This repository has been archived by the owner on Oct 3, 2020. It is now read-only.
forked from RobotsAndPencils/go-saml
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathsendgrid_test.go
100 lines (76 loc) · 2.97 KB
/
sendgrid_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
package saml
import (
"encoding/base64"
"io/ioutil"
"testing"
"github.com/sendgrid/go-saml/util"
"github.com/stretchr/testify/assert"
)
func TestGenerateAuthnRequest(t *testing.T) {
assert := assert.New(t)
publicCertificatePath := "./default.crt"
privateKeyPath := "./default.key"
idpPublicCertificatePath := "./default.crt"
b, err := ioutil.ReadFile(publicCertificatePath)
assert.NoError(err)
publicCertificate := string(b)
b, err = ioutil.ReadFile(privateKeyPath)
assert.NoError(err)
privateKey := string(b)
b, err = ioutil.ReadFile(idpPublicCertificatePath)
assert.NoError(err)
idpPublicCertificate := string(b)
idpSsoUrl := "http://www.onelogin.net"
idpSsoDescriptorUrl := "http://www.onelogin.net"
assertionConsumerServiceUrl := "http://localhost:8000/auth/saml/name"
b64XML, err := GenerateAuthnRequest(publicCertificate, privateKey,
idpSsoUrl, idpSsoDescriptorUrl, idpPublicCertificate, assertionConsumerServiceUrl)
assert.NoError(err)
byteSignedXML, err := base64.StdEncoding.DecodeString(b64XML)
assert.NoError(err)
signedXML := string(byteSignedXML)
assert.NotEmpty(signedXML)
err = VerifyRequestSignature(signedXML, publicCertificatePath)
assert.NoError(err)
}
func TestValidateSamlResponse(t *testing.T) {
assert := assert.New(t)
publicCertificatePath := "./default.crt"
privateKeyPath := "./default.key"
idpPublicCertificatePath := "./default.crt"
b, err := ioutil.ReadFile(publicCertificatePath)
assert.NoError(err)
publicCertificate := string(b)
publicCert, err := util.LoadCertificate(publicCertificatePath)
assert.NoError(err)
b, err = ioutil.ReadFile(privateKeyPath)
assert.NoError(err)
privateKey := string(b)
b, err = ioutil.ReadFile(idpPublicCertificatePath)
assert.NoError(err)
idpPublicCertificate := string(b)
idpSsoUrl := "http://www.onelogin.net"
idpSsoDescriptorUrl := "http://www.onelogin.net"
assertionConsumerServiceUrl := "http://localhost:8000/auth/saml/name"
issuer := assertionConsumerServiceUrl
authnResponse := NewSignedResponse()
authnResponse.Issuer.Url = issuer
authnResponse.Assertion.Issuer.Url = issuer
authnResponse.Signature.KeyInfo.X509Data.X509Certificate.Cert = publicCert
authnResponse.Assertion.Subject.NameID.Value = "180"
authnResponse.AddAttribute("uid", "180")
authnResponse.AddAttribute("email", "someone@domain")
authnResponse.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.InResponseTo = "foo"
authnResponse.InResponseTo = "bar"
authnResponse.Assertion.Subject.SubjectConfirmation.SubjectConfirmationData.Recipient = issuer
authnResponse.Destination = assertionConsumerServiceUrl
// signed XML string
signed, err := authnResponse.EncodedSignedString(privateKeyPath)
assert.NoError(err)
assert.NotEmpty(signed)
response, err := ParseEncodedResponse(signed)
assert.NoError(err)
assert.NotEmpty(response)
err = ValidateSamlResponse(response, publicCertificate, privateKey, idpSsoUrl, idpSsoDescriptorUrl, idpPublicCertificate, assertionConsumerServiceUrl)
assert.NoError(err)
}