forked from RobotsAndPencils/go-saml
/
xmlsec_test.go
77 lines (59 loc) · 1.9 KB
/
xmlsec_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
package saml
import (
"encoding/xml"
"testing"
"github.com/skimata/go-saml/util"
"github.com/stretchr/testify/assert"
)
func TestRequest(t *testing.T) {
assert := assert.New(t)
cert, err := util.LoadCertificate("./default.crt")
assert.NoError(err)
// Construct an AuthnRequest
authRequest := NewAuthnRequest()
authRequest.Signature.KeyInfo.X509Data.X509Certificate.Cert = cert
b, err := xml.MarshalIndent(authRequest, "", " ")
assert.NoError(err)
xmlAuthnRequest := string(b)
signedXml, err := SignRequest(xmlAuthnRequest, "./default.key")
assert.NoError(err)
assert.NotEmpty(signedXml)
err = VerifyRequestSignature(signedXml, "./default.crt")
assert.NoError(err)
}
func TestResponse(t *testing.T) {
assert := assert.New(t)
cert, err := util.LoadCertificate("./default.crt")
assert.NoError(err)
// Construct an AuthnRequest
response := NewSignedResponse()
response.Signature.KeyInfo.X509Data.X509Certificate.Cert = cert
b, err := xml.MarshalIndent(response, "", " ")
assert.NoError(err)
xmlResponse := string(b)
signedXml, err := SignResponse(xmlResponse, "./default.key")
assert.NoError(err)
assert.NotEmpty(signedXml)
err = VerifyRequestSignature(signedXml, "./default.crt")
assert.NoError(err)
}
func TestResponseSignatureVerificationWithPubKeyPem(t *testing.T) {
assert := assert.New(t)
cert, err := util.LoadCertificate("./default.crt")
assert.NoError(err)
// Construct an AuthnRequest
response := NewSignedResponse()
response.Signature.KeyInfo.X509Data.X509Certificate.Cert = cert
b, err := xml.MarshalIndent(response, "", " ")
assert.NoError(err)
xmlResponse := string(b)
signedXml, err := SignResponse(xmlResponse, "./default.key")
assert.NoError(err)
assert.NotEmpty(signedXml)
sp := ServiceProviderSettings{
IDPPublicCertPath: "./pubkey.pem",
XmlSecVerifyFlag: "--pubkey-pem",
}
err = VerifyResponseSignatureWithSettings(signedXml, &sp)
assert.NoError(err)
}