You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/09/25 18:18:55 UTC
[cxf-fediz] branch master updated: Adding a test with an empty role
This is an automated email from the ASF dual-hosted git repository.
coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git
The following commit(s) were added to refs/heads/master by this push:
new 0608829 Adding a test with an empty role
0608829 is described below
commit 0608829f2473a587923e76d09068acb174e52c57
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Sep 25 14:18:36 2018 -0400
Adding a test with an empty role
---
.../core/federation/FederationResponseTest.java | 38 ++++++++++++++++++++++
1 file changed, 38 insertions(+)
diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java
index 6759b71..f9ee9ec 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java
@@ -723,6 +723,44 @@ public class FederationResponseTest {
.size());
assertClaims(wfRes.getClaims(), callbackHandler.getRoleAttributeName());
}
+
+ @org.junit.Test
+ public void validateSAML2TokenEmptyRole() throws Exception {
+ SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
+ callbackHandler.setStatement(SAML2CallbackHandler.Statement.ATTR);
+ callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+ callbackHandler.setIssuer(TEST_RSTR_ISSUER);
+ callbackHandler.setSubjectName(TEST_USER);
+ callbackHandler.setRoles(Collections.singletonList(""));
+ ConditionsBean cp = new ConditionsBean();
+ AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
+ audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE);
+ cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
+ callbackHandler.setConditions(cp);
+
+ SAMLCallback samlCallback = new SAMLCallback();
+ SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
+ SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
+ String rstr = createSamlToken(assertion, "mystskey", true);
+
+ FedizRequest wfReq = new FedizRequest();
+ wfReq.setAction(FederationConstants.ACTION_SIGNIN);
+ wfReq.setResponseToken(rstr);
+
+ configurator = null;
+ FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
+ Protocol protocol = config.getProtocol();
+ protocol.setRoleDelimiter(",");
+
+ FedizProcessor wfProc = new FederationProcessorImpl();
+ FedizResponse wfRes = wfProc.processRequest(wfReq, config);
+
+ Assert.assertEquals("Principal name wrong", TEST_USER,
+ wfRes.getUsername());
+ Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
+ Assert.assertEquals(1, wfRes.getRoles().size());
+ Assert.assertEquals("", wfRes.getRoles().get(0));
+ }
/**
* Validate SAML 2 token which includes the role attribute with 2 values