Repository: cxf-fediz Updated Branches: refs/heads/master 722b70f02 -> f9897e43a
Adding HomeRealmParser and enabling SAML SSO federation test Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/c802d989 Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/c802d989 Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/c802d989 Branch: refs/heads/master Commit: c802d98972472bc0de427b12b3573048f9d45aaa Parents: 722b70f Author: Colm O hEigeartaigh <[email protected]> Authored: Tue Nov 8 11:49:00 2016 +0000 Committer: Colm O hEigeartaigh <[email protected]> Committed: Tue Nov 8 11:49:00 2016 +0000 ---------------------------------------------------------------------- systests/federation/pom.xml | 2 +- .../fediz/integrationtests/HomeRealmParser.java | 31 ++++++ .../cxf/fediz/integrationtests/SAMLSSOTest.java | 103 ++++++------------- .../test/resources/realma/entities-realma.xml | 4 + 4 files changed, 68 insertions(+), 72 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c802d989/systests/federation/pom.xml ---------------------------------------------------------------------- diff --git a/systests/federation/pom.xml b/systests/federation/pom.xml index aa32503..acafe82 100644 --- a/systests/federation/pom.xml +++ b/systests/federation/pom.xml @@ -35,7 +35,7 @@ <module>samlIdpWebapp</module> <module>oidcIdpWebapp</module> <module>wsfed</module> - <!--<module>samlsso</module>--> + <module>samlsso</module> </modules> </project> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c802d989/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java ---------------------------------------------------------------------- diff --git a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java new file mode 100644 index 0000000..b72e09d --- /dev/null +++ b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/HomeRealmParser.java @@ -0,0 +1,31 @@ +/** + * Licensed to the Apache Software Foundation (ASF) under one + * or more contributor license agreements. See the NOTICE file + * distributed with this work for additional information + * regarding copyright ownership. The ASF licenses this file + * to you under the Apache License, Version 2.0 (the + * "License"); you may not use this file except in compliance + * with the License. You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, + * software distributed under the License is distributed on an + * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY + * KIND, either express or implied. See the License for the + * specific language governing permissions and limitations + * under the License. + */ + +package org.apache.cxf.fediz.integrationtests; + +/** + * + */ +public class HomeRealmParser { + + public String getRealm() { + return "urn:org:apache:cxf:fediz:idp:realm-B"; + } + +} \ No newline at end of file http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c802d989/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java ---------------------------------------------------------------------- diff --git a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java index b42a28c..45ddb8d 100644 --- a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java +++ b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java @@ -25,10 +25,19 @@ import java.io.IOException; import javax.servlet.ServletException; +import com.gargoylesoftware.htmlunit.CookieManager; +import com.gargoylesoftware.htmlunit.WebClient; +import com.gargoylesoftware.htmlunit.html.HtmlForm; +import com.gargoylesoftware.htmlunit.html.HtmlPage; +import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput; +import com.gargoylesoftware.htmlunit.xml.XmlPage; + import org.apache.catalina.LifecycleException; import org.apache.catalina.LifecycleState; import org.apache.catalina.connector.Connector; import org.apache.catalina.startup.Tomcat; +import org.apache.http.auth.AuthScope; +import org.apache.http.auth.UsernamePasswordCredentials; import org.junit.AfterClass; import org.junit.Assert; import org.junit.BeforeClass; @@ -200,42 +209,23 @@ public class SAMLSSOTest { } @org.junit.Test - @org.junit.Ignore public void testWSFederation() throws Exception { String url = "https://localhost:"; + getRpHttpsPort() + "/wsfed/app1/services/25"; - System.out.println(url); - Thread.sleep(60 * 2 * 1000); + //System.out.println(url); + //Thread.sleep(60 * 2 * 1000); - /* String user = "ALICE"; // realm b credentials String password = "ECILA"; final String bodyTextContent = - login(url, user, password, getIdpRealmbHttpsPort(), idpHttpsPort); + login(url, user, password, getIdpRealmbHttpsPort(), getIdpHttpsPort()); + + Assert.assertTrue(bodyTextContent.contains("This is the double number response")); - Assert.assertTrue("Principal not alice", - bodyTextContent.contains("userPrincipal=alice")); - Assert.assertTrue("User " + user + " does not have role Admin", - bodyTextContent.contains("role:Admin=false")); - Assert.assertTrue("User " + user + " does not have role Manager", - bodyTextContent.contains("role:Manager=false")); - Assert.assertTrue("User " + user + " must have role User", - bodyTextContent.contains("role:User=true")); - - String claim = ClaimTypes.FIRSTNAME.toString(); - Assert.assertTrue("User " + user + " claim " + claim + " is not 'Alice'", - bodyTextContent.contains(claim + "=Alice")); - claim = ClaimTypes.LASTNAME.toString(); - Assert.assertTrue("User " + user + " claim " + claim + " is not 'Smith'", - bodyTextContent.contains(claim + "=Smith")); - claim = ClaimTypes.EMAILADDRESS.toString(); - Assert.assertTrue("User " + user + " claim " + claim + " is not '[email protected]'", - bodyTextContent.contains(claim + "[email protected]")); - */ } - /* + private static String login(String url, String user, String password, - String idpPort, String rpIdpPort) throws IOException { + String idpPort, String rpIdpPort) throws IOException { // // Access the RP + get redirected to the IdP for "realm a". Then get redirected to the IdP for // "realm b". @@ -249,56 +239,27 @@ public class SAMLSSOTest { new UsernamePasswordCredentials(user, password)); webClient.getOptions().setJavaScriptEnabled(false); - final HtmlPage idpPage = webClient.getPage(url); - webClient.getOptions().setJavaScriptEnabled(true); - Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText()); + HtmlPage idpPage = webClient.getPage(url); - // For some reason, redirecting back to the IdP for "realm a" is not working with htmlunit. So extract - // the parameters manually from the form, and access the IdP for "realm a" with them - DomNodeList<DomElement> results = idpPage.getElementsByTagName("input"); + Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText()); - String wresult = null; - String wa = "wsignin1.0"; - String wctx = null; - String wtrealm = null; - for (DomElement result : results) { - if ("wresult".equals(result.getAttributeNS(null, "name"))) { - wresult = result.getAttributeNS(null, "value"); - } else if ("wctx".equals(result.getAttributeNS(null, "name"))) { - wctx = result.getAttributeNS(null, "value"); - } else if ("wtrealm".equals(result.getAttributeNS(null, "name"))) { - wtrealm = result.getAttributeNS(null, "value"); - } - } - Assert.assertTrue(wctx != null && wresult != null && wtrealm != null); - webClient.close(); + // Now redirect back to the IdP for Realm A + HtmlForm form = idpPage.getFormByName("signinresponseform"); - // Invoke on the IdP for "realm a" - final WebClient webClient2 = new WebClient(); - webClient2.setCookieManager(cookieManager); - webClient2.getOptions().setUseInsecureSSL(true); - - String url2 = "https://localhost:"; + rpIdpPort + "/fediz-idp/federation?"; - url2 += "wctx=" + wctx + "&"; - url2 += "wa=" + wa + "&"; - url2 += "wtrealm=" + URLEncoder.encode(wtrealm, "UTF8") + "&"; - url2 += "wresult=" + URLEncoder.encode(wresult, "UTF8") + "&"; - - webClient2.getOptions().setJavaScriptEnabled(false); - final HtmlPage idpPage2 = webClient2.getPage(url2); - webClient2.getOptions().setJavaScriptEnabled(true); - Assert.assertEquals("IDP SignIn Response Form", idpPage2.getTitleText()); - - // Now redirect back to the RP - final HtmlForm form2 = idpPage2.getFormByName("signinresponseform"); + HtmlSubmitInput button = form.getInputByName("_eventId_submit"); + + HtmlPage idpPageRealmA = button.click(); - final HtmlSubmitInput button2 = form2.getInputByName("_eventId_submit"); + Assert.assertTrue("SAML IDP Response Form".equals(idpPage.getTitleText()) + || "IDP SignIn Response Form".equals(idpPage.getTitleText())); + form = idpPageRealmA.getFormByName("samlsigninresponseform"); - final HtmlPage rpPage = button2.click(); - Assert.assertEquals("WS Federation Systests Examples", rpPage.getTitleText()); + // Now redirect back to the SAML SSO web app + button = form.getInputByName("_eventId_submit"); - webClient2.close(); - return rpPage.getBody().getTextContent(); + XmlPage rpPage = button.click(); + + webClient.close(); + return rpPage.asXml(); } - */ } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/c802d989/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml ---------------------------------------------------------------------- diff --git a/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml b/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml index f0a63ab..93e3dfe 100644 --- a/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml +++ b/systests/federation/samlsso/src/test/resources/realma/entities-realma.xml @@ -26,6 +26,9 @@ http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util-2.0.xsd";> + <bean id="homeRealmParser" class="org.apache.cxf.fediz.integrationtests.HomeRealmParser"> + </bean> + <bean id="idp-realmA" class="org.apache.cxf.fediz.service.idp.service.jpa.IdpEntity"> <property name="realm" value="urn:org:apache:cxf:fediz:idp:realm-A" /> <property name="uri" value="realma" /> @@ -78,6 +81,7 @@ <ref bean="claim_email" /> </util:list> </property> + <property name="hrds" value="'#{ homeRealmParser.realm }'" /> </bean> <bean id="trusted-idp-realmB"
