github.com/crewjam/saml@v0.4.14/samlidp/shortcut_test.go (about) 1 package samlidp 2 3 import ( 4 "net/http" 5 "net/http/httptest" 6 "strings" 7 "testing" 8 9 "gotest.tools/assert" 10 is "gotest.tools/assert/cmp" 11 ) 12 13 func TestShortcutsCrud(t *testing.T) { 14 test := NewServerTest(t) 15 w := httptest.NewRecorder() 16 r, _ := http.NewRequest("GET", "https://idp.example.com/shortcuts/", nil) 17 test.Server.ServeHTTP(w, r) 18 assert.Check(t, is.Equal(http.StatusOK, w.Code)) 19 assert.Check(t, is.Equal("{\"shortcuts\":[]}\n", 20 w.Body.String())) 21 22 w = httptest.NewRecorder() 23 r, _ = http.NewRequest("PUT", "https://idp.example.com/shortcuts/bob", 24 strings.NewReader("{\"url_suffix_as_relay_state\": true, \"service_provider\": \"https://example.com/saml2/metadata\"}")) 25 test.Server.ServeHTTP(w, r) 26 assert.Check(t, is.Equal(http.StatusNoContent, w.Code)) 27 28 w = httptest.NewRecorder() 29 r, _ = http.NewRequest("GET", "https://idp.example.com/shortcuts/bob", nil) 30 test.Server.ServeHTTP(w, r) 31 assert.Check(t, is.Equal(http.StatusOK, w.Code)) 32 assert.Check(t, is.Equal("{\"name\":\"bob\",\"service_provider\":\"https://example.com/saml2/metadata\",\"url_suffix_as_relay_state\":true}\n", 33 w.Body.String())) 34 35 w = httptest.NewRecorder() 36 r, _ = http.NewRequest("GET", "https://idp.example.com/shortcuts/", nil) 37 test.Server.ServeHTTP(w, r) 38 assert.Check(t, is.Equal(http.StatusOK, w.Code)) 39 assert.Check(t, is.Equal("{\"shortcuts\":[\"bob\"]}\n", 40 w.Body.String())) 41 42 w = httptest.NewRecorder() 43 r, _ = http.NewRequest("DELETE", "https://idp.example.com/shortcuts/bob", nil) 44 test.Server.ServeHTTP(w, r) 45 assert.Check(t, is.Equal(http.StatusNoContent, w.Code)) 46 47 w = httptest.NewRecorder() 48 r, _ = http.NewRequest("GET", "https://idp.example.com/shortcuts/", nil) 49 test.Server.ServeHTTP(w, r) 50 assert.Check(t, is.Equal(http.StatusOK, w.Code)) 51 assert.Check(t, is.Equal("{\"shortcuts\":[]}\n", 52 w.Body.String())) 53 } 54 55 func TestShortcut(t *testing.T) { 56 test := NewServerTest(t) 57 w := httptest.NewRecorder() 58 r, _ := http.NewRequest("PUT", "https://idp.example.com/shortcuts/bob", 59 strings.NewReader("{\"url_suffix_as_relay_state\": true, \"service_provider\": \"https://sp.example.com/saml2/metadata\"}")) 60 test.Server.ServeHTTP(w, r) 61 assert.Check(t, is.Equal(http.StatusNoContent, w.Code)) 62 63 w = httptest.NewRecorder() 64 r, _ = http.NewRequest("PUT", "https://idp.example.com/users/alice", 65 strings.NewReader(`{"name": "alice", "password": "hunter2"}`+"\n")) 66 test.Server.ServeHTTP(w, r) 67 assert.Check(t, is.Equal(http.StatusNoContent, w.Code)) 68 69 w = httptest.NewRecorder() 70 r, _ = http.NewRequest("POST", "https://idp.example.com/login", 71 strings.NewReader("user=alice&password=hunter2")) 72 r.Header.Set("Content-type", "application/x-www-form-urlencoded") 73 test.Server.ServeHTTP(w, r) 74 assert.Check(t, is.Equal(http.StatusOK, w.Code)) 75 76 w = httptest.NewRecorder() 77 r, _ = http.NewRequest("GET", "https://idp.example.com/login/bob/whoami", nil) 78 r.Header.Set("Cookie", "session=AAIEBggKDA4QEhQWGBocHiAiJCYoKiwuMDI0Njg6PD4=") 79 test.Server.ServeHTTP(w, r) 80 assert.Check(t, is.Equal(http.StatusOK, w.Code)) 81 body := w.Body.String() 82 83 assert.Check(t, strings.Contains(body, 84 "<input type=\"hidden\" name=\"RelayState\" value=\"/whoami\" />"), 85 body) 86 assert.Check(t, strings.Contains(body, 87 "<script>document.getElementById('SAMLResponseForm').submit();</script>"), 88 body) 89 }