You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2016/02/26 12:44:46 UTC
cxf-fediz git commit: [FEDIZ-153] - Adding automated tests
Repository: cxf-fediz
Updated Branches:
refs/heads/master 785104b79 -> 9ac16d8f9
[FEDIZ-153] - Adding automated tests
Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/9ac16d8f
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/9ac16d8f
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/9ac16d8f
Branch: refs/heads/master
Commit: 9ac16d8f90d7054d6e00040f79a0b4bba730197c
Parents: 785104b
Author: Colm O hEigeartaigh <co...@apache.org>
Authored: Fri Feb 26 11:44:30 2016 +0000
Committer: Colm O hEigeartaigh <co...@apache.org>
Committed: Fri Feb 26 11:44:30 2016 +0000
----------------------------------------------------------------------
.../cxf/fediz/integrationtests/OIDCTest.java | 58 ++++++++++++--------
.../oidc/src/test/resources/cxf-service.xml | 1 +
systests/federation/oidcIdpWebapp/pom.xml | 5 --
.../src/main/webapp/WEB-INF/cxf-service.xml | 1 +
systests/federation/pom.xml | 1 +
5 files changed, 37 insertions(+), 29 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
----------------------------------------------------------------------
diff --git a/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java b/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
index 6053355..0a7e83a 100644
--- a/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
+++ b/systests/federation/oidc/src/test/java/org/apache/cxf/fediz/integrationtests/OIDCTest.java
@@ -22,16 +22,18 @@ package org.apache.cxf.fediz.integrationtests;
import java.io.File;
import java.io.IOException;
-
-import org.w3c.dom.Document;
+import java.net.URL;
+import java.util.ArrayList;
import org.w3c.dom.Element;
-import org.w3c.dom.Node;
import com.gargoylesoftware.htmlunit.CookieManager;
+import com.gargoylesoftware.htmlunit.HttpMethod;
import com.gargoylesoftware.htmlunit.WebClient;
+import com.gargoylesoftware.htmlunit.WebRequest;
import com.gargoylesoftware.htmlunit.html.HtmlForm;
import com.gargoylesoftware.htmlunit.html.HtmlPage;
import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;
+import com.gargoylesoftware.htmlunit.util.NameValuePair;
import com.gargoylesoftware.htmlunit.xml.XmlPage;
import org.apache.catalina.Context;
@@ -39,23 +41,19 @@ import org.apache.catalina.LifecycleState;
import org.apache.catalina.connector.Connector;
import org.apache.catalina.startup.Tomcat;
import org.apache.cxf.fediz.core.ClaimTypes;
-import org.apache.cxf.fediz.core.util.DOMUtils;
import org.apache.cxf.fediz.tomcat7.FederationAuthenticator;
import org.apache.http.auth.AuthScope;
import org.apache.http.auth.UsernamePasswordCredentials;
-import org.apache.xml.security.keys.KeyInfo;
-import org.apache.xml.security.signature.XMLSignature;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
-import org.junit.Test;
/**
* This is a test for federation in the IdP. The RP application is configured to use a home realm of "realm b". The
* client gets redirected to the IdP for "realm a", which in turn redirects to the IdP for "realm b", which is a
- * SAML SSO IdP. The IdP for "realm a" will convert the signin request to a SAML SSO sign in request. The IdP for
- * realm b authenticates the user, who is then redirected back to the IdP for "realm a" to get a SAML token from
- * the STS + then back to the application.
+ * OIDC IdP. The IdP for "realm a" will convert the signin request to a OIDC authorization code flow request. The
+ * IdP for realm b authenticates the user, who is then redirected back to the IdP for "realm a" to get a SAML token
+ * from the STS + then back to the application.
*/
public class OIDCTest {
@@ -240,7 +238,7 @@ public class OIDCTest {
}
@org.junit.Test
- // @org.junit.Ignore
+ @org.junit.Ignore
public void testBrowser() throws Exception {
String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet";
System.out.println("URL: " + url);
@@ -248,16 +246,13 @@ public class OIDCTest {
}
@org.junit.Test
- @org.junit.Ignore
- public void testSAMLSSO() throws Exception {
+ public void testOIDC() throws Exception {
String url = "https://localhost:" + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet";
- // System.out.println("URL: " + url);
- // Thread.sleep(60 * 2 * 1000);
String user = "ALICE"; // realm b credentials
String password = "ECILA";
final String bodyTextContent =
- login(url, user, password, idpOIDCHttpsPort, idpHttpsPort, false);
+ login(url, user, password, idpOIDCHttpsPort, idpHttpsPort);
Assert.assertTrue("Principal not alice",
bodyTextContent.contains("userPrincipal=alice"));
@@ -280,7 +275,7 @@ public class OIDCTest {
}
private static String login(String url, String user, String password,
- String idpPort, String rpIdpPort, boolean postBinding) throws IOException {
+ String idpPort, String rpIdpPort) throws IOException {
//
// Access the RP + get redirected to the IdP for "realm a". Then get redirected to the IdP for
// "realm b".
@@ -294,14 +289,29 @@ public class OIDCTest {
new UsernamePasswordCredentials(user, password));
webClient.getOptions().setJavaScriptEnabled(false);
- HtmlPage idpPage = webClient.getPage(url);
- if (postBinding) {
- Assert.assertEquals("SAML IDP Response Form", idpPage.getTitleText());
- final HtmlForm form = idpPage.getFormByName("signinresponseform");
- final HtmlSubmitInput button = form.getInputByName("_eventId_submit");
- idpPage = button.click();
- }
+ // The decision page is returned as XML for some reason. So parse it and send a form response back.
+ XmlPage oidcIdpConfirmationPage = webClient.getPage(url);
+
+ Element clientId = (Element)oidcIdpConfirmationPage.getByXPath("//clientId").get(0);
+ Element redirectUri = (Element)oidcIdpConfirmationPage.getByXPath("//redirectUri").get(0);
+ Element scope = (Element)oidcIdpConfirmationPage.getByXPath("//proposedScope").get(0);
+ Element state = (Element)oidcIdpConfirmationPage.getByXPath("//state").get(0);
+ Element authenticityToken = (Element)oidcIdpConfirmationPage.getByXPath("//authenticityToken").get(0);
+ Element replyTo = (Element)oidcIdpConfirmationPage.getByXPath("//replyTo").get(0);
+
+ WebRequest request = new WebRequest(new URL(replyTo.getTextContent()), HttpMethod.POST);
+
+ request.setRequestParameters(new ArrayList<NameValuePair>());
+ request.getRequestParameters().add(new NameValuePair("client_id", clientId.getTextContent()));
+ request.getRequestParameters().add(new NameValuePair("redirect_uri", redirectUri.getTextContent()));
+ request.getRequestParameters().add(new NameValuePair("scope", scope.getTextContent()));
+ request.getRequestParameters().add(new NameValuePair("state", state.getTextContent()));
+ request.getRequestParameters().add(new NameValuePair("session_authenticity_token",
+ authenticityToken.getTextContent()));
+ request.getRequestParameters().add(new NameValuePair("oauthDecision", "allow"));
+
+ HtmlPage idpPage = webClient.getPage(request);
Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText());
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidc/src/test/resources/cxf-service.xml
----------------------------------------------------------------------
diff --git a/systests/federation/oidc/src/test/resources/cxf-service.xml b/systests/federation/oidc/src/test/resources/cxf-service.xml
index acc0a9a..7b09656 100644
--- a/systests/federation/oidc/src/test/resources/cxf-service.xml
+++ b/systests/federation/oidc/src/test/resources/cxf-service.xml
@@ -60,6 +60,7 @@
<constructor-arg><value>consumer-id</value></constructor-arg>
<constructor-arg><value>this-is-a-secret</value></constructor-arg>
<constructor-arg><value>true</value></constructor-arg>
+ <constructor-arg><value>Fediz IdP</value></constructor-arg>
<property name="redirectUris">
<util:list value-type="java.lang.String">
<value>https://localhost:${idp.https.port}/fediz-idp/federation</value>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidcIdpWebapp/pom.xml
----------------------------------------------------------------------
diff --git a/systests/federation/oidcIdpWebapp/pom.xml b/systests/federation/oidcIdpWebapp/pom.xml
index 989391c..a265f7a 100644
--- a/systests/federation/oidcIdpWebapp/pom.xml
+++ b/systests/federation/oidcIdpWebapp/pom.xml
@@ -65,11 +65,6 @@
<version>${slf4j.version}</version>
</dependency>
<dependency>
- <groupId>com.fasterxml.jackson.jaxrs</groupId>
- <artifactId>jackson-jaxrs-json-provider</artifactId>
- <version>2.6.5</version>
- </dependency>
- <dependency>
<groupId>org.apache.cxf</groupId>
<artifactId>cxf-rt-ws-security</artifactId>
<version>${cxf.version}</version>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
----------------------------------------------------------------------
diff --git a/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml b/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
index acc0a9a..7b09656 100644
--- a/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
+++ b/systests/federation/oidcIdpWebapp/src/main/webapp/WEB-INF/cxf-service.xml
@@ -60,6 +60,7 @@
<constructor-arg><value>consumer-id</value></constructor-arg>
<constructor-arg><value>this-is-a-secret</value></constructor-arg>
<constructor-arg><value>true</value></constructor-arg>
+ <constructor-arg><value>Fediz IdP</value></constructor-arg>
<property name="redirectUris">
<util:list value-type="java.lang.String">
<value>https://localhost:${idp.https.port}/fediz-idp/federation</value>
http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/9ac16d8f/systests/federation/pom.xml
----------------------------------------------------------------------
diff --git a/systests/federation/pom.xml b/systests/federation/pom.xml
index 7190b07..d78c2a5 100644
--- a/systests/federation/pom.xml
+++ b/systests/federation/pom.xml
@@ -34,6 +34,7 @@
<module>samlIdpWebapp</module>
<module>oidcIdpWebapp</module>
<module>samlsso</module>
+ <module>oidc</module>
<module>wsfed</module>
</modules>