Package org.opensaml.saml.security.impl

Class MetadataCredentialResolverTest

java.lang.Object

org.opensaml.core.testing.OpenSAMLInitBaseTestCase

org.opensaml.core.testing.XMLObjectBaseTestCase

org.opensaml.saml.security.impl.MetadataCredentialResolverTest

public class MetadataCredentialResolverTest
extends XMLObjectBaseTestCase

Testing the metadata credential resolver.

Field Summary

Fields

Modifier and Type	Field	Description
private CriteriaSet	criteriaSet
private EntityIdCriterion	entityIdCriteria
private X509Certificate	idpDSACert
private String	idpDSACertBase64
private String	idpEntityID
private QName	idpRole
private X509Certificate	idpRSACert
private String	idpRSACertBase64
private RSAPublicKey	idpRSAPubKey
private String	idpRSAPubKeyBase64
private String	idpRSAPubKeyName
private String	keyAuthorityCertBase64
private MetadataCredentialResolver	mdCredResolver
private String	mdFileName
private String	protocolBar
private String	protocolFoo
private EntityRoleCriterion	roleCriteria
private PredicateRoleDescriptorResolver	roleResolver

Fields inherited from class org.opensaml.core.testing.XMLObjectBaseTestCase

builderFactory, marshallerFactory, parserPool, simpleXMLObjectQName, unmarshallerFactory

Constructor Summary

Constructors

Constructor	Description
MetadataCredentialResolverTest()

Method Summary

Modifier and Type	Method	Description
private void	checkContextAndID(Credential credential, String entityID, QName role, boolean checkEntitiesDesc)	Check expected entity ID and also that expected data is available from the metadata context.
protected void	setUp()
void	testCaching()	Test caching behavior across 2 resolutions.
void	testDirectResolutionFromRoleDescriptor()	Test resolving directly from a RoleDescriptor input.
void	testMissingKeyInfoCredentialResolver()	Test fails correctly when required KeyInfo credential resolver is not configured
void	testMissingRequiredInputs()	Test fails correctly when required inputs are missing.
void	testMissingRequiredRoleDescriptorResolver()	Test that fails when entityID+role name are supplied, but no role descriptor resolver was configured.
void	testNoProtocolNoUsage()	Test protocol null, and no usage.
void	testNoProtocolUsageEncryption()	Test protocol null, and usage = encryption.
void	testNoProtocolUsageSigning()	Test protocol null, and usage = signing.
void	testProtocolBARNoUsage()	Test 1 protocol (BAR), and no usage.
void	testProtocolBARUsageEncryption()	Test 1 protocol (BAR), and usage = encryption.
void	testProtocolBARUsageSigning()	Test 1 protocol (BAR), and usage = signing.
void	testProtocolFOONoUsage()	Test 1 protocol (FOO), and no usage .
void	testProtocolFOOUsageEncryption()	Test 1 protocol (FOO), and usage encryption.
void	testProtocolFOOUsageSigning()	Test 1 protocol (FOO), and usage = signing.

Methods inherited from class org.opensaml.core.testing.XMLObjectBaseTestCase

assertXMLEquals, assertXMLEquals, buildXMLObject, getBuilder, getMarshaller, getMarshaller, getUnmarshaller, getUnmarshaller, getUnmarshaller, initXMLObjectSupport, parseXMLDocument, printXML, printXML, unmarshallElement, unmarshallElement

Methods inherited from class org.opensaml.core.testing.OpenSAMLInitBaseTestCase

initOpenSAML

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

idpRSAPubKeyName

private String idpRSAPubKeyName

idpRSAPubKey

private RSAPublicKey idpRSAPubKey

idpRSAPubKeyBase64

private String idpRSAPubKeyBase64

idpDSACert

private X509Certificate idpDSACert

idpDSACertBase64

private String idpDSACertBase64

idpRSACert

private X509Certificate idpRSACert

idpRSACertBase64

private String idpRSACertBase64

keyAuthorityCertBase64

private String keyAuthorityCertBase64

protocolFoo

private String protocolFoo

protocolBar

private String protocolBar

idpRole

private QName idpRole

idpEntityID

private String idpEntityID

mdFileName

private String mdFileName

roleResolver

private PredicateRoleDescriptorResolver roleResolver

mdCredResolver

private MetadataCredentialResolver mdCredResolver

entityIdCriteria

private EntityIdCriterion entityIdCriteria

roleCriteria

private EntityRoleCriterion roleCriteria

criteriaSet

private CriteriaSet criteriaSet

Constructor Detail

MetadataCredentialResolverTest

public MetadataCredentialResolverTest()

Method Detail

setUp

@BeforeMethod
protected void setUp()
              throws Exception

Throws:

Exception

testNoProtocolNoUsage

public void testNoProtocolNoUsage()
                           throws SecurityException,
                                  ResolverException

Test protocol null, and no usage. Should get 3 credentials, 2 from protocolFoo and 1 from protocolBar.

Throws:

SecurityException - ...

ResolverException - ...

testNoProtocolUsageEncryption

public void testNoProtocolUsageEncryption()
                                   throws SecurityException,
                                          ResolverException

Test protocol null, and usage = encryption. Should get 2 credentials, 1 from protocolFoo and 1 from protocolBar.

Throws:

SecurityException - ...

ResolverException - ...

testNoProtocolUsageSigning

public void testNoProtocolUsageSigning()
                                throws SecurityException,
                                       ResolverException

Test protocol null, and usage = signing. Should get 2 credentials, 1 from protocolFoo and 1 from protocolBar.

Throws:

SecurityException - ...

ResolverException - ...

testProtocolFOONoUsage

public void testProtocolFOONoUsage()
                            throws SecurityException,
                                   ResolverException

Test 1 protocol (FOO), and no usage . Should get 2 credentials.

Throws:

SecurityException - ...

ResolverException - ...

testProtocolFOOUsageSigning

public void testProtocolFOOUsageSigning()
                                 throws SecurityException,
                                        ResolverException

Test 1 protocol (FOO), and usage = signing. Should get 1 credentials.

Throws:

SecurityException - ...

ResolverException - ...

testProtocolFOOUsageEncryption

public void testProtocolFOOUsageEncryption()
                                    throws SecurityException,
                                           ResolverException

Test 1 protocol (FOO), and usage encryption. Should get 1 credentials.

Throws:

SecurityException - ...

ResolverException - ...

testProtocolBARNoUsage

public void testProtocolBARNoUsage()
                            throws SecurityException,
                                   ResolverException

Test 1 protocol (BAR), and no usage. Should get 1 credentials.

Throws:

SecurityException - ...

ResolverException - ...

testProtocolBARUsageSigning

public void testProtocolBARUsageSigning()
                                 throws SecurityException,
                                        ResolverException

Test 1 protocol (BAR), and usage = signing. Should get 1 credentials.

Throws:

SecurityException - ...

ResolverException - ...

testProtocolBARUsageEncryption

public void testProtocolBARUsageEncryption()
                                    throws SecurityException,
                                           ResolverException

Test 1 protocol (BAR), and usage = encryption. Should get 1 credentials.

Throws:

SecurityException - ...

ResolverException - ...

testCaching

public void testCaching()
                 throws SecurityException,
                        ResolverException

Test caching behavior across 2 resolutions.

Throws:

SecurityException - ...

ResolverException - ...

testDirectResolutionFromRoleDescriptor

public void testDirectResolutionFromRoleDescriptor()
                                            throws ComponentInitializationException,
                                                   ResolverException,
                                                   CertificateEncodingException,
                                                   EncodingException

Test resolving directly from a RoleDescriptor input.

Throws:

ComponentInitializationException - ...

ResolverException - ...

CertificateEncodingException - ...

EncodingException - on base64 encoding error

testMissingRequiredInputs

public void testMissingRequiredInputs()
                               throws ResolverException

Test fails correctly when required inputs are missing.

Throws:

ResolverException - ...

testMissingKeyInfoCredentialResolver

public void testMissingKeyInfoCredentialResolver()
                                          throws ComponentInitializationException

Test fails correctly when required KeyInfo credential resolver is not configured

Throws:

ComponentInitializationException - ...

testMissingRequiredRoleDescriptorResolver

public void testMissingRequiredRoleDescriptorResolver()
                                               throws ComponentInitializationException,
                                                      ResolverException

Test that fails when entityID+role name are supplied, but no role descriptor resolver was configured.

Throws:

ComponentInitializationException - ...

ResolverException - ...

checkContextAndID

private void checkContextAndID(Credential credential,
                               String entityID,
                               QName role,
                               boolean checkEntitiesDesc)

Check expected entity ID and also that expected data is available from the metadata context.

Parameters:

credential - the credential to evaluate

entityID - the expected entity ID value

role - the expected type of role from the context role descriptor data

checkEntitiesDesc - whether to check for and validate an EntitiesDescriptor grandparent