public void ThrowsExceptionWhenAttributeStatementHasInvalidStatementType()
{
// Arrange
var validator = new DKSaml20AssertionValidator(AssertionUtil.GetAudiences(), false);
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var authzDecisionStatement = new AuthzDecisionStatement
{
Decision = DecisionType.Permit,
Resource = "http://safewhere.net",
Action = new[] { new Action() }
};
authzDecisionStatement.Action[0].Namespace = "http://actionns.com";
authzDecisionStatement.Action[0].Value = "value";
var statements = new List <StatementAbstract>(saml20Assertion.Items)
{
authzDecisionStatement
};
saml20Assertion.Items = statements.ToArray();
// Act
validator.ValidateAssertion(saml20Assertion);
}
public void CanValidateNameIdElementInQuirksMode()
{
// Arrange
var quirksModeValidator = new DKSaml20AssertionValidator(AssertionUtil.GetAudiences(), true);
var saml20Assertion = AssertionUtil.GetBasicAssertion();
saml20Assertion.Issuer = new NameId {
Value = "http://safewhere.net", Format = "http://example.com"
};
// Act
quirksModeValidator.ValidateAssertion(saml20Assertion);
}
public void ThrowsExceptionWhenAuthnStatementIsNotPresent()
{
// Arrange
var validator = new DKSaml20AssertionValidator(AssertionUtil.GetAudiences(), false);
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List <StatementAbstract>(saml20Assertion.Items);
statements.RemoveAll(stmnt => stmnt is AuthnStatement);
saml20Assertion.Items = statements.ToArray();
// Act
validator.ValidateAssertion(saml20Assertion);
}
public void ThrowsExceptionWhenConditionsAreInvalid()
{
// Arrange
var validator = new DKSaml20AssertionValidator(AssertionUtil.GetAudiences(), false);
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var conditions = new List <ConditionAbstract>(saml20Assertion.Conditions.Items);
var index = conditions.FindIndex(cond => cond is AudienceRestriction);
conditions.RemoveAt(index);
// Add another condition to avoid an empty list of conditions.
conditions.Add(new OneTimeUse());
saml20Assertion.Conditions.Items = conditions;
// Act
validator.ValidateAssertion(saml20Assertion);
}
public void Issuer_Element_QuirksMode()
{
Assertion saml20Assertion = AssertionUtil.GetBasicAssertion();
Assert.IsNotNull(saml20Assertion.Issuer);
saml20Assertion.Issuer = new NameID();
saml20Assertion.Issuer.Value = "http://safewhere.net";
saml20Assertion.Issuer.Format = "http://example.com";
DKSaml20AssertionValidator quirksModeValidator = new DKSaml20AssertionValidator(AssertionUtil.GetAudiences(), true);
try
{
quirksModeValidator.ValidateAssertion(saml20Assertion);
}
catch (Exception e)
{
Assert.That(false, "The above validation should not fail in quirksMode: " + e.ToString());
}
}
public DKSAML20ProfileValidationTest()
{
_validator = new DKSaml20AssertionValidator(AssertionUtil.GetAudiences(), false);
}
