Package net.shibboleth.idp.plugin.authn.duo.impl

Class DuoOIDCAuthnControllerTest

java.lang.Object

org.springframework.test.context.testng.AbstractTestNGSpringContextTests

net.shibboleth.idp.plugin.authn.duo.impl.DuoOIDCAuthnControllerTest

All Implemented Interfaces:

Aware, ApplicationContextAware, IHookable, ITestNGListener

@ContextConfiguration(classes={net.shibboleth.idp.plugin.authn.duo.impl.DuoOIDCAuthnController.class,IdPPropertyConfigurer.class})
@WebAppConfiguration
@TestPropertySource(properties="idp.authn.duo.OIDC.externalAuthnPath=/Authn/Duo/2FA")
public class DuoOIDCAuthnControllerTest
extends AbstractTestNGSpringContextTests

Tests for the DuoOIDCAuthnController.

Field Summary

Fields

Modifier and Type	Field	Description
private String	API_HOST	Duo host the integration uses, and redirects should goto.
private String	CODE	Duo OIDC authz code.
private String	KEY	SWF key.
private org.slf4j.Logger	log	Class logger.
private MockMvc	mockMvc	The mock MVC entry point for testing.
private String	NONCE	Duo OIDC nonce component of the state parameter.
private javax.servlet.ServletContext	servletContext	The mock servlet context.
private String	state	Duo OIDC state parameter.
private WebApplicationContext	webApplicationContext	The web application context loaded by the test framework.

Fields inherited from class org.springframework.test.context.testng.AbstractTestNGSpringContextTests

applicationContext, logger

Constructor Summary

Constructors

Constructor	Description
DuoOIDCAuthnControllerTest()

Method Summary

Modifier and Type	Method	Description
private ProfileRequestContext	buildProfileRequestContext()	Build a ProfileRequestContext by configuring a suitable context tree for external authentication e.g.
private void	exportServletContextAttributes()	Export the FlowExecutor to the servlet context with the correct set of configured contexts.
private net.shibboleth.idp.plugin.authn.duo.context.DuoOIDCAuthenticationContext	extractDuoContext()	Extract the DuoOIDCAuthenticationContext from the ProfileRequestContext ultimately stored in the ServletContext.
private void	removeDuoContext()	Remove the Duo authentication context from the profile request context.
void	setUp()	Setup.
void	testCallbackNoCode()	Test an exception is thrown if the callback does not contain an auth_code parameter.
void	testCallbackNoDuoAuthenticationContext()	Remove the Duo authentication context from the authentication context and check the controller encodes an error as a http request attribute when ending a 2FA request.
void	testCallbackNoState()	Test an exception is thrown if the callback does not contain a state parameter.
void	testIncorrectStateNoExecutionKey()	Checks that a state response with no key component triggers and error.
void	testIncorrectStateNoNonce()	Checks that a state response with no nonce component triggers and error.
void	testSuccessfulAuthorizeRequest()	Start a Duo 2FA request.
void	testSuccessfulCallback()	Ensure the 2FA end controller adds the correct Duo response information into the Duo authentication context.

Methods inherited from class org.springframework.test.context.testng.AbstractTestNGSpringContextTests

run, setApplicationContext, springTestContextAfterTestClass, springTestContextAfterTestMethod, springTestContextBeforeTestClass, springTestContextBeforeTestMethod, springTestContextPrepareTestInstance

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

API_HOST

@Nonnull
private final String API_HOST

Duo host the integration uses, and redirects should goto.

See Also:

Constant Field Values

KEY

@Nonnull
private final String KEY

SWF key.

See Also:

Constant Field Values

NONCE

@Nonnull
private String NONCE

Duo OIDC nonce component of the state parameter.

state

@NonnullAfterInit
private String state

Duo OIDC state parameter.

CODE

@Nonnull
private final String CODE

Duo OIDC authz code.

See Also:

Constant Field Values

log

@Nonnull
private final org.slf4j.Logger log

Class logger.

mockMvc

@Nonnull
private MockMvc mockMvc

The mock MVC entry point for testing.

servletContext

@Nonnull
@Autowired
private javax.servlet.ServletContext servletContext

The mock servlet context.

webApplicationContext

@Nonnull
@Autowired
private WebApplicationContext webApplicationContext

The web application context loaded by the test framework.

Constructor Detail

DuoOIDCAuthnControllerTest

public DuoOIDCAuthnControllerTest()

Method Detail

setUp

@BeforeMethod
public void setUp()
           throws Exception

Setup.

Throws:

Exception - on error.

testSuccessfulAuthorizeRequest

public void testSuccessfulAuthorizeRequest()
                                    throws Exception

Start a Duo 2FA request.

Throws:

Exception - on exception.

testIncorrectStateNoExecutionKey

public void testIncorrectStateNoExecutionKey()
                                      throws Exception

Checks that a state response with no key component triggers and error.

Throws:

Exception - on exception.

testIncorrectStateNoNonce

public void testIncorrectStateNoNonce()
                               throws Exception

Checks that a state response with no nonce component triggers and error.

Throws:

Exception - on exception.

testSuccessfulCallback

public void testSuccessfulCallback()
                            throws Exception

Ensure the 2FA end controller adds the correct Duo response information into the Duo authentication context.

Throws:

Exception - on exception.

testCallbackNoDuoAuthenticationContext

public void testCallbackNoDuoAuthenticationContext()
                                            throws Exception

Remove the Duo authentication context from the authentication context and check the controller encodes an error as a http request attribute when ending a 2FA request.

Throws:

Exception - on exception.

testCallbackNoCode

public void testCallbackNoCode()
                        throws Exception

Test an exception is thrown if the callback does not contain an auth_code parameter.

Throws:

Exception - on exception.

testCallbackNoState

public void testCallbackNoState()
                         throws Exception

Test an exception is thrown if the callback does not contain a state parameter.

Throws:

Exception - on exception.

exportServletContextAttributes

private void exportServletContextAttributes()
                                     throws DuoClientException

Export the FlowExecutor to the servlet context with the correct set of configured contexts. Mimicking the IdP's configuration of the ServletContextAttributeExporter.

Throws:

DuoClientException - on error creating the duoclient.

buildProfileRequestContext

@Nonnull
private ProfileRequestContext buildProfileRequestContext()
                                                  throws DuoClientException

Build a ProfileRequestContext by configuring a suitable context tree for external authentication e.g. a AuthenticationContext and ExternalAuthenticationContext.

Returns:

a profile request context.

Throws:

DuoClientException - on error creating the duo client

removeDuoContext

private void removeDuoContext()

Remove the Duo authentication context from the profile request context.

extractDuoContext

@Nonnull
private net.shibboleth.idp.plugin.authn.duo.context.DuoOIDCAuthenticationContext extractDuoContext()

Extract the DuoOIDCAuthenticationContext from the ProfileRequestContext ultimately stored in the ServletContext.

Returns:

the Duo authentication context extracted from the profile request context.