You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/02/26 12:44:46 UTC
cxf-fediz git commit: [FEDIZ-153] - Adding automated tests

Repository: cxf-fediz
Updated Branches:
  refs/heads/master 785104b79 -> 9ac16d8f9


[FEDIZ-153] - Adding automated tests


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/9ac16d8f
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/9ac16d8f
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/9ac16d8f

Branch: refs/heads/master
Commit: 9ac16d8f90d7054d6e00040f79a0b4bba730197c
Parents: 785104b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Feb 26 11:44:30 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Feb 26 11:44:30 2016 +0000

----------------------------------------------------------------------
 .../cxf/fediz/integrationtests/OIDCTest.java    | 58 ++++++++++++--------
 .../oidc/src/test/resources/cxf-service.xml     |  1 +
 systests/federation/oidcIdpWebapp/pom.xml       |  5 --
 .../src/main/webapp/WEB-INF/cxf-service.xml     |  1 +
 systests/federation/pom.xml                     |  1 +
 5 files changed, 37 insertions(+), 29 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
----------------------------------------------------------------------
diff --git a/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java b/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
index 6053355..0a7e83a 100644
--- a/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
+++ b/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
@@ -22,16 +22,18 @@ package org.apache.cxf.fediz.integrationtests;
 
 import java.io.File;
 import java.io.IOException;
-
-import org.w3c.dom.Document;
+import java.net.URL;
+import java.util.ArrayList;
 import org.w3c.dom.Element;
-import org.w3c.dom.Node;
 
 import com.gargoylesoftware.htmlunit.CookieManager;
+import com.gargoylesoftware.htmlunit.HttpMethod;
 import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.WebRequest;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;
+import com.gargoylesoftware.htmlunit.util.NameValuePair;
 import com.gargoylesoftware.htmlunit.xml.XmlPage;
 
 import org.apache.catalina.Context;
@@ -39,23 +41,19 @@ import org.apache.catalina.LifecycleState;
 import org.apache.catalina.connector.Connector;
 import org.apache.catalina.startup.Tomcat;
 import org.apache.cxf.fediz.core.ClaimTypes;
-import org.apache.cxf.fediz.core.util.DOMUtils;
 import org.apache.cxf.fediz.tomcat7.FederationAuthenticator;
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.UsernamePasswordCredentials;
-import org.apache.xml.security.keys.KeyInfo;
-import org.apache.xml.security.signature.XMLSignature;
 import org.junit.AfterClass;
 import org.junit.Assert;
 import org.junit.BeforeClass;
-import org.junit.Test;
 
 /**
  * This is a test for federation in the IdP. The RP application is configured to use a home realm of "realm b". The
  * client gets redirected to the IdP for "realm a", which in turn redirects to the IdP for "realm b", which is a 
- * SAML SSO IdP. The IdP for "realm a" will convert the signin request to a SAML SSO sign in request. The IdP for 
- * realm b authenticates the user, who is then redirected back to the IdP for "realm a" to get a SAML token from 
- * the STS + then back to the application.
+ * OIDC IdP. The IdP for "realm a" will convert the signin request to a OIDC authorization code flow request. The 
+ * IdP for realm b authenticates the user, who is then redirected back to the IdP for "realm a" to get a SAML token 
+ * from the STS + then back to the application.
  */
 public class OIDCTest {
 
@@ -240,7 +238,7 @@ public class OIDCTest {
     }
     
     @org.junit.Test
-    // @org.junit.Ignore
+    @org.junit.Ignore
     public void testBrowser() throws Exception {
         String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet";
         System.out.println("URL: " + url);
@@ -248,16 +246,13 @@ public class OIDCTest {
     }
     
     @org.junit.Test
-    @org.junit.Ignore
-    public void testSAMLSSO() throws Exception {
+    public void testOIDC() throws Exception {
         String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet";
-        // System.out.println("URL: " + url);
-        // Thread.sleep(60 * 2 * 1000);
         String user = "ALICE";  // realm b credentials
         String password = "ECILA";
         
         final String bodyTextContent = 
-            login(url, user, password, idpOIDCHttpsPort, idpHttpsPort, false);
+            login(url, user, password, idpOIDCHttpsPort, idpHttpsPort);
         
         Assert.assertTrue("Principal not alice",
                           bodyTextContent.contains("userPrincipal=alice"));
@@ -280,7 +275,7 @@ public class OIDCTest {
     }
     
     private static String login(String url, String user, String password, 
-                                String idpPort, String rpIdpPort, boolean postBinding) throws IOException {
+                                String idpPort, String rpIdpPort) throws IOException {
         //
         // Access the RP + get redirected to the IdP for "realm a". Then get redirected to the IdP for
         // "realm b".
@@ -294,14 +289,29 @@ public class OIDCTest {
             new UsernamePasswordCredentials(user, password));
 
         webClient.getOptions().setJavaScriptEnabled(false);
-        HtmlPage idpPage = webClient.getPage(url);
         
-        if (postBinding) {
-            Assert.assertEquals("SAML IDP Response Form", idpPage.getTitleText());
-            final HtmlForm form = idpPage.getFormByName("signinresponseform");
-            final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
-            idpPage = button.click();
-        }
+        // The decision page is returned as XML for some reason. So parse it and send a form response back.
+        XmlPage oidcIdpConfirmationPage = webClient.getPage(url);
+        
+        Element clientId = (Element)oidcIdpConfirmationPage.getByXPath("//clientId").get(0);
+        Element redirectUri = (Element)oidcIdpConfirmationPage.getByXPath("//redirectUri").get(0);
+        Element scope = (Element)oidcIdpConfirmationPage.getByXPath("//proposedScope").get(0);
+        Element state = (Element)oidcIdpConfirmationPage.getByXPath("//state").get(0);
+        Element authenticityToken = (Element)oidcIdpConfirmationPage.getByXPath("//authenticityToken").get(0);
+        Element replyTo = (Element)oidcIdpConfirmationPage.getByXPath("//replyTo").get(0);
+        
+        WebRequest request = new WebRequest(new URL(replyTo.getTextContent()), HttpMethod.POST);
+
+        request.setRequestParameters(new ArrayList<NameValuePair>());
+        request.getRequestParameters().add(new NameValuePair("client_id", clientId.getTextContent()));
+        request.getRequestParameters().add(new NameValuePair("redirect_uri", redirectUri.getTextContent()));
+        request.getRequestParameters().add(new NameValuePair("scope", scope.getTextContent()));
+        request.getRequestParameters().add(new NameValuePair("state", state.getTextContent()));
+        request.getRequestParameters().add(new NameValuePair("session_authenticity_token", 
+                                                             authenticityToken.getTextContent()));
+        request.getRequestParameters().add(new NameValuePair("oauthDecision", "allow"));
+
+        HtmlPage idpPage = webClient.getPage(request);
         
         Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
 

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidc/src/test/resources/cxf-service.xml
----------------------------------------------------------------------
diff --git a/systests/federation/oidc/src/test/resources/cxf-service.xml b/systests/federation/oidc/src/test/resources/cxf-service.xml
index acc0a9a..7b09656 100644
--- a/systests/federation/oidc/src/test/resources/cxf-service.xml
+++ b/systests/federation/oidc/src/test/resources/cxf-service.xml
@@ -60,6 +60,7 @@
        <constructor-arg><value>consumer-id</value></constructor-arg>
        <constructor-arg><value>this-is-a-secret</value></constructor-arg>
        <constructor-arg><value>true</value></constructor-arg>
+       <constructor-arg><value>Fediz IdP</value></constructor-arg>
        <property name="redirectUris">
            <util:list value-type="java.lang.String">
                <value>https://localhost:${idp.https.port}/fediz-idp/federation</value>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidcIdpWebapp/pom.xml
----------------------------------------------------------------------
diff --git a/systests/federation/oidcIdpWebapp/pom.xml b/systests/federation/oidcIdpWebapp/pom.xml
index 989391c..a265f7a 100644
--- a/systests/federation/oidcIdpWebapp/pom.xml
+++ b/systests/federation/oidcIdpWebapp/pom.xml
@@ -65,11 +65,6 @@
             <version>${slf4j.version}</version>
         </dependency>
         <dependency>
-           <groupId>com.fasterxml.jackson.jaxrs</groupId>
-           <artifactId>jackson-jaxrs-json-provider</artifactId>
-           <version>2.6.5</version>
-        </dependency>
-        <dependency>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-rt-ws-security</artifactId>
            <version>${cxf.version}</version>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
----------------------------------------------------------------------
diff --git a/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml b/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
index acc0a9a..7b09656 100644
--- a/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
+++ b/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
@@ -60,6 +60,7 @@
        <constructor-arg><value>consumer-id</value></constructor-arg>
        <constructor-arg><value>this-is-a-secret</value></constructor-arg>
        <constructor-arg><value>true</value></constructor-arg>
+       <constructor-arg><value>Fediz IdP</value></constructor-arg>
        <property name="redirectUris">
            <util:list value-type="java.lang.String">
                <value>https://localhost:${idp.https.port}/fediz-idp/federation</value>

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/pom.xml
----------------------------------------------------------------------
diff --git a/systests/federation/pom.xml b/systests/federation/pom.xml
index 7190b07..d78c2a5 100644
--- a/systests/federation/pom.xml
+++ b/systests/federation/pom.xml
@@ -34,6 +34,7 @@
         <module>samlIdpWebapp</module>
         <module>oidcIdpWebapp</module>
         <module>samlsso</module>
+        <module>oidc</module>
         <module>wsfed</module>
     </modules>