Moved IsValid and IsExpired to base class. Added Signout Response uni…

…t test
jitbit · Jun 27, 2023 · 5a41114 · 5a41114
1 parent 8e59be1
commit 5a41114
Show file tree

Hide file tree

Showing 2 changed files with 27 additions and 11 deletions.
diff --git a/AspNetSaml.Tests/UnitTests.cs b/AspNetSaml.Tests/UnitTests.cs
@@ -68,9 +68,25 @@ public void TestSamlResponseValidator()
             Assert.IsTrue(samlresp.GetEmail() == "[email protected]");
 
             Assert.IsTrue(samlresp.GetCustomAttribute("uid") == "test");
-        }
-
-        [TestMethod]
+        }
+
+		[TestMethod]
+		public void TestSamlSignoutResponseValidator()
+		{
+			//this test's cert and signature borrowed from https://github.com/boxyhq/jackson/
+
+			var cert = @"-----BEGIN CERTIFICATE-----
+MIIDBzCCAe+gAwIBAgIJcp0xLOhRU0fTMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMTFmRldi10eWo3cXl6ei5hdXRoMC5jb20wHhcNMTkwMzI3MTMyMTQ0WhcNMzIxMjAzMTMyMTQ0WjAhMR8wHQYDVQQDExZkZXYtdHlqN3F5enouYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr2LHhkTEf5xO+mGjZascQ9bfzcSDmjyJ6RxfD9rAJorqVDIcq+dEtxDvo0HWt/bccX+9AZmMiqCclLRyv7Sley7BkxYra5ym8mTwmaZqUZbWyCQ15Hpq6G27yrWk8V6WKvMhJoxDqlgFh08QDOxBy5jCzwxVyFKDchJiy1TflLC8dFJLcmszQsrvl3enbQyYy9XejgniugJKElZMZknFF9LmcQWeCmwDG+2w6HcMZIXPny9Cl5GZra7wt/EWg3iwNw5ZqP41Hulf9fhilJs3bVehnDgftQTKyTUBEfCDxzaIsEmpPWAqTg5IIEKkHX4/1Rm+7ltxg+n0pIXxUrtCQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRcb2UMMqwD9zCk3DOWnx/XwfKd5DAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEBAFE1FG/u0eYHk/R5a8gGiPgazEjmQUSMlBxjhhTU8bc0X/oLyCfJGdoXQKJVtHgKAIcvCtrHBjKDy8CwSn+J1jTMZklnpkhvXUHiEj1ViplupwuXblvhEXR2+Bkly57Uy1qoFvKHCejayRWsDaG062kEQkt5k1FtVatUGS6labThHjr8K2RyqTAYpXWqthR+wKTFLni9V2pjuoUOABBYeGTalnIOGvr/i5I+IjJDHND0x7wrveekFDI5yX9V8ZdMGiN2SkoXBMa5+o1aD3gtbi8c2HcOgjMsIzHGAj4dz/0syWfpkEkrbs7FURSvtuRLaNrH/2/rto0KgiWWuPKvm1w=
+-----END CERTIFICATE-----";
+
+			var samlresp = new Saml.SignoutResponse(cert);
+			samlresp.LoadXml(@"<samlp:LogoutResponse xmlns:samlp=""urn:oasis:names:tc:SAML:2.0:protocol"" ID=""_716cfa40a953610d9d68"" InResponseTo=""_a0089b303b86a97080ff"" Version=""2.0"" IssueInstant=""2022-03-25T07:50:52.110Z"" Destination=""http://localhost:3000/slo""><saml:Issuer xmlns:saml=""urn:oasis:names:tc:SAML:2.0:assertion"">urn:dev-tyj7qyzz.auth0.com</saml:Issuer><Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/2001/10/xml-exc-c14n#""/><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#rsa-sha1""/><Reference URI=""#_716cfa40a953610d9d68""><Transforms><Transform Algorithm=""http://www.w3.org/2000/09/xmldsig#enveloped-signature""/><Transform Algorithm=""http://www.w3.org/2001/10/xml-exc-c14n#""/></Transforms><DigestMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#sha1""/><DigestValue>Lk9TO/DGFFLLb+29H32O/scFccU=</DigestValue></Reference></SignedInfo><SignatureValue>altTmKkKqudi+jYBZd6bETdYRbTKerUiNxFugcoD7ZmdZsRlrcNir0ZLRq+NB6nTh4zeKwGiGs03FyAW0Wdr8vgl0GQ/KOGuUrpoFNI8EID1HYrghHZMR43CgauIHGg0dw8uSjQYUcU1ICVYG2trgXC9TR81g+3XVBPBnoJWS2yV8hPc6QdFAUdb/0qUn/GPdpSPOlb6/MMUQB+K+es6HzjQfU2PEV3aNarHrKHSyFRdBHFMgtt7rUE3eAev+3/Uwq6RPBFk9huUJ6F0MRDoVjpWNzD2jByTtRv7OYInDsEJKCwJ+6pOKGVK6GDXuXnuI8s6BNEalpNJkWR8BxFVbw==</SignatureValue><KeyInfo><X509Data><X509Certificate>MIIDBzCCAe+gAwIBAgIJcp0xLOhRU0fTMA0GCSqGSIb3DQEBCwUAMCExHzAdBgNVBAMTFmRldi10eWo3cXl6ei5hdXRoMC5jb20wHhcNMTkwMzI3MTMyMTQ0WhcNMzIxMjAzMTMyMTQ0WjAhMR8wHQYDVQQDExZkZXYtdHlqN3F5enouYXV0aDAuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyr2LHhkTEf5xO+mGjZascQ9bfzcSDmjyJ6RxfD9rAJorqVDIcq+dEtxDvo0HWt/bccX+9AZmMiqCclLRyv7Sley7BkxYra5ym8mTwmaZqUZbWyCQ15Hpq6G27yrWk8V6WKvMhJoxDqlgFh08QDOxBy5jCzwxVyFKDchJiy1TflLC8dFJLcmszQsrvl3enbQyYy9XejgniugJKElZMZknFF9LmcQWeCmwDG+2w6HcMZIXPny9Cl5GZra7wt/EWg3iwNw5ZqP41Hulf9fhilJs3bVehnDgftQTKyTUBEfCDxzaIsEmpPWAqTg5IIEKkHX4/1Rm+7ltxg+n0pIXxUrtCQIDAQABo0IwQDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRcb2UMMqwD9zCk3DOWnx/XwfKd5DAOBgNVHQ8BAf8EBAMCAoQwDQYJKoZIhvcNAQELBQADggEBAFE1FG/u0eYHk/R5a8gGiPgazEjmQUSMlBxjhhTU8bc0X/oLyCfJGdoXQKJVtHgKAIcvCtrHBjKDy8CwSn+J1jTMZklnpkhvXUHiEj1ViplupwuXblvhEXR2+Bkly57Uy1qoFvKHCejayRWsDaG062kEQkt5k1FtVatUGS6labThHjr8K2RyqTAYpXWqthR+wKTFLni9V2pjuoUOABBYeGTalnIOGvr/i5I+IjJDHND0x7wrveekFDI5yX9V8ZdMGiN2SkoXBMa5+o1aD3gtbi8c2HcOgjMsIzHGAj4dz/0syWfpkEkrbs7FURSvtuRLaNrH/2/rto0KgiWWuPKvm1w=</X509Certificate></X509Data></KeyInfo></Signature><samlp:Status><samlp:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Success""/></samlp:Status></samlp:LogoutResponse>");
+			Assert.IsTrue(samlresp.IsValid());
+
+			Assert.IsTrue(samlresp.GetLogoutStatus() == "Success");
+		}
+
+		[TestMethod]
         public void TestSamlResponseValidatorAdvanced()
         {
             var cert = @"-----BEGIN CERTIFICATE-----

diff --git a/AspNetSaml/Saml.cs b/AspNetSaml/Saml.cs
@@ -86,13 +86,6 @@ private XmlNamespaceManager GetNamespaceManager()
 
 			return manager;
 		}
-	}
-
-	public class Response : BaseResponse
-	{
-		public Response(string certificateStr, string responseString = null) : base(certificateStr, responseString) { }
-
-		public Response(byte[] certificateBytes, string responseString = null) : base(certificateBytes, responseString) { }
 
 		/// <summary>
 		/// Checks the validity of SAML response (validate signature, check expiration date etc)
@@ -119,7 +112,14 @@ private bool IsExpired()
 				DateTime.TryParse(node.Attributes["NotOnOrAfter"].Value, out expirationDate);
 			}
 			return DateTime.UtcNow > expirationDate.ToUniversalTime();
-		}
+		}
+	}
+
+	public class Response : BaseResponse
+	{
+		public Response(string certificateStr, string responseString = null) : base(certificateStr, responseString) { }
+
+		public Response(byte[] certificateBytes, string responseString = null) : base(certificateBytes, responseString) { }
 
 		/// <summary>
 		/// returns the User's login