worteks
/
lemonldap-ng
mirror of https://gitlab.ow2.org/lemonldap-ng/lemonldap-ng
3
0
Fork 0
Code Issues Projects Releases Wiki Activity

Manager API - samlSP unit tests and ajustments for update/patch to keep old values - #2034

Browse Source
merge-requests/133/head
Soisik Froger 6 years ago
parent f107356e5e
commit 4c5948623c
3 changed files with 231 additions and 63 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 19
      lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm
  2. 34
      lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/SamlSp.pm
  3. 241
      lemonldap-ng-manager/t/04-providers-api.t

19
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/OidcRp.pm
Unescape View File

@ -22,6 +22,9 @@ sub getOidcRpByConfKey {
my $oidcRp = $self->_getOidcRpByConfKey($conf, $confKey);
# $self->logger->debug("$oidcRp :: ");
# use Data::Dumper; print STDERR Dumper($oidcRp);
# Return 404 if not found
unless (defined $oidcRp) {
return $self->sendError( $req, "OIDC relying party '$confKey' not found", 404 );
@ -307,17 +310,17 @@ sub _pushOidcRp {
$conf->{oidcRPMetaDataOptions}->{$confKey} = {};
$conf->{oidcRPMetaDataExportedVars}->{$confKey} = {};
$conf->{oidcRPMetaDataOptionsExtraClaims}->{$confKey} = {};
$push->{options} = $self->_setDefaultValues($push->{options}, 'oidcRPMetaDataNode');
}
if (defined $push->{options} || $replace) {
if (defined $push->{options}) {
my $res = $self->_hasAllowedAttributes($push->{options}, 'oidcRPMetaDataNode');
unless ($res->{res} eq 'ok') {
return $res;
}
if ($replace) {
$push->{options} = $self->_setDefaultValues($push->{options}, 'oidcRPMetaDataNode');
foreach (keys %{$push->{options}}) {
$conf->{oidcRPMetaDataOptions}->{$confKey}->{$_} = $push->{options}->{$_};
}
$conf->{oidcRPMetaDataOptions}->{$confKey} = $push->{options};
}
if (defined $push->{clientId}) {
@ -326,7 +329,9 @@ sub _pushOidcRp {
if (defined $push->{exportedVars}) {
if ($self->_isSimpleKeyValueHash($push->{exportedVars})) {
$conf->{oidcRPMetaDataExportedVars}->{$confKey} = $push->{exportedVars};
foreach (keys %{$push->{exportedVars}}) {
$conf->{oidcRPMetaDataExportedVars}->{$confKey}->{$_} = $push->{exportedVars}->{$_};
}
} else {
return { res => 'ko', msg => "Invalid input: exportedVars is not a hash object with \"key\":\"value\" attributes" };
}
@ -334,7 +339,9 @@ sub _pushOidcRp {
if (defined $push->{extraClaim}) {
if ($self->_isSimpleKeyValueHash($push->{extraClaim})) {
$conf->{oidcRPMetaDataOptionsExtraClaims}->{$confKey} = $push->{extraClaim};
foreach (keys %{$push->{extraClaim}}) {
$conf->{oidcRPMetaDataOptionsExtraClaims}->{$confKey}->{$_} = $push->{extraClaim}->{$_};
}
} else {
return { res => 'ko', msg => "Invalid input: extraClaim is not a hash object with \"key\":\"value\" attributes" };
}

34
lemonldap-ng-manager/lib/Lemonldap/NG/Manager/Api/Providers/SamlSp.pm
Unescape View File

@ -22,6 +22,9 @@ sub getSamlSpByConfKey {
my $samlSp = $self->_getSamlSpByConfKey($conf, $confKey);
# $self->logger->debug("$oidcRp :: ");
# use Data::Dumper; print STDERR Dumper($oidcRp);
# Check if confKey is defined
unless (defined $samlSp) {
return $self->sendError( $req, "SAML service Provider '$confKey' not found", 404 );
@ -284,7 +287,7 @@ sub _getSamlSpByConfKey {
$mandatory = !!$mandatory ? 'true' : 'false';
my $samlSp->{exportedAttributes}->{$_} = {
$samlSp->{exportedAttributes}->{$_} = {
name => $name,
mandatory => $mandatory
};
@ -298,7 +301,6 @@ sub _getSamlSpByConfKey {
}
}
return $samlSp;
}
@ -326,38 +328,42 @@ sub _readSamlSpEntityId {
return undef;
}
sub _readSamlSpExportedAttributes {
my ( $self, $attrs ) = @_;
my ( $self, $attrs, $mergeWith ) = @_;
my $allowedFormats = [
"urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified",
"urn:oasis:names:tc:SAML:2.0:attrname-format:uri",
"urn:oasis:names:tc:SAML:2.0:attrname-format:basic"
];
my $exportedAttributes;
foreach (keys %{$attrs}) {
unless (defined $attrs->{$_}->{name}) {
return { res => "ko", msg => "Exported attribute $_ has no name"};
}
my $mandatory = 0;
my $name = $attrs->{$_}->{name};
my $format = '';
my $friendlyName = '';
if (defined $mergeWith->{$_}) {
( $mandatory, $name, $format, $friendlyName ) = split( /;/, $mergeWith->{$_} );
}
if (defined $attrs->{$_}->{mandatory}) {
if ( $attrs->{$_}->{mandatory} eq '1' or $attrs->{$_}->{mandatory} eq 'true' ) {
$mandatory = 1;
} else {
$mandatory = 0;
}
}
my $format = '';
if (defined $attrs->{$_}->{format}) {
$format = $attrs->{$_}->{format};
unless (length(grep {/^$format$/} @{$allowedFormats})) {
return { res => "ko", msg => "Exported attribute $_ format does not exist."};
}
}
my $friendlyName = '';
if (defined $attrs->{$_}->{friendlyName}) {
$friendlyName = $attrs->{$_}->{friendlyName};
}
$exportedAttributes->{$_} = "$mandatory;$attrs->{$_}->{name};$format;$friendlyName";
$mergeWith->{$_} = "$mandatory;$name;$format;$friendlyName";
}
return { res => "ok", exportedAttributes => $exportedAttributes };
return { res => "ok", exportedAttributes => $mergeWith };
}
sub _pushSamlSp {
@ -367,6 +373,7 @@ sub _pushSamlSp {
$conf->{samlSPMetaDataXML}->{$confKey} = {};
$conf->{samlSPMetaDataOptions}->{$confKey} = {};
$conf->{samlSPMetaDataExportedAttributes}->{$confKey} = {};
$push->{options} = $self->_setDefaultValues($push->{options}, 'samlSPMetaDataNode');
}
$conf->{samlSPMetaDataXML}->{$confKey}->{samlSPMetaDataXML} = $push->{metadata};
@ -376,14 +383,13 @@ sub _pushSamlSp {
unless ($res->{res} eq 'ok') {
return $res;
}
$conf->{samlSPMetaDataOptions}->{$confKey} = $push->{options};
}
if ($replace) {
$push->{options} = $self->_setDefaultValues($push->{options}, 'samlSPMetaDataNode');
foreach (keys %{$push->{options}}) {
$conf->{samlSPMetaDataOptions}->{$confKey}->{$_} = $push->{options}->{$_};
}
}
if (defined $push->{exportedAttributes}) {
my $res = $self->_readSamlSpExportedAttributes($push->{exportedAttributes});
my $res = $self->_readSamlSpExportedAttributes($push->{exportedAttributes}, $conf->{samlSPMetaDataExportedAttributes}->{$confKey});
unless ($res->{res} eq 'ok') {
return $res;
}

241
lemonldap-ng-manager/t/04-providers-api.t
Unescape View File

@ -18,7 +18,7 @@ sub check200 {
}
sub check404 {
my ( $test, $res ) = splice @_;
diag Dumper($res);
#diag Dumper($res);
ok( $res->[0] == 404, "$test: Result code is 404" );
count(1);
checkJson($test, $res);
@ -79,13 +79,17 @@ sub get {
}
sub checkGet {
my ( $test, $type, $confKey, $attribute, $expectedValue) = splice @_;
my ( $test, $type, $confKey, $attrPath, $expectedValue) = splice @_;
my $res = get($test, $type, $confKey);
my $key = from_json($res->[2]->[0]);
check200($test, $res);
my @path = split '/', $attrPath;
my $key = from_json($res->[2]->[0]);
for (@path) {
$key = $key->{$_};
}
ok (
$key->{options}->{$attribute} eq $expectedValue,
"$test: check if $attribute eq $expectedValue"
$key eq $expectedValue,
"$test: check if $attrPath value \"$key\" matches expected value \"$expectedValue\""
);
count(1);
}
@ -176,24 +180,23 @@ sub findByConfKey {
}
sub checkFindByConfKey {
my ( $test, $type, $confKey, $expectedHits, $attribute, $expectedValues) = splice @_;
my ( $test, $type, $confKey, $expectedHits) = splice @_;
my $res = findByConfKey($test, $type, $confKey);
check200($test, $res);
my $hits = from_json($res->[2]->[0]);
my $hit;
my $counter = 0;
foreach $hit (@{$hits}) {
my $expected = grep {/^$hit->{options}->{$attribute}$/} @{$expectedValues};
$counter++;
ok (
$expected,
"$test: check if $attribute value \"$hit->{options}->{$attribute}\" matches one of expectedValues: " . $_json->encode($expectedValues)
$hit->{confKey} =~ $confKey,
"$test: check if confKey value \"$hit->{confKey}\" matches pattern \"$confKey\""
);
count(1);
}
ok (
$counter eq $expectedHits,
"$test: check if returned nb of hits ($counter) matches $expectedHits"
"$test: check if nb of hits returned ($counter) matches expectation ($expectedHits)"
);
count(1);
}
@ -214,9 +217,15 @@ sub checkFindByProviderId {
my $res = findByProviderId($test, $type, $providerIdName, $providerId);
check200($test, $res);
my $result = from_json($res->[2]->[0]);
my $gotProviderId;
if ($providerIdName eq 'entityId') {
( $gotProviderId ) = $result->{metadata} =~ m/entityID=['"](.+?)['"]/i;
} else {
$gotProviderId = $result->{$providerIdName};
}
ok(
$result->{$providerIdName} eq $providerId,
"$test: Check $providerIdName value returned \"$result->{$providerIdName}\" matched expected value \"$providerId\""
$gotProviderId eq $providerId,
"$test: Check $providerIdName value returned \"$gotProviderId\" matched expected value \"$providerId\""
);
count(1);
}
@ -240,7 +249,7 @@ sub deleteProvider {
$res = &client->_del(
"/v1/providers/$type/$confKey", '', '', 'application/json', 0
),
"Request succeed"
"$test: Request succeed"
);
count(1);
return $res;
@ -275,91 +284,237 @@ my $oidcRp = {
}
};
$test = "Add should succeed";
$test = "OidcRp - Add should succeed";
checkAdd($test, 'oidc/rp', $oidcRp);
checkGet($test, 'oidc/rp', 'myOidcRp1', 'oidcRPMetaDataOptionsIcon', 'web.png');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'oidcRPMetaDataOptionsClientSecret', 'secret');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'options/oidcRPMetaDataOptionsIcon', 'web.png');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'options/oidcRPMetaDataOptionsClientSecret', 'secret');
$test = "Check attribute default value was set after add";
checkGet($test, 'oidc/rp', 'myOidcRp1', 'oidcRPMetaDataOptionsIDTokenSignAlg', 'HS512');
$test = "OidcRp - Check attribute default value was set after add";
checkGet($test, 'oidc/rp', 'myOidcRp1', 'options/oidcRPMetaDataOptionsIDTokenSignAlg', 'HS512');
$test = "Add Should fail on duplicate confKey";
$test = "OidcRp - Add Should fail on duplicate confKey";
checkAddFailsIfExists($test, 'oidc/rp', $oidcRp);
$test = "Update should succeed";
$test = "OidcRp - Update should succeed and keep existing values";
$oidcRp->{options}->{oidcRPMetaDataOptionsClientSecret} = 'secret2';
$oidcRp->{options}->{oidcRPMetaDataOptionsIDTokenSignAlg} = 'RS512';
delete $oidcRp->{options}->{oidcRPMetaDataOptionsIcon};
delete $oidcRp->{extraClaim};
delete $oidcRp->{exportedVars};
$oidcRp->{exportedVars}->{cn} = 'cn';
checkUpdate($test, 'oidc/rp', 'myOidcRp1', $oidcRp);
checkGet($test, 'oidc/rp', 'myOidcRp1', 'oidcRPMetaDataOptionsClientSecret', 'secret2');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'oidcRPMetaDataOptionsIDTokenSignAlg', 'RS512');
$test = "Update should fail on non existing options";
checkGet($test, 'oidc/rp', 'myOidcRp1', 'options/oidcRPMetaDataOptionsClientSecret', 'secret2');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'options/oidcRPMetaDataOptionsIDTokenSignAlg', 'RS512');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'options/oidcRPMetaDataOptionsIcon', 'web.png');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'exportedVars/cn', 'cn');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'exportedVars/family_name', 'sn');
checkGet($test, 'oidc/rp', 'myOidcRp1', 'extraClaim/phone', 'telephoneNumber');
$test = "OidcRp - Update should fail on non existing options";
$oidcRp->{options}->{playingPossum} = 'elephant';
checkUpdateWithUnknownAttributes($test, 'oidc/rp', 'myOidcRp1', $oidcRp);
delete $oidcRp->{options}->{playingPossum};
$test = "Add Should fail on duplicate clientId";
$test = "OidcRp - Add Should fail on duplicate clientId";
$oidcRp->{confKey} = 'myOidcRp2';
checkAddFailsIfExists($test, 'oidc/rp', $oidcRp);
$test = "Add Should fail on non existing options";
$test = "OidcRp - Add Should fail on non existing options";
$oidcRp->{confKey} = 'myOidcRp2';
$oidcRp->{clientId} = 'myOidcClient2';
$oidcRp->{options}->{playingPossum} = 'ElephantInTheRoom';
checkAddWithUnknownAttributes($test, 'oidc/rp', $oidcRp);
delete $oidcRp->{options}->{playingPossum};
$test = "2nd add should succeed";
$test = "OidcRp - 2nd add should succeed";
checkAdd($test, 'oidc/rp', $oidcRp);
$test = "Update should fail if client id exists";
$test = "OidcRp - Update should fail if client id exists";
$oidcRp->{clientId} = 'myOidcClient1';
checkUpdateFailsIfExists($test, 'oidc/rp', 'myOidcRp2', $oidcRp);
$test = "Update should fail if confKey not found";
$test = "OidcRp - Update should fail if confKey not found";
$oidcRp->{confKey} = 'myOidcRp3';
checkUpdateNotFound($test, 'oidc/rp', 'myOidcRp3', $oidcRp);
$test = "Replace should succeed";
$test = "OidcRp - Replace should succeed";
$oidcRp->{confKey} = 'myOidcRp2';
$oidcRp->{clientId} = 'myOidcClient2';
delete $oidcRp->{options}->{oidcRPMetaDataOptionsIcon};
delete $oidcRp->{options}->{oidcRPMetaDataOptionsIDTokenSignAlg};
checkReplace($test, 'oidc/rp', 'myOidcRp2', $oidcRp);
$test = "Check attribute default value was set after replace";
checkGet($test, 'oidc/rp', 'myOidcRp2', 'oidcRPMetaDataOptionsIDTokenSignAlg', 'HS512');
$test = "OidcRp - Check attribute default value was set after replace";
checkGet($test, 'oidc/rp', 'myOidcRp2', 'options/oidcRPMetaDataOptionsIDTokenSignAlg', 'HS512');
$test = "Replace should fail on non existing options";
$test = "OidcRp - Replace should fail on non existing options";
$oidcRp->{options}->{playingPossum} = 'elephant';
checkReplaceWithUnknownAttribute($test, 'oidc/rp', 'myOidcRp2', $oidcRp);
delete $oidcRp->{options}->{playingPossum};
$test = "Replace should fail if confKey not found";
$test = "OidcRp - Replace should fail if confKey not found";
$oidcRp->{confKey} = 'myOidcRp3';
checkReplaceNotFound($test, 'oidc/rp', 'myOidcRp3', $oidcRp);
$test = "FindByConfKey should find 2 hits";
checkFindByConfKey($test, 'oidc/rp', '^myOidcRp.$', 2, 'oidcRPMetaDataOptionsClientID', ['myOidcClient1','myOidcClient2']);
$test = "OidcRp - FindByConfKey should find 2 hits";
checkFindByConfKey($test, 'oidc/rp', '^myOidcRp.$', 2);
$test = "FindByConfKey should find 1 hit";
checkFindByConfKey($test, 'oidc/rp', 'myOidcRp1', 1, 'oidcRPMetaDataOptionsClientID', ['myOidcClient1']);
$test = "OidcRp - FindByConfKey should find 1 hit";
checkFindByConfKey($test, 'oidc/rp', 'myOidcRp1', 1);
$test = "FindByConfKey should find 0 hits";
$test = "OidcRp - FindByConfKey should find 0 hits";
checkFindByConfKey($test, 'oidc/rp', 'myOidcRp3', 0);
$test = "FindByClientId should find one entry";
$test = "OidcRp - FindByClientId should find one entry";
checkFindByProviderId($test, 'oidc/rp', 'clientId', 'myOidcClient1');
$test = "FindByClientId should find nothing";
$test = "OidcRp - FindByClientId should find nothing";
checkFindByProviderIdNotFound($test, 'oidc/rp', 'clientId', 'myOidcClient3');
$test = "Clean up";
$test = "OidcRp - Clean up";
checkDelete($test, 'oidc/rp', 'myOidcRp1');
checkDelete($test, 'oidc/rp', 'myOidcRp2');
$test = "Entity should not be found after clean up";
$test = "OidcRp - Entity should not be found after clean up";
checkDeleteNotFound($test, 'oidc/rp', 'myOidcRp1');
my $metadata1 = "<?xml version=\"1.0\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" validUntil=\"2019-09-25T16:44:38Z\" cacheDuration=\"PT604800S\" entityID=\"https://myapp.domain.com/saml/metadata\"><md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://myapp.domain.com/saml/sls\" /><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://myapp.domain.com/saml/acs\" index=\"1\" /></md:SPSSODescriptor></md:EntityDescriptor>";
my $metadata2 = "<?xml version=\"1.0\"?><md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\" validUntil=\"2019-09-25T16:44:38Z\" cacheDuration=\"PT604800S\" entityID=\"https://myapp2.domain.com/saml/metadata\"><md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"><md:SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\" Location=\"https://myapp2.domain.com/saml/sls\" /><md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat><md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\" Location=\"https://myapp2.domain.com/saml/acs\" index=\"1\" /></md:SPSSODescriptor></md:EntityDescriptor>";
my $samlSp = {
confKey => 'mySamlSp1',
metadata => $metadata1,
exportedAttributes => {
family_name => {
format => "urn:oasis:names:tc:SAML:2.0:attrname-format:basic",
friendlyName => "surname",
mandatory => "false",
name => "sn"
},
cn => {
friendlyName => "commonname",
mandatory => "true",
name => "uid"
},
uid => {
mandatory => "true",
name => "uid"
},
phone => {
mandatory => "false",
format => "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified",
name => "telephoneNumber"
},
function => {
name => "title",
mandatory => "false",
format => "urn:oasis:names:tc:SAML:2.0:attrname-format:uri"
},
given_name => {
mandatory => "false",
name => "givenName"
}
},
options => {
samlSPMetaDataOptionsCheckSLOMessageSignature => 0,
samlSPMetaDataOptionsEncryptionMode => "assertion",
samlSPMetaDataOptionsSessionNotOnOrAfterTimeout => 36000
}
};
$test = "SamlSp - Add should succeed";
checkAdd($test, 'saml/sp', $samlSp);
checkGet($test, 'saml/sp', 'mySamlSp1', 'options/samlSPMetaDataOptionsEncryptionMode', 'assertion');
checkGet($test, 'saml/sp', 'mySamlSp1', 'options/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout', 36000);
$test = "SamlSp - Check attribute default value was set after add";
checkGet($test, 'saml/sp', 'mySamlSp1', 'options/samlSPMetaDataOptionsNotOnOrAfterTimeout', 72000);
$test = "SamlSp - Add Should fail on duplicate confKey";
checkAddFailsIfExists($test, 'saml/sp', $samlSp);
$test = "SamlSp - Update should succeed and keep existing values";
$samlSp->{options}->{samlSPMetaDataOptionsCheckSLOMessageSignature} = 1;
$samlSp->{options}->{samlSPMetaDataOptionsEncryptionMode} = 'nameid';
delete $samlSp->{options}->{samlSPMetaDataOptionsSessionNotOnOrAfterTimeout};
delete $samlSp->{exportedAttributes};
$samlSp->{exportedAttributes}->{cn}->{name} = "cn",
$samlSp->{exportedAttributes}->{cn}->{friendlyName} = "common_name",
$samlSp->{exportedAttributes}->{cn}->{mandatory} = "false",
checkUpdate($test, 'saml/sp', 'mySamlSp1', $samlSp);
checkGet($test, 'saml/sp', 'mySamlSp1', 'options/samlSPMetaDataOptionsCheckSLOMessageSignature', 1);
checkGet($test, 'saml/sp', 'mySamlSp1', 'options/samlSPMetaDataOptionsSessionNotOnOrAfterTimeout', 36000);
checkGet($test, 'saml/sp', 'mySamlSp1', 'exportedAttributes/cn/friendlyName', 'common_name');
checkGet($test, 'saml/sp', 'mySamlSp1', 'exportedAttributes/cn/mandatory', 'false');
checkGet($test, 'saml/sp', 'mySamlSp1', 'exportedAttributes/cn/mandatory', 'false');
checkGet($test, 'saml/sp', 'mySamlSp1', 'exportedAttributes/cn/name', 'uid');
checkGet($test, 'saml/sp', 'mySamlSp1', 'exportedAttributes/given_name/name', 'givenName');
$test = "SamlSp - Update should fail on non existing options";
$samlSp->{options}->{playingPossum} = 'elephant';
checkUpdateWithUnknownAttributes($test, 'saml/sp', 'mySamlSp1', $samlSp);
delete $samlSp->{options}->{playingPossum};
$test = "SamlSp - Add Should fail on duplicate entityId";
$samlSp->{confKey} = 'mySamlSp2';
checkAddFailsIfExists($test, 'saml/sp', $samlSp);
$test = "SamlSp - Add Should fail on non existing options";
$samlSp->{confKey} = 'mySamlSp2';
$samlSp->{metadata} = $metadata2;
$samlSp->{options}->{playingPossum} = 'ElephantInTheRoom';
checkAddWithUnknownAttributes($test, 'saml/sp', $samlSp);
delete $samlSp->{options}->{playingPossum};
$test = "SamlSp - 2nd add should succeed";
checkAdd($test, 'saml/sp', $samlSp);
$test = "SamlSp - Update should fail if client id exists";
$samlSp->{metadata} = $metadata1;
checkUpdateFailsIfExists($test, 'saml/sp', 'mySamlSp2', $samlSp);
$test = "SamlSp - Update should fail if confKey not found";
$samlSp->{confKey} = 'mySamlSp3';
checkUpdateNotFound($test, 'saml/sp', 'mySamlSp3', $samlSp);
$test = "SamlSp - Replace should succeed";
$samlSp->{confKey} = 'mySamlSp2';
$samlSp->{metadata} = $metadata2;
delete $samlSp->{options}->{samlSPMetaDataOptionsEncryptionMode};
checkReplace($test, 'saml/sp', 'mySamlSp2', $samlSp);
$test = "SamlSp - Check attribute default value was set after replace";
checkGet($test, 'saml/sp', 'mySamlSp2', 'options/samlSPMetaDataOptionsEncryptionMode', 'none');
$test = "SamlSp - Replace should fail on non existing options";
$samlSp->{options}->{playingPossum} = 'elephant';
checkReplaceWithUnknownAttribute($test, 'saml/sp', 'mySamlSp2', $samlSp);
delete $samlSp->{options}->{playingPossum};
$test = "SamlSp - Replace should fail if confKey not found";
$samlSp->{confKey} = 'mySamlSp3';
checkReplaceNotFound($test, 'saml/sp', 'mySamlSp3', $samlSp);
$test = "SamlSp - FindByConfKey should find 2 hits";
checkFindByConfKey($test, 'saml/sp', '^mySamlSp.$', 2);
$test = "SamlSp - FindByConfKey should find 1 hit";
checkFindByConfKey($test, 'saml/sp', 'mySamlSp1', 1);
$test = "SamlSp - FindByConfKey should find 0 hits";
checkFindByConfKey($test, 'saml/sp', 'mySamlSp3', 0);
$test = "SamlSp - FindByEntityId should find one entry";
checkFindByProviderId($test, 'saml/sp', 'entityId', 'https://myapp.domain.com/saml/metadata');
$test = "SamlSp - FindByEntityId should find nothing";
checkFindByProviderIdNotFound($test, 'saml/sp', 'entityId', 'https://myapp3.domain.com/saml/metadata');
$test = "SamlSp - Clean up";
checkDelete($test, 'saml/sp', 'mySamlSp1');
checkDelete($test, 'saml/sp', 'mySamlSp2');
$test = "SamlSp - Entity should not be found after clean up";
checkDeleteNotFound($test, 'saml/sp', 'mySamlSp1');
# Clean up generated conf files, except for "lmConf-1.json"
unlink grep { $_ ne "t/conf/lmConf-1.json" } glob "t/conf/lmConf-*.json";

Write Preview
Loading…
Cancel
Save