diff --git a/README.md b/README.md index 8d84dc6..3a91ede 100644 --- a/README.md +++ b/README.md @@ -188,6 +188,30 @@ docker composer up -d ssp-hub.local 13. Hit `Apply` and `OK` 14. Click on `Run` and then `Debug 'Debug on Docker'` +### Metadata Tests Check: +- Metadata files can be linted via php (`php -l file`) +- Metadata files return arrays +- IdP Metadata files have an IdP namespace that exists, is a string, and only contains letters, numbers, hyphens, and underscores +- IdP Metadata files don't have duplicate IdP codes +- SP Metadata files don't have duplicate entity ids +- IdP Metadatas contains `name` entry with an `en` entry +- IdP Metadatas contains `logoURL` entry +- if SP Metadata contains `IDPList`, check that it is allowed for that IdP as well + +#### Hub mode tests [SKIPPED if HUB_MODE = false] +- IdP Metadata files SP List is an array +- IdP Metadata files LogoCaption isset +- IdP Metadata files SP List has existing SPs +- All SPs have an IdP it can use +- All SPs have a non-empty IDPList entry +- All SPs have a non-empty name entry + +#### SP tests [SKIPPED if `'SkipTests' => true,`] +- Contains a `CertData` entry +- Contains a `saml20.sign.response` entry AND it is set to true +- Contains a `saml20.sign.assertion` entry AND it is set to true +- Contains a `assertion.encryption` entry AND it is set to true + ## Overriding translations / dictionaries If you use this Docker image but want to change some of the translations, you diff --git a/tests/AnnouncementTest.php b/tests/AnnouncementTest.php index f181cda..4334499 100644 --- a/tests/AnnouncementTest.php +++ b/tests/AnnouncementTest.php @@ -13,7 +13,11 @@ class AnnouncementTest extends TestCase */ public function testGetSimpleAnnouncement() { - $results = AnnouncementUtils::getSimpleAnnouncement(); + $announcementPathFile = '/data/ssp-announcement.php'; + if (file_exists($announcementPathFile)) { + $results = AnnouncementUtils::getSimpleAnnouncement(); + $this->assertNotNull($results); + } } } \ No newline at end of file diff --git a/tests/MetadataTest.php b/tests/MetadataTest.php index 0eeca0a..68f890c 100644 --- a/tests/MetadataTest.php +++ b/tests/MetadataTest.php @@ -44,7 +44,7 @@ public function testIDPRemoteMetadataIDPCode() 'include an ' . self::IdpCode . ' element as expected. IDP: ' . $entityId); $nextCode = $entry[self::IdpCode]; - $this->assertTrue(is_string($nextCode), 'Metadata entry has an ' . + $this->assertIsString($nextCode, 'Metadata entry has an ' . self::IdpCode . 'element that is not a string. IDP: ' . $entityId); $this->assertRegExp("/^[A-Za-z0-9_-]+$/", $nextCode, 'Metadata entry has an ' . self::IdpCode . ' element that has something other than letters, ' . @@ -72,7 +72,7 @@ public function testIDPRemoteMetadataBadSPList() } } - $this->assertTrue(empty($badIdps), + $this->assertEmpty($badIdps, "At least one IdP has an " . $spListKey . " entry that is not an array ... " . PHP_EOL . var_export($badIdps, True)); @@ -97,7 +97,7 @@ public function testIDPRemoteMetadataMissingLogoCaption() } } - $this->assertTrue(empty($badIdps), + $this->assertEmpty($badIdps, "At least one IdP is missing a " . self::LogoCaptionKey . " entry ... " . PHP_EOL . var_export($badIdps, True)); @@ -130,7 +130,7 @@ public function testIDPRemoteMetadataBadSPListEntry() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, "At least one non-existent SP is listed in an IdP's " . $spListKey . " entry ... " . PHP_EOL . var_export($badSps, True)); @@ -145,7 +145,7 @@ public function testIDPRemoteMetadataNoDuplicateIDPCode() foreach ($idpEntries as $entityId => $entry) { $nextCode = $entry[self::IdpCode]; - $this->assertFalse(in_array($nextCode, $codes), + $this->assertNotContains($nextCode, $codes, "Metadata has a duplicate " . self::IdpCode . " entry: " . $nextCode); $codes[] = $nextCode; } @@ -157,19 +157,13 @@ public function testMetadataNoDuplicateEntities() $spEntries = $metadata->getList('saml20-sp-remote'); $entities = []; foreach ($spEntries as $entityId => $entity) { - $this->assertFalse( - in_array($entityId, $entities), - 'Duplicate SP entityId found: ' . $entityId - ); + $this->assertNotContains($entityId, $entities, 'Duplicate SP entityId found: ' . $entityId); $entities[] = $entityId; } $idpEntries = $metadata->getList(); foreach ($idpEntries as $entityId => $entity) { - $this->assertFalse( - in_array($entityId, $entities), - 'Duplicate IdP entityId found: ' . $entityId - ); + $this->assertNotContains($entityId, $entities, 'Duplicate IdP entityId found: ' . $entityId); $entities[] = $entityId; } } @@ -194,7 +188,7 @@ public function testMetadataNoSpsWithoutAnIdp() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, "At least one SP does not have an IdP it is allowed to use ... " . var_export($badSps, True)); } @@ -212,7 +206,7 @@ public function testMetadataBadIdpName() } } - $this->assertTrue(empty($badNames), + $this->assertEmpty($badNames, "The following Idp's do not have a 'name' entry as an array with an 'en' entry ... " . var_export($badNames, True)); } @@ -230,7 +224,7 @@ public function testMetadataMissingLogoURL() } } - $this->assertTrue(empty($badLogos), + $this->assertEmpty($badLogos, "The following Idp's do not have a 'logoURL' entry ... " . var_export($badLogos, True)); } @@ -258,7 +252,7 @@ public function testMetadataSPWithBadIDPList() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has an IDPList with a bad IDP entity id ... ' . var_export($badSps, True)); } @@ -282,7 +276,7 @@ public function testMetadataSPWithNoIDPList() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has an empty IDPList entry (required) ... ' . var_export($badSps, True)); } @@ -306,7 +300,7 @@ public function testMetadataSPWithNoName() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has an empty "' . self::SPNameKey . '" entry (required) ... ' . var_export($badSps, True)); } @@ -329,7 +323,7 @@ public function testMetadataCerts() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has no certData entry ... ' . var_export($badSps, True)); @@ -356,7 +350,7 @@ public function testMetadataSignResponse() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has saml20.sign.response set to false ... ' . var_export($badSps, True)); @@ -387,7 +381,7 @@ public function testMetadataSignAssertion() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has saml20.sign.assertion set to false ... ' . var_export($badSps, True)); @@ -417,7 +411,7 @@ public function testMetadataEncryption() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP does not have assertion.encryption set to True ... ' . var_export($badSps, True));