summaryrefslogtreecommitdiffstats
path: root/tests/lib
diff options
context:
space:
mode:
Diffstat (limited to 'tests/lib')
-rw-r--r--tests/lib/SimpleSAML/ConfigurationTest.php263
-rw-r--r--tests/lib/SimpleSAML/Utils/Config/MetadataTest.php55
2 files changed, 318 insertions, 0 deletions
diff --git a/tests/lib/SimpleSAML/ConfigurationTest.php b/tests/lib/SimpleSAML/ConfigurationTest.php
index 8fb8aa8..b66daa6 100644
--- a/tests/lib/SimpleSAML/ConfigurationTest.php
+++ b/tests/lib/SimpleSAML/ConfigurationTest.php
@@ -451,6 +451,23 @@ class Test_SimpleSAML_Configuration extends PHPUnit_Framework_TestCase
$c->getConfigList('opt');
}
+
+ /**
+ * Test SimpleSAML_Configuration::getConfigList() with an array of wrong options.
+ * @expectedException Exception
+ */
+ public function testGetConfigListWrongArrayValues()
+ {
+ $c = SimpleSAML_Configuration::loadFromArray(array(
+ 'opts' => array(
+ 'a',
+ 'b',
+ ),
+ ));
+ $c->getConfigList('opts');
+ }
+
+
/**
* Test SimpleSAML_Configuration::getOptions()
*/
@@ -473,6 +490,221 @@ class Test_SimpleSAML_Configuration extends PHPUnit_Framework_TestCase
$this->assertEquals($c->toArray(), array('a' => TRUE, 'b' => NULL));
}
+
+ /**
+ * Test SimpleSAML_Configuration::getDefaultEndpoint().
+ *
+ * Iterate over all different valid definitions of endpoints and check if the expected output is produced.
+ */
+ public function testGetDefaultEndpoint()
+ {
+ /*
+ * First we run the full set of tests covering all possible configurations for indexed endpoint types,
+ * basically AssertionConsumerService and ArtifactResolutionService. Since both are the same, we just run the
+ * tests for AssertionConsumerService.
+ */
+ $acs_eps = array(
+ // just a string with the location
+ 'https://example.com/endpoint.php',
+ // an array of strings with location of different endpoints
+ array(
+ 'https://www1.example.com/endpoint.php',
+ 'https://www2.example.com/endpoint.php',
+ ),
+ // define location and binding
+ array(
+ array(
+ 'Location' => 'https://example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ ),
+ ),
+ // define the ResponseLocation too
+ array(
+ array(
+ 'Location' => 'https://example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ 'ResponseLocation' => 'https://example.com/endpoint.php',
+ ),
+ ),
+ // make sure indexes are NOT taken into account (they just identify endpoints)
+ array(
+ array(
+ 'index' => 1,
+ 'Location' => 'https://www1.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_REDIRECT,
+ ),
+ array(
+ 'index' => 2,
+ 'Location' => 'https://www2.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ ),
+ ),
+ // make sure isDefault has priority over indexes
+ array(
+ array(
+ 'index' => 1,
+ 'Location' => 'https://www2.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ ),
+ array(
+ 'index' => 2,
+ 'isDefault' => true,
+ 'Location' => 'https://www1.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_REDIRECT,
+ ),
+ ),
+ // make sure endpoints with invalid bindings are ignored and those marked as NOT default are still used
+ array(
+ array(
+ 'index' => 1,
+ 'Location' => 'https://www1.example.com/endpoint.php',
+ 'Binding' => 'invalid_binding',
+ ),
+ array(
+ 'index' => 2,
+ 'isDefault' => false,
+ 'Location' => 'https://www2.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ ),
+ ),
+ );
+ $acs_expected_eps = array(
+ // output should be completed with the default binding (HTTP-POST for ACS)
+ array(
+ 'Location' => 'https://example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ ),
+ // we should just get the first endpoint with the default binding
+ array(
+ 'Location' => 'https://www1.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ ),
+ // if we specify the binding, we should get it back
+ array(
+ 'Location' => 'https://example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST
+ ),
+ // if we specify ResponseLocation, we should get it back too
+ array(
+ 'Location' => 'https://example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ 'ResponseLocation' => 'https://example.com/endpoint.php',
+ ),
+ // indexes must NOT be taken into account, order is the only thing that matters here
+ array(
+ 'Location' => 'https://www1.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_REDIRECT,
+ 'index' => 1,
+ ),
+ // isDefault must have higher priority than indexes
+ array(
+ 'Location' => 'https://www1.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_REDIRECT,
+ 'isDefault' => true,
+ 'index' => 2,
+ ),
+ // the first valid enpoint should be used even if it's marked as NOT default
+ array(
+ 'index' => 2,
+ 'isDefault' => false,
+ 'Location' => 'https://www2.example.com/endpoint.php',
+ 'Binding' => SAML2_Const::BINDING_HTTP_POST,
+ )
+ );
+
+ $a = array(
+ 'metadata-set' => 'saml20-sp-remote',
+ 'ArtifactResolutionService' => 'https://example.com/ars',
+ 'SingleSignOnService' => 'https://example.com/sso',
+ 'SingleLogoutService' => array(
+ 'Location' => 'https://example.com/slo',
+ 'Binding' => 'valid_binding', // test unknown bindings if we don't specify a list of valid ones
+ ),
+ );
+
+ $valid_bindings = array(
+ SAML2_Const::BINDING_HTTP_POST,
+ SAML2_Const::BINDING_HTTP_REDIRECT,
+ SAML2_Const::BINDING_HOK_SSO,
+ SAML2_Const::BINDING_HTTP_ARTIFACT.
+ SAML2_Const::BINDING_SOAP,
+ );
+
+ // run all general tests with AssertionConsumerService endpoint type
+ foreach ($acs_eps as $i => $ep) {
+ $a['AssertionConsumerService'] = $ep;
+ $c = SimpleSAML_Configuration::loadFromArray($a);
+ $this->assertEquals($acs_expected_eps[$i], $c->getDefaultEndpoint(
+ 'AssertionConsumerService',
+ $valid_bindings
+ ));
+ }
+
+ // now make sure SingleSignOnService, SingleLogoutService and ArtifactResolutionService works fine
+ $a['metadata-set'] = 'shib13-idp-remote';
+ $c = SimpleSAML_Configuration::loadFromArray($a);
+ $this->assertEquals(
+ array(
+ 'Location' => 'https://example.com/sso',
+ 'Binding' => 'urn:mace:shibboleth:1.0:profiles:AuthnRequest',
+ ),
+ $c->getDefaultEndpoint('SingleSignOnService')
+ );
+ $a['metadata-set'] = 'saml20-idp-remote';
+ $c = SimpleSAML_Configuration::loadFromArray($a);
+ $this->assertEquals(
+ array(
+ 'Location' => 'https://example.com/ars',
+ 'Binding' => SAML2_Const::BINDING_SOAP,
+ ),
+ $c->getDefaultEndpoint('ArtifactResolutionService')
+ );
+ $this->assertEquals(
+ array(
+ 'Location' => 'https://example.com/slo',
+ 'Binding' => SAML2_Const::BINDING_HTTP_REDIRECT,
+ ),
+ $c->getDefaultEndpoint('SingleLogoutService')
+ );
+
+ // test for old shib1.3 AssertionConsumerService
+ $a['metadata-set'] = 'shib13-sp-remote';
+ $a['AssertionConsumerService'] = 'https://example.com/endpoint.php';
+ $c = SimpleSAML_Configuration::loadFromArray($a);
+ $this->assertEquals(
+ array(
+ 'Location' => 'https://example.com/endpoint.php',
+ 'Binding' => 'urn:oasis:names:tc:SAML:1.0:profiles:browser-post',
+ ),
+ $c->getDefaultEndpoint('AssertionConsumerService')
+ );
+
+ // test for no valid endpoints specified
+ $a['SingleLogoutService'] = array(
+ array(
+ 'Location' => 'https://example.com/endpoint.php',
+ 'Binding' => 'invalid_binding',
+ 'isDefault' => true,
+ ),
+ );
+ $c = SimpleSAML_Configuration::loadFromArray($a);
+ try {
+ $c->getDefaultEndpoint('SingleLogoutService', $valid_bindings);
+ $this->fail('Failed to detect invalid endpoint binding.');
+ } catch (Exception $e) {
+ $this->assertEquals('[ARRAY][\'SingleLogoutService\']:Could not find a supported SingleLogoutService '.
+ 'endpoint.', $e->getMessage());
+ }
+ $a['metadata-set'] = 'foo';
+ $c = SimpleSAML_Configuration::loadFromArray($a);
+ try {
+ $c->getDefaultEndpoint('SingleSignOnService');
+ $this->fail('No valid metadata set specified.');
+ } catch (Exception $e) {
+ $this->assertStringStartsWith('Missing default binding for', $e->getMessage());
+ }
+ }
+
/**
* Test SimpleSAML_Configuration::getLocalizedString()
*/
@@ -522,4 +754,35 @@ class Test_SimpleSAML_Configuration extends PHPUnit_Framework_TestCase
$c->getLocalizedString('opt');
}
+
+ /**
+ * Test that the default instance fails to load even if we previously loaded another instance.
+ * @expectedException Exception
+ */
+ public function testLoadDefaultInstance()
+ {
+ SimpleSAML_Configuration::loadFromArray(array('key' => 'value'), '', 'dummy');
+ $c = SimpleSAML_Configuration::getInstance();
+ var_dump($c);
+ }
+
+
+ /**
+ * Test that Configuration objects can be initialized from an array.
+ *
+ * ATTENTION: this test must be kept the last.
+ */
+ public function testLoadInstanceFromArray()
+ {
+ $c = array(
+ 'key' => 'value'
+ );
+ // test loading a custom instance
+ SimpleSAML_Configuration::loadFromArray($c, '', 'dummy');
+ $this->assertEquals('value', SimpleSAML_Configuration::getInstance('dummy')->getValue('key', null));
+
+ // test loading the default instance
+ SimpleSAML_Configuration::loadFromArray($c, '', 'simplesaml');
+ $this->assertEquals('value', SimpleSAML_Configuration::getInstance()->getValue('key', null));
+ }
}
diff --git a/tests/lib/SimpleSAML/Utils/Config/MetadataTest.php b/tests/lib/SimpleSAML/Utils/Config/MetadataTest.php
index 26ca926..8a77135 100644
--- a/tests/lib/SimpleSAML/Utils/Config/MetadataTest.php
+++ b/tests/lib/SimpleSAML/Utils/Config/MetadataTest.php
@@ -12,6 +12,13 @@ class Utils_MetadataTest extends PHPUnit_Framework_TestCase
*/
public function testGetContact()
{
+ // test invalid argument
+ try {
+ $parsed = \SimpleSAML\Utils\Config\Metadata::getContact('string');
+ } catch (InvalidArgumentException $e) {
+ $this->assertEquals('Invalid input parameters', $e->getMessage());
+ }
+
// test missing type
$contact = array(
'name' => 'John Doe'
@@ -159,6 +166,12 @@ class Utils_MetadataTest extends PHPUnit_Framework_TestCase
);
}
}
+ $valid_types = array('email@example.com', array('email1@example.com', 'email2@example.com'));
+ foreach ($valid_types as $type) {
+ $contact['emailAddress'] = $type;
+ $parsed = \SimpleSAML\Utils\Config\Metadata::getContact($contact);
+ $this->assertEquals($type, $parsed['emailAddress']);
+ }
// test telephoneNumber
$contact = array(
@@ -185,6 +198,12 @@ class Utils_MetadataTest extends PHPUnit_Framework_TestCase
$this->assertEquals('Telephone numbers must be a string and cannot be empty.', $e->getMessage());
}
}
+ $valid_types = array('1234', array('1234', '5678'));
+ foreach ($valid_types as $type) {
+ $contact['telephoneNumber'] = $type;
+ $parsed = \SimpleSAML\Utils\Config\Metadata::getContact($contact);
+ $this->assertEquals($type, $parsed['telephoneNumber']);
+ }
// test completeness
$contact = array();
@@ -199,4 +218,40 @@ class Utils_MetadataTest extends PHPUnit_Framework_TestCase
}
$this->assertArrayNotHasKey('name', $parsed);
}
+
+
+ /**
+ * Test \SimpleSAML\Utils\Config\Metadata::isHiddenFromDiscovery().
+ */
+ public function testIsHiddenFromDiscovery()
+ {
+ // test for success
+ $metadata = array(
+ 'EntityAttributes' => array(
+ \SimpleSAML\Utils\Config\Metadata::$ENTITY_CATEGORY => array(
+ \SimpleSAML\Utils\Config\Metadata::$HIDE_FROM_DISCOVERY,
+ ),
+ ),
+ );
+ $this->assertTrue(\SimpleSAML\Utils\Config\Metadata::isHiddenFromDiscovery($metadata));
+
+ // test for failures
+ $this->assertFalse(\SimpleSAML\Utils\Config\Metadata::isHiddenFromDiscovery(array('foo')));
+ $this->assertFalse(\SimpleSAML\Utils\Config\Metadata::isHiddenFromDiscovery(array(
+ 'EntityAttributes' => 'bar',
+ )));
+ $this->assertFalse(\SimpleSAML\Utils\Config\Metadata::isHiddenFromDiscovery(array(
+ 'EntityAttributes' => array(),
+ )));
+ $this->assertFalse(\SimpleSAML\Utils\Config\Metadata::isHiddenFromDiscovery(array(
+ 'EntityAttributes' => array(
+ \SimpleSAML\Utils\Config\Metadata::$ENTITY_CATEGORY => '',
+ ),
+ )));
+ $this->assertFalse(\SimpleSAML\Utils\Config\Metadata::isHiddenFromDiscovery(array(
+ 'EntityAttributes' => array(
+ \SimpleSAML\Utils\Config\Metadata::$ENTITY_CATEGORY => array(),
+ ),
+ )));
+ }
}
generated by cgit v1.1 at 2025-06-03 02:55:28 +0000