Test: Add test for testing new InResponseTo checking code
* tests/login_tests.c: after first test of parsing the soap response message in the login test, try to parse it a second time, after modifying the InResponseTo id of the assertion and disabling signature checking.
This commit is contained in:
parent
94398d7edf
commit
b744d0be87
|
@ -126,7 +126,9 @@ START_TEST(test02_serviceProviderLogin)
|
|||
char *serviceProviderId, *soapRequestMsg, *soapResponseMsg;
|
||||
char *spIdentityContextDump;
|
||||
char *spSessionDump;
|
||||
char *spLoginDump;
|
||||
int requestType;
|
||||
char *found;
|
||||
|
||||
serviceProviderContextDump = generateServiceProviderContextDump();
|
||||
spContext = lasso_server_new_from_dump(serviceProviderContextDump);
|
||||
|
@ -151,6 +153,7 @@ START_TEST(test02_serviceProviderLogin)
|
|||
authnRequestQuery = strchr(authnRequestUrl, '?')+1;
|
||||
fail_unless(strlen(authnRequestQuery) > 0,
|
||||
"authnRequestRequest shouldn't be an empty string");
|
||||
spLoginDump = lasso_node_dump(LASSO_NODE(spLoginContext));
|
||||
|
||||
/* Identity provider singleSignOn, for a user having no federation. */
|
||||
identityProviderContextDump = generateIdentityProviderContextDump();
|
||||
|
@ -200,7 +203,7 @@ START_TEST(test02_serviceProviderLogin)
|
|||
lasso_login_destroy(spLoginContext);
|
||||
|
||||
spContext = lasso_server_new_from_dump(serviceProviderContextDump);
|
||||
spLoginContext = lasso_login_new(spContext);
|
||||
spLoginContext = lasso_login_new_from_dump(spContext, spLoginDump);
|
||||
rc = lasso_login_init_request(spLoginContext,
|
||||
responseQuery,
|
||||
LASSO_HTTP_METHOD_REDIRECT);
|
||||
|
@ -241,6 +244,19 @@ START_TEST(test02_serviceProviderLogin)
|
|||
fail_unless(spIdentityContextDump != NULL, "lasso_identity_dump failed");
|
||||
spSessionDump = lasso_session_dump(LASSO_PROFILE(spLoginContext)->session);
|
||||
|
||||
/* Test InResponseTo checking */
|
||||
found = strstr(soapResponseMsg, "Assertion");
|
||||
fail_unless(found != NULL, "We must find an Assertion");
|
||||
found = strstr(found, "InResponseTo=\"");
|
||||
fail_unless(found != NULL, "We must find an InResponseTo attribute");
|
||||
found[sizeof("InResponseTo=\"")] = '?';
|
||||
lasso_set_flag("no-verify-signature");
|
||||
rc = lasso_login_process_response_msg(spLoginContext, soapResponseMsg);
|
||||
lasso_set_flag("verify-signature");
|
||||
fail_unless(rc != 0, "lasso_login_process_response_msg must fail");
|
||||
rc = lasso_login_accept_sso(spLoginContext);
|
||||
fail_unless(rc == 0, "lasso_login_accept_sso must fail");
|
||||
|
||||
g_free(serviceProviderId);
|
||||
g_free(serviceProviderContextDump);
|
||||
g_free(identityProviderContextDump);
|
||||
|
|
Loading…
Reference in New Issue