public void ThrowsExceptionWhenIssueInstantNull() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); assertion.IssueInstant = null; var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenIssuerFormatInvalid() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); assertion.Issuer.Format = "a non wellformed uri"; var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); // Act validator.ValidateAssertion(assertion); }
public void ValidatesAudienceRestrictionWithSeveralAudiences() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); foreach (var audienceCondition in assertion.Conditions.Items) { if (!(audienceCondition is AudienceRestriction)) { continue; } var audienceRestriction = (AudienceRestriction)audienceCondition; var audiences = new List<string>(audienceRestriction.Audience) { "http://well/formed.uri" }; audienceRestriction.Audience = audiences; break; } // Act validator.ValidateAssertion(assertion); }
public void ValidatesAudienceRestrictionWithMultipleAudienceRestrictions() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); var audienceConditions = new List<ConditionAbstract>(assertion.Conditions.Items); var audienceRestriction = new AudienceRestriction { Audience = new List<string>(new[] { "urn:borger.dk:id" }) }; audienceConditions.Add(audienceRestriction); assertion.Conditions.Items = audienceConditions; // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenThereAreMultipleProxyRestriction() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); var conditions = new List<ConditionAbstract> { new ProxyRestriction(), new ProxyRestriction() }; conditions.AddRange(assertion.Conditions.Items); assertion.Conditions.Items = conditions; // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenAudienceRestrictionIsNotConfigured() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(null, false); // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenTimeRestrictionNotBeforeIsInvalid() { // Arrange // Test with NotBefore that post-dates now var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); assertion.Conditions.NotBefore = DateTime.Now.AddDays(1); assertion.Conditions.NotOnOrAfter = null; // Act validator.ValidateTimeRestrictions(assertion, new TimeSpan()); }
public void ThrowsExceptionWhenAudienceRestrictionAnyAudienceRestrictionIsNotMet() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); var audienceConditions = new List<ConditionAbstract>(assertion.Conditions.Items); var audienceRestriction = new AudienceRestriction { Audience = new List<string>(new[] { "http://well/formed.uri" }) }; audienceConditions.Add(audienceRestriction); assertion.Conditions.Items = audienceConditions; // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenAuthnStatementSessionNotOnOrAfterInPast() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var statements = new List<StatementAbstract>(assertion.Items); var authnStatement = new AuthnStatement { AuthnInstant = DateTime.UtcNow, SessionNotOnOrAfter = DateTime.UtcNow.AddHours(-1) }; statements.Add(authnStatement); assertion.Items = statements.ToArray(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); // Act validator.ValidateTimeRestrictions(assertion, new TimeSpan()); }
public void ThrowsExceptionWhenTimeRestrictionNotOnOrAfterNow() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); // Test with NotOnOrAfter that pre-dates now assertion.Conditions.NotBefore = null; assertion.Conditions.NotOnOrAfter = DateTime.UtcNow; // Act validator.ValidateTimeRestrictions(assertion, new TimeSpan()); }
public void ValidatesTimeRestrictionNotSpecified() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); assertion.Conditions.NotBefore = null; assertion.Conditions.NotOnOrAfter = null; // Act validator.ValidateAssertion(assertion); }
public void ValidatesTimeRestrictionNotOnOrAfterTomorrow() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); // Test with NotOnOrAfter that post-dates now assertion.Conditions.NotBefore = null; assertion.Conditions.NotOnOrAfter = DateTime.UtcNow.AddDays(1); // Act validator.ValidateAssertion(assertion); }
public void ValidatesTimeRestrictionBothNotBeforeAndNotOnOrAfter() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); assertion.Conditions.NotBefore = DateTime.UtcNow.AddDays(-1); assertion.Conditions.NotOnOrAfter = DateTime.UtcNow.AddDays(1); // Act validator.ValidateAssertion(assertion); }
public void ValidatesProxyRestrictionAudience() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); var conditions = new List<ConditionAbstract> { new ProxyRestriction { Audience = new[] { "urn:a.wellformed:uri", "http://another/wellformed/uri" } } }; conditions.AddRange(assertion.Conditions.Items); assertion.Conditions.Items = conditions; // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenAudienceRestrictionAudienceFormatIsInvalid() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); var audienceRestriction = new AudienceRestriction { Audience = new List<string>(new[] { "malformed uri" }) }; assertion.Conditions.Items = new List<ConditionAbstract>(new ConditionAbstract[] { audienceRestriction }); // Act validator.ValidateAssertion(assertion); }
public void ValidatesProxyRestrictionCount() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); var conditions = new List<ConditionAbstract> { new ProxyRestriction { Count = "1" } }; conditions.AddRange(assertion.Conditions.Items); assertion.Conditions.Items = conditions; // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenAudienceRestrictionDoesNotMatch() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var allowedAudienceUris = new List<Uri> { new Uri("uri:lalal") }; var validator = new Saml20AssertionValidator(allowedAudienceUris, false); // Act validator.ValidateAssertion(assertion); }
public void ThrowsExceptionWhenWrongVersion() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); assertion.Version = "60"; var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); // Act validator.ValidateAssertion(assertion); }
public void ValidatesAssertion() { // Arrange var assertion = AssertionUtil.GetBasicAssertion(); var validator = new Saml20AssertionValidator(AssertionUtil.GetAudiences(), false); // Act validator.ValidateAssertion(assertion); }