From c27c8ba6288b639a79ea9eb24009cc2b17dd2335 Mon Sep 17 00:00:00 2001 From: Jason Jackson Date: Tue, 23 Jul 2024 10:49:54 -0400 Subject: [PATCH 1/4] Fix announcement test --- tests/AnnouncementTest.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/AnnouncementTest.php b/tests/AnnouncementTest.php index f181cda4..0cdb8a84 100644 --- a/tests/AnnouncementTest.php +++ b/tests/AnnouncementTest.php @@ -13,7 +13,11 @@ class AnnouncementTest extends TestCase */ public function testGetSimpleAnnouncement() { - $results = AnnouncementUtils::getSimpleAnnouncement(); + $announcementPathFile = '/data/ssp-announcement.php'; + if (file_exists($announcementPathFile)) { + $announcement = include $announcementPathFile; + $this->assertIsString($announcement); + } } } \ No newline at end of file From b742091a8b0ba20b15549d43f1f944a7769f29bb Mon Sep 17 00:00:00 2001 From: Jason Jackson Date: Tue, 23 Jul 2024 10:57:20 -0400 Subject: [PATCH 2/4] add description of metadata tests to README --- README.md | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) diff --git a/README.md b/README.md index eb462598..1faffa26 100644 --- a/README.md +++ b/README.md @@ -96,6 +96,30 @@ docker composer up -d ssp-hub.local 13. Hit `Apply` and `OK` 14. Click on `Run` and then `Debug 'Debug on Docker'` +### Metadata Tests Check: +- Metadata files can be linted via php (`php -l file`) +- Metadata files return arrays +- IdP Metadata files have an IdP namespace that exists, is a string, and only contains letters, numbers, hyphens, and underscores +- IdP Metadata files don't have duplicate IdP codes +- SP Metadata files don't have duplicate entity ids +- IdP Metadatas contains `name` entry with an `en` entry +- IdP Metadatas contains `logoURL` entry +- if SP Metadata contains `IDPList`, check that it is allowed for that IdP as well + +#### Hub mode tests [SKIPPED if HUB_MODE = false] +- IdP Metadata files SP List is an array +- IdP Metadata files LogoCaption isset +- IdP Metadata files SP List has existing SPs +- All SPs have an IdP it can use +- All SPs have a non-empty IDPList entry +- All SPs have a non-empty name entry + +#### SP tests [SKIPPED if `'SkipTests' => true,`] +- Contains a `CertData` entry +- Contains a `saml20.sign.response` entry AND it is set to true +- Contains a `saml20.sign.assertion` entry AND it is set to true +- Contains a `assertion.encryption` entry AND it is set to true + ## Overriding translations / dictionaries If you use this Docker image but want to change some of the translations, you From 0987d5765beb6e870b905b30d1bb9de94c77766c Mon Sep 17 00:00:00 2001 From: Jason Jackson Date: Tue, 23 Jul 2024 10:59:36 -0400 Subject: [PATCH 3/4] Cleanup metadata tests --- tests/MetadataTest.php | 40 +++++++++++++++++++--------------------- 1 file changed, 19 insertions(+), 21 deletions(-) diff --git a/tests/MetadataTest.php b/tests/MetadataTest.php index 4786677c..39f79651 100644 --- a/tests/MetadataTest.php +++ b/tests/MetadataTest.php @@ -55,13 +55,13 @@ public function testMetadataFilesReturnArrays() $spFiles = $this->getSpMetadataFiles(); foreach ($spFiles as $file) { $returnVal = include $file; - $this->assertTrue(is_array($returnVal), 'Metadata file does not return array as expected. File: ' . $file); + $this->assertIsArray($returnVal, 'Metadata file does not return array as expected. File: ' . $file); } $idpFiles = $this->getIdPMetadataFiles(); foreach ($idpFiles as $file) { $returnVal = include $file; - $this->assertTrue(is_array($returnVal), 'Metadata file does not return array as expected. File: ' . $file); + $this->assertIsArray($returnVal, 'Metadata file does not return array as expected. File: ' . $file); } } @@ -74,7 +74,7 @@ public function testIDPRemoteMetadataIDPCode() 'include an ' . self::IdpCode . ' element as expected. IDP: ' . $entityId); $nextCode = $entry[self::IdpCode]; - $this->assertTrue(is_string($nextCode), 'Metadata entry has an ' . + $this->assertIsString($nextCode, 'Metadata entry has an ' . self::IdpCode . 'element that is not a string. IDP: ' . $entityId); $this->assertRegExp("/^[A-Za-z0-9_-]+$/", $nextCode, 'Metadata entry has an ' . self::IdpCode . ' element that has something other than letters, ' . @@ -101,7 +101,7 @@ public function testIDPRemoteMetadataBadSPList() } } - $this->assertTrue(empty($badIdps), + $this->assertEmpty($badIdps, "At least one IdP has an " . $spListKey . " entry that is not an array ... " . PHP_EOL . var_export($badIdps, True)); @@ -125,7 +125,7 @@ public function testIDPRemoteMetadataMissingLogoCaption() } } - $this->assertTrue(empty($badIdps), + $this->assertEmpty($badIdps, "At least one IdP is missing a " . self::LogoCaptionKey . " entry ... " . PHP_EOL . var_export($badIdps, True)); @@ -157,7 +157,7 @@ public function testIDPRemoteMetadataBadSPListEntry() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, "At least one non-existent SP is listed in an IdP's " . $spListKey . " entry ... " . PHP_EOL . var_export($badSps, True)); @@ -171,7 +171,7 @@ public function testIDPRemoteMetadataNoDuplicateIDPCode() foreach ($idpEntries as $entityId => $entry) { $nextCode = $entry[self::IdpCode]; - $this->assertFalse(in_array($nextCode, $codes), + $this->assertNotContains($nextCode, $codes, "Metadata has a duplicate " . self::IdpCode . " entry: " . $nextCode); $codes[] = $nextCode; } @@ -184,8 +184,7 @@ public function testMetadataNoDuplicateEntities() foreach ($spFiles as $file) { $returnVal = include $file; foreach ($returnVal as $entityId => $entity) { - $this->assertFalse( - in_array($entityId, $entities), + $this->assertNotContains($entityId, $entities, 'Duplicate entity id found in metadata file: ' . $file . '. Entity ID: ' . $entityId ); $entities[] = $entityId; @@ -196,8 +195,7 @@ public function testMetadataNoDuplicateEntities() foreach ($idpFiles as $file) { $returnVal = include $file; foreach ($returnVal as $entityId => $entity) { - $this->assertFalse( - in_array($entityId, $entities), + $this->assertNotContains($entityId, $entities, 'Duplicate entity id found in metadata file: ' . $file . '. Entity ID: ' . $entityId ); $entities[] = $entityId; @@ -227,7 +225,7 @@ public function testMetadataNoSpsWithoutAnIdp() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, "At least one SP does not have an IdP it is allowed to use ... " . var_export($badSps, True)); } @@ -244,7 +242,7 @@ public function testMetadataBadIdpName() } } - $this->assertTrue(empty($badNames), + $this->assertEmpty($badNames, "The following Idp's do not have a 'name' entry as an array with an 'en' entry ... " . var_export($badNames, True)); } @@ -261,7 +259,7 @@ public function testMetadataMissingLogoURL() } } - $this->assertTrue(empty($badLogos), + $this->assertEmpty($badLogos, "The following Idp's do not have a 'logoURL' entry ... " . var_export($badLogos, True)); } @@ -288,7 +286,7 @@ public function testMetadataSPWithBadIDPList() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has an IDPList with a bad IDP entity id ... ' . var_export($badSps, True)); } @@ -311,7 +309,7 @@ public function testMetadataSPWithNoIDPList() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has an empty IDPList entry (required) ... ' . var_export($badSps, True)); } @@ -334,7 +332,7 @@ public function testMetadataSPWithNoName() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has an empty "' . self::SPNameKey . '" entry (required) ... ' . var_export($badSps, True)); } @@ -356,7 +354,7 @@ public function testMetadataCerts() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has no certData entry ... ' . var_export($badSps, True)); @@ -382,7 +380,7 @@ public function testMetadataSignResponse() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has saml20.sign.response set to false ... ' . var_export($badSps, True)); @@ -412,7 +410,7 @@ public function testMetadataSignAssertion() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP has saml20.sign.assertion set to false ... ' . var_export($badSps, True)); @@ -441,7 +439,7 @@ public function testMetadataEncryption() } } - $this->assertTrue(empty($badSps), + $this->assertEmpty($badSps, 'At least one SP does not have assertion.encryption set to True ... ' . var_export($badSps, True)); From 7cf405e390b617fe76396c871da18ec73e054846 Mon Sep 17 00:00:00 2001 From: Jason Jackson Date: Fri, 26 Jul 2024 12:24:52 -0400 Subject: [PATCH 4/4] add getSimpleAnnouncement back to test --- tests/AnnouncementTest.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/AnnouncementTest.php b/tests/AnnouncementTest.php index 0cdb8a84..43344996 100644 --- a/tests/AnnouncementTest.php +++ b/tests/AnnouncementTest.php @@ -15,8 +15,8 @@ public function testGetSimpleAnnouncement() { $announcementPathFile = '/data/ssp-announcement.php'; if (file_exists($announcementPathFile)) { - $announcement = include $announcementPathFile; - $this->assertIsString($announcement); + $results = AnnouncementUtils::getSimpleAnnouncement(); + $this->assertNotNull($results); } }