public void ProcessResponse_WrongFormat_FederatedAuthenticationException()
{
// Arrange
const string password = "******";
const string claimType = "Username";
const string userName = "******";
var certificate = File.ReadAllBytes("Certificates\\samlTestCertificate.pfx");
var signingCert = new X509Certificate2(certificate, password);
var securityToken = SamlUtilities.CreateSaml2SecurityToken(certificate, "blueprint", new Claim(claimType, userName));
var samltoken = SamlUtilities.Serialize(securityToken);
samltoken = samltoken.Replace("Assertion", "FakeAssertion");
var samlRepository = new SamlRepository();
var fedAuthSettingsMock = new Mock <IFederatedAuthenticationSettings>();
fedAuthSettingsMock.SetupGet(p => p.NameClaimType).Returns(claimType);
fedAuthSettingsMock.SetupGet(p => p.Certificate).Returns(signingCert);
// Act
try
{
samlRepository.ProcessResponse(samltoken, fedAuthSettingsMock.Object);
}
// Assert
catch (FederatedAuthenticationException e)
{
Assert.AreEqual(FederatedAuthenticationErrorCode.WrongFormat, e.ErrorCode);
}
catch
{
Assert.Fail();
}
}
public void ProcessEncodedResponse_Success()
{
// Arrange
const string password = "******";
const string claimType = "Username";
const string userName = "******";
var certificate = File.ReadAllBytes("Certificates\\samlTestCertificate.pfx");
var signingCert = new X509Certificate2(certificate, password);
var securityToken = SamlUtilities.CreateSaml2SecurityToken(certificate, password, new Claim(claimType, userName));
var samltoken = SamlUtilities.Serialize(securityToken);
var encodedSamltoken = HttpUtility.HtmlEncode(Convert.ToBase64String(Encoding.UTF8.GetBytes(samltoken)));
var samlRepository = new SamlRepository();
var fedAuthSettingsMock = new Mock <IFederatedAuthenticationSettings>();
fedAuthSettingsMock.SetupGet(p => p.NameClaimType).Returns(claimType);
fedAuthSettingsMock.SetupGet(p => p.Certificate).Returns(signingCert);
// Act
var result = samlRepository.ProcessEncodedResponse(encodedSamltoken, fedAuthSettingsMock.Object);
// Assert
Assert.IsTrue(result.Identity.IsAuthenticated);
Assert.AreEqual(userName, result.Identity.Name);
}
public void GetIssuerName_InvalidToken_Failure()
{
// Arrange
var issuerNameRegistry = new SamlIssuerNameRegistry(_signingCert);
var securityToken = SamlUtilities.CreateSaml2SecurityToken(_certificate, Password);
// Act
try
{
issuerNameRegistry.GetIssuerName(securityToken);
}
// Assert
catch (SecurityTokenValidationException e)
{
Assert.AreEqual("Invalid token.", e.Message);
}
catch
{
Assert.Fail();
}
}
