handle stored request state without returnurl during OWIN error response

Sustainsys · Mar 26, 2018 · 3161e15 · 3161e15
1 parent 782ac71
commit 3161e15
Show file tree

Hide file tree

Showing 2 changed files with 73 additions and 1 deletion.
diff --git a/Sustainsys.Saml2.Owin/Saml2AuthenticationHandler.cs b/Sustainsys.Saml2.Owin/Saml2AuthenticationHandler.cs
@@ -61,7 +61,7 @@ protected async override Task<AuthenticationTicket> AuthenticateCoreAsync()
         private AuthenticationTicket CreateErrorAuthenticationTicket(HttpRequestData httpRequestData, Exception ex)
         {
             AuthenticationProperties authProperties = null;
-            if (httpRequestData.StoredRequestState != null)
+            if (httpRequestData.StoredRequestState?.ReturnUrl != null)
             {
                 authProperties = new AuthenticationProperties(
                     httpRequestData.StoredRequestState.RelayData);

diff --git a/Tests/Owin.Tests/Saml2AuthenticationMiddlewareTests.cs b/Tests/Owin.Tests/Saml2AuthenticationMiddlewareTests.cs
@@ -978,6 +978,78 @@ public async Task Saml2AuthenticationMiddleware_AcsRedirectsToAuthPropsReturnUri
             context.Authentication.AuthenticationResponseGrant.Should().BeNull();
         }
 
+        [TestMethod]
+        public async Task Saml2AuthenticationMiddleware_AcsRedirectsToAuthProps_StoredRequestStateWithNoReturnUrl()
+        {
+            var context = OwinTestHelpers.CreateOwinContext();
+            context.Request.Method = "POST";
+
+            var authProps = new AuthenticationProperties();
+
+            var state = new StoredRequestState(new EntityId("https://idp.example.com"),
+                null,
+                new Saml2Id("InResponseToId"),
+                authProps.Dictionary);
+
+            var relayState = SecureKeyGenerator.CreateRelayState();
+
+            var cookieData = HttpRequestData.ConvertBinaryData(
+                CreateAppBuilder().CreateDataProtector(
+                    typeof(Saml2AuthenticationMiddleware).FullName)
+                    .Protect(state.Serialize()));
+
+            context.Request.Headers["Cookie"] = $"{StoredRequestState.CookieNameBase}{relayState}={cookieData}";
+
+            var response =
+                @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol""
+                xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion""
+                ID = """ + MethodBase.GetCurrentMethod().Name + @""" Version=""2.0""
+                IssueInstant=""2013-01-01T00:00:00Z"">
+                <saml2:Issuer>
+                    https://idp.example.com
+                </saml2:Issuer>
+                <saml2p:Status>
+                    <saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success"" />
+                </saml2p:Status>
+                <saml2:Assertion
+                Version=""2.0"" ID=""" + MethodBase.GetCurrentMethod().Name + @"_Assertion1""
+                IssueInstant=""2013-09-25T00:00:00Z"">
+                    <saml2:Issuer>https://idp.example.com</saml2:Issuer>
+                    <saml2:Subject>
+                        <saml2:NameID>SomeUser</saml2:NameID>
+                        <saml2:SubjectConfirmation Method=""urn:oasis:names:tc:SAML:2.0:cm:bearer"" />
+                    </saml2:Subject>
+                    <saml2:Conditions NotOnOrAfter=""2100-01-01T00:00:00Z"" />
+                </saml2:Assertion>
+            </saml2p:Response>";
+
+            // No signature, that's an error.
+            var bodyData = new KeyValuePair<string, string>[] {
+                new KeyValuePair<string, string>("SAMLResponse",
+                    Convert.ToBase64String(Encoding.UTF8.GetBytes(response))),
+                new KeyValuePair<string, string>("RelayState",relayState)
+            };
+
+            var encodedBodyData = new FormUrlEncodedContent(bodyData);
+
+            context.Request.Body = encodedBodyData.ReadAsStreamAsync().Result;
+            context.Request.ContentType = encodedBodyData.Headers.ContentType.ToString();
+            context.Request.Host = new HostString("localhost");
+            context.Request.Path = new PathString("/Saml2/Acs");
+
+            var middleware = new Saml2AuthenticationMiddleware(null, CreateAppBuilder(),
+                new Saml2AuthenticationOptions(true)
+                {
+                    SignInAsAuthenticationType = "AuthType"
+                });
+
+            await middleware.Invoke(context);
+
+            context.Response.StatusCode.Should().Be(302);
+            context.Response.Headers["Location"].Should().Be("http://localhost/LoggedIn?error=access_denied");
+            context.Authentication.AuthenticationResponseGrant.Should().BeNull();
+        }
+
         [TestMethod]
         public async Task Saml2AuthenticationMiddleware_AcsWorks()
         {