From 528491146ffe3aceda96d9bebd464bc230a433a5 Mon Sep 17 00:00:00 2001
From: Tim van Dijen <tvdijen@gmail.com>
Date: Mon, 23 May 2022 23:14:19 +0200
Subject: [PATCH] WIP: add test
---
modules/saml/lib/Controller/Metadata.php | 2 +-
.../saml/lib/Controller/MetadataTest.php | 116 ++++++++++++++++++
2 files changed, 117 insertions(+), 1 deletion(-)
create mode 100644 tests/modules/saml/lib/Controller/MetadataTest.php
diff --git a/modules/saml/lib/Controller/Metadata.php b/modules/saml/lib/Controller/Metadata.php
index 1e0e49d65..8635d94c9 100644
--- a/modules/saml/lib/Controller/Metadata.php
+++ b/modules/saml/lib/Controller/Metadata.php
@@ -35,7 +35,7 @@ class Metadata
/**
* Controller constructor.
-- *
+ *
* It initializes the global configuration for the controllers implemented here.
*
* @param \SimpleSAML\Configuration $config The configuration to use by the controllers.
diff --git a/tests/modules/saml/lib/Controller/MetadataTest.php b/tests/modules/saml/lib/Controller/MetadataTest.php
new file mode 100644
index 000000000..b3ff10198
--- /dev/null
+++ b/tests/modules/saml/lib/Controller/MetadataTest.php
@@ -0,0 +1,116 @@
+<?php
+
+declare(strict_types=1);
+
+namespace SimpleSAML\Test\Module\saml\Controller;
+
+use PHPUnit\Framework\TestCase;
+use SimpleSAML\Configuration;
+use SimpleSAML\Http\RunnableResponse;
+use SimpleSAML\Module\saml\Controller;
+use SimpleSAML\Session;
+use SimpleSAML\Utils;
+//use Symfony\Component\HttpFoundation\Request;
+use Symfony\Component\HttpFoundation\Response;
+
+/**
+ * Set of tests for the controllers in the "saml" module.
+ *
+ * @covers \SimpleSAML\Module\saml\Controller\Metadata
+ * @package SimpleSAML\Test
+ */
+class MetadataTest extends TestCase
+{
+ /** @var \SimpleSAML\Configuration */
+ protected Configuration $config;
+
+ /** @var \SimpleSAML\Session */
+ protected Session $session;
+
+
+ /**
+ * Set up for each test.
+ */
+ protected function setUp(): void
+ {
+ parent::setUp();
+
+ $this->session = Session::getSessionFromRequest();
+
+ $this->config = Configuration::loadFromArray(
+ [
+ 'module.enable' => ['saml' => true],
+ 'enable.saml20-idp' => true,
+ 'admin.protectmetadata' => true,
+ ],
+ '[ARRAY]',
+ 'simplesaml'
+ );
+ Configuration::setPreLoadedConfig($this->config, 'config.php');
+
+ Configuration::setPreLoadedConfig(
+ Configuration::loadFromArray(
+ [
+ 'admin' => ['core:AdminPassword'],
+ 'phpunit' => ['saml:SP'],
+ ],
+ '[ARRAY]',
+ 'simplesaml'
+ ),
+ 'authsources.php',
+ 'simplesaml'
+ );
+
+ $this->authUtils = new class () extends Utils\Auth {
+ public function requireAdmin(): void
+ {
+ // stub
+ }
+ };
+ }
+
+
+ /**
+ * Test that accessing the metadata-endpoint with or without authentication
+ * and admin.protectmetadata set to true or false is handled properly
+ *
+ * @dataProvider provideMetadataAccess
+ * @param bool $protected
+ * @param bool $authenticated
+ * @return void
+ */
+ public function testMetadataAccess(bool $authenticated, bool $protected): void
+ {
+ $c = new Controller\ServiceProvider($this->config, $this->session);
+
+ if ($authenticated === true || $protected === false) {
+ // Bypass authentication - mock being authenticated
+ $c->setAuthUtils($this->authUtils);
+ }
+
+ $result = $c->metadata('phpunit');
+
+ if ($authenticated !== false && $protected !== true) {
+ // ($authenticated === true) or ($protected === false)
+ // Should lead to a Response
+ $this->assertInstanceOf(Response::class, $result);
+ } else {
+ $this->assertInstanceOf(RunnableResponse::class, $result);
+ }
+ }
+
+
+ /**
+ * @return array
+ */
+ public function provideMetadataAccess(): array
+ {
+ return [
+ /* [authenticated, protected] */
+ [false, false],
+ [false, true],
+ [true, false],
+ [true, true],
+ ];
+ }
+}
--
GitLab