Cwikius-Spring
/
spring-security
mirror of https://github.com/spring-projects/spring-security.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Polish OpenSamlAuthenticationProviderTests 

- Added missing this keywords
- Removed unused variables
- Coded to interfaces
- Added missing JavaDoc

Issue gh-6019
This commit is contained in:
Josh Cummings 2020-03-31 16:14:49 -06:00
parent b1c8affec0
commit 7056c2d9de
No known key found for this signature in database
GPG Key ID: 49EF60DD7FF83443
1 changed files with 66 additions and 93 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

159
saml2/saml2-service-provider/src/test/java/org/springframework/security/saml2/provider/service/authentication/OpenSamlAuthenticationProviderTests.java
View File

@ -22,6 +22,7 @@ import java.io.ObjectOutputStream;
import org.hamcrest.BaseMatcher; import org.hamcrest.BaseMatcher;
import org.hamcrest.Description; import org.hamcrest.Description;
import org.hamcrest.Matcher;
import org.joda.time.DateTime; import org.joda.time.DateTime;
import org.joda.time.Duration; import org.joda.time.Duration;
import org.junit.Before; import org.junit.Before;
@ -48,6 +49,12 @@ import static org.springframework.security.saml2.provider.service.authentication
import static org.springframework.test.util.AssertionErrors.assertTrue; import static org.springframework.test.util.AssertionErrors.assertTrue;
import static org.springframework.util.StringUtils.hasText; import static org.springframework.util.StringUtils.hasText;
/**
* Tests for {@link OpenSamlAuthenticationProvider}
*
* @author Filip Hanik
* @author Josh Cummings
*/
public class OpenSamlAuthenticationProviderTests { public class OpenSamlAuthenticationProviderTests {
private static String username = "test@saml.user"; private static String username = "test@saml.user";
@ -64,9 +71,9 @@ public class OpenSamlAuthenticationProviderTests {
@Before @Before
public void setup() { public void setup() {
saml = OpenSamlImplementation.getInstance(); this.saml = OpenSamlImplementation.getInstance();
provider = new OpenSamlAuthenticationProvider(); this.provider = new OpenSamlAuthenticationProvider();
token = new Saml2AuthenticationToken( this.token = new Saml2AuthenticationToken(
"responseXml", "responseXml",
recipientUri, recipientUri,
idpEntityId, idpEntityId,
@ -79,8 +86,8 @@ public class OpenSamlAuthenticationProviderTests {
public void supportsWhenSaml2AuthenticationTokenThenReturnTrue() { public void supportsWhenSaml2AuthenticationTokenThenReturnTrue() {
assertTrue( assertTrue(
OpenSamlAuthenticationProvider.class + "should support " + token.getClass(), OpenSamlAuthenticationProvider.class + "should support " + this.token.getClass(),
provider.supports(token.getClass()) this.provider.supports(this.token.getClass())
); );
} }
@ -88,50 +95,47 @@ public class OpenSamlAuthenticationProviderTests {
public void supportsWhenNotSaml2AuthenticationTokenThenReturnFalse() { public void supportsWhenNotSaml2AuthenticationTokenThenReturnFalse() {
assertTrue( assertTrue(
OpenSamlAuthenticationProvider.class + "should not support " + Authentication.class, OpenSamlAuthenticationProvider.class + "should not support " + Authentication.class,
!provider.supports(Authentication.class) !this.provider.supports(Authentication.class)
); );
} }
@Test @Test
public void authenticateWhenUnknownDataClassThenThrowAuthenticationException() { public void authenticateWhenUnknownDataClassThenThrowAuthenticationException() {
Assertion assertion = defaultAssertion(); Assertion assertion = defaultAssertion();
token = responseXml(assertion); this.token = responseXml(assertion);
exception.expect(authenticationMatcher(Saml2ErrorCodes.UNKNOWN_RESPONSE_CLASS)); this.exception.expect(authenticationMatcher(Saml2ErrorCodes.UNKNOWN_RESPONSE_CLASS));
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
public void authenticateWhenXmlErrorThenThrowAuthenticationException() { public void authenticateWhenXmlErrorThenThrowAuthenticationException() {
token = new Saml2AuthenticationToken( this.token = new Saml2AuthenticationToken(
"invalid xml string", "invalid xml string",
recipientUri, recipientUri,
idpEntityId, idpEntityId,
recipientEntityId, recipientEntityId,
relyingPartyCredentials() relyingPartyCredentials()
); );
exception.expect(authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA)); this.exception.expect(authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
public void authenticateWhenInvalidDestinationThenThrowAuthenticationException() { public void authenticateWhenInvalidDestinationThenThrowAuthenticationException() {
Response response = response(recipientUri + "invalid", idpEntityId); Response response = response(recipientUri + "invalid", idpEntityId);
token = responseXml(response); this.token = responseXml(response);
exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_DESTINATION)); this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_DESTINATION));
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
public void authenticateWhenNoAssertionsPresentThenThrowAuthenticationException() { public void authenticateWhenNoAssertionsPresentThenThrowAuthenticationException() {
Response response = response(recipientUri, idpEntityId); Response response = response(recipientUri, idpEntityId);
token = responseXml(response); this.token = responseXml(response);
exception.expect( this.exception.expect(
authenticationMatcher( authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA, "No assertions found in response.")
Saml2ErrorCodes.MALFORMED_RESPONSE_DATA,
"No assertions found in response."
)
); );
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
@ -139,13 +143,9 @@ public class OpenSamlAuthenticationProviderTests {
Response response = response(recipientUri, idpEntityId); Response response = response(recipientUri, idpEntityId);
Assertion assertion = defaultAssertion(); Assertion assertion = defaultAssertion();
response.getAssertions().add(assertion); response.getAssertions().add(assertion);
token = responseXml(response); this.token = responseXml(response);
exception.expect( this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_SIGNATURE));
authenticationMatcher( this.provider.authenticate(this.token);
Saml2ErrorCodes.INVALID_SIGNATURE
)
);
provider.authenticate(token);
} }
@Test @Test
@ -164,14 +164,10 @@ public class OpenSamlAuthenticationProviderTests {
recipientEntityId recipientEntityId
); );
response.getAssertions().add(assertion); response.getAssertions().add(assertion);
token = responseXml(response); this.token = responseXml(response);
exception.expect( this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_ASSERTION));
authenticationMatcher( this.provider.authenticate(this.token);
Saml2ErrorCodes.INVALID_ASSERTION
)
);
provider.authenticate(token);
} }
@Test @Test
@ -185,14 +181,10 @@ public class OpenSamlAuthenticationProviderTests {
recipientEntityId recipientEntityId
); );
response.getAssertions().add(assertion); response.getAssertions().add(assertion);
token = responseXml(response); this.token = responseXml(response);
exception.expect( this.exception.expect(authenticationMatcher(Saml2ErrorCodes.SUBJECT_NOT_FOUND));
authenticationMatcher( this.provider.authenticate(token);
Saml2ErrorCodes.SUBJECT_NOT_FOUND
)
);
provider.authenticate(token);
} }
@Test @Test
@ -209,14 +201,10 @@ public class OpenSamlAuthenticationProviderTests {
recipientEntityId recipientEntityId
); );
response.getAssertions().add(assertion); response.getAssertions().add(assertion);
token = responseXml(response); this.token = responseXml(response);
exception.expect( this.exception.expect(authenticationMatcher(Saml2ErrorCodes.USERNAME_NOT_FOUND));
authenticationMatcher( this.provider.authenticate(this.token);
Saml2ErrorCodes.USERNAME_NOT_FOUND
)
);
provider.authenticate(token);
} }
@Test @Test
@ -232,8 +220,8 @@ public class OpenSamlAuthenticationProviderTests {
recipientEntityId recipientEntityId
); );
response.getAssertions().add(assertion); response.getAssertions().add(assertion);
token = responseXml(response); this.token = responseXml(response);
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
@ -242,13 +230,9 @@ public class OpenSamlAuthenticationProviderTests {
Assertion assertion = defaultAssertion(); Assertion assertion = defaultAssertion();
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials()); EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
response.getEncryptedAssertions().add(encryptedAssertion); response.getEncryptedAssertions().add(encryptedAssertion);
token = responseXml(response); this.token = responseXml(response);
exception.expect( this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_SIGNATURE));
authenticationMatcher( this.provider.authenticate(this.token);
Saml2ErrorCodes.INVALID_SIGNATURE
)
);
provider.authenticate(token);
} }
@Test @Test
@ -262,8 +246,8 @@ public class OpenSamlAuthenticationProviderTests {
); );
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials()); EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
response.getEncryptedAssertions().add(encryptedAssertion); response.getEncryptedAssertions().add(encryptedAssertion);
token = responseXml(response); this.token = responseXml(response);
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
@ -277,8 +261,8 @@ public class OpenSamlAuthenticationProviderTests {
assertingPartyCredentials(), assertingPartyCredentials(),
recipientEntityId recipientEntityId
); );
token = responseXml(response); this.token = responseXml(response);
provider.authenticate(token); provider.authenticate(this.token);
} }
@Test @Test
@ -295,8 +279,8 @@ public class OpenSamlAuthenticationProviderTests {
recipientEntityId recipientEntityId
); );
response.getAssertions().add(assertion); response.getAssertions().add(assertion);
token = responseXml(response); this.token = responseXml(response);
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@ -306,23 +290,20 @@ public class OpenSamlAuthenticationProviderTests {
Assertion assertion = defaultAssertion(); Assertion assertion = defaultAssertion();
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials()); EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
response.getEncryptedAssertions().add(encryptedAssertion); response.getEncryptedAssertions().add(encryptedAssertion);
token = responseXml(response); this.token = responseXml(response);
token = new Saml2AuthenticationToken( this.token = new Saml2AuthenticationToken(
token.getSaml2Response(), this.token.getSaml2Response(),
recipientUri, recipientUri,
idpEntityId, idpEntityId,
recipientEntityId, recipientEntityId,
emptyList() emptyList()
); );
exception.expect( this.exception.expect(
authenticationMatcher( authenticationMatcher(Saml2ErrorCodes.DECRYPTION_ERROR, "No valid decryption credentials found.")
Saml2ErrorCodes.DECRYPTION_ERROR,
"No valid decryption credentials found."
)
); );
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
@ -331,23 +312,20 @@ public class OpenSamlAuthenticationProviderTests {
Assertion assertion = defaultAssertion(); Assertion assertion = defaultAssertion();
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials()); EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
response.getEncryptedAssertions().add(encryptedAssertion); response.getEncryptedAssertions().add(encryptedAssertion);
token = responseXml(response); this.token = responseXml(response);
token = new Saml2AuthenticationToken( this.token = new Saml2AuthenticationToken(
token.getSaml2Response(), this.token.getSaml2Response(),
recipientUri, recipientUri,
idpEntityId, idpEntityId,
recipientEntityId, recipientEntityId,
assertingPartyCredentials() assertingPartyCredentials()
); );
exception.expect( this.exception.expect(
authenticationMatcher( authenticationMatcher(Saml2ErrorCodes.DECRYPTION_ERROR, "Failed to decrypt EncryptedData")
Saml2ErrorCodes.DECRYPTION_ERROR,
"Failed to decrypt EncryptedData"
)
); );
provider.authenticate(token); this.provider.authenticate(this.token);
} }
@Test @Test
@ -361,9 +339,9 @@ public class OpenSamlAuthenticationProviderTests {
); );
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials()); EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
response.getEncryptedAssertions().add(encryptedAssertion); response.getEncryptedAssertions().add(encryptedAssertion);
token = responseXml(response); this.token = responseXml(response);
Saml2Authentication authentication = (Saml2Authentication) provider.authenticate(token); Saml2Authentication authentication = (Saml2Authentication) this.provider.authenticate(this.token);
// the following code will throw an exception if authentication isn't serializable // the following code will throw an exception if authentication isn't serializable
ByteArrayOutputStream byteStream = new ByteArrayOutputStream(1024); ByteArrayOutputStream byteStream = new ByteArrayOutputStream(1024);
@ -382,7 +360,7 @@ public class OpenSamlAuthenticationProviderTests {
} }
private Saml2AuthenticationToken responseXml(XMLObject assertion) { private Saml2AuthenticationToken responseXml(XMLObject assertion) {
String xml = saml.serialize(assertion); String xml = this.saml.serialize(assertion);
return new Saml2AuthenticationToken( return new Saml2AuthenticationToken(
xml, xml,
recipientUri, recipientUri,
@ -393,28 +371,23 @@ public class OpenSamlAuthenticationProviderTests {
} }
private BaseMatcher<Saml2AuthenticationException> authenticationMatcher(String code) { private Matcher<Saml2AuthenticationException> authenticationMatcher(String code) {
return authenticationMatcher(code, null); return authenticationMatcher(code, null);
} }
private BaseMatcher<Saml2AuthenticationException> authenticationMatcher(String code, String description) { private Matcher<Saml2AuthenticationException> authenticationMatcher(String code, String description) {
return new BaseMatcher<Saml2AuthenticationException>() { return new BaseMatcher<Saml2AuthenticationException>() {
private Object value = null;
@Override @Override
public boolean matches(Object item) { public boolean matches(Object item) {
if (!(item instanceof Saml2AuthenticationException)) { if (!(item instanceof Saml2AuthenticationException)) {
value = item;
return false; return false;
} }
Saml2AuthenticationException ex = (Saml2AuthenticationException) item; Saml2AuthenticationException ex = (Saml2AuthenticationException) item;
if (!code.equals(ex.getError().getErrorCode())) { if (!code.equals(ex.getError().getErrorCode())) {
value = item;
return false; return false;
} }
if (hasText(description)) { if (hasText(description)) {
if (!description.equals(ex.getError().getDescription())) { if (!description.equals(ex.getError().getDescription())) {
value = item;
return false; return false;
} }
} }