public void RoundTripTokens(SamlRoundTripTheoryData theoryData) { var context = TestUtilities.WriteHeader($"{this}.RoundTripTokens", theoryData); if (theoryData.PropertiesToIgnoreWhenComparing.Count > 0) { throw new TestException("This test should not ignore any properties."); } try { var samlToken = theoryData.Handler.CreateToken(theoryData.TokenDescriptor); var token = theoryData.Handler.WriteToken(samlToken); var principal = theoryData.Handler.ValidateToken(token, theoryData.ValidationParameters, out SecurityToken validatedToken); ClaimsPrincipal principal2 = null; ClaimsPrincipal principal3 = null; ClaimsPrincipal principal4 = null; SecurityToken validatedToken2 = null; SecurityToken validatedToken3 = null; SecurityToken validatedToken4 = null; if (theoryData.Handler is SamlSecurityTokenHandler samlTokenHandler) { principal2 = samlTokenHandler.ValidateToken(XmlUtilities.CreateXmlReader(token), theoryData.ValidationParameters, out validatedToken2); principal3 = samlTokenHandler.ValidateToken(XmlUtilities.CreateDictionaryReader(token), theoryData.ValidationParameters, out validatedToken3); principal4 = theoryData.Handler.ValidateToken((validatedToken as SamlSecurityToken).Assertion.CanonicalString, theoryData.ValidationParameters, out validatedToken4); } if (theoryData.Handler is Saml2SecurityTokenHandler saml2TokenHandler) { principal2 = saml2TokenHandler.ValidateToken(XmlUtilities.CreateXmlReader(token), theoryData.ValidationParameters, out validatedToken2); principal3 = saml2TokenHandler.ValidateToken(XmlUtilities.CreateDictionaryReader(token), theoryData.ValidationParameters, out validatedToken3); principal4 = theoryData.Handler.ValidateToken((validatedToken as Saml2SecurityToken).Assertion.CanonicalString, theoryData.ValidationParameters, out validatedToken4); } // ensure the SamlAssertion.CanonicalString can be validated needed for OnBehalfOf flows. var principal5 = theoryData.Handler.ValidateToken((principal.Identity as ClaimsIdentity).BootstrapContext as string, theoryData.ValidationParameters, out SecurityToken validatedToken5); IdentityComparer.AreEqual(validatedToken, validatedToken2, context); IdentityComparer.AreEqual(validatedToken, validatedToken3, context); IdentityComparer.AreEqual(validatedToken, validatedToken4, context); IdentityComparer.AreEqual(validatedToken, validatedToken5, context); IdentityComparer.AreEqual(principal, principal2, context); IdentityComparer.AreEqual(principal, principal3, context); IdentityComparer.AreEqual(principal, principal4, context); IdentityComparer.AreEqual(principal, principal5, context); theoryData.ExpectedException.ProcessNoException(context); } catch (Exception ex) { theoryData.ExpectedException.ProcessException(ex, context); } TestUtilities.AssertFailIfErrors(context); }
public void ReadAssertion(Saml2TheoryData theoryData) { var context = TestUtilities.WriteHeader($"{this}.ReadAssertion", theoryData); try { var reader = XmlUtilities.CreateXmlReader(theoryData.Xml); var assertion = (theoryData.Saml2Serializer as Saml2SerializerPublic).ReadAssertionPublic(reader); theoryData.ExpectedException.ProcessNoException(context); IdentityComparer.AreEqual(assertion, theoryData.Assertion, context); } catch (Exception ex) { theoryData.ExpectedException.ProcessException(ex, context); } TestUtilities.AssertFailIfErrors(context); }