Skip to content

Commit

Permalink
wip
Browse files Browse the repository at this point in the history 
Co-authored-by: Duane May <duane.may@broadcom.com>
  • Loading branch information
@bruce-ricard @duanemay @peterhaochen47
2 people authored and peterhaochen47 committed May 10, 2024
1 parent 0d8a3bb commit dc862ac
Showing 1 changed file with 6 additions and 155 deletions.
161 changes: 6 additions & 155 deletions uaa/src/test/java/org/cloudfoundry/identity/uaa/mock/saml/SamlMetadataMockMvcTests.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,97 +48,30 @@
import static org.apache.logging.log4j.Level.WARN;
import static org.cloudfoundry.identity.uaa.authentication.SamlResponseLoggerBinding.X_VCAP_REQUEST_ID_HEADER;
import static org.hamcrest.MatcherAssert.assertThat;
import static org.hamcrest.Matchers.emptyOrNullString;
import static org.hamcrest.Matchers.hasItem;
import static org.hamcrest.Matchers.not;
import static org.springframework.http.HttpHeaders.CONTENT_TYPE;
import static org.springframework.http.HttpHeaders.HOST;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.post;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

@DefaultTestContext
class SamlMetadataMockMvcTests {

private RandomValueStringGenerator generator;

private IdentityZone spZone;
private IdentityZone idpZone;
private String spZoneEntityId;
private IdentityProvider<SamlIdentityProviderDefinition> idp;

@Autowired
private MockMvc mockMvc;

@Autowired
private WebApplicationContext webApplicationContext;

private JdbcIdentityProviderProvisioning jdbcIdentityProviderProvisioning;

@Autowired
private LoggingAuditService loggingAuditService;
private InterceptingLogger testLogger;
private Logger originalAuditServiceLogger;

@SuppressWarnings("SpringJavaInjectionPointsAutowiringInspection")
@BeforeEach
void createSamlRelationship(
@Autowired JdbcIdentityProviderProvisioning jdbcIdentityProviderProvisioning,
@Autowired JdbcScimUserProvisioning jdbcScimUserProvisioning
) throws Exception {
this.jdbcIdentityProviderProvisioning = jdbcIdentityProviderProvisioning;
generator = new RandomValueStringGenerator();
BaseClientDetails adminClient = new BaseClientDetails("admin", "", "", "client_credentials", "uaa.admin");
adminClient.setClientSecret("adminsecret");
spZone = createZone("uaa-acting-as-saml-proxy-zone-", adminClient);
idpZone = createZone("uaa-acting-as-saml-idp-zone-", adminClient);
spZoneEntityId = spZone.getSubdomain() + ".cloudfoundry-saml-login";
createUser(jdbcScimUserProvisioning, idpZone);
}

@BeforeEach
void installTestLogger() {
testLogger = new InterceptingLogger();
originalAuditServiceLogger = loggingAuditService.getLogger();
loggingAuditService.setLogger(testLogger);
Properties esapiProps = new Properties();
esapiProps.put("ESAPI.Logger", "org.owasp.esapi.logging.slf4j.Slf4JLogFactory");
esapiProps.put("ESAPI.Encoder", "org.owasp.esapi.reference.DefaultEncoder");
esapiProps.put("Logger.LogEncodingRequired", Boolean.FALSE.toString());
esapiProps.put("Logger.UserInfo", Boolean.TRUE.toString());
esapiProps.put("Logger.ClientInfo", Boolean.TRUE.toString());
esapiProps.put("Logger.ApplicationName", "uaa");
esapiProps.put("Logger.LogApplicationName", Boolean.FALSE.toString());
esapiProps.put("Logger.LogServerIP", Boolean.FALSE.toString());
ESAPI.override(new DefaultSecurityConfiguration(esapiProps));
}

@AfterEach
void putBackOriginalLogger() {
loggingAuditService.setLogger(originalAuditServiceLogger);
}

private ResultActions postSamlResponse(
final String xml,
final String queryString,
final String content,
final String xVcapRequestId
) throws Exception {
return mockMvc.perform(
post("/uaa/saml/SSO/alias/" + spZoneEntityId + queryString)
.contextPath("/uaa")
.header(HOST, spZone.getSubdomain() + ".localhost:8080")
.header(CONTENT_TYPE, MediaType.APPLICATION_FORM_URLENCODED_VALUE)
.header(X_VCAP_REQUEST_ID_HEADER, xVcapRequestId)
.content(content)
.param("SAMLResponse", xml)
);
}

@Test
void testSamlMetadataDefault() throws Exception {
ResultActions response = null;

ResultActions xml = mockMvc.perform(get(new URI("/saml/metadata/x")))
.andExpect(status().isOk());
ResultActions xml = mockMvc.perform(get(new URI("/saml/metadata")))
.andExpect(status().isOk())
.andExpect(content().string(not(emptyOrNullString())));

String x = xml.andReturn().getResponse().getContentAsString();
int y = 4;
Expand Down Expand Up @@ -169,85 +102,3 @@ void testSamlMetadataDefault() throws Exception {

}
}

private static class MatchesLogEvent extends BaseMatcher<LogEvent> {

private final Level expectedLevel;
private final String expectedMessage;

public MatchesLogEvent(
final Level expectedLevel,
final String expectedMessage
) {
this.expectedLevel = expectedLevel;
this.expectedMessage = expectedMessage;
}

@Override
public boolean matches(Object actual) {
if (!(actual instanceof LogEvent)) {
return false;
}
LogEvent logEvent = (LogEvent) actual;

return expectedLevel.equals(logEvent.getLevel())
&& expectedMessage.equals(logEvent.getMessage().getFormattedMessage());
}

@Override
public void describeTo(Description description) {
description.appendText(String.format("LogEvent with level of {%s} and message of {%s}", this.expectedLevel, this.expectedMessage));
}
}

private String getSamlMetadata(String subdomain, String url) throws Exception {
return mockMvc.perform(
get(url)
.header("Host", subdomain + ".localhost")
)
.andReturn().getResponse().getContentAsString();
}

private static void createUser(
JdbcScimUserProvisioning jdbcScimUserProvisioning,
IdentityZone identityZone
) {
ScimUser user = new ScimUser(null, "marissa", "first", "last");
user.setPrimaryEmail("test@test.org");
jdbcScimUserProvisioning.createUser(user, "secret", identityZone.getId());
}

void createIdp() throws Exception {
createIdp(null);
}

private void createIdp(Consumer<SamlIdentityProviderDefinition> additionalConfigCallback) throws Exception {
idp = new IdentityProvider<>()
.setType(OriginKeys.SAML)
.setOriginKey(idpZone.getSubdomain())
.setActive(true)
.setName("SAML IDP for Mock Tests")
.setIdentityZoneId(spZone.getId());
SamlIdentityProviderDefinition idpDefinition = new SamlIdentityProviderDefinition()
.setMetaDataLocation(getSamlMetadata(idpZone.getSubdomain(), "/saml/idp/metadata"))
.setIdpEntityAlias(idp.getOriginKey())
.setLinkText(idp.getName())
.setZoneId(spZone.getId());

if (additionalConfigCallback != null) {
additionalConfigCallback.accept(idpDefinition);
}

idp.setConfig(idpDefinition);
idp = jdbcIdentityProviderProvisioning.create(idp, spZone.getId());
}

private IdentityZone createZone(String zoneIdPrefix, BaseClientDetails adminClient) throws Exception {
return MockMvcUtils.createOtherIdentityZoneAndReturnResult(
zoneIdPrefix + generator.generate(),
mockMvc,
webApplicationContext,
adminClient, IdentityZoneHolder.getCurrentZoneId()
).getIdentityZone();
}
}

0 comments on commit dc862ac

Please sign in to comment.