Polish OpenSamlAuthenticationProviderTests
- Added missing this keywords - Removed unused variables - Coded to interfaces - Added missing JavaDoc Issue gh-6019
This commit is contained in:
Josh Cummings
parent
b1c8affec0
commit
7056c2d9de
|
|
@ -22,6 +22,7 @@ import java.io.ObjectOutputStream;
|
|||
|
||||
import org.hamcrest.BaseMatcher;
|
||||
import org.hamcrest.Description;
|
||||
import org.hamcrest.Matcher;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.Duration;
|
||||
import org.junit.Before;
|
||||
|
|
@ -48,6 +49,12 @@ import static org.springframework.security.saml2.provider.service.authentication
|
|||
import static org.springframework.test.util.AssertionErrors.assertTrue;
|
||||
import static org.springframework.util.StringUtils.hasText;
|
||||
|
||||
/**
|
||||
* Tests for {@link OpenSamlAuthenticationProvider}
|
||||
*
|
||||
* @author Filip Hanik
|
||||
* @author Josh Cummings
|
||||
*/
|
||||
public class OpenSamlAuthenticationProviderTests {
|
||||
|
||||
private static String username = "test@saml.user";
|
||||
|
|
@ -64,9 +71,9 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
|
||||
@Before
|
||||
public void setup() {
|
||||
saml = OpenSamlImplementation.getInstance();
|
||||
provider = new OpenSamlAuthenticationProvider();
|
||||
token = new Saml2AuthenticationToken(
|
||||
this.saml = OpenSamlImplementation.getInstance();
|
||||
this.provider = new OpenSamlAuthenticationProvider();
|
||||
this.token = new Saml2AuthenticationToken(
|
||||
"responseXml",
|
||||
recipientUri,
|
||||
idpEntityId,
|
||||
|
|
@ -79,8 +86,8 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
public void supportsWhenSaml2AuthenticationTokenThenReturnTrue() {
|
||||
|
||||
assertTrue(
|
||||
OpenSamlAuthenticationProvider.class + "should support " + token.getClass(),
|
||||
provider.supports(token.getClass())
|
||||
OpenSamlAuthenticationProvider.class + "should support " + this.token.getClass(),
|
||||
this.provider.supports(this.token.getClass())
|
||||
);
|
||||
}
|
||||
|
||||
|
|
@ -88,50 +95,47 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
public void supportsWhenNotSaml2AuthenticationTokenThenReturnFalse() {
|
||||
assertTrue(
|
||||
OpenSamlAuthenticationProvider.class + "should not support " + Authentication.class,
|
||||
!provider.supports(Authentication.class)
|
||||
!this.provider.supports(Authentication.class)
|
||||
);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenUnknownDataClassThenThrowAuthenticationException() {
|
||||
Assertion assertion = defaultAssertion();
|
||||
token = responseXml(assertion);
|
||||
exception.expect(authenticationMatcher(Saml2ErrorCodes.UNKNOWN_RESPONSE_CLASS));
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(assertion);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.UNKNOWN_RESPONSE_CLASS));
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenXmlErrorThenThrowAuthenticationException() {
|
||||
token = new Saml2AuthenticationToken(
|
||||
this.token = new Saml2AuthenticationToken(
|
||||
"invalid xml string",
|
||||
recipientUri,
|
||||
idpEntityId,
|
||||
recipientEntityId,
|
||||
relyingPartyCredentials()
|
||||
);
|
||||
exception.expect(authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
|
||||
provider.authenticate(token);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenInvalidDestinationThenThrowAuthenticationException() {
|
||||
Response response = response(recipientUri + "invalid", idpEntityId);
|
||||
token = responseXml(response);
|
||||
exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_DESTINATION));
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(response);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_DESTINATION));
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenNoAssertionsPresentThenThrowAuthenticationException() {
|
||||
Response response = response(recipientUri, idpEntityId);
|
||||
token = responseXml(response);
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.MALFORMED_RESPONSE_DATA,
|
||||
"No assertions found in response."
|
||||
)
|
||||
this.token = responseXml(response);
|
||||
this.exception.expect(
|
||||
authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA, "No assertions found in response.")
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -139,13 +143,9 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
Response response = response(recipientUri, idpEntityId);
|
||||
Assertion assertion = defaultAssertion();
|
||||
response.getAssertions().add(assertion);
|
||||
token = responseXml(response);
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.INVALID_SIGNATURE
|
||||
)
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(response);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_SIGNATURE));
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -164,14 +164,10 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
recipientEntityId
|
||||
);
|
||||
response.getAssertions().add(assertion);
|
||||
token = responseXml(response);
|
||||
this.token = responseXml(response);
|
||||
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.INVALID_ASSERTION
|
||||
)
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_ASSERTION));
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -185,14 +181,10 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
recipientEntityId
|
||||
);
|
||||
response.getAssertions().add(assertion);
|
||||
token = responseXml(response);
|
||||
this.token = responseXml(response);
|
||||
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.SUBJECT_NOT_FOUND
|
||||
)
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.SUBJECT_NOT_FOUND));
|
||||
this.provider.authenticate(token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -209,14 +201,10 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
recipientEntityId
|
||||
);
|
||||
response.getAssertions().add(assertion);
|
||||
token = responseXml(response);
|
||||
this.token = responseXml(response);
|
||||
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.USERNAME_NOT_FOUND
|
||||
)
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.USERNAME_NOT_FOUND));
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -232,8 +220,8 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
recipientEntityId
|
||||
);
|
||||
response.getAssertions().add(assertion);
|
||||
token = responseXml(response);
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(response);
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -242,13 +230,9 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
Assertion assertion = defaultAssertion();
|
||||
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
token = responseXml(response);
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.INVALID_SIGNATURE
|
||||
)
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(response);
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_SIGNATURE));
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -262,8 +246,8 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
);
|
||||
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
token = responseXml(response);
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(response);
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -277,8 +261,8 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
assertingPartyCredentials(),
|
||||
recipientEntityId
|
||||
);
|
||||
token = responseXml(response);
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(response);
|
||||
provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -295,8 +279,8 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
recipientEntityId
|
||||
);
|
||||
response.getAssertions().add(assertion);
|
||||
token = responseXml(response);
|
||||
provider.authenticate(token);
|
||||
this.token = responseXml(response);
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
|
||||
|
|
@ -306,23 +290,20 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
Assertion assertion = defaultAssertion();
|
||||
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
token = responseXml(response);
|
||||
this.token = responseXml(response);
|
||||
|
||||
token = new Saml2AuthenticationToken(
|
||||
token.getSaml2Response(),
|
||||
this.token = new Saml2AuthenticationToken(
|
||||
this.token.getSaml2Response(),
|
||||
recipientUri,
|
||||
idpEntityId,
|
||||
recipientEntityId,
|
||||
emptyList()
|
||||
);
|
||||
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.DECRYPTION_ERROR,
|
||||
"No valid decryption credentials found."
|
||||
)
|
||||
this.exception.expect(
|
||||
authenticationMatcher(Saml2ErrorCodes.DECRYPTION_ERROR, "No valid decryption credentials found.")
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -331,23 +312,20 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
Assertion assertion = defaultAssertion();
|
||||
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
token = responseXml(response);
|
||||
this.token = responseXml(response);
|
||||
|
||||
token = new Saml2AuthenticationToken(
|
||||
token.getSaml2Response(),
|
||||
this.token = new Saml2AuthenticationToken(
|
||||
this.token.getSaml2Response(),
|
||||
recipientUri,
|
||||
idpEntityId,
|
||||
recipientEntityId,
|
||||
assertingPartyCredentials()
|
||||
);
|
||||
|
||||
exception.expect(
|
||||
authenticationMatcher(
|
||||
Saml2ErrorCodes.DECRYPTION_ERROR,
|
||||
"Failed to decrypt EncryptedData"
|
||||
)
|
||||
this.exception.expect(
|
||||
authenticationMatcher(Saml2ErrorCodes.DECRYPTION_ERROR, "Failed to decrypt EncryptedData")
|
||||
);
|
||||
provider.authenticate(token);
|
||||
this.provider.authenticate(this.token);
|
||||
}
|
||||
|
||||
@Test
|
||||
|
|
@ -361,9 +339,9 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
);
|
||||
EncryptedAssertion encryptedAssertion = encryptAssertion(assertion, assertingPartyCredentials());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
token = responseXml(response);
|
||||
this.token = responseXml(response);
|
||||
|
||||
Saml2Authentication authentication = (Saml2Authentication) provider.authenticate(token);
|
||||
Saml2Authentication authentication = (Saml2Authentication) this.provider.authenticate(this.token);
|
||||
|
||||
// the following code will throw an exception if authentication isn't serializable
|
||||
ByteArrayOutputStream byteStream = new ByteArrayOutputStream(1024);
|
||||
|
|
@ -382,7 +360,7 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
}
|
||||
|
||||
private Saml2AuthenticationToken responseXml(XMLObject assertion) {
|
||||
String xml = saml.serialize(assertion);
|
||||
String xml = this.saml.serialize(assertion);
|
||||
return new Saml2AuthenticationToken(
|
||||
xml,
|
||||
recipientUri,
|
||||
|
|
@ -393,28 +371,23 @@ public class OpenSamlAuthenticationProviderTests {
|
|||
|
||||
}
|
||||
|
||||
private BaseMatcher<Saml2AuthenticationException> authenticationMatcher(String code) {
|
||||
private Matcher<Saml2AuthenticationException> authenticationMatcher(String code) {
|
||||
return authenticationMatcher(code, null);
|
||||
}
|
||||
|
||||
private BaseMatcher<Saml2AuthenticationException> authenticationMatcher(String code, String description) {
|
||||
private Matcher<Saml2AuthenticationException> authenticationMatcher(String code, String description) {
|
||||
return new BaseMatcher<Saml2AuthenticationException>() {
|
||||
private Object value = null;
|
||||
|
||||
@Override
|
||||
public boolean matches(Object item) {
|
||||
if (!(item instanceof Saml2AuthenticationException)) {
|
||||
value = item;
|
||||
return false;
|
||||
}
|
||||
Saml2AuthenticationException ex = (Saml2AuthenticationException) item;
|
||||
if (!code.equals(ex.getError().getErrorCode())) {
|
||||
value = item;
|
||||
return false;
|
||||
}
|
||||
if (hasText(description)) {
|
||||
if (!description.equals(ex.getError().getDescription())) {
|
||||
value = item;
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue