Examples of org.picketlink.test.identity.federation.bindings.mock.MockCatalinaRequest

• org.picketlink.test.identity.federation.bindings.mock.MockCatalinaRequest
  Request for catalina container @author Anil.Saldhana@redhat.com @since Oct 20, 2009

        MockCatalinaContext context = new MockCatalinaContext();
        spEmpl.setContainer(context);
        spEmpl.testStart();

        MockCatalinaRequest catalinaRequest = new MockCatalinaRequest();

        MockCatalinaResponse catalinaResponse = new MockCatalinaResponse();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        catalinaResponse.setOutputStream(baos);

        LoginConfig loginConfig = new LoginConfig();
        spEmpl.authenticate(catalinaRequest, catalinaResponse, loginConfig);

        String spResponse = new String(baos.toByteArray());
        Document spHTMLResponse = DocumentUtil.getDocument(spResponse);
        NodeList nodes = spHTMLResponse.getElementsByTagName("INPUT");
        Element inputElement = (Element) nodes.item(0);
        String idpResponse = inputElement.getAttributeNode("VALUE").getValue();
        @SuppressWarnings("unused")
        String relayState = null;
        if (nodes.getLength() > 1)
            relayState = ((Element) nodes.item(1)).getAttributeNode("VALUE").getValue();

        // Lets call the IDPServlet

        MockCatalinaSession session = new MockCatalinaSession();
        servletContext = new MockCatalinaContext();
        session.setServletContext(servletContext);
        IdentityServer server = this.getIdentityServer(session);
        servletContext.setAttribute("IDENTITY_SERVER", server);

        MockCatalinaContextClassLoader mclIDP = setupTCL(profile + "/idp");
        Thread.currentThread().setContextClassLoader(mclIDP);

        MockCatalinaRequest request = new MockCatalinaRequest();
        request.addHeader("Referer", "http://localhost:8080/employee/");

        request.setParameter(GeneralConstants.USERNAME_FIELD, "anil");
        request.setParameter(GeneralConstants.PASS_FIELD, "anil");

        MockCatalinaResponse response = new MockCatalinaResponse();
        baos = new ByteArrayOutputStream();
        response.setOutputStream(baos);

        context = new MockCatalinaContext();
        IDPWebBrowserSSOValve idp = new IDPWebBrowserSSOValve();
        idp.setContainer(context);
        idp.setSignOutgoingMessages(false);
        idp.start();

        String samlAuth = DocumentUtil.getDocumentAsString(saml2Request.convert(art));

        String samlMessage = Base64.encodeBytes(samlAuth.getBytes());

        MockCatalinaRealm realm = new MockCatalinaRealm("anil", "test", new Principal() {
            public String getName() {
                return "anil";
            }
        });

        List<String> roles = new ArrayList<String>();
        roles.add("manager");
        roles.add("employee");

        request = new MockCatalinaRequest();
        request.setRemoteAddr(employee);
        request.setSession(session);
        request.setParameter("SAMLRequest", samlMessage);
        request.setUserPrincipal(new GenericPrincipal(realm, "anil", "test", roles));
        request.setMethod("POST");

        // Lets start the workflow with post
        idp.invoke(request, response);

        String idpResponseString = new String(baos.toByteArray());

        MockCatalinaContext context = new MockCatalinaContext();
        spEmpl.setContainer(context);
        spEmpl.testStart();

        MockCatalinaRequest catalinaRequest = new MockCatalinaRequest();
        catalinaRequest.setSession(session);
        catalinaRequest.setContext(context);
        catalinaRequest.setMethod("POST");

        String idpResponse = PostBindingUtil.base64Encode(new String(readIDPResponse()));

        catalinaRequest.setParameter(GeneralConstants.SAML_RESPONSE_KEY, idpResponse);

        MockCatalinaResponse catalinaResponse = new MockCatalinaResponse();
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        catalinaResponse.setWriter(new PrintWriter(baos));

        testWorkflow("192.168.1.3", "192.168.1.1");
    }

    private void testWorkflow(String userAddress, String idpAddress) throws LifecycleException, IOException, ServletException {
        System.setProperty("picketlink.schema.validate", "true");
        MockCatalinaRequest request = AuthenticatorTestUtils.createRequest(userAddress, false);

        // Sends a initial request to the SP. Requesting a resource ...
        MockCatalinaResponse idpAuthRequest = sendSPRequest(request, false, idpAddress);

        assertNotNull("Redirect String can not be null.", idpAuthRequest.redirectString);

     */
    @Test
    public void testSAML2LogOutFromSP() throws LifecycleException, IOException, ServletException {
        System.setProperty("picketlink.schema.validate", "true");
        // requests a GLO logout to the Employee SP
        MockCatalinaRequest originalEmployeeLogoutRequest = createRequest(employeeHttpSession, true);

        originalEmployeeLogoutRequest.setParameter(GeneralConstants.GLOBAL_LOGOUT, "true");

        MockCatalinaResponse originalEmployeeLogoutResponse = sendSPRequest(originalEmployeeLogoutRequest,
                getEmployeeServiceProvider());

        assertNotNull(originalEmployeeLogoutResponse);

        // sends the LogoutRequest to the IDP
        MockCatalinaRequest idpLogoutRequest = createIDPRequest(true);

        setQueryStringFromResponse(originalEmployeeLogoutResponse, idpLogoutRequest);

        MockCatalinaResponse idpLogoutResponse = sendIDPRequest(idpLogoutRequest);

        // The IDP responds with a LogoutRequest. Send it to the Sales SP with the RelayState pointing to the Employee SP
        MockCatalinaRequest salesLogoutRequest = createRequest(salesHttpSession, true);

        setQueryStringFromResponse(idpLogoutResponse, salesLogoutRequest);

        MockCatalinaResponse salesLogoutResponse = sendSPRequest(salesLogoutRequest, getSalesServiceProvider());

        // At this moment the user is not logged in Sales SP anymore.
        assertTrue(this.salesHttpSession.isInvalidated());

        // sends the StatusResponse to the IDP to continue the logout process.
        MockCatalinaRequest processSalesStatusResponse = createIDPRequest(true);

        setQueryStringFromResponse(salesLogoutResponse, processSalesStatusResponse);

        MockCatalinaResponse salesStatusResponse = sendIDPRequest(processSalesStatusResponse);

        // The IDP responds with a LogoutRequest. Send it to the Employee SP.
        MockCatalinaRequest employeeLogoutRequest = createRequest(employeeHttpSession, true);

        setQueryStringFromResponse(salesStatusResponse, employeeLogoutRequest);

        MockCatalinaResponse employeeLogoutResponse = sendSPRequest(employeeLogoutRequest, getEmployeeServiceProvider());

        // At this moment the user is not logged in Employee SP anymore.
        assertTrue(this.employeeHttpSession.isInvalidated());

        Assert.assertNotNull(employeeLogoutRequest.getForwardPath());
        Assert.assertEquals(employeeLogoutRequest.getForwardPath(), GeneralConstants.LOGOUT_PAGE_NAME);
        assertEquals(0, getIdentityServer(getIDPWebBrowserSSOValve()).stack().getParticipants(getIDPHttpSession().getId()));
        assertEquals(0,
                getIdentityServer(getIDPWebBrowserSSOValve()).stack()
                        .getNumOfParticipantsInTransit(getIDPHttpSession().getId()));

     */
    @Test
    public void testRoleGeneratorConfiguration() {
        logger.info("testRoleGeneratorConfiguration");

        MockCatalinaRequest request = AuthenticatorTestUtils.createRequest(SERVICE_PROVIDER_HOST_ADDRESS, true);
        MockCatalinaResponse response = new MockCatalinaResponse();

        sendAuthenticationRequest(request, response, SERVICE_PROVIDER_URL, true);

        ResponseType responseType = getResponseTypeAndCheckSignature(response, null);

     */
    @Test
    public void testIdentityParticipantStackConfiguration() {
        logger.info("testIdentityParticipantStackConfiguration");

        MockCatalinaRequest request = AuthenticatorTestUtils.createRequest(SERVICE_PROVIDER_HOST_ADDRESS, true);
        MockCatalinaResponse response = new MockCatalinaResponse();

        sendAuthenticationRequest(request, response, SERVICE_PROVIDER_URL, true);

        IdentityParticipantStack testIdentityParticipantStack = TestIdentityParticipantStack.getDelegate();

        assertEquals("Unexpected total created sessions.", 1, testIdentityParticipantStack.totalSessions());

        ResponseType responseType = getResponseTypeAndCheckSignature(response, null);

        assertNotNull(responseType);
        assertEquals(1, responseType.getAssertions().size());
        assertEquals(responseType.getAssertions().get(0).getAssertion().getIssuer().getValue(), IDENTITY_PROVIDER_URL);

        // The response should redirect back to the caller SP
        assertTrue("Expected a redirect to the SP.", response.redirectString.contains(SERVICE_PROVIDER_URL));

        String currentSessionID = request.getSession().getId();

        // asserts if there is a participant for the current session ID
        assertEquals(1, testIdentityParticipantStack.getParticipants(currentSessionID));

        // asserts if the last participant in the stack is the last caller SP

    public void testStrictPostBindingConfiguration() throws ConfigurationException, ParsingException, ProcessingException {
        logger.info("testStrictPostBindingConfiguration");

        ((IDPType) getAuthenticator().getConfiguration().getIdpOrSP()).setStrictPostBinding(true);

        MockCatalinaRequest request = AuthenticatorTestUtils.createRequest(SERVICE_PROVIDER_HOST_ADDRESS, true);
        MockCatalinaResponse response = new MockCatalinaResponse();

        ByteArrayOutputStream bos = new ByteArrayOutputStream();

        response.setOutputStream(bos);

     */
    @Test
    public void testInvalidRequestWithoutSignature() {
        logger.info("testInvalidRequestWithoutSignature");

        MockCatalinaRequest request = AuthenticatorTestUtils.createRequest(SERVICE_PROVIDER_HOST_ADDRESS, true);
        MockCatalinaResponse response = new MockCatalinaResponse();

        sendAuthenticationRequest(request, response, SERVICE_PROVIDER_URL, false);

        ResponseType responseType = getResponseTypeAndCheckSignature(response, null);

        String notTrustedDomain = "123.123.123.123";
        String notTrustedDomainForIssuer = "145.145.145.145";
        String notTrustedServiceProviderURL = SERVICE_PROVIDER_URL.replace(SERVICE_PROVIDER_HOST_ADDRESS, notTrustedDomain);
        String notTrustedIssuerURL = SERVICE_PROVIDER_URL.replace(SERVICE_PROVIDER_HOST_ADDRESS, notTrustedDomainForIssuer);

        MockCatalinaRequest request = AuthenticatorTestUtils.createRequest(notTrustedDomain, true);
        MockCatalinaResponse response = new MockCatalinaResponse();

        // We will use different URL for assertionConsumerServiceURL and for issuerURL to ensure that error response
        // will be redirected to assertionConsumerServiceURL
        sendAuthenticationRequest(request, response, notTrustedIssuerURL, notTrustedServiceProviderURL, true);

    public void testRequestFromUntrustedDOmain() {
        logger.info("testRequestFromUntrustedDOmain");
        String notTrustedDomain = "192.168.1.5";
        String notTrustedServiceProviderURL = SERVICE_PROVIDER_URL.replace(SERVICE_PROVIDER_HOST_ADDRESS, notTrustedDomain);

        MockCatalinaRequest request = AuthenticatorTestUtils.createRequest(notTrustedDomain, true);
        MockCatalinaResponse response = new MockCatalinaResponse();

        sendAuthenticationRequest(request, response, notTrustedServiceProviderURL, true);

        ResponseType responseType = getResponseTypeAndCheckSignature(response, null);