diff --git a/core/pom.xml b/core/pom.xml index 8687059f..cebd434b 100644 --- a/core/pom.xml +++ b/core/pom.xml @@ -3,7 +3,7 @@ com.onelogin java-saml-toolkit - 2.9.1-SNAPSHOT + 3.0.0-SNAPSHOT jar @@ -27,15 +27,23 @@ junit test + + org.mockito + mockito-core + 3.12.4 + test + org.slf4j slf4j-api + 2.0.5 ch.qos.logback logback-classic + 1.4.7 true diff --git a/core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java b/core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java index ec3b0abf..13761029 100644 --- a/core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java +++ b/core/src/main/java/com/onelogin/saml2/authn/SamlResponse.java @@ -15,6 +15,7 @@ import javax.xml.parsers.ParserConfigurationException; import javax.xml.xpath.XPathExpressionException; +import com.onelogin.saml2.http.HttpRequest; import com.onelogin.saml2.model.hsm.HSM; import org.apache.commons.lang3.StringUtils; @@ -28,7 +29,6 @@ import org.xml.sax.SAXException; import com.onelogin.saml2.exception.SettingsException; import com.onelogin.saml2.exception.ValidationError; -import com.onelogin.saml2.http.HttpRequest; import com.onelogin.saml2.model.SamlResponseStatus; import com.onelogin.saml2.model.SubjectConfirmationIssue; import com.onelogin.saml2.settings.Saml2Settings; diff --git a/core/src/main/java/com/onelogin/saml2/http/HttpRequest.java b/core/src/main/java/com/onelogin/saml2/http/HttpRequest.java index 6567bcf5..3526cdb1 100644 --- a/core/src/main/java/com/onelogin/saml2/http/HttpRequest.java +++ b/core/src/main/java/com/onelogin/saml2/http/HttpRequest.java @@ -1,150 +1,56 @@ package com.onelogin.saml2.http; -import static com.onelogin.saml2.util.Preconditions.checkNotNull; -import static java.util.Collections.unmodifiableList; -import static java.util.Collections.unmodifiableMap; +import com.onelogin.saml2.util.Util; -import java.util.ArrayList; -import java.util.Collections; +import java.util.Arrays; import java.util.HashMap; import java.util.List; import java.util.Map; -import java.util.Objects; import java.util.regex.Matcher; import java.util.regex.Pattern; -import org.apache.commons.lang3.StringUtils; - -import com.onelogin.saml2.util.Util; - /** - * Framework-agnostic representation of an HTTP request. + * Framework-agnostic definition of an HTTP request with a very minimal set of + * methods needed to support the SAML handshake. * - * @since 2.0.0 + * @since 3.0.0 */ -public final class HttpRequest { +public interface HttpRequest { - public static final Map> EMPTY_PARAMETERS = Collections.>emptyMap(); + int getServerPort(); - private final String requestURL; - private final Map> parameters; - private final String queryString; + String getScheme(); - /** - * Creates a new HttpRequest. - * - * @param requestURL the request URL (up to but not including query parameters) - * @throws NullPointerException if requestURL is null - * @deprecated Not providing a queryString can cause HTTP Redirect binding to fail. - */ - @Deprecated - public HttpRequest(String requestURL) { - this(requestURL, EMPTY_PARAMETERS); - } + String getServerName(); - /** - * Creates a new HttpRequest. - * - * @param requestURL the request URL (up to but not including query parameters) - * @param queryString string that is contained in the request URL after the path - */ - public HttpRequest(String requestURL, String queryString) { - this(requestURL, EMPTY_PARAMETERS, queryString); - } + String getRequestURL(); - /** - * Creates a new HttpRequest. - * - * @param requestURL the request URL (up to but not including query parameters) - * @param parameters the request query parameters - * @throws NullPointerException if any of the parameters is null - * @deprecated Not providing a queryString can cause HTTP Redirect binding to fail. - */ - @Deprecated - public HttpRequest(String requestURL, Map> parameters) { - this(requestURL, parameters, null); - } + String getRequestURI(); - /** - * Creates a new HttpRequest. - * - * @param requestURL the request URL (up to but not including query parameters) - * @param parameters the request query parameters - * @param queryString string that is contained in the request URL after the path - * @throws NullPointerException if any of the parameters is null - */ - public HttpRequest(String requestURL, Map> parameters, String queryString) { - this.requestURL = checkNotNull(requestURL, "requestURL"); - this.parameters = unmodifiableCopyOf(checkNotNull(parameters, "queryParams")); - this.queryString = StringUtils.trimToEmpty(queryString); - } - - /** - * @param name the query parameter name - * @param value the query parameter value - * @return a new HttpRequest with the given query parameter added - * @throws NullPointerException if any of the parameters is null - */ - public HttpRequest addParameter(String name, String value) { - checkNotNull(name, "name"); - checkNotNull(value, "value"); + String getQueryString(); - final List oldValues = parameters.containsKey(name) ? parameters.get(name) : new ArrayList(); - final List newValues = new ArrayList<>(oldValues); - newValues.add(value); - final Map> params = new HashMap<>(parameters); - params.put(name, newValues); - - return new HttpRequest(requestURL, params, queryString); - } + void invalidateSession(); - /** - * @param name the query parameter name - * @return a new HttpRequest with the given query parameter removed - * @throws NullPointerException if any of the parameters is null - */ - public HttpRequest removeParameter(String name) { - checkNotNull(name, "name"); + Map getParameterMap(); - final Map> params = new HashMap<>(parameters); - params.remove(name); + default List getParameters(String name) { + final Map paramsAsArray = getParameterMap(); + final Map> paramsAsList = new HashMap<>(); + for (Map.Entry param : paramsAsArray.entrySet()) { + paramsAsList.put(param.getKey(), Arrays.asList(param.getValue())); + } - return new HttpRequest(requestURL, params, queryString); - } - - /** - * The URL the client used to make the request. Includes a protocol, server name, port number, and server path, but - * not the query string parameters. - * - * @return the request URL - */ - public String getRequestURL() { - return requestURL; + return paramsAsList.get(name); } - /** - * @param name the query parameter name - * @return the first value for the parameter, or null - */ - public String getParameter(String name) { + default String getParameter(String name) { List values = getParameters(name); - return values.isEmpty() ? null : values.get(0); - } - - /** - * @param name the query parameter name - * @return a List containing all values for the parameter - */ - public List getParameters(String name) { - List values = parameters.get(name); - return values != null ? values : Collections.emptyList(); + return (values == null || values.isEmpty()) ? null : values.get(0); } - /** - * @return a map of all query parameters - */ - public Map> getParameters() { - return parameters; + default String getEncodedParameter(String name, String defaultValue) { + String value = getEncodedParameter(name); + return (value != null) ? value : Util.urlEncoder(defaultValue); } /** @@ -155,7 +61,8 @@ public Map> getParameters() { * @param name * @return the first value for the parameter, or null */ - public String getEncodedParameter(String name) { + default String getEncodedParameter(String name) { + String queryString = getQueryString(); Matcher matcher = Pattern.compile(Pattern.quote(name) + "=([^&#]+)").matcher(queryString); if (matcher.find()) { return matcher.group(1); @@ -164,58 +71,4 @@ public String getEncodedParameter(String name) { } } - /** - * Return an url encoded get parameter value - * Prefer to extract the original encoded value directly from queryString since url - * encoding is not canonical. - * - * @param name - * @param defaultValue - * @return the first value for the parameter, or url encoded default value - */ - public String getEncodedParameter(String name, String defaultValue) { - String value = getEncodedParameter(name); - return (value != null ? value : Util.urlEncoder(defaultValue)); - } - - @Override - public boolean equals(Object o) { - if (this == o) { - return true; - } - - if (o == null || getClass() != o.getClass()) { - return false; - } - - HttpRequest that = (HttpRequest) o; - return Objects.equals(requestURL, that.requestURL) && - Objects.equals(parameters, that.parameters) && - Objects.equals(queryString, that.queryString); - } - - @Override - public int hashCode() { - return Objects.hash(requestURL, parameters, queryString); - } - - @Override - public String toString() { - return "HttpRequest{" + - "requestURL='" + requestURL + '\'' + - ", parameters=" + parameters + - ", queryString=" + queryString + - '}'; - } - - private static Map> unmodifiableCopyOf(Map> orig) { - Map> copy = new HashMap<>(); - for (Map.Entry> entry : orig.entrySet()) { - copy.put(entry.getKey(), unmodifiableList(new ArrayList<>(entry.getValue()))); - } - - return unmodifiableMap(copy); - } - - } diff --git a/core/src/main/java/com/onelogin/saml2/http/HttpRequestUtils.java b/core/src/main/java/com/onelogin/saml2/http/HttpRequestUtils.java new file mode 100644 index 00000000..a24dd088 --- /dev/null +++ b/core/src/main/java/com/onelogin/saml2/http/HttpRequestUtils.java @@ -0,0 +1,83 @@ +package com.onelogin.saml2.http; + +import org.apache.commons.lang3.StringUtils; + +public class HttpRequestUtils { + + private HttpRequestUtils() { + } + + /** + * Returns the protocol + the current host + the port (if different than + * common ports). + * + * @param request + * HttpServletRequest object to be processed + * + * @return the HOST URL + */ + public static String getSelfURLhost(HttpRequest request) { + String hostUrl = StringUtils.EMPTY; + final int serverPort = request.getServerPort(); + if ((serverPort == 80) || (serverPort == 443) || serverPort == 0) { + hostUrl = String.format("%s://%s", request.getScheme(), request.getServerName()); + } else { + hostUrl = String.format("%s://%s:%s", request.getScheme(), request.getServerName(), serverPort); + } + return hostUrl; + } + + /** + * Returns the URL of the current context + current view + query + * + * @param request + * HttpServletRequest object to be processed + * + * @return current context + current view + query + */ + public static String getSelfURL(HttpRequest request) { + String url = getSelfURLhost(request); + + String requestUri = request.getRequestURI(); + String queryString = request.getQueryString(); + + if (null != requestUri && !requestUri.isEmpty()) { + url += requestUri; + } + + if (null != queryString && !queryString.isEmpty()) { + url += '?' + queryString; + } + return url; + } + + /** + * Returns the URL of the current host + current view. + * + * @param request + * HttpServletRequest object to be processed + * + * @return current host + current view + */ + public static String getSelfURLNoQuery(HttpRequest request) { + return request.getRequestURL(); + } + + /** + * Returns the routed URL of the current host + current view. + * + * @param request + * HttpServletRequest object to be processed + * + * @return the current routed url + */ + public static String getSelfRoutedURLNoQuery(HttpRequest request) { + String url = getSelfURLhost(request); + String requestUri = request.getRequestURI(); + if (null != requestUri && !requestUri.isEmpty()) { + url += requestUri; + } + return url; + } + +} diff --git a/core/src/main/java/com/onelogin/saml2/http/HttpResponse.java b/core/src/main/java/com/onelogin/saml2/http/HttpResponse.java new file mode 100644 index 00000000..7c200a6d --- /dev/null +++ b/core/src/main/java/com/onelogin/saml2/http/HttpResponse.java @@ -0,0 +1,15 @@ +package com.onelogin.saml2.http; + +import java.io.IOException; + +/** + * Framework-agnostic definition of an HTTP response with a very minimal set of + * methods needed to support the SAML handshake. + * + * @since 3.0.0 + */ +public interface HttpResponse { + + void sendRedirect(String location) throws IOException; + +} diff --git a/core/src/main/java/com/onelogin/saml2/http/HttpResponseUtils.java b/core/src/main/java/com/onelogin/saml2/http/HttpResponseUtils.java new file mode 100644 index 00000000..9a8054b5 --- /dev/null +++ b/core/src/main/java/com/onelogin/saml2/http/HttpResponseUtils.java @@ -0,0 +1,85 @@ +package com.onelogin.saml2.http; + +import com.onelogin.saml2.util.Util; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +public class HttpResponseUtils { + + private HttpResponseUtils() { + } + + /** + * Redirect to location url + * + * @param response + * HttpServletResponse object to be used + * @param location + * target location url + * @param parameters + * GET parameters to be added + * @param stay + * True if we want to stay (returns the url string) False to execute redirection + * + * @return string the target URL + * @throws IOException + */ + public static String sendRedirect(HttpResponse response, String location, Map parameters, Boolean stay) throws IOException { + String target = location; + + if (!parameters.isEmpty()) { + boolean first = !location.contains("?"); + for (Map.Entry parameter : parameters.entrySet()) { + if (first) { + target += "?"; + first = false; + } else { + target += "&"; + } + target += parameter.getKey(); + if (!parameter.getValue().isEmpty()) { + target += "=" + Util.urlEncoder(parameter.getValue()); + } + } + } + if (!stay) { + response.sendRedirect(target); + } + + return target; + } + + /** + * Redirect to location url + * + * @param response + * HttpServletResponse object to be used + * @param location + * target location url + * @param parameters + * GET parameters to be added + * + * @throws IOException + */ + public static void sendRedirect(HttpResponse response, String location, Map parameters) throws IOException { + sendRedirect(response, location, parameters, false); + } + + /** + * Redirect to location url + * + * @param response + * HttpServletResponse object to be used + * @param location + * target location url + * + * @throws IOException + */ + public static void sendRedirect(HttpResponse response, String location) throws IOException { + Map parameters = new HashMap<>(); + sendRedirect(response, location, parameters); + } + +} diff --git a/core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java b/core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java index 83d51767..0eb4612d 100644 --- a/core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java +++ b/core/src/main/java/com/onelogin/saml2/logout/LogoutRequest.java @@ -13,6 +13,7 @@ import javax.xml.xpath.XPathExpressionException; +import com.onelogin.saml2.http.HttpRequest; import org.apache.commons.lang3.text.StrSubstitutor; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -22,7 +23,6 @@ import com.onelogin.saml2.exception.ValidationError; import com.onelogin.saml2.exception.SettingsException; -import com.onelogin.saml2.http.HttpRequest; import com.onelogin.saml2.settings.Saml2Settings; import com.onelogin.saml2.util.Util; import com.onelogin.saml2.util.Constants; @@ -593,7 +593,7 @@ public static String getId(String samlLogoutRequestString) { /** * Returns the issue instant of the Logout Request Document. * - * @param samlLogoutRequestDocument + * @param samlLogoutRequestString * A DOMDocument object loaded from the SAML Logout Request. * * @return the issue instant of the Logout Request. diff --git a/core/src/test/java/com/onelogin/saml2/http/HttpRequestTest.java b/core/src/test/java/com/onelogin/saml2/http/HttpRequestTest.java deleted file mode 100644 index edf04c9f..00000000 --- a/core/src/test/java/com/onelogin/saml2/http/HttpRequestTest.java +++ /dev/null @@ -1,195 +0,0 @@ -package com.onelogin.saml2.http; - -import static java.util.Collections.singletonList; -import static java.util.Collections.singletonMap; -import static org.hamcrest.CoreMatchers.equalTo; -import static org.hamcrest.CoreMatchers.nullValue; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertThat; -import static org.junit.Assert.assertTrue; - -import java.util.Arrays; -import java.util.Collections; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import org.junit.Test; - -import com.onelogin.saml2.test.NaiveUrlEncoder; -import com.onelogin.saml2.util.Util; - -public class HttpRequestTest { - @Test - public void testConstructorWithNoQueryParams() throws Exception { - final String url = "url"; - - final HttpRequest request = new HttpRequest(url, (String)null); - assertThat(request.getRequestURL(), equalTo(url)); - assertThat(request.getParameters(), equalTo(Collections.>emptyMap())); - assertThat(request.getParameters("x"), equalTo(Collections.emptyList())); - assertThat(request.getParameter("x"), nullValue()); - } - - @Test - public void testConstructorWithQueryParams() throws Exception { - final String url = "url"; - final String name = "name"; - final String value1 = "val1"; - final String value2 = "val2"; - - final List values = Arrays.asList(value1, value2); - final Map> parametersMap = singletonMap(name, values); - - final HttpRequest request = new HttpRequest(url, parametersMap, null); - assertThat(request.getRequestURL(), equalTo(url)); - assertThat(request.getParameters(), equalTo(parametersMap)); - assertThat(request.getParameters(name), equalTo(values)); - assertThat(request.getParameter(name), equalTo(value1)); - } - - @Test - public void testAddParameter() throws Exception { - final String url = "some_url"; - final String name = "name"; - final String value = "value"; - - final HttpRequest request = new HttpRequest(url, (String)null).addParameter(name, value); - assertThat(request.getRequestURL(), equalTo(url)); - assertThat(request.getParameters(), equalTo(singletonMap(name, singletonList(value)))); - assertThat(request.getParameters(name), equalTo(singletonList(value))); - assertThat(request.getParameter(name), equalTo(value)); - - final HttpRequest request2 = request.addParameter(name, value); - assertThat(request2.getParameters(name), equalTo(Arrays.asList(value, value))); - } - - @Test - public void testRemoveParameter() throws Exception { - final String url = "some_url"; - final String name = "name"; - final String value = "value"; - - HttpRequest request = new HttpRequest(url, (String)null).addParameter(name, value); - assertThat(request.getRequestURL(), equalTo(url)); - assertThat(request.getParameters(), equalTo(singletonMap(name, singletonList(value)))); - assertThat(request.getParameters(name), equalTo(singletonList(value))); - assertThat(request.getParameter(name), equalTo(value)); - - request = request.removeParameter(name); - assertThat(request.getRequestURL(), equalTo(url)); - assertTrue(request.getParameters().isEmpty()); - assertTrue(request.getParameters(name).isEmpty()); - assertNull(request.getParameter(name)); - } - - @Test - public void testGetEncodedParameter_encodesParametersNotOnQueryString() throws Exception { - final String url = "url"; - final String name = "name"; - final String value1 = "val/1!"; - final String addedName = "added"; - final String addedValue = "added#value!"; - - final List values = Arrays.asList(value1); - final Map> parametersMap = singletonMap(name, values); - - final HttpRequest request = new HttpRequest(url, parametersMap, null).addParameter(addedName, addedValue); - - assertThat(request.getEncodedParameter(name), equalTo(Util.urlEncoder(value1))); - assertThat(request.getEncodedParameter(addedName), equalTo(Util.urlEncoder(addedValue))); - } - - @Test - public void testGetEncodedParameter_prefersValueFromQueryString() throws Exception { - final String url = "url"; - final String name = "name"; - final String value1 = "value1"; - final String urlValue1 = "onUrl1"; - final String queryString = name + "=" + urlValue1; - - final List values = Arrays.asList(value1); - final Map> parametersMap = singletonMap(name, values); - - final HttpRequest request = new HttpRequest(url, parametersMap, queryString); - - assertThat(request.getEncodedParameter(name), equalTo(urlValue1)); - assertThat(request.getParameter(name), equalTo(value1)); - } - - @Test - public void testGetEncodedParameter_returnsExactAsGivenInQueryString() throws Exception { - final String url = "url"; - final String name = "name"; - String encodedValue1 = NaiveUrlEncoder.encode("do not alter!"); - final String queryString = name + "=" + encodedValue1; - - final HttpRequest request = new HttpRequest(url, queryString); - - assertThat(request.getEncodedParameter(name), equalTo(encodedValue1)); - } - - @Test - public void testGetEncodedParameter_handlesMultipleValuesOnQueryString() throws Exception { - final String url = "url"; - final String queryString = "k1=v1&k2=v2&k3=v3"; - - final Map> parametersMap = new HashMap<>(); - final HttpRequest request = new HttpRequest(url, parametersMap, queryString); - - assertThat(request.getEncodedParameter("k1"), equalTo("v1")); - assertThat(request.getEncodedParameter("k2"), equalTo("v2")); - assertThat(request.getEncodedParameter("k3"), equalTo("v3")); - } - - @Test - public void testGetEncodedParameter_stopsAtUrlFragment() throws Exception { - final String url = "url"; - final String queryString = "first=&foo=bar#ignore"; - - final HttpRequest request = new HttpRequest(url, queryString); - - assertThat(request.getEncodedParameter("foo"), equalTo("bar")); - } - - @Test - public void testGetEncodedParameter_withDefault_usesDefaultWhenParameterMissing() throws Exception { - final String url = "url"; - final String foobar = "foo/bar!"; - - final HttpRequest request = new HttpRequest(url, (String)null); - assertThat(request.getEncodedParameter("missing", foobar), equalTo(Util.urlEncoder(foobar))); - } - - - @Test - public void testAddParameter_preservesQueryString() throws Exception { - final String url = "url"; - final String name = "name"; - final String value1 = "val/1!"; - String encodedValue1 = NaiveUrlEncoder.encode(value1); - final String queryString = name + "=" + encodedValue1; - - final Map> parametersMap = new HashMap<>(); - final HttpRequest request = new HttpRequest(url, parametersMap, queryString).addParameter(name, value1); - - assertThat(request.getEncodedParameter(name), equalTo(encodedValue1)); - } - - @Test - public void testRemoveParameter_preservesQueryString() throws Exception { - final String url = "url"; - final String name = "name"; - final String value1 = "val/1!"; - String encodedValue1 = NaiveUrlEncoder.encode(value1); - final String queryString = name + "=" + encodedValue1; - - final List values = Arrays.asList(value1); - final Map> parametersMap = singletonMap(name, values); - - final HttpRequest request = new HttpRequest(url, parametersMap, queryString).removeParameter(name); - - assertThat(request.getEncodedParameter(name), equalTo(encodedValue1)); - } - -} diff --git a/core/src/test/java/com/onelogin/saml2/http/HttpRequestUtilsTest.java b/core/src/test/java/com/onelogin/saml2/http/HttpRequestUtilsTest.java new file mode 100644 index 00000000..897af06e --- /dev/null +++ b/core/src/test/java/com/onelogin/saml2/http/HttpRequestUtilsTest.java @@ -0,0 +1,117 @@ +package com.onelogin.saml2.http; + +import org.junit.Test; + +import static java.util.Collections.singletonMap; +import static org.junit.Assert.assertEquals; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +public class HttpRequestUtilsTest { + + /** + * Tests the getSelfURLhost method + * + * @see HttpRequestUtils#getSelfURLhost + */ + @Test + public void testGetSelfURLhost() { + HttpRequest request_1 = mock(HttpRequest.class); + when(request_1.getScheme()).thenReturn("http"); + when(request_1.getServerName()).thenReturn("example.com"); + when(request_1.getServerPort()).thenReturn(80); + assertEquals("http://example.com", HttpRequestUtils.getSelfURLhost(request_1)); + + when(request_1.getServerPort()).thenReturn(81); + assertEquals("http://example.com:81", HttpRequestUtils.getSelfURLhost(request_1)); + + when(request_1.getScheme()).thenReturn("https"); + when(request_1.getServerPort()).thenReturn(443); + assertEquals("https://example.com", HttpRequestUtils.getSelfURLhost(request_1)); + + when(request_1.getServerPort()).thenReturn(444); + assertEquals("https://example.com:444", HttpRequestUtils.getSelfURLhost(request_1)); + } + + /** + * Tests the getSelfURL method + * + * @see HttpRequestUtils#getSelfURL + */ + @Test + public void testGetSelfURL() { + HttpRequest request_1 = mock(HttpRequest.class); + when(request_1.getScheme()).thenReturn("http"); + when(request_1.getServerName()).thenReturn("example.com"); + when(request_1.getRequestURI()).thenReturn("/test"); + when(request_1.getQueryString()).thenReturn("novalue&test=true&value1=a"); + assertEquals("http://example.com/test?novalue&test=true&value1=a", HttpRequestUtils.getSelfURL(request_1)); + + when(request_1.getRequestURI()).thenReturn("/"); + assertEquals("http://example.com/?novalue&test=true&value1=a", HttpRequestUtils.getSelfURL(request_1)); + + when(request_1.getRequestURI()).thenReturn(""); + assertEquals("http://example.com?novalue&test=true&value1=a", HttpRequestUtils.getSelfURL(request_1)); + + when(request_1.getRequestURI()).thenReturn(null); + assertEquals("http://example.com?novalue&test=true&value1=a", HttpRequestUtils.getSelfURL(request_1)); + + HttpRequest request_2 = mock(HttpRequest.class); + when(request_2.getScheme()).thenReturn("http"); + when(request_2.getServerName()).thenReturn("example.com"); + when(request_2.getRequestURI()).thenReturn("/test"); + assertEquals("http://example.com/test", HttpRequestUtils.getSelfURL(request_2)); + + when(request_2.getQueryString()).thenReturn(""); + assertEquals("http://example.com/test", HttpRequestUtils.getSelfURL(request_2)); + + when(request_2.getQueryString()).thenReturn(null); + assertEquals("http://example.com/test", HttpRequestUtils.getSelfURL(request_2)); + } + + /** + * Tests the getSelfURLNoQuery method + * + * @see HttpRequestUtils#getSelfURLNoQuery + */ + @Test + public void testGetSelfURLNoQuery() { + HttpRequest request_1 = mock(HttpRequest.class); + when(request_1.getRequestURL()).thenReturn("http://example.com/test"); + assertEquals("http://example.com/test", HttpRequestUtils.getSelfURLNoQuery(request_1)); + } + + /** + * Tests the getSelfRoutedURLNoQuery method + * + * @see HttpRequestUtils#getSelfRoutedURLNoQuery + */ + @Test + public void testGetSelfRoutedURLNoQuery() { + HttpRequest request_1 = mock(HttpRequest.class); + when(request_1.getScheme()).thenReturn("http"); + when(request_1.getServerName()).thenReturn("example.com"); + when(request_1.getRequestURI()).thenReturn("/test"); + assertEquals("http://example.com/test", HttpRequestUtils.getSelfRoutedURLNoQuery(request_1)); + + when(request_1.getRequestURI()).thenReturn(""); + assertEquals("http://example.com", HttpRequestUtils.getSelfRoutedURLNoQuery(request_1)); + + when(request_1.getRequestURI()).thenReturn(null); + assertEquals("http://example.com", HttpRequestUtils.getSelfRoutedURLNoQuery(request_1)); + } + + @Test + public void sendRedirectToShouldHandleUrlsWithQueryParams() throws Exception { + // having + final HttpResponse response = mock(HttpResponse.class); + + // when + HttpResponseUtils.sendRedirect(response, "https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=ffee-aabbb", singletonMap("SAMLRequest", "data")); + + // then + verify(response).sendRedirect("https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=ffee-aabbb&SAMLRequest=data"); + } + +} diff --git a/core/src/test/java/com/onelogin/saml2/http/HttpResponseUtilsTest.java b/core/src/test/java/com/onelogin/saml2/http/HttpResponseUtilsTest.java new file mode 100644 index 00000000..a15f6280 --- /dev/null +++ b/core/src/test/java/com/onelogin/saml2/http/HttpResponseUtilsTest.java @@ -0,0 +1,132 @@ +package com.onelogin.saml2.http; + +import org.junit.Test; + +import java.io.IOException; +import java.util.HashMap; +import java.util.Map; + +import static java.util.Collections.singletonMap; +import static org.junit.Assert.assertEquals; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +public class HttpResponseUtilsTest { + + /** + * Tests the sendRedirect method + * Use Case: Check relative and absolute urls + * + * @throws IOException + * + * @see HttpResponseUtils#sendRedirect + */ + @Test + public void testSendRedirectRelative() throws IOException { + HttpRequest request_1 = mock(HttpRequest.class); + HttpResponse response_1 = mock(HttpResponse.class); + // mock the getRequestURI() response + when(request_1.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_1, "http://example.com/expectedurl.jsp"); + // verify if a sendRedirect() was performed with the expected value + verify(response_1).sendRedirect("http://example.com/expectedurl.jsp"); + + HttpRequest request_2 = mock(HttpRequest.class); + HttpResponse response_2 = mock(HttpResponse.class); + when(request_2.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_2, "/expectedurl.jsp"); + verify(response_2).sendRedirect("/expectedurl.jsp"); + } + + /** + * Tests the sendRedirect method + * Use Case: Support https and http + * + * @throws IOException + * + * @see HttpResponseUtils#sendRedirect + */ + @Test + public void testSendRedirectProtocol() throws IOException { + HttpRequest request_1 = mock(HttpRequest.class); + HttpResponse response_1 = mock(HttpResponse.class); + when(request_1.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_1, "http://example.com/expectedurl.jsp"); + verify(response_1).sendRedirect("http://example.com/expectedurl.jsp"); + + HttpRequest request_2 = mock(HttpRequest.class); + HttpResponse response_2 = mock(HttpResponse.class); + when(request_2.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_2, "https://example.com/expectedurl.jsp"); + verify(response_2).sendRedirect("https://example.com/expectedurl.jsp"); + } + + /** + * Tests the sendRedirect method + * Use Case: Support parameters + * + * @throws IOException + * + * @see HttpResponseUtils#sendRedirect + */ + @Test + public void testSendRedirectParams() throws IOException { + Map parameters = new HashMap(); + HttpRequest request_1 = mock(HttpRequest.class); + HttpResponse response_1 = mock(HttpResponse.class); + when(request_1.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_1, "http://example.com/expectedurl.jsp", parameters); + verify(response_1).sendRedirect("http://example.com/expectedurl.jsp"); + + parameters.put("test", "true"); + HttpRequest request_2 = mock(HttpRequest.class); + HttpResponse response_2 = mock(HttpResponse.class); + when(request_2.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_2, "http://example.com/expectedurl.jsp", parameters); + verify(response_2).sendRedirect("http://example.com/expectedurl.jsp?test=true"); + + parameters.put("value1", "a"); + HttpRequest request_3 = mock(HttpRequest.class); + HttpResponse response_3 = mock(HttpResponse.class); + when(request_3.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_3, "http://example.com/expectedurl.jsp", parameters); + verify(response_3).sendRedirect("http://example.com/expectedurl.jsp?test=true&value1=a"); + + parameters.put("novalue", ""); + HttpRequest request_4 = mock(HttpRequest.class); + HttpResponse response_4 = mock(HttpResponse.class); + when(request_4.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_4, "http://example.com/expectedurl.jsp", parameters); + verify(response_4).sendRedirect("http://example.com/expectedurl.jsp?novalue&test=true&value1=a"); + + Map parameters_2 = new HashMap(); + parameters_2.put("novalue", ""); + HttpRequest request_5 = mock(HttpRequest.class); + HttpResponse response_5 = mock(HttpResponse.class); + when(request_5.getRequestURI()).thenReturn("/initial.jsp"); + HttpResponseUtils.sendRedirect(response_5, "http://example.com/expectedurl.jsp", parameters_2); + verify(response_5).sendRedirect("http://example.com/expectedurl.jsp?novalue"); + } + + /** + * Tests the sendRedirect method + * Use Case: Stay and don't execute redirection + * + * @throws IOException + * + * @see HttpResponseUtils#sendRedirect + */ + @Test + public void testSendRedirectStay() throws IOException { + HttpResponse response = mock(HttpResponse.class); + Map parameters = new HashMap(); + + String url = HttpResponseUtils.sendRedirect(response, "http://example.com/expectedurl.jsp", parameters, true); + assertEquals("http://example.com/expectedurl.jsp", url); + + url = HttpResponseUtils.sendRedirect(response, "http://example.com/expectedurl.jsp?idpid=ffee-aabbb", singletonMap("SAMLRequest", "data"), true); + assertEquals("http://example.com/expectedurl.jsp?idpid=ffee-aabbb&SAMLRequest=data", url); + } + +} diff --git a/core/src/test/java/com/onelogin/saml2/http/TestHttpRequest.java b/core/src/test/java/com/onelogin/saml2/http/TestHttpRequest.java new file mode 100644 index 00000000..45d7ed85 --- /dev/null +++ b/core/src/test/java/com/onelogin/saml2/http/TestHttpRequest.java @@ -0,0 +1,184 @@ +package com.onelogin.saml2.http; + +import static com.onelogin.saml2.util.Preconditions.checkNotNull; +import static java.util.Collections.unmodifiableList; +import static java.util.Collections.unmodifiableMap; + +import java.util.ArrayList; +import java.util.Collections; +import java.util.HashMap; +import java.util.List; +import java.util.Map; +import java.util.Objects; + +import org.apache.commons.lang3.StringUtils; + +/** + * Framework-agnostic representation of an HTTP request, used only for testing. + * + * @since 3.0.0 + */ +public class TestHttpRequest implements HttpRequest { + + public static final Map> EMPTY_PARAMETERS = Collections.emptyMap(); + + private final String requestURL; + private final Map> parameters; + private final String queryString; + + /** + * Creates a new HttpRequest. + * + * @param requestURL the request URL (up to but not including query parameters) + * @param queryString string that is contained in the request URL after the path + */ + public TestHttpRequest(String requestURL, String queryString) { + this(requestURL, EMPTY_PARAMETERS, queryString); + } + + /** + * Creates a new HttpRequest. + * + * @param requestURL the request URL (up to but not including query parameters) + * @param parameters the request query parameters + * @param queryString string that is contained in the request URL after the path + * @throws NullPointerException if any of the parameters is null + */ + public TestHttpRequest(String requestURL, Map> parameters, String queryString) { + this.requestURL = checkNotNull(requestURL, "requestURL"); + this.parameters = unmodifiableCopyOf(checkNotNull(parameters, "queryParams")); + this.queryString = StringUtils.trimToEmpty(queryString); + } + + /** + * @param name the query parameter name + * @param value the query parameter value + * @return a new HttpRequest with the given query parameter added + * @throws NullPointerException if any of the parameters is null + */ + public TestHttpRequest addParameter(String name, String value) { + checkNotNull(name, "name"); + checkNotNull(value, "value"); + + final List oldValues = parameters.containsKey(name) ? parameters.get(name) : new ArrayList(); + final List newValues = new ArrayList<>(oldValues); + newValues.add(value); + final Map> params = new HashMap<>(parameters); + params.put(name, newValues); + + return new TestHttpRequest(requestURL, params, queryString); + } + + /** + * @param name the query parameter name + * @return a new HttpRequest with the given query parameter removed + * @throws NullPointerException if any of the parameters is null + */ + public TestHttpRequest removeParameter(String name) { + checkNotNull(name, "name"); + + final Map> params = new HashMap<>(parameters); + params.remove(name); + + return new TestHttpRequest(requestURL, params, queryString); + } + + @Override + public int getServerPort() { + throw new UnsupportedOperationException(); + } + + @Override + public String getScheme() { + throw new UnsupportedOperationException(); + } + + @Override + public String getServerName() { + throw new UnsupportedOperationException(); + } + + /** + * The URL the client used to make the request. Includes a protocol, server name, port number, and server path, but + * not the query string parameters. + * + * @return the request URL + */ + @Override + public String getRequestURL() { + return requestURL; + } + + @Override + public String getRequestURI() { + throw new UnsupportedOperationException(); + } + + @Override + public String getQueryString() { + return queryString; + } + + @Override + public Map getParameterMap() { + throw new UnsupportedOperationException(); + } + + @Override + public List getParameters(String name) { + List values = parameters.get(name); + return (values != null) ? values : Collections.emptyList(); + } + + @Override + public void invalidateSession() { + throw new UnsupportedOperationException(); + } + + /** + * @return a map of all query parameters + */ + public Map> getParameters() { + return parameters; + } + + @Override + public boolean equals(Object o) { + if (this == o) { + return true; + } + + if (o == null || getClass() != o.getClass()) { + return false; + } + + TestHttpRequest that = (TestHttpRequest) o; + return Objects.equals(requestURL, that.requestURL) && + Objects.equals(parameters, that.parameters) && + Objects.equals(queryString, that.queryString); + } + + @Override + public int hashCode() { + return Objects.hash(requestURL, parameters, queryString); + } + + @Override + public String toString() { + return "TestHttpRequest{" + + "requestURL='" + requestURL + '\'' + + ", parameters=" + parameters + + ", queryString=" + queryString + + '}'; + } + + private static Map> unmodifiableCopyOf(Map> orig) { + Map> copy = new HashMap<>(); + for (Map.Entry> entry : orig.entrySet()) { + copy.put(entry.getKey(), unmodifiableList(new ArrayList<>(entry.getValue()))); + } + + return unmodifiableMap(copy); + } + +} diff --git a/core/src/test/java/com/onelogin/saml2/test/authn/AuthnResponseTest.java b/core/src/test/java/com/onelogin/saml2/test/authn/AuthnResponseTest.java index 17c9087f..b57175b5 100644 --- a/core/src/test/java/com/onelogin/saml2/test/authn/AuthnResponseTest.java +++ b/core/src/test/java/com/onelogin/saml2/test/authn/AuthnResponseTest.java @@ -5,6 +5,7 @@ import com.onelogin.saml2.exception.SettingsException; import com.onelogin.saml2.exception.ValidationError; import com.onelogin.saml2.http.HttpRequest; +import com.onelogin.saml2.http.TestHttpRequest; import com.onelogin.saml2.model.SamlResponseStatus; import com.onelogin.saml2.settings.Saml2Settings; import com.onelogin.saml2.settings.SettingsBuilder; @@ -3327,7 +3328,7 @@ private static HttpRequest newHttpRequest(String samlResponseEncoded) { } private static HttpRequest newHttpRequest(String requestURL, String samlResponseEncoded) { - return new HttpRequest(requestURL, (String)null).addParameter("SAMLResponse", samlResponseEncoded); + return new TestHttpRequest(requestURL, (String)null).addParameter("SAMLResponse", samlResponseEncoded); } } diff --git a/core/src/test/java/com/onelogin/saml2/test/logout/LogoutRequestTest.java b/core/src/test/java/com/onelogin/saml2/test/logout/LogoutRequestTest.java index 4318c1f9..cfd22de2 100644 --- a/core/src/test/java/com/onelogin/saml2/test/logout/LogoutRequestTest.java +++ b/core/src/test/java/com/onelogin/saml2/test/logout/LogoutRequestTest.java @@ -23,6 +23,8 @@ import java.security.PrivateKey; +import com.onelogin.saml2.http.HttpRequest; +import com.onelogin.saml2.http.TestHttpRequest; import org.w3c.dom.Document; import org.junit.Rule; import org.junit.Test; @@ -30,7 +32,6 @@ import com.onelogin.saml2.logout.LogoutRequest; import com.onelogin.saml2.logout.LogoutRequestParams; -import com.onelogin.saml2.http.HttpRequest; import com.onelogin.saml2.exception.XMLEntityException; import com.onelogin.saml2.exception.Error; import com.onelogin.saml2.exception.SettingsException; @@ -869,7 +870,7 @@ public void testIsInValidSign_defaultUrlEncode() throws Exception { //This signature is based on the query string above String signature = "27tdJT0kmletQ/fSUhB6Y8L0S6Y7pcZlGFvOCCVcqZZDyxlZBaCfmLlDXhB3/oJrWRn8injiY44h1BnCsughYQjTGBWZi175J9HA/dYhMZ+IFw9V/oUrRTY8/o9kFQSIefhQcJoegY2BvJVDSKeqYg2mCcQnItyceLhS1eiEQy0="; - HttpRequest httpRequest = new HttpRequest(requestURL) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, queryString) .addParameter("SAMLRequest", samlRequestEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -898,7 +899,7 @@ public void testIsInValidSign_naiveUrlEncoding() throws Exception { //This signature is based on the query string above String signatureNaiveEncoding = "j/qDRTzgQw3cMDkkSkBOShqxi3t9qJxYnrADqwAECnJ3Y+iYgT33C0l/Vy3+ooQkFRyObYJqg9o7iIcMdgV6CXxpa6itVIUAI2VJewsMjzvJ4OdpePeSx7+/umVPKCfMvffsELlqo/UgxsyRZh8NMLej0ojCB7bUfIMKsiU7e0c="; - HttpRequest httpRequest = new HttpRequest(requestURL, queryString) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, queryString) .addParameter("SAMLRequest", samlRequestEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -928,7 +929,7 @@ public void testIsInValidSign() throws Exception { String sigAlg = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; String signature = "j/qDRTzgQw3cMDkkSkBOShqxi3t9qJxYnrADqwAECnJ3Y+iYgT33C0l/Vy3+ooQkFRyObYJqg9o7iIcMdgV6CXxpa6itVIUAI2VJewsMjzvJ4OdpePeSx7+/umVPKCfMvffsELlqo/UgxsyRZh8NMLej0ojCB7bUfIMKsiU7e0c="; - HttpRequest httpRequest = new HttpRequest(requestURL, (String)null) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, (String)null) .addParameter("SAMLRequest", samlRequestEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -993,7 +994,7 @@ public void testIsInValidSignWithDeprecatedAlg() throws Exception { String sigAlg = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; String signature = "XCwCyI5cs7WhiJlB5ktSlWxSBxv+6q2xT3c8L7dLV6NQG9LHWhN7gf8qNsahSXfCzA0Ey9dp5BQ0EdRvAk2DIzKmJY6e3hvAIEp1zglHNjzkgcQmZCcrkK9Czi2Y1WkjOwR/WgUTUWsGJAVqVvlRZuS3zk3nxMrLH6f7toyvuJc="; - HttpRequest httpRequest = new HttpRequest(requestURL, (String)null) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, (String)null) .addParameter("SAMLRequest", samlRequestEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -1084,7 +1085,7 @@ public void testGetError() throws Exception { } private static HttpRequest newHttpRequest(String requestURL, String samlRequestEncoded) { - return new HttpRequest(requestURL, (String)null).addParameter("SAMLRequest", samlRequestEncoded); + return new TestHttpRequest(requestURL, (String)null).addParameter("SAMLRequest", samlRequestEncoded); } /** @@ -1092,7 +1093,7 @@ private static HttpRequest newHttpRequest(String requestURL, String samlRequestE * * @throws Exception * - * @see com.onelogin.saml2.logout.LogoutRequest#postProcessXml + * @see com.onelogin.saml2.logout.LogoutRequest#postProcessXml(String, LogoutRequestParams, Saml2Settings) */ @Test public void testPostProcessXml() throws Exception { diff --git a/core/src/test/java/com/onelogin/saml2/test/logout/LogoutResponseTest.java b/core/src/test/java/com/onelogin/saml2/test/logout/LogoutResponseTest.java index 47a2a1c8..aadfd506 100644 --- a/core/src/test/java/com/onelogin/saml2/test/logout/LogoutResponseTest.java +++ b/core/src/test/java/com/onelogin/saml2/test/logout/LogoutResponseTest.java @@ -18,6 +18,8 @@ import javax.xml.xpath.XPathExpressionException; +import com.onelogin.saml2.http.HttpRequest; +import com.onelogin.saml2.http.TestHttpRequest; import org.junit.Test; import com.onelogin.saml2.exception.Error; @@ -47,7 +49,7 @@ public void testGetEncodedLogoutResponseSimulated() throws Exception { Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); final String logoutResponseString = Util.getFileAsString("data/logout_responses/logout_response.xml"); final String requestURL = "/"; - HttpRequest httpRequest = new HttpRequest(requestURL, (String)null); + HttpRequest httpRequest = new TestHttpRequest(requestURL, (String)null); LogoutResponse logoutResponseBuilder = new LogoutResponse(settings, httpRequest) { @Override @@ -203,7 +205,7 @@ public void testBuild() throws IOException, XMLEntityException, URISyntaxExcepti Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); final String requestURL = "/"; - HttpRequest httpRequest = new HttpRequest(requestURL, (String)null); + HttpRequest httpRequest = new TestHttpRequest(requestURL, (String)null); LogoutResponse logoutResponse = new LogoutResponse(settings, httpRequest); assertFalse(logoutResponse.isValid()); @@ -524,7 +526,7 @@ public void testIsValidNoResponse() throws XMLEntityException, IOException, Erro assertFalse(logoutResponse.isValid()); assertEquals("SAML Logout Response is not loaded", logoutResponse.getError()); - httpRequest = new HttpRequest(requestURL, (String)null); + httpRequest = new TestHttpRequest(requestURL, (String)null); logoutResponse = new LogoutResponse(settings, httpRequest); assertFalse(logoutResponse.isValid()); assertEquals("SAML Logout Response is not loaded", logoutResponse.getError()); @@ -707,7 +709,7 @@ public void testIsInValidSign_defaultUrlEncode() throws Exception { //This signature is based on the query string above String signature = "czxEy2WDRZS1U4b2PQFpE4KRhRs8jt5bBKdTFx5oIXpte6qtm0Lk/5lzw/2S6Y1NJpj5DJvSLJvylgNE+RYfJR1GX0zQplm2dZYtlo7CZUyfS3JCLsWviEtPXaon+8Z0lQQkPt4yxCf9v8Qd0pvxHglTUCK/sU0NXnZQdpSxxfsaNCcjQf5gTg/gj8oI7xdrnamBPFtsaH6tAirkjGMoYS4Otju3mcrdcNBIHG40wrffUDnE83Jw4AOFCp8Vsf0zPTQOQsxS4HF4VS78OvGn7jLi2MdabeAQcK5+tP3mUB4vO8AAt8QbkEEiWQbcvA9i1Ezma92CdNYgaf4B3JYpPA=="; - HttpRequest httpRequest = new HttpRequest(requestURL, queryString) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, queryString) .addParameter("SAMLResponse", samlResponseEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -736,7 +738,7 @@ public void testIsInValidSign_naiveUrlEncoding() throws Exception { //This signature is based on the query string above String signature = "eSoTB+0GA/HfncASEFk7ONHbB3+9YrOBgK9xUyRoCDY97oXw49JYoXOL07kHrVvbngKmKFNx5fnYtDaL8WCe5LfRRgjJz1LLacriHn2ggeMmY/fTaXPoy2zQW0Fv1H362QXicTWQXgWFS5cJAIcBa2I7TLgNwXsMgjdBF2hyacW0IwfkAceGiBwDDTy6XIBAZk2Ff7w5lbZh+fa5JLNKrbvoveJk2NS3KK6INYO7UW5hukWz2cpzbHsx9lfxUJi8/ZCwUtFWZ4rdXVN+Qiw5y8S2eE2BIEfFmz7IfvrMRXa2la/rXFQfmteQo+N1sO3K1YZyoT/aA3k36glXvnj3kw=="; - HttpRequest httpRequest = new HttpRequest(requestURL, queryString) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, queryString) .addParameter("SAMLResponse", samlResponseEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -769,7 +771,7 @@ public void testIsInValidSign() throws URISyntaxException, IOException, XMLEntit String sigAlg = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; String signature = "vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVfNKGA="; - HttpRequest httpRequest = new HttpRequest(requestURL, (String)null) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, (String)null) .addParameter("SAMLResponse", samlResponseEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -835,7 +837,7 @@ public void testIsInValidSignWithDeprecatedAlg() throws URISyntaxException, IOEx String sigAlg = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; String signature = "vfWbbc47PkP3ejx4bjKsRX7lo9Ml1WRoE5J5owF/0mnyKHfSY6XbhO1wwjBV5vWdrUVX+xp6slHyAf4YoAsXFS0qhan6txDiZY4Oec6yE+l10iZbzvie06I4GPak4QrQ4gAyXOSzwCrRmJu4gnpeUxZ6IqKtdrKfAYRAcVfNKGA="; - HttpRequest httpRequest = new HttpRequest(requestURL, (String)null) + TestHttpRequest httpRequest = new TestHttpRequest(requestURL, (String)null) .addParameter("SAMLResponse", samlResponseEncoded) .addParameter("RelayState", relayState) .addParameter("SigAlg", sigAlg) @@ -904,7 +906,7 @@ public void testGetError() throws URISyntaxException, IOException, XMLEntityExce } private static HttpRequest newHttpRequest(String requestURL, String samlResponseEncoded) { - return new HttpRequest(requestURL, (String)null).addParameter("SAMLResponse", samlResponseEncoded); + return new TestHttpRequest(requestURL, (String)null).addParameter("SAMLResponse", samlResponseEncoded); } /** diff --git a/core/src/test/resources/data/logout_requests/invalids/no_nameId.xml b/core/src/test/resources/data/logout_requests/invalids/no_nameId.xml index 2390536a..e33a43b4 100644 --- a/core/src/test/resources/data/logout_requests/invalids/no_nameId.xml +++ b/core/src/test/resources/data/logout_requests/invalids/no_nameId.xml @@ -5,7 +5,7 @@ Version="2.0" IssueInstant="2013-12-10T04:39:31Z" Destination="http://stuff.com/endpoints/endpoints/sls.php" - NotOnOrAfter="2023-05-10T04:39:31Z" + NotOnOrAfter="2033-05-10T04:39:31Z" > https://example.hello.com/access/saml diff --git a/pom.xml b/pom.xml index e2e39801..c98bb0f9 100644 --- a/pom.xml +++ b/pom.xml @@ -2,7 +2,7 @@ 4.0.0 com.onelogin java-saml-toolkit - 2.9.1-SNAPSHOT + 3.0.0-SNAPSHOT pom java-saml Toolkit Project @@ -22,6 +22,9 @@ core toolkit samples + + servlet-javax + servlet-jakarta @@ -117,7 +120,7 @@ maven-compiler-plugin - 3.8.1 + 3.11.0 1.8 1.8 @@ -126,7 +129,7 @@ org.apache.maven.plugins maven-release-plugin - 2.5.3 + 3.0.1 true false @@ -184,7 +187,7 @@ org.apache.maven.plugins maven-source-plugin - 3.2.1 + 3.3.0 attach-sources @@ -213,7 +216,7 @@ org.apache.maven.plugins maven-gpg-plugin - 3.0.1 + 3.1.0 sign-artifacts diff --git a/samples/java-saml-tookit-jspsample/pom.xml b/samples/java-saml-tookit-jspsample/pom.xml index d960d4f7..e0007cdf 100644 --- a/samples/java-saml-tookit-jspsample/pom.xml +++ b/samples/java-saml-tookit-jspsample/pom.xml @@ -3,7 +3,7 @@ com.onelogin java-saml-tookit-samples - 2.9.1-SNAPSHOT + 3.0.0-SNAPSHOT java-saml-tookit-jspsample diff --git a/samples/pom.xml b/samples/pom.xml index 36ab644b..a1d245a5 100644 --- a/samples/pom.xml +++ b/samples/pom.xml @@ -3,7 +3,7 @@ com.onelogin java-saml-toolkit - 2.9.1-SNAPSHOT + 3.0.0-SNAPSHOT java-saml-tookit-samples diff --git a/servlet-jakarta/pom.xml b/servlet-jakarta/pom.xml new file mode 100644 index 00000000..bdb241d8 --- /dev/null +++ b/servlet-jakarta/pom.xml @@ -0,0 +1,99 @@ + + 4.0.0 + + com.onelogin + java-saml-toolkit + 3.0.0-SNAPSHOT + + + jar + java-saml Jakarta servlet EE9 bindings + java-saml-servlet-jakarta + + + + com.onelogin + java-saml-core + ${project.version} + + + com.onelogin + java-saml + ${project.version} + + + + jakarta.servlet + jakarta.servlet-api + 6.0.0 + provided + + + + + com.onelogin + java-saml-core + ${project.version} + test-jar + test + + + org.hamcrest + hamcrest-core + test + + + org.hamcrest + hamcrest-library + test + + + junit + junit + test + + + org.mockito + mockito-core + 1.10.19 + test + + + + + + + org.jacoco + jacoco-maven-plugin + 0.8.10 + + jacoco.agent.argLine + + + + prepare-agent + + prepare-agent + + + + + + org.apache.maven.plugins + maven-surefire-plugin + 2.22.2 + + ${project.build.sourceEncoding} + ${project.build.sourceEncoding} + ${project.build.sourceEncoding} + ${jacoco.agent.argLine} -Dfile.encoding=${project.build.sourceEncoding} -Dline.separator=\n + + + + + + diff --git a/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlAuth.java b/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlAuth.java new file mode 100644 index 00000000..99b041fc --- /dev/null +++ b/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlAuth.java @@ -0,0 +1,54 @@ +package com.onelogin.saml2.servlet.jakarta; + +import com.onelogin.saml2.BaseAuth; +import com.onelogin.saml2.exception.Error; +import com.onelogin.saml2.exception.SettingsException; +import com.onelogin.saml2.model.KeyStoreSettings; +import com.onelogin.saml2.settings.Saml2Settings; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + +import java.io.IOException; + +import static com.onelogin.saml2.servlet.jakarta.JakartaSamlHttpRequest.makeHttpRequest; +import static com.onelogin.saml2.servlet.jakarta.JakartaSamlHttpResponse.makeHttpResponse; + +public class JakartaSamlAuth extends BaseAuth { + + public JakartaSamlAuth() throws IOException, SettingsException, Error { + super(); + } + + public JakartaSamlAuth(KeyStoreSettings keyStoreSetting) throws IOException, SettingsException, Error { + super(keyStoreSetting); + } + + public JakartaSamlAuth(String filename) throws IOException, SettingsException, Error { + super(filename); + } + + public JakartaSamlAuth(String filename, KeyStoreSettings keyStoreSetting) throws IOException, SettingsException, Error { + super(filename, keyStoreSetting); + } + + public JakartaSamlAuth(HttpServletRequest request, HttpServletResponse response) throws IOException, SettingsException, Error { + super(makeHttpRequest(request), makeHttpResponse(response)); + } + + public JakartaSamlAuth(KeyStoreSettings keyStoreSetting, HttpServletRequest request, HttpServletResponse response) throws IOException, SettingsException, Error { + super(keyStoreSetting, makeHttpRequest(request), makeHttpResponse(response)); + } + + public JakartaSamlAuth(String filename, HttpServletRequest request, HttpServletResponse response) throws SettingsException, IOException, Error { + super(filename, makeHttpRequest(request), makeHttpResponse(response)); + } + + public JakartaSamlAuth(String filename, KeyStoreSettings keyStoreSetting, HttpServletRequest request, HttpServletResponse response) throws SettingsException, IOException, Error { + super(filename, keyStoreSetting, makeHttpRequest(request), makeHttpResponse(response)); + } + + public JakartaSamlAuth(Saml2Settings settings, HttpServletRequest request, HttpServletResponse response) throws SettingsException { + super(settings, makeHttpRequest(request), makeHttpResponse(response)); + } + +} diff --git a/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlHttpRequest.java b/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlHttpRequest.java new file mode 100644 index 00000000..5fd4886f --- /dev/null +++ b/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlHttpRequest.java @@ -0,0 +1,72 @@ +package com.onelogin.saml2.servlet.jakarta; + +import com.onelogin.saml2.http.HttpRequest; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpSession; + +import java.util.Map; + +import static com.onelogin.saml2.util.Preconditions.checkNotNull; + +/** + * An EE9 or later implementation of {@link HttpRequest} based the {@code jakarta} flavor + * of {@link HttpServletRequest}. + * + * @see JakartaSamlHttpRequest#makeHttpRequest(HttpServletRequest) + */ +public class JakartaSamlHttpRequest implements HttpRequest { + + private final HttpServletRequest delegate; + + private JakartaSamlHttpRequest(HttpServletRequest delegate) { + this.delegate = checkNotNull(delegate, "Servlet request cannot be null."); + } + + @Override + public int getServerPort() { + return delegate.getServerPort(); + } + + @Override + public String getScheme() { + return delegate.getScheme(); + } + + @Override + public String getServerName() { + return delegate.getServerName(); + } + + @Override + public String getRequestURL() { + return delegate.getRequestURL().toString(); + } + + @Override + public String getRequestURI() { + return delegate.getRequestURI(); + } + + @Override + public String getQueryString() { + return delegate.getQueryString(); + } + + @Override + public Map getParameterMap() { + return delegate.getParameterMap(); + } + + @Override + public void invalidateSession() { + HttpSession session = delegate.getSession(false); + if (session != null) { + session.invalidate(); + } + } + + public static HttpRequest makeHttpRequest(HttpServletRequest delegate) { + return new JakartaSamlHttpRequest(delegate); + } + +} diff --git a/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlHttpResponse.java b/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlHttpResponse.java new file mode 100644 index 00000000..d6f14f04 --- /dev/null +++ b/servlet-jakarta/src/main/java/com/onelogin/saml2/servlet/jakarta/JakartaSamlHttpResponse.java @@ -0,0 +1,33 @@ +package com.onelogin.saml2.servlet.jakarta; + +import com.onelogin.saml2.http.HttpResponse; +import jakarta.servlet.http.HttpServletResponse; + +import java.io.IOException; + +import static com.onelogin.saml2.util.Preconditions.checkNotNull; + +/** + * An EE9 or later implementation of {@link HttpResponse} based the {@code jakarta} flavor + * of {@link HttpServletResponse}. + * + * @see JakartaSamlHttpResponse#makeHttpResponse(HttpServletResponse) + */ +public class JakartaSamlHttpResponse implements HttpResponse { + + private final HttpServletResponse delegate; + + private JakartaSamlHttpResponse(HttpServletResponse delegate) { + this.delegate = checkNotNull(delegate, "Servlet response cannot be null."); + } + + @Override + public void sendRedirect(String location) throws IOException { + delegate.sendRedirect(location); + } + + public static HttpResponse makeHttpResponse(HttpServletResponse delegate) { + return new JakartaSamlHttpResponse(delegate); + } + +} diff --git a/servlet-jakarta/src/test/java/com/onelogin/saml2/test/servlet/jakarta/.gitkeep b/servlet-jakarta/src/test/java/com/onelogin/saml2/test/servlet/jakarta/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/servlet-jakarta/src/test/resources/logback-test.xml b/servlet-jakarta/src/test/resources/logback-test.xml new file mode 100644 index 00000000..60ee6121 --- /dev/null +++ b/servlet-jakarta/src/test/resources/logback-test.xml @@ -0,0 +1,16 @@ + + + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + + + \ No newline at end of file diff --git a/servlet-javax/pom.xml b/servlet-javax/pom.xml new file mode 100644 index 00000000..4f5c81f6 --- /dev/null +++ b/servlet-javax/pom.xml @@ -0,0 +1,99 @@ + + 4.0.0 + + com.onelogin + java-saml-toolkit + 3.0.0-SNAPSHOT + + + jar + java-saml Javax Servlet bindings + java-saml-servlet-javax + + + + com.onelogin + java-saml-core + ${project.version} + + + com.onelogin + java-saml + ${project.version} + + + + javax.servlet + javax.servlet-api + 4.0.1 + provided + + + + + com.onelogin + java-saml-core + ${project.version} + test-jar + test + + + org.hamcrest + hamcrest-core + test + + + org.hamcrest + hamcrest-library + test + + + junit + junit + test + + + org.mockito + mockito-core + 1.10.19 + test + + + + + + + org.jacoco + jacoco-maven-plugin + 0.8.10 + + jacoco.agent.argLine + + + + prepare-agent + + prepare-agent + + + + + + org.apache.maven.plugins + maven-surefire-plugin + 2.22.2 + + ${project.build.sourceEncoding} + ${project.build.sourceEncoding} + ${project.build.sourceEncoding} + ${jacoco.agent.argLine} -Dfile.encoding=${project.build.sourceEncoding} -Dline.separator=\n + + + + + + diff --git a/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlAuth.java b/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlAuth.java new file mode 100644 index 00000000..f67f08b0 --- /dev/null +++ b/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlAuth.java @@ -0,0 +1,54 @@ +package com.onelogin.saml2.servlet.javax; + +import com.onelogin.saml2.BaseAuth; +import com.onelogin.saml2.exception.Error; +import com.onelogin.saml2.exception.SettingsException; +import com.onelogin.saml2.model.KeyStoreSettings; +import com.onelogin.saml2.settings.Saml2Settings; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +import static com.onelogin.saml2.servlet.javax.JavaxSamlHttpRequest.makeHttpRequest; +import static com.onelogin.saml2.servlet.javax.JavaxSamlHttpResponse.makeHttpResponse; + +public class JavaxSamlAuth extends BaseAuth { + + public JavaxSamlAuth() throws IOException, SettingsException, Error { + super(); + } + + public JavaxSamlAuth(KeyStoreSettings keyStoreSetting) throws IOException, SettingsException, Error { + super(keyStoreSetting); + } + + public JavaxSamlAuth(String filename) throws IOException, SettingsException, Error { + super(filename); + } + + public JavaxSamlAuth(String filename, KeyStoreSettings keyStoreSetting) throws IOException, SettingsException, Error { + super(filename, keyStoreSetting); + } + + public JavaxSamlAuth(HttpServletRequest request, HttpServletResponse response) throws IOException, SettingsException, Error { + super(makeHttpRequest(request), makeHttpResponse(response)); + } + + public JavaxSamlAuth(KeyStoreSettings keyStoreSetting, HttpServletRequest request, HttpServletResponse response) throws IOException, SettingsException, Error { + super(keyStoreSetting, makeHttpRequest(request), makeHttpResponse(response)); + } + + public JavaxSamlAuth(String filename, HttpServletRequest request, HttpServletResponse response) throws SettingsException, IOException, Error { + super(filename, makeHttpRequest(request), makeHttpResponse(response)); + } + + public JavaxSamlAuth(String filename, KeyStoreSettings keyStoreSetting, HttpServletRequest request, HttpServletResponse response) throws SettingsException, IOException, Error { + super(filename, keyStoreSetting, makeHttpRequest(request), makeHttpResponse(response)); + } + + public JavaxSamlAuth(Saml2Settings settings, HttpServletRequest request, HttpServletResponse response) throws SettingsException { + super(settings, makeHttpRequest(request), makeHttpResponse(response)); + } + +} diff --git a/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlHttpRequest.java b/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlHttpRequest.java new file mode 100644 index 00000000..fbb8e97a --- /dev/null +++ b/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlHttpRequest.java @@ -0,0 +1,72 @@ +package com.onelogin.saml2.servlet.javax; + +import com.onelogin.saml2.http.HttpRequest; + +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpSession; +import java.util.Map; + +import static com.onelogin.saml2.util.Preconditions.checkNotNull; + +/** + * A pre EE9 implementation of {@link HttpRequest} based the {@code javax} flavor + * of {@link HttpServletRequest}. + * + * @see JavaxSamlHttpRequest#makeHttpRequest(HttpServletRequest) + */ +public class JavaxSamlHttpRequest implements HttpRequest { + + private final HttpServletRequest delegate; + + private JavaxSamlHttpRequest(HttpServletRequest delegate) { + this.delegate = checkNotNull(delegate, "Servlet request cannot be null."); + } + + @Override + public int getServerPort() { + return delegate.getServerPort(); + } + + @Override + public String getScheme() { + return delegate.getScheme(); + } + + @Override + public String getServerName() { + return delegate.getServerName(); + } + + @Override + public String getRequestURL() { + return delegate.getRequestURL().toString(); + } + + @Override + public String getRequestURI() { + return delegate.getRequestURI(); + } + + @Override + public String getQueryString() { + return delegate.getQueryString(); + } + + @Override + public Map getParameterMap() { + return delegate.getParameterMap(); + } + + @Override + public void invalidateSession() { + HttpSession session = delegate.getSession(false); + if (session != null) { + session.invalidate(); + } + } + + public static HttpRequest makeHttpRequest(HttpServletRequest delegate) { + return new JavaxSamlHttpRequest(delegate); + } + +} diff --git a/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlHttpResponse.java b/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlHttpResponse.java new file mode 100644 index 00000000..8fe21f3c --- /dev/null +++ b/servlet-javax/src/main/java/com/onelogin/saml2/servlet/javax/JavaxSamlHttpResponse.java @@ -0,0 +1,33 @@ +package com.onelogin.saml2.servlet.javax; + +import com.onelogin.saml2.http.HttpResponse; + +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; + +import static com.onelogin.saml2.util.Preconditions.checkNotNull; + +/** + * A pre EE9 implementation of {@link HttpResponse} based the {@code javax} flavor + * of {@link HttpServletResponse}. + * + * @see JavaxSamlHttpResponse#makeHttpResponse(HttpServletResponse) + */ +public class JavaxSamlHttpResponse implements HttpResponse { + + private final HttpServletResponse delegate; + + private JavaxSamlHttpResponse(HttpServletResponse delegate) { + this.delegate = checkNotNull(delegate, "Servlet response cannot be null."); + } + + @Override + public void sendRedirect(String location) throws IOException { + delegate.sendRedirect(location); + } + + public static HttpResponse makeHttpResponse(HttpServletResponse delegate) { + return new JavaxSamlHttpResponse(delegate); + } + +} diff --git a/servlet-javax/src/test/java/com/onelogin/saml2/test/servlet/javax/.gitkeep b/servlet-javax/src/test/java/com/onelogin/saml2/test/servlet/javax/.gitkeep new file mode 100644 index 00000000..e69de29b diff --git a/servlet-javax/src/test/resources/logback-test.xml b/servlet-javax/src/test/resources/logback-test.xml new file mode 100644 index 00000000..60ee6121 --- /dev/null +++ b/servlet-javax/src/test/resources/logback-test.xml @@ -0,0 +1,16 @@ + + + + + + %d{HH:mm:ss.SSS} [%thread] %-5level %logger{36} - %msg%n + + + + + + + + + + \ No newline at end of file diff --git a/toolkit/pom.xml b/toolkit/pom.xml index 69d723b1..eec5afa0 100644 --- a/toolkit/pom.xml +++ b/toolkit/pom.xml @@ -3,7 +3,7 @@ com.onelogin java-saml-toolkit - 2.9.1-SNAPSHOT + 3.0.0-SNAPSHOT jar @@ -43,6 +43,7 @@ org.mockito mockito-core + 1.10.19 test @@ -50,21 +51,15 @@ org.slf4j slf4j-api + 2.0.5 ch.qos.logback logback-classic + 1.4.7 true - - - javax.servlet - javax.servlet-api - 4.0.1 - provided - - org.apache.commons diff --git a/toolkit/src/main/java/com/onelogin/saml2/Auth.java b/toolkit/src/main/java/com/onelogin/saml2/BaseAuth.java similarity index 95% rename from toolkit/src/main/java/com/onelogin/saml2/Auth.java rename to toolkit/src/main/java/com/onelogin/saml2/BaseAuth.java index 9d8f29cb..222d9702 100644 --- a/toolkit/src/main/java/com/onelogin/saml2/Auth.java +++ b/toolkit/src/main/java/com/onelogin/saml2/BaseAuth.java @@ -14,9 +14,10 @@ import java.util.List; import java.util.Map; -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - +import com.onelogin.saml2.http.HttpRequestUtils; +import com.onelogin.saml2.http.HttpResponseUtils; +import com.onelogin.saml2.http.HttpRequest; +import com.onelogin.saml2.http.HttpResponse; import org.apache.commons.lang3.StringUtils; import org.slf4j.Logger; import org.slf4j.LoggerFactory; @@ -27,14 +28,12 @@ import com.onelogin.saml2.exception.SettingsException; import com.onelogin.saml2.factory.SamlMessageFactory; import com.onelogin.saml2.exception.Error; -import com.onelogin.saml2.http.HttpRequest; import com.onelogin.saml2.logout.LogoutRequest; import com.onelogin.saml2.logout.LogoutRequestParams; import com.onelogin.saml2.logout.LogoutResponse; import com.onelogin.saml2.logout.LogoutResponseParams; import com.onelogin.saml2.model.SamlResponseStatus; import com.onelogin.saml2.model.KeyStoreSettings; -import com.onelogin.saml2.servlet.ServletUtils; import com.onelogin.saml2.settings.Saml2Settings; import com.onelogin.saml2.settings.SettingsBuilder; import com.onelogin.saml2.util.Constants; @@ -50,11 +49,12 @@ * * This is stateful and not thread-safe, you should create a new instance for each request/response. */ -public class Auth { +public class BaseAuth { + /** * Private property to construct a logger for this class. */ - private static final Logger LOGGER = LoggerFactory.getLogger(Auth.class); + private static final Logger LOGGER = LoggerFactory.getLogger(BaseAuth.class); /** * Settings data. @@ -62,14 +62,14 @@ public class Auth { private Saml2Settings settings; /** - * HttpServletRequest object to be processed (Contains GET and POST parameters, session, ...). + * HttpRequest object to be processed (Contains GET and POST parameters, session, ...). */ - private HttpServletRequest request; + private HttpRequest request; /** - * HttpServletResponse object to be used (For example to execute the redirections). + * HttpResponse object to be used (For example to execute the redirections). */ - private HttpServletResponse response; + private HttpResponse response; /** * NameID. @@ -180,7 +180,7 @@ public class Auth { * @throws SettingsException * @throws Error */ - public Auth() throws IOException, SettingsException, Error { + public BaseAuth() throws IOException, SettingsException, Error { this(new SettingsBuilder().fromFile("onelogin.saml.properties").build(), null, null); } @@ -193,7 +193,7 @@ public Auth() throws IOException, SettingsException, Error { * @throws SettingsException * @throws Error */ - public Auth(KeyStoreSettings keyStoreSetting) throws IOException, SettingsException, Error { + public BaseAuth(KeyStoreSettings keyStoreSetting) throws IOException, SettingsException, Error { this("onelogin.saml.properties", keyStoreSetting); } @@ -206,7 +206,7 @@ public Auth(KeyStoreSettings keyStoreSetting) throws IOException, SettingsExcept * @throws SettingsException * @throws Error */ - public Auth(String filename) throws IOException, SettingsException, Error { + public BaseAuth(String filename) throws IOException, SettingsException, Error { this(filename, null, null, null); } @@ -220,7 +220,7 @@ public Auth(String filename) throws IOException, SettingsException, Error { * @throws SettingsException * @throws Error */ - public Auth(String filename, KeyStoreSettings keyStoreSetting) + public BaseAuth(String filename, KeyStoreSettings keyStoreSetting) throws IOException, SettingsException, Error { this(new SettingsBuilder().fromFile(filename, keyStoreSetting).build(), null, null); } @@ -228,14 +228,14 @@ public Auth(String filename, KeyStoreSettings keyStoreSetting) /** * Initializes the SP SAML instance. * - * @param request HttpServletRequest object to be processed - * @param response HttpServletResponse object to be used + * @param request HttpRequest object to be processed + * @param response HttpResponse object to be used * * @throws IOException * @throws SettingsException * @throws Error */ - public Auth(HttpServletRequest request, HttpServletResponse response) throws IOException, SettingsException, Error { + public BaseAuth(HttpRequest request, HttpResponse response) throws IOException, SettingsException, Error { this(new SettingsBuilder().fromFile("onelogin.saml.properties").build(), request, response); } @@ -243,14 +243,14 @@ public Auth(HttpServletRequest request, HttpServletResponse response) throws IOE * Initializes the SP SAML instance. * * @param keyStoreSetting KeyStoreSettings is a KeyStore which have the Private/Public keys - * @param request HttpServletRequest object to be processed - * @param response HttpServletResponse object to be used + * @param request HttpRequest object to be processed + * @param response HttpResponse object to be used * * @throws IOException * @throws SettingsException * @throws Error */ - public Auth(KeyStoreSettings keyStoreSetting, HttpServletRequest request, HttpServletResponse response) + public BaseAuth(KeyStoreSettings keyStoreSetting, HttpRequest request, HttpResponse response) throws IOException, SettingsException, Error { this(new SettingsBuilder().fromFile("onelogin.saml.properties", keyStoreSetting).build(), request, response); @@ -260,14 +260,14 @@ public Auth(KeyStoreSettings keyStoreSetting, HttpServletRequest request, HttpSe * Initializes the SP SAML instance. * * @param filename String Filename with the settings - * @param request HttpServletRequest object to be processed - * @param response HttpServletResponse object to be used + * @param request HttpRequest object to be processed + * @param response HttpResponse object to be used * * @throws SettingsException * @throws IOException * @throws Error */ - public Auth(String filename, HttpServletRequest request, HttpServletResponse response) + public BaseAuth(String filename, HttpRequest request, HttpResponse response) throws SettingsException, IOException, Error { this(filename, null, request, response); } @@ -277,15 +277,15 @@ public Auth(String filename, HttpServletRequest request, HttpServletResponse res * * @param filename String Filename with the settings * @param keyStoreSetting KeyStoreSettings is a KeyStore which have the Private/Public keys - * @param request HttpServletRequest object to be processed - * @param response HttpServletResponse object to be used + * @param request HttpRequest object to be processed + * @param response HttpResponse object to be used * * @throws SettingsException * @throws IOException * @throws Error */ - public Auth(String filename, KeyStoreSettings keyStoreSetting, HttpServletRequest request, - HttpServletResponse response) throws SettingsException, IOException, Error { + public BaseAuth(String filename, KeyStoreSettings keyStoreSetting, HttpRequest request, + HttpResponse response) throws SettingsException, IOException, Error { this(new SettingsBuilder().fromFile(filename, keyStoreSetting).build(), request, response); } @@ -293,12 +293,12 @@ public Auth(String filename, KeyStoreSettings keyStoreSetting, HttpServletReques * Initializes the SP SAML instance. * * @param settings Saml2Settings object. Setting data - * @param request HttpServletRequest object to be processed - * @param response HttpServletResponse object to be used + * @param request HttpRequest object to be processed + * @param response HttpResponse object to be used * * @throws SettingsException */ - public Auth(Saml2Settings settings, HttpServletRequest request, HttpServletResponse response) + public BaseAuth(Saml2Settings settings, HttpRequest request, HttpResponse response) throws SettingsException { this.settings = settings; this.request = request; @@ -625,7 +625,7 @@ public String login(String relayState, AuthnRequestParams authnRequestParams, Bo parameters.put("SAMLRequest", samlRequest); if (relayState == null) { - relayState = ServletUtils.getSelfRoutedURLNoQuery(request); + relayState = HttpRequestUtils.getSelfRoutedURLNoQuery(request); } if (!relayState.isEmpty()) { @@ -648,7 +648,7 @@ public String login(String relayState, AuthnRequestParams authnRequestParams, Bo if (!stay) { LOGGER.debug("AuthNRequest sent to " + ssoUrl + " --> " + samlRequest); } - return ServletUtils.sendRedirect(response, ssoUrl, parameters, stay); + return HttpResponseUtils.sendRedirect(response, ssoUrl, parameters, stay); } /** @@ -795,7 +795,7 @@ public String logout(String relayState, LogoutRequestParams logoutRequestParams, parameters.put("SAMLRequest", samlLogoutRequest); if (relayState == null) { - relayState = ServletUtils.getSelfRoutedURLNoQuery(request); + relayState = HttpRequestUtils.getSelfRoutedURLNoQuery(request); } if (!relayState.isEmpty()) { @@ -818,7 +818,7 @@ public String logout(String relayState, LogoutRequestParams logoutRequestParams, if (!stay) { LOGGER.debug("Logout request sent to " + sloUrl + " --> " + samlLogoutRequest); } - return ServletUtils.sendRedirect(response, sloUrl, parameters, stay); + return HttpResponseUtils.sendRedirect(response, sloUrl, parameters, stay); } /** @@ -1197,11 +1197,10 @@ public String getSLOResponseUrl() { */ public void processResponse(String requestId) throws Exception { authenticated = false; - final HttpRequest httpRequest = ServletUtils.makeHttpRequest(this.request); - final String samlResponseParameter = httpRequest.getParameter("SAMLResponse"); + final String samlResponseParameter = request.getParameter("SAMLResponse"); if (samlResponseParameter != null) { - SamlResponse samlResponse = samlMessageFactory.createSamlResponse(settings, httpRequest); + SamlResponse samlResponse = samlMessageFactory.createSamlResponse(settings, request); lastResponse = samlResponse.getSAMLResponseXml(); if (samlResponse.isValid(requestId)) { @@ -1268,13 +1267,11 @@ public void processResponse() throws Exception { * @throws Exception */ public String processSLO(Boolean keepLocalSession, String requestId, Boolean stay) throws Exception { - final HttpRequest httpRequest = ServletUtils.makeHttpRequest(this.request); - - final String samlRequestParameter = httpRequest.getParameter("SAMLRequest"); - final String samlResponseParameter = httpRequest.getParameter("SAMLResponse"); + final String samlRequestParameter = request.getParameter("SAMLRequest"); + final String samlResponseParameter = request.getParameter("SAMLResponse"); if (samlResponseParameter != null) { - LogoutResponse logoutResponse = samlMessageFactory.createIncomingLogoutResponse(settings, httpRequest); + LogoutResponse logoutResponse = samlMessageFactory.createIncomingLogoutResponse(settings, request); lastResponse = logoutResponse.getLogoutResponseXml(); if (!logoutResponse.isValid(requestId)) { errors.add("invalid_logout_response"); @@ -1298,13 +1295,13 @@ public String processSLO(Boolean keepLocalSession, String requestId, Boolean sta lastMessageIssueInstant = logoutResponse.getIssueInstant(); LOGGER.debug("processSLO success --> " + samlResponseParameter); if (!keepLocalSession) { - request.getSession().invalidate(); + request.invalidateSession(); } } } return null; } else if (samlRequestParameter != null) { - LogoutRequest logoutRequest = samlMessageFactory.createIncomingLogoutRequest(settings, httpRequest); + LogoutRequest logoutRequest = samlMessageFactory.createIncomingLogoutRequest(settings, request); lastRequest = logoutRequest.getLogoutRequestXml(); if (!logoutRequest.isValid()) { errors.add("invalid_logout_request"); @@ -1318,7 +1315,7 @@ public String processSLO(Boolean keepLocalSession, String requestId, Boolean sta lastMessageIssueInstant = logoutRequest.getIssueInstant(); LOGGER.debug("processSLO success --> " + samlRequestParameter); if (!keepLocalSession) { - request.getSession().invalidate(); + request.invalidateSession(); } String inResponseTo = logoutRequest.id; @@ -1350,7 +1347,7 @@ public String processSLO(Boolean keepLocalSession, String requestId, Boolean sta if (!stay) { LOGGER.debug("Logout response sent to " + sloUrl + " --> " + samlLogoutResponse); } - return ServletUtils.sendRedirect(response, sloUrl, parameters, stay); + return HttpResponseUtils.sendRedirect(response, sloUrl, parameters, stay); } } else { errors.add("invalid_binding"); @@ -1651,7 +1648,7 @@ public String getLastResponseXML() { } /** - * Sets the factory this {@link Auth} will use to create SAML messages. + * Sets the factory this {@link BaseAuth} will use to create SAML messages. *

* This allows consumers to provide their own extension classes for SAML message * XML generation and/or processing. @@ -1666,4 +1663,5 @@ public String getLastResponseXML() { public void setSamlMessageFactory(final SamlMessageFactory samlMessageFactory) { this.samlMessageFactory = samlMessageFactory != null ? samlMessageFactory : DEFAULT_SAML_MESSAGE_FACTORY; } + } diff --git a/toolkit/src/main/java/com/onelogin/saml2/factory/SamlMessageFactory.java b/toolkit/src/main/java/com/onelogin/saml2/factory/SamlMessageFactory.java index 08c71e91..cccfa967 100644 --- a/toolkit/src/main/java/com/onelogin/saml2/factory/SamlMessageFactory.java +++ b/toolkit/src/main/java/com/onelogin/saml2/factory/SamlMessageFactory.java @@ -1,6 +1,6 @@ package com.onelogin.saml2.factory; -import com.onelogin.saml2.Auth; +import com.onelogin.saml2.BaseAuth; import com.onelogin.saml2.authn.AuthnRequest; import com.onelogin.saml2.authn.AuthnRequestParams; import com.onelogin.saml2.authn.SamlResponse; @@ -14,7 +14,7 @@ /** * Factory which can create all kind of SAML message objects. *

- * One such factory is used by the {@link Auth} class to orchestrate login and + * One such factory is used by the {@link BaseAuth} class to orchestrate login and * logout operations. *

* Default implementations for all creation methods are provided: they create diff --git a/toolkit/src/main/java/com/onelogin/saml2/servlet/ServletUtils.java b/toolkit/src/main/java/com/onelogin/saml2/servlet/ServletUtils.java deleted file mode 100644 index 1c2f7bb9..00000000 --- a/toolkit/src/main/java/com/onelogin/saml2/servlet/ServletUtils.java +++ /dev/null @@ -1,217 +0,0 @@ -package com.onelogin.saml2.servlet; - -import java.io.IOException; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; - -import org.apache.commons.lang3.StringUtils; - -import com.onelogin.saml2.http.HttpRequest; -import com.onelogin.saml2.util.Util; - -/** - * ServletUtils class of Java Toolkit. - * - * A class that contains several auxiliary methods related to HttpServletRequest and HttpServletResponse - */ -public class ServletUtils { - - private ServletUtils() { - //not called - } - - /** - * Creates an HttpRequest from an HttpServletRequest. - * - * @param req the incoming HttpServletRequest - * @return a HttpRequest - */ - public static HttpRequest makeHttpRequest(HttpServletRequest req) { - @SuppressWarnings("unchecked") - final Map paramsAsArray = (Map) req.getParameterMap(); - final Map> paramsAsList = new HashMap<>(); - for (Map.Entry param : paramsAsArray.entrySet()) { - paramsAsList.put(param.getKey(), Arrays.asList(param.getValue())); - } - - return new HttpRequest(req.getRequestURL().toString(), paramsAsList, req.getQueryString()); - } - - /** - * Returns the protocol + the current host + the port (if different than - * common ports). - * - * @param request - * HttpServletRequest object to be processed - * - * @return the HOST URL - */ - public static String getSelfURLhost(HttpServletRequest request) { - String hostUrl = StringUtils.EMPTY; - final int serverPort = request.getServerPort(); - if ((serverPort == 80) || (serverPort == 443) || serverPort == 0) { - hostUrl = String.format("%s://%s", request.getScheme(), request.getServerName()); - } else { - hostUrl = String.format("%s://%s:%s", request.getScheme(), request.getServerName(), serverPort); - } - return hostUrl; - } - - /** - * @param request - * HttpServletRequest object to be processed - * - * @return the server name - */ - public static String getSelfHost(HttpServletRequest request) { - return request.getServerName(); - } - - /** - * Check if under https or http protocol - * - * @param request - * HttpServletRequest object to be processed - * - * @return false if https is not active - */ - public static boolean isHTTPS(HttpServletRequest request) { - return request.isSecure(); - } - - /** - * Returns the URL of the current context + current view + query - * - * @param request - * HttpServletRequest object to be processed - * - * @return current context + current view + query - */ - public static String getSelfURL(HttpServletRequest request) { - String url = getSelfURLhost(request); - - String requestUri = request.getRequestURI(); - String queryString = request.getQueryString(); - - if (null != requestUri && !requestUri.isEmpty()) { - url += requestUri; - } - - if (null != queryString && !queryString.isEmpty()) { - url += '?' + queryString; - } - return url; - } - - /** - * Returns the URL of the current host + current view. - * - * @param request - * HttpServletRequest object to be processed - * - * @return current host + current view - */ - public static String getSelfURLNoQuery(HttpServletRequest request) { - return request.getRequestURL().toString(); - } - - /** - * Returns the routed URL of the current host + current view. - * - * @param request - * HttpServletRequest object to be processed - * - * @return the current routed url - */ - public static String getSelfRoutedURLNoQuery(HttpServletRequest request) { - String url = getSelfURLhost(request); - String requestUri = request.getRequestURI(); - if (null != requestUri && !requestUri.isEmpty()) { - url += requestUri; - } - return url; - } - - /** - * Redirect to location url - * - * @param response - * HttpServletResponse object to be used - * @param location - * target location url - * @param parameters - * GET parameters to be added - * @param stay - * True if we want to stay (returns the url string) False to execute redirection - * - * @return string the target URL - * @throws IOException - * - * @see javax.servlet.http.HttpServletResponse#sendRedirect(String) - */ - public static String sendRedirect(HttpServletResponse response, String location, Map parameters, Boolean stay) throws IOException { - String target = location; - - if (!parameters.isEmpty()) { - boolean first = !location.contains("?"); - for (Map.Entry parameter : parameters.entrySet()) - { - if (first) { - target += "?"; - first = false; - } else { - target += "&"; - } - target += parameter.getKey(); - if (!parameter.getValue().isEmpty()) { - target += "=" + Util.urlEncoder(parameter.getValue()); - } - } - } - if (!stay) { - response.sendRedirect(target); - } - - return target; - } - - /** - * Redirect to location url - * - * @param response - * HttpServletResponse object to be used - * @param location - * target location url - * @param parameters - * GET parameters to be added - * - * @throws IOException - * - * @see javax.servlet.http.HttpServletResponse#sendRedirect(String) - */ - public static void sendRedirect(HttpServletResponse response, String location, Map parameters) throws IOException { - sendRedirect(response, location, parameters, false); - } - - /** - * Redirect to location url - * - * @param response - * HttpServletResponse object to be used - * @param location - * target location url - * - * @throws IOException - * - * @see HttpServletResponse#sendRedirect(String) - */ - public static void sendRedirect(HttpServletResponse response, String location) throws IOException { - Map parameters =new HashMap(); - sendRedirect(response, location, parameters); - } -} diff --git a/toolkit/src/test/java/com/onelogin/saml2/test/AuthTest.java b/toolkit/src/test/java/com/onelogin/saml2/test/BaseAuthTest.java similarity index 72% rename from toolkit/src/test/java/com/onelogin/saml2/test/AuthTest.java rename to toolkit/src/test/java/com/onelogin/saml2/test/BaseAuthTest.java index 53c82ef5..1845d28f 100644 --- a/toolkit/src/test/java/com/onelogin/saml2/test/AuthTest.java +++ b/toolkit/src/test/java/com/onelogin/saml2/test/BaseAuthTest.java @@ -1,53 +1,6 @@ package com.onelogin.saml2.test; - -import static java.util.Collections.singletonMap; -import static org.hamcrest.CoreMatchers.containsString; -import static org.hamcrest.CoreMatchers.is; -import static org.hamcrest.CoreMatchers.not; -import static org.hamcrest.CoreMatchers.startsWith; -import static org.hamcrest.Matchers.contains; -import static org.junit.Assert.assertEquals; -import static org.junit.Assert.assertFalse; -import static org.junit.Assert.assertNull; -import static org.junit.Assert.assertSame; -import static org.junit.Assert.assertThat; -import static org.junit.Assert.assertTrue; -import static org.mockito.Matchers.matches; -import static org.mockito.Mockito.mock; -import static org.mockito.Mockito.times; -import static org.mockito.Mockito.verify; -import static org.mockito.Mockito.when; - -import java.io.FileInputStream; -import java.io.FileNotFoundException; -import java.io.IOException; -import java.io.UnsupportedEncodingException; -import java.net.URI; -import java.net.URISyntaxException; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; -import java.security.cert.CertificateException; -import java.time.Instant; -import java.util.ArrayList; -import java.util.HashMap; -import java.util.LinkedHashMap; -import java.util.List; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; -import javax.servlet.http.HttpServletResponse; -import javax.servlet.http.HttpSession; - -import org.junit.Rule; -import org.junit.Test; -import org.junit.rules.ExpectedException; -import org.mockito.ArgumentCaptor; -import org.w3c.dom.Document; - -import com.onelogin.saml2.Auth; +import com.onelogin.saml2.BaseAuth; import com.onelogin.saml2.authn.AuthnRequest; import com.onelogin.saml2.authn.AuthnRequestParams; import com.onelogin.saml2.authn.SamlResponse; @@ -57,19 +10,57 @@ import com.onelogin.saml2.exception.XMLEntityException; import com.onelogin.saml2.factory.SamlMessageFactory; import com.onelogin.saml2.http.HttpRequest; +import com.onelogin.saml2.http.HttpResponse; import com.onelogin.saml2.logout.LogoutRequest; import com.onelogin.saml2.logout.LogoutRequestParams; import com.onelogin.saml2.logout.LogoutResponse; import com.onelogin.saml2.logout.LogoutResponseParams; import com.onelogin.saml2.model.KeyStoreSettings; import com.onelogin.saml2.model.SamlResponseStatus; -import com.onelogin.saml2.servlet.ServletUtils; import com.onelogin.saml2.settings.Saml2Settings; import com.onelogin.saml2.settings.SettingsBuilder; import com.onelogin.saml2.util.Constants; import com.onelogin.saml2.util.Util; +import org.junit.Rule; +import org.junit.Test; +import org.junit.rules.ExpectedException; +import org.mockito.ArgumentCaptor; +import org.w3c.dom.Document; -public class AuthTest { +import java.io.FileInputStream; +import java.io.FileNotFoundException; +import java.io.IOException; +import java.io.UnsupportedEncodingException; +import java.net.URI; +import java.net.URISyntaxException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.time.Instant; +import java.util.*; + +import static org.hamcrest.CoreMatchers.containsString; +import static org.hamcrest.CoreMatchers.is; +import static org.hamcrest.CoreMatchers.not; +import static org.hamcrest.CoreMatchers.startsWith; +import static org.hamcrest.Matchers.contains; +import static org.junit.Assert.assertEquals; +import static org.junit.Assert.assertFalse; +import static org.junit.Assert.assertNull; +import static org.junit.Assert.assertSame; +import static org.junit.Assert.assertThat; +import static org.junit.Assert.assertTrue; +import static org.mockito.Matchers.matches; +import static org.mockito.Mockito.eq; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.spy; +import static org.mockito.Mockito.times; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; + +public class BaseAuthTest { @Rule public ExpectedException expectedEx = ExpectedException.none(); @@ -117,11 +108,11 @@ private KeyStoreSettings getKeyStoreSettings() throws KeyStoreException, NoSuchA * @throws IOException * @throws Error * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructor() throws IOException, SettingsException, Error { - Auth auth = new Auth(); + BaseAuth auth = new BaseAuth(); assertTrue(auth.getSettings() != null); Saml2Settings settings = new SettingsBuilder().fromFile("onelogin.saml.properties").build(); @@ -138,11 +129,11 @@ public void testConstructor() throws IOException, SettingsException, Error { * @throws IOException * @throws Error * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructorWithFilename() throws IOException, SettingsException, Error { - Auth auth = new Auth("config/config.min.properties"); + BaseAuth auth = new BaseAuth("config/config.min.properties"); assertTrue(auth.getSettings() != null); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); @@ -162,12 +153,12 @@ public void testConstructorWithFilename() throws IOException, SettingsException, * @throws KeyStoreException * @throws UnrecoverableKeyException * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructorWithFilenameAndKeyStore() throws IOException, SettingsException, Error, NoSuchAlgorithmException, CertificateException, KeyStoreException, UnrecoverableKeyException { - Auth auth = new Auth("config/config.min.properties", getKeyStoreSettings()); + BaseAuth auth = new BaseAuth("config/config.min.properties", getKeyStoreSettings()); assertTrue(auth.getSettings() != null); assertTrue(auth.getSettings().getSPcert() != null); assertTrue(auth.getSettings().getSPkey() != null); @@ -179,23 +170,23 @@ public void testConstructorWithFilenameAndKeyStore() throws IOException, Setting /** * Tests the constructor of Auth - * Case: HttpServletRequest and HttpServletResponse provided + * Case: HttpRequest and HttpResponse provided * * @throws SettingsException * @throws IOException * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructorWithReqRes() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); - Auth auth = new Auth(request, response); + BaseAuth auth = new BaseAuth(request, response); assertTrue(auth.getSettings() != null); Saml2Settings settings = new SettingsBuilder().fromFile("onelogin.saml.properties").build(); @@ -205,7 +196,7 @@ public void testConstructorWithReqRes() throws IOException, SettingsException, U /** * Tests the constructor of Auth - * Case: KeyStore and HttpServletRequest and HttpServletResponse provided + * Case: KeyStore and HttpRequest and HttpResponse provided * * @throws SettingsException * @throws IOException @@ -215,14 +206,14 @@ public void testConstructorWithReqRes() throws IOException, SettingsException, U * @throws CertificateException * @throws NoSuchAlgorithmException * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructorWithReqResAndKeyStore() throws IOException, SettingsException, URISyntaxException, Error, KeyStoreException, NoSuchAlgorithmException, CertificateException { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); - Auth auth = new Auth(getKeyStoreSettings(), request, response); + BaseAuth auth = new BaseAuth(getKeyStoreSettings(), request, response); assertTrue(auth.getSettings() != null); assertTrue(auth.getSettings().getSPcert() != null); assertTrue(auth.getSettings().getSPkey() != null); @@ -234,23 +225,23 @@ public void testConstructorWithReqResAndKeyStore() throws IOException, SettingsE /** * Tests the constructor of Auth - * Case: filename, HttpServletRequest and HttpServletResponse provided + * Case: filename, HttpRequest and HttpResponse provided * * @throws SettingsException * @throws IOException * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructorWithFilenameReqRes() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); - Auth auth = new Auth("config/config.min.properties", request, response); + BaseAuth auth = new BaseAuth("config/config.min.properties", request, response); assertTrue(auth.getSettings() != null); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); @@ -260,51 +251,51 @@ public void testConstructorWithFilenameReqRes() throws IOException, SettingsExce /** * Tests the constructor of Auth - * Case: settings, HttpServletRequest and HttpServletResponse provided + * Case: settings, HttpRequest and HttpResponse provided * * @throws SettingsException * @throws IOException * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructorWithSettingsReqRes() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertEquals(settings.getIdpEntityId(), auth.getSettings().getIdpEntityId()); assertEquals(settings.getSpEntityId(), auth.getSettings().getSpEntityId()); } /** * Tests the constructor of Auth - * Case: settings, HttpServletRequest and HttpServletResponse provided + * Case: settings, HttpRequest and HttpResponse provided * * @throws SettingsException * @throws IOException * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth + * @see BaseAuth */ @Test public void testConstructorInvalidSettings() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.sperrors.properties").build(); expectedEx.expect(SettingsException.class); expectedEx.expectMessage("Invalid settings: sp_entityId_not_found, sp_acs_not_found, sp_cert_not_found_and_required, contact_not_enough_data, contact_type_invalid, organization_not_enough_data, idp_cert_or_fingerprint_not_found_and_required, idp_cert_not_found_and_required"); - new Auth(settings, request, response); + new BaseAuth(settings, request, response); } /** @@ -314,12 +305,12 @@ public void testConstructorInvalidSettings() throws IOException, SettingsExcepti * @throws IOException * @throws Error * - * @see com.onelogin.saml2.Auth#getSettings + * @see BaseAuth#getSettings */ @Test public void testGetSettings() throws IOException, SettingsException, Error { Saml2Settings settings = new SettingsBuilder().fromFile("onelogin.saml.properties").build(); - Auth auth = new Auth(); + BaseAuth auth = new BaseAuth(); assertEquals(settings.getIdpEntityId(), auth.getSettings().getIdpEntityId()); assertEquals(settings.getSpEntityId(), auth.getSettings().getSpEntityId()); assertEquals(settings.getIdpCertFingerprint(), auth.getSettings().getIdpCertFingerprint()); @@ -342,11 +333,11 @@ public void testGetSettings() throws IOException, SettingsException, Error { * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#setStrict + * @see BaseAuth#setStrict */ @Test public void testSetStrict() throws IOException, SettingsException, URISyntaxException, Error { - Auth auth = new Auth(); + BaseAuth auth = new BaseAuth(); auth.setStrict(false); assertFalse(auth.getSettings().isStrict()); @@ -363,23 +354,23 @@ public void testSetStrict() throws IOException, SettingsException, URISyntaxExce * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#isDebugActive + * @see BaseAuth#isDebugActive */ @Test public void testIsDebugActive() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletResponse response = mock(HttpServletResponse.class); - HttpServletRequest request = mock(HttpServletRequest.class); + HttpResponse response = mock(HttpResponse.class); + HttpRequest request = mock(HttpRequest.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); settings.setDebug(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isDebugActive()); settings.setDebug(true); - auth = new Auth(settings, request, response); + auth = new BaseAuth(settings, request, response); assertTrue(auth.isDebugActive()); } @@ -391,18 +382,18 @@ public void testIsDebugActive() throws IOException, SettingsException, URISyntax * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#getSSOurl + * @see BaseAuth#getSSOurl */ @Test public void testGetSSOurl() throws URISyntaxException, IOException, SettingsException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertEquals("http://idp.example.com/simplesaml/saml2/idp/SSOService.php", auth.getSSOurl()); } @@ -414,18 +405,18 @@ public void testGetSSOurl() throws URISyntaxException, IOException, SettingsExce * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#getSLOurl + * @see BaseAuth#getSLOurl */ @Test public void testGetSLOurl() throws URISyntaxException, IOException, SettingsException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertEquals("http://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php", auth.getSLOurl()); } @@ -438,18 +429,18 @@ public void testGetSLOurl() throws URISyntaxException, IOException, SettingsExce * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#getSLOResponseUrl + * @see BaseAuth#getSLOResponseUrl */ @Test public void testGetSLOResponseUrl() throws URISyntaxException, IOException, SettingsException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.all.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertEquals("http://idp.example.com/simplesaml/saml2/idp/SingleLogoutServiceResponse.php", auth.getSLOResponseUrl()); } @@ -461,18 +452,18 @@ public void testGetSLOResponseUrl() throws URISyntaxException, IOException, Sett * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#getSLOResponseUrl + * @see BaseAuth#getSLOResponseUrl */ @Test public void testGetSLOResponseUrlNull() throws URISyntaxException, IOException, SettingsException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertEquals("http://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php", auth.getSLOResponseUrl()); } @@ -481,16 +472,16 @@ public void testGetSLOResponseUrlNull() throws URISyntaxException, IOException, * * @throws Exception * - * @see com.onelogin.saml2.Auth#processResponse + * @see BaseAuth#processResponse */ @Test public void testProcessNoResponse() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); try { @@ -510,22 +501,22 @@ public void testProcessNoResponse() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processResponse - * @see com.onelogin.saml2.Auth#getAttributes - * @see com.onelogin.saml2.Auth#getAttribute - * @see com.onelogin.saml2.Auth#getAttributesName + * @see BaseAuth#processResponse + * @see BaseAuth#getAttributes + * @see BaseAuth#getAttribute + * @see BaseAuth#getAttributesName */ @Test public void testProcessResponse() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processResponse(); @@ -533,8 +524,8 @@ public void testProcessResponse() throws Exception { assertTrue(auth.getAttributes().isEmpty()); samlResponseEncoded = Util.getFileAsString("data/responses/valid_response.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); HashMap> expectedAttributes = new LinkedHashMap>(); List attrValues = new ArrayList(); @@ -573,25 +564,23 @@ public void testProcessResponse() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessResponseStatusResponder() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("https://example.com/opensso/Consumer/metaAlias/sp")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("https://example.com/opensso/Consumer/metaAlias/sp"); String samlResponseEncoded = Util.getFileAsString("data/responses/invalids/status_code_and_sub_status_code_responder_and_msg.xml.base64"); Document samlResponseDoc = Util.loadXML(new String(Util.base64decoder(samlResponseEncoded))); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processResponse(); - verify(session, times(0)).invalidate(); + verify(request, times(0)).invalidateSession(); assertFalse(auth.getErrors().isEmpty()); assertEquals("The status code of the Response was not Success, was urn:oasis:names:tc:SAML:2.0:status:Responder -> something_is_wrong", auth.getLastErrorReason()); assertTrue(auth.getErrors().contains("response_not_success")); @@ -604,16 +593,16 @@ public void testProcessResponseStatusResponder() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLONoMessage() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); try { @@ -634,26 +623,24 @@ public void testProcessSLONoMessage() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLORequestKeepSession() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLRequest", new String[]{samlRequestEncoded})); + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(true, null); verify(response).sendRedirect(matches("http:\\/\\/idp.example.com\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SAMLResponse=(.)*")); - verify(session, times(0)).invalidate(); + verify(request, times(0)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); } @@ -663,25 +650,23 @@ public void testProcessSLORequestKeepSession() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLORequestRemoveSession() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLRequest", new String[]{samlRequestEncoded})); + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(); verify(response).sendRedirect(matches("http:\\/\\/idp.example.com\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SAMLResponse=(.)*")); - verify(session, times(1)).invalidate(); + verify(request, times(1)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); } @@ -691,25 +676,23 @@ public void testProcessSLORequestRemoveSession() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLORequestStay() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLRequest", new String[]{samlRequestEncoded})); + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(false, null); verify(response).sendRedirect(matches("http:\\/\\/idp.example.com\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SAMLResponse=(.)*")); - verify(session, times(1)).invalidate(); + verify(request, times(1)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); } @@ -719,26 +702,24 @@ public void testProcessSLORequestStay() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLORequestStayFalse() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLRequest", new String[]{samlRequestEncoded})); + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); String target = auth.processSLO(false, null, false); verify(response).sendRedirect(matches("http:\\/\\/idp.example.com\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SAMLResponse=(.)*")); verify(response, times(1)).sendRedirect(matches("http:\\/\\/idp.example.com\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SAMLResponse=(.)*")); - verify(session, times(1)).invalidate(); + verify(request, times(1)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); assertThat(target, startsWith("http://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php?SAMLResponse=")); } @@ -749,25 +730,23 @@ public void testProcessSLORequestStayFalse() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLORequestStayTrue() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLRequest", new String[]{samlRequestEncoded})); + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); String target = auth.processSLO(false, null, true); verify(response, times(0)).sendRedirect(matches("http:\\/\\/idp.example.com\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SAMLResponse=(.)*")); - verify(session, times(1)).invalidate(); + verify(request, times(1)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); assertThat(target, startsWith("http://idp.example.com/simplesaml/saml2/idp/SingleLogoutService.php?SAMLResponse=")); } @@ -778,33 +757,27 @@ public void testProcessSLORequestStayTrue() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLORequestSignRes() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String relayState = "http://localhost:8080/expected.jsp"; String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request_deflated.xml.base64"); - Map paramsAsArray = new HashMap<>(); - paramsAsArray.put("SAMLRequest", new String[]{samlRequestEncoded}); - paramsAsArray.put("RelayState", new String[]{relayState}); - when(request.getParameterMap()).thenReturn(paramsAsArray); - when(request.getParameter("RelayState")).thenReturn(relayState); - + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); + when(request.getParameter(eq("RelayState"))).thenReturn(relayState); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.all.properties").build(); settings.setWantMessagesSigned(false); settings.setLogoutResponseSigned(true); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(); verify(response).sendRedirect(matches("http:\\/\\/idp.example.com\\/simplesaml\\/saml2\\/idp\\/SingleLogoutServiceResponse.php\\?SAMLResponse=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Fexpected.jsp&SigAlg=http%3A%2F%2Fwww.w3.org%2F2001%2F04%2Fxmldsig-more%23rsa-sha512&Signature=(.)*")); - verify(session, times(1)).invalidate(); + verify(request, times(1)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); } @@ -814,25 +787,23 @@ public void testProcessSLORequestSignRes() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLORequestInvalid() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/sls.jsp")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/sls.jsp"); String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLRequest", new String[]{samlRequestEncoded})); + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); settings.setStrict(true); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(); - verify(session, times(0)).invalidate(); + verify(request, times(0)).invalidateSession(); assertFalse(auth.getErrors().isEmpty()); assertTrue(auth.getErrors().contains("invalid_logout_request")); assertThat(auth.getLastErrorReason(), containsString("The LogoutRequest was received at")); @@ -845,24 +816,22 @@ public void testProcessSLORequestInvalid() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLOResponseKeepSession() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlResponseEncoded = Util.getFileAsString("data/logout_responses/logout_response_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(true, null); - verify(session, times(0)).invalidate(); + verify(request, times(0)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); } @@ -872,24 +841,22 @@ public void testProcessSLOResponseKeepSession() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLOResponseRemoveSession() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlResponseEncoded = Util.getFileAsString("data/logout_responses/logout_response_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(); - verify(session, times(1)).invalidate(); + verify(request, times(1)).invalidateSession(); assertTrue(auth.getErrors().isEmpty()); } @@ -899,25 +866,23 @@ public void testProcessSLOResponseRemoveSession() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLOResponseWrongRequestId() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlResponseEncoded = Util.getFileAsString("data/logout_responses/logout_response_deflated.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); settings.setStrict(true); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(false, "wrong_request_id"); - verify(session, times(0)).invalidate(); + verify(request, times(0)).invalidateSession(); assertTrue(auth.getErrors().contains("invalid_logout_response")); assertEquals("The InResponseTo of the Logout Response: ONELOGIN_21584ccdfaca36a145ae990442dcd96bfe60151e, does not match the ID of the Logout request sent by the SP: wrong_request_id", auth.getLastErrorReason()); } @@ -928,24 +893,22 @@ public void testProcessSLOResponseWrongRequestId() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#processSLO + * @see BaseAuth#processSLO */ @Test public void testProcessSLOResponseStatusResponder() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - HttpSession session = mock(HttpSession.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://stuff.com/endpoints/endpoints/sls.php")); - when(request.getSession()).thenReturn(session); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("http://stuff.com/endpoints/endpoints/sls.php"); String samlResponseEncoded = Util.getFileAsString("data/logout_responses/invalids/status_code_responder.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processSLO(); - verify(session, times(0)).invalidate(); + verify(request, times(0)).invalidateSession(); assertFalse(auth.getErrors().isEmpty()); assertTrue(auth.getErrors().contains("logout_not_success")); assertTrue(auth.getErrors().contains(Constants.STATUS_RESPONDER)); @@ -956,20 +919,20 @@ public void testProcessSLOResponseStatusResponder() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#isAuthenticated - * @see com.onelogin.saml2.Auth#getErrors - * @see com.onelogin.saml2.Auth#getLastErrorReason + * @see BaseAuth#isAuthenticated + * @see BaseAuth#getErrors + * @see BaseAuth#getLastErrorReason */ @Test public void testIsAuthenticated() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response4.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertFalse(auth.isAuthenticated()); assertTrue(auth.getErrors().isEmpty()); auth.processResponse(); @@ -982,8 +945,8 @@ public void testIsAuthenticated() throws Exception { assertTrue(auth.getLastValidationException() instanceof ValidationError); samlResponseEncoded = Util.getFileAsString("data/responses/valid_encrypted_assertion.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); assertFalse(auth2.isAuthenticated()); assertTrue(auth2.getErrors().isEmpty()); auth2.processResponse(); @@ -996,8 +959,8 @@ public void testIsAuthenticated() throws Exception { assertTrue(auth2.getLastValidationException() instanceof ValidationError); samlResponseEncoded = Util.getFileAsString("data/responses/valid_response.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth3 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth3 = new BaseAuth(settings, request, response); assertFalse(auth3.isAuthenticated()); assertTrue(auth3.getErrors().isEmpty()); auth3.processResponse(); @@ -1013,36 +976,36 @@ public void testIsAuthenticated() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#getNameId + * @see BaseAuth#getNameId */ @Test public void testGetNameID() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertNull(auth.getNameId()); auth.processResponse(); assertFalse(auth.isAuthenticated()); assertNull(auth.getNameId()); samlResponseEncoded = Util.getFileAsString("data/responses/valid_response.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); assertNull(auth2.getNameId()); auth2.processResponse(); assertTrue(auth2.isAuthenticated()); assertEquals("492882615acf31c8096b627245d76ae53036c090", auth2.getNameId()); samlResponseEncoded = Util.getFileAsString("data/responses/response_encrypted_nameid.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs"); settings.setStrict(false); - Auth auth3 = new Auth(settings, request, response); + BaseAuth auth3 = new BaseAuth(settings, request, response); assertNull(auth3.getNameId()); auth3.processResponse(); assertTrue(auth3.isAuthenticated()); @@ -1055,36 +1018,36 @@ public void testGetNameID() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#getNameIdFormat + * @see BaseAuth#getNameIdFormat */ @Test public void testGetNameIdFormat() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertNull(auth.getNameIdFormat()); auth.processResponse(); assertFalse(auth.isAuthenticated()); assertNull(auth.getNameIdFormat()); samlResponseEncoded = Util.getFileAsString("data/responses/valid_response.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); assertNull(auth2.getNameIdFormat()); auth2.processResponse(); assertTrue(auth2.isAuthenticated()); assertEquals("urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress", auth2.getNameIdFormat()); samlResponseEncoded = Util.getFileAsString("data/responses/response_encrypted_nameid.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs"); settings.setStrict(false); - Auth auth3 = new Auth(settings, request, response); + BaseAuth auth3 = new BaseAuth(settings, request, response); assertNull(auth3.getNameIdFormat()); auth3.processResponse(); assertTrue(auth3.isAuthenticated()); @@ -1096,18 +1059,18 @@ public void testGetNameIdFormat() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#getNameIdNameQualifier + * @see BaseAuth#getNameIdNameQualifier */ @Test public void testGetNameIdNameQualifier() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertNull(auth.getNameIdNameQualifier()); auth.processResponse(); assertFalse(auth.isAuthenticated()); @@ -1115,8 +1078,8 @@ public void testGetNameIdNameQualifier() throws Exception { samlResponseEncoded = Util.getFileAsString("data/responses/valid_response_with_namequalifier.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); assertNull(auth2.getNameIdNameQualifier()); auth2.processResponse(); assertTrue(auth2.isAuthenticated()); @@ -1128,18 +1091,18 @@ public void testGetNameIdNameQualifier() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#getNameIdSPNameQualifier + * @see BaseAuth#getNameIdSPNameQualifier */ @Test public void testGetNameIdSPNameQualifier() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertNull(auth.getNameIdSPNameQualifier()); auth.processResponse(); assertFalse(auth.isAuthenticated()); @@ -1147,8 +1110,8 @@ public void testGetNameIdSPNameQualifier() throws Exception { samlResponseEncoded = Util.getFileAsString("data/responses/valid_response_with_namequalifier.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); assertNull(auth2.getNameIdSPNameQualifier()); auth2.processResponse(); assertTrue(auth2.isAuthenticated()); @@ -1164,17 +1127,17 @@ public void testGetNameIdSPNameQualifier() throws Exception { */ @Test public void testGetNameIDEncWithNoKey() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.mywithnocert.properties").build(); String samlResponseEncoded = Util.getFileAsString("data/responses/response_encrypted_nameid.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("https://pitbulk.no-ip.org/newonelogin/demo1/index.php?acs"); settings.setStrict(false); expectedEx.expect(SettingsException.class); expectedEx.expectMessage("Invalid settings: idp_cert_not_found_and_required"); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); } /** @@ -1186,14 +1149,14 @@ public void testGetNameIDEncWithNoKey() throws Exception { */ @Test public void testOnlyRetrieveAssertionWithIDThatMatchesSignatureReference() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/invalids/wrapped_response_2.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); expectedEx.expect(ValidationError.class); expectedEx.expectMessage("SAML Response could not be processed"); @@ -1205,26 +1168,26 @@ public void testOnlyRetrieveAssertionWithIDThatMatchesSignatureReference() throw * * @throws Exception * - * @see com.onelogin.saml2.Auth#getSessionIndex + * @see BaseAuth#getSessionIndex */ @Test public void testGetSessionIndex() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertNull(auth.getSessionIndex()); auth.processResponse(); assertFalse(auth.isAuthenticated()); assertNull(auth.getSessionIndex()); samlResponseEncoded = Util.getFileAsString("data/responses/valid_response.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); assertNull(auth2.getSessionIndex()); auth2.processResponse(); assertTrue(auth2.isAuthenticated()); @@ -1233,14 +1196,14 @@ public void testGetSessionIndex() throws Exception { @Test public void testGetAssertionDetails() throws Exception { - HttpServletResponse response = mock(HttpServletResponse.class); - HttpServletRequest request = mock(HttpServletRequest.class); + HttpResponse response = mock(HttpResponse.class); + HttpRequest request = mock(HttpRequest.class); String samlResponseEncoded = Util.getFileAsString("data/responses/valid_response.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); auth.processResponse(); assertThat(auth.getLastAssertionId(), is("pfxb26bb203-4e9d-8e74-a46e-def275ff4c7b")); @@ -1252,26 +1215,26 @@ public void testGetAssertionDetails() throws Exception { * * @throws Exception * - * @see com.onelogin.saml2.Auth#getSessionExpiration + * @see BaseAuth#getSessionExpiration */ @Test public void testGetSessionExpiration() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); String samlResponseEncoded = Util.getFileAsString("data/responses/response1.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - when(request.getRequestURL()).thenReturn(new StringBuffer("http://localhost:8080/java-saml-jspsample/acs.jsp")); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + when(request.getRequestURL()).thenReturn("http://localhost:8080/java-saml-jspsample/acs.jsp"); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); assertNull(auth.getSessionExpiration()); auth.processResponse(); assertFalse(auth.isAuthenticated()); assertNull(auth.getSessionExpiration()); samlResponseEncoded = Util.getFileAsString("data/responses/valid_response.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLResponse", new String[]{samlResponseEncoded})); - Auth auth2 = new Auth(settings, request, response); + when(request.getParameter(eq("SAMLResponse"))).thenReturn(samlResponseEncoded); + BaseAuth auth2 = new BaseAuth(settings, request, response); assertNull(auth2.getSessionExpiration()); auth2.processResponse(); assertTrue(auth2.isAuthenticated()); @@ -1287,12 +1250,12 @@ public void testGetSessionExpiration() throws Exception { * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLogin() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1300,7 +1263,7 @@ public void testLogin() throws IOException, SettingsException, URISyntaxExceptio Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setAuthnRequestsSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); auth.login(); verify(response).sendRedirect(matches("https:\\/\\/pitbulk.no-ip.org\\/simplesaml\\/saml2\\/idp\\/SSOService.php\\?SAMLRequest=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Finitial.jsp")); assertThat(auth.getLastRequestId(), startsWith(Util.UNIQUE_ID_PREFIX)); @@ -1315,12 +1278,12 @@ public void testLogin() throws IOException, SettingsException, URISyntaxExceptio * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLoginWithRelayState() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1329,7 +1292,7 @@ public void testLoginWithRelayState() throws IOException, SettingsException, URI Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setAuthnRequestsSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String relayState = "http://localhost:8080/expected.jsp"; auth.login(relayState); verify(response).sendRedirect(matches("https:\\/\\/pitbulk.no-ip.org\\/simplesaml\\/saml2\\/idp\\/SSOService.php\\?SAMLRequest=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Fexpected.jsp")); @@ -1344,12 +1307,12 @@ public void testLoginWithRelayState() throws IOException, SettingsException, URI * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLoginWithoutRelayState() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1358,7 +1321,7 @@ public void testLoginWithoutRelayState() throws IOException, SettingsException, Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setAuthnRequestsSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); auth.login(""); final ArgumentCaptor urlCaptor = ArgumentCaptor.forClass(String.class); verify(response).sendRedirect(urlCaptor.capture()); @@ -1375,12 +1338,12 @@ public void testLoginWithoutRelayState() throws IOException, SettingsException, * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLoginWithExtraParameters() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = spy(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1389,7 +1352,7 @@ public void testLoginWithExtraParameters() throws IOException, SettingsException Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setAuthnRequestsSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); Map extraParameters = new HashMap(); extraParameters.put("parameter1", "xxx"); String target = auth.login("", new AuthnRequestParams(false, false, false), true, extraParameters); @@ -1406,12 +1369,12 @@ public void testLoginWithExtraParameters() throws IOException, SettingsException * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLoginStay() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1420,7 +1383,7 @@ public void testLoginStay() throws IOException, SettingsException, URISyntaxExce Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setAuthnRequestsSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String target = auth.login("", new AuthnRequestParams(false, false, false), true); assertThat(target, startsWith("https://pitbulk.no-ip.org/simplesaml/saml2/idp/SSOService.php?SAMLRequest=")); assertThat(target, not(containsString("&RelayState="))); @@ -1440,12 +1403,12 @@ public void testLoginStay() throws IOException, SettingsException, URISyntaxExce * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLoginSubject() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1453,7 +1416,7 @@ public void testLoginSubject() throws IOException, SettingsException, URISyntaxE Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String target = auth.login("", new AuthnRequestParams(false, false, false), true); assertThat(target, startsWith("http://idp.example.com/simplesaml/saml2/idp/SSOService.php?SAMLRequest=")); String authNRequestStr = getSAMLRequestFromURL(target); @@ -1469,7 +1432,7 @@ public void testLoginSubject() throws IOException, SettingsException, URISyntaxE assertThat(authNRequestStr, containsString("")); settings = new SettingsBuilder().fromFile("config/config.emailaddressformat.properties").build(); - auth = new Auth(settings, request, response); + auth = new BaseAuth(settings, request, response); target = auth.login("", new AuthnRequestParams(false, false, false, "testuser@example.com"), true); assertThat(target, startsWith("http://idp.example.com/simplesaml/saml2/idp/SSOService.php?SAMLRequest=")); authNRequestStr = getSAMLRequestFromURL(target); @@ -1489,12 +1452,12 @@ public void testLoginSubject() throws IOException, SettingsException, URISyntaxE * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLoginSignedFail() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1506,7 +1469,7 @@ public void testLoginSignedFail() throws IOException, SettingsException, URISynt expectedEx.expect(SettingsException.class); expectedEx.expectMessage("Invalid settings: sp_cert_not_found_and_required"); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); } /** @@ -1518,12 +1481,12 @@ public void testLoginSignedFail() throws IOException, SettingsException, URISynt * @throws URISyntaxException * @throws Error * - * @see com.onelogin.saml2.Auth#login + * @see BaseAuth#login */ @Test public void testLoginSigned() throws IOException, SettingsException, URISyntaxException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1532,13 +1495,13 @@ public void testLoginSigned() throws IOException, SettingsException, URISyntaxEx Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setAuthnRequestsSigned(true); settings.setSignatureAlgorithm(Constants.RSA_SHA1); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String relayState = "http://localhost:8080/expected.jsp"; auth.login(relayState); verify(response).sendRedirect(matches("https:\\/\\/pitbulk.no-ip.org\\/simplesaml\\/saml2\\/idp\\/SSOService.php\\?SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&SAMLRequest=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Fexpected.jsp&Signature=(.)*")); settings.setSignatureAlgorithm(Constants.SHA512); - Auth auth2 = new Auth(settings, request, response); + BaseAuth auth2 = new BaseAuth(settings, request, response); auth2.login(relayState); verify(response).sendRedirect(matches("https:\\/\\/pitbulk.no-ip.org\\/simplesaml\\/saml2\\/idp\\/SSOService.php\\?SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&SAMLRequest=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Fexpected.jsp&Signature=(.)*")); } @@ -1552,12 +1515,12 @@ public void testLoginSigned() throws IOException, SettingsException, URISyntaxEx * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#logout + * @see BaseAuth#logout */ @Test public void testLogout() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1565,7 +1528,7 @@ public void testLogout() throws IOException, SettingsException, XMLEntityExcepti Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setLogoutRequestSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); auth.logout(); verify(response).sendRedirect(matches("https:\\/\\/pitbulk.no-ip.org\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SAMLRequest=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Finitial.jsp")); @@ -1581,12 +1544,12 @@ public void testLogout() throws IOException, SettingsException, XMLEntityExcepti * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#logout + * @see BaseAuth#logout */ @Test public void testLogoutWithExtraParameters() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1594,7 +1557,7 @@ public void testLogoutWithExtraParameters() throws IOException, SettingsExceptio Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setLogoutRequestSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); Map extraParameters = new HashMap(); extraParameters.put("parameter1", "xxx"); String target = auth.logout("", new LogoutRequestParams(), true, extraParameters); @@ -1611,12 +1574,12 @@ public void testLogoutWithExtraParameters() throws IOException, SettingsExceptio * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#logout + * @see BaseAuth#logout */ @Test public void testLogoutWithRelayState() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1625,7 +1588,7 @@ public void testLogoutWithRelayState() throws IOException, SettingsException, XM Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setLogoutRequestSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String relayState = "http://localhost:8080/expected.jsp"; auth.logout(relayState); @@ -1641,12 +1604,12 @@ public void testLogoutWithRelayState() throws IOException, SettingsException, XM * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#logout + * @see BaseAuth#logout */ @Test public void testLogoutWithoutRelayState() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1655,7 +1618,7 @@ public void testLogoutWithoutRelayState() throws IOException, SettingsException, Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setLogoutRequestSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); auth.logout(""); final ArgumentCaptor urlCaptor = ArgumentCaptor.forClass(String.class); @@ -1673,12 +1636,12 @@ public void testLogoutWithoutRelayState() throws IOException, SettingsException, * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#logout + * @see BaseAuth#logout */ @Test public void testLogoutStay() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1687,7 +1650,7 @@ public void testLogoutStay() throws IOException, SettingsException, XMLEntityExc Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setLogoutRequestSigned(false); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String target = auth.logout("", new LogoutRequestParams(), true); assertThat(target, startsWith("https://pitbulk.no-ip.org/simplesaml/saml2/idp/SingleLogoutService.php?SAMLRequest=")); assertThat(target, not(containsString("&RelayState="))); @@ -1707,12 +1670,12 @@ public void testLogoutStay() throws IOException, SettingsException, XMLEntityExc * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#logout + * @see BaseAuth#logout */ @Test public void testLogoutSignedFail() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1724,7 +1687,7 @@ public void testLogoutSignedFail() throws IOException, SettingsException, XMLEnt expectedEx.expect(SettingsException.class); expectedEx.expectMessage("Invalid settings: sp_cert_not_found_and_required"); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); } /** @@ -1736,12 +1699,12 @@ public void testLogoutSignedFail() throws IOException, SettingsException, XMLEnt * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#logout + * @see BaseAuth#logout */ @Test public void testLogoutSigned() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); when(request.getScheme()).thenReturn("http"); when(request.getServerPort()).thenReturn(8080); when(request.getServerName()).thenReturn("localhost"); @@ -1750,13 +1713,13 @@ public void testLogoutSigned() throws IOException, SettingsException, XMLEntityE Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); settings.setLogoutRequestSigned(true); settings.setSignatureAlgorithm(Constants.RSA_SHA1); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String relayState = "http://localhost:8080/expected.jsp"; auth.logout(relayState); verify(response).sendRedirect(matches("https:\\/\\/pitbulk.no-ip.org\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&SAMLRequest=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Fexpected.jsp&Signature=(.)*")); settings.setSignatureAlgorithm(Constants.SHA512); - Auth auth2 = new Auth(settings, request, response); + BaseAuth auth2 = new BaseAuth(settings, request, response); auth2.logout(relayState); verify(response).sendRedirect(matches("https:\\/\\/pitbulk.no-ip.org\\/simplesaml\\/saml2\\/idp\\/SingleLogoutService.php\\?SigAlg=http%3A%2F%2Fwww.w3.org%2F2000%2F09%2Fxmldsig%23rsa-sha1&SAMLRequest=(.)*&RelayState=http%3A%2F%2Flocalhost%3A8080%2Fexpected.jsp&Signature=(.)*")); } @@ -1770,7 +1733,7 @@ public void testLogoutSigned() throws IOException, SettingsException, XMLEntityE * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildRequestSignature + * @see BaseAuth#buildRequestSignature */ @Test public void testBuildRequestSignatureInvalidSP() throws URISyntaxException, IOException, SettingsException, Error { @@ -1778,7 +1741,7 @@ public void testBuildRequestSignatureInvalidSP() throws URISyntaxException, IOEx String relayState = "http://example.com"; String signAlgorithm = "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; - Auth auth = new Auth("config/config.invalidspcertstring.properties"); + BaseAuth auth = new BaseAuth("config/config.invalidspcertstring.properties"); expectedEx.expect(SettingsException.class); expectedEx.expectMessage("Trying to sign the SAMLRequest but can't load the SP private key"); @@ -1794,7 +1757,7 @@ public void testBuildRequestSignatureInvalidSP() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildRequestSignature + * @see BaseAuth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha1() throws URISyntaxException, IOException, SettingsException, Error { @@ -1802,7 +1765,7 @@ public void testBuildRequestSignatureRsaSha1() throws URISyntaxException, IOExce String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA1; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildRequestSignature(deflatedEncodedAuthNRequest, relayState, signAlgorithm); String expectedSignature = "FqFJi9aIut9Gp/SUyLcj4ewwnU4ajjhfWpdr8pc4w//9m0QB1hzDUHR7YmKxXB6rrRuX7iy9CJy+o7zzhz2pTr0PHHE9mvFPsyk/mas9e2ZGUeLS2OzMPHYwJCdOg4uLrbqybWGKy0AgoDqTpAfpkQVxuunVKTj4pOPXGx156Oo="; assertEquals(expectedSignature, signature); @@ -1820,7 +1783,7 @@ public void testBuildRequestSignatureRsaSha1() throws URISyntaxException, IOExce * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildRequestSignature + * @see BaseAuth#buildRequestSignature */ @Test(expected=IllegalArgumentException.class) public void testBuildRequestSignatureDsaSha1() throws URISyntaxException, IOException, SettingsException, Error { @@ -1828,7 +1791,7 @@ public void testBuildRequestSignatureDsaSha1() throws URISyntaxException, IOExce String relayState = "http://example.com"; String signAlgorithm = Constants.DSA_SHA1; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildRequestSignature(deflatedEncodedAuthNRequest, relayState, signAlgorithm); } @@ -1841,7 +1804,7 @@ public void testBuildRequestSignatureDsaSha1() throws URISyntaxException, IOExce * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildRequestSignature + * @see BaseAuth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha256() throws URISyntaxException, IOException, SettingsException, Error { @@ -1849,7 +1812,7 @@ public void testBuildRequestSignatureRsaSha256() throws URISyntaxException, IOEx String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA256; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildRequestSignature(deflatedEncodedAuthNRequest, relayState, signAlgorithm); String expectedSignature = "PJoiwvBgKnRefzaYMaPqOTvlia7EhFoRrc+tFlJCi557VEpG0oY1x8YTmkOxC+oI0zWyQ0RiXA65q7hv1xyYgGnSFdMKr5s+qeD4+1BjPxEGwXVU6+gTX0gg2+UL+1o4YpoVTQ1aKSO85uyBEGO20WnK2zETuGA/Wgl1VBSxNSw="; assertEquals(expectedSignature, signature); @@ -1864,7 +1827,7 @@ public void testBuildRequestSignatureRsaSha256() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildRequestSignature + * @see BaseAuth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha384() throws URISyntaxException, IOException, SettingsException, Error { @@ -1872,7 +1835,7 @@ public void testBuildRequestSignatureRsaSha384() throws URISyntaxException, IOEx String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA384; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildRequestSignature(deflatedEncodedAuthNRequest, relayState, signAlgorithm); String expectedSignature = "rO7eswxuPsk/QPDLaZRHziTx8ndVXMDMfEsJI6ZSQDqVo0ZaHgOJJ8GC8UWcJrGg2qFrsl2mTozMh1Iqi5oBb2GSWTEC/WRAb/qnNi/02yLrLtoop1YfXb7yl0StpXoM0MwWeoPBroEyqdK+qcu2eWSOwrogffepVfcgghtUwo0="; assertEquals(expectedSignature, signature); @@ -1887,7 +1850,7 @@ public void testBuildRequestSignatureRsaSha384() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildRequestSignature + * @see BaseAuth#buildRequestSignature */ @Test public void testBuildRequestSignatureRsaSha512() throws URISyntaxException, IOException, SettingsException, Error { @@ -1895,7 +1858,7 @@ public void testBuildRequestSignatureRsaSha512() throws URISyntaxException, IOEx String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA512; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildRequestSignature(deflatedEncodedAuthNRequest, relayState, signAlgorithm); String expectedSignature = "HbaAEGjXBtgvJA+JkZ74maWV/61SqgDd8gw2FmSziiMXyCV62KDA1BoSn/91/8yNepqpP9JQk+1VKnQxNpL1NgQuy/mWmXc/JseNT0UQ4Uy5Mp1QfMMBDM9hs+cfseCYr3aJJumlpjZ8xS2Oou1e4y5g8ZWfaXHJ86N+IaywcOI="; assertEquals(expectedSignature, signature); @@ -1910,7 +1873,7 @@ public void testBuildRequestSignatureRsaSha512() throws URISyntaxException, IOEx * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildResponseSignature + * @see BaseAuth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha1() throws URISyntaxException, IOException, SettingsException, Error { @@ -1918,7 +1881,7 @@ public void testBuildResponseSignatureRsaSha1() throws URISyntaxException, IOExc String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA1; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildResponseSignature(deflatedEncodedLogoutResponse, relayState, signAlgorithm); String expectedSignature = "aCaiL+HwDdYMbzfEZugqqce87LBodp968USja0j8dsTzOdi6Cwc3emae/974ilUraRG19iggMVVe1XX+Y8PgxQ3iKsAVxyjZnlrArNp1ofSXgDvIqJi0EILOwHFC5Y6XUlsGLrFePmv8GfCxk0fKeVZSscfQTuxSMop6DNJ4lpQ="; assertEquals(expectedSignature, signature); @@ -1936,7 +1899,7 @@ public void testBuildResponseSignatureRsaSha1() throws URISyntaxException, IOExc * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildResponseSignature + * @see BaseAuth#buildResponseSignature */ @Test(expected=IllegalArgumentException.class) public void testBuildResponseSignatureDsaSha1() throws URISyntaxException, IOException, SettingsException, Error { @@ -1944,7 +1907,7 @@ public void testBuildResponseSignatureDsaSha1() throws URISyntaxException, IOExc String relayState = "http://example.com"; String signAlgorithm = Constants.DSA_SHA1; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildResponseSignature(deflatedEncodedLogoutResponse, relayState, signAlgorithm); } @@ -1957,7 +1920,7 @@ public void testBuildResponseSignatureDsaSha1() throws URISyntaxException, IOExc * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildResponseSignature + * @see BaseAuth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha256() throws URISyntaxException, IOException, SettingsException, Error { @@ -1965,7 +1928,7 @@ public void testBuildResponseSignatureRsaSha256() throws URISyntaxException, IOE String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA256; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildResponseSignature(deflatedEncodedLogoutResponse, relayState, signAlgorithm); String expectedSignature = "XcEbaZ6BsmaHwDedzLu/t1lKr3I2Qu4ctIZKqz8OFSPGoZh40gLIPX4RBl71Fv6uFdf9xCyXxI27xoC1CV23xNZsWjK89502xcy3vPQvTWo03r9WA92Gu1+/d1JIpE5xX2xBBjLlOxwdi/aYhTHtzo0PChI2zjL5nkziM/uIv2E="; assertEquals(expectedSignature, signature); @@ -1980,7 +1943,7 @@ public void testBuildResponseSignatureRsaSha256() throws URISyntaxException, IOE * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildResponseSignature + * @see BaseAuth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha384() throws URISyntaxException, IOException, SettingsException, Error { @@ -1988,7 +1951,7 @@ public void testBuildResponseSignatureRsaSha384() throws URISyntaxException, IOE String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA384; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildResponseSignature(deflatedEncodedLogoutResponse, relayState, signAlgorithm); String expectedSignature = "R+maoS+UmFkiPu0kkwqz2WnkPfMA9upqWVwvVhTQvhrmmc3Gcfm77cAyjnDilFYwKx4xfQhO9PTqd0zviPRx8F+9VaiVKrmEloKfQuHGB1IjdtP8S8X9YRk+dXoegZAFvr9lmrcB9qP6xn1QW3NeMLgRCvWSWa82CBtrvT9K5Ko="; assertEquals(expectedSignature, signature); @@ -2003,7 +1966,7 @@ public void testBuildResponseSignatureRsaSha384() throws URISyntaxException, IOE * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildResponseSignature + * @see BaseAuth#buildResponseSignature */ @Test public void testBuildResponseSignatureRsaSha512() throws URISyntaxException, IOException, SettingsException, Error { @@ -2011,7 +1974,7 @@ public void testBuildResponseSignatureRsaSha512() throws URISyntaxException, IOE String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA512; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildResponseSignature(deflatedEncodedLogoutResponse, relayState, signAlgorithm); String expectedSignature = "FUxepHZ0j7YWbZYrbXsgebGg37Ne4d7grp/Jdk8j/vvgbOplyyhgsEUzt5K9+7B3OGM+rN5YFHcz5EbCtBfXugy+RJLa893Ih6oKr0wRoOh3/79EGKmnzR1aUyDguhNUuQW0AG3/Fz+CzrKL9HK6+im6F/6YwOVRT7FzBsZxtXs="; assertEquals(expectedSignature, signature); @@ -2025,7 +1988,7 @@ public void testBuildResponseSignatureRsaSha512() throws URISyntaxException, IOE * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#buildSignature + * @see BaseAuth#buildSignature */ @Test public void testBuildSignature() throws URISyntaxException, IOException, SettingsException, Error { @@ -2034,7 +1997,7 @@ public void testBuildSignature() throws URISyntaxException, IOException, Setting String relayState = "http://example.com"; String signAlgorithm = Constants.RSA_SHA1; - Auth auth = new Auth("config/config.certstring.properties"); + BaseAuth auth = new BaseAuth("config/config.certstring.properties"); String signature = auth.buildResponseSignature(deflatedEncodedAuthNRequest, relayState, signAlgorithm); String expectedSignature = "Cn5jkeZLdsMh4P+ALWfywHe8lADcRPKBYabYuenagBvp1CIYUNsN5T4oP+rtY+8ia09N5Xbi7wCW6hX5ZDihBi/AHznnjRRKdYGXOL9Oe/cNE48bqQRRyTMN27zBEXU9yKysOqTwhDXWDxXXzXafYULr+cTSSXTmllt42o9t/60="; assertEquals(expectedSignature, signature); @@ -2088,15 +2051,15 @@ public void testBuildSignature() throws URISyntaxException, IOException, Setting * @throws SettingsException * @throws Error * - * @see com.onelogin.saml2.Auth#getLastRequestXML + * @see BaseAuth#getLastRequestXML */ @Test public void testGetLastAuthNRequest() throws IOException, SettingsException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String targetSSOURL = auth.login(null, new AuthnRequestParams(false, false, false), true); String authNRequestXML = auth.getLastRequestXML(); assertThat(targetSSOURL, containsString(Util.urlEncoder(Util.deflatedBase64encoded(authNRequestXML)))); @@ -2114,15 +2077,15 @@ public void testGetLastAuthNRequest() throws IOException, SettingsException, Err * @throws XMLEntityException * @throws Error * - * @see com.onelogin.saml2.Auth#getLastRequestXML + * @see BaseAuth#getLastRequestXML */ @Test public void testGetLastLogoutRequestSent() throws IOException, SettingsException, XMLEntityException, Error { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.min.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); String targetSLOURL = auth.logout(null, new LogoutRequestParams(), true); String logoutRequestXML = auth.getLastRequestXML(); assertThat(targetSLOURL, containsString(Util.urlEncoder(Util.deflatedBase64encoded(logoutRequestXML)))); @@ -2137,18 +2100,18 @@ public void testGetLastLogoutRequestSent() throws IOException, SettingsException * * @throws Exception * - * @see com.onelogin.saml2.Auth#getLastRequestXML + * @see BaseAuth#getLastRequestXML */ @Test public void testGetLastLogoutRequestReceived() throws Exception { - HttpServletRequest request = mock(HttpServletRequest.class); - HttpServletResponse response = mock(HttpServletResponse.class); - when(request.getRequestURL()).thenReturn(new StringBuffer("/")); + HttpRequest request = mock(HttpRequest.class); + HttpResponse response = mock(HttpResponse.class); + when(request.getRequestURL()).thenReturn("/"); String samlRequestEncoded = Util.getFileAsString("data/logout_requests/logout_request.xml.base64"); - when(request.getParameterMap()).thenReturn(singletonMap("SAMLRequest", new String[]{samlRequestEncoded})); + when(request.getParameter(eq("SAMLRequest"))).thenReturn(samlRequestEncoded); Saml2Settings settings = new SettingsBuilder().fromFile("config/config.my.properties").build(); - Auth auth = new Auth(settings, request, response); + BaseAuth auth = new BaseAuth(settings, request, response); auth.processSLO(); String logoutRequestXML = auth.getLastRequestXML(); assertThat(logoutRequestXML, containsString(" parameters = new HashMap(); - HttpServletRequest request_1 = mock(HttpServletRequest.class); - HttpServletResponse response_1 = mock(HttpServletResponse.class); - when(request_1.getRequestURI()).thenReturn("/initial.jsp"); - ServletUtils.sendRedirect(response_1, "http://example.com/expectedurl.jsp", parameters); - verify(response_1).sendRedirect("http://example.com/expectedurl.jsp"); - - parameters.put("test", "true"); - HttpServletRequest request_2 = mock(HttpServletRequest.class); - HttpServletResponse response_2 = mock(HttpServletResponse.class); - when(request_2.getRequestURI()).thenReturn("/initial.jsp"); - ServletUtils.sendRedirect(response_2, "http://example.com/expectedurl.jsp", parameters); - verify(response_2).sendRedirect("http://example.com/expectedurl.jsp?test=true"); - - parameters.put("value1", "a"); - HttpServletRequest request_3 = mock(HttpServletRequest.class); - HttpServletResponse response_3 = mock(HttpServletResponse.class); - when(request_3.getRequestURI()).thenReturn("/initial.jsp"); - ServletUtils.sendRedirect(response_3, "http://example.com/expectedurl.jsp", parameters); - verify(response_3).sendRedirect("http://example.com/expectedurl.jsp?test=true&value1=a"); - - parameters.put("novalue", ""); - HttpServletRequest request_4 = mock(HttpServletRequest.class); - HttpServletResponse response_4 = mock(HttpServletResponse.class); - when(request_4.getRequestURI()).thenReturn("/initial.jsp"); - ServletUtils.sendRedirect(response_4, "http://example.com/expectedurl.jsp", parameters); - verify(response_4).sendRedirect("http://example.com/expectedurl.jsp?novalue&test=true&value1=a"); - - Map parameters_2 = new HashMap(); - parameters_2.put("novalue", ""); - HttpServletRequest request_5 = mock(HttpServletRequest.class); - HttpServletResponse response_5 = mock(HttpServletResponse.class); - when(request_5.getRequestURI()).thenReturn("/initial.jsp"); - ServletUtils.sendRedirect(response_5, "http://example.com/expectedurl.jsp", parameters_2); - verify(response_5).sendRedirect("http://example.com/expectedurl.jsp?novalue"); - } - - /** - * Tests the sendRedirect method - * Use Case: Stay and don't execute redirection - * - * @throws IOException - * - * @see ServletUtils#sendRedirect - */ - @Test - public void testSendRedirectStay() throws IOException { - HttpServletResponse response = mock(HttpServletResponse.class); - Map parameters = new HashMap(); - - String url = ServletUtils.sendRedirect(response, "http://example.com/expectedurl.jsp", parameters, true); - assertEquals("http://example.com/expectedurl.jsp", url); - - url = ServletUtils.sendRedirect(response, "http://example.com/expectedurl.jsp?idpid=ffee-aabbb", singletonMap("SAMLRequest", "data"), true); - assertEquals("http://example.com/expectedurl.jsp?idpid=ffee-aabbb&SAMLRequest=data", url); - } - - /** - * Tests the getSelfURLhost method - * - * @see ServletUtils#getSelfURLhost - */ - @Test - public void testGetSelfURLhost() { - HttpServletRequest request_1 = mock(HttpServletRequest.class); - when(request_1.getScheme()).thenReturn("http"); - when(request_1.getServerName()).thenReturn("example.com"); - when(request_1.getServerPort()).thenReturn(80); - assertEquals("http://example.com", ServletUtils.getSelfURLhost(request_1)); - - when(request_1.getServerPort()).thenReturn(81); - assertEquals("http://example.com:81", ServletUtils.getSelfURLhost(request_1)); - - when(request_1.getScheme()).thenReturn("https"); - when(request_1.getServerPort()).thenReturn(443); - assertEquals("https://example.com", ServletUtils.getSelfURLhost(request_1)); - - when(request_1.getServerPort()).thenReturn(444); - assertEquals("https://example.com:444", ServletUtils.getSelfURLhost(request_1)); - } - - /** - * Tests the getSelfHost method - * - * @see ServletUtils#getSelfHost - */ - @Test - public void testGetSelfHost() { - HttpServletRequest request_1 = mock(HttpServletRequest.class); - when(request_1.getServerName()).thenReturn("example.com"); - assertEquals("example.com", ServletUtils.getSelfHost(request_1)); - } - - /** - * Tests the isHTTPS method - * - * @see ServletUtils#isHTTPS - */ - @Test - public void testIsHTTPS() { - HttpServletRequest request_1 = mock(HttpServletRequest.class); - when(request_1.isSecure()).thenReturn(false); - assertEquals(false, ServletUtils.isHTTPS(request_1)); - - when(request_1.isSecure()).thenReturn(true); - assertEquals(true, ServletUtils.isHTTPS(request_1)); - } - - /** - * Tests the getSelfURL method - * - * @see ServletUtils#getSelfURL - */ - @Test - public void testGetSelfURL() { - HttpServletRequest request_1 = mock(HttpServletRequest.class); - when(request_1.getScheme()).thenReturn("http"); - when(request_1.getServerName()).thenReturn("example.com"); - when(request_1.getRequestURI()).thenReturn("/test"); - when(request_1.getQueryString()).thenReturn("novalue&test=true&value1=a"); - assertEquals("http://example.com/test?novalue&test=true&value1=a", ServletUtils.getSelfURL(request_1)); - - when(request_1.getRequestURI()).thenReturn("/"); - assertEquals("http://example.com/?novalue&test=true&value1=a", ServletUtils.getSelfURL(request_1)); - - when(request_1.getRequestURI()).thenReturn(""); - assertEquals("http://example.com?novalue&test=true&value1=a", ServletUtils.getSelfURL(request_1)); - - when(request_1.getRequestURI()).thenReturn(null); - assertEquals("http://example.com?novalue&test=true&value1=a", ServletUtils.getSelfURL(request_1)); - - HttpServletRequest request_2 = mock(HttpServletRequest.class); - when(request_2.getScheme()).thenReturn("http"); - when(request_2.getServerName()).thenReturn("example.com"); - when(request_2.getRequestURI()).thenReturn("/test"); - assertEquals("http://example.com/test", ServletUtils.getSelfURL(request_2)); - - when(request_2.getQueryString()).thenReturn(""); - assertEquals("http://example.com/test", ServletUtils.getSelfURL(request_2)); - - when(request_2.getQueryString()).thenReturn(null); - assertEquals("http://example.com/test", ServletUtils.getSelfURL(request_2)); - } - - /** - * Tests the getSelfURLNoQuery method - * - * @see ServletUtils#getSelfURLNoQuery - */ - @Test - public void testGetSelfURLNoQuery() { - HttpServletRequest request_1 = mock(HttpServletRequest.class); - StringBuffer url = new StringBuffer("http://example.com/test"); - when(request_1.getRequestURL()).thenReturn(url); - assertEquals("http://example.com/test", ServletUtils.getSelfURLNoQuery(request_1)); - } - - /** - * Tests the getSelfRoutedURLNoQuery method - * - * @see ServletUtils#getSelfRoutedURLNoQuery - */ - @Test - public void testGetSelfRoutedURLNoQuery() { - HttpServletRequest request_1 = mock(HttpServletRequest.class); - when(request_1.getScheme()).thenReturn("http"); - when(request_1.getServerName()).thenReturn("example.com"); - when(request_1.getRequestURI()).thenReturn("/test"); - assertEquals("http://example.com/test", ServletUtils.getSelfRoutedURLNoQuery(request_1)); - - when(request_1.getRequestURI()).thenReturn(""); - assertEquals("http://example.com", ServletUtils.getSelfRoutedURLNoQuery(request_1)); - - when(request_1.getRequestURI()).thenReturn(null); - assertEquals("http://example.com", ServletUtils.getSelfRoutedURLNoQuery(request_1)); - } - - @Test - public void testMakeHttpRequest() throws Exception { - final String url = "http://localhost:1234/a/b"; - final Map paramAsArray = singletonMap("name", new String[]{"a"}); - - final HttpServletRequest servletRequest = mock(HttpServletRequest.class); - when(servletRequest.getRequestURL()).thenReturn(new StringBuffer(url)); - when(servletRequest.getParameterMap()).thenReturn(paramAsArray); - - final String barNaiveEncoded = NaiveUrlEncoder.encode("bar"); //must differ from normal url encode - when(servletRequest.getQueryString()).thenReturn("foo=" + barNaiveEncoded); - - final HttpRequest httpRequest = ServletUtils.makeHttpRequest(servletRequest); - assertThat(httpRequest.getRequestURL(), equalTo(url)); - assertThat(httpRequest.getParameters(), equalTo(singletonMap("name", singletonList("a")))); - assertThat(httpRequest.getEncodedParameter("foo"), equalTo(barNaiveEncoded)); - } - - @Test - public void sendRedirectToShouldHandleUrlsWithQueryParams() throws Exception { - // having - final HttpServletResponse response = mock(HttpServletResponse.class); - - // when - ServletUtils.sendRedirect(response, "https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=ffee-aabbb", singletonMap("SAMLRequest", "data")); - - // then - verify(response).sendRedirect("https://sso.connect.pingidentity.com/sso/idp/SSO.saml2?idpid=ffee-aabbb&SAMLRequest=data"); - } -}