cxf-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cohei...@apache.org
Subject [2/2] cxf-fediz git commit: Fixed a bug in the MetadataServlet
Date Mon, 25 Jan 2016 17:02:28 GMT
Fixed a bug in the MetadataServlet


Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo
Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/6d8baf8b
Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/6d8baf8b
Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/6d8baf8b

Branch: refs/heads/master
Commit: 6d8baf8b8578bb76d01bdf8962bcecb758d975e6
Parents: 77ae601
Author: Colm O hEigeartaigh <coheigea@apache.org>
Authored: Mon Jan 25 11:34:40 2016 +0000
Committer: Colm O hEigeartaigh <coheigea@apache.org>
Committed: Mon Jan 25 16:30:53 2016 +0000

----------------------------------------------------------------------
 .../cxf/fediz/service/idp/MetadataServlet.java  |  3 +-
 .../cxf/fediz/integrationtests/SAMLSSOTest.java | 42 ++++++++++++++++++++
 2 files changed, 44 insertions(+), 1 deletion(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6d8baf8b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java
----------------------------------------------------------------------
diff --git a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java
b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java
index 039d26f..0aab857 100644
--- a/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java
+++ b/services/idp/src/main/java/org/apache/cxf/fediz/service/idp/MetadataServlet.java
@@ -72,7 +72,8 @@ public class MetadataServlet extends HttpServlet {
                 TrustedIdp trustedIdp = idpConfig.findTrustedIdp(serviceRealm);
                 if (trustedIdp == null) {
                     LOG.error("No TrustedIdp found for desired realm: " + serviceRealm);
-                    response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
+                    response.sendError(HttpServletResponse.SC_BAD_REQUEST);
+                    return;
                 }
                 ServiceMetadataWriter mw = new ServiceMetadataWriter();
                 Document metadata = mw.getMetaData(idpConfig, trustedIdp);

http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/6d8baf8b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
----------------------------------------------------------------------
diff --git a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
index 8c0510a..af47527 100644
--- a/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
+++ b/systests/federation/samlsso/src/test/java/org/apache/cxf/fediz/integrationtests/SAMLSSOTest.java
@@ -23,23 +23,32 @@ package org.apache.cxf.fediz.integrationtests;
 import java.io.File;
 import java.io.IOException;
 
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
 import com.gargoylesoftware.htmlunit.CookieManager;
 import com.gargoylesoftware.htmlunit.WebClient;
 import com.gargoylesoftware.htmlunit.html.HtmlForm;
 import com.gargoylesoftware.htmlunit.html.HtmlPage;
 import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput;
+import com.gargoylesoftware.htmlunit.xml.XmlPage;
 
 import org.apache.catalina.Context;
 import org.apache.catalina.LifecycleState;
 import org.apache.catalina.connector.Connector;
 import org.apache.catalina.startup.Tomcat;
 import org.apache.cxf.fediz.core.ClaimTypes;
+import org.apache.cxf.fediz.core.util.DOMUtils;
 import org.apache.cxf.fediz.tomcat7.FederationAuthenticator;
 import org.apache.http.auth.AuthScope;
 import org.apache.http.auth.UsernamePasswordCredentials;
+import org.apache.xml.security.keys.KeyInfo;
+import org.apache.xml.security.signature.XMLSignature;
 import org.junit.AfterClass;
 import org.junit.Assert;
 import org.junit.BeforeClass;
+import org.junit.Test;
 
 /**
  * This is a test for federation in the IdP. The RP application is configured to use a home
realm of "realm b". The
@@ -296,6 +305,39 @@ public class SAMLSSOTest {
                           bodyTextContent.contains(claim + "=alice@realma.org"));
     }
     
+    @Test
+    public void testIdPServiceMetadata() throws Exception {
+        String url = "https://localhost:" + getIdpHttpsPort()
+            + "/fediz-idp/metadata/urn:org:apache:cxf:fediz:idp:realm-B";
+
+        final WebClient webClient = new WebClient();
+        webClient.getOptions().setUseInsecureSSL(true);
+        webClient.getOptions().setSSLClientCertificate(
+            this.getClass().getClassLoader().getResource("client.jks"), "storepass", "jks");
+
+        final XmlPage rpPage = webClient.getPage(url);
+        final String xmlContent = rpPage.asXml();
+        Assert.assertTrue(xmlContent.startsWith("<md:EntityDescriptor"));
+
+        // Now validate the Signature
+        Document doc = rpPage.getXmlDocument();
+
+        doc.getDocumentElement().setIdAttributeNS(null, "ID", true);
+
+        Node signatureNode =
+            DOMUtils.getChild(doc.getDocumentElement(), "Signature");
+        Assert.assertNotNull(signatureNode);
+
+        XMLSignature signature = new XMLSignature((Element)signatureNode, "");
+        KeyInfo ki = signature.getKeyInfo();
+        Assert.assertNotNull(ki);
+        Assert.assertNotNull(ki.getX509Certificate());
+
+        Assert.assertTrue(signature.checkSignatureValue(ki.getX509Certificate()));
+
+        webClient.close();
+    }
+    
     private static String login(String url, String user, String password, 
                                 String idpPort, String rpIdpPort, boolean postBinding) throws
IOException {
         //


Mime
View raw message