You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by co...@apache.org on 2018/09/25 18:18:55 UTC

[cxf-fediz] branch master updated: Adding a test with an empty role

This is an automated email from the ASF dual-hosted git repository.

coheigea pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/cxf-fediz.git


The following commit(s) were added to refs/heads/master by this push:
     new 0608829  Adding a test with an empty role
0608829 is described below

commit 0608829f2473a587923e76d09068acb174e52c57
Author: Colm O hEigeartaigh <co...@apache.org>
AuthorDate: Tue Sep 25 14:18:36 2018 -0400

    Adding a test with an empty role
---
 .../core/federation/FederationResponseTest.java    | 38 ++++++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java
index 6759b71..f9ee9ec 100644
--- a/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java
+++ b/plugins/core/src/test/java/org/apache/cxf/fediz/core/federation/FederationResponseTest.java
@@ -723,6 +723,44 @@ public class FederationResponseTest {
                             .size());
         assertClaims(wfRes.getClaims(), callbackHandler.getRoleAttributeName());
     }
+    
+    @org.junit.Test
+    public void validateSAML2TokenEmptyRole() throws Exception {
+        SAML2CallbackHandler callbackHandler = new SAML2CallbackHandler();
+        callbackHandler.setStatement(SAML2CallbackHandler.Statement.ATTR);
+        callbackHandler.setConfirmationMethod(SAML2Constants.CONF_BEARER);
+        callbackHandler.setIssuer(TEST_RSTR_ISSUER);
+        callbackHandler.setSubjectName(TEST_USER);
+        callbackHandler.setRoles(Collections.singletonList(""));
+        ConditionsBean cp = new ConditionsBean();
+        AudienceRestrictionBean audienceRestriction = new AudienceRestrictionBean();
+        audienceRestriction.getAudienceURIs().add(TEST_AUDIENCE);
+        cp.setAudienceRestrictions(Collections.singletonList(audienceRestriction));
+        callbackHandler.setConditions(cp);
+
+        SAMLCallback samlCallback = new SAMLCallback();
+        SAMLUtil.doSAMLCallback(callbackHandler, samlCallback);
+        SamlAssertionWrapper assertion = new SamlAssertionWrapper(samlCallback);
+        String rstr = createSamlToken(assertion, "mystskey", true);
+
+        FedizRequest wfReq = new FedizRequest();
+        wfReq.setAction(FederationConstants.ACTION_SIGNIN);
+        wfReq.setResponseToken(rstr);
+
+        configurator = null;
+        FedizContext config = getFederationConfigurator().getFedizContext("ROOT");
+        Protocol protocol = config.getProtocol();
+        protocol.setRoleDelimiter(",");
+
+        FedizProcessor wfProc = new FederationProcessorImpl();
+        FedizResponse wfRes = wfProc.processRequest(wfReq, config);
+
+        Assert.assertEquals("Principal name wrong", TEST_USER,
+                            wfRes.getUsername());
+        Assert.assertEquals("Issuer wrong", TEST_RSTR_ISSUER, wfRes.getIssuer());
+        Assert.assertEquals(1, wfRes.getRoles().size());
+        Assert.assertEquals("", wfRes.getRoles().get(0));
+    }
 
     /**
      * Validate SAML 2 token which includes the role attribute with 2 values