scashin133-rsaml 0.1.0

Sign up to get free protection for your applications and to get access to all the features.
Files changed (102) hide show
  1. data/.autotest +10 -0
  2. data/.gitignore +2 -0
  3. data/LICENSE +0 -0
  4. data/README +13 -0
  5. data/Rakefile +141 -0
  6. data/lib/rsaml/action.rb +57 -0
  7. data/lib/rsaml/action_namespace.rb +63 -0
  8. data/lib/rsaml/advice.rb +34 -0
  9. data/lib/rsaml/assertion.rb +192 -0
  10. data/lib/rsaml/attribute.rb +76 -0
  11. data/lib/rsaml/audience.rb +19 -0
  12. data/lib/rsaml/authentication_context.rb +34 -0
  13. data/lib/rsaml/authn_context/README +1 -0
  14. data/lib/rsaml/authn_context/authentication_context_declaration.rb +42 -0
  15. data/lib/rsaml/authn_context/identification.rb +10 -0
  16. data/lib/rsaml/authn_context/physical_verification.rb +24 -0
  17. data/lib/rsaml/condition.rb +13 -0
  18. data/lib/rsaml/conditions.rb +107 -0
  19. data/lib/rsaml/encrypted.rb +12 -0
  20. data/lib/rsaml/errors.rb +16 -0
  21. data/lib/rsaml/evidence.rb +21 -0
  22. data/lib/rsaml/ext/string.rb +5 -0
  23. data/lib/rsaml/identifier/base.rb +23 -0
  24. data/lib/rsaml/identifier/issuer.rb +28 -0
  25. data/lib/rsaml/identifier/name.rb +55 -0
  26. data/lib/rsaml/identifier.rb +9 -0
  27. data/lib/rsaml/parser.rb +23 -0
  28. data/lib/rsaml/protocol/artifact_resolve.rb +14 -0
  29. data/lib/rsaml/protocol/assertion_id_request.rb +18 -0
  30. data/lib/rsaml/protocol/authn_request.rb +91 -0
  31. data/lib/rsaml/protocol/idp_entry.rb +18 -0
  32. data/lib/rsaml/protocol/idp_list.rb +28 -0
  33. data/lib/rsaml/protocol/message.rb +65 -0
  34. data/lib/rsaml/protocol/name_id_policy.rb +31 -0
  35. data/lib/rsaml/protocol/query/attribute_query.rb +56 -0
  36. data/lib/rsaml/protocol/query/authn_query.rb +30 -0
  37. data/lib/rsaml/protocol/query/authz_decision_query.rb +40 -0
  38. data/lib/rsaml/protocol/query/subject_query.rb +22 -0
  39. data/lib/rsaml/protocol/query.rb +12 -0
  40. data/lib/rsaml/protocol/request.rb +27 -0
  41. data/lib/rsaml/protocol/requested_authn_context.rb +34 -0
  42. data/lib/rsaml/protocol/response.rb +56 -0
  43. data/lib/rsaml/protocol/scoping.rb +33 -0
  44. data/lib/rsaml/protocol/status.rb +38 -0
  45. data/lib/rsaml/protocol/status_code.rb +84 -0
  46. data/lib/rsaml/protocol.rb +21 -0
  47. data/lib/rsaml/proxy_restriction.rb +30 -0
  48. data/lib/rsaml/statement/attribute_statement.rb +27 -0
  49. data/lib/rsaml/statement/authentication_statement.rb +57 -0
  50. data/lib/rsaml/statement/authorization_decision_statement.rb +53 -0
  51. data/lib/rsaml/statement/base.rb +9 -0
  52. data/lib/rsaml/statement.rb +10 -0
  53. data/lib/rsaml/subject.rb +37 -0
  54. data/lib/rsaml/subject_confirmation.rb +34 -0
  55. data/lib/rsaml/subject_confirmation_data.rb +45 -0
  56. data/lib/rsaml/subject_locality.rb +27 -0
  57. data/lib/rsaml/validatable.rb +21 -0
  58. data/lib/rsaml/version.rb +9 -0
  59. data/lib/rsaml.rb +51 -0
  60. data/lib/xml_enc.rb +3 -0
  61. data/lib/xml_sig/canonicalization_method.rb +43 -0
  62. data/lib/xml_sig/key_info.rb +55 -0
  63. data/lib/xml_sig/reference.rb +57 -0
  64. data/lib/xml_sig/signature.rb +29 -0
  65. data/lib/xml_sig/signature_method.rb +20 -0
  66. data/lib/xml_sig/signed_info.rb +27 -0
  67. data/lib/xml_sig/transform.rb +37 -0
  68. data/lib/xml_sig.rb +11 -0
  69. data/scashin133-rsaml.gemspec +180 -0
  70. data/test/action_namespace_test.rb +93 -0
  71. data/test/action_test.rb +51 -0
  72. data/test/advice_test.rb +25 -0
  73. data/test/assertion_test.rb +192 -0
  74. data/test/attribute_test.rb +60 -0
  75. data/test/authentication_context_test.rb +26 -0
  76. data/test/conditions_test.rb +84 -0
  77. data/test/evidence_test.rb +33 -0
  78. data/test/identifier_test.rb +22 -0
  79. data/test/issuer_test.rb +32 -0
  80. data/test/name_test.rb +32 -0
  81. data/test/parser_test.rb +32 -0
  82. data/test/protocol/assertion_id_request_test.rb +19 -0
  83. data/test/protocol/attribute_query_test.rb +30 -0
  84. data/test/protocol/authn_query_test.rb +20 -0
  85. data/test/protocol/authn_request_test.rb +56 -0
  86. data/test/protocol/authz_decision_query_test.rb +31 -0
  87. data/test/protocol/idp_list_test.rb +15 -0
  88. data/test/protocol/request_test.rb +66 -0
  89. data/test/protocol/response_test.rb +68 -0
  90. data/test/protocol/scoping_test.rb +20 -0
  91. data/test/protocol/status_code_test.rb +34 -0
  92. data/test/protocol/status_test.rb +16 -0
  93. data/test/proxy_restriction_test.rb +20 -0
  94. data/test/rsaml_test.rb +12 -0
  95. data/test/sample_data/attribute_query.xml +8 -0
  96. data/test/statement_test.rb +101 -0
  97. data/test/subject_locality_test.rb +27 -0
  98. data/test/subject_test.rb +44 -0
  99. data/test/test_helper.rb +16 -0
  100. data/test/xml_sig/canonicalization_test.rb +19 -0
  101. data/test/xml_sig/iso-8859-1.txt +1 -0
  102. metadata +206 -0
@@ -0,0 +1,84 @@
1
+ require File.dirname(__FILE__) + '/test_helper'
2
+
3
+ class ConditionsTest < Test::Unit::TestCase
4
+ context "an conditions collection" do
5
+ setup do
6
+ @conditions = Conditions.new
7
+ end
8
+ should "have 0 conditions by default" do
9
+ assert_equal 0, @conditions.conditions.length
10
+ assert_equal 0, @conditions.length
11
+ end
12
+ should "be valid with 0 conditions" do
13
+ assert_nothing_raised do
14
+ @conditions.assert
15
+ end
16
+ end
17
+ should "be cacheable" do
18
+ assert @conditions.cache?
19
+ end
20
+ should "be able to add a condition" do
21
+ @conditions << Condition.new
22
+ assert_equal 1, @conditions.length
23
+ end
24
+
25
+ context "when asserting" do
26
+ should "fail an assertion for NotBefore if that value is in the future" do
27
+ @conditions.not_before = Time.now + 1000
28
+ assert_raise(AssertionError) { @conditions.assert }
29
+ end
30
+ should "fail an assertion for NotOnOrAfter if that value is now" do
31
+ @conditions.not_on_or_after = Time.now
32
+ assert_raise(AssertionError) { @conditions.assert }
33
+ end
34
+ should "fail an assertion for NotOnOrAfter if that value is in the past" do
35
+ @conditions.not_on_or_after = Time.now - 1000
36
+ assert_raise(AssertionError) { @conditions.assert }
37
+ end
38
+ should "assert without error if NotBefore is in the past" do
39
+ @conditions.not_before = Time.now - 1000
40
+ assert_nothing_raised do
41
+ @conditions.assert
42
+ end
43
+ end
44
+ should "assert without error if NotOnOrAfter is in the future" do
45
+ @conditions.not_on_or_after = Time.now + 1000
46
+ assert_nothing_raised do
47
+ @conditions.assert
48
+ end
49
+ end
50
+ end
51
+
52
+ context "when producing xml" do
53
+ setup do
54
+ @conditions = Conditions.new
55
+ end
56
+ should "optionally include NotBefore attribute" do
57
+ t = @conditions.not_before = Time.now
58
+ assert_equal %Q(<saml:Conditions NotBefore="#{t.xmlschema}"></saml:Conditions>), @conditions.to_xml
59
+ end
60
+ should "optionally include NotOnOrAfter attribute" do
61
+ t = @conditions.not_on_or_after = Time.now
62
+ assert_equal %Q(<saml:Conditions NotOnOrAfter="#{t.xmlschema}"></saml:Conditions>), @conditions.to_xml
63
+ end
64
+ should "optionally include conditions" do
65
+ @conditions << Condition.new
66
+ assert_equal "<saml:Conditions><saml:Condition/></saml:Conditions>", @conditions.to_xml
67
+ end
68
+ should "optionally include audience restriction" do
69
+ audience = Audience.new('http://example.org/audience_terms')
70
+ @conditions.audience_restrictions << audience
71
+ assert_equal "<saml:Conditions><saml:AudienceRestriction><saml:Audience>#{audience.uri}</saml:Audience></saml:AudienceRestriction></saml:Conditions>", @conditions.to_xml
72
+ end
73
+ should "optionally include a proxy restriction" do
74
+ proxy_restriction = ProxyRestriction.new
75
+ @conditions.proxy_restriction = proxy_restriction
76
+ assert_equal "<saml:Conditions><saml:ProxyRestriction></saml:ProxyRestriction></saml:Conditions>", @conditions.to_xml
77
+ end
78
+ should "optionally include a one time use" do
79
+ @conditions.one_time_use = true
80
+ assert_equal "<saml:Conditions><OneTimeUse/></saml:Conditions>", @conditions.to_xml
81
+ end
82
+ end
83
+ end
84
+ end
@@ -0,0 +1,33 @@
1
+ require File.dirname(__FILE__) + '/test_helper'
2
+
3
+ class EvidenceTest < Test::Unit::TestCase
4
+ context "an evidence instance" do
5
+ setup do
6
+ @evidence = Evidence.new
7
+ end
8
+ should "not be valid unless at least one assertion is specified" do
9
+ assert_raise ValidationError do
10
+ @evidence.validate
11
+ end
12
+ end
13
+
14
+ context "when producing xml" do
15
+ should "optionally include an assertion id ref" do
16
+ @evidence.assertions << AssertionIDRef.new('149369035468035')
17
+ assert_match(/<saml:Evidence><saml:AssertionIDRef>149369035468035<\/saml:AssertionIDRef><\/saml:Evidence>/, @evidence.to_xml)
18
+ end
19
+ should "optionally include an assertion uri ref" do
20
+ @evidence.assertions << AssertionURIRef.new('http://xyz.com/assertion/uri')
21
+ assert_equal(
22
+ '<saml:Evidence><saml:AssertionURIRef>http://xyz.com/assertion/uri</saml:AssertionURIRef></saml:Evidence>',
23
+ @evidence.to_xml
24
+ )
25
+ end
26
+ should "optionally include an assertion" do
27
+ @evidence.assertions << Assertion.new(Identifier::Issuer.new('example'))
28
+ assert_match(/<saml:Evidence><saml:Assertion /, @evidence.to_xml)
29
+ end
30
+ should_eventually "optionally include an encrypted assertion"
31
+ end
32
+ end
33
+ end
@@ -0,0 +1,22 @@
1
+ require File.dirname(__FILE__) + '/test_helper'
2
+
3
+ class IdentifierTest < Test::Unit::TestCase
4
+ context "an identifier" do
5
+ setup do
6
+ @identifier = Identifier::Base.new
7
+ end
8
+ context "when producing xml" do
9
+ should "always include value" do
10
+ assert_equal '<saml:BaseID></saml:BaseID>', @identifier.to_xml
11
+ end
12
+ should "optionally include a name qualifier" do
13
+ @identifier.name_qualifier = 'a_name_qualifier'
14
+ assert_equal '<saml:BaseID NameQualifier="a_name_qualifier"></saml:BaseID>', @identifier.to_xml
15
+ end
16
+ should "optionally include an service provider name qualifier" do
17
+ @identifier.sp_name_qualifier = 'an_sp_name_qualifier'
18
+ assert_equal '<saml:BaseID SPNameQualifier="an_sp_name_qualifier"></saml:BaseID>', @identifier.to_xml
19
+ end
20
+ end
21
+ end
22
+ end
@@ -0,0 +1,32 @@
1
+ require File.dirname(__FILE__) + '/test_helper'
2
+
3
+ class IssuerTest < Test::Unit::TestCase
4
+ context "a name" do
5
+ setup do
6
+ @identifier = Identifier::Issuer.new('Some Issuer')
7
+ end
8
+ should "have a value" do
9
+ assert_equal 'Some Issuer', @identifier.value
10
+ end
11
+ should "have the entity format by default" do
12
+ assert_equal Identifier::Name.formats[:entity], @identifier.format
13
+ end
14
+ context "when producing xml" do
15
+ should "always include format and value" do
16
+ assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">Some Issuer</saml:Issuer>', @identifier.to_xml
17
+ end
18
+ should "optionally include a name qualifier" do
19
+ @identifier.name_qualifier = 'a_name_qualifier'
20
+ assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" NameQualifier="a_name_qualifier">Some Issuer</saml:Issuer>', @identifier.to_xml
21
+ end
22
+ should "optionally include an service provider name qualifier" do
23
+ @identifier.sp_name_qualifier = 'an_sp_name_qualifier'
24
+ assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" SPNameQualifier="an_sp_name_qualifier">Some Issuer</saml:Issuer>', @identifier.to_xml
25
+ end
26
+ should "optionally include an service provider provided id" do
27
+ @identifier.sp_provided_id = 'sp-x'
28
+ assert_equal '<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity" SPProvidedID="sp-x">Some Issuer</saml:Issuer>', @identifier.to_xml
29
+ end
30
+ end
31
+ end
32
+ end
data/test/name_test.rb ADDED
@@ -0,0 +1,32 @@
1
+ require File.dirname(__FILE__) + '/test_helper'
2
+
3
+ class NameTest < Test::Unit::TestCase
4
+ context "a name" do
5
+ setup do
6
+ @name = Identifier::Name.new('example')
7
+ end
8
+ should "have a value" do
9
+ assert_equal 'example', @name.value
10
+ end
11
+ should "have the unspecified format by default" do
12
+ assert_equal Identifier::Name.formats[:unspecified], @name.format
13
+ end
14
+ context "when producing xml" do
15
+ should "always include format and value" do
16
+ assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">example</saml:NameID>', @name.to_xml
17
+ end
18
+ should "optionally include a name qualifier" do
19
+ @name.name_qualifier = 'a_name_qualifier'
20
+ assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="a_name_qualifier">example</saml:NameID>', @name.to_xml
21
+ end
22
+ should "optionally include an service provider name qualifier" do
23
+ @name.sp_name_qualifier = 'an_sp_name_qualifier'
24
+ assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" SPNameQualifier="an_sp_name_qualifier">example</saml:NameID>', @name.to_xml
25
+ end
26
+ should "optionally include an service provider provided id" do
27
+ @name.sp_provided_id = 'sp-x'
28
+ assert_equal '<saml:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" SPProvidedID="sp-x">example</saml:NameID>', @name.to_xml
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,32 @@
1
+ require File.dirname(__FILE__) + '/test_helper'
2
+
3
+ class ParserTest < Test::Unit::TestCase
4
+ context "a parser" do
5
+ setup { @parser = Parser.new }
6
+ context "parsing an attribute query message" do
7
+ setup do
8
+ @attribute_query = @parser.parse(attribute_query_xml)
9
+ end
10
+ should "return an attribute query instance" do
11
+ assert @attribute_query.is_a?(Protocol::Query::AttributeQuery)
12
+ end
13
+ should "have 1 attribute" do
14
+ assert_equal 1, @attribute_query.attributes.length
15
+ end
16
+ should "have a subject of Anthony Eden" do
17
+ assert_equal 'Anthony Eden', @attribute_query.subject.identifier.value
18
+ end
19
+ should "have an attribute whose name is Name" do
20
+ assert_equal 'Name', @attribute_query.attributes.first.name
21
+ end
22
+ end
23
+ end
24
+
25
+ def attribute_query_xml
26
+ @attribute_query_xml ||= begin
27
+ open(File.dirname(__FILE__) + '/sample_data/attribute_query.xml') do |f|
28
+ f.read
29
+ end
30
+ end
31
+ end
32
+ end
@@ -0,0 +1,19 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class AssertionIdRequestTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+ context "an assertion id request instance" do
6
+ setup do
7
+ @request = AssertionIDRequest.new
8
+ @request.assertion_id_refs << AssertionIDRef.new('xyz')
9
+ end
10
+ context "when producing xml" do
11
+ should "output the samlp:AssertionIDRequest element" do
12
+ assert_match '<samlp:AssertionIDRequest>', @request.to_xml
13
+ end
14
+ should "include the assertion id ref children" do
15
+ assert_match '<saml:AssertionIDRef>xyz</saml:AssertionIDRef>', @request.to_xml
16
+ end
17
+ end
18
+ end
19
+ end
@@ -0,0 +1,30 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class AttributeQueryTest < Test::Unit::TestCase
4
+ include RSAML::Protocol::Query
5
+
6
+ context "an attribute query" do
7
+ setup do
8
+ @query = AttributeQuery.new(Subject.new('example'))
9
+ end
10
+ context "with attributes" do
11
+ setup do
12
+ @query.attributes << Attribute.new('email')
13
+ end
14
+ should "be valid" do
15
+ assert_nothing_raised { @query.validate }
16
+ end
17
+ should "not allow duplicate attributes" do
18
+ @query.attributes << Attribute.new('email')
19
+ assert_raise ValidationError do
20
+ @query.validate
21
+ end
22
+ end
23
+ end
24
+ context "when producing xml" do
25
+ should "include a subject" do
26
+ assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
27
+ end
28
+ end
29
+ end
30
+ end
@@ -0,0 +1,20 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class AuthnQueryTest < Test::Unit::TestCase
4
+ include RSAML::Protocol::Query
5
+
6
+ context "an authn query" do
7
+ setup do
8
+ @query = AuthnQuery.new(Subject.new('example'))
9
+ end
10
+ context "when producing xml" do
11
+ should "include a subject" do
12
+ assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
13
+ end
14
+ should "optionally include a SessionIndex" do
15
+ @query.session_index = '123'
16
+ assert_match('<samlp:AuthnQuery SessionIndex="123"', @query.to_xml)
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,56 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class AuthnRequestTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+ context "an authentication request instance" do
6
+ setup do
7
+ @request = AuthnRequest.new
8
+ end
9
+ should "be valid" do
10
+ assert_nothing_raised { @request.validate }
11
+ end
12
+ context "when producing xml" do
13
+ should "output the samlp:AuthnRequest element" do
14
+ assert_match '<samlp:AuthnRequest>', @request.to_xml
15
+ end
16
+ should "optionally include a subject child" do
17
+ @request.subject = Subject.new
18
+ assert_match '<saml:Subject></saml:Subject>', @request.to_xml
19
+ end
20
+ should "optionally include a name id policy child" do
21
+ name_id_policy = NameIdPolicy.new
22
+ name_id_policy.format = Identifier::Name.formats[:email_address]
23
+ @request.name_id_policy = name_id_policy
24
+ assert_match '<samlp:NameIDPolicy Format="urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress"', @request.to_xml
25
+ end
26
+ should "optionally include conditions" do
27
+ conditions = Conditions.new
28
+ @request.conditions = conditions
29
+ assert_match '<saml:Conditions', @request.to_xml
30
+ end
31
+ should_eventually "optionally include requested authn context" do
32
+
33
+ end
34
+ should "optionally include scoping" do
35
+ scoping = Scoping.new
36
+ @request.scoping = scoping
37
+ assert_match '<samlp:Scoping', @request.to_xml
38
+ end
39
+ should "optionally include force authn" do
40
+ @request.force_authn = true
41
+ assert_match '<samlp:AuthnRequest ForceAuthn="true"', @request.to_xml
42
+ end
43
+ should "optionally include passive flag" do
44
+ @request.is_passive = true
45
+ assert_match '<samlp:AuthnRequest IsPassive="true"', @request.to_xml
46
+ end
47
+ should "optionally include AssertionConsumerServiceURL" do
48
+
49
+ end
50
+ should "optionally include a provider name" do
51
+ @request.provider_name = 'example'
52
+ assert_match '<samlp:AuthnRequest ProviderName="example"', @request.to_xml
53
+ end
54
+ end
55
+ end
56
+ end
@@ -0,0 +1,31 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class AuthzDecisionQueryTest < Test::Unit::TestCase
4
+ include RSAML::Protocol::Query
5
+
6
+ context "an authz decision query" do
7
+ setup do
8
+ @query = AuthzDecisionQuery.new(Subject.new('example'))
9
+ @query.resource = 'http://somesite/some/resource'
10
+ @query.actions << Action.new('Read')
11
+ end
12
+ should "be valid" do
13
+ assert_nothing_raised { @query.validate }
14
+ end
15
+ context "when producing xml" do
16
+ should "include a subject" do
17
+ assert_match('<saml:Subject>example</saml:Subject>', @query.to_xml)
18
+ end
19
+ should "include a Resource attribute" do
20
+ assert_match(%Q(<samlp:AuthzDecisionQuery Resource="#{@query.resource}"), @query.to_xml)
21
+ end
22
+ should "include actions" do
23
+ assert_match(%Q(<saml:Action Namespace="urn:oasis:names:tc:SAML:1.0:action:rwedc-negation">Read</saml:Action>), @query.to_xml)
24
+ end
25
+ should "optionally include evidence" do
26
+ @query.evidence = Evidence.new
27
+ assert_match(%Q(<saml:Evidence></saml:Evidence>), @query.to_xml)
28
+ end
29
+ end
30
+ end
31
+ end
@@ -0,0 +1,15 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class IDPListTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+ context "an idp list" do
6
+ setup do
7
+ @idp_list = IDPList.new
8
+ end
9
+ context "when producing xml" do
10
+ should "have the IDPList element" do
11
+ assert_match('<samlp:IDPList', @idp_list.to_xml)
12
+ end
13
+ end
14
+ end
15
+ end
@@ -0,0 +1,66 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class RequestTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+ context "a request instance" do
6
+ setup do
7
+ @request = Request.new
8
+ end
9
+ should "require an id" do
10
+ @request.id = nil
11
+ assert_raise ValidationError do
12
+ @request.validate
13
+ end
14
+ end
15
+ should "require a version" do
16
+ @request.version = nil
17
+ assert_raise ValidationError do
18
+ @request.validate
19
+ end
20
+ end
21
+ should "require an issue instant" do
22
+ @request.issue_instant = nil
23
+ assert_raise ValidationError do
24
+ @request.validate
25
+ end
26
+ end
27
+ should "require an issue instant to be UTC" do
28
+ @request.issue_instant = Time.now
29
+ assert_raise ValidationError do
30
+ @request.validate
31
+ end
32
+ end
33
+ should "create a response with in_response_to set properly" do
34
+ response = @request.respond(Status.new(StatusCode::SUCCESS))
35
+ assert_not_nil response
36
+ assert_equal @request.id, response.in_response_to
37
+ end
38
+ context "when producing xml" do
39
+ should "include the samlp:Request element" do
40
+ assert_match('<samlp:Request', @request.to_xml)
41
+ end
42
+ should "require include required attributes" do
43
+ xml = @request.to_xml
44
+ assert_match(/ID="#{@request.id}"/, xml)
45
+ assert_match(/Version="2.0"/, xml)
46
+ assert_match(/IssueInstant="#{date_match}"/, xml)
47
+ end
48
+ should "optionally include a destination" do
49
+ @request.destination = 'http://somesite/destination'
50
+ assert_match(/Destination="#{@request.destination}"/, @request.to_xml)
51
+ end
52
+ should "optionally include a consent" do
53
+ @request.consent = 'http://somesite/consent'
54
+ assert_match(/Consent="#{@request.consent}"/, @request.to_xml)
55
+ end
56
+ should "optionally include an issuer child element" do
57
+ @request.issuer = Identifier::Issuer.new('example')
58
+ assert_match(%Q(<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">example</saml:Issuer>), @request.to_xml)
59
+ end
60
+ should "optionally include a signature" do
61
+ @request.signature = XmlSig::Signature.new()
62
+ assert_match(%Q(<ds:Signature), @request.to_xml)
63
+ end
64
+ end
65
+ end
66
+ end
@@ -0,0 +1,68 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class ResponseTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+ context "a response instance" do
6
+ setup do
7
+ @response = Response.new(Status.new(StatusCode::SUCCESS))
8
+ end
9
+ should "require an id" do
10
+ @response.id = nil
11
+ assert_raise ValidationError do
12
+ @response.validate
13
+ end
14
+ end
15
+ should "require a version" do
16
+ @response.version = nil
17
+ assert_raise ValidationError do
18
+ @response.validate
19
+ end
20
+ end
21
+ should "require an issue instant" do
22
+ @response.issue_instant = nil
23
+ assert_raise ValidationError do
24
+ @response.validate
25
+ end
26
+ end
27
+ should "require an issue instant to be UTC" do
28
+ @response.issue_instant = Time.now
29
+ assert_raise ValidationError do
30
+ @response.validate
31
+ end
32
+ end
33
+ should "be valid" do
34
+ assert_nothing_raised { @response.validate }
35
+ end
36
+ context "when producing xml" do
37
+ should "include the samlp:Response element" do
38
+ assert_match('<samlp:Response', @response.to_xml)
39
+ end
40
+ should "require include required attributes" do
41
+ xml = @response.to_xml
42
+ assert_match(/ID="#{@response.id}"/, xml)
43
+ assert_match(/Version="2.0"/, xml)
44
+ assert_match(/IssueInstant="#{date_match}"/, xml)
45
+ end
46
+ should "optionally include an InResponseTo attribute" do
47
+ @response.in_response_to = 'some_id'
48
+ assert_match(/InResponseTo="some_id"/, @response.to_xml)
49
+ end
50
+ should "optionally include a destination" do
51
+ @response.destination = 'http://somesite/destination'
52
+ assert_match(/Destination="#{@response.destination}"/, @response.to_xml)
53
+ end
54
+ should "optionally include a consent" do
55
+ @response.consent = 'http://somesite/consent'
56
+ assert_match(/Consent="#{@response.consent}"/, @response.to_xml)
57
+ end
58
+ should "optionally include an issuer child element" do
59
+ @response.issuer = Identifier::Issuer.new('example')
60
+ assert_match(%Q(<saml:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">example</saml:Issuer>), @response.to_xml)
61
+ end
62
+ should "optionally include a signature" do
63
+ @response.signature = XmlSig::Signature.new()
64
+ assert_match(%Q(<ds:Signature), @response.to_xml)
65
+ end
66
+ end
67
+ end
68
+ end
@@ -0,0 +1,20 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class ScopingTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+ context "a scoping instance" do
6
+ setup do
7
+ @scoping = Scoping.new
8
+ end
9
+ context "when producing xml" do
10
+ should "optionally include a proxy count" do
11
+ @scoping.proxy_count = 2
12
+ assert_match '<samlp:Scoping ProxyCount="2"', @scoping.to_xml
13
+ end
14
+ should "optionally include an idp list" do
15
+ @scoping.idp_list = IDPList.new(IDPEntry.new('some_provider_id'))
16
+ assert_match '<samlp:IDPList><samlp:IDPEntry', @scoping.to_xml
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,34 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class StatusCodeTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+
6
+ context "the StatusCode class" do
7
+ should "have 4 top-level status codes" do
8
+ assert_equal 4, StatusCode.top_level_status_codes.length
9
+ end
10
+ should "have 19 second-level status codes" do
11
+ assert_equal 19, StatusCode.second_level_status_codes.length
12
+ end
13
+ should "have constants for the top-level status codes" do
14
+ assert_equal StatusCode.top_level_status_codes[:success], StatusCode::SUCCESS
15
+ assert_equal StatusCode.top_level_status_codes[:requestor], StatusCode::REQUESTOR
16
+ assert_equal StatusCode.top_level_status_codes[:responder], StatusCode::RESPONDER
17
+ assert_equal StatusCode.top_level_status_codes[:version_mismatch], StatusCode::VERSION_MISMATCH
18
+ end
19
+ end
20
+
21
+ context "a success status code instance" do
22
+ setup do
23
+ @status_code = StatusCode::SUCCESS
24
+ end
25
+ context "when producing xml" do
26
+ should "have the samlp:StatusCode element name" do
27
+ assert_match(/<samlp:StatusCode/, @status_code.to_xml)
28
+ end
29
+ should "include a value" do
30
+ assert_match(/Value="urn:oasis:names:tc:SAML:2.0:status:Success"/, @status_code.to_xml)
31
+ end
32
+ end
33
+ end
34
+ end
@@ -0,0 +1,16 @@
1
+ require File.dirname(__FILE__) + '/../test_helper'
2
+
3
+ class StatusTest < Test::Unit::TestCase
4
+ include RSAML::Protocol
5
+
6
+ context "a status instance" do
7
+ setup do
8
+ @status = Status.new(StatusCode::SUCCESS)
9
+ end
10
+ context "when producing xml" do
11
+ should "include a status code" do
12
+ assert_match(%Q(<samlp:StatusCode Value="#{StatusCode::SUCCESS}">), @status.to_xml)
13
+ end
14
+ end
15
+ end
16
+ end
@@ -0,0 +1,20 @@
1
+ require File.dirname(__FILE__) + '/test_helper'
2
+
3
+ class ProxyRestrictionTest < Test::Unit::TestCase
4
+ context "a proxy restriction" do
5
+ setup do
6
+ @proxy_restriction = ProxyRestriction.new
7
+ end
8
+ context "when producing xml" do
9
+ should "optionally include a count" do
10
+ @proxy_restriction.count = 1
11
+ assert_equal '<saml:ProxyRestriction Count="1"></saml:ProxyRestriction>', @proxy_restriction.to_xml
12
+ end
13
+ should "optionally include audiences" do
14
+ audience = Audience.new('some_uri')
15
+ @proxy_restriction.audiences << audience
16
+ assert_equal '<saml:ProxyRestriction><saml:Audience>some_uri</saml:Audience></saml:ProxyRestriction>', @proxy_restriction.to_xml
17
+ end
18
+ end
19
+ end
20
+ end
@@ -0,0 +1,12 @@
1
+ class RSAMLTest < Test::Unit::TestCase
2
+ context "the RSAML module" do
3
+ should "provide the SAML namespaces" do
4
+ assert_equal 'urn:oasis:names:tc:SAML:2.0:assertion', RSAML::saml_namespaces['saml']
5
+ assert_equal 'urn:oasis:names:tc:SAML:2.0:protocol', RSAML::saml_namespaces['samlp']
6
+ assert_equal 'http://www.w3.org/2000/09/xmldsig#', RSAML::saml_namespaces['ds']
7
+ assert_equal 'http://www.w3.org/2001/04/xmlenc#', RSAML::saml_namespaces['xenc']
8
+ assert_equal 'http://www.w3.org/2001/XMLSchema', RSAML::saml_namespaces['xs']
9
+ assert_equal 'http://www.w3.org/2001/XMLSchema-instance', RSAML::saml_namespaces['xsi']
10
+ end
11
+ end
12
+ end