updated tests that should work now.

8a11719c · vrioux · ca9d055f · 8a11719c · 8a11719c
Commit 8a11719c authored 8 years ago by vrioux
--- a/modules/consent/lib/Auth/Process/Consent.php
+++ b/modules/consent/lib/Auth/Process/Consent.php
@@ -10,7 +10,7 @@
 class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilter
 {
    /**
-     * Button to recive focus
+     * Button to receive focus
     *
     * @var string|null
     */

--- a/tests/modules/consent/lib/Auth/Process/ConsentTest.php
+++ b/tests/modules/consent/lib/Auth/Process/ConsentTest.php
@@ -31,79 +31,69 @@ class ConsentTest extends \PHPUnit_Framework_TestCase
    /**
     * Test valid consent disable.
     */
-    public function testValidConsentDisableRegex()
+    public function testValidConsentDisable()
    {
        // test consent disable regex with match
-        $config = array(
-            'consent.disable' => array(
-                'type'=>'regex', 'pattern'=>'/.*\.example\.org.*/i',
-            ),
-        );
-        $request = array(
-            'Source'     => array(
-                'SingleSignOnService' => array(
-                    array(
-                        'Binding'  => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
-                        'Location' => 'https://www.example.org/saml2/idp/SSOService.php',
-                    ),
-                ),
-            ),
-            'Attributes' => array(
-                'eduPersonPrincipalName' => array('jdoe@example.com'),
-            ),
-        );
-        $result = $this->processFilter($config, $request);
-        $this->assertEquals($request['Attributes'], $result['Attributes']);
+        $config = array();

-        // test consent disable regex without match
-        $config = array(
-            'consent.disable' => array(
-                'type'=>'regex', 'pattern'=>'/.*\.otherexample\.org.*/i',
-            ),
-        );
+        // test consent disable with match on specific SP entityid
        $request = array(
            'Source'     => array(
+                'entityid' => 'https://idp.example.org',
+                'metadata-set' => 'saml20-idp-local',
+                'consent.disable' => array(
+                    'https://valid.flatstring.example.that.does.not.match',
+                    array('type'=>'regex', 'pattern'=>'/.*\.valid.regex\.that\.does\.not\.match.*/i'),
+                    'https://sp.example.org/my-sp',
+                ),
                'SingleSignOnService' => array(
                    array(
                        'Binding'  => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
-                        'Location' => 'https://www.example.org/saml2/idp/SSOService.php',
+                        'Location' => 'https://idp.example.org/saml2/idp/SSOService.php',
                    ),
                ),
            ),
+            'Destination' => array(
+                'entityid' => 'https://sp.example.org/my-sp',
+                'metadata-set' => 'saml20-sp-remote',
+            ),
+            'UserID' => 'jdoe',
            'Attributes' => array(
                'eduPersonPrincipalName' => array('jdoe@example.com'),
            ),
        );
        $result = $this->processFilter($config, $request);
-        $this->assertEquals(array(), $result['Attributes']);
-    }
-
+        $this->assertEquals($request, $result); // The state should NOT have changed because NO consent should be necessary (match)

-    /**
-     * Test invalid consent disable.
-     */
-    public function testInvalidConsentDisable()
-    {
-        // test consent disable regex with wrong value format in config
-        $config = array(
-            'consent.disable' => array(
-                'type'=>'regex', '/.*\.example\.org.*/i',
-            ),
-        );
+        // test consent disable with match on SP through regular expression
        $request = array(
            'Source'     => array(
+                'entityid' => 'https://idp.example.org',
+                'metadata-set' => 'saml20-idp-local',
+                'consent.disable' => array(
+                    'https://valid.flatstring.example.that.does.not.match',
+                    array('type'=>'regex', 'pattern'=>'/.*\.valid.regex\.that\.does\.not\.match.*/i'),
+                    array('type'=>'regex', 'pattern'=>'/.*\.example\.org.*/i'),
+                ),
                'SingleSignOnService' => array(
                    array(
                        'Binding'  => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
-                        'Location' => 'https://www.example.org/saml2/idp/SSOService.php',
+                        'Location' => 'https://idp.example.org/saml2/idp/SSOService.php',
                    ),
                ),
            ),
+            'Destination' => array(
+                'entityid' => 'https://sp.example.org/my-sp',
+                'metadata-set' => 'saml20-sp-remote',
+            ),
+            'UserID' => 'jdoe',
            'Attributes' => array(
                'eduPersonPrincipalName' => array('jdoe@example.com'),
            ),
        );
        $result = $this->processFilter($config, $request);
-        $this->assertEquals(array(), $result['Attributes']);
+        $this->assertEquals($request, $result); // The state should NOT have changed because NO consent should be necessary (match)
+
    }
+
 }