forked from RobotsAndPencils/go-saml
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathxmlsec_test.go
83 lines (65 loc) · 1.98 KB
/
xmlsec_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
package saml
import (
"crypto/x509"
"encoding/base64"
"encoding/pem"
"encoding/xml"
"io/ioutil"
"os/exec"
"testing"
"github.com/stretchr/testify/assert"
)
func TestRequest(t *testing.T) {
assert := assert.New(t)
certPem, err := ioutil.ReadFile("./default.crt")
assert.NoError(err)
certBlock, _ := pem.Decode(certPem)
assert.NotEmpty(certBlock)
cert, err := x509.ParseCertificate(certBlock.Bytes)
assert.NoError(err)
// Construct an AuthnRequest
authRequest := NewAuthnRequest()
authRequest.Signature.KeyInfo.X509Data.X509Certificate.Cert = base64.StdEncoding.EncodeToString(cert.Raw)
b, err := xml.MarshalIndent(authRequest, "", " ")
assert.NoError(err)
xmlAuthnRequest := string(b)
k, err := ioutil.ReadFile("./default.key")
assert.NoError(err)
kd, _ := pem.Decode(k)
_, err = exec.LookPath("xmlsec1")
if err != nil {
t.Skip("skipping subsequent test since xmlsec1 is missing")
}
signedXml, err := SignRequest(xmlAuthnRequest, kd.Bytes)
assert.NoError(err)
assert.NotEmpty(signedXml)
err = VerifyRequestSignature(signedXml, cert.Raw)
assert.NoError(err)
}
func TestResponse(t *testing.T) {
assert := assert.New(t)
certPem, err := ioutil.ReadFile("./default.crt")
assert.NoError(err)
certBlock, _ := pem.Decode(certPem)
assert.NotEmpty(certBlock)
cert, err := x509.ParseCertificate(certBlock.Bytes)
assert.NoError(err)
// Construct an AuthnRequest
response := NewSignedResponse()
response.Signature.KeyInfo.X509Data.X509Certificate.Cert = base64.StdEncoding.EncodeToString(cert.Raw)
b, err := xml.MarshalIndent(response, "", " ")
assert.NoError(err)
xmlResponse := string(b)
k, err := ioutil.ReadFile("./default.key")
assert.NoError(err)
kd, _ := pem.Decode(k)
_, err = exec.LookPath("xmlsec1")
if err != nil {
t.Skip("skipping subsequent test since xmlsec1 is missing")
}
signedXml, err := SignResponse(xmlResponse, kd.Bytes)
assert.NoError(err)
assert.NotEmpty(signedXml)
err = VerifyRequestSignature(signedXml, cert.Raw)
assert.NoError(err)
}