public async Task ShouldReturnMethodNotAllowed()
{
var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
_relyingPartyStore,
_profileManager,
_keyManager,
_options
);
var middleware = new Saml20Middleware(
next: (innerHttpContext) =>
{
return(Task.CompletedTask);
},
_logger,
_relyingPartyStore,
responseGenerator,
new SamlResponseSerializer(),
_options
);
var context = new DefaultHttpContext();
context.Request.Path = "/saml20/";
context.Request.Method = "PUT";
context.Response.Body = new MemoryStream();
await middleware.Invoke(context);
Assert.Equal(405, context.Response.StatusCode);
}
public async Task ShouldReturnBadRequestWhenInvalidSAMLRequestInPOST()
{
var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
_relyingPartyStore,
_profileManager,
_keyManager,
_options
);
var middleware = new Saml20Middleware(
next: (innerHttpContext) =>
{
return(Task.CompletedTask);
},
_logger,
_relyingPartyStore,
responseGenerator,
new SamlResponseSerializer(),
_options
);
var context = new DefaultHttpContext();
context.Request.Path = "/saml20/";
context.Request.Method = "POST";
context.Request.Form = new FormCollection(new Dictionary <string, StringValues>());
context.Response.Body = new MemoryStream();
await middleware.Invoke(context);
Assert.Equal(400, context.Response.StatusCode);
}
public async Task ShouldGenerateSAMLResponseFromPOST()
{
var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
_relyingPartyStore,
_profileManager,
_keyManager,
_options
);
var middleware = new Saml20Middleware(
next: (innerHttpContext) =>
{
return(Task.CompletedTask);
},
_logger,
_relyingPartyStore,
responseGenerator,
new SamlResponseSerializer(),
_options
);
var context = new DefaultHttpContext();
var requestBody = new Dictionary <string, StringValues>();
requestBody.Add("SAMLRequest", new StringValues("PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz4NCjxzYW1scDpBdXRoblJlcXVlc3QgeG1sbnM6c2FtbHA9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpwcm90b2NvbCIgSUQ9ImlnZmtsb2xsa2Jvb2psYmhpZWluaGtuZm1nY2xkbWlhcGZnY2draGMiIFZlcnNpb249IjIuMCIgSXNzdWVJbnN0YW50PSIyMDIwLTA0LTA5VDEzOjU1OjMyWiIgUHJvdG9jb2xCaW5kaW5nPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YmluZGluZ3M6SFRUUC1QT1NUIiBQcm92aWRlck5hbWU9Imdvb2dsZS5jb20iIElzUGFzc2l2ZT0iZmFsc2UiIEFzc2VydGlvbkNvbnN1bWVyU2VydmljZVVSTD0iaHR0cHM6Ly9sb2NhbGhvc3QvdGVzdCI + PHNhbWw6SXNzdWVyIHhtbG5zOnNhbWw9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iPnVybjp0ZXN0PC9zYW1sOklzc3Vlcj48c2FtbHA6TmFtZUlEUG9saWN5IEFsbG93Q3JlYXRlPSJ0cnVlIiBGb3JtYXQ9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjEuMTpuYW1laWQtZm9ybWF0OnVuc3BlY2lmaWVkIiAvPjwvc2FtbHA6QXV0aG5SZXF1ZXN0Pg0K"));
context.Request.Form = new FormCollection(requestBody);
context.Request.ContentType = "application/x-www-form-urlencoded";
context.Request.Path = "/saml20/";
context.Request.Method = "POST";
context.Response.Body = new MemoryStream();
context.User = new ClaimsPrincipal(new List <ClaimsIdentity>
{
new ClaimsIdentity(new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, "john foo")
}, "federated")
});
await middleware.Invoke(context);
var body = ((MemoryStream)context.Response.Body).ToArray();
Assert.Equal(200, context.Response.StatusCode);
Assert.True(body.Length > 0);
}
public async Task ShouldGenerateSAMLResponseFromGet()
{
var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
_relyingPartyStore,
_profileManager,
_keyManager,
_options
);
var middleware = new Saml20Middleware(
next: (innerHttpContext) =>
{
return(Task.CompletedTask);
},
_logger,
_relyingPartyStore,
responseGenerator,
new SamlResponseSerializer(),
_options
);
var context = new DefaultHttpContext();
context.Request.Path = "/saml20/";
context.Request.QueryString = new QueryString("?SAMLRequest=fZJPT8MwDMXvSHyHKPeu3QAJorVogBCT%2BFNthQO3LHXbsDQucTrg25N2IMEBri%2FPfj87np%2B%2Ft4btwJFGm%2FLpJOEMrMJS2zrlj8V1dMrPs8ODOcnWdGLR%2B8au4LUH8ixUWhLjQ8p7ZwVK0iSsbIGEV2K9uLsVs0kiOoceFRrOllcp13W1NWjMdoP4YjaNBm2bra3aWpmy1bKralVvG8XZ0zfWbMBaEvWwtOSl9UFKZkmUHEfJWTE9Eicn4mj2zFn%2BlXSh7X6C%2F7A2exOJm6LIo%2FxhXYwNdroEdx%2FcKa8RawMThe0Qn0sivQtyJQ0BZwsicD4AXqKlvgW3BrfTCh5XtylvvO9IxLFBJU2D5GMfdsazcZFinMX92OD%2FpPI7iWeDbeg0j380yr6%2BZ6BeXuVotPpgC2Pw7dKB9AHZuz4QX6Nrpf87azqZjoouo2q0it5SB0pXGkrO4myf%2BvsOwnV8Ag%3D%3D");
context.Request.Method = "GET";
context.Response.Body = new MemoryStream();
context.User = new ClaimsPrincipal(new List <ClaimsIdentity>
{
new ClaimsIdentity(new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, "john foo")
}, "federated")
});
await middleware.Invoke(context);
var body = ((MemoryStream)context.Response.Body).ToArray();
Assert.Equal(200, context.Response.StatusCode);
Assert.True(body.Length > 0);
}
public async Task ShouldGenerateSAMLResponseFromIDPInitiated()
{
var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
_relyingPartyStore,
_profileManager,
_keyManager,
_options
);
var middleware = new Saml20Middleware(
next: (innerHttpContext) =>
{
return(Task.CompletedTask);
},
_logger,
_relyingPartyStore,
responseGenerator,
new SamlResponseSerializer(),
_options
);
var context = new DefaultHttpContext();
context.Request.Path = "/saml20/idpinitiated";
context.Request.QueryString = new QueryString("?realm=urn:test");
context.Request.Method = "GET";
context.Response.Body = new MemoryStream();
context.User = new ClaimsPrincipal(new List <ClaimsIdentity>
{
new ClaimsIdentity(new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, "john foo")
}, "federated")
});
await middleware.Invoke(context);
var body = ((MemoryStream)context.Response.Body).ToArray();
Assert.Equal(200, context.Response.StatusCode);
Assert.True(body.Length > 0);
}
public async Task ShouldRedirectIfUserNotAuthenticated()
{
var serviceProviderMock = new Mock <IServiceProvider>();
serviceProviderMock
.Setup(_ => _.GetService(typeof(IAuthenticationService)))
.Returns(new MyAuthenticationService());
var responseGenerator = new SignInResponseGenerator(new NullLogger <SignInResponseGenerator>(),
_relyingPartyStore,
_profileManager,
_keyManager,
_options
);
var middleware = new Saml20Middleware(
next: (innerHttpContext) =>
{
return(Task.CompletedTask);
},
_logger,
_relyingPartyStore,
responseGenerator,
new SamlResponseSerializer(),
_options
);
var context = new DefaultHttpContext
{
RequestServices = serviceProviderMock.Object
};
context.Request.Path = "/saml20/";
context.Request.QueryString = new QueryString("?SAMLRequest=fZJPT8MwDMXvSHyHKPeu3QAJorVogBCT%2BFNthQO3LHXbsDQucTrg25N2IMEBri%2FPfj87np%2B%2Ft4btwJFGm%2FLpJOEMrMJS2zrlj8V1dMrPs8ODOcnWdGLR%2B8au4LUH8ixUWhLjQ8p7ZwVK0iSsbIGEV2K9uLsVs0kiOoceFRrOllcp13W1NWjMdoP4YjaNBm2bra3aWpmy1bKralVvG8XZ0zfWbMBaEvWwtOSl9UFKZkmUHEfJWTE9Eicn4mj2zFn%2BlXSh7X6C%2F7A2exOJm6LIo%2FxhXYwNdroEdx%2FcKa8RawMThe0Qn0sivQtyJQ0BZwsicD4AXqKlvgW3BrfTCh5XtylvvO9IxLFBJU2D5GMfdsazcZFinMX92OD%2FpPI7iWeDbeg0j380yr6%2BZ6BeXuVotPpgC2Pw7dKB9AHZuz4QX6Nrpf87azqZjoouo2q0it5SB0pXGkrO4myf%2BvsOwnV8Ag%3D%3D");
context.Request.Method = "GET";
context.Response.Body = new MemoryStream();
await middleware.Invoke(context);
Assert.Equal(301, context.Response.StatusCode);
}
