This is an automated email from the ASF dual-hosted git repository.
cris pushed a commit to branch SLING-9397/improve-test-coverage
in repository https://gitbox.apache.org/repos/asf/sling-whiteboard.git
The following commit(s) were added to
refs/heads/SLING-9397/improve-test-coverage by this push:
new c5d6203 WIP: continuing work to increase test converage
c5d6203 is described below
commit c5d6203d92eecf8cc153ecc28eaca3d0e01de28f
Author: Cris Rockwell, College of LSA University of Michigan
<[email protected]>
AuthorDate: Wed Feb 24 18:10:35 2021 -0500
WIP: continuing work to increase test converage
---
saml-handler/pom.xml | 24 +++
.../java/org/apache/sling/auth/saml2/Helpers.java | 3 +-
.../saml2/impl/AuthenticationHandlerSAML2Impl.java | 3 +-
.../impl/AuthenticationHandlerSAML2ImplTest.java | 5 +-
.../apache/sling/auth/saml2/impl/OsgiSamlTest.java | 167 +++++++++++++++++++++
5 files changed, 196 insertions(+), 6 deletions(-)
diff --git a/saml-handler/pom.xml b/saml-handler/pom.xml
index caec5eb..38e98e4 100644
--- a/saml-handler/pom.xml
+++ b/saml-handler/pom.xml
@@ -114,6 +114,30 @@ which is licensed under the Apache-2.0 license.
<version>4.12</version>
<scope>test</scope>
</dependency>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.testing.osgi-mock.junit4</artifactId>
+ <version>3.0.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.testing.osgi-mock</artifactId>
+ <version>3.0.0</version>
+ <scope>test</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.felix</groupId>
+ <artifactId>org.apache.felix.scr.ds-annotations</artifactId>
+ <version>1.2.10</version>
+ <scope>provided</scope>
+ </dependency>
+ <dependency>
+ <groupId>org.apache.sling</groupId>
+ <artifactId>org.apache.sling.testing.resourceresolver-mock</artifactId>
+ <version>1.2.0</version>
+ <scope>test</scope>
+ </dependency>
<dependency>
<groupId>org.powermock</groupId>
diff --git
a/saml-handler/src/main/java/org/apache/sling/auth/saml2/Helpers.java
b/saml-handler/src/main/java/org/apache/sling/auth/saml2/Helpers.java
index f741076..f41f4c0 100644
--- a/saml-handler/src/main/java/org/apache/sling/auth/saml2/Helpers.java
+++ b/saml-handler/src/main/java/org/apache/sling/auth/saml2/Helpers.java
@@ -48,6 +48,7 @@ public class Helpers {
private static Logger logger = LoggerFactory.getLogger(Helpers.class);
private static RandomIdentifierGenerationStrategy secureRandomIdGenerator;
+ private static String DEFAULT_ELEMENT_NAME = "DEFAULT_ELEMENT_NAME";
static {
secureRandomIdGenerator = new RandomIdentifierGenerationStrategy();
}
@@ -56,7 +57,7 @@ public class Helpers {
T object = null;
try {
XMLObjectBuilderFactory builderFactory =
XMLObjectProviderRegistrySupport.getBuilderFactory();
- QName defaultElementName = (QName)
clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
+ QName defaultElementName = (QName)
clazz.getDeclaredField(DEFAULT_ELEMENT_NAME).get(null);
object =
(T)builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
} catch (IllegalAccessException e) {
throw new IllegalArgumentException("Could not create SAML object");
diff --git
a/saml-handler/src/main/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2Impl.java
b/saml-handler/src/main/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2Impl.java
index d958449..b0cc482 100644
---
a/saml-handler/src/main/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2Impl.java
+++
b/saml-handler/src/main/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2Impl.java
@@ -57,6 +57,7 @@ import
org.opensaml.xmlsec.keyinfo.impl.StaticKeyInfoCredentialResolver;
import org.opensaml.xmlsec.signature.support.SignatureConstants;
import org.opensaml.xmlsec.signature.support.SignatureException;
import org.opensaml.xmlsec.signature.support.SignatureValidator;
+import org.osgi.framework.Bundle;
import org.osgi.framework.BundleContext;
import org.osgi.framework.FrameworkUtil;
import org.osgi.framework.wiring.BundleWiring;
@@ -355,7 +356,7 @@ public class AuthenticationHandlerSAML2Impl extends
AbstractSamlHandler implemen
*
https://bitbucket.org/srasmusson/webprofile-ref-project-v3/src/master/src/main/java/no/steras/opensamlbook/sp/AccessFilter.java
*
https://bitbucket.org/srasmusson/webprofile-ref-project-v3/src/master/src/main/java/no/steras/opensamlbook/sp/ConsumerServlet.java
*/
- private AuthnRequest buildAuthnRequest() {
+ AuthnRequest buildAuthnRequest() {
AuthnRequest authnRequest =
Helpers.buildSAMLObject(AuthnRequest.class);
authnRequest.setIssueInstant(Instant.now());
authnRequest.setDestination(this.getSaml2IDPDestination());
diff --git
a/saml-handler/src/test/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2ImplTest.java
b/saml-handler/src/test/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2ImplTest.java
index 0fc22bf..cd3977e 100644
---
a/saml-handler/src/test/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2ImplTest.java
+++
b/saml-handler/src/test/java/org/apache/sling/auth/saml2/impl/AuthenticationHandlerSAML2ImplTest.java
@@ -23,7 +23,6 @@ import org.hamcrest.core.StringStartsWith;
import org.jmock.Expectations;
import org.jmock.Mockery;
import org.jmock.api.Invocation;
-import org.junit.Before;
import org.junit.Test;
import org.hamcrest.Description;
import org.junit.runner.RunWith;
@@ -33,13 +32,11 @@ import
org.powermock.core.classloader.annotations.PrepareForTest;
import org.powermock.modules.junit4.PowerMockRunner;
import org.jmock.api.Action;
import java.io.File;
-import java.util.HashMap;
-import java.util.Map;
-import org.apache.sling.auth.saml2.AuthenticationHandlerSAML2Config;
import static
org.apache.sling.auth.saml2.impl.AuthenticationHandlerSAML2Impl.TOKEN_FILENAME;
import static org.junit.Assert.assertEquals;
+
@RunWith(PowerMockRunner.class)
@PrepareForTest(AuthenticationHandlerSAML2Impl.class)
@PowerMockIgnore("jdk.internal.reflect.*")
diff --git
a/saml-handler/src/test/java/org/apache/sling/auth/saml2/impl/OsgiSamlTest.java
b/saml-handler/src/test/java/org/apache/sling/auth/saml2/impl/OsgiSamlTest.java
new file mode 100644
index 0000000..d1fc3a3
--- /dev/null
+++
b/saml-handler/src/test/java/org/apache/sling/auth/saml2/impl/OsgiSamlTest.java
@@ -0,0 +1,167 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */
+
+package org.apache.sling.auth.saml2.impl;
+
+import org.apache.sling.api.resource.ResourceResolverFactory;
+import org.apache.sling.auth.saml2.Saml2UserMgtService;
+import org.apache.sling.testing.mock.osgi.MockOsgi;
+import org.apache.sling.testing.mock.osgi.junit.OsgiContext;
+import org.apache.sling.testing.resourceresolver.MockResourceResolverFactory;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.mockito.Mockito;
+import org.opensaml.saml.common.xml.SAMLConstants;
+import org.opensaml.saml.saml2.core.AuthnRequest;
+import org.osgi.framework.Bundle;
+import org.osgi.framework.BundleContext;
+import org.osgi.framework.FrameworkUtil;
+import org.osgi.framework.wiring.BundleWiring;
+import org.osgi.service.cm.Configuration;
+import org.osgi.service.cm.ConfigurationAdmin;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import java.io.IOException;
+import java.time.Instant;
+import java.util.Dictionary;
+import java.util.Hashtable;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+public class OsgiSamlTest {
+
+ @Rule
+ public final OsgiContext osgiContext = new OsgiContext();
+
+ @Before
+ public void setup(){
+ try {
+// configureAnonAccess();
+// configureJaas();
+// configureUserConfigMgr();
+ ResourceResolverFactory mockFactory =
Mockito.mock(ResourceResolverFactory.class);
+ osgiContext.registerService(ResourceResolverFactory.class,
mockFactory);
+ } catch (Exception e){
+ fail(e.getMessage());
+ }
+ }
+
+ @Test
+ public void test_default_configs() {
+ Saml2UserMgtService userMgtService = osgiContext.registerService(new
Saml2UserMgtServiceImpl());
+ AuthenticationHandlerSAML2Impl samlHandler =
osgiContext.registerInjectActivateService(new AuthenticationHandlerSAML2Impl());
+ assertNotNull(samlHandler);
+ assertEquals("{}",samlHandler.getSaml2Path());
+ assertFalse(samlHandler.getSaml2SPEnabled());
+ assertEquals("username",samlHandler.getSaml2userIDAttr());
+ assertEquals("http://localhost:8080/",samlHandler.getEntityID());
+
assertEquals("http://localhost:8080/sp/consumer",samlHandler.getACSURL());
+ assertEquals("/sp/consumer",samlHandler.getAcsPath());
+ assertEquals("/home/users/saml",samlHandler.getSaml2userHome());
+ assertEquals(null,samlHandler.getSaml2groupMembershipAttr());
+ assertTrue(samlHandler.getSyncAttrs().length == 0);
+ assertEquals("saml2AuthInfo",samlHandler.getSaml2SessionAttr());
+ assertEquals("http://localhost:8080/idp/profile/SAML2/Redirect/SSO";,
samlHandler.getSaml2IDPDestination());
+ assertEquals("https://sling.apache.org/";,
samlHandler.getSaml2LogoutURL());
+ assertFalse(samlHandler.getSaml2SPEncryptAndSign());
+ assertEquals(null,samlHandler.getJksFileLocation());
+ assertEquals(null,samlHandler.getJksStorePassword());
+ assertEquals(null,samlHandler.getIdpCertAlias());
+ assertEquals(null,samlHandler.getSpKeysAlias());
+ assertEquals(null,samlHandler.getSpKeysPassword());
+ }
+
+ @Test
+ public void test_disabled_saml_handler(){
+ Saml2UserMgtService userMgtService = osgiContext.registerService(new
Saml2UserMgtServiceImpl());
+ AuthenticationHandlerSAML2Impl samlHandler =
osgiContext.registerInjectActivateService(new AuthenticationHandlerSAML2Impl());
+ assertFalse(samlHandler.getSaml2SPEnabled());
+ final HttpServletRequest request =
Mockito.mock(HttpServletRequest.class);
+ final HttpServletResponse response =
Mockito.mock(HttpServletResponse.class);
+ assertNull(samlHandler.extractCredentials(request,response));
+ try{
+ assertFalse(samlHandler.requestCredentials(request,response));
+ } catch (IOException e){
+ fail(e.getMessage());
+ }
+ }
+
+ @Test
+ public void test_authn_request(){
+ BundleContext bundleContext = MockOsgi.newBundleContext();
+// MockResourceResolverFactory factory = new
MockResourceResolverFactory();
+ ResourceResolverFactory mockFactory =
Mockito.mock(ResourceResolverFactory.class);
+
+// MockOsgi.injectServices(mockFactory, bundleContext);
+
+// Saml2UserMgtService userMgtService = new Saml2UserMgtServiceImpl();
+// MockOsgi.injectServices(userMgtService, bundleContext);
+// AuthenticationHandlerSAML2Impl samlHandler = new
AuthenticationHandlerSAML2Impl();
+// MockOsgi.injectServices(samlHandler, bundleContext);
+// MockOsgi.activate(samlHandler, bundleContext);
+// AuthnRequest authnRequest = samlHandler.buildAuthnRequest();
+// assertNotNull(authnRequest);
+// assertEquals(samlHandler.getSaml2IDPDestination(),
authnRequest.getDestination());
+// assertTrue(authnRequest.getIssueInstant().isBefore(Instant.now()));
+// assertEquals(SAMLConstants.SAML2_POST_BINDING_URI,
authnRequest.getProtocolBinding());
+// assertEquals(samlHandler.getACSURL(),
authnRequest.getAssertionConsumerServiceURL());
+// assertTrue(authnRequest.getID().length()<10);
+ }
+
+ private void configureJaas() throws IOException {
+ final ConfigurationAdmin configAdmin =
osgiContext.getService(ConfigurationAdmin.class);
+ Configuration jaasConfig =
configAdmin.getConfiguration("org.apache.felix.jaas.Configuration.factory");
+ Dictionary<String, Object> props = new Hashtable<>();
+ props.put("jaas.classname",
"org.apache.sling.auth.saml2.sp.Saml2LoginModule");
+ props.put("jaas.controlFlag", "Sufficient");
+ props.put("jaas.realmName", "jackrabbit.oak");
+ props.put("jaas.ranking", 110);
+ jaasConfig.update(props);
+ }
+
+ private void configureAnonAccess() throws IOException {
+ final ConfigurationAdmin configAdmin =
osgiContext.getService(ConfigurationAdmin.class);
+ Configuration anonConfig =
configAdmin.getConfiguration("org.apache.sling.engine.impl.auth.SlingAuthenticator");
+ Dictionary<String, Object> props = new Hashtable<>();
+ props.put("auth.annonymous", false);
+ anonConfig.update(props);
+ }
+
+ private void configureUserConfigMgr() throws IOException {
+ final ConfigurationAdmin configAdmin =
osgiContext.getService(ConfigurationAdmin.class);
+ //repoinit
+ Configuration repoinitConfig =
configAdmin.getConfiguration("org.apache.sling.jcr.repoinit.RepositoryInitializer");
+ Dictionary<String, Object> jaasProps = new Hashtable<>();
+ jaasProps.put("scripts", new String[]{
+"create service user saml2-user-mgt\n\nset ACL for saml2-user-mgt\n\nallow
jcr:all on /home\n\nend\n\ncreate group sling-authors with path
/home/groups/sling-authors"
+ });
+ repoinitConfig.update(jaasProps);
+ //Service User
+ Configuration serviceUserConfig =
configAdmin.getConfiguration("org.apache.sling.serviceusermapping.impl.ServiceUserMapperImpl.amended");
+ Dictionary<String, Object> serviceUserProps = new Hashtable<>();
+ serviceUserProps.put("user.mapping",new
String[]{"org.apache.sling.auth.saml2:Saml2UserMgtService=saml2-user-mgt"});
+ }
+}
