diff options
author | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-01-12 15:40:29 +0000 |
---|---|---|
committer | Benjamin Dauvergne <bdauvergne@entrouvert.com> | 2010-01-12 15:40:29 +0000 |
commit | c14fdb11ec20721627cf8ee8dc589bc0fa7e6cd0 (patch) | |
tree | a59660ac9b6dd1140a1fe7b598a66890bdee596d /tests | |
parent | 9554334c91bb9075e79598b1be885a831169379d (diff) | |
download | lasso-c14fdb11ec20721627cf8ee8dc589bc0fa7e6cd0.tar.gz lasso-c14fdb11ec20721627cf8ee8dc589bc0fa7e6cd0.tar.xz lasso-c14fdb11ec20721627cf8ee8dc589bc0fa7e6cd0.zip |
Tests SAML2: use & test encryption
Diffstat (limited to 'tests')
-rw-r--r-- | tests/login_tests_saml2.c | 27 |
1 files changed, 16 insertions, 11 deletions
diff --git a/tests/login_tests_saml2.c b/tests/login_tests_saml2.c index 2d1c2c7c..b3596a92 100644 --- a/tests/login_tests_saml2.c +++ b/tests/login_tests_saml2.c @@ -38,6 +38,7 @@ static char* generateIdentityProviderContextDump() { LassoServer *serverContext; + GList *providers; char *ret; serverContext = lasso_server_new( @@ -51,6 +52,8 @@ generateIdentityProviderContextDump() TESTSDATADIR "/sp5-saml2/metadata.xml", NULL, NULL); + providers = g_hash_table_get_values(serverContext->providers); + lasso_provider_set_encryption_mode(LASSO_PROVIDER(providers->data), LASSO_ENCRYPTION_MODE_ASSERTION | LASSO_ENCRYPTION_MODE_NAMEID); ret = lasso_server_dump(serverContext); g_object_unref(serverContext); @@ -280,17 +283,19 @@ START_TEST(test02_saml2_serviceProviderLogin) spSessionDump = lasso_session_dump(LASSO_PROFILE(spLoginContext)->session); /* Test InResponseTo checking */ - found = strstr(soapResponseMsg, "Assertion"); - fail_unless(found != NULL, "We must find an Assertion"); - found = strstr(found, "InResponseTo=\""); - fail_unless(found != NULL, "We must find an InResponseTo attribute"); - found[sizeof("InResponseTo=\"")] = '?'; - lasso_set_flag("no-verify-signature"); - rc = lasso_login_process_response_msg(spLoginContext, soapResponseMsg); - lasso_set_flag("verify-signature"); - fail_unless(rc != 0, "lasso_login_process_response_msg must fail"); - rc = lasso_login_accept_sso(spLoginContext); - fail_unless(rc != 0, "lasso_login_accept_sso must fail"); + if (! strstr(soapResponseMsg, "EncryptedAssertion")) { + found = strstr(soapResponseMsg, "Assertion"); + fail_unless(found != NULL, "We must find an Assertion"); + found = strstr(found, "InResponseTo=\""); + fail_unless(found != NULL, "We must find an InResponseTo attribute"); + found[sizeof("InResponseTo=\"")] = '?'; + lasso_set_flag("no-verify-signature"); + rc = lasso_login_process_response_msg(spLoginContext, soapResponseMsg); + lasso_set_flag("verify-signature"); + fail_unless(rc != 0, "lasso_login_process_response_msg must fail"); + rc = lasso_login_accept_sso(spLoginContext); + fail_unless(rc != 0, "lasso_login_accept_sso must fail"); + } /* logout test */ /* generate a logout request */ |