aboutsummaryrefslogtreecommitdiff
path: root/id/server/modules/moa-id-modules-saml1/src/test
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2015-09-14 13:29:32 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2015-09-14 13:29:32 +0200
commit76bae60e9bda1acb7ee0e3d45ab187749d16bf82 (patch)
treeba22e87aeee1330e70e702dcfb4612fd951e6c7a /id/server/modules/moa-id-modules-saml1/src/test
parent1131cdf040e608c3f79dd8987ec3b8444fc9bf0d (diff)
downloadmoa-id-spss-76bae60e9bda1acb7ee0e3d45ab187749d16bf82.tar.gz
moa-id-spss-76bae60e9bda1acb7ee0e3d45ab187749d16bf82.tar.bz2
moa-id-spss-76bae60e9bda1acb7ee0e3d45ab187749d16bf82.zip
move citizen-card authentication and validation (Security-layer communication) to discrete module
Diffstat (limited to 'id/server/modules/moa-id-modules-saml1/src/test')
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java98
-rw-r--r--id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java101
2 files changed, 199 insertions, 0 deletions
diff --git a/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java
new file mode 100644
index 000000000..ebdec6d22
--- /dev/null
+++ b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java
@@ -0,0 +1,98 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package test.at.gv.egovernment.moa.id.auth.builder;
+
+import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
+import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.util.Base64Utils;
+
+import test.at.gv.egovernment.moa.id.UnitTestCase;
+
+/**
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class SAMLArtifactBuilderTest extends UnitTestCase {
+
+ private static final String AUTH_URL = "https://moa.gv.at/auth/";
+ private static final String SESSION_ID_1 = "123456";
+ private static final String SESSION_ID_2 = "123457";
+ private static final String SESSION_ID_3 = "1234567";
+
+ private SAMLArtifactBuilder builder;
+ private byte[] artifact1;
+ private byte[] artifact2;
+ private byte[] artifact3;
+
+ public SAMLArtifactBuilderTest(String name) {
+ super(name);
+ }
+ protected void setUp() throws Exception {
+ builder = new SAMLArtifactBuilder();
+ artifact1 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false);
+ artifact2 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_2, null), false);
+ artifact3 = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_3, null), false);
+ }
+
+ public void testBuildArtifactLength() throws BuildException {
+ assertEquals(42, artifact1.length);
+ assertEquals(42, artifact2.length);
+ assertEquals(42, artifact3.length);
+ }
+ public void testBuildSameArtifact() throws Exception {
+ byte[] artifact1Clone = Base64Utils.decode(builder.build(AUTH_URL, SESSION_ID_1, null), false);
+ assertEquals(new String(artifact1), new String(artifact1Clone));
+ }
+ public void testBuildDifferentArtifacts() throws BuildException {
+ String msg = "SAML Artifacts should be different";
+ assertFalse(msg, new String(artifact1).equals(new String(artifact2)));
+ assertFalse(msg, new String(artifact1).equals(new String(artifact3)));
+ assertFalse(msg, new String(artifact3).equals(new String(artifact2)));
+ }
+
+
+}
diff --git a/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
new file mode 100644
index 000000000..961c8d0b5
--- /dev/null
+++ b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
@@ -0,0 +1,101 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+
+package test.at.gv.egovernment.moa.id.auth.parser;
+
+import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
+import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
+import at.gv.egovernment.moa.id.util.Random;
+import test.at.gv.egovernment.moa.id.UnitTestCase;
+
+/*
+ * @author Paul Ivancsics
+ * @version $Id$
+ */
+public class SAMLArtifactParserTest extends UnitTestCase {
+
+ private static String URL1 = "http://moa.gv.at/auth";
+ private static String URL2 = "https://moa.gv.at/auth";
+
+ public SAMLArtifactParserTest(String name) {
+ super(name);
+ }
+
+ public void testParseTypeCode() throws Exception {
+ String sessionID = Random.nextRandom();
+ String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null);
+ byte[] typeCode = new SAMLArtifactParser(samlArtifact).parseTypeCode();
+ assertEquals(typeCode[0], 0);
+ assertEquals(typeCode[1], 1);
+ }
+ public void testParseAssertionHandleSameSessionID() throws Exception {
+ // SAML artifacts for different authURL's but same sessionID MUST give same assertion handle
+ String sessionID = Random.nextRandom();
+ String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID, null);
+ String samlArtifact2 = new SAMLArtifactBuilder().build(URL2, sessionID, null);
+ String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle();
+ String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle();
+ assertEquals(assertionHandle1, assertionHandle2);
+ }
+ public void testParseAssertionHandleSameURL() throws Exception {
+ // SAML artifacts for same authURL but different sessionID's MUST give different assertion handles
+ String sessionID1 = Random.nextRandom();
+ String sessionID2 = Random.nextRandom();
+ String samlArtifact1 = new SAMLArtifactBuilder().build(URL1, sessionID1, null);
+ String samlArtifact2 = new SAMLArtifactBuilder().build(URL1, sessionID2, null);
+ String assertionHandle1 = new SAMLArtifactParser(samlArtifact1).parseAssertionHandle();
+ String assertionHandle2 = new SAMLArtifactParser(samlArtifact2).parseAssertionHandle();
+ assertFalse(assertionHandle1.equals(assertionHandle2));
+ }
+ public void testParseAssertionHandleSameSAMLArtifact() throws Exception {
+ // SAML artifact parsed twice MUST give same assertion handle each time
+ String sessionID = Random.nextRandom();
+ String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null);
+ String assertionHandle1 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
+ String assertionHandle2 = new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
+ assertEquals(assertionHandle1, assertionHandle2);
+ }
+}