public void ThrowsExceptionWhenSubjectConfirmationHasWrongMethod() { // Arrange var subjectConfirmation = new SubjectConfirmation { Method = "malformed uri" }; var validator = new Saml20SubjectConfirmationValidator(); // Act validator.ValidateSubjectConfirmation(subjectConfirmation); }
public void ThrowsExceptionWhenSubjectConfirmationDataDoesNotContainKeyInfo() { // Arrange var subjectConfirmation = new SubjectConfirmation { Method = Saml20Constants.SubjectConfirmationMethods.HolderOfKey, SubjectConfirmationData = new SubjectConfirmationData() }; var validator = new Saml20SubjectConfirmationValidator(); // Act validator.ValidateSubjectConfirmation(subjectConfirmation); }
/// <summary> /// Validates the subject confirmation. /// </summary> /// <param name="subjectConfirmation">The subject confirmation.</param> public void ValidateSubjectConfirmation(SubjectConfirmation subjectConfirmation) { if (subjectConfirmation == null) { throw new ArgumentNullException("subjectConfirmation"); } if (!Saml20Utils.ValidateRequiredString(subjectConfirmation.Method)) { throw new Saml20FormatException("Method attribute of SubjectConfirmation MUST contain at least one non-whitespace character"); } if (!Uri.IsWellFormedUriString(subjectConfirmation.Method, UriKind.Absolute)) { throw new Saml20FormatException("SubjectConfirmation element has Method attribute which is not a wellformed absolute uri."); } if (subjectConfirmation.Method == Saml20Constants.SubjectConfirmationMethods.HolderOfKey) { _keyInfoValidator.ValidateKeyInfo(subjectConfirmation.SubjectConfirmationData); } if (subjectConfirmation.Item != null) { if (subjectConfirmation.Item is NameId) { _nameIdValidator.ValidateNameId((NameId)subjectConfirmation.Item); } else if (subjectConfirmation.Item is EncryptedElement) { _nameIdValidator.ValidateEncryptedId((EncryptedElement)subjectConfirmation.Item); } else { throw new Saml20FormatException(string.Format("Identifier of type {0} is not supported for SubjectConfirmation", subjectConfirmation.Item.GetType())); } } else if (subjectConfirmation.SubjectConfirmationData != null) { _subjectConfirmationDataValidator.ValidateSubjectConfirmationData(subjectConfirmation.SubjectConfirmationData); } }
/// <summary> /// Assembles our basic test assertion /// </summary> /// <returns>The <see cref="Assertion"/>.</returns> public static Assertion GetBasicAssertion() { var assertion = new Assertion { Issuer = new NameId(), Id = "_b8977dc86cda41493fba68b32ae9291d", IssueInstant = DateTime.UtcNow, Version = "2.0" }; assertion.Issuer.Value = GetBasicIssuer(); assertion.Subject = new Subject(); var subjectConfirmation = new SubjectConfirmation { Method = SubjectConfirmation.BearerMethod, SubjectConfirmationData = new SubjectConfirmationData { NotOnOrAfter = new DateTime(2008, 12, 31, 12, 0, 0, 0), Recipient = "http://borger.dk" } }; assertion.Subject.Items = new object[] { subjectConfirmation }; assertion.Conditions = new Conditions { NotOnOrAfter = new DateTime(2008, 12, 31, 12, 0, 0, 0) }; var audienceRestriction = new AudienceRestriction { Audience = GetAudiences().Select(u => u.ToString()).ToList() }; assertion.Conditions.Items = new List<ConditionAbstract>(new ConditionAbstract[] { audienceRestriction }); AuthnStatement authnStatement; { authnStatement = new AuthnStatement(); assertion.Items = new StatementAbstract[] { authnStatement }; authnStatement.AuthnInstant = new DateTime(2008, 1, 8); authnStatement.SessionIndex = "70225885"; authnStatement.AuthnContext = new AuthnContext { Items = new object[] { "urn:oasis:names:tc:SAML:2.0:ac:classes:X509", "http://www.safewhere.net/authncontext/declref" }, ItemsElementName = new[] { AuthnContextType.AuthnContextClassRef, AuthnContextType.AuthnContextDeclRef } }; } AttributeStatement attributeStatement; { attributeStatement = new AttributeStatement(); var surName = new SamlAttribute { FriendlyName = "SurName", Name = "urn:oid:2.5.4.4", NameFormat = SamlAttribute.NameformatUri, AttributeValue = new[] { "Fry" } }; var commonName = new SamlAttribute { FriendlyName = "CommonName", Name = "urn:oid:2.5.4.3", NameFormat = SamlAttribute.NameformatUri, AttributeValue = new[] { "Philip J. Fry" } }; var userName = new SamlAttribute { Name = "urn:oid:0.9.2342.19200300.100.1.1", NameFormat = SamlAttribute.NameformatUri, AttributeValue = new[] { "fry" } }; var email = new SamlAttribute { FriendlyName = "Email", Name = "urn:oid:0.9.2342.19200300.100.1.3", NameFormat = SamlAttribute.NameformatUri, AttributeValue = new[] { "*****@*****.**" } }; attributeStatement.Items = new object[] { surName, commonName, userName, email }; } assertion.Items = new StatementAbstract[] { authnStatement, attributeStatement }; return assertion; }
public void ValidatesSubjectConfirmationData_Method_HolderOfKey_Valid() { // Arrange var subjectConfirmation = new SubjectConfirmation { Method = Saml20Constants.SubjectConfirmationMethods.HolderOfKey, SubjectConfirmationData = new SubjectConfirmationData() }; var doc = new XmlDocument(); var elem = doc.CreateElement("ds", "KeyInfo", Saml20Constants.Xmldsig); elem.AppendChild(doc.CreateElement("lalala")); subjectConfirmation.SubjectConfirmationData.AnyElements = new[] { elem }; var validator = new Saml20SubjectConfirmationValidator(); // Act validator.ValidateSubjectConfirmation(subjectConfirmation); }