Replace ExpectedException @Rules with AssertJ
Replace JUnit ExpectedException @Rules with AssertJ calls.
This commit is contained in:
Phillip Webb
committed by
Josh Cummings
Josh Cummings
parent
910b81928f
commit
20baa7d409
+27
-37
@@ -23,17 +23,15 @@ import java.security.cert.CertificateFactory;
|
||||
import java.security.cert.X509Certificate;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
|
||||
import org.springframework.security.converter.RsaKeyConverters;
|
||||
import org.springframework.security.saml2.core.Saml2X509Credential.Saml2X509CredentialType;
|
||||
|
||||
public class Saml2X509CredentialTests {
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||
|
||||
@Rule
|
||||
public ExpectedException exception = ExpectedException.none();
|
||||
public class Saml2X509CredentialTests {
|
||||
|
||||
private PrivateKey key;
|
||||
|
||||
@@ -99,98 +97,90 @@ public class Saml2X509CredentialTests {
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithoutCredentialsThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(null, (X509Certificate) null, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException().isThrownBy(
|
||||
() -> new Saml2X509Credential(null, (X509Certificate) null, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithoutPrivateKeyThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(null, this.certificate, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(null, this.certificate, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(this.key, null, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(this.key, null, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenAssertingPartyWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(null, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(null, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithEncryptionUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.ENCRYPTION);
|
||||
assertThatIllegalStateException().isThrownBy(
|
||||
() -> new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.ENCRYPTION));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithVerificationUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.VERIFICATION);
|
||||
assertThatIllegalStateException().isThrownBy(
|
||||
() -> new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.VERIFICATION));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenAssertingPartyWithSigningUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.certificate, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalStateException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(this.certificate, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenAssertingPartyWithDecryptionUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.certificate, Saml2X509CredentialType.DECRYPTION);
|
||||
assertThatIllegalStateException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(this.certificate, Saml2X509CredentialType.DECRYPTION));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenRelyingPartyForSigningWithoutCredentialsThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.signing(null, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.signing(null, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenRelyingPartyForSigningWithoutPrivateKeyThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.signing(null, this.certificate);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.signing(null, this.certificate));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenRelyingPartyForSigningWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.signing(this.key, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.signing(this.key, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenRelyingPartyForDecryptionWithoutCredentialsThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.decryption(null, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.decryption(null, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenRelyingPartyForDecryptionWithoutPrivateKeyThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.decryption(null, this.certificate);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.decryption(null, this.certificate));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenRelyingPartyForDecryptionWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.decryption(this.key, null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.decryption(this.key, null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenAssertingPartyForVerificationWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.verification(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.verification(null));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void factoryWhenAssertingPartyForEncryptionWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
Saml2X509Credential.encryption(null);
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> Saml2X509Credential.encryption(null));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+19
-21
@@ -23,17 +23,15 @@ import java.security.cert.CertificateFactory;
|
||||
import java.security.cert.X509Certificate;
|
||||
|
||||
import org.junit.Before;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
|
||||
import org.springframework.security.converter.RsaKeyConverters;
|
||||
import org.springframework.security.saml2.credentials.Saml2X509Credential.Saml2X509CredentialType;
|
||||
|
||||
public class Saml2X509CredentialTests {
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalStateException;
|
||||
|
||||
@Rule
|
||||
public ExpectedException exception = ExpectedException.none();
|
||||
public class Saml2X509CredentialTests {
|
||||
|
||||
private Saml2X509Credential credential;
|
||||
|
||||
@@ -97,50 +95,50 @@ public class Saml2X509CredentialTests {
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithoutCredentialsThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(null, (X509Certificate) null, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException().isThrownBy(
|
||||
() -> new Saml2X509Credential(null, (X509Certificate) null, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithoutPrivateKeyThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(null, this.certificate, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(null, this.certificate, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(this.key, null, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(this.key, null, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenAssertingPartyWithoutCertificateThenItFails() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
new Saml2X509Credential(null, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalArgumentException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(null, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithEncryptionUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.ENCRYPTION);
|
||||
assertThatIllegalStateException().isThrownBy(
|
||||
() -> new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.ENCRYPTION));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenRelyingPartyWithVerificationUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.VERIFICATION);
|
||||
assertThatIllegalStateException().isThrownBy(
|
||||
() -> new Saml2X509Credential(this.key, this.certificate, Saml2X509CredentialType.VERIFICATION));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenAssertingPartyWithSigningUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.certificate, Saml2X509CredentialType.SIGNING);
|
||||
assertThatIllegalStateException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(this.certificate, Saml2X509CredentialType.SIGNING));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void constructorWhenAssertingPartyWithDecryptionUsageThenItFails() {
|
||||
this.exception.expect(IllegalStateException.class);
|
||||
new Saml2X509Credential(this.certificate, Saml2X509CredentialType.DECRYPTION);
|
||||
assertThatIllegalStateException()
|
||||
.isThrownBy(() -> new Saml2X509Credential(this.certificate, Saml2X509CredentialType.DECRYPTION));
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
+42
-59
@@ -26,18 +26,14 @@ import java.util.HashMap;
|
||||
import java.util.LinkedHashMap;
|
||||
import java.util.List;
|
||||
import java.util.Map;
|
||||
import java.util.function.Consumer;
|
||||
|
||||
import javax.xml.namespace.QName;
|
||||
|
||||
import net.shibboleth.utilities.java.support.xml.SerializeSupport;
|
||||
import org.hamcrest.BaseMatcher;
|
||||
import org.hamcrest.Description;
|
||||
import org.hamcrest.Matcher;
|
||||
import org.joda.time.DateTime;
|
||||
import org.joda.time.Duration;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
import org.opensaml.core.xml.XMLObject;
|
||||
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
|
||||
import org.opensaml.core.xml.io.Marshaller;
|
||||
@@ -93,9 +89,6 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
private Saml2Authentication authentication = new Saml2Authentication(this.principal, "response",
|
||||
Collections.emptyList());
|
||||
|
||||
@Rule
|
||||
public ExpectedException exception = ExpectedException.none();
|
||||
|
||||
@Test
|
||||
public void supportsWhenSaml2AuthenticationTokenThenReturnTrue() {
|
||||
assertThat(this.provider.supports(Saml2AuthenticationToken.class))
|
||||
@@ -113,53 +106,56 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
|
||||
@Test
|
||||
public void authenticateWhenUnknownDataClassThenThrowAuthenticationException() {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
|
||||
Assertion assertion = (Assertion) XMLObjectProviderRegistrySupport.getBuilderFactory()
|
||||
.getBuilder(Assertion.DEFAULT_ELEMENT_NAME).buildObject(Assertion.DEFAULT_ELEMENT_NAME);
|
||||
this.provider
|
||||
.authenticate(token(serialize(assertion), TestSaml2X509Credentials.relyingPartyVerifyingCredential()));
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(
|
||||
token(serialize(assertion), TestSaml2X509Credentials.relyingPartyVerifyingCredential())))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenXmlErrorThenThrowAuthenticationException() {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
|
||||
Saml2AuthenticationToken token = token("invalid xml",
|
||||
TestSaml2X509Credentials.relyingPartyVerifyingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenInvalidDestinationThenThrowAuthenticationException() {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_DESTINATION));
|
||||
Response response = TestOpenSamlObjects.response(DESTINATION + "invalid", ASSERTING_PARTY_ENTITY_ID);
|
||||
response.getAssertions().add(TestOpenSamlObjects.assertion());
|
||||
TestOpenSamlObjects.signed(response, TestSaml2X509Credentials.assertingPartySigningCredential(),
|
||||
RELYING_PARTY_ENTITY_ID);
|
||||
Saml2AuthenticationToken token = token(response, TestSaml2X509Credentials.relyingPartyVerifyingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.INVALID_DESTINATION));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenNoAssertionsPresentThenThrowAuthenticationException() {
|
||||
this.exception.expect(
|
||||
authenticationMatcher(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA, "No assertions found in response."));
|
||||
Saml2AuthenticationToken token = token(TestOpenSamlObjects.response(),
|
||||
TestSaml2X509Credentials.assertingPartySigningCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.MALFORMED_RESPONSE_DATA, "No assertions found in response."));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenInvalidSignatureOnAssertionThenThrowAuthenticationException() {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_SIGNATURE));
|
||||
Response response = TestOpenSamlObjects.response();
|
||||
response.getAssertions().add(TestOpenSamlObjects.assertion());
|
||||
Saml2AuthenticationToken token = token(response, TestSaml2X509Credentials.relyingPartyVerifyingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.INVALID_SIGNATURE));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenOpenSAMLValidationErrorThenThrowAuthenticationException() throws Exception {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_ASSERTION));
|
||||
Response response = TestOpenSamlObjects.response();
|
||||
Assertion assertion = TestOpenSamlObjects.assertion();
|
||||
assertion.getSubject().getSubjectConfirmations().get(0).getSubjectConfirmationData()
|
||||
@@ -168,12 +164,13 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
RELYING_PARTY_ENTITY_ID);
|
||||
response.getAssertions().add(assertion);
|
||||
Saml2AuthenticationToken token = token(response, TestSaml2X509Credentials.relyingPartyVerifyingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.INVALID_ASSERTION));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenMissingSubjectThenThrowAuthenticationException() {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.SUBJECT_NOT_FOUND));
|
||||
Response response = TestOpenSamlObjects.response();
|
||||
Assertion assertion = TestOpenSamlObjects.assertion();
|
||||
assertion.setSubject(null);
|
||||
@@ -181,12 +178,13 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
RELYING_PARTY_ENTITY_ID);
|
||||
response.getAssertions().add(assertion);
|
||||
Saml2AuthenticationToken token = token(response, TestSaml2X509Credentials.relyingPartyVerifyingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.SUBJECT_NOT_FOUND));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenUsernameMissingThenThrowAuthenticationException() throws Exception {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.SUBJECT_NOT_FOUND));
|
||||
Response response = TestOpenSamlObjects.response();
|
||||
Assertion assertion = TestOpenSamlObjects.assertion();
|
||||
assertion.getSubject().getNameID().setValue(null);
|
||||
@@ -194,7 +192,9 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
RELYING_PARTY_ENTITY_ID);
|
||||
response.getAssertions().add(assertion);
|
||||
Saml2AuthenticationToken token = token(response, TestSaml2X509Credentials.relyingPartyVerifyingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.SUBJECT_NOT_FOUND));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -236,13 +236,14 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
|
||||
@Test
|
||||
public void authenticateWhenEncryptedAssertionWithoutSignatureThenItFails() throws Exception {
|
||||
this.exception.expect(authenticationMatcher(Saml2ErrorCodes.INVALID_SIGNATURE));
|
||||
Response response = TestOpenSamlObjects.response();
|
||||
EncryptedAssertion encryptedAssertion = TestOpenSamlObjects.encrypted(TestOpenSamlObjects.assertion(),
|
||||
TestSaml2X509Credentials.assertingPartyEncryptingCredential());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
Saml2AuthenticationToken token = token(response, TestSaml2X509Credentials.relyingPartyDecryptingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.INVALID_SIGNATURE));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -290,28 +291,28 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
|
||||
@Test
|
||||
public void authenticateWhenDecryptionKeysAreMissingThenThrowAuthenticationException() throws Exception {
|
||||
this.exception
|
||||
.expect(authenticationMatcher(Saml2ErrorCodes.DECRYPTION_ERROR, "Failed to decrypt EncryptedData"));
|
||||
Response response = TestOpenSamlObjects.response();
|
||||
EncryptedAssertion encryptedAssertion = TestOpenSamlObjects.encrypted(TestOpenSamlObjects.assertion(),
|
||||
TestSaml2X509Credentials.assertingPartyEncryptingCredential());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
Saml2AuthenticationToken token = token(serialize(response),
|
||||
TestSaml2X509Credentials.relyingPartyVerifyingCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.DECRYPTION_ERROR, "Failed to decrypt EncryptedData"));
|
||||
}
|
||||
|
||||
@Test
|
||||
public void authenticateWhenDecryptionKeysAreWrongThenThrowAuthenticationException() throws Exception {
|
||||
this.exception
|
||||
.expect(authenticationMatcher(Saml2ErrorCodes.DECRYPTION_ERROR, "Failed to decrypt EncryptedData"));
|
||||
Response response = TestOpenSamlObjects.response();
|
||||
EncryptedAssertion encryptedAssertion = TestOpenSamlObjects.encrypted(TestOpenSamlObjects.assertion(),
|
||||
TestSaml2X509Credentials.assertingPartyEncryptingCredential());
|
||||
response.getEncryptedAssertions().add(encryptedAssertion);
|
||||
Saml2AuthenticationToken token = token(serialize(response),
|
||||
TestSaml2X509Credentials.assertingPartyPrivateCredential());
|
||||
this.provider.authenticate(token);
|
||||
assertThatExceptionOfType(Saml2AuthenticationException.class)
|
||||
.isThrownBy(() -> this.provider.authenticate(token))
|
||||
.satisfies(errorOf(Saml2ErrorCodes.DECRYPTION_ERROR, "Failed to decrypt EncryptedData"));
|
||||
}
|
||||
|
||||
@Test
|
||||
@@ -487,33 +488,15 @@ public class OpenSamlAuthenticationProviderTests {
|
||||
}
|
||||
}
|
||||
|
||||
private Matcher<Saml2AuthenticationException> authenticationMatcher(String code) {
|
||||
return authenticationMatcher(code, null);
|
||||
private Consumer<Saml2AuthenticationException> errorOf(String errorCode) {
|
||||
return errorOf(errorCode, null);
|
||||
}
|
||||
|
||||
private Matcher<Saml2AuthenticationException> authenticationMatcher(String code, String description) {
|
||||
return new BaseMatcher<Saml2AuthenticationException>() {
|
||||
@Override
|
||||
public boolean matches(Object item) {
|
||||
if (!(item instanceof Saml2AuthenticationException)) {
|
||||
return false;
|
||||
}
|
||||
Saml2AuthenticationException ex = (Saml2AuthenticationException) item;
|
||||
if (!code.equals(ex.getError().getErrorCode())) {
|
||||
return false;
|
||||
}
|
||||
if (StringUtils.hasText(description)) {
|
||||
if (!description.equals(ex.getError().getDescription())) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
return true;
|
||||
}
|
||||
|
||||
@Override
|
||||
public void describeTo(Description desc) {
|
||||
String excepting = "Saml2AuthenticationException[code=" + code + "; description=" + description + "]";
|
||||
desc.appendText(excepting);
|
||||
private Consumer<Saml2AuthenticationException> errorOf(String errorCode, String description) {
|
||||
return (ex) -> {
|
||||
assertThat(ex.getError().getErrorCode()).isEqualTo(errorCode);
|
||||
if (StringUtils.hasText(description)) {
|
||||
assertThat(ex.getError().getDescription()).isEqualTo(description);
|
||||
}
|
||||
};
|
||||
}
|
||||
|
||||
+2
-9
@@ -21,9 +21,7 @@ import java.nio.charset.StandardCharsets;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
import org.opensaml.core.xml.config.XMLObjectProviderRegistrySupport;
|
||||
import org.opensaml.saml.common.xml.SAMLConstants;
|
||||
import org.opensaml.saml.saml2.core.AuthnRequest;
|
||||
@@ -39,7 +37,6 @@ import org.springframework.security.saml2.provider.service.registration.Saml2Mes
|
||||
|
||||
import static org.assertj.core.api.Assertions.assertThat;
|
||||
import static org.assertj.core.api.Assertions.assertThatIllegalArgumentException;
|
||||
import static org.hamcrest.CoreMatchers.containsString;
|
||||
import static org.mockito.BDDMockito.given;
|
||||
import static org.mockito.Mockito.mock;
|
||||
import static org.mockito.Mockito.verify;
|
||||
@@ -61,9 +58,6 @@ public class OpenSamlAuthenticationRequestFactoryTests {
|
||||
|
||||
private AuthnRequestUnmarshaller unmarshaller;
|
||||
|
||||
@Rule
|
||||
public ExpectedException exception = ExpectedException.none();
|
||||
|
||||
@Before
|
||||
public void setUp() {
|
||||
this.relyingPartyRegistrationBuilder = RelyingPartyRegistration.withRegistrationId("id")
|
||||
@@ -160,9 +154,8 @@ public class OpenSamlAuthenticationRequestFactoryTests {
|
||||
|
||||
@Test
|
||||
public void createAuthenticationRequestWhenSetUnsupportredUriThenThrowsIllegalArgumentException() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
this.exception.expectMessage(containsString("my-invalid-binding"));
|
||||
this.factory.setProtocolBinding("my-invalid-binding");
|
||||
assertThatIllegalArgumentException().isThrownBy(() -> this.factory.setProtocolBinding("my-invalid-binding"))
|
||||
.withMessageContaining("my-invalid-binding");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
+3
-8
@@ -20,9 +20,7 @@ import javax.servlet.http.HttpServletResponse;
|
||||
|
||||
import org.junit.Assert;
|
||||
import org.junit.Before;
|
||||
import org.junit.Rule;
|
||||
import org.junit.Test;
|
||||
import org.junit.rules.ExpectedException;
|
||||
|
||||
import org.springframework.mock.web.MockHttpServletRequest;
|
||||
import org.springframework.mock.web.MockHttpServletResponse;
|
||||
@@ -43,9 +41,6 @@ public class Saml2WebSsoAuthenticationFilterTests {
|
||||
|
||||
private HttpServletResponse response = new MockHttpServletResponse();
|
||||
|
||||
@Rule
|
||||
public ExpectedException exception = ExpectedException.none();
|
||||
|
||||
@Before
|
||||
public void setup() {
|
||||
this.filter = new Saml2WebSsoAuthenticationFilter(this.repository);
|
||||
@@ -55,9 +50,9 @@ public class Saml2WebSsoAuthenticationFilterTests {
|
||||
|
||||
@Test
|
||||
public void constructingFilterWithMissingRegistrationIdVariableThenThrowsException() {
|
||||
this.exception.expect(IllegalArgumentException.class);
|
||||
this.exception.expectMessage("filterProcessesUrl must contain a {registrationId} match variable");
|
||||
this.filter = new Saml2WebSsoAuthenticationFilter(this.repository, "/url/missing/variable");
|
||||
assertThatExceptionOfType(IllegalArgumentException.class).isThrownBy(
|
||||
() -> this.filter = new Saml2WebSsoAuthenticationFilter(this.repository, "/url/missing/variable"))
|
||||
.withMessage("filterProcessesUrl must contain a {registrationId} match variable");
|
||||
}
|
||||
|
||||
@Test
|
||||
|
||||
Reference in New Issue
Block a user