From 8a11719cea33536e92d083664caf2c5a61d5312f Mon Sep 17 00:00:00 2001
From: vrioux <vrioux@ctech.ca>
Date: Wed, 28 Sep 2016 17:24:20 -0400
Subject: [PATCH] updated tests that should work now.

---
 modules/consent/lib/Auth/Process/Consent.php  |  2 +-
 .../consent/lib/Auth/Process/ConsentTest.php  | 78 ++++++++-----------
 2 files changed, 35 insertions(+), 45 deletions(-)

diff --git a/modules/consent/lib/Auth/Process/Consent.php b/modules/consent/lib/Auth/Process/Consent.php
index 2471371a9..b0cc9a5e2 100644
--- a/modules/consent/lib/Auth/Process/Consent.php
+++ b/modules/consent/lib/Auth/Process/Consent.php
@@ -10,7 +10,7 @@
 class sspmod_consent_Auth_Process_Consent extends SimpleSAML_Auth_ProcessingFilter
 {
     /**
-     * Button to recive focus
+     * Button to receive focus
      *
      * @var string|null
      */
diff --git a/tests/modules/consent/lib/Auth/Process/ConsentTest.php b/tests/modules/consent/lib/Auth/Process/ConsentTest.php
index ff34dcf77..704140a81 100644
--- a/tests/modules/consent/lib/Auth/Process/ConsentTest.php
+++ b/tests/modules/consent/lib/Auth/Process/ConsentTest.php
@@ -31,79 +31,69 @@ class ConsentTest extends \PHPUnit_Framework_TestCase
     /**
      * Test valid consent disable.
      */
-    public function testValidConsentDisableRegex()
+    public function testValidConsentDisable()
     {
         // test consent disable regex with match
-        $config = array(
-            'consent.disable' => array(
-                'type'=>'regex', 'pattern'=>'/.*\.example\.org.*/i',
-            ),
-        );
-        $request = array(
-            'Source'     => array(
-                'SingleSignOnService' => array(
-                    array(
-                        'Binding'  => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
-                        'Location' => 'https://www.example.org/saml2/idp/SSOService.php',
-                    ),
-                ),
-            ),
-            'Attributes' => array(
-                'eduPersonPrincipalName' => array('jdoe@example.com'),
-            ),
-        );
-        $result = $this->processFilter($config, $request);
-        $this->assertEquals($request['Attributes'], $result['Attributes']);
+        $config = array();
 
-        // test consent disable regex without match
-        $config = array(
-            'consent.disable' => array(
-                'type'=>'regex', 'pattern'=>'/.*\.otherexample\.org.*/i',
-            ),
-        );
+        // test consent disable with match on specific SP entityid
         $request = array(
             'Source'     => array(
+                'entityid' => 'https://idp.example.org',
+                'metadata-set' => 'saml20-idp-local',
+                'consent.disable' => array(
+                    'https://valid.flatstring.example.that.does.not.match',
+                    array('type'=>'regex', 'pattern'=>'/.*\.valid.regex\.that\.does\.not\.match.*/i'),
+                    'https://sp.example.org/my-sp',
+                ),
                 'SingleSignOnService' => array(
                     array(
                         'Binding'  => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
-                        'Location' => 'https://www.example.org/saml2/idp/SSOService.php',
+                        'Location' => 'https://idp.example.org/saml2/idp/SSOService.php',
                     ),
                 ),
             ),
+            'Destination' => array(
+                'entityid' => 'https://sp.example.org/my-sp',
+                'metadata-set' => 'saml20-sp-remote',
+            ),
+            'UserID' => 'jdoe',
             'Attributes' => array(
                 'eduPersonPrincipalName' => array('jdoe@example.com'),
             ),
         );
         $result = $this->processFilter($config, $request);
-        $this->assertEquals(array(), $result['Attributes']);
-    }
-
+        $this->assertEquals($request, $result); // The state should NOT have changed because NO consent should be necessary (match)
 
-    /**
-     * Test invalid consent disable.
-     */
-    public function testInvalidConsentDisable()
-    {
-        // test consent disable regex with wrong value format in config
-        $config = array(
-            'consent.disable' => array(
-                'type'=>'regex', '/.*\.example\.org.*/i',
-            ),
-        );
+        // test consent disable with match on SP through regular expression
         $request = array(
             'Source'     => array(
+                'entityid' => 'https://idp.example.org',
+                'metadata-set' => 'saml20-idp-local',
+                'consent.disable' => array(
+                    'https://valid.flatstring.example.that.does.not.match',
+                    array('type'=>'regex', 'pattern'=>'/.*\.valid.regex\.that\.does\.not\.match.*/i'),
+                    array('type'=>'regex', 'pattern'=>'/.*\.example\.org.*/i'),
+                ),
                 'SingleSignOnService' => array(
                     array(
                         'Binding'  => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect',
-                        'Location' => 'https://www.example.org/saml2/idp/SSOService.php',
+                        'Location' => 'https://idp.example.org/saml2/idp/SSOService.php',
                     ),
                 ),
             ),
+            'Destination' => array(
+                'entityid' => 'https://sp.example.org/my-sp',
+                'metadata-set' => 'saml20-sp-remote',
+            ),
+            'UserID' => 'jdoe',
             'Attributes' => array(
                 'eduPersonPrincipalName' => array('jdoe@example.com'),
             ),
         );
         $result = $this->processFilter($config, $request);
-        $this->assertEquals(array(), $result['Attributes']);
+        $this->assertEquals($request, $result); // The state should NOT have changed because NO consent should be necessary (match)
+
     }
+
 }
-- 
GitLab