test/com/google/enterprise/adaptor/sharepoint/LiveAuthenticationHandshakeManagerTest.java - plexi/sharepoint - Git at Google

 // Copyright 2014 Google Inc. All Rights Reserved.
 //
 // Licensed under the Apache License, Version 2.0 (the "License");
 // you may not use this file except in compliance with the License.
 // You may obtain a copy of the License at
 //
 //      http://www.apache.org/licenses/LICENSE-2.0
 //
 // Unless required by applicable law or agreed to in writing, software
 // distributed under the License is distributed on an "AS IS" BASIS,
 // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 // See the License for the specific language governing permissions and
 // limitations under the License.

 package com.google.enterprise.adaptor.sharepoint;

 import static org.junit.Assert.assertEquals;

 import com.google.enterprise.adaptor.sharepoint.FormsAuthenticationHandlerTest.MockScheduledExecutor;
 import com.google.enterprise.adaptor.sharepoint.SamlAuthenticationHandler.HttpPostClient;
 import com.google.enterprise.adaptor.sharepoint.SamlAuthenticationHandler.PostResponseInfo;

 import java.io.IOException;
 import java.net.URL;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;

 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.rules.ExpectedException;


 public class LiveAuthenticationHandshakeManagerTest {

   private static final String LIVE_AUTHENTICATION_RESPONSE
       = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
       + "<S:Envelope xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
       + "xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-"
       + "wssecurity-secext-1.0.xsd\" "
       + "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
       + "wss-wssecurity-utility-1.0.xsd\" "
       + "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">"
       + "<S:Header><wsa:Action "
       + "xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
       + "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" "
       + "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
       + "wss-wssecurity-utility-1.0.xsd\" wsu:Id=\"Action\" "
       + "S:mustUnderstand=\"1\">"
       + "http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue"
       + "</wsa:Action><wsa:To "
       + "xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
       + "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" "
       + "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
       + "wss-wssecurity-utility-1.0.xsd\" "
       + "wsu:Id=\"To\" S:mustUnderstand=\"1\">"
       + "http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous"
       + "</wsa:To><wsse:Security S:mustUnderstand=\"1\">"
       + "<wsu:Timestamp xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/"
       + "oasis-200401-wss-wssecurity-utility-1.0.xsd\" wsu:Id=\"TS\">"
       + "<wsu:Created>2014-03-27T20:56:38Z</wsu:Created><wsu:Expires>"
       + "2014-03-27T21:01:38Z</wsu:Expires></wsu:Timestamp></wsse:Security>"
       + "</S:Header><S:Body><wst:RequestSecurityTokenResponse "
       + "xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
       + "xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\" "
       + "xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
       + "wss-wssecurity-secext-1.0.xsd\" "
       + "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
       + "wss-wssecurity-utility-1.0.xsd\" "
       + "xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" "
       + "xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" "
       + "xmlns:psf=\"http://schemas.microsoft.com/Passport"
       + "/SoapServices/SOAPFault\"><wst:TokenType>urn:passport:compact"
       + "</wst:TokenType><wsp:AppliesTo "
       + "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">"
       + "<wsa:EndpointReference><wsa:Address>"
       + "https://sharepoint.example.com"
       + "</wsa:Address></wsa:EndpointReference>"
       + "</wsp:AppliesTo><wst:Lifetime><wsu:Created>2014-03-27T20:56:38Z"
       + "</wsu:Created><wsu:Expires>2014-03-28T20:56:38Z</wsu:Expires>"
       + "</wst:Lifetime><wst:RequestedSecurityToken>"
       + "<wsse:BinarySecurityToken Id=\"Compact0\">"
       + "t=This is live authentication token to extract"
       + "</wsse:BinarySecurityToken></wst:RequestedSecurityToken>"
       + "<wst:RequestedAttachedReference><wsse:SecurityTokenReference>"
       + "<wsse:Reference URI=\"euzZqFurd7rgUGVjTUnCah09kbA=\">"
       + "</wsse:Reference></wsse:SecurityTokenReference>"
       + "</wst:RequestedAttachedReference><wst:RequestedUnattachedReference>"
       + "<wsse:SecurityTokenReference><wsse:Reference "
       + "URI=\"euzZqFurd7rgUGVjTUnCah09kbA=\"></wsse:Reference>"
       + "</wsse:SecurityTokenReference></wst:RequestedUnattachedReference>"
       + "</wst:RequestSecurityTokenResponse></S:Body></S:Envelope>";

   @Rule
   public ExpectedException thrown = ExpectedException.none();

   @Test
   public void testConstructor() {
     new LiveAuthenticationHandshakeManager.Builder(
         "http://sharepointurl", "username", "password")
         .build();
   }

   @Test
   public void testNullUsername() {
     thrown.expect(NullPointerException.class);
     new LiveAuthenticationHandshakeManager.Builder(
         "http://endpoint", null, "password").build();
   }

   @Test
   public void testNullPassword() {
     thrown.expect(NullPointerException.class);
     new LiveAuthenticationHandshakeManager.Builder(
         "http://endpoint", "username", null).build();
   }

   @Test
   public void testNullSharePointUrl() {
     thrown.expect(NullPointerException.class);
     new LiveAuthenticationHandshakeManager.Builder(
         null, "username", "password").build();
   }

   @Test
   public void testExtractToken() throws IOException {
     LiveAuthenticationHandshakeManager manager
         = new LiveAuthenticationHandshakeManager.Builder(
             "https://sharepoint.example.com", "username", "password").build();

     assertEquals("t=This is live authentication token to extract",
         manager.extractToken(LIVE_AUTHENTICATION_RESPONSE));
   }

   @Test
   public void testExtractTokenWithInvalidInput() throws IOException {
     LiveAuthenticationHandshakeManager manager
         = new LiveAuthenticationHandshakeManager.Builder(
             "https://sharepoint.example.com", "username", "password").build();

     String tokenResponse = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
         + "<S:Envelope xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\">"
         + "<data>Something went wrong this is invalid</data>"
         + "</S:Envelope>";

     thrown.expect(IOException.class);
     String extractedToken = manager.extractToken(tokenResponse);
   }

   @Test
   public void testExtractTokenWithNullInput() throws IOException {
     LiveAuthenticationHandshakeManager manager
         = new LiveAuthenticationHandshakeManager.Builder(
             "https://sharepoint.example.com", "username", "password").build();
     thrown.expect(IOException.class);
     String extractedToken = manager.extractToken(null);
   }

   @Test
   public void testAuthenticateInSamlHandlerWithLive() throws IOException{
     MockHttpPostClient postClient = new MockHttpPostClient();
     LiveAuthenticationHandshakeManager manager
         = new LiveAuthenticationHandshakeManager.Builder(
         "https://sharepoint.example.com", "username@domain", "password&123",
         postClient).build();
     URL tokenRequest = new URL(
         "https://login.microsoftonline.com/extSTS.srf");
     postClient.responseMap.put(tokenRequest,
         new PostResponseInfo(LIVE_AUTHENTICATION_RESPONSE, null));
     URL submitToken = new URL(
         "https://sharepoint.example.com/_forms/default.aspx?wa=wsignin1.0");
     Map<String, List<String>> responseHeaders
         = new HashMap<String, List<String>>();
     responseHeaders.put("some-header", Arrays.asList("some value"));
     responseHeaders.put("Set-Cookie",
         Arrays.asList("FedAuth=AutheCookie", "rfta=rftaValue"));

     postClient.responseMap.put(submitToken,
         new PostResponseInfo(null, responseHeaders));

     SamlAuthenticationHandler authenticationHandler
         = new SamlAuthenticationHandler.Builder("username@domain",
             "password&123", new MockScheduledExecutor(), manager).build();
     AuthenticationResult result = authenticationHandler.authenticate();

     assertEquals("FedAuth=AutheCookie;rfta=rftaValue;", result.getCookie());
     assertEquals("NO_ERROR", result.getErrorCode());
     assertEquals(600, result.getCookieTimeOut());
   }


   private static class MockHttpPostClient implements HttpPostClient {

     private Map<URL, SamlAuthenticationHandler.PostResponseInfo> responseMap;
     private Map<URL, String> receivedRequestBodyMap;
     public MockHttpPostClient() {
       responseMap = new HashMap<URL, PostResponseInfo>();
       receivedRequestBodyMap = new HashMap<URL, String>();
     }

     @Override
     public PostResponseInfo issuePostRequest(
         URL url, Map<String, String> connectionProperties, String requestBody)
         throws IOException {
       if (!responseMap.containsKey(url)) {
         throw new UnsupportedOperationException(
             "Unexpected Http Post for URL " + url);
       }
       // log incoming request body
       receivedRequestBodyMap.put(url, requestBody);
       return responseMap.get(url);
     }
   }
 }
	// Copyright 2014 Google Inc. All Rights Reserved.
	//
	// Licensed under the Apache License, Version 2.0 (the "License");
	// you may not use this file except in compliance with the License.
	// You may obtain a copy of the License at
	//
	// http://www.apache.org/licenses/LICENSE-2.0
	//
	// Unless required by applicable law or agreed to in writing, software
	// distributed under the License is distributed on an "AS IS" BASIS,
	// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	// See the License for the specific language governing permissions and
	// limitations under the License.

	package com.google.enterprise.adaptor.sharepoint;

	import static org.junit.Assert.assertEquals;

	import com.google.enterprise.adaptor.sharepoint.FormsAuthenticationHandlerTest.MockScheduledExecutor;
	import com.google.enterprise.adaptor.sharepoint.SamlAuthenticationHandler.HttpPostClient;
	import com.google.enterprise.adaptor.sharepoint.SamlAuthenticationHandler.PostResponseInfo;

	import java.io.IOException;
	import java.net.URL;
	import java.util.Arrays;
	import java.util.HashMap;
	import java.util.List;
	import java.util.Map;

	import org.junit.Rule;
	import org.junit.Test;
	import org.junit.rules.ExpectedException;


	public class LiveAuthenticationHandshakeManagerTest {

	private static final String LIVE_AUTHENTICATION_RESPONSE
	= "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
	+ "<S:Envelope xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
	+ "xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-"
	+ "wssecurity-secext-1.0.xsd\" "
	+ "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
	+ "wss-wssecurity-utility-1.0.xsd\" "
	+ "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">"
	+ "<S:Header><wsa:Action "
	+ "xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
	+ "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" "
	+ "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
	+ "wss-wssecurity-utility-1.0.xsd\" wsu:Id=\"Action\" "
	+ "S:mustUnderstand=\"1\">"
	+ "http://schemas.xmlsoap.org/ws/2005/02/trust/RSTR/Issue"
	+ "</wsa:Action><wsa:To "
	+ "xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
	+ "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\" "
	+ "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
	+ "wss-wssecurity-utility-1.0.xsd\" "
	+ "wsu:Id=\"To\" S:mustUnderstand=\"1\">"
	+ "http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous"
	+ "</wsa:To><wsse:Security S:mustUnderstand=\"1\">"
	+ "<wsu:Timestamp xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/"
	+ "oasis-200401-wss-wssecurity-utility-1.0.xsd\" wsu:Id=\"TS\">"
	+ "<wsu:Created>2014-03-27T20:56:38Z</wsu:Created><wsu:Expires>"
	+ "2014-03-27T21:01:38Z</wsu:Expires></wsu:Timestamp></wsse:Security>"
	+ "</S:Header><S:Body><wst:RequestSecurityTokenResponse "
	+ "xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\" "
	+ "xmlns:wst=\"http://schemas.xmlsoap.org/ws/2005/02/trust\" "
	+ "xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
	+ "wss-wssecurity-secext-1.0.xsd\" "
	+ "xmlns:wsu=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-"
	+ "wss-wssecurity-utility-1.0.xsd\" "
	+ "xmlns:saml=\"urn:oasis:names:tc:SAML:1.0:assertion\" "
	+ "xmlns:wsp=\"http://schemas.xmlsoap.org/ws/2004/09/policy\" "
	+ "xmlns:psf=\"http://schemas.microsoft.com/Passport"
	+ "/SoapServices/SOAPFault\"><wst:TokenType>urn:passport:compact"
	+ "</wst:TokenType><wsp:AppliesTo "
	+ "xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">"
	+ "<wsa:EndpointReference><wsa:Address>"
	+ "https://sharepoint.example.com"
	+ "</wsa:Address></wsa:EndpointReference>"
	+ "</wsp:AppliesTo><wst:Lifetime><wsu:Created>2014-03-27T20:56:38Z"
	+ "</wsu:Created><wsu:Expires>2014-03-28T20:56:38Z</wsu:Expires>"
	+ "</wst:Lifetime><wst:RequestedSecurityToken>"
	+ "<wsse:BinarySecurityToken Id=\"Compact0\">"
	+ "t=This is live authentication token to extract"
	+ "</wsse:BinarySecurityToken></wst:RequestedSecurityToken>"
	+ "<wst:RequestedAttachedReference><wsse:SecurityTokenReference>"
	+ "<wsse:Reference URI=\"euzZqFurd7rgUGVjTUnCah09kbA=\">"
	+ "</wsse:Reference></wsse:SecurityTokenReference>"
	+ "</wst:RequestedAttachedReference><wst:RequestedUnattachedReference>"
	+ "<wsse:SecurityTokenReference><wsse:Reference "
	+ "URI=\"euzZqFurd7rgUGVjTUnCah09kbA=\"></wsse:Reference>"
	+ "</wsse:SecurityTokenReference></wst:RequestedUnattachedReference>"
	+ "</wst:RequestSecurityTokenResponse></S:Body></S:Envelope>";

	@Rule
	public ExpectedException thrown = ExpectedException.none();

	@Test
	public void testConstructor() {
	new LiveAuthenticationHandshakeManager.Builder(
	"http://sharepointurl", "username", "password")
	.build();
	}

	@Test
	public void testNullUsername() {
	thrown.expect(NullPointerException.class);
	new LiveAuthenticationHandshakeManager.Builder(
	"http://endpoint", null, "password").build();
	}

	@Test
	public void testNullPassword() {
	thrown.expect(NullPointerException.class);
	new LiveAuthenticationHandshakeManager.Builder(
	"http://endpoint", "username", null).build();
	}

	@Test
	public void testNullSharePointUrl() {
	thrown.expect(NullPointerException.class);
	new LiveAuthenticationHandshakeManager.Builder(
	null, "username", "password").build();
	}

	@Test
	public void testExtractToken() throws IOException {
	LiveAuthenticationHandshakeManager manager
	= new LiveAuthenticationHandshakeManager.Builder(
	"https://sharepoint.example.com", "username", "password").build();

	assertEquals("t=This is live authentication token to extract",
	manager.extractToken(LIVE_AUTHENTICATION_RESPONSE));
	}

	@Test
	public void testExtractTokenWithInvalidInput() throws IOException {
	LiveAuthenticationHandshakeManager manager
	= new LiveAuthenticationHandshakeManager.Builder(
	"https://sharepoint.example.com", "username", "password").build();

	String tokenResponse = "<?xml version=\"1.0\" encoding=\"utf-8\" ?>"
	+ "<S:Envelope xmlns:S=\"http://www.w3.org/2003/05/soap-envelope\">"
	+ "<data>Something went wrong this is invalid</data>"
	+ "</S:Envelope>";

	thrown.expect(IOException.class);
	String extractedToken = manager.extractToken(tokenResponse);
	}

	@Test
	public void testExtractTokenWithNullInput() throws IOException {
	LiveAuthenticationHandshakeManager manager
	= new LiveAuthenticationHandshakeManager.Builder(
	"https://sharepoint.example.com", "username", "password").build();
	thrown.expect(IOException.class);
	String extractedToken = manager.extractToken(null);
	}

	@Test
	public void testAuthenticateInSamlHandlerWithLive() throws IOException{
	MockHttpPostClient postClient = new MockHttpPostClient();
	LiveAuthenticationHandshakeManager manager
	= new LiveAuthenticationHandshakeManager.Builder(
	"https://sharepoint.example.com", "username@domain", "password&123",
	postClient).build();
	URL tokenRequest = new URL(
	"https://login.microsoftonline.com/extSTS.srf");
	postClient.responseMap.put(tokenRequest,
	new PostResponseInfo(LIVE_AUTHENTICATION_RESPONSE, null));
	URL submitToken = new URL(
	"https://sharepoint.example.com/_forms/default.aspx?wa=wsignin1.0");
	Map<String, List<String>> responseHeaders
	= new HashMap<String, List<String>>();
	responseHeaders.put("some-header", Arrays.asList("some value"));
	responseHeaders.put("Set-Cookie",
	Arrays.asList("FedAuth=AutheCookie", "rfta=rftaValue"));

	postClient.responseMap.put(submitToken,
	new PostResponseInfo(null, responseHeaders));

	SamlAuthenticationHandler authenticationHandler
	= new SamlAuthenticationHandler.Builder("username@domain",
	"password&123", new MockScheduledExecutor(), manager).build();
	AuthenticationResult result = authenticationHandler.authenticate();

	assertEquals("FedAuth=AutheCookie;rfta=rftaValue;", result.getCookie());
	assertEquals("NO_ERROR", result.getErrorCode());
	assertEquals(600, result.getCookieTimeOut());
	}


	private static class MockHttpPostClient implements HttpPostClient {

	private Map<URL, SamlAuthenticationHandler.PostResponseInfo> responseMap;
	private Map<URL, String> receivedRequestBodyMap;
	public MockHttpPostClient() {
	responseMap = new HashMap<URL, PostResponseInfo>();
	receivedRequestBodyMap = new HashMap<URL, String>();
	}

	@Override
	public PostResponseInfo issuePostRequest(
	URL url, Map<String, String> connectionProperties, String requestBody)
	throws IOException {
	if (!responseMap.containsKey(url)) {
	throw new UnsupportedOperationException(
	"Unexpected Http Post for URL " + url);
	}
	// log incoming request body
	receivedRequestBodyMap.put(url, requestBody);
	return responseMap.get(url);
	}
	}
	}