Skip to content
Snippets Groups Projects
Commit e35474ce authored by Guy Halse's avatar Guy Halse
Browse files

Basic unit tests for metarefresh module

parent 5daa7839
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
tests/modules/metarefresh/lib/MetaLoaderTest.php 0 → 100644
+ 115
0
View file @ e35474ce
<?php
namespace SimpleSAML\Test\Module\metarefresh;
use PHPUnit\Framework\TestCase;
use \SimpleSAML\Configuration;
class MetaLoaderTest extends TestCase
{
private $metaloader;
private $config;
private $tmpdir;
private $source = [
'outputFormat' => 'flatfile',
'conditionalGET' => false,
];
private $expected = [
'entityid' => 'https://idp.example.com/idp/shibboleth',
'description' => ['en' => 'OrganizationName',],
'OrganizationName' => ['en' => 'OrganizationName',],
'name' => ['en' => 'DisplayName',],
'OrganizationDisplayName' => ['en' => 'OrganizationDisplayName',],
'url' => ['en' => 'https://example.com',],
'OrganizationURL' => ['en' => 'https://example.com',],
'contacts' => [['contactType' => 'technical', 'emailAddress' => ['mailto:technical.contact@example.com',],],],
'metadata-set' => 'saml20-idp-remote',
'SingleSignOnService' => [
[
'Binding' => 'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST',
'Location' => 'https://idp.example.com/idp/profile/SAML2/POST/SSO',
],
],
'keys' => [
[
'encryption' => true,
'signing' => true,
'type' => 'X509Certificate',
],
],
'scope' => ['example.com',],
'UIInfo' => [
'DisplayName' => ['en' => 'DisplayName',],
'Description' => ['en' => 'Description',],
],
];
protected function setUp()
{
$this->config = Configuration::loadFromArray(['module.enable' => ['metarefresh' => true]], '[ARRAY]', 'simplesaml');
Configuration::setPreLoadedConfig($this->config, 'config.php');
$this->metaloader = new \SimpleSAML\Module\metarefresh\MetaLoader();
/* cannot use dirname() in declaration */
$this->source['src'] = dirname(dirname(__FILE__)) . '/testmetadata.xml';
}
protected function tearDown()
{
if ($this->tmpdir && is_dir($this->tmpdir)) {
foreach (array_diff(scandir($this->tmpdir), array('.','..')) as $file) {
unlink($this->tmpdir.'/'.$file);
}
rmdir($this->tmpdir);
}
}
public function testMetaLoader()
{
$this->metaloader->loadSource($this->source);
$this->metaloader->dumpMetadataStdOut();
/* match a line from the cert before we attempt to parse */
$this->expectOutputRegex('/UTEbMBkGA1UECgwSRXhhbXBsZSBVbml2ZXJzaXR5MRgwFgYDVQQDDA9pZHAuZXhh/');
$output = $this->getActualOutput();
try {
eval($output);
} catch (\Exception $e) {
$this->fail('Metarefresh does not produce syntactially valid code');
}
$this->assertArrayHasKey('https://idp.example.com/idp/shibboleth', $metadata);
$this->assertArraySubset(
$this->expected,
$metadata['https://idp.example.com/idp/shibboleth']
);
}
public function testSignatureVerificationPass()
{
$this->metaloader->loadSource(array_merge($this->source, [ 'validateFingerprint' => '85:11:00:FF:34:55:BC:20:C0:20:5D:46:9B:2F:23:8F:41:09:68:F2' ]));
$this->metaloader->dumpMetadataStdOut();
$this->expectOutputRegex('/UTEbMBkGA1UECgwSRXhhbXBsZSBVbml2ZXJzaXR5MRgwFgYDVQQDDA9pZHAuZXhh/');
}
public function testSignatureVerificationFailure()
{
$this->metaloader->loadSource(array_merge($this->source, [ 'validateFingerprint' => 'DE:AD:BE:EF:DE:AD:BE:EF:DE:AD:BE:EF:DE:AD:BE:EF:DE:AD:BE:EF' ]));
$this->metaloader->dumpMetadataStdOut();
$this->expectOutputString('');
}
public function testWriteMetadataFiles()
{
$this->tmpdir = tempnam(sys_get_temp_dir(), 'SSP:tests:metarefresh');
@unlink($this->tmpdir); /* work around post 4.0.3 behaviour */
$this->metaloader->loadSource($this->source);
$this->metaloader->writeMetadataFiles($this->tmpdir);
$this->assertFileExists($this->tmpdir . '/saml20-idp-remote.php');
@include_once($this->tmpdir . '/saml20-idp-remote.php');
$this->assertArrayHasKey('https://idp.example.com/idp/shibboleth', $metadata);
$this->assertArraySubset(
$this->expected,
$metadata['https://idp.example.com/idp/shibboleth']
);
}
}
\ No newline at end of file
tests/modules/metarefresh/testmetadata.xml 0 → 100644
+ 75
0
View file @ e35474ce
<?xml version="1.0"?>
<md:EntitiesDescriptor xmlns:ds="http://www.w3.org/2000/09/xmldsig#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:shibmd="urn:mace:shibboleth:metadata:1.0" xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata" xmlns:mdui="urn:oasis:names:tc:SAML:metadata:ui" ID="54a61">
<ds:Signature>
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference>
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>eMUdeshvk+dcatUsFxyAr0qzAsY=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Yu+ZjVo2wMofiBo4S/owIFm88iFC4HAHMA6gLLaBHF/YlR1VO5c9NfHCDmRznWCz
T+87yw9GsBvPvZkO8ZBfgPK5ViRTQuk1TUr6gFHpG6/U+iNS7tjcS/HGJx4rPIqA
sXC5ybCj2OBP1ksgB0fs+HODQ4vaSyeBxXqk83HB1sQ=</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIBrTCCARYCCQCS5gsoFmLx7DANBgkqhkiG9w0BAQsFADAbMQswCQYDVQQGEwJB
UTEMMAoGA1UEAwwDTURYMB4XDTE5MDEwNzA2NDMwMFoXDTM3MDMyNTA2NDMwMFow
GzELMAkGA1UEBhMCQVExDDAKBgNVBAMMA01EWDCBnzANBgkqhkiG9w0BAQEFAAOB
jQAwgYkCgYEAwXXyCkAJOkpece1pe36O9sURMO8RA7guGxdGVmvOfPP/9KYQ3FCA
vjcZQVvkYP006Cgfzy8eSSrXppbINI/TkxtExIfCRReGwAJQQjesOWVvKECRg+zk
s0VZomIHVzxOoZYDofan1H2q+Pbght5W/GsfRSgBI7RnpgAYATXg/W0CAwEAATAN
BgkqhkiG9w0BAQsFAAOBgQBmNI2M5QTEKpbrhGqozelCFK3pZfMOa1EjkeZY4NjI
D3yjdbWi9+9LDOuehuB1LGNvTqxpwikxS9di2h4cnzHGX9adh/DUOVWmCI3FiLF+
po/upTEJzuRUzkn1YHLdeDuWmX/29ayZ2rPxucw8voVVDLOMetTKFMSWGxBeQ8cu
Gw==
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
<md:EntityDescriptor entityID="https://idp.example.com/idp/shibboleth">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol">
<md:Extensions>
<shibmd:Scope regexp="false">example.com</shibmd:Scope>
<mdui:UIInfo>
<mdui:DisplayName xml:lang="en">DisplayName</mdui:DisplayName>
<mdui:Description xml:lang="en">Description</mdui:Description>
</mdui:UIInfo>
</md:Extensions>
<md:KeyDescriptor>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIB/zCCAWgCCQCyf41J62ta0jANBgkqhkiG9w0BAQsFADBEMQswCQYDVQQGEwJB
UTEbMBkGA1UECgwSRXhhbXBsZSBVbml2ZXJzaXR5MRgwFgYDVQQDDA9pZHAuZXhh
bXBsZS5jb20wHhcNMTkwMTA3MDYyNDAyWhcNMzcwMzI1MDYyNDAyWjBEMQswCQYD
VQQGEwJBUTEbMBkGA1UECgwSRXhhbXBsZSBVbml2ZXJzaXR5MRgwFgYDVQQDDA9p
ZHAuZXhhbXBsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMBwa9wB
mgxSbFFQzw7T3F84F+EhjQS3d/4KsD3bAgm5WXz8E0H1VV8YcRpAMjRntqaitZ8X
NyjPIq43rUfx9MlYWdjPUthhU5xxBW80Zr9bcmztea6LgelctXnH+OCY4MSOyvji
/0Y4BjBE0N5PZeRiO4snPMz6hneMjtv+Qei9AgMBAAEwDQYJKoZIhvcNAQELBQAD
gYEAipaiTLJwjYpAkaRa8ANXPUgD0hJh6Z/lkX6m+E/mlkVvxN7OfIyDatT2R9B6
F+Yj7ujHmubkrLmdXvCPMjXNOqSYAtBkf5qcZ5x1d6Xas5Uw8t4uJSk/Nh2nKcom
l+zR8IYmcdFeaTjSMbEhYGDaIou+0T4/+/f8fDwwj8hQLYw=
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</md:KeyDescriptor>
<md:SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://idp.example.com/idp/profile/SAML2/POST/SSO"/>
</md:IDPSSODescriptor>
<md:Organization>
<md:OrganizationName xml:lang="en">OrganizationName</md:OrganizationName>
<md:OrganizationDisplayName xml:lang="en">OrganizationDisplayName</md:OrganizationDisplayName>
<md:OrganizationURL xml:lang="en">https://example.com</md:OrganizationURL>
</md:Organization>
<md:ContactPerson contactType="technical">
<md:EmailAddress>mailto:technical.contact@example.com</md:EmailAddress>
</md:ContactPerson>
</md:EntityDescriptor>
</md:EntitiesDescriptor>
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment