diff options
author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2009-03-27 15:06:18 +0000 |
---|---|---|
committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2009-03-27 15:06:18 +0000 |
commit | d85f440885ca65d8e48cc9f4212463813cb11b43 (patch) | |
tree | a2f0dd609bbfe17f07a4547967f0422830e9b3fe /tests/login_tests.c | |
parent | 5268ee292873861ca0ba4f0d3d7990c8da83d4e8 (diff) | |
download | lasso-d85f440885ca65d8e48cc9f4212463813cb11b43.tar.gz lasso-d85f440885ca65d8e48cc9f4212463813cb11b43.tar.xz lasso-d85f440885ca65d8e48cc9f4212463813cb11b43.zip |
ID-FF 1.2 Tests: Add test for relaystate
* tests/login_tests.c:
- (test02_serviceProviderLogin) add assertion concerning the relaying
of the RelayState parameter during an SP initiated SSO.
Diffstat (limited to 'tests/login_tests.c')
-rw-r--r-- | tests/login_tests.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/tests/login_tests.c b/tests/login_tests.c index b92735f7..7281c6b3 100644 --- a/tests/login_tests.c +++ b/tests/login_tests.c @@ -143,7 +143,7 @@ START_TEST(test02_serviceProviderLogin) request->IsPassive = 0; request->NameIDPolicy = g_strdup(LASSO_LIB_NAMEID_POLICY_TYPE_FEDERATED); request->consent = g_strdup(LASSO_LIB_CONSENT_OBTAINED); - relayState = "fake"; + relayState = "fake[]"; request->RelayState = g_strdup(relayState); rc = lasso_login_build_authn_request_msg(spLoginContext); fail_unless(rc == 0, "lasso_login_build_authn_request_msg failed"); @@ -152,8 +152,12 @@ START_TEST(test02_serviceProviderLogin) "authnRequestUrl shouldn't be NULL"); authnRequestQuery = strchr(authnRequestUrl, '?')+1; fail_unless(strlen(authnRequestQuery) > 0, - "authnRequestRequest shouldn't be an empty string"); + "authnRequestQuery shouldn't be an empty string"); spLoginDump = lasso_node_dump(LASSO_NODE(spLoginContext)); + fail_unless(strstr(authnRequestQuery, "RelayState") != NULL, + "authnRequestQuery should contain a RelayState parameter"); + fail_unless(strstr(authnRequestQuery, "fake%5B%5D") != NULL, + "authnRequestQuery RelayState parameter should be encoded"); /* Identity provider singleSignOn, for a user having no federation. */ identityProviderContextDump = generateIdentityProviderContextDump(); @@ -169,6 +173,10 @@ START_TEST(test02_serviceProviderLogin) "protocoleProfile should be ProfileBrwsArt"); fail_unless(! lasso_login_must_ask_for_consent(idpLoginContext), "lasso_login_must_ask_for_consent() should be FALSE"); + fail_unless(idpLoginContext->parent.msg_relayState != NULL, + "lasso_login_process_authn_request_msg should restore the RelayState parameter"); + fail_unless(g_strcmp0(idpLoginContext->parent.msg_relayState, relayState) == 0, + "lasso_login_process_authn_request_msg should restore the same RelayState thant sent in the request"); rc = lasso_login_validate_request_msg(idpLoginContext, 1, /* authentication_result */ 0 /* is_consent_obtained */ @@ -194,6 +202,10 @@ START_TEST(test02_serviceProviderLogin) responseQuery = strchr(responseUrl, '?')+1; fail_unless(strlen(responseQuery) > 0, "responseQuery shouldn't be an empty string"); + fail_unless(strstr(responseQuery, "RelayState") != NULL, + "responseQuery should contain a RelayState parameter"); + fail_unless(strstr(responseQuery, "fake%5B%5D") != NULL, + "responseQuery RelayState parameter should be encoded"); serviceProviderId = g_strdup(LASSO_PROFILE(idpLoginContext)->remote_providerID); fail_unless(serviceProviderId != NULL, "lasso_profile_get_remote_providerID shouldn't return NULL"); @@ -207,6 +219,10 @@ START_TEST(test02_serviceProviderLogin) rc = lasso_login_init_request(spLoginContext, responseQuery, LASSO_HTTP_METHOD_REDIRECT); + fail_unless(spLoginContext->parent.msg_relayState != NULL, + "lasso_login_init_request should restore the RelayState parameter"); + fail_unless(g_strcmp0(spLoginContext->parent.msg_relayState, relayState) == 0, + "lasso_login_init_request should restore the same RelayState thant sent in the request"); fail_unless(rc == 0, "lasso_login_init_request failed"); rc = lasso_login_build_request_msg(spLoginContext); fail_unless(rc == 0, "lasso_login_build_request_msg failed"); |