diff options
| -rwxr-xr-x | bin/test.php | 32 | ||||
| -rw-r--r-- | config/test-template.php | 23 |
2 files changed, 48 insertions, 7 deletions
diff --git a/bin/test.php b/bin/test.php index a6ac235..d5a7889 100755 --- a/bin/test.php +++ b/bin/test.php @@ -136,7 +136,9 @@ function parseSimpleSamlHttpRedirectDebug($page) { * the post destination in 'url' and the post arguments as an associative array in 'post'. */ function parseSimpleSamlHttpPost($page) { - if(strpos($page, '<title>SAML 2.0 POST</title>') === FALSE && strpos($page, '<title>SAML Response Debug-mode</title>') === FALSE) { + if(strpos($page, '<title>SAML 2.0 POST</title>') === FALSE + && strpos($page, '<title>SAML Response Debug-mode</title>') === FALSE + && strpos($page, '<title>SAML (Shibboleth 1.3) Response Debug-mode</title>') === FALSE) { return FALSE; } @@ -146,20 +148,24 @@ function parseSimpleSamlHttpPost($page) { } $url = html_entity_decode($matches[1]); + $params = array(); + if(!preg_match('/<input type="hidden" name="SAMLResponse" value="([^"]*)" \\/>/', $page, $matches)) { echo('Invalid simpleSAMLphp HTTP-POST page. Missing SAMLResponse.' . "\n"); return FALSE; } - $samlResponse = html_entity_decode($matches[1]); + $params['SAMLResponse'] = html_entity_decode($matches[1]); - if(!preg_match('/<input type="hidden" name="RelayState" value="([^"]*)" \\/>/', $page, $matches)) { - echo('Invalid simpleSAMLphp HTTP-POST page. Missing RelayState.' . "\n"); - return FALSE; + if(preg_match('/<input type="hidden" name="RelayState" value="([^"]*)" \\/>/', $page, $matches)) { + $params['RelayState'] = html_entity_decode($matches[1]); } - $relayState = html_entity_decode($matches[1]); + if(preg_match('/<input type="hidden" name="TARGET" value="([^"]*)" \\/>/', $page, $matches)) { + $params['TARGET'] = html_entity_decode($matches[1]); + } - return array('url' => $url, 'post' => array('SAMLResponse' => $samlResponse, 'RelayState' => $relayState)); + + return array('url' => $url, 'post' => $params); } @@ -342,6 +348,11 @@ function initSSO($test, $curl) { $params['idp'] = $test['idp']; } + /* Add the protocol which simpleSAMLphp should use to authenticate. */ + if(array_key_exists('protocol', $test)) { + $params['protocol'] = $test['protocol']; + } + /* Add attribute tests. */ if(array_key_exists('attributes', $test)) { $i = 0; @@ -540,6 +551,8 @@ function doLogout($test, $curl) { function doTest($test) { $curl = curlCreate(); + $res = TRUE; + /* Initialize SSO. */ do { $loginPage = initSSO($test, $curl); @@ -563,6 +576,11 @@ function doTest($test) { echo('Logged in, attributes OK' . "\n"); + if(array_key_exists('protocol', $test) && $test['protocol'] === 'shib13') { + echo('Shib13: Logout not implemented.' . "\n"); + break; + } + echo('Logging out.' . "\n"); $result = doLogout($test, $curl); diff --git a/config/test-template.php b/config/test-template.php index 76d2ae6..63b1ba6 100644 --- a/config/test-template.php +++ b/config/test-template.php @@ -26,6 +26,29 @@ $tests[] = array( ); +/* Add a test towards the default IdP using the shib13 protocol. */ +$tests[] = array( + + /* The full url to the admin/test.php page on the SP. */ + 'url' => 'https://example.org/simplesaml/admin/test.php', + + /* The protocol we are going to test. */ + 'protocol' => 'shib13', + + /* The username and password which should be used for logging in. ('simplesaml' login type) */ + 'username' => 'username', + 'password' => 'secretpassword', + + /* The type of login page we expect. */ + 'logintype' => 'simplesaml', + + /* Expected attributes in the result. */ + 'attributes' => array( + 'uid' => 'test', + ), + ); + + /* Add a test towards the specified IdP using the FEIDE login handler. */ $tests[] = array( |