public void AttributeStatement_Invalid_Statementtype() { Assertion saml20Assertion = AssertionUtil.GetBasicAssertion(); AuthzDecisionStatement authzDecisionStatement = new AuthzDecisionStatement(); authzDecisionStatement.Decision = DecisionType.Permit; authzDecisionStatement.Resource = "http://safewhere.net"; authzDecisionStatement.Action = new Action[] { new Action() }; authzDecisionStatement.Action[0].Namespace = "http://actionns.com"; authzDecisionStatement.Action[0].Value = "value"; List<StatementAbstract> statements = new List<StatementAbstract>(saml20Assertion.Items); statements.Add(authzDecisionStatement); saml20Assertion.Items = statements.ToArray(); new Saml20Assertion(AssertionUtil.ConvertAssertion(saml20Assertion).DocumentElement, null, false); }
public void AuthzDecisionStatement_Valid_Resources() { AuthzDecisionStatement statement = new AuthzDecisionStatement(); Saml20StatementValidator validator = new Saml20StatementValidator(); statement.Resource = String.Empty; Action action = new Action(); action.Namespace = "http://valid/namespace"; statement.Action = new Action[] { action }; validator.ValidateStatement(statement); statement.Resource = "urn:valid.ok:askjld"; validator.ValidateStatement(statement); }
public void AuthzDecisionStatement_Invalid_MalformedResource() { AuthzDecisionStatement statement = new AuthzDecisionStatement(); Saml20StatementValidator validator = new Saml20StatementValidator(); statement.Resource = "a malformed uri"; validator.ValidateStatement(statement); }
public void AuthzDecisionStatement_Invalid_Resource() { AuthzDecisionStatement statement = new AuthzDecisionStatement(); Saml20StatementValidator validator = new Saml20StatementValidator(); statement.Resource = null; validator.ValidateStatement(statement); }
/// <summary> /// [SAML2.0std] section 2.7.4 /// </summary> private void ValidateAuthzDecisionStatement(AuthzDecisionStatement statement) { // This has type anyURI, and can be empty (special case in the standard), but not null. if (statement.Resource == null) throw new Saml20FormatException("Resource attribute of AuthzDecisionStatement is REQUIRED"); // If it is not empty, it MUST BE a valid URI if (statement.Resource.Length > 0 && !Uri.IsWellFormedUriString(statement.Resource, UriKind.Absolute)) throw new Saml20FormatException("Resource attribute of AuthzDecisionStatement has a value which is not a wellformed absolute uri"); // NOTE: Decision property validation is done implicitly be the deserializer since it is represented by an enumeration if (statement.Action == null || statement.Action.Length == 0) throw new Saml20FormatException("At least one Action subelement must be present for an AuthzDecisionStatement element"); foreach (my.Action action in statement.Action) { // NOTE: [SAML2.0std] claims that the Namespace is [Optional], but according to the schema definition (and Geneva) // NOTE: it has use="required" if (!Saml20Utils.ValidateRequiredString(action.Namespace)) throw new Saml20FormatException("Namespace attribute of Action element must contain at least one non-whitespace character"); if (!Uri.IsWellFormedUriString(action.Namespace, UriKind.Absolute)) throw new Saml20FormatException("Namespace attribute of Action element has a value which is not a wellformed absolute uri"); } }