packages feed

wai-saml2-0.2.1.1: test/Spec.hs

--------------------------------------------------------------------------------
-- SAML2 Middleware for WAI                                                   --
--------------------------------------------------------------------------------
-- This source code is licensed under the MIT license found in the LICENSE    --
-- file in the root directory of this source tree.                            --
--------------------------------------------------------------------------------

module Main ( main ) where 

--------------------------------------------------------------------------------

import Control.Concurrent
import Control.Monad.IO.Class

import qualified Data.ByteString as BS
import qualified Data.ByteString.Lazy as LBS
import qualified Data.Vault.Lazy as V
import Data.X509
import Data.X509.File

import Network.HTTP.Types.Status
import Network.Wai
import Network.Wai.Test
import Network.Wai.Handler.Warp
import Network.Wai.SAML2

--------------------------------------------------------------------------------

-- | 'tests' implements the tests.
tests :: Session ()
tests = do
    samlResponse <- liftIO $ BS.readFile "test-data/sample-response"

    let req = (setPath defaultRequest "/sso/assert"){
        requestMethod = "POST",
        requestHeaders = [("Content-Type","application/x-www-form-urlencoded")]
    }

    res <- srequest $ SRequest req (LBS.fromStrict samlResponse)


    samlResponseWithRs <- liftIO $ BS.readFile "test-data/sample-response-with-rs"

    res <- srequest $ SRequest req (LBS.fromStrict samlResponseWithRs)

    assertStatus 200 res 

-- | 'main' is the main entry point for the test suite.
main :: IO ()
main = do
    -- load private and public keys for the SP and IdP respectively
    [privKey] <- liftIO $ readKeyFile "test-data/sp.pem"
    [pubKey] <- liftIO $ readSignedObject "test-data/idp.pem"

    let (PrivKeyRSA privateKey) = privKey
    let (PubKeyRSA publicKey) = certPubKey $ signedObject $ getSigned pubKey

    -- construct a configuration for the SAML2 middleware; we disable
    -- time validation since it would require us to issue new responses
    -- every time we run the tests
    let config = (saml2Config privateKey publicKey){ 
        saml2DisableTimeValidation = True 
    }

    -- run the middleware with a basic application on top and execute the
    -- tests against it
    runSession tests $ saml2Vault config $ \req respond -> do 
        print $ V.lookup relayStateKey (vault req)
        respond $ case V.lookup errorKey (vault req) of 
                Just err -> do 
                    responseLBS status400 [] "Invalid request"
                Nothing -> 
                    responseLBS status200 [] "Hello World"

--------------------------------------------------------------------------------