This repository has been archived by the owner on Jul 15, 2019. It is now read-only.
/
saml_test.go
70 lines (64 loc) · 1.6 KB
/
saml_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
package keyserver
import (
"crypto/x509"
"encoding/pem"
"io/ioutil"
"os/exec"
"strings"
"testing"
)
func TestSAMLRequest(t *testing.T) {
ks := Keyserver{}
_, err := ks.SAMLRequest()
if err == nil {
t.Fatal("expected SAMLRequest() to fail, but succeeded")
}
domains := make(map[string]struct{})
for _, d := range []string{"foomail.com", "barmail.com"} {
domains[d] = struct{}{}
}
ks = Keyserver{samlProofAllowedDomains: domains}
_, err = ks.SAMLRequest()
if err == nil {
t.Fatal("expected SAMLRequest() to fail, but succeeded")
}
k, err := ioutil.ReadFile("saml/test.key")
if err != nil {
t.Errorf(err.Error())
return
}
kd, _ := pem.Decode(k)
privateKey, err := x509.ParsePKCS1PrivateKey(kd.Bytes)
if err != nil {
t.Errorf(err.Error())
return
}
certPem, err := ioutil.ReadFile("saml/test.crt")
if err != nil {
t.Errorf(err.Error())
return
}
certBlock, _ := pem.Decode(certPem)
if certBlock == nil {
t.Errorf("failed to PEM decode cert")
return
}
cert, err := x509.ParseCertificate(certBlock.Bytes)
if err != nil {
t.Errorf(err.Error())
return
}
_, err = exec.LookPath("xmlsec1")
if err != nil {
t.Skip("skipping subsequent test since xmlsec1 is missing")
}
ks = Keyserver{samlProofAllowedDomains: domains, samlProofIDPCert: cert, samlProofSPKey: privateKey, samlProofConsumerServiceURL: "https://ks.alice.wonderland", samlProofIDPSSOURL: "https://idp.bob"}
req, err := ks.SAMLRequest()
if err != nil {
t.Fatal(err)
}
p := "https://idp.bob?SAMLRequest="
if !strings.HasPrefix(req, p) {
t.Errorf("got request url %q, expected it to begin with %q", req, p)
}
}