public async Task ParseResponse_failed_2_nested_status_code_Test()
{
//ARRANGE
var inResponseTo = Guid.NewGuid().ToString();
var response = ResponseFactoryMock.GetTokenResponse(inResponseTo, StatusCodes.Responder);
ResponseFactoryMock.GetStatusCode(StatusCodes.NoAuthnContext, response.Status.StatusCode);
ResponseFactoryMock.GetStatusCode(StatusCodes.InvalidNameIdPolicy, response.Status.StatusCode.SubStatusCode);
response.Status.StatusMessage = "Test message";
var logger = new LogProviderMock();
var serialised = ResponseFactoryMock.Serialize(response);
var parser = new SamlTokenResponseParser(logger);
//ACT
var tokenResponse = await parser.Parse(serialised);
//ASSERT
Assert.AreEqual(StatusCodes.Responder, tokenResponse.Status.StatusCode.Value);
Assert.IsNotNull(tokenResponse.Status.StatusCode.SubStatusCode);
Assert.AreEqual(StatusCodes.NoAuthnContext, tokenResponse.Status.StatusCode.SubStatusCode.Value);
Assert.IsNotNull(tokenResponse.Status.StatusCode.SubStatusCode.SubStatusCode);
Assert.AreEqual(StatusCodes.InvalidNameIdPolicy, tokenResponse.Status.StatusCode.SubStatusCode.SubStatusCode.Value);
Assert.IsNull(tokenResponse.Status.StatusCode.SubStatusCode.SubStatusCode.SubStatusCode);
Assert.AreEqual("Test message", tokenResponse.Status.StatusMessage);
Assert.IsNull(tokenResponse.Status.StatusDetail);
}
public async Task ParseResponse_success_Test()
{
//ARRANGE
var inResponseTo = "Test_" + Guid.NewGuid().ToString();
var response = ResponseFactoryMock.GetTokenResponseSuccess(inResponseTo, StatusCodes.Success);
var logger = new LogProviderMock();
var serialised = ResponseFactoryMock.Serialize(response);
var parser = new SamlTokenResponseParser(logger);
//ACT
var tokenResponse = await parser.Parse(serialised);
//ASSERT
Assert.AreEqual(StatusCodes.Success, tokenResponse.Status.StatusCode.Value);
Assert.IsNull(tokenResponse.Status.StatusCode.SubStatusCode);
Assert.IsNull(tokenResponse.Status.StatusMessage);
Assert.IsNull(tokenResponse.Status.StatusDetail);
Assert.AreEqual(inResponseTo, tokenResponse.InResponseTo);
Assert.AreEqual(response.ID, tokenResponse.ID);
Assert.AreEqual(response.IssueInstant, tokenResponse.IssueInstant);
Assert.AreEqual(response.Issuer.Format, tokenResponse.Issuer.Format);
Assert.AreEqual(response.Issuer.Value, tokenResponse.Issuer.Value);
Assert.AreEqual(response.Version, tokenResponse.Version);
Assert.AreEqual(response.Destination, tokenResponse.Destination);
}
public async Task ParseResponse_failed_nested_status_code_with_details_Test()
{
//ARRANGE
var inResponseTo = Guid.NewGuid().ToString();
var response = ResponseFactoryMock.GetTokenResponse(inResponseTo, StatusCodes.Responder);
ResponseFactoryMock.GetStatusCode(StatusCodes.NoAuthnContext, response.Status.StatusCode);
response.Status.StatusMessage = "Test message";
var doc = new XmlDocument();
//doc.PreserveWhitespace = true;
var el = doc.CreateElement("DetailElement");
el.SetAttribute("MessageId", "Status details");
var el1 = doc.CreateElement("AditionalDetailElement");
el1.SetAttribute("AdditionalDetail", "Additional details");
ResponseFactoryMock.BuildStatuseDetail(response.Status, new[] { el, el1 });
var logger = new LogProviderMock();
var serialised = ResponseFactoryMock.Serialize(response);
var parser = new SamlTokenResponseParser(logger);
//ACT
var tokenResponse = await parser.Parse(serialised);
//ASSERT
Assert.AreEqual(StatusCodes.Responder, tokenResponse.Status.StatusCode.Value);
Assert.IsNotNull(tokenResponse.Status.StatusCode.SubStatusCode);
Assert.AreEqual(StatusCodes.NoAuthnContext, tokenResponse.Status.StatusCode.SubStatusCode.Value);
Assert.IsNull(tokenResponse.Status.StatusCode.SubStatusCode.SubStatusCode);
Assert.AreEqual("Test message", tokenResponse.Status.StatusMessage);
Assert.IsNotNull(tokenResponse.Status.StatusDetail);
Assert.AreEqual(2, tokenResponse.Status.StatusDetail.Any.Length);
}
public async Task ParseTokenResponse_post_binding_sp_initiated()
{
//ARRANGE
var inResponseTo = Guid.NewGuid().ToString();
var response = ResponseFactoryMock.GetTokenResponseSuccess(inResponseTo, StatusCodes.Success);
var logger = new LogProviderMock();
var serialised = ResponseFactoryMock.Serialize(response);
var xmlSignatureManager = new XmlSignatureManager();
var document = new XmlDocument();
document.LoadXml(serialised);
var cert = AssertionFactroryMock.GetMockCertificate();
xmlSignatureManager.SignXml(document, response.ID, cert.PrivateKey, null);
var base64Encoded = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(document.DocumentElement.OuterXml));
var compressor = new DeflateCompressor();
var encoder = new MessageEncoding(compressor);
var jsonSerialiser = new NSJsonSerializer(new DefaultSettingsProvider());
var relayStateSerialiser = new RelaystateSerialiser(jsonSerialiser, encoder, logger) as IRelayStateSerialiser;
var relayState = await relayStateSerialiser.Serialize(new Dictionary <string, object> {
{ "Key", "Value" }
});
var form = new SAMLForm();
form.SetResponse(base64Encoded);
form.SetRelatState(relayState);
Func <Type, IMetadataHandler> metadataHandlerFactory = t => new MetadataEntitityDescriptorHandler();
var certManager = new CertificateManager(logger);
var signatureManager = new XmlSignatureManager();
Func <IEnumerable <ResponseValidationRule> > rulesResolver = () => new[] { new ResponseSignatureRule(logger, certManager, signatureManager) };
var validator = new Federation.Protocols.Response.Validation.ResponseValidator(logger, new RuleFactory(rulesResolver));
var configurationRetrieverMock = new ConfigurationRetrieverMock();
var federationPartyContextBuilderMock = new FederationPartyContextBuilderMock();
var configurationManger = new ConfigurationManager <MetadataBase>(federationPartyContextBuilderMock, configurationRetrieverMock);
var relayStateHandler = new RelayStateHandler(relayStateSerialiser, logger);
var responseParser = new ResponseParser(metadataHandlerFactory, t => new SamlTokenResponseParser(logger),
configurationManger, relayStateHandler, logger, validator);
var postBindingDecoder = new PostBindingDecoder(logger);
var message = await postBindingDecoder.Decode(form.HiddenControls.ToDictionary(k => k.Key, v => v.Value));
var context = new SamlInboundContext
{
Message = message,
DescriptorResolver = m => metadataHandlerFactory(typeof(object)).GetIdentityProviderSingleSignOnDescriptor(m).Single().Roles.Single()
};
//ACT
var result = await responseParser.Parse(context);
//ASSERT
Assert.IsTrue(result.IsValidated);
}
public void ResponseStatusTest_success_response()
{
//ARRANGE
var inResponseTo = Guid.NewGuid().ToString();
var expectedAggregatedMessage = String.Format("StatusCode: {0}\r\n", StatusCodes.Success);
var responseStatus = ResponseFactoryMock.GetTokenResponseSuccess(inResponseTo, StatusCodes.Success);
var responseContext = new SamlInboundResponseContext {
StatusResponse = responseStatus
};
//ACT
//ASSERT
Assert.IsTrue(responseContext.IsSuccess);
Assert.AreEqual(StatusCodes.Success, responseContext.StatusResponse.Status.StatusCode.Value);
Assert.IsFalse(responseContext.IsIdpInitiated);
Assert.AreEqual(expectedAggregatedMessage, responseContext.AggregatedMessage);
}
public void ResponseStatusTest_success_response_with_additional_status_code()
{
////ARRANGE
var inResponseTo = Guid.NewGuid().ToString();
var response = ResponseFactoryMock.GetTokenResponse(inResponseTo, StatusCodes.Responder);
ResponseFactoryMock.GetStatusCode(StatusCodes.NoAuthnContext, response.Status.StatusCode);
var expectedAggregatedMessage = String.Format("StatusCode: {0}\r\nAdditional status code: {1}\r\n", StatusCodes.Responder, StatusCodes.NoAuthnContext);
var responseContext = new SamlInboundResponseContext {
StatusResponse = response
};
////ACT
////ASSERT
Assert.IsFalse(responseContext.IsSuccess);
Assert.AreEqual(StatusCodes.Responder, responseContext.StatusResponse.Status.StatusCode.Value);
Assert.AreEqual(StatusCodes.NoAuthnContext, responseContext.StatusResponse.Status.StatusCode.SubStatusCode.Value);
Assert.AreEqual(expectedAggregatedMessage, responseContext.AggregatedMessage);
}
public void SignResponse_namespace_not_included()
{
//ARRANGE
var signatureManager = new XmlSignatureManager();
var inResponseTo = "Test_" + Guid.NewGuid();
var tokenResponse = ResponseFactoryMock.GetTokenResponseSuccess(inResponseTo);
var cert = CertificateProviderMock.GetMockCertificate();
var serialised = ResponseFactoryMock.Serialize(tokenResponse);
var document = new XmlDocument();
document.LoadXml(serialised);
//ACT
signatureManager.WriteSignature(document, tokenResponse.ID, cert.PrivateKey, String.Empty, String.Empty);
var isValid = signatureManager.VerifySignature(document, cert.PublicKey.Key);
//ASSERT
Assert.True(isValid);
}
public async Task DecodeTest()
{
//ARRANGE
var inResponseTo = Guid.NewGuid().ToString();
var response = ResponseFactoryMock.GetTokenResponseSuccess(inResponseTo, StatusCodes.Success);
var logger = new LogProviderMock();
var serialised = ResponseFactoryMock.Serialize(response);
var responseToBase64 = Convert.ToBase64String(System.Text.Encoding.UTF8.GetBytes(serialised));
var relayState = new Dictionary <string, object> {
{ "relayState", "Test state" }
};
var compressor = new DeflateCompressor();
var messageEncoder = new MessageEncoding(compressor);
var jsonSerialiser = new NSJsonSerializer(new DefaultSettingsProvider());
var serialiser = new RelaystateSerialiser(jsonSerialiser, messageEncoder, logger) as IRelayStateSerialiser;
var serialisedRelaySatate = await serialiser.Serialize(relayState);
var relayStateHandler = new RelayStateHandler(serialiser, logger);
var form = new Dictionary <string, string>
{
{ HttpRedirectBindingConstants.SamlResponse, responseToBase64 },
{ HttpRedirectBindingConstants.RelayState, serialisedRelaySatate }
};
var decoder = new PostBindingDecoder(logger);
//ACT
var message = await decoder.Decode(form);
var stateFromResult = message.Elements[HttpRedirectBindingConstants.RelayState];
//ASSERT
Assert.IsNotNull(stateFromResult);
Assert.AreEqual(serialised, message.Elements[HttpRedirectBindingConstants.SamlResponse]);
Assert.AreEqual(serialisedRelaySatate, message.Elements[HttpRedirectBindingConstants.RelayState]);
}
