You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/07/24 11:29:11 UTC
[cxf-fediz] 02/02: FEDIZ-222 - Enabling system tests
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
commit 28319013a90d434300b3ac8419103d566c306cab
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Jul 24 12:13:08 2018 +0100
FEDIZ-222 - Enabling system tests
---
.../apache/cxf/fediz/systests/samlsso/IdpTest.java | 15 ++++++----
.../src/test/resources/realma/entities-realma.xml | 2 +-
.../fediz/systests/common/AbstractExpiryTests.java | 4 +--
.../cxf/fediz/systests/common/AbstractTests.java | 32 ++++++++++------------
.../cxf/fediz/systests/common/HTTPTestUtils.java | 32 ++++++++++++++--------
5 files changed, 47 insertions(+), 38 deletions(-)
diff --git a/systests/samlsso/src/test/java/org/apache/cxf/fediz/systests/samlsso/IdpTest.java b/systests/samlsso/src/test/java/org/apache/cxf/fediz/systests/samlsso/IdpTest.java
index 57b4df9..aa02e69 100644
--- a/systests/samlsso/src/test/java/org/apache/cxf/fediz/systests/samlsso/IdpTest.java
+++ b/systests/samlsso/src/test/java/org/apache/cxf/fediz/systests/samlsso/IdpTest.java
@@ -1718,7 +1718,8 @@ public class IdpTest {
// Check Response
HtmlForm responseForm = signoutPage.getFormByName("samlsignoutresponseform");
- Assert.assertEquals("https://localhost:8080/logout", responseForm.getActionAttribute());
+ String logoutResponseURL = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/logout";
+ Assert.assertEquals(logoutResponseURL, responseForm.getActionAttribute());
String responseValue = responseForm.getInputByName("SAMLResponse").getAttributeNS(null, "value");
Assert.assertNotNull(responseValue);
String receivedRelayState = responseForm.getInputByName("RelayState").getAttributeNS(null, "value");
@@ -1730,7 +1731,7 @@ public class IdpTest {
LogoutResponse logoutResponse = (LogoutResponse)OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
Assert.assertNotNull(logoutResponse);
- Assert.assertEquals("https://localhost:8080/logout", logoutResponse.getDestination());
+ Assert.assertEquals(logoutResponseURL, logoutResponse.getDestination());
String expectedIssuer = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/saml";
Assert.assertEquals(expectedIssuer, logoutResponse.getIssuer().getValue());
String success = "urn:oasis:names:tc:SAML:2.0:status:Success";
@@ -1848,7 +1849,8 @@ public class IdpTest {
// Check Response
HtmlForm responseForm = idpPage.getFormByName("samlsignoutresponseform");
- Assert.assertEquals("https://localhost:8080/logout", responseForm.getActionAttribute());
+ String logoutResponseURL = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/logout";
+ Assert.assertEquals(logoutResponseURL, responseForm.getActionAttribute());
String responseValue = responseForm.getInputByName("SAMLResponse").getAttributeNS(null, "value");
Assert.assertNotNull(responseValue);
String receivedRelayState = responseForm.getInputByName("RelayState").getAttributeNS(null, "value");
@@ -1860,7 +1862,7 @@ public class IdpTest {
LogoutResponse logoutResponse = (LogoutResponse)OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
Assert.assertNotNull(logoutResponse);
- Assert.assertEquals("https://localhost:8080/logout", logoutResponse.getDestination());
+ Assert.assertEquals(logoutResponseURL, logoutResponse.getDestination());
String expectedIssuer = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/saml";
Assert.assertEquals(expectedIssuer, logoutResponse.getIssuer().getValue());
String success = "urn:oasis:names:tc:SAML:2.0:status:Requester";
@@ -1981,7 +1983,8 @@ public class IdpTest {
// Check Response
HtmlForm responseForm = signoutPage.getFormByName("samlsignoutresponseform");
- Assert.assertEquals("https://localhost:8080/logout", responseForm.getActionAttribute());
+ String logoutResponseURL = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/logout";
+ Assert.assertEquals(logoutResponseURL, responseForm.getActionAttribute());
String responseValue = responseForm.getInputByName("SAMLResponse").getAttributeNS(null, "value");
Assert.assertNotNull(responseValue);
String receivedRelayState = responseForm.getInputByName("RelayState").getAttributeNS(null, "value");
@@ -1993,7 +1996,7 @@ public class IdpTest {
LogoutResponse logoutResponse = (LogoutResponse)OpenSAMLUtil.fromDom(responseDoc.getDocumentElement());
Assert.assertNotNull(logoutResponse);
- Assert.assertEquals("https://localhost:8080/logout", logoutResponse.getDestination());
+ Assert.assertEquals(logoutResponseURL, logoutResponse.getDestination());
String expectedIssuer = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/saml";
Assert.assertEquals(expectedIssuer, logoutResponse.getIssuer().getValue());
String success = "urn:oasis:names:tc:SAML:2.0:status:Requester";
diff --git a/systests/samlsso/src/test/resources/realma/entities-realma.xml b/systests/samlsso/src/test/resources/realma/entities-realma.xml
index 7bbc430..8d9623b 100644
--- a/systests/samlsso/src/test/resources/realma/entities-realma.xml
+++ b/systests/samlsso/src/test/resources/realma/entities-realma.xml
@@ -158,7 +158,7 @@
<property name="role" value="ApplicationServiceType" />
<property name="tokenType" value="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" />
<property name="lifeTime" value="3600" />
- <property name="logoutEndpoint" value="https://localhost:8080/logout" />
+ <property name="logoutEndpoint" value="https://localhost:${rp.https.port}/fedizhelloworld/secure/logout" />
<property name="passiveRequestorEndpointConstraint"
value="https://localhost:(\d)*/(\w)*helloworld(\w)*/secure/.*" />
<property name="validatingCertificate" value="realma.cert" />
diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractExpiryTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractExpiryTests.java
index 0ff0edd..3025696 100644
--- a/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractExpiryTests.java
+++ b/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractExpiryTests.java
@@ -117,7 +117,7 @@ public abstract class AbstractExpiryTests {
CookieManager cookieManager = new CookieManager();
// 1. Login
- HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager);
+ HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), "signinresponseform", cookieManager);
// 2. Sign out of the service (but not the Idp)
final WebClient webClient = new WebClient();
@@ -127,7 +127,7 @@ public abstract class AbstractExpiryTests {
webClient.close();
// 3. Sign back in to the service provider. This time it will get a new IdP token due to wfresh=0.
- HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager);
+ HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), "signinresponseform", cookieManager);
}
private void verifyApplication(String user, String bodyTextContent) {
diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractTests.java
index ebdfea7..d78c136 100644
--- a/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractTests.java
+++ b/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/AbstractTests.java
@@ -403,10 +403,6 @@ public abstract class AbstractTests {
@Test
public void testRPLogout() throws Exception {
- if (!isWSFederation()) {
- return;
- }
-
String url = "https://localhost:" + getRpHttpsPort() + "/" + getServletContextName()
+ "/secure/fedservlet";
String user = "alice";
@@ -415,7 +411,7 @@ public abstract class AbstractTests {
CookieManager cookieManager = new CookieManager();
// 1. Login
- HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager);
+ HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), getLoginFormName(), cookieManager);
// 2. Now we should have a cookie from the RP and IdP and should be able to do
// subsequent requests without authenticate again. Lets test this first.
@@ -430,7 +426,7 @@ public abstract class AbstractTests {
String rpLogoutUrl = "https://localhost:" + getRpHttpsPort() + "/" + getServletContextName()
+ "/secure/logout";
- HTTPTestUtils.logout(rpLogoutUrl, cookieManager);
+ HTTPTestUtils.logout(rpLogoutUrl, cookieManager, isWSFederation());
// 4. now we try to access the RP and idp without authentication but with the existing cookies
// to see if we are really logged out
@@ -462,7 +458,7 @@ public abstract class AbstractTests {
CookieManager cookieManager = new CookieManager();
// 1. Login
- HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager);
+ HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), getLoginFormName(), cookieManager);
// 2. Now we should have a cookie from the RP and IdP and should be able to do
// subsequent requests without authenticate again. Lets test this first.
@@ -477,7 +473,7 @@ public abstract class AbstractTests {
String rpLogoutUrl = "https://localhost:" + getRpHttpsPort() + "/" + getServletContextName()
+ "/secure/fedservlet?wa=" + FederationConstants.ACTION_SIGNOUT;
- HTTPTestUtils.logout(rpLogoutUrl, cookieManager);
+ HTTPTestUtils.logout(rpLogoutUrl, cookieManager, isWSFederation());
// 4. now we try to access the RP and idp without authentication but with the existing cookies
// to see if we are really logged out
@@ -509,7 +505,7 @@ public abstract class AbstractTests {
CookieManager cookieManager = new CookieManager();
// 1. Login
- HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager);
+ HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), getLoginFormName(), cookieManager);
// 2. Now we should have a cookie from the RP and IdP and should be able to do
// subsequent requests without authenticate again. Lets test this first.
@@ -524,7 +520,7 @@ public abstract class AbstractTests {
String idpLogoutUrl = "https://localhost:" + getIdpHttpsPort() + "/fediz-idp/federation?wa="
+ FederationConstants.ACTION_SIGNOUT; //todo logout url on idp?!?
- HTTPTestUtils.logout(idpLogoutUrl, cookieManager);
+ HTTPTestUtils.logout(idpLogoutUrl, cookieManager, isWSFederation());
// 4. now we try to access the RP and idp without authentication but with the existing cookies
// to see if we are really logged out
@@ -556,7 +552,7 @@ public abstract class AbstractTests {
CookieManager cookieManager = new CookieManager();
// 1. Login
- HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager);
+ HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), getLoginFormName(), cookieManager);
// 2. Now we should have a cookie from the RP and IdP and should be able to do
// subsequent requests without authenticate again. Lets test this first.
@@ -702,7 +698,7 @@ public abstract class AbstractTests {
CookieManager cookieManager = new CookieManager();
// 1. Login
- HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager);
+ HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), getLoginFormName(), cookieManager);
// 2. Now we should have a cookie from the RP and IdP and should be able to do
// subsequent requests without authenticate again. Lets test this first.
@@ -771,7 +767,7 @@ public abstract class AbstractTests {
if (getTokenName().equals(result.getAttributeNS(null, "name"))) {
// Now modify the Signature
String value = result.getAttributeNS(null, "value");
-
+
if (isWSFederation()) {
value = entity + value;
value = value.replace("alice", reference);
@@ -782,13 +778,13 @@ public abstract class AbstractTests {
InputStream inputStream = new ByteArrayInputStream(deflatedToken);
Document responseDoc = StaxUtils.read(new InputStreamReader(inputStream, "UTF-8"));
-
+
// Modify SignatureValue to include the entity
String signatureNamespace = "http://www.w3.org/2000/09/xmldsig#";
Node signatureValue =
responseDoc.getElementsByTagNameNS(signatureNamespace, "SignatureValue").item(0);
signatureValue.setTextContent(reference + signatureValue.getTextContent());
-
+
// Re-encode response
String responseMessage = DOM2Writer.nodeToString(responseDoc);
result.setAttributeNS(null, "value", Base64Utility.encode((entity + responseMessage).getBytes()));
@@ -844,7 +840,7 @@ public abstract class AbstractTests {
if (getTokenName().equals(result.getAttributeNS(null, "name"))) {
// Now modify the Signature
String value = result.getAttributeNS(null, "value");
-
+
if (isWSFederation()) {
value = entity + value;
value = value.replace("alice", reference);
@@ -855,13 +851,13 @@ public abstract class AbstractTests {
InputStream inputStream = new ByteArrayInputStream(deflatedToken);
Document responseDoc = StaxUtils.read(new InputStreamReader(inputStream, "UTF-8"));
-
+
// Modify SignatureValue to include the entity
String signatureNamespace = "http://www.w3.org/2000/09/xmldsig#";
Node signatureValue =
responseDoc.getElementsByTagNameNS(signatureNamespace, "SignatureValue").item(0);
signatureValue.setTextContent(reference + signatureValue.getTextContent());
-
+
// Re-encode response
String responseMessage = DOM2Writer.nodeToString(responseDoc);
result.setAttributeNS(null, "value", Base64Utility.encode((entity + responseMessage).getBytes()));
diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/HTTPTestUtils.java b/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/HTTPTestUtils.java
index 9aa73ab..46103cb 100644
--- a/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/HTTPTestUtils.java
+++ b/systests/tests/src/test/java/org/apache/cxf/fediz/systests/common/HTTPTestUtils.java
@@ -67,7 +67,7 @@ public final class HTTPTestUtils {
}
public static String loginWithCookieManager(String url, String user, String password,
- String idpPort, CookieManager cookieManager) throws IOException {
+ String idpPort, String formName, CookieManager cookieManager) throws IOException {
final WebClient webClient = new WebClient();
webClient.setCookieManager(cookieManager);
webClient.getOptions().setUseInsecureSSL(true);
@@ -80,7 +80,7 @@ public final class HTTPTestUtils {
webClient.getOptions().setJavaScriptEnabled(true);
Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
- final HtmlForm form = idpPage.getFormByName("signinresponseform");
+ final HtmlForm form = idpPage.getFormByName(formName);
final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
final HtmlPage rpPage = button.click();
@@ -91,7 +91,7 @@ public final class HTTPTestUtils {
return rpPage.getBody().getTextContent();
}
- public static void logout(String url, CookieManager cookieManager) throws IOException {
+ public static void logout(String url, CookieManager cookieManager, boolean wsfed) throws IOException {
final WebClient webClient = new WebClient();
webClient.setCookieManager(cookieManager);
webClient.getOptions().setUseInsecureSSL(true);
@@ -101,16 +101,26 @@ public final class HTTPTestUtils {
final HtmlForm form = idpPage.getFormByName("signoutconfirmationresponseform");
final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
- final HtmlPage idpLogoutPage = button.click();
- DomNodeList<DomElement> images = idpLogoutPage.getElementsByTagName("img");
- Assert.assertEquals(1, images.getLength());
- for (int i = 0; i < images.size(); i++) {
- DomElement domElement = images.get(i);
- String imgSrc = domElement.getAttribute("src");
+ webClient.getOptions().setJavaScriptEnabled(false);
+ final HtmlPage idpLogoutPage = button.click();
+ webClient.getOptions().setJavaScriptEnabled(true);
- //we should get a fault if the image isn't available.
- webClient.getPage(imgSrc);
+ if (wsfed) {
+ DomNodeList<DomElement> images = idpLogoutPage.getElementsByTagName("img");
+ Assert.assertEquals(1, images.getLength());
+ for (int i = 0; i < images.size(); i++) {
+ DomElement domElement = images.get(i);
+ String imgSrc = domElement.getAttribute("src");
+
+ //we should get a fault if the image isn't available.
+ webClient.getPage(imgSrc);
+ }
+ } else {
+ // For SAML SSO we will be redirected back to the RP
+ HtmlForm responseForm = idpLogoutPage.getFormByName("samlsignoutresponseform");
+ HtmlSubmitInput button2 = responseForm.getInputByName("_eventId_submit");
+ button2.click();
}
webClient.close();