diff options
Diffstat (limited to 'eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java')
-rw-r--r-- | eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java | 69 |
1 files changed, 69 insertions, 0 deletions
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java new file mode 100644 index 00000000..95f63003 --- /dev/null +++ b/eaaf_modules/eaaf_module_pvp2_core/src/test/java/at/gv/egiz/eaaf/modules/pvp2/test/SamlVerificationEngineWithHsmFacadeTest.java @@ -0,0 +1,69 @@ +package at.gv.egiz.eaaf.modules.pvp2.test; + +import at.gv.egiz.eaaf.modules.pvp2.api.credential.EaafX509Credential; +import at.gv.egiz.eaaf.modules.pvp2.exception.SamlSigningException; + +import org.junit.Test; +import org.junit.runner.RunWith; +import org.opensaml.xmlsec.signature.support.SignatureConstants; +import org.springframework.test.context.ContextConfiguration; +import org.springframework.test.context.TestPropertySource; +import org.springframework.test.context.junit4.SpringJUnit4ClassRunner; + +@RunWith(SpringJUnit4ClassRunner.class) +@ContextConfiguration({ "/spring/test_eaaf_pvp.beans.xml", + "/spring/test_eaaf_core_spring_config.beans.xml" }) +@TestPropertySource(locations = { "/config/config_3.props" }) +public class SamlVerificationEngineWithHsmFacadeTest extends AbstractSamlVerificationEngine { + + @Override + protected String getMetadataClassPathEntityPath() { + return "classpath:/data/pvp_metadata_junit_keystore_classpath_entityId.xml"; + + } + + @Override + protected String getMetadataJunitJKeystore() { + return "classpath:/data/pvp_metadata_junit_keystore.xml"; + } + + @Override + protected String getAuthnRequestWithoutSigPath() { + return "/data/AuthRequest_without_sig_1.xml"; + + } + + @Override + protected String getResponseWithSigPath() { + return "/data/Response_with_sig_1.xml"; + } + + @Override + protected String getResponseWithoutSigPath() { + return "/data/Response_without_sig_1.xml"; + } + + @Test + public void validateSamlRequestWrongSignatureAlg() throws SecurityException, Exception { + + final String authnReqPath = getAuthnRequestWithoutSigPath(); + final String metadataPath = getMetadataJunitJKeystore(); + final String spEntityId = metadataPath; + + metadataProvider.runGarbageCollector(); + + final EaafX509Credential cred = credentialProvider.getMetaDataSigningCredential(); + cred.setSignatureAlgorithmForSigning(SignatureConstants.ALGO_ID_SIGNATURE_NOT_RECOMMENDED_RSA_MD5); + try { + initializeAuthnRequest(spEntityId, metadataPath, authnReqPath, + cred); + org.junit.Assert.fail("Wrong SigAlg not detected"); + + } catch (final SamlSigningException e) { + org.junit.Assert.assertEquals("Wrong errorCode", "internal.pvp.96", e.getErrorId()); + + } + } + + +} |