//ExpectedMessage = "Type attribute of EncryptedData MUST have value " + Saml20Constants.Xenc + "Element" + " if it is present")]
public void ThrowsExceptionWhenXmlAttributeStatementEncryptedAttributeWrongType()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List <StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attributes = new List <object>(attributeStatments.Items);
var ee = new EncryptedElement
{
EncryptedData = new EncryptedData
{
Type = "SomeWrongType"
}
};
attributes.Add(ee);
attributeStatments.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
// Act
Assert.Throws(typeof(Saml20FormatException), () =>
{
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
});
}
public void ThrowsExceptionWhenXmlAttributeStatementEncryptedAttributeWithNoData()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List <StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attributes = new List <object>(attributeStatments.Items);
var ee = new EncryptedElement();
attributes.Add(ee);
attributeStatments.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
// Act
var assertion = new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false, TestConfiguration.Configuration);
}
public void ThrowsExceptionWhenXmlAttributeStatementEncryptedAttributeWithNoData()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List<StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attributes = new List<object>(attributeStatments.Items);
var ee = new EncryptedElement();
attributes.Add(ee);
attributeStatments.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"An EncryptedAttribute MUST contain an xenc:EncryptedData element");
}
public void AttributeStatement_Invalid_EncryptedAttribute_DKSaml20()
{
Assertion saml20Assertion = AssertionUtil.GetBasicAssertion();
List <StatementAbstract> statements = new List <StatementAbstract>(saml20Assertion.Items);
AttributeStatement sas = GetAttributeStatement(statements);
List <object> attributes = new List <object>(sas.Items);
EncryptedElement ee = new EncryptedElement();
ee.encryptedData = new EncryptedData();
ee.encryptedData.Type = Saml20Constants.XENC + "Element";
attributes.Add(ee);
sas.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
XmlDocument doc = AssertionUtil.ConvertAssertion(saml20Assertion);
new Saml20Assertion(doc.DocumentElement, null, false);
}
public void ValidateEncryptedElement(EncryptedElement encryptedElement, string parentNodeName)
{
if (encryptedElement == null)
{
throw new ArgumentNullException("encryptedElement");
}
if (encryptedElement.encryptedData == null)
{
throw new Saml20FormatException(String.Format("An {0} MUST contain an xenc:EncryptedData element", parentNodeName));
}
if (encryptedElement.encryptedData.Type != null &&
!String.IsNullOrEmpty(encryptedElement.encryptedData.Type) &&
encryptedElement.encryptedData.Type != Saml20Constants.XENC + "Element")
{
throw new Saml20FormatException(String.Format("Type attribute of EncryptedData MUST have value {0} if it is present", Saml20Constants.XENC + "Element"));
}
}
/// <summary>
/// Validates the encrypted element.
/// </summary>
/// <param name="encryptedElement">The encrypted element.</param>
/// <param name="parentNodeName">Name of the parent node.</param>
public void ValidateEncryptedElement(EncryptedElement encryptedElement, string parentNodeName)
{
if (encryptedElement == null)
{
throw new ArgumentNullException("encryptedElement");
}
if (encryptedElement.EncryptedData == null)
{
throw new Saml20FormatException($"An {parentNodeName} MUST contain an xenc:EncryptedData element");
}
if (encryptedElement.EncryptedData.Type != null &&
!string.IsNullOrEmpty(encryptedElement.EncryptedData.Type) &&
encryptedElement.EncryptedData.Type != $"{Saml20Constants.Xenc}Element")
{
throw new Saml20FormatException($"Type attribute of EncryptedData MUST have value {Saml20Constants.Xenc}Element if it is present");
}
}
public void ThrowsExceptionWhenAttributeStatementIsEncrypted()
{
// Arrange
var validator = new DKSaml20StatementValidator();
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List <StatementAbstract>(saml20Assertion.Items);
var sas = GetAttributeStatement(statements);
var attributes = new List <object>(sas.Items);
var ee = new EncryptedElement {
EncryptedData = new EncryptedData {
Type = Saml20Constants.Xenc + "Element"
}
};
attributes.Add(ee);
sas.Items = attributes.ToArray();
// Act
validator.ValidateStatement(sas);
}
public void ThrowsExceptionWhenXmlAttributeStatementEncryptedAttributeWrongType()
{
// Arrange
var saml20Assertion = AssertionUtil.GetBasicAssertion();
var statements = new List<StatementAbstract>(saml20Assertion.Items);
var attributeStatments = (AttributeStatement)statements.Find(x => x is AttributeStatement);
var attributes = new List<object>(attributeStatments.Items);
var ee = new EncryptedElement
{
EncryptedData = new EncryptedData
{
Type = "SomeWrongType"
}
};
attributes.Add(ee);
attributeStatments.Items = attributes.ToArray();
saml20Assertion.Items = statements.ToArray();
// Act
Assert.Throws<Saml20FormatException>(() => new Saml20Assertion(AssertionUtil.ConvertAssertionToXml(saml20Assertion).DocumentElement, null, false),
"Type attribute of EncryptedData MUST have value " + Saml20Constants.Xenc + "Element" + " if it is present");
}
public void AttributeStatement_Element()
{
Predicate <StatementAbstract> findAttributeStatement =
delegate(StatementAbstract stmnt) { return(stmnt is AttributeStatement); };
Assertion saml20Assertion = AssertionUtil.GetBasicAssertion();
AttributeStatement attributeStatement =
(AttributeStatement)Array.Find(saml20Assertion.Items, findAttributeStatement);
// Add an encrypted attribute.
EncryptedElement encAtt = new EncryptedElement();
encAtt.encryptedData = new EncryptedData();
encAtt.encryptedData.CipherData = new CipherData();
encAtt.encryptedData.CipherData.Item = string.Empty;
encAtt.encryptedKey = new EncryptedKey[0];
attributeStatement.Items = new object[] { encAtt };
TestAssertion(saml20Assertion, "The DK-SAML 2.0 profile does not allow encrypted attributes.");
// Add an attribute with the wrong nameformat.
// Attribute att = DKSaml20EmailAttribute.create("*****@*****.**");
// att.NameFormat = "http://example.com";
// attributeStatement.Items = new object[] { att };
// testAssertion(saml20Assertion, "The DK-SAML 2.0 profile requires that an attribute's \"NameFormat\" element is urn:oasis:names:tc:SAML:2.0:attrname-format:uri.");
// Clear all the attributes.
attributeStatement.Items = new object[0];
TestAssertion(saml20Assertion, "AttributeStatement MUST contain at least one Attribute or EncryptedAttribute");
// Remove it.
saml20Assertion = AssertionUtil.GetBasicAssertion();
List <StatementAbstract> statements = new List <StatementAbstract>(saml20Assertion.Items);
statements.RemoveAll(findAttributeStatement);
saml20Assertion.Items = statements.ToArray();
TestAssertion(saml20Assertion, "The DK-SAML 2.0 profile requires exactly one \"AuthnStatement\" element and one \"AttributeStatement\" element.");
}
/// <summary>
/// [SAML2.0std] section 2.7.3.2
/// </summary>
public void ValidateEncryptedAttribute(EncryptedElement encryptedElement)
{
EncElemValidator.ValidateEncryptedElement(encryptedElement, "EncryptedAttribute");
}
public void ValidateEncryptedAttribute(EncryptedElement encryptedElement)
{
throw new DKSaml20FormatException("The DK-SAML 2.0 profile does not support the EncryptedAttribute element");
}
/// <summary>
/// Validates the encrypted ID.
/// </summary>
/// <param name="encryptedId">The encrypted ID.</param>
public void ValidateEncryptedId(EncryptedElement encryptedId)
{
_encryptedElementValidator.ValidateEncryptedElement(encryptedId, "EncryptedID");
}
public void ValidateEncryptedID(EncryptedElement encryptedID)
{
EncElemValidator.ValidateEncryptedElement(encryptedID, "EncryptedID");
}
