Saml2AuthenticationRequestFilter Tests
To confirm behavior still works as expected after making related changes. Issue gh-8359
This commit is contained in:
Josh Cummings
parent
0ca65f8677
commit
887cb99926
|
|
@ -16,22 +16,29 @@
|
|||
|
||||
package org.springframework.security.saml2.provider.service.servlet.filter;
|
||||
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
import javax.servlet.ServletException;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Test;
|
||||
|
||||
import org.springframework.mock.web.MockFilterChain;
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
import org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory;
|
||||
import org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest;
|
||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration;
|
||||
import org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository;
|
||||
import org.springframework.web.util.HtmlUtils;
|
||||
import org.springframework.web.util.UriUtils;
|
||||
|
||||
import javax.servlet.ServletException;
|
||||
import java.io.IOException;
|
||||
import java.nio.charset.StandardCharsets;
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatCode;
|
||||
import static org.mockito.ArgumentMatchers.any;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
import static org.mockito.Mockito.verifyNoInteractions;
|
||||
import static org.mockito.Mockito.when;
|
||||
import static org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding.POST;
|
||||
import static org.springframework.security.saml2.provider.service.servlet.filter.TestSaml2SigningCredentials.signingCredential;
|
||||
|
|
@ -41,6 +48,7 @@ public class Saml2WebSsoAuthenticationRequestFilterTests {
|
|||
private static final String IDP_SSO_URL = "https://sso-url.example.com/IDP/SSO";
|
||||
private Saml2WebSsoAuthenticationRequestFilter filter;
|
||||
private RelyingPartyRegistrationRepository repository = mock(RelyingPartyRegistrationRepository.class);
|
||||
private Saml2AuthenticationRequestFactory factory = mock(Saml2AuthenticationRequestFactory.class);
|
||||
private MockHttpServletRequest request;
|
||||
private MockHttpServletResponse response;
|
||||
private MockFilterChain filterChain;
|
||||
|
|
@ -147,4 +155,59 @@ public class Saml2WebSsoAuthenticationRequestFilterTests {
|
|||
.contains("value=\""+relayStateEncoded+"\"");
|
||||
}
|
||||
|
||||
@Test
|
||||
public void doFilterWhenSetAuthenticationRequestFactoryThenUses() throws Exception {
|
||||
RelyingPartyRegistration relyingParty = this.rpBuilder
|
||||
.providerDetails(c -> c.binding(POST))
|
||||
.build();
|
||||
Saml2PostAuthenticationRequest authenticationRequest = mock(Saml2PostAuthenticationRequest.class);
|
||||
when(authenticationRequest.getAuthenticationRequestUri()).thenReturn("uri");
|
||||
when(authenticationRequest.getRelayState()).thenReturn("relay");
|
||||
when(authenticationRequest.getSamlRequest()).thenReturn("saml");
|
||||
when(this.repository.findByRegistrationId("registration-id")).thenReturn(relyingParty);
|
||||
when(this.factory.createPostAuthenticationRequest(any()))
|
||||
.thenReturn(authenticationRequest);
|
||||
|
||||
Saml2WebSsoAuthenticationRequestFilter filter = new Saml2WebSsoAuthenticationRequestFilter
|
||||
(this.repository);
|
||||
filter.setAuthenticationRequestFactory(this.factory);
|
||||
filter.doFilterInternal(this.request, this.response, this.filterChain);
|
||||
assertThat(this.response.getContentAsString())
|
||||
.contains("<form action=\"uri\" method=\"post\">")
|
||||
.contains("<input type=\"hidden\" name=\"SAMLRequest\" value=\"saml\"")
|
||||
.contains("<input type=\"hidden\" name=\"RelayState\" value=\"relay\"");
|
||||
verify(this.factory).createPostAuthenticationRequest(any());
|
||||
}
|
||||
|
||||
@Test
|
||||
public void setRequestMatcherWhenNullThenException() {
|
||||
Saml2WebSsoAuthenticationRequestFilter filter = new Saml2WebSsoAuthenticationRequestFilter
|
||||
(this.repository);
|
||||
assertThatCode(() -> filter.setRedirectMatcher(null))
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void setAuthenticationRequestFactoryWhenNullThenException() {
|
||||
Saml2WebSsoAuthenticationRequestFilter filter = new Saml2WebSsoAuthenticationRequestFilter(this.repository);
|
||||
assertThatCode(() -> filter.setAuthenticationRequestFactory(null))
|
||||
.isInstanceOf(IllegalArgumentException.class);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void doFilterWhenRequestMatcherFailsThenSkipsFilter() throws Exception {
|
||||
Saml2WebSsoAuthenticationRequestFilter filter = new Saml2WebSsoAuthenticationRequestFilter
|
||||
(this.repository);
|
||||
filter.setRedirectMatcher(request -> false);
|
||||
filter.doFilter(this.request, this.response, this.filterChain);
|
||||
verifyNoInteractions(this.repository);
|
||||
}
|
||||
|
||||
@Test
|
||||
public void doFilterWhenRelyingPartyRegistrationNotFoundThenUnauthorized() throws Exception {
|
||||
Saml2WebSsoAuthenticationRequestFilter filter = new Saml2WebSsoAuthenticationRequestFilter
|
||||
(this.repository);
|
||||
filter.doFilter(this.request, this.response, this.filterChain);
|
||||
assertThat(this.response.getStatus()).isEqualTo(401);
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue