Skip to content

Commit

Permalink
Added test for multiple keys
Browse files Browse the repository at this point in the history
- Idp configured with two keys, only one validates the
  signature.
  • Loading branch information
AndersAbel committed Oct 23, 2015
1 parent 38e03b1 commit 82e0f22
Showing 1 changed file with 44 additions and 0 deletions.
44 changes: 44 additions & 0 deletions Kentor.AuthServices.Tests/Saml2P/Saml2ResponseTests.cs
Original file line number Diff line number Diff line change
Expand Up @@ -202,6 +202,50 @@ public void Saml2Response_GetClaims_CorrectSignedResponseMessage()
a.ShouldNotThrow();
}

[TestMethod]
[NotReRunnable]
public void Saml2Response_GetClaims_CorrectSignedResponseMessageSecondaryKey()
{
var response =
@"<?xml version=""1.0"" encoding=""UTF-8""?>
<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol""
xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion""
ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z"">
<saml2:Issuer>https://twokeys.example.com</saml2:Issuer>
<saml2p:Status>
<saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" />
</saml2p:Status>
<saml2:Assertion xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion""
Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1""
IssueInstant=""2013-09-25T00:00:00Z"">
<saml2:Issuer>https://twokeys.example.com</saml2:Issuer>
<saml2:Subject>
<saml2:NameID>SomeUser</saml2:NameID>
<saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" />
</saml2:Subject>
<saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" />
</saml2:Assertion>
</saml2p:Response>";

var signedResponse = SignedXmlHelper.SignXml(response);

var options = StubFactory.CreateOptions();

var idp = new IdentityProvider(
new EntityId("https://twokeys.example.com"), options.SPOptions)
{
AllowUnsolicitedAuthnResponse = true
};

idp.SigningKeys.AddConfiguredItem(SignedXmlHelper.TestKey2);
idp.SigningKeys.AddConfiguredItem(SignedXmlHelper.TestKey);

options.IdentityProviders.Add(idp);

Action a = () => Saml2Response.Read(signedResponse).GetClaims(options);
a.ShouldNotThrow();
}

[TestMethod]
[NotReRunnable]
public void Saml2Response_GetClaims_CorrectSignedResponseMessage_WithAuthnStatement()
Expand Down

0 comments on commit 82e0f22

Please sign in to comment.