public void Saml2RedirectBinding_Bind_WithQueryIn_destinationUrl() { var message = new Saml2MessageImplementation { XmlData = ExampleXmlData, DestinationUrl = new Uri("http://www.example.com/acs?aQueryParam=QueryParamValue"), MessageName = "SAMLRequest" }; var result = Saml2Binding.Get(Saml2BindingType.HttpRedirect).Bind(message); var expected = new CommandResult() { Location = new Uri("http://www.example.com/acs?aQueryParam=QueryParamValue&SAMLRequest=" + ExampleSerializedData), HttpStatusCode = System.Net.HttpStatusCode.SeeOther, }; result.ShouldBeEquivalentTo(expected); }
public void LogoutCommand_Run_ThrowsOnMissingIssuerInReceivedMessage() { var msg = new Saml2MessageImplementation { MessageName = "SAMLRequest", SigningCertificate = SignedXmlHelper.TestCert, DestinationUrl = new Uri("http://localhost"), XmlData = "<Xml />" }; var url = Saml2Binding.Get(Saml2BindingType.HttpRedirect) .Bind(msg).Location; var request = new HttpRequestData("GET", url); CommandFactory.GetCommand(CommandFactory.LogoutCommandName) .Invoking(c => c.Run(request, StubFactory.CreateOptions())) .Should().Throw <InvalidSignatureException>() .WithMessage("There is no Issuer element in the message, so there is no way to know what certificate to use to validate the signature."); }
public void Saml2RedirectBinding_Bind_With_RelayState() { var message = new Saml2MessageImplementation { XmlData = "Data", RelayState = "SomeState that needs escaping #%=3", DestinationUrl = new Uri("http://host"), MessageName = "SAMLRequest" }; var expected = new CommandResult() { Location = new Uri("http://host?SAMLRequest=c0ksSQQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA%3D%3D" + "&RelayState=" + Uri.EscapeDataString(message.RelayState)), HttpStatusCode = System.Net.HttpStatusCode.SeeOther }; var result = Saml2Binding.Get(Saml2BindingType.HttpRedirect).Bind(message); CompareCommandResults(result, expected); }
public void Saml2PostBinding_Bind_SignsXmlAndPreserversXmlDeclaration() { var message = new Saml2MessageImplementation { DestinationUrl = new Uri("http://www.example.com/acs"), XmlData = "<root ID=\"id\">\r\n <content>data</content>\r\n</root>", MessageName = "SAMLMessageName", RelayState = "ABC1234", SigningCertificate = SignedXmlHelper.TestCert, SigningAlgorithm = SecurityAlgorithms.RsaSha256Signature }; var signedXml = "<?xml version=\"1.0\" encoding=\"blaha\"?>\r\n" + SignedXmlHelper.SignXml(message.XmlData, true); var expectedValue = Convert.ToBase64String(Encoding.UTF8.GetBytes(signedXml)); var notificationCalled = false; var result = Saml2Binding.Get(Saml2BindingType.HttpPost).Bind(message, null, (m, xd, bt) => { xd.Declaration = new XDeclaration("1.0", "blaha", null); m.Should().BeSameAs(message); bt.Should().Be(Saml2BindingType.HttpPost); notificationCalled = true; }); var expected = new CommandResult() { ContentType = "text/html", Content = @"<?xml version=""1.0"" encoding=""UTF-8""?> <!DOCTYPE html PUBLIC ""-//W3C//DTD XHTML 1.1//EN"" ""http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd""> <html xmlns=""http://www.w3.org/1999/xhtml"" xml:lang=""en""> <head> <meta http-equiv=""Content-Security-Policy"" content=""script-src 'sha256-H3SVZBYrbqBt3ncrT/nNmOb6nwCjC12cPQzh5jnW4Y0='""> </head> <body> <noscript> <p> <strong>Note:</strong> Since your browser does not support JavaScript, you must press the Continue button once to proceed. </p> </noscript> <form action=""http://www.example.com/acs"" method=""post"" name=""sustainsysSamlPostBindingSubmit""> <div> <input type=""hidden"" name=""RelayState"" value=""ABC1234""/> <input type=""hidden"" name=""SAMLMessageName"" value=""" + expectedValue + @"""/> </div> <noscript> <div> <input type=""submit"" value=""Continue""/> </div> </noscript> </form> <script type=""text/javascript""> document.forms.sustainsysSamlPostBindingSubmit.submit(); </script> </body> </html>" }; result.Should().BeEquivalentTo(expected); notificationCalled.Should().BeTrue(); }