2222
2323import org .hamcrest .BaseMatcher ;
2424import org .hamcrest .Description ;
25+ import org .hamcrest .Matcher ;
2526import org .joda .time .DateTime ;
2627import org .joda .time .Duration ;
2728import org .junit .Before ;
4849import static org .springframework .test .util .AssertionErrors .assertTrue ;
4950import static org .springframework .util .StringUtils .hasText ;
5051
52+ /**
53+ * Tests for {@link OpenSamlAuthenticationProvider}
54+ *
55+ * @author Filip Hanik
56+ * @author Josh Cummings
57+ */
5158public class OpenSamlAuthenticationProviderTests {
5259
5360 private static String username =
"[email protected] " ;
@@ -64,9 +71,9 @@ public class OpenSamlAuthenticationProviderTests {
6471
6572 @ Before
6673 public void setup () {
67- saml = OpenSamlImplementation .getInstance ();
68- provider = new OpenSamlAuthenticationProvider ();
69- token = new Saml2AuthenticationToken (
74+ this . saml = OpenSamlImplementation .getInstance ();
75+ this . provider = new OpenSamlAuthenticationProvider ();
76+ this . token = new Saml2AuthenticationToken (
7077 "responseXml" ,
7178 recipientUri ,
7279 idpEntityId ,
@@ -79,73 +86,66 @@ public void setup() {
7986 public void supportsWhenSaml2AuthenticationTokenThenReturnTrue () {
8087
8188 assertTrue (
82- OpenSamlAuthenticationProvider .class + "should support " + token .getClass (),
83- provider .supports (token .getClass ())
89+ OpenSamlAuthenticationProvider .class + "should support " + this . token .getClass (),
90+ this . provider .supports (this . token .getClass ())
8491 );
8592 }
8693
8794 @ Test
8895 public void supportsWhenNotSaml2AuthenticationTokenThenReturnFalse () {
8996 assertTrue (
9097 OpenSamlAuthenticationProvider .class + "should not support " + Authentication .class ,
91- !provider .supports (Authentication .class )
98+ !this . provider .supports (Authentication .class )
9299 );
93100 }
94101
95102 @ Test
96103 public void authenticateWhenUnknownDataClassThenThrowAuthenticationException () {
97104 Assertion assertion = defaultAssertion ();
98- token = responseXml (assertion );
99- exception .expect (authenticationMatcher (Saml2ErrorCodes .UNKNOWN_RESPONSE_CLASS ));
100- provider .authenticate (token );
105+ this . token = responseXml (assertion );
106+ this . exception .expect (authenticationMatcher (Saml2ErrorCodes .UNKNOWN_RESPONSE_CLASS ));
107+ this . provider .authenticate (this . token );
101108 }
102109
103110 @ Test
104111 public void authenticateWhenXmlErrorThenThrowAuthenticationException () {
105- token = new Saml2AuthenticationToken (
112+ this . token = new Saml2AuthenticationToken (
106113 "invalid xml string" ,
107114 recipientUri ,
108115 idpEntityId ,
109116 recipientEntityId ,
110117 relyingPartyCredentials ()
111118 );
112- exception .expect (authenticationMatcher (Saml2ErrorCodes .MALFORMED_RESPONSE_DATA ));
113- provider .authenticate (token );
119+ this . exception .expect (authenticationMatcher (Saml2ErrorCodes .MALFORMED_RESPONSE_DATA ));
120+ this . provider .authenticate (this . token );
114121 }
115122
116123 @ Test
117124 public void authenticateWhenInvalidDestinationThenThrowAuthenticationException () {
118125 Response response = response (recipientUri + "invalid" , idpEntityId );
119- token = responseXml (response );
120- exception .expect (authenticationMatcher (Saml2ErrorCodes .INVALID_DESTINATION ));
121- provider .authenticate (token );
126+ this . token = responseXml (response );
127+ this . exception .expect (authenticationMatcher (Saml2ErrorCodes .INVALID_DESTINATION ));
128+ this . provider .authenticate (this . token );
122129 }
123130
124131 @ Test
125132 public void authenticateWhenNoAssertionsPresentThenThrowAuthenticationException () {
126133 Response response = response (recipientUri , idpEntityId );
127- token = responseXml (response );
128- exception .expect (
129- authenticationMatcher (
130- Saml2ErrorCodes .MALFORMED_RESPONSE_DATA ,
131- "No assertions found in response."
132- )
134+ this .token = responseXml (response );
135+ this .exception .expect (
136+ authenticationMatcher (Saml2ErrorCodes .MALFORMED_RESPONSE_DATA , "No assertions found in response." )
133137 );
134- provider .authenticate (token );
138+ this . provider .authenticate (this . token );
135139 }
136140
137141 @ Test
138142 public void authenticateWhenInvalidSignatureOnAssertionThenThrowAuthenticationException () {
139143 Response response = response (recipientUri , idpEntityId );
140144 Assertion assertion = defaultAssertion ();
141145 response .getAssertions ().add (assertion );
142- token = responseXml (response );
143- exception .expect (
144- authenticationMatcher (
145- Saml2ErrorCodes .INVALID_SIGNATURE
146- )
147- );
148- provider .authenticate (token );
146+ this .token = responseXml (response );
147+ this .exception .expect (authenticationMatcher (Saml2ErrorCodes .INVALID_SIGNATURE ));
148+ this .provider .authenticate (this .token );
149149 }
150150
151151 @ Test
@@ -164,14 +164,10 @@ public void authenticateWhenOpenSAMLValidationErrorThenThrowAuthenticationExcept
164164 recipientEntityId
165165 );
166166 response .getAssertions ().add (assertion );
167- token = responseXml (response );
167+ this . token = responseXml (response );
168168
169- exception .expect (
170- authenticationMatcher (
171- Saml2ErrorCodes .INVALID_ASSERTION
172- )
173- );
174- provider .authenticate (token );
169+ this .exception .expect (authenticationMatcher (Saml2ErrorCodes .INVALID_ASSERTION ));
170+ this .provider .authenticate (this .token );
175171 }
176172
177173 @ Test
@@ -185,14 +181,10 @@ public void authenticateWhenMissingSubjectThenThrowAuthenticationException() {
185181 recipientEntityId
186182 );
187183 response .getAssertions ().add (assertion );
188- token = responseXml (response );
184+ this . token = responseXml (response );
189185
190- exception .expect (
191- authenticationMatcher (
192- Saml2ErrorCodes .SUBJECT_NOT_FOUND
193- )
194- );
195- provider .authenticate (token );
186+ this .exception .expect (authenticationMatcher (Saml2ErrorCodes .SUBJECT_NOT_FOUND ));
187+ this .provider .authenticate (token );
196188 }
197189
198190 @ Test
@@ -209,14 +201,10 @@ public void authenticateWhenUsernameMissingThenThrowAuthenticationException() th
209201 recipientEntityId
210202 );
211203 response .getAssertions ().add (assertion );
212- token = responseXml (response );
204+ this . token = responseXml (response );
213205
214- exception .expect (
215- authenticationMatcher (
216- Saml2ErrorCodes .USERNAME_NOT_FOUND
217- )
218- );
219- provider .authenticate (token );
206+ this .exception .expect (authenticationMatcher (Saml2ErrorCodes .USERNAME_NOT_FOUND ));
207+ this .provider .authenticate (this .token );
220208 }
221209
222210 @ Test
@@ -232,8 +220,8 @@ public void authenticateWhenAssertionContainsValidationAddressThenItSucceeds() t
232220 recipientEntityId
233221 );
234222 response .getAssertions ().add (assertion );
235- token = responseXml (response );
236- provider .authenticate (token );
223+ this . token = responseXml (response );
224+ this . provider .authenticate (this . token );
237225 }
238226
239227 @ Test
@@ -242,13 +230,9 @@ public void authenticateWhenEncryptedAssertionWithoutSignatureThenItFails() thro
242230 Assertion assertion = defaultAssertion ();
243231 EncryptedAssertion encryptedAssertion = encryptAssertion (assertion , assertingPartyCredentials ());
244232 response .getEncryptedAssertions ().add (encryptedAssertion );
245- token = responseXml (response );
246- exception .expect (
247- authenticationMatcher (
248- Saml2ErrorCodes .INVALID_SIGNATURE
249- )
250- );
251- provider .authenticate (token );
233+ this .token = responseXml (response );
234+ this .exception .expect (authenticationMatcher (Saml2ErrorCodes .INVALID_SIGNATURE ));
235+ this .provider .authenticate (this .token );
252236 }
253237
254238 @ Test
@@ -262,8 +246,8 @@ public void authenticateWhenEncryptedAssertionWithSignatureThenItSucceeds() thro
262246 );
263247 EncryptedAssertion encryptedAssertion = encryptAssertion (assertion , assertingPartyCredentials ());
264248 response .getEncryptedAssertions ().add (encryptedAssertion );
265- token = responseXml (response );
266- provider .authenticate (token );
249+ this . token = responseXml (response );
250+ this . provider .authenticate (this . token );
267251 }
268252
269253 @ Test
@@ -277,8 +261,8 @@ public void authenticateWhenEncryptedAssertionWithResponseSignatureThenItSucceed
277261 assertingPartyCredentials (),
278262 recipientEntityId
279263 );
280- token = responseXml (response );
281- provider .authenticate (token );
264+ this . token = responseXml (response );
265+ provider .authenticate (this . token );
282266 }
283267
284268 @ Test
@@ -295,8 +279,8 @@ public void authenticateWhenEncryptedNameIdWithSignatureThenItSucceeds() throws
295279 recipientEntityId
296280 );
297281 response .getAssertions ().add (assertion );
298- token = responseXml (response );
299- provider .authenticate (token );
282+ this . token = responseXml (response );
283+ this . provider .authenticate (this . token );
300284 }
301285
302286
@@ -306,23 +290,20 @@ public void authenticateWhenDecryptionKeysAreMissingThenThrowAuthenticationExcep
306290 Assertion assertion = defaultAssertion ();
307291 EncryptedAssertion encryptedAssertion = encryptAssertion (assertion , assertingPartyCredentials ());
308292 response .getEncryptedAssertions ().add (encryptedAssertion );
309- token = responseXml (response );
293+ this . token = responseXml (response );
310294
311- token = new Saml2AuthenticationToken (
312- token .getSaml2Response (),
295+ this . token = new Saml2AuthenticationToken (
296+ this . token .getSaml2Response (),
313297 recipientUri ,
314298 idpEntityId ,
315299 recipientEntityId ,
316300 emptyList ()
317301 );
318302
319- exception .expect (
320- authenticationMatcher (
321- Saml2ErrorCodes .DECRYPTION_ERROR ,
322- "No valid decryption credentials found."
323- )
303+ this .exception .expect (
304+ authenticationMatcher (Saml2ErrorCodes .DECRYPTION_ERROR , "No valid decryption credentials found." )
324305 );
325- provider .authenticate (token );
306+ this . provider .authenticate (this . token );
326307 }
327308
328309 @ Test
@@ -331,23 +312,20 @@ public void authenticateWhenDecryptionKeysAreWrongThenThrowAuthenticationExcepti
331312 Assertion assertion = defaultAssertion ();
332313 EncryptedAssertion encryptedAssertion = encryptAssertion (assertion , assertingPartyCredentials ());
333314 response .getEncryptedAssertions ().add (encryptedAssertion );
334- token = responseXml (response );
315+ this . token = responseXml (response );
335316
336- token = new Saml2AuthenticationToken (
337- token .getSaml2Response (),
317+ this . token = new Saml2AuthenticationToken (
318+ this . token .getSaml2Response (),
338319 recipientUri ,
339320 idpEntityId ,
340321 recipientEntityId ,
341322 assertingPartyCredentials ()
342323 );
343324
344- exception .expect (
345- authenticationMatcher (
346- Saml2ErrorCodes .DECRYPTION_ERROR ,
347- "Failed to decrypt EncryptedData"
348- )
325+ this .exception .expect (
326+ authenticationMatcher (Saml2ErrorCodes .DECRYPTION_ERROR , "Failed to decrypt EncryptedData" )
349327 );
350- provider .authenticate (token );
328+ this . provider .authenticate (this . token );
351329 }
352330
353331 @ Test
@@ -361,9 +339,9 @@ public void writeObjectWhenTypeIsSaml2AuthenticationThenNoException() throws IOE
361339 );
362340 EncryptedAssertion encryptedAssertion = encryptAssertion (assertion , assertingPartyCredentials ());
363341 response .getEncryptedAssertions ().add (encryptedAssertion );
364- token = responseXml (response );
342+ this . token = responseXml (response );
365343
366- Saml2Authentication authentication = (Saml2Authentication ) provider .authenticate (token );
344+ Saml2Authentication authentication = (Saml2Authentication ) this . provider .authenticate (this . token );
367345
368346 // the following code will throw an exception if authentication isn't serializable
369347 ByteArrayOutputStream byteStream = new ByteArrayOutputStream (1024 );
@@ -382,7 +360,7 @@ private Assertion defaultAssertion() {
382360 }
383361
384362 private Saml2AuthenticationToken responseXml (XMLObject assertion ) {
385- String xml = saml .serialize (assertion );
363+ String xml = this . saml .serialize (assertion );
386364 return new Saml2AuthenticationToken (
387365 xml ,
388366 recipientUri ,
@@ -393,28 +371,23 @@ private Saml2AuthenticationToken responseXml(XMLObject assertion) {
393371
394372 }
395373
396- private BaseMatcher <Saml2AuthenticationException > authenticationMatcher (String code ) {
374+ private Matcher <Saml2AuthenticationException > authenticationMatcher (String code ) {
397375 return authenticationMatcher (code , null );
398376 }
399377
400- private BaseMatcher <Saml2AuthenticationException > authenticationMatcher (String code , String description ) {
378+ private Matcher <Saml2AuthenticationException > authenticationMatcher (String code , String description ) {
401379 return new BaseMatcher <Saml2AuthenticationException >() {
402- private Object value = null ;
403-
404380 @ Override
405381 public boolean matches (Object item ) {
406382 if (!(item instanceof Saml2AuthenticationException )) {
407- value = item ;
408383 return false ;
409384 }
410385 Saml2AuthenticationException ex = (Saml2AuthenticationException ) item ;
411386 if (!code .equals (ex .getError ().getErrorCode ())) {
412- value = item ;
413387 return false ;
414388 }
415389 if (hasText (description )) {
416390 if (!description .equals (ex .getError ().getDescription ())) {
417- value = item ;
418391 return false ;
419392 }
420393 }
0 commit comments