Skip to content

Commit 7b8516c

Browse files
committed
Add unit tests for SamlAuthenticationSuccessHandler
1 parent 490b136 commit 7b8516c

1 file changed

Lines changed: 92 additions & 0 deletions

File tree

Lines changed: 92 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,92 @@
1+
<?php
2+
3+
namespace Hslavich\OneloginSamlBundle\Tests\Authentication;
4+
5+
use Hslavich\OneloginSamlBundle\Security\Authentication\SamlAuthenticationSuccessHandler;
6+
use Symfony\Component\HttpFoundation\Request;
7+
use Symfony\Component\Security\Http\HttpUtils;
8+
9+
class SamlAuthenticationSuccessHandlerTest extends \PHPUnit_Framework_TestCase
10+
{
11+
private $handler;
12+
13+
public function testWithAlwaysUseDefaultTargetPath()
14+
{
15+
$httpUtils = new HttpUtils($this->getUrlGenerator());
16+
$handler = new SamlAuthenticationSuccessHandler($httpUtils, array('always_use_default_target_path' => true));
17+
$defaultTargetPath = $httpUtils->generateUri($this->getRequest('/sso/login'), $this->getOption($handler, 'default_target_path', '/'));
18+
$response = $handler->onAuthenticationSuccess($this->getRequest('/login', 'http://localhost/relayed'), $this->getSamlToken());
19+
$this->assertTrue($response->isRedirect($defaultTargetPath), 'SamlAuthenticationSuccessHandler does not honor the always_use_default_target_path option.');
20+
}
21+
22+
public function testRelayState()
23+
{
24+
$handler = new SamlAuthenticationSuccessHandler(new HttpUtils($this->getUrlGenerator()), array('always_use_default_target_path' => false));
25+
$response = $handler->onAuthenticationSuccess($this->getRequest('/sso/login', 'http://localhost/relayed'), $this->getSamlToken());
26+
$this->assertTrue($response->isRedirect('http://localhost/relayed'), 'SamlAuthenticationSuccessHandler is not processing the RelayState parameter properly.');
27+
}
28+
29+
public function testWithoutRelayState()
30+
{
31+
$httpUtils = new HttpUtils($this->getUrlGenerator());
32+
$handler = new SamlAuthenticationSuccessHandler($httpUtils, array('always_use_default_target_path' => false));
33+
$defaultTargetPath = $httpUtils->generateUri($this->getRequest('/sso/login'), $this->getOption($handler, 'default_target_path', '/'));
34+
$response = $handler->onAuthenticationSuccess($this->getRequest(), $this->getSamlToken());
35+
$this->assertTrue($response->isRedirect($defaultTargetPath));
36+
}
37+
38+
public function testRelayStateLoop()
39+
{
40+
$httpUtils = new HttpUtils($this->getUrlGenerator());
41+
$handler = new SamlAuthenticationSuccessHandler($httpUtils, array('always_use_default_target_path' => false));
42+
$loginPath = $httpUtils->generateUri($this->getRequest('/sso/login'), $this->getOption($handler, 'login_path', '/login'));
43+
$response = $handler->onAuthenticationSuccess($this->getRequest($loginPath), $this->getSamlToken());
44+
$this->assertTrue(!$response->isRedirect($loginPath), 'SamlAuthenticationSuccessHandler causes a redirect loop when RelayState points to login_path.');
45+
}
46+
47+
48+
private function getUrlGenerator()
49+
{
50+
$urlGenerator = $this->getMockBuilder('Symfony\Component\Routing\Generator\UrlGeneratorInterface')->getMock();
51+
$urlGenerator
52+
->expects($this->any())
53+
->method('generate')
54+
->will($this->returnCallback(function($name)
55+
{
56+
return (string) $name;
57+
}))
58+
;
59+
60+
return $urlGenerator;
61+
}
62+
63+
private function getRequest($path = '/', $relayState = null)
64+
{
65+
$params = array();
66+
if (null !== $relayState) {
67+
$params['RelayState'] = $relayState;
68+
}
69+
return Request::create($path, 'get', $params);
70+
}
71+
72+
private function getSamlToken()
73+
{
74+
$token = $this->createMock('Hslavich\OneloginSamlBundle\Security\Authentication\Token\SamlToken');
75+
$token->expects($this->any())->method('getUsername')->willReturn('admin');
76+
$token->method('getAttributes')->willReturn(array('foo' => 'bar'));
77+
78+
return $token;
79+
}
80+
81+
private function getOption($handler, $name, $default = null)
82+
{
83+
$reflection = new \ReflectionObject($handler);
84+
$options = $reflection->getProperty('options');
85+
$options->setAccessible(true);
86+
$arr = $options->getValue($handler);
87+
if (!is_array($arr) || !isset($arr[$name])) {
88+
return $default;
89+
}
90+
return $arr[$name];
91+
}
92+
}

0 commit comments

Comments
 (0)