rsaml 0.1.2

data/test/attribute_test.rb

@@ -0,0 +1,60 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class AttributeTest < Test::Unit::TestCase
+  context "an attribute" do
+    setup do
+      @attribute = Attribute.new('email')
+    end
+    should "should be valid" do
+      assert_nothing_raised do
+        @attribute.validate
+      end
+    end
+    should "should not be valid if name is nil" do
+      assert_raise ValidationError do
+        @attribute.name = nil
+        @attribute.validate
+      end
+    end
+    context "when producing xml" do
+      should "always include a name attribute" do
+        assert_match(/<saml:Attribute Name="email"><\/saml:Attribute>/, @attribute.to_xml)
+      end
+      should "optionally include a NameFormat attribute" do
+        @attribute.name_format = 'http://host/name_format/email'
+        assert_match(/NameFormat="#{@attribute.name_format}"/, @attribute.to_xml)
+      end
+      should "optionally include a FriendlyName attribute" do
+        @attribute.friendly_name = 'email'
+        assert_match(/FriendlyName="#{@attribute.friendly_name}"/, @attribute.to_xml)
+      end
+      should "optionally include a single attribute value child element" do
+        @attribute.values << 'someone@somewhere.com'
+        assert_match(/<saml:AttributeValue>someone@somewhere.com<\/saml:AttributeValue>/, @attribute.to_xml)
+      end
+      should "optionally include multiple attribute value child elements" do
+        @attribute.values << 'someone@somewhere.com'
+        @attribute.values << 'someone@somewhereelse.com'
+        assert_match('<saml:AttributeValue>someone@somewhere.com</saml:AttributeValue>', @attribute.to_xml)
+        assert_match('<saml:AttributeValue>someone@somewhereelse.com</saml:AttributeValue>', @attribute.to_xml)
+      end
+      should "optionally include extra XML attributes" do
+        @attribute.extra_xml_attributes['foo'] = 'bar'
+        assert_match(/foo="bar"/, @attribute.to_xml)
+      end
+    end
+  end
+  
+  context "an encrypted attribute" do
+    setup do
+      @encrypted_attribute = EncryptedAttribute.new
+    end
+    should_eventually "be valid" do
+      assert_nothing_raised do
+        @encrypted_attribute.validate
+      end
+    end
+    should_eventually "always include encrypted data"
+    should_eventually "optionally include encrypted keys"
+  end
+end

data/test/authentication_context_test.rb

@@ -0,0 +1,26 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class AuthenticationContextTest < Test::Unit::TestCase
+  context "an authentication context" do
+    setup do
+      @authn_context = AuthenticationContext.new
+    end
+    context "when producing xml" do
+      should "optionally have a class reference" do
+        @authn_context.class_reference = 'http://example.com/class_ref'
+        assert_equal '<saml:AuthnContext><saml:AuthnContextClassRef>http://example.com/class_ref</saml:AuthnContextClassRef></saml:AuthnContext>', @authn_context.to_xml
+      end
+      should "optionally have a context declaration" do
+        @authn_context.context_declaration = 'example'
+        assert_equal '<saml:AuthnContext><saml:AuthnContextDecl>example</saml:AuthnContextDecl></saml:AuthnContext>', @authn_context.to_xml
+      end
+      should "optionally have a context declaration ref" do
+        @authn_context.context_declaration_ref = 'http://example.com/declaration_ref'
+        assert_equal '<saml:AuthnContext><saml:AuthnContextDeclRef>http://example.com/declaration_ref</saml:AuthnContextDeclRef></saml:AuthnContext>', @authn_context.to_xml
+      end
+      should_eventually "optionally have zero or more authenticating authority instances" do
+        
+      end
+    end
+  end
+end

data/test/conditions_test.rb

@@ -0,0 +1,84 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class ConditionsTest < Test::Unit::TestCase
+  context "an conditions collection" do
+    setup do
+      @conditions = Conditions.new
+    end
+    should "have 0 conditions by default" do
+      assert_equal 0, @conditions.conditions.length
+      assert_equal 0, @conditions.length
+    end
+    should "be valid with 0 conditions" do
+      assert_nothing_raised do
+        @conditions.assert
+      end
+    end
+    should "be cacheable" do
+      assert @conditions.cache?
+    end
+    should "be able to add a condition" do
+      @conditions << Condition.new
+      assert_equal 1, @conditions.length
+    end
+    
+    context "when asserting" do
+      should "fail an assertion for NotBefore if that value is in the future" do
+        @conditions.not_before = Time.now + 1000
+        assert_raise(AssertionError) { @conditions.assert }
+      end
+      should "fail an assertion for NotOnOrAfter if that value is now" do
+        @conditions.not_on_or_after = Time.now
+        assert_raise(AssertionError) { @conditions.assert }
+      end
+      should "fail an assertion for NotOnOrAfter if that value is in the past" do
+        @conditions.not_on_or_after = Time.now - 1000
+        assert_raise(AssertionError) { @conditions.assert }
+      end
+      should "assert without error if NotBefore is in the past" do
+        @conditions.not_before = Time.now - 1000
+        assert_nothing_raised do
+          @conditions.assert
+        end
+      end
+      should "assert without error if NotOnOrAfter is in the future" do
+        @conditions.not_on_or_after = Time.now + 1000
+        assert_nothing_raised do
+          @conditions.assert
+        end
+      end
+    end
+  
+    context "when producing xml" do
+      setup do
+        @conditions = Conditions.new
+      end
+      should "optionally include NotBefore attribute" do
+        t = @conditions.not_before = Time.now
+        assert_equal %Q(<saml:Conditions NotBefore="#{t.xmlschema}"></saml:Conditions>), @conditions.to_xml
+      end
+      should "optionally include NotOnOrAfter attribute" do
+        t = @conditions.not_on_or_after = Time.now
+        assert_equal %Q(<saml:Conditions NotOnOrAfter="#{t.xmlschema}"></saml:Conditions>), @conditions.to_xml
+      end
+      should "optionally include conditions" do
+        @conditions << Condition.new
+        assert_equal "<saml:Conditions><saml:Condition/></saml:Conditions>", @conditions.to_xml
+      end
+      should "optionally include audience restriction" do
+        audience = Audience.new('http://example.org/audience_terms')
+        @conditions.audience_restrictions << audience
+        assert_equal "<saml:Conditions><saml:AudienceRestriction><saml:Audience>#{audience.uri}</saml:Audience></saml:AudienceRestriction></saml:Conditions>", @conditions.to_xml
+      end
+      should "optionally include a proxy restriction" do
+        proxy_restriction = ProxyRestriction.new
+        @conditions.proxy_restriction = proxy_restriction
+        assert_equal "<saml:Conditions><saml:ProxyRestriction></saml:ProxyRestriction></saml:Conditions>", @conditions.to_xml
+      end
+      should "optionally include a one time use" do
+        @conditions.one_time_use = true
+        assert_equal "<saml:Conditions><OneTimeUse/></saml:Conditions>", @conditions.to_xml
+      end
+    end
+  end
+end

data/test/evidence_test.rb

@@ -0,0 +1,33 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class EvidenceTest < Test::Unit::TestCase
+  context "an evidence instance" do
+    setup do 
+      @evidence = Evidence.new
+    end
+    should "not be valid unless at least one assertion is specified" do
+      assert_raise ValidationError do
+        @evidence.validate
+      end
+    end
+    
+    context "when producing xml" do
+      should "optionally include an assertion id ref" do
+        @evidence.assertions << AssertionIDRef.new('149369035468035')
+        assert_match(/<saml:Evidence><saml:AssertionIDRef>149369035468035<\/saml:AssertionIDRef><\/saml:Evidence>/, @evidence.to_xml)
+      end
+      should "optionally include an assertion uri ref" do
+        @evidence.assertions << AssertionURIRef.new('http://xyz.com/assertion/uri')
+        assert_equal(
+          '<saml:Evidence><saml:AssertionURIRef>http://xyz.com/assertion/uri</saml:AssertionURIRef></saml:Evidence>',     
+          @evidence.to_xml
+        )
+      end
+      should "optionally include an assertion" do
+        @evidence.assertions << Assertion.new(Identifier::Issuer.new('example'))
+        assert_match(/<saml:Evidence><saml:Assertion /, @evidence.to_xml)
+      end
+      should_eventually "optionally include an encrypted assertion"
+    end
+  end
+end

data/test/identifier_test.rb

@@ -0,0 +1,22 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class IdentifierTest < Test::Unit::TestCase
+  context "an identifier" do
+    setup do
+      @identifier = Identifier::Base.new
+    end
+    context "when producing xml" do
+      should "always include value" do
+        assert_equal '<saml:BaseID></saml:BaseID>', @identifier.to_xml
+      end
+      should "optionally include a name qualifier" do
+        @identifier.name_qualifier = 'a_name_qualifier'
+        assert_equal '<saml:BaseID NameQualifier="a_name_qualifier"></saml:BaseID>', @identifier.to_xml
+      end
+      should "optionally include an service provider name qualifier" do
+        @identifier.sp_name_qualifier = 'an_sp_name_qualifier'
+        assert_equal '<saml:BaseID SPNameQualifier="an_sp_name_qualifier"></saml:BaseID>', @identifier.to_xml
+      end
+    end
+  end
+end

data/test/issuer_test.rb

@@ -0,0 +1,33 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class IssuerTest < Test::Unit::TestCase
+  context "a name" do
+    setup do
+      @identifier = Identifier::Issuer.new('Some Issuer')
+    end
+    should "have a value" do
+      assert_equal 'Some Issuer', @identifier.value
+    end
+    should "have the entity format by default" do
+      assert_equal Identifier::Name.formats[:entity], @identifier.format
+    end
+    context "when producing xml" do
+      should "always include format and value" do
+        assert @identifier.to_xml.include? 'Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity"'
+        assert @identifier.to_xml.include? 'Some Issuer'
+      end
+      should "optionally include a name qualifier" do
+        @identifier.name_qualifier = 'a_name_qualifier'
+        assert @identifier.to_xml.include? 'NameQualifier="a_name_qualifier"'
+      end
+      should "optionally include an service provider name qualifier" do
+        @identifier.sp_name_qualifier = 'an_sp_name_qualifier'
+        assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" SPNameQualifier="an_sp_name_qualifier">Some Issuer</saml:Issuer>', @identifier.to_xml
+      end
+      should "optionally include an service provider provided id" do
+        @identifier.sp_provided_id = 'sp-x'
+        assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" SPProvidedID="sp-x">Some Issuer</saml:Issuer>', @identifier.to_xml
+      end
+    end
+  end
+end

data/test/name_test.rb

@@ -0,0 +1,33 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class NameTest < Test::Unit::TestCase
+  context "a name" do
+    setup do
+      @name = Identifier::Name.new('example')
+    end
+    should "have a value" do
+      assert_equal 'example', @name.value
+    end
+    should "have the unspecified format by default" do
+      assert_equal Identifier::Name.formats[:unspecified], @name.format
+    end
+    context "when producing xml" do
+      should "always include format and value" do
+        assert @name.to_xml.include? 'Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified"'
+        assert @name.to_xml.include? 'example'
+      end
+      should "optionally include a name qualifier" do
+        @name.name_qualifier = 'a_name_qualifier'
+        assert @name.to_xml.include? 'NameQualifier="a_name_qualifier"'
+      end
+      should "optionally include an service provider name qualifier" do
+        @name.sp_name_qualifier = 'an_sp_name_qualifier'
+        assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" SPNameQualifier="an_sp_name_qualifier">example</saml:NameID>', @name.to_xml
+      end
+      should "optionally include an service provider provided id" do
+        @name.sp_provided_id = 'sp-x'
+        assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" SPProvidedID="sp-x">example</saml:NameID>', @name.to_xml
+      end
+    end
+  end
+end

data/test/parser_test.rb

@@ -0,0 +1,32 @@
+require File.dirname(__FILE__) + '/test_helper'
+
+class ParserTest < Test::Unit::TestCase
+  context "a parser" do
+    setup { @parser = Parser.new }
+    context "parsing an attribute query message" do
+      setup do
+        @attribute_query = @parser.parse(attribute_query_xml)
+      end
+      should "return an attribute query instance" do
+        assert @attribute_query.is_a?(Protocol::Query::AttributeQuery)
+      end
+      should "have 1 attribute" do
+        assert_equal 1, @attribute_query.attributes.length
+      end
+      should "have a subject of Anthony Eden" do
+        assert_equal 'Anthony Eden', @attribute_query.subject.identifier.value
+      end
+      should "have an attribute whose name is Name" do
+        assert_equal 'Name', @attribute_query.attributes.first.name
+      end
+    end
+  end
+  
+  def attribute_query_xml
+    @attribute_query_xml ||= begin
+      open(File.dirname(__FILE__) + '/sample_data/attribute_query.xml') do |f|
+        f.read
+      end
+    end
+  end
+end

data/test/protocol/assertion_id_request_test.rb

@@ -0,0 +1,19 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AssertionIdRequestTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "an assertion id request instance" do
+    setup do
+      @request = AssertionIDRequest.new
+      @request.assertion_id_refs << AssertionIDRef.new('xyz')
+    end
+    context "when producing xml" do
+      should "output the samlp:AssertionIDRequest element" do
+        assert_match '<samlp:AssertionIDRequest>', @request.to_xml
+      end
+      should "include the assertion id ref children" do
+        assert_match '<saml:AssertionIDRef>xyz</saml:AssertionIDRef>', @request.to_xml
+      end
+    end
+  end
+end

data/test/protocol/attribute_query_test.rb

@@ -0,0 +1,30 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AttributeQueryTest < Test::Unit::TestCase
+  include RSAML::Protocol::Query
+  
+  context "an attribute query" do
+    setup do
+      @query = AttributeQuery.new(Subject.new('example'))
+    end
+    context "with attributes" do
+      setup do
+        @query.attributes << Attribute.new('email')
+      end
+      should "be valid" do
+        assert_nothing_raised { @query.validate }
+      end
+      should "not allow duplicate attributes" do
+        @query.attributes << Attribute.new('email')
+        assert_raise ValidationError do
+          @query.validate
+        end
+      end
+    end
+    context "when producing xml" do
+      should "include a subject" do
+        assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/authn_query_test.rb

@@ -0,0 +1,20 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AuthnQueryTest < Test::Unit::TestCase
+  include RSAML::Protocol::Query
+  
+  context "an authn query" do
+    setup do
+      @query = AuthnQuery.new(Subject.new('example'))
+    end
+    context "when producing xml" do
+      should "include a subject" do
+        assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
+      end
+      should "optionally include a SessionIndex" do
+        @query.session_index = '123'
+        assert_match('<samlp:AuthnQuery SessionIndex="123"', @query.to_xml)
+      end
+    end
+  end
+end

data/test/protocol/authn_request_test.rb

@@ -0,0 +1,56 @@
+require File.dirname(__FILE__) + '/../test_helper'
+
+class AuthnRequestTest < Test::Unit::TestCase
+  include RSAML::Protocol
+  context "an authentication request instance" do
+    setup do
+      @request = AuthnRequest.new
+    end
+    should "be valid" do
+      assert_nothing_raised { @request.validate }
+    end
+    context "when producing xml" do
+      should "output the samlp:AuthnRequest element" do
+        assert_match '<samlp:AuthnRequest>', @request.to_xml
+      end
+      should "optionally include a subject child" do
+        @request.subject = Subject.new
+        assert_match '<saml:Subject></saml:Subject>', @request.to_xml
+      end
+      should "optionally include a name id policy child" do
+        name_id_policy = NameIdPolicy.new
+        name_id_policy.format = Identifier::Name.formats[:email_address]
+        @request.name_id_policy = name_id_policy
+        assert_match '<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"', @request.to_xml
+      end
+      should "optionally include conditions" do
+        conditions = Conditions.new
+        @request.conditions = conditions
+        assert_match '<saml:Conditions', @request.to_xml
+      end
+      should_eventually "optionally include requested authn context" do
+        
+      end
+      should "optionally include scoping" do
+        scoping = Scoping.new
+        @request.scoping = scoping
+        assert_match '<samlp:Scoping', @request.to_xml
+      end
+      should "optionally include force authn" do
+        @request.force_authn = true
+        assert_match '<samlp:AuthnRequest ForceAuthn="true"', @request.to_xml
+      end
+      should "optionally include passive flag" do
+        @request.is_passive = true
+        assert_match '<samlp:AuthnRequest IsPassive="true"', @request.to_xml
+      end
+      should "optionally include AssertionConsumerServiceURL" do
+        
+      end
+      should "optionally include a provider name" do
+        @request.provider_name = 'example'
+        assert_match '<samlp:AuthnRequest ProviderName="example"', @request.to_xml
+      end
+    end
+  end
+end