml2Binding.Get(Saml2BindingType.Artifact).Unbind(r, StubFactory.CreateOptions()); var xmlDocument = XmlHelpers.XmlDocumentFromString( "<message> <child-node /> </message>"); var expected = new UnbindResult(xmlDocument.DocumentElement, relayState, TrustLevel.None); result.Should().BeEquivalentTo(expected); StubServer.LastArtifactResolutionWasSigned.Should().BeFalse(); }
public void Saml2ArtifactBinding_Unbind_FromGetUsesIdpFromNotification() { var issuer = new EntityId("https://idp.example.com"); var artifact = Uri.EscapeDataString( Convert.ToBase64String( Saml2ArtifactBinding.CreateArtifact(issuer, 0x1234))); var relayState = "relayState"; var relayData = new Dictionary <string, string> { { "key", "value" } }; var r = new HttpRequestData( "GET", new Uri($"http://example.com/path/acs?SAMLart={artifact}&RelayState={relayState}"), null, null, new StoredRequestState(issuer, null, null, relayData)); var options = StubFactory.CreateOptions(); var idp = options.IdentityProviders.Default; options.IdentityProviders.Remove(idp.EntityId); var getIdentityProviderCalled = false; options.Notifications.GetIdentityProvider = (ei, rd, opt) => { getIdentityProviderCalled = true; rd["key"].Should().Be("value"); return(idp); }; var result = Saml2Binding.Get(Saml2BindingType.Artifact).Unbind(r, options); getIdentityProviderCalled.Should().BeTrue(); }
public void Saml2ArtifactBinding_Unbind_FromGet_SignsArtifactResolve() { var issuer = new EntityId("https://idp.example.com"); var artifact = Uri.EscapeDataString( Convert.ToBase64String( Saml2ArtifactBinding.CreateArtifact(issuer, 0x1234))); var r = new HttpRequestData( "GET", new Uri($"http://example.com/path/acs?SAMLart={artifact}")); var options = StubFactory.CreateOptions(); options.SPOptions.ServiceCertificates.Add(new ServiceCertificate { Certificate = SignedXmlHelper.TestCert }); var result = Saml2Binding.Get(Saml2BindingType.Artifact).Unbind(r, options); StubServer.LastArtifactResolutionWasSigned.Should().BeTrue(); }
public void Saml2ArtifactBinding_Unbind_FromGetWithoutRelayState() { var issuer = new EntityId("https://idp.example.com"); var artifact = Uri.EscapeDataString( Convert.ToBase64String( Saml2ArtifactBinding.CreateArtifact(issuer, 0x1234))); var r = new HttpRequestData( "GET", new Uri($"http://example.com/path/acs?SAMLart={artifact}")); StubServer.LastArtifactResolutionSoapActionHeader = null; var result = Saml2Binding.Get(Saml2BindingType.Artifact).Unbind(r, StubFactory.CreateOptions()); var xmlDocument = XmlHelpers.XmlDocumentFromString( "<message> <child-node /> </message>"); var expected = new UnbindResult(xmlDocument.DocumentElement, null, TrustLevel.None); result.Should().BeEquivalentTo(expected); }