Commit b4a60fdb authored by Yadd's avatar Yadd

Improve redirect tests [SAML] (#595)

parent 17a336ee
...@@ -95,24 +95,25 @@ SKIP: { ...@@ -95,24 +95,25 @@ SKIP: {
'Query IdP for logout' 'Query IdP for logout'
); );
expectOK($res); expectOK($res);
ok( ok(
$res->[2]->[0] =~ $res->[2]->[0] =~
m#img src="http://auth.idp.com(/saml/relaySingleLogoutSOAP)\?(relay=.*?)"#s, m#iframe src="http://auth.sp.com(/saml/proxySingleLogout)\?(SAMLRequest=.*?)"#,
'Get image request' 'Get iframe request'
); );
$url = $1;
my $query = $2;
ok( switch ('sp');
$res = $issuer->_get( ok( $res = $sp->_get( $url, query => $query, accept => 'text/html' ),
$1, 'Query SP for iframe' );
query => $2, ( $url, $query ) = expectRedirection( $res,
cookie => "lemonldap=$idpId", qr#http://auth.idp.com(/saml/singleLogoutReturn)\?(SAMLResponse=.*)# );
accept => 'text/html'
), # Push SAML logout response to IdP
'Get image' switch ('issuer');
); ok( $res = $issuer->_get( $url, query => $query, accept => 'text/html' ),
ok( getHeader( $res, 'Content-Type' ) eq 'image/png', 'Get an image' ) 'Push SAML response to IdP' );
or explain( [ $res->[0], $res->[1] ], 'Content-Type => image/png' ); expectOK($res);
# Test if logout is done # Test if logout is done
switch ('issuer'); switch ('issuer');
...@@ -333,14 +334,9 @@ entityID="http://auth.sp.com/saml/metadata"> ...@@ -333,14 +334,9 @@ entityID="http://auth.sp.com/saml/metadata">
<ArtifactResolutionService isDefault="true" index="0" <ArtifactResolutionService isDefault="true" index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.sp.com/saml/artifact" /> Location="http://auth.sp.com/saml/artifact" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.sp.com/saml/singleLogoutSOAP" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://auth.sp.com/saml/singleLogout" Location="http://auth.sp.com/saml/singleLogout"
ResponseLocation="http://auth.sp.com/saml/singleLogoutReturn" /> ResponseLocation="http://auth.sp.com/saml/singleLogoutReturn" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://auth.sp.com/saml/singleLogout"
ResponseLocation="http://auth.sp.com/saml/singleLogoutReturn" />
<NameIDFormat> <NameIDFormat>
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<NameIDFormat> <NameIDFormat>
...@@ -355,12 +351,6 @@ entityID="http://auth.sp.com/saml/metadata"> ...@@ -355,12 +351,6 @@ entityID="http://auth.sp.com/saml/metadata">
urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://auth.sp.com/saml/singleSignOn" /> Location="http://auth.sp.com/saml/singleSignOn" />
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://auth.sp.com/saml/singleSignOn" />
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
Location="http://auth.sp.com/saml/singleSignOnArtifact" />
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.sp.com/saml/singleSignOnSOAP" />
</IDPSSODescriptor> </IDPSSODescriptor>
<SPSSODescriptor AuthnRequestsSigned="true" <SPSSODescriptor AuthnRequestsSigned="true"
WantAssertionsSigned="true" WantAssertionsSigned="true"
...@@ -399,14 +389,9 @@ entityID="http://auth.sp.com/saml/metadata"> ...@@ -399,14 +389,9 @@ entityID="http://auth.sp.com/saml/metadata">
<ArtifactResolutionService isDefault="true" index="0" <ArtifactResolutionService isDefault="true" index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.sp.com/saml/artifact" /> Location="http://auth.sp.com/saml/artifact" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.sp.com/saml/proxySingleLogoutSOAP" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://auth.sp.com/saml/proxySingleLogout" Location="http://auth.sp.com/saml/proxySingleLogout"
ResponseLocation="http://auth.sp.com/saml/proxySingleLogoutReturn" /> ResponseLocation="http://auth.sp.com/saml/proxySingleLogoutReturn" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://auth.sp.com/saml/proxySingleLogout"
ResponseLocation="http://auth.sp.com/saml/proxySingleLogoutReturn" />
<NameIDFormat> <NameIDFormat>
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<NameIDFormat> <NameIDFormat>
...@@ -562,14 +547,9 @@ entityID="http://auth.idp.com/saml/metadata"> ...@@ -562,14 +547,9 @@ entityID="http://auth.idp.com/saml/metadata">
<ArtifactResolutionService isDefault="true" index="0" <ArtifactResolutionService isDefault="true" index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.idp.com/saml/artifact" /> Location="http://auth.idp.com/saml/artifact" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.idp.com/saml/singleLogoutSOAP" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://auth.idp.com/saml/singleLogout" Location="http://auth.idp.com/saml/singleLogout"
ResponseLocation="http://auth.idp.com/saml/singleLogoutReturn" /> ResponseLocation="http://auth.idp.com/saml/singleLogoutReturn" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://auth.idp.com/saml/singleLogout"
ResponseLocation="http://auth.idp.com/saml/singleLogoutReturn" />
<NameIDFormat> <NameIDFormat>
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<NameIDFormat> <NameIDFormat>
...@@ -584,12 +564,6 @@ entityID="http://auth.idp.com/saml/metadata"> ...@@ -584,12 +564,6 @@ entityID="http://auth.idp.com/saml/metadata">
urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat> urn:oasis:names:tc:SAML:2.0:nameid-format:transient</NameIDFormat>
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" <SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://auth.idp.com/saml/singleSignOn" /> Location="http://auth.idp.com/saml/singleSignOn" />
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://auth.idp.com/saml/singleSignOn" />
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact"
Location="http://auth.idp.com/saml/singleSignOnArtifact" />
<SingleSignOnService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.idp.com/saml/singleSignOnSOAP" />
</IDPSSODescriptor> </IDPSSODescriptor>
<SPSSODescriptor AuthnRequestsSigned="true" <SPSSODescriptor AuthnRequestsSigned="true"
WantAssertionsSigned="true" WantAssertionsSigned="true"
...@@ -628,14 +602,9 @@ entityID="http://auth.idp.com/saml/metadata"> ...@@ -628,14 +602,9 @@ entityID="http://auth.idp.com/saml/metadata">
<ArtifactResolutionService isDefault="true" index="0" <ArtifactResolutionService isDefault="true" index="0"
Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP" Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.idp.com/saml/artifact" /> Location="http://auth.idp.com/saml/artifact" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:SOAP"
Location="http://auth.idp.com/saml/proxySingleLogoutSOAP" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect" <SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect"
Location="http://auth.idp.com/saml/proxySingleLogout" Location="http://auth.idp.com/saml/proxySingleLogout"
ResponseLocation="http://auth.idp.com/saml/proxySingleLogoutReturn" /> ResponseLocation="http://auth.idp.com/saml/proxySingleLogoutReturn" />
<SingleLogoutService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
Location="http://auth.idp.com/saml/proxySingleLogout"
ResponseLocation="http://auth.idp.com/saml/proxySingleLogoutReturn" />
<NameIDFormat> <NameIDFormat>
urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat> urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</NameIDFormat>
<NameIDFormat> <NameIDFormat>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment