Search in sources :

Example 16 with SamlSecurity

use of org.codice.ddf.security.jaxrs.impl.SamlSecurity in project ddf by codice.

the class PaosInInterceptorTest method handleMessagePaosResponseBasicBadAcsUrl.

@Test
public void handleMessagePaosResponseBasicBadAcsUrl() throws IOException {
    Message message = new MessageImpl();
    message.setContent(InputStream.class, PaosInInterceptorTest.class.getClassLoader().getResource("ecprequest.xml").openStream());
    message.put(Message.CONTENT_TYPE, "application/vnd.paos+xml");
    Message outMessage = new MessageImpl();
    HashMap<String, List> protocolHeaders = new HashMap<>();
    outMessage.put(Message.PROTOCOL_HEADERS, protocolHeaders);
    outMessage.put(Message.HTTP_REQUEST_METHOD, "GET");
    protocolHeaders.put("Authorization", Collections.singletonList("BASIC dGVzdDp0ZXN0"));
    ExchangeImpl exchange = new ExchangeImpl();
    exchange.setOutMessage(outMessage);
    message.setExchange(exchange);
    PaosInInterceptor paosInInterceptor = new PaosInInterceptor(Phase.RECEIVE, new SamlSecurity()) {

        HttpResponseWrapper getHttpResponse(String responseConsumerURL, String soapResponse, Message message) throws IOException {
            HttpResponseWrapper httpResponseWrapper = new HttpResponseWrapper();
            if (responseConsumerURL.equals("https://sp.example.org/PAOSConsumer")) {
                httpResponseWrapper.statusCode = 200;
                httpResponseWrapper.content = new ByteArrayInputStream("error content".getBytes());
            } else if (responseConsumerURL.equals("https://idp.example.org/saml2/sso")) {
                httpResponseWrapper.statusCode = 200;
                httpResponseWrapper.content = new ByteArrayInputStream(IOUtils.toString(PaosInInterceptorTest.class.getClassLoader().getResource("idpresponse.xml").openStream()).replace("https://sp.example.org/PAOSConsumer", "badurl").getBytes());
            }
            return httpResponseWrapper;
        }
    };
    paosInInterceptor.handleMessage(message);
    assertThat(IOUtils.toString(message.getContent(InputStream.class)), is("error content"));
}
Also used : Message(org.apache.cxf.message.Message) HashMap(java.util.HashMap) ByteArrayInputStream(java.io.ByteArrayInputStream) ImmutableList(com.google.common.collect.ImmutableList) List(java.util.List) SamlSecurity(org.codice.ddf.security.jaxrs.impl.SamlSecurity) MessageImpl(org.apache.cxf.message.MessageImpl) ExchangeImpl(org.apache.cxf.message.ExchangeImpl) Test(org.junit.Test)

Aggregations

SamlSecurity (org.codice.ddf.security.jaxrs.impl.SamlSecurity)16 Test (org.junit.Test)12 ArgumentMatchers.anyString (org.mockito.ArgumentMatchers.anyString)8 Response (javax.ws.rs.core.Response)7 CoreMatchers.containsString (org.hamcrest.CoreMatchers.containsString)7 LogoutResponse (org.opensaml.saml.saml2.core.LogoutResponse)7 ImmutableList (com.google.common.collect.ImmutableList)5 LogoutWrapperImpl (ddf.security.samlp.impl.LogoutWrapperImpl)5 HashMap (java.util.HashMap)5 List (java.util.List)5 Message (org.apache.cxf.message.Message)5 MessageImpl (org.apache.cxf.message.MessageImpl)5 ExchangeImpl (org.apache.cxf.message.ExchangeImpl)4 LogoutWrapper (ddf.security.samlp.LogoutWrapper)3 ByteArrayInputStream (java.io.ByteArrayInputStream)3 URI (java.net.URI)3 SecurityLogger (ddf.security.audit.SecurityLogger)2 SimpleSign (ddf.security.samlp.impl.SimpleSign)2 SystemCrypto (ddf.security.samlp.impl.SystemCrypto)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2