public void CheckTimeValidTest()
{
Saml2Serializer serializer = new Saml2Serializer();
SamlValidator validator = new SamlValidator();
Response response = serializer.ConvertXMLToResponseObject(ReadFile(xmlResponseFilename));
TimeZone localZone = TimeZone.CurrentTimeZone;
DateTime actualTime = localZone.ToUniversalTime(DateTime.Now);
try
{
// add a correct time to the response
response.Assertion.Conditions.NotBefore = actualTime.AddSeconds(-20);
response.Assertion.Conditions.NotOnOrAfter = actualTime.AddMinutes(5);
response.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.NotOnOrAfter = actualTime.AddMinutes(5);
response.IssueInstant = actualTime.AddSeconds(-20);
response.Assertion.IssueInstant = actualTime.AddSeconds(-20);
Assert.IsTrue(validator.CheckTime(response));
}
catch (Exception e)
{
Assert.Fail(e.Message);
}
}
public void CheckTimeInvalidTest()
{
Saml2Serializer serializer = new Saml2Serializer();
SamlValidator validator = new SamlValidator();
Response response = serializer.ConvertXMLToResponseObject(ReadFile(xmlResponseFilename));
TimeZone localZone = TimeZone.CurrentTimeZone;
DateTime actualTime = localZone.ToUniversalTime(DateTime.Now);
// response.Assertion.Conditions.NotBefore is wrong
try
{
response.Assertion.Conditions.NotBefore = actualTime.AddSeconds(20);
response.Assertion.Conditions.NotOnOrAfter = actualTime.AddMinutes(5);
response.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.NotOnOrAfter = actualTime.AddMinutes(5);
response.IssueInstant = actualTime.AddSeconds(-20);
response.Assertion.IssueInstant = actualTime.AddSeconds(-20);
Assert.IsFalse(validator.CheckTime(response));
}
catch (SamlCommunicationException e) { Assert.IsTrue(true); } // exception expected in this test
catch (Exception e) { Assert.Fail(e.Message); } // not this kind of exception expected
// response.Assertion.Conditions.NotOnOrAfter is wrong
try
{
response.Assertion.Conditions.NotBefore = actualTime.AddSeconds(-20);
response.Assertion.Conditions.NotOnOrAfter = actualTime.AddMinutes(-20);
response.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.NotOnOrAfter = actualTime.AddMinutes(5);
response.IssueInstant = actualTime.AddSeconds(-20);
response.Assertion.IssueInstant = actualTime.AddSeconds(-20);
Assert.IsFalse(validator.CheckTime(response));
}
catch (SamlCommunicationException e) { Assert.IsTrue(true); } // exception expected in this test
catch (Exception e) { Assert.Fail(e.Message); } // not this kind of exception expected
// response.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.NotOnOrAfter is wrong
try
{
response.Assertion.Conditions.NotBefore = actualTime.AddSeconds(-20);
response.Assertion.Conditions.NotOnOrAfter = actualTime.AddMinutes(5);
response.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.NotOnOrAfter = actualTime.AddMinutes(-20);
response.IssueInstant = actualTime.AddSeconds(-20);
response.Assertion.IssueInstant = actualTime.AddSeconds(-20);
Assert.IsFalse(validator.CheckTime(response));
}
catch (SamlCommunicationException e) { Assert.IsTrue(true); } // exception expected in this test
catch (Exception e) { Assert.Fail(e.Message); } // not this kind of exception expected
// response.IssueInstant is wrong
try
{
response.Assertion.Conditions.NotBefore = actualTime.AddSeconds(-20);
response.Assertion.Conditions.NotOnOrAfter = actualTime.AddMinutes(5);
response.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.NotOnOrAfter = actualTime.AddMinutes(5);
response.IssueInstant = actualTime.AddSeconds(20);
response.Assertion.IssueInstant = actualTime.AddSeconds(-20);
Assert.IsFalse(validator.CheckTime(response));
}
catch (SamlCommunicationException e) { Assert.IsTrue(true); } // exception expected in this test
catch (Exception e) { Assert.Fail(e.Message); } // not this kind of exception expected
// response.Assertion.IssueInstant is wrong
try
{
response.Assertion.Conditions.NotBefore = actualTime.AddSeconds(-20);
response.Assertion.Conditions.NotOnOrAfter = actualTime.AddMinutes(5);
response.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.NotOnOrAfter = actualTime.AddMinutes(5);
response.IssueInstant = actualTime.AddSeconds(-20);
response.Assertion.IssueInstant = actualTime.AddSeconds(20);
Assert.IsFalse(validator.CheckTime(response));
}
catch (SamlCommunicationException e) { Assert.IsTrue(true); } // exception expected in this test
catch (Exception e) { Assert.Fail(e.Message); } // not this kind of exception expected
}