Repository: cxf-fediz Updated Branches: refs/heads/master bf2cbeaf3 -> 02a0b82a1
[FEDIZ-19] - Applying Logout tests Project: http://git-wip-us.apache.org/repos/asf/cxf-fediz/repo Commit: http://git-wip-us.apache.org/repos/asf/cxf-fediz/commit/02a0b82a Tree: http://git-wip-us.apache.org/repos/asf/cxf-fediz/tree/02a0b82a Diff: http://git-wip-us.apache.org/repos/asf/cxf-fediz/diff/02a0b82a Branch: refs/heads/master Commit: 02a0b82a14cf8f39e8573e2630f7999927612de0 Parents: bf2cbea Author: Colm O hEigeartaigh <cohei...@apache.org> Authored: Wed Sep 17 11:27:02 2014 +0100 Committer: Colm O hEigeartaigh <cohei...@apache.org> Committed: Wed Sep 17 11:27:02 2014 +0100 ---------------------------------------------------------------------- .../federation/FederationTest.java | 10 ++ systests/tests/pom.xml | 12 -- .../fediz/integrationtests/AbstractTests.java | 84 +++++++-- .../fediz/integrationtests/HTTPTestUtils.java | 169 +++++-------------- 4 files changed, 121 insertions(+), 154 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/02a0b82a/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java ---------------------------------------------------------------------- diff --git a/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java b/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java index 8dbbcb5..84b91df 100644 --- a/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java +++ b/systests/cxf/src/test/java/org/apache/cxf/fediz/integrationtests/federation/FederationTest.java @@ -223,6 +223,16 @@ public class FederationTest extends AbstractTests { } + @org.junit.Test + public void testRPLogout() throws Exception { + // + } + + @org.junit.Test + public void testIdPLogout() throws Exception { + // + } + public String getServletContextName() { return "fedizhelloworld"; } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/02a0b82a/systests/tests/pom.xml ---------------------------------------------------------------------- diff --git a/systests/tests/pom.xml b/systests/tests/pom.xml index b245187..950046a 100644 --- a/systests/tests/pom.xml +++ b/systests/tests/pom.xml @@ -45,18 +45,6 @@ <version>${project.version}</version> </dependency> <dependency> - <groupId>org.apache.httpcomponents</groupId> - <artifactId>httpclient</artifactId> - <version>${httpclient.version}</version> - </dependency> -<!-- - <dependency> - <groupId>net.htmlparser.jericho</groupId> - <artifactId>jericho-html</artifactId> - <version>${jericho.version}</version> - </dependency> ---> - <dependency> <groupId>net.sourceforge.htmlunit</groupId> <artifactId>htmlunit</artifactId> <version>${htmlunit.version}</version> http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/02a0b82a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java ---------------------------------------------------------------------- diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java index 2327bf3..4d68e36 100644 --- a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java +++ b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/AbstractTests.java @@ -19,11 +19,14 @@ package org.apache.cxf.fediz.integrationtests; +import com.gargoylesoftware.htmlunit.CookieManager; import com.gargoylesoftware.htmlunit.FailingHttpStatusCodeException; import com.gargoylesoftware.htmlunit.WebClient; +import com.gargoylesoftware.htmlunit.html.HtmlPage; import com.gargoylesoftware.htmlunit.xml.XmlPage; import org.apache.cxf.fediz.core.ClaimTypes; +import org.apache.cxf.fediz.core.FederationConstants; import org.junit.Assert; public abstract class AbstractTests { @@ -300,24 +303,81 @@ public abstract class AbstractTests { final String xmlContent = rpPage.asXml(); Assert.assertTrue(xmlContent.startsWith("<EntityDescriptor")); } - /* + @org.junit.Test - public void testAliceLogout() throws Exception { - // Authenticate as "alice" + public void testRPLogout() throws Exception { + String url = "https://localhost:"; + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet"; String user = "alice"; String password = "ecila"; + + CookieManager cookieManager = new CookieManager(); - CloseableHttpClient httpClient = - HTTPTestUtils.sendHttpGetForSignIn(url, user, password, 200, 200, Integer.parseInt(getIdpHttpsPort())); + // 1. Login + HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager); - String logoutUrl = "https://localhost:"; + getRpHttpsPort() + "/fedizhelloworld/secure/logout"; - String logoutResponse = - HTTPTestUtils.sendHttpGetForSignOut(httpClient, logoutUrl, 200, 200, Integer.parseInt(getIdpHttpsPort())); + // 2. Now we should have a cookie from the RP and IdP and should be able to do + // subsequent requests without authenticate again. Lets test this first. + WebClient webClient = new WebClient(); + webClient.setCookieManager(cookieManager); + webClient.getOptions().setUseInsecureSSL(true); + final HtmlPage rpPage = webClient.getPage(url); + Assert.assertEquals("WS Federation Systests Examples", rpPage.getTitleText()); + + // 3. now we logout from RP + String rpLogoutUrl = "https://localhost:"; + getRpHttpsPort() + "/fedizhelloworld/secure/logout"; + + HTTPTestUtils.logout(rpLogoutUrl, cookieManager); + + // 4. now we try to access the RP and idp without authentication but with the existing cookies + // to see if we are really logged out + String rpUrl = "https://localhost:"; + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet"; + + webClient = new WebClient(); + webClient.setCookieManager(cookieManager); + webClient.getOptions().setUseInsecureSSL(true); + webClient.getOptions().setThrowExceptionOnFailingStatusCode(false); + final HtmlPage idpPage = webClient.getPage(rpUrl); + + Assert.assertEquals(401, idpPage.getWebResponse().getStatusCode()); + } + + @org.junit.Test + public void testIdPLogout() throws Exception { + + String url = "https://localhost:"; + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet"; + String user = "alice"; + String password = "ecila"; + + CookieManager cookieManager = new CookieManager(); + + // 1. Login + HTTPTestUtils.loginWithCookieManager(url, user, password, getIdpHttpsPort(), cookieManager); + + // 2. Now we should have a cookie from the RP and IdP and should be able to do + // subsequent requests without authenticate again. Lets test this first. + WebClient webClient = new WebClient(); + webClient.setCookieManager(cookieManager); + webClient.getOptions().setUseInsecureSSL(true); + final HtmlPage rpPage = webClient.getPage(url); + Assert.assertEquals("WS Federation Systests Examples", rpPage.getTitleText()); - Assert.assertTrue(logoutResponse.contains("IDP SignOut Response Page")); - Assert.assertTrue(logoutResponse.contains("Logout status of RP")); - Assert.assertTrue(logoutResponse.contains("wsignoutcleanup1.0")); + // 3. now we logout from IdP + String idpLogoutUrl = "https://localhost:"; + getIdpHttpsPort() + "/fediz-idp/federation?wa=" + + FederationConstants.ACTION_SIGNOUT; //todo logout url on idp?!? + + HTTPTestUtils.logout(idpLogoutUrl, cookieManager); + + // 4. now we try to access the RP and idp without authentication but with the existing cookies + // to see if we are really logged out + String rpUrl = "https://localhost:"; + getRpHttpsPort() + "/fedizhelloworld/secure/fedservlet"; + + webClient = new WebClient(); + webClient.setCookieManager(cookieManager); + webClient.getOptions().setUseInsecureSSL(true); + webClient.getOptions().setThrowExceptionOnFailingStatusCode(false); + final HtmlPage idpPage = webClient.getPage(rpUrl); + + Assert.assertEquals(401, idpPage.getWebResponse().getStatusCode()); } - */ } http://git-wip-us.apache.org/repos/asf/cxf-fediz/blob/02a0b82a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/HTTPTestUtils.java ---------------------------------------------------------------------- diff --git a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/HTTPTestUtils.java b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/HTTPTestUtils.java index 586d1db..d05fed6 100644 --- a/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/HTTPTestUtils.java +++ b/systests/tests/src/test/java/org/apache/cxf/fediz/integrationtests/HTTPTestUtils.java @@ -21,7 +21,10 @@ package org.apache.cxf.fediz.integrationtests; import java.io.IOException; +import com.gargoylesoftware.htmlunit.CookieManager; import com.gargoylesoftware.htmlunit.WebClient; +import com.gargoylesoftware.htmlunit.html.DomElement; +import com.gargoylesoftware.htmlunit.html.DomNodeList; import com.gargoylesoftware.htmlunit.html.HtmlForm; import com.gargoylesoftware.htmlunit.html.HtmlPage; import com.gargoylesoftware.htmlunit.html.HtmlSubmitInput; @@ -72,145 +75,51 @@ public final class HTTPTestUtils { return rpPage.getBody().getTextContent(); } + + public static String loginWithCookieManager(String url, String user, String password, + String idpPort, CookieManager cookieManager) throws IOException { + final WebClient webClient = new WebClient(); + webClient.setCookieManager(cookieManager); + webClient.getOptions().setUseInsecureSSL(true); + webClient.getCredentialsProvider().setCredentials( + new AuthScope("localhost", Integer.parseInt(idpPort)), + new UsernamePasswordCredentials(user, password)); - /** - * Same as sendHttpGet above, except that we return the HttpClient so that it can - * subsequently be re-used (for e.g. logout) - public static CloseableHttpClient sendHttpGetForSignIn(String url, String user, String password, - int returnCodeIDP, int returnCodeRP, int idpPort) - throws Exception { - - CloseableHttpClient httpClient = null; - CredentialsProvider credsProvider = new BasicCredentialsProvider(); - credsProvider.setCredentials( - new AuthScope("localhost", idpPort), - new UsernamePasswordCredentials(user, password)); - - KeyStore trustStore = KeyStore.getInstance(KeyStore.getDefaultType()); - FileInputStream instream = new FileInputStream(new File("./target/test-classes/client.jks")); - try { - trustStore.load(instream, "clientpass".toCharArray()); - } finally { - try { - instream.close(); - } catch (Exception ex) { - ex.printStackTrace(); - } - } - - SSLContextBuilder sslContextBuilder = new SSLContextBuilder(); - sslContextBuilder.loadTrustMaterial(trustStore, new TrustSelfSignedStrategy()); - sslContextBuilder.loadKeyMaterial(trustStore, "clientpass".toCharArray()); + webClient.getOptions().setJavaScriptEnabled(false); + final HtmlPage idpPage = webClient.getPage(url); + webClient.getOptions().setJavaScriptEnabled(true); + Assert.assertEquals("IDP SignIn Response Form", idpPage.getTitleText()); - SSLContext sslContext = sslContextBuilder.build(); - SSLConnectionSocketFactory sslSocketFactory = - new SSLConnectionSocketFactory(sslContext); + final HtmlForm form = idpPage.getFormByName("signinresponseform"); + final HtmlSubmitInput button = form.getInputByName("_eventId_submit"); - HttpClientBuilder httpClientBuilder = HttpClientBuilder.create(); - httpClientBuilder.setDefaultCredentialsProvider(credsProvider); - httpClientBuilder.setSSLSocketFactory(sslSocketFactory); - httpClientBuilder.setRedirectStrategy(new LaxRedirectStrategy()); + final HtmlPage rpPage = button.click(); + Assert.assertEquals("WS Federation Systests Examples", rpPage.getTitleText()); - httpClient = httpClientBuilder.build(); + return rpPage.getBody().getTextContent(); + } + + public static void logout(String url, CookieManager cookieManager) throws IOException { + final WebClient webClient = new WebClient(); + webClient.setCookieManager(cookieManager); + webClient.getOptions().setUseInsecureSSL(true); + final HtmlPage idpPage = webClient.getPage(url); - HttpGet httpget = new HttpGet(url); + Assert.assertEquals("IDP SignOut Confirmation Response Page", idpPage.getTitleText()); - HttpResponse response = httpClient.execute(httpget); - HttpEntity entity = response.getEntity(); + final HtmlForm form = idpPage.getFormByName("signoutconfirmationresponseform"); + final HtmlSubmitInput button = form.getInputByName("_eventId_submit"); + final HtmlPage idpLogoutPage = button.click(); - Assert.assertTrue("IDP HTTP Response code: " + response.getStatusLine().getStatusCode() - + " [Expected: " + returnCodeIDP + "]", - returnCodeIDP == response.getStatusLine().getStatusCode()); + DomNodeList<DomElement> images = idpLogoutPage.getElementsByTagName("img"); + Assert.assertEquals(1, images.getLength()); + for (int i = 0; i < images.size(); i++) { + DomElement domElement = images.get(i); + String imgSrc = domElement.getAttribute("src"); - if (response.getStatusLine().getStatusCode() != 200) { - return null; + //we should get a fault if the image isn't available. + webClient.getPage(imgSrc); } - - // Redirect to a POST is not supported without user interaction - // http://www.ietf.org/rfc/rfc2616.txt - // If the 301 status code is received in response to a request other - // than GET or HEAD, the user agent MUST NOT automatically redirect the - // request unless it can be confirmed by the user, since this might - // change the conditions under which the request was issued. - - Source source = new Source(EntityUtils.toString(entity)); - List <NameValuePair> nvps = new ArrayList <NameValuePair>(); - FormFields formFields = source.getFormFields(); - - List<Element> forms = source.getAllElements(HTMLElementName.FORM); - Assert.assertEquals("Only one form expected but got " + forms.size(), 1, forms.size()); - String postUrl = forms.get(0).getAttributeValue("action"); - - Assert.assertNotNull("Form field 'wa' not found", formFields.get("wa")); - Assert.assertNotNull("Form field 'wresult' not found", formFields.get("wresult")); - - for (FormField formField : formFields) { - if (formField.getUserValueCount() != 0) { - nvps.add(new BasicNameValuePair(formField.getName(), - formField.getValues().get(0))); - } - } - HttpPost httppost = new HttpPost(postUrl); - httppost.setEntity(new UrlEncodedFormEntity(nvps, Consts.UTF_8)); - - response = httpClient.execute(httppost); - - entity = response.getEntity(); - Assert.assertTrue("RP HTTP Response code: " + response.getStatusLine().getStatusCode() - + " [Expected: " + returnCodeRP + "]", - returnCodeRP == response.getStatusLine().getStatusCode()); - - String responseStr = EntityUtils.toString(entity); - Assert.assertTrue("Principal not " + user, responseStr.indexOf("userPrincipal=" + user) > 0); - - return httpClient; } - public static String sendHttpGetForSignOut(CloseableHttpClient httpClient, String url, - int returnCodeIDP, int returnCodeRP, int idpPort) - throws Exception { - try { - // logout to service provider - HttpGet httpget = new HttpGet(url); - - HttpResponse response = httpClient.execute(httpget); - HttpEntity entity = response.getEntity(); - - String parsedEntity = EntityUtils.toString(entity); - Assert.assertTrue(parsedEntity.contains("Logout from the following realms")); - Source source = new Source(parsedEntity); - List <NameValuePair> nvps = new ArrayList <NameValuePair>(); - FormFields formFields = source.getFormFields(); - - List<Element> forms = source.getAllElements(HTMLElementName.FORM); - Assert.assertEquals("Only one form expected but got " + forms.size(), 1, forms.size()); - String postUrl = forms.get(0).getAttributeValue("action"); - - Assert.assertNotNull("Form field 'wa' not found", formFields.get("wa")); - - for (FormField formField : formFields) { - if (formField.getUserValueCount() != 0) { - nvps.add(new BasicNameValuePair(formField.getName(), - formField.getValues().get(0))); - } - } - - // Now send logout form to IdP - nvps.add(new BasicNameValuePair("_eventId_submit", "Logout")); - - HttpPost httppost = - new HttpPost("https://localhost:"; + idpPort + "/" + postUrl); - httppost.setEntity(new UrlEncodedFormEntity(nvps, Consts.UTF_8)); - - response = httpClient.execute(httppost); - entity = response.getEntity(); - - return EntityUtils.toString(entity); - } finally { - if (httpClient != null) { - httpClient.close(); - } - } - } - */ }
