func (s *ServiceProviderSettings) Init() (err error) { if s.hasInit { return nil } s.hasInit = true s.publicCert, err = util.LoadCertificate(s.PublicCertPath) if err != nil { return err } s.privateKey, err = util.LoadCertificate(s.PrivateKeyPath) if err != nil { return err } s.iDPPublicCert, err = util.LoadCertificate(s.IDPPublicCertPath) if err != nil { return err } return nil }
func TestValidateSamlResponse(t *testing.T) { assert := assert.New(t) publicCertificatePath := "./default.crt" privateKeyPath := "./default.key" idpPublicCertificatePath := "./default.crt" b, err := ioutil.ReadFile(publicCertificatePath) assert.NoError(err) publicCertificate := string(b) publicCert, err := util.LoadCertificate(publicCertificatePath) assert.NoError(err) b, err = ioutil.ReadFile(privateKeyPath) assert.NoError(err) privateKey := string(b) b, err = ioutil.ReadFile(idpPublicCertificatePath) assert.NoError(err) idpPublicCertificate := string(b) idpSsoUrl := "http://www.onelogin.net" idpSsoDescriptorUrl := "http://www.onelogin.net" assertionConsumerServiceUrl := "http://*****:*****@domain") authnResponse.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.InResponseTo = "foo" authnResponse.InResponseTo = "bar" authnResponse.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.Recipient = issuer authnResponse.Destination = assertionConsumerServiceUrl // signed XML string signed, err := authnResponse.EncodedSignedString(privateKeyPath) assert.NoError(err) assert.NotEmpty(signed) response, err := ParseEncodedResponse(signed) assert.NoError(err) assert.NotEmpty(response) err = ValidateSamlResponse(response, publicCertificate, privateKey, idpSsoUrl, idpSsoDescriptorUrl, idpPublicCertificate, assertionConsumerServiceUrl) assert.NoError(err) }
func TestResponse(t *testing.T) { assert := assert.New(t) cert, err := util.LoadCertificate("./default.crt") assert.NoError(err) // Construct an AuthnRequest response := NewSignedResponse() response.Signature.KeyInfo.X509Data.X509Certificate.Cert = cert b, err := xml.MarshalIndent(response, "", " ") assert.NoError(err) xmlResponse := string(b) signedXml, err := SignResponse(xmlResponse, "./default.key") assert.NoError(err) assert.NotEmpty(signedXml) err = VerifyRequestSignature(signedXml, "./default.crt") assert.NoError(err) }