Added metadata corresponding to new certificates.

Updated non regression tests to use these certificates and metadata.

13 files changed, 315 insertions, 16 deletions

diff --git a/tests/data/idp1-la/metadata.xml b/tests/data/idp1-la/metadata.xml
new file mode 100644
index 00000000..3330c73d
--- /dev/null
+++ b/tests/data/idp1-la/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://idp1/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://idp1:1998/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+
+  <SingleLogoutServiceURL>https://idp1:1998/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://idp1:1998/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://idp1:1998/soapEndpoint</SoapEndpoint>
+
+</IDPDescriptor>
+</EntityDescriptor>
diff --git a/tests/data/idp2-la/metadata.xml b/tests/data/idp2-la/metadata.xml
new file mode 100644
index 00000000..24a744ca
--- /dev/null
+++ b/tests/data/idp2-la/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://idp2/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://idp2:2000/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+
+  <SingleLogoutServiceURL>https://idp2:2000/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://idp2:2000/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://idp2:2000/soapEndpoint</SoapEndpoint>
+
+</IDPDescriptor>
+</EntityDescriptor>
diff --git a/tests/data/idp3-la/metadata.xml b/tests/data/idp3-la/metadata.xml
new file mode 100644
index 00000000..4f84497c
--- /dev/null
+++ b/tests/data/idp3-la/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://idp3/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://idp3:2002/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+
+  <SingleLogoutServiceURL>https://idp3:2002/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://idp3:2002/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://idp3:2002/soapEndpoint</SoapEndpoint>
+
+</IDPDescriptor>
+</EntityDescriptor>
diff --git a/tests/data/idp4-la/metadata.xml b/tests/data/idp4-la/metadata.xml
new file mode 100644
index 00000000..cacc456b
--- /dev/null
+++ b/tests/data/idp4-la/metadata.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://idp4/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://idp4:2004/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+
+  <SingleLogoutServiceURL>https://idp4:2004/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://idp4:2004/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://idp4:2004/soapEndpoint</SoapEndpoint>
+
+</IDPDescriptor>
+</EntityDescriptor>
diff --git a/tests/data/lecp1-la/metadata.xml b/tests/data/lecp1-la/metadata.xml
new file mode 100644
index 00000000..8f88fa44
--- /dev/null
+++ b/tests/data/lecp1-la/metadata.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://lecp1/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://lecp1:2014/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+  <SingleLogoutServiceURL>https://lecp1:2014/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp1:2014/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp1:2014/soapEndpoint</SoapEndpoint>
+
+ </IDPDescriptor>
+
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://lecp1:2014/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://lecp1:2014/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp1:2014/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp1:2014/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+
+</EntityDescriptor>
diff --git a/tests/data/lecp2-la/metadata.xml b/tests/data/lecp2-la/metadata.xml
new file mode 100644
index 00000000..c8e15612
--- /dev/null
+++ b/tests/data/lecp2-la/metadata.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://lecp2/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://lecp2:2016/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+  <SingleLogoutServiceURL>https://lecp2:2016/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp2:2016/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp2:2016/soapEndpoint</SoapEndpoint>
+
+ </IDPDescriptor>
+
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://lecp2:2016/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://lecp2:2016/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp2:2016/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp2:2016/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+
+</EntityDescriptor>
diff --git a/tests/data/lecp3-la/metadata.xml b/tests/data/lecp3-la/metadata.xml
new file mode 100644
index 00000000..d5cc40f4
--- /dev/null
+++ b/tests/data/lecp3-la/metadata.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://lecp3/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://lecp3:2018/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+  <SingleLogoutServiceURL>https://lecp3:2018/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp3:2018/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp3:2018/soapEndpoint</SoapEndpoint>
+
+ </IDPDescriptor>
+
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://lecp3:2018/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://lecp3:2018/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp3:2018/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp3:2018/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+
+</EntityDescriptor>
diff --git a/tests/data/lecp4-la/metadata.xml b/tests/data/lecp4-la/metadata.xml
new file mode 100644
index 00000000..c1a767b6
--- /dev/null
+++ b/tests/data/lecp4-la/metadata.xml
@@ -0,0 +1,36 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://lecp4/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+
+ <IDPDescriptor>
+
+  <SingleSignOnServiceURL>https://lecp4:2020/singleSignOn</SingleSignOnServiceURL>
+  <SingleSignOnProtocolProfile>http://projectliberty.org/profiles/sso-get</SingleSignOnProtocolProfile>
+  <SingleLogoutServiceURL>https://lecp4:2020/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp4:2020/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-http</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp4:2020/soapEndpoint</SoapEndpoint>
+
+ </IDPDescriptor>
+
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://lecp4:2020/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://lecp4:2020/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://lecp4:2020/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://lecp4:2020/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+
+</EntityDescriptor>
diff --git a/tests/data/sp1-la/metadata.xml b/tests/data/sp1-la/metadata.xml
new file mode 100644
index 00000000..ec28fa48
--- /dev/null
+++ b/tests/data/sp1-la/metadata.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://sp1/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://sp1:2006/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://sp1:2006/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://sp1:2006/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://sp1:2006/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/data/sp2-la/metadata.xml b/tests/data/sp2-la/metadata.xml
new file mode 100644
index 00000000..414799cb
--- /dev/null
+++ b/tests/data/sp2-la/metadata.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://sp2/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://sp2:2008/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://sp2:2008/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://sp2:2008/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://sp2:2008/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/data/sp3-la/metadata.xml b/tests/data/sp3-la/metadata.xml
new file mode 100644
index 00000000..1dcedf46
--- /dev/null
+++ b/tests/data/sp3-la/metadata.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://sp3/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://sp3:2010/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://sp3:2010/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://sp3:2010/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://sp3:2010/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/data/sp4-la/metadata.xml b/tests/data/sp4-la/metadata.xml
new file mode 100644
index 00000000..221cb870
--- /dev/null
+++ b/tests/data/sp4-la/metadata.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0"?>
+<EntityDescriptor
+    providerID="https://sp4/metadata"
+    xmlns="urn:liberty:metadata:2003-08">
+ <SPDescriptor>
+
+  <AssertionConsumerServiceURL id="AssertionConsumerServiceURL1" isDefault="true">https://sp4:2012/assertionConsumer</AssertionConsumerServiceURL>
+
+  <SingleLogoutServiceURL>https://sp4:2012/singleLogout</SingleLogoutServiceURL>
+  <SingleLogoutProtocolProfile>http://projectliberty.org/profiles/slo-idp-soap</SingleLogoutProtocolProfile>
+
+  <RegisterNameIdentifierServiceURL>https://sp4:2012/registerNameIdentifier</RegisterNameIdentifierServiceURL>
+  <RegisterNameIdentifierProtocolProfile>http://projectliberty.org/profiles/rni-sp-soap</RegisterNameIdentifierProtocolProfile>
+
+  <SoapEndpoint>https://sp4:2012/soapEndpoint</SoapEndpoint>
+
+  <AuthnRequestsSigned>true</AuthnRequestsSigned>
+
+ </SPDescriptor>
+</EntityDescriptor>
diff --git a/tests/login_tests.c b/tests/login_tests.c
index 5750eaec..2a460529 100644
--- a/tests/login_tests.c
+++ b/tests/login_tests.c
@@ -35,16 +35,16 @@ generateIdentityProviderContextDump()
 	LassoServer *serverContext;
 	
 	serverContext = lasso_server_new(
-			"../examples/data/idp-metadata.xml",
-			"../examples/data/idp-public-key.pem",
-			"../examples/data/idp-private-key.pem",
-			"../examples/data/idp-crt.pem",
+			"../tests/data/idp1-la/metadata.xml",
+			NULL, /* "../tests/data/idp1-la/public-key.pem" is no more used */
+			"../tests/data/idp1-la/private-key-raw.pem",
+			"../tests/data/idp1-la/certificate.pem",
 			lassoSignatureMethodRsaSha1);
 	lasso_server_add_provider(
 			serverContext,
-			"../examples/data/sp-metadata.xml",
-			"../examples/data/sp-public-key.pem",
-			"../examples/data/ca-crt.pem");
+			"../tests/data/sp1-la/metadata.xml",
+			"../tests/data/sp1-la/public-key.pem",
+			"../tests/data/ca1-la/certificate.pem");
 	return lasso_server_dump(serverContext);
 }
 
@@ -54,16 +54,16 @@ generateServiceProviderContextDump()
 	LassoServer *serverContext;
 	
 	serverContext = lasso_server_new(
-			"../examples/data/sp-metadata.xml",
-			"../examples/data/sp-public-key.pem",
-			"../examples/data/sp-private-key.pem",
-			"../examples/data/sp-crt.pem",
+			"../tests/data/sp1-la/metadata.xml",
+			NULL, /* "../tests/data/sp1-la/public-key.pem" is no more used */
+			"../tests/data/sp1-la/private-key-raw.pem",
+			"../tests/data/sp1-la/certificate.pem",
 			lassoSignatureMethodRsaSha1);
 	lasso_server_add_provider(
 			serverContext,
-			"../examples/data/idp-metadata.xml",
-			"../examples/data/idp-public-key.pem",
-			"../examples/data/ca-crt.pem");
+			"../tests/data/idp1-la/metadata.xml",
+			"../tests/data/idp1-la/public-key.pem",
+			"../tests/data/ca1-la/certificate.pem");
 	return lasso_server_dump(serverContext);
 }
 
@@ -114,8 +114,7 @@ START_TEST(test02_serviceProviderLogin)
 	lasso_lib_authn_request_set_consent(request, lassoLibConsentObtained);
 	relayState = "fake";
 	lasso_lib_authn_request_set_relayState(request, "fake");
-	rc = lasso_login_build_authn_request_msg(spLoginContext,
-			"https://identity-provider:1998/liberty-alliance/metadata");
+	rc = lasso_login_build_authn_request_msg(spLoginContext, "https://idp1/metadata");
 	fail_unless(rc == 0, "lasso_login_build_authn_request_msg failed");
 	authnRequestUrl = LASSO_PROFILE(spLoginContext)->msg_url;
 	fail_unless(authnRequestUrl != NULL,