public void LogoutRequestType_test_test() { //ARRANGE var requestUri = new Uri("http://localhost:59611/"); var federationPartyContextBuilder = new FederationPartyContextBuilderMock(); var federationContex = federationPartyContextBuilder.BuildContext("local"); var logoutContext = new SamlLogoutContext(new Uri(Reasons.User), new System.IdentityModel.Tokens.Saml2NameIdentifier("testUser", new Uri(NameIdentifierFormats.Persistent)), "local"); var authnRequestContext = new LogoutRequestContext(requestUri, new Uri("http://localhost"), federationContex, logoutContext); var types = ReflectionHelper.GetAllTypes(t => !t.IsAbstract && !t.IsInterface && typeof(RequestAbstract).IsAssignableFrom(t)); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger) as IRequestSerialiser; RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetLogoutRequestBuildersFactory(); var logoutRequest = RequestHelper.BuildRequest(authnRequestContext); var typeResolver = new MessageTypeResolver(); //ACT var serialised = serialiser.Serialize(logoutRequest); var type = typeResolver.ResolveMessageType(serialised, types); //ASSERT Assert.AreEqual(typeof(LogoutRequest), type); }
public void AuthnRequestSerialiser_test() { //ARRANGE var requestUri = new Uri("http://localhost:59611/"); var federationPartyContextBuilder = new FederationPartyContextBuilderMock(); var federationContex = federationPartyContextBuilder.BuildContext("local"); var supportedNameIdentifierFormats = new List <Uri> { new Uri(NameIdentifierFormats.Transient) }; var authnRequestContext = new AuthnRequestContext(requestUri, new Uri("http://localhost"), federationContex, supportedNameIdentifierFormats); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger) as ISerializer; RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetAuthnRequestBuildersFactory(); var authnRequest = RequestHelper.BuildRequest(authnRequestContext); //ACT var serialised = serialiser.Serialize(authnRequest); var deserialised = serialiser.Deserialize <AuthnRequest>(serialised); //ASSERT Assert.NotNull(serialised); Assert.AreEqual(authnRequest.Issuer.Value, deserialised.Issuer.Value); }
public async Task ParseLogoutRequest_post_binding() { //ARRANGE var form = await SamlPostRequestProviderMock.BuildLogoutRequestPostForm(); Func <Type, IMetadataHandler> metadataHandlerFactory = t => new MetadataEntitityDescriptorHandler(); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger) as IRequestSerialiser; var certManager = new CertificateManager(logger); var signatureManager = new XmlSignatureManager(); Func <IEnumerable <RequestValidationRule> > rulesResolver = () => new[] { new SignatureValidRule(logger, certManager, signatureManager) }; var requestValidator = new Federation.Protocols.Request.Validation.RequestValidator(logger, new RuleFactory(rulesResolver)); var configurationRetrieverMock = new ConfigurationRetrieverMock(); var federationPartyContextBuilderMock = new FederationPartyContextBuilderMock(); var configurationManger = new ConfigurationManager <MetadataBase>(federationPartyContextBuilderMock, configurationRetrieverMock); var requestParser = new RequestParser(metadataHandlerFactory, t => new LogoutRequestParser(serialiser, logger), configurationManger, logger, requestValidator); var postBindingDecoder = new PostBindingDecoder(logger); var message = await postBindingDecoder.Decode(form.HiddenControls.ToDictionary(k => k.Key, v => v.Value)); var context = new SamlInboundContext { Message = message, DescriptorResolver = m => metadataHandlerFactory(typeof(object)).GetIdentityProviderSingleSignOnDescriptor(m).Single().Roles.Single() }; //ACT var result = await requestParser.Parse(context); //ASSERT Assert.IsTrue(result.IsValidated); Assert.IsInstanceOf <LogoutRequest>(result.SamlRequest); }
public void AuthnRequestType_test() { //ARRANGE var requestUri = new Uri("http://localhost:59611/"); var federationPartyContextBuilder = new FederationPartyContextBuilderMock(); var federationContex = federationPartyContextBuilder.BuildContext("local"); var supportedNameIdentifierFormats = new List <Uri> { new Uri(NameIdentifierFormats.Transient) }; var authnRequestContext = new AuthnRequestContext(requestUri, new Uri("http://localhost"), federationContex, supportedNameIdentifierFormats); var types = ReflectionHelper.GetAllTypes(t => !t.IsAbstract && !t.IsInterface && typeof(RequestAbstract).IsAssignableFrom(t)); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger) as IRequestSerialiser; RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetAuthnRequestBuildersFactory(); var authnRequest = RequestHelper.BuildRequest(authnRequestContext); var typeResolver = new MessageTypeResolver(); //ACT var serialised = serialiser.Serialize(authnRequest); var type = typeResolver.ResolveMessageType(serialised, types); //ASSERT Assert.AreEqual(typeof(AuthnRequest), type); }
public static async Task <SAMLForm> BuildRequestBindingContext(RequestContext requestContext) { string url = String.Empty; var builders = new List <IPostClauseBuilder>(); requestContext.RelyingState.Add("relayState", "Test state"); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger); var xmlSinatureManager = new XmlSignatureManager(); RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetAuthnRequestBuildersFactory(); var authnBuilder = new SamlRequestBuilder(serialiser); builders.Add(authnBuilder); //relay state builder var jsonSerialiser = new NSJsonSerializer(new DefaultSettingsProvider()); var relayStateSerialiser = new RelaystateSerialiser(jsonSerialiser, encoder, logger) as IRelayStateSerialiser; var relayStateBuilder = new RelayStateBuilder(relayStateSerialiser); builders.Add(relayStateBuilder); //signature builder var certificateManager = new CertificateManager(logger); var signatureBuilder = new SignatureBuilder(certificateManager, logger, xmlSinatureManager); builders.Add(signatureBuilder); var bindingContext = new RequestPostBindingContext(requestContext); foreach (var b in builders) { await b.Build(bindingContext); } var form = new SAMLForm(); var request = bindingContext.RequestParts[HttpRedirectBindingConstants.SamlRequest]; var base64Encoded = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(request)); var relyingStateSerialised = bindingContext.RequestParts[HttpRedirectBindingConstants.RelayState]; form.ActionURL = bindingContext.DestinationUri.AbsoluteUri; form.SetRequest(base64Encoded); form.SetRelatState(relyingStateSerialised); return(form); }
public static async Task <RequestBindingContext> BuildRequestBindingContext(RequestContext requestContext) { string url = String.Empty; var builders = new List <IRedirectClauseBuilder>(); requestContext.RelyingState.Add("relayState", "Test state"); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger); RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetAuthnRequestBuildersFactory(); var authnBuilder = new SamlRequestBuilder(serialiser); builders.Add(authnBuilder); //request compression builder var encodingBuilder = new RequestEncoderBuilder(encoder); builders.Add(encodingBuilder); //relay state builder var jsonSerialiser = new NSJsonSerializer(new DefaultSettingsProvider()); var relayStateSerialiser = new RelaystateSerialiser(jsonSerialiser, encoder, logger) as IRelayStateSerialiser; var relayStateBuilder = new RelayStateBuilder(relayStateSerialiser); builders.Add(relayStateBuilder); //signature builder var certificateManager = new CertificateManager(logger); var signatureBuilder = new SignatureBuilder(certificateManager, logger); builders.Add(signatureBuilder); var bindingContext = new RequestBindingContext(requestContext); foreach (var b in builders) { await b.Build(bindingContext); } return(bindingContext); }
public async Task Post_end_to_end_test() { //ARRANGE var isValid = false; string url = String.Empty; IDictionary <string, object> relayState = null; var builders = new List <IPostClauseBuilder>(); var requestUri = new Uri("http://localhost:59611/"); var federationPartyContextBuilder = new FederationPartyContextBuilderMock(); var federationContex = federationPartyContextBuilder.BuildContext("local"); var spDescriptor = federationContex.MetadataContext.EntityDesriptorConfiguration.SPSSODescriptors.First(); var certContext = spDescriptor.KeyDescriptors.Where(x => x.Use == KeyUsage.Signing && x.IsDefault) .Select(x => x.CertificateContext) .First(); var supportedNameIdentifierFormats = new List <Uri> { new Uri(NameIdentifierFormats.Transient) }; var authnRequestContext = new AuthnRequestContext(requestUri, new Uri("http://localhost"), federationContex, supportedNameIdentifierFormats); authnRequestContext.RelyingState.Add("relayState", "Test state"); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger); RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetAuthnRequestBuildersFactory(); var authnBuilder = new SamlRequestBuilder(serialiser); builders.Add(authnBuilder); //relay state builder var jsonSerialiser = new NSJsonSerializer(new DefaultSettingsProvider()); var relayStateSerialiser = new RelaystateSerialiser(jsonSerialiser, encoder, logger) as IRelayStateSerialiser; var relayStateBuilder = new RelayStateBuilder(relayStateSerialiser); builders.Add(relayStateBuilder); //signature builder var certificateManager = new CertificateManager(logger); var xmlSinatureManager = new XmlSignatureManager(); var signatureBuilder = new SignatureBuilder(certificateManager, logger, xmlSinatureManager); builders.Add(signatureBuilder); //context var outboundContext = new HttpPostRequestContext(new SAMLForm()) { BindingContext = new RequestPostBindingContext(authnRequestContext), DespatchDelegate = form => { url = form.ActionURL; var request = ((SAMLForm)form).HiddenControls[HttpRedirectBindingConstants.SamlRequest]; var state = ((SAMLForm)form).HiddenControls[HttpRedirectBindingConstants.RelayState]; var task = relayStateSerialiser.Deserialize(state); task.Wait(); relayState = task.Result as IDictionary <string, object>; var cert = certificateManager.GetCertificateFromContext(certContext); isValid = this.VerifySignature(request, cert); return(Task.CompletedTask); } }; //dispatcher var dispatcher = new PostRequestDispatcher(() => builders, logger); //ACT await dispatcher.SendAsync(outboundContext); //ASSERT Assert.AreEqual(url, requestUri.AbsoluteUri); Assert.IsTrue(Enumerable.SequenceEqual(relayState, authnRequestContext.RelyingState)); Assert.IsTrue(isValid); }
public async Task DecodeTest() { string url = String.Empty; var builders = new List <IRedirectClauseBuilder>(); var requestUri = new Uri("http://localhost:59611/"); var federationPartyContextBuilder = new FederationPartyContextBuilderMock(); var federationContex = federationPartyContextBuilder.BuildContext("local"); var spDescriptor = federationContex.MetadataContext.EntityDesriptorConfiguration.SPSSODescriptors.First(); var certContext = spDescriptor.KeyDescriptors.Where(x => x.Use == KeyUsage.Signing && x.IsDefault) .Select(x => x.CertificateContext) .First(); var supportedNameIdentifierFormats = new List <Uri> { new Uri(NameIdentifierFormats.Transient) }; var authnRequestContext = new AuthnRequestContext(requestUri, new Uri("http://localhost"), federationContex, supportedNameIdentifierFormats); authnRequestContext.RelyingState.Add("relayState", "Test state"); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger); RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetAuthnRequestBuildersFactory(); var authnBuilder = new SamlRequestBuilder(serialiser); builders.Add(authnBuilder); //request compression builder var encodingBuilder = new RequestEncoderBuilder(encoder); builders.Add(encodingBuilder); //relay state builder var jsonSerialiser = new NSJsonSerializer(new DefaultSettingsProvider()); var relayStateSerialiser = new RelaystateSerialiser(jsonSerialiser, encoder, logger) as IRelayStateSerialiser; var relayStateBuilder = new RelayStateBuilder(relayStateSerialiser); builders.Add(relayStateBuilder); //signature builder var certificateManager = new CertificateManager(logger); var signatureBuilder = new SignatureBuilder(certificateManager, logger); builders.Add(signatureBuilder); var bindingContext = new RequestBindingContext(authnRequestContext); foreach (var b in builders) { await b.Build(bindingContext); } var decoder = new RedirectBindingDecoder(logger, encoder); //ACT var message = await decoder.Decode(bindingContext.GetDestinationUrl()); var stateFromResult = message.Elements[HttpRedirectBindingConstants.RelayState]; var requestFromContext = bindingContext.RequestParts[HttpRedirectBindingConstants.SamlRequest]; var decoded = await encoder.DecodeMessage(requestFromContext); //ASSERT Assert.IsNotNull(stateFromResult); Assert.AreEqual(bindingContext.RequestParts[HttpRedirectBindingConstants.RelayState], message.Elements[HttpRedirectBindingConstants.RelayState]); Assert.AreEqual(decoded, message.Elements[HttpRedirectBindingConstants.SamlRequest]); }
public async Task Redirect_end_to_end_test() { //ARRANGE var isValid = false; string url = String.Empty; var builders = new List <IRedirectClauseBuilder>(); var requestUri = new Uri("http://localhost:59611/"); var federationPartyContextBuilder = new FederationPartyContextBuilderMock(); var federationContex = federationPartyContextBuilder.BuildContext("local"); var spDescriptor = federationContex.MetadataContext.EntityDesriptorConfiguration.SPSSODescriptors.First(); var certContext = spDescriptor.KeyDescriptors.Where(x => x.Use == KeyUsage.Signing && x.IsDefault) .Select(x => x.CertificateContext) .First(); var supportedNameIdentifierFormats = new List <Uri> { new Uri(NameIdentifierFormats.Transient) }; var authnRequestContext = new AuthnRequestContext(requestUri, new Uri("http://localhost"), federationContex, supportedNameIdentifierFormats); authnRequestContext.RelyingState.Add("relayState", "Test state"); var xmlSerialiser = new XMLSerialiser(); var compressor = new DeflateCompressor(); var encoder = new MessageEncoding(compressor); var logger = new LogProviderMock(); var serialiser = new RequestSerialiser(xmlSerialiser, encoder, logger); RequestHelper.GetAuthnRequestBuilders = AuthnRequestBuildersFactoryMock.GetAuthnRequestBuildersFactory(); var authnBuilder = new SamlRequestBuilder(serialiser); builders.Add(authnBuilder); //request compression builder var encodingBuilder = new RequestEncoderBuilder(encoder); builders.Add(encodingBuilder); //relay state builder var jsonSerialiser = new NSJsonSerializer(new DefaultSettingsProvider()); var relayStateSerialiser = new RelaystateSerialiser(jsonSerialiser, encoder, logger) as IRelayStateSerialiser; var relayStateBuilder = new RelayStateBuilder(relayStateSerialiser); builders.Add(relayStateBuilder); //signature builder var certificateManager = new CertificateManager(logger); var signatureBuilder = new SignatureBuilder(certificateManager, logger); builders.Add(signatureBuilder); //context var outboundContext = new HttpRedirectRequestContext { BindingContext = new RequestBindingContext(authnRequestContext), DespatchDelegate = redirectUri => { url = redirectUri.GetLeftPart(UriPartial.Path); var query = redirectUri.Query.TrimStart('?'); var cert = certificateManager.GetCertificateFromContext(certContext); isValid = this.VerifySignature(query, cert, certificateManager); return(Task.CompletedTask); } }; //dispatcher var dispatcher = new RedirectRequestDispatcher(() => builders); //ACT await dispatcher.SendAsync(outboundContext); //ASSERT Assert.AreEqual(url, requestUri.AbsoluteUri); Assert.IsTrue(isValid); }