View source
<?php
namespace Drupal\samlauth\Tests;
use Drupal\Core\Url;
use Drupal\simpletest\WebTestBase;
use Drupal\Component\Serialization\Yaml;
class SamlTest extends WebTestBase {
protected $strictConfigSchema = FALSE;
public static $modules = array(
'samlauth',
);
public static function getInfo() {
return array(
'name' => 'Tests SAML authentication',
'description' => 'Functional tests for the samlauth module functionality.',
'group' => 'samlauth',
);
}
public function setUp() {
parent::setUp();
$config = drupal_get_path('module', 'samlauth') . '/test_resources/samlauth.authentication.yml';
$config = file_get_contents($config);
$config = Yaml::decode($config);
\Drupal::configFactory()
->getEditable('samlauth.authentication')
->setData($config)
->save();
}
public function testAdminPage() {
$web_user = $this
->drupalCreateUser([
'configure saml',
]);
$this
->drupalLogin($web_user);
$this
->drupalGet('admin/config/people/saml');
$this
->assertText('Login / Logout', 'Login / Logout fieldset present');
$this
->assertText('Service Provider Configuration', 'SP fieldset present');
$this
->assertText('Identity Provider Configuration', 'iDP fieldset present');
$this
->assertText('User Info and Syncing', 'User Info and Syncing fieldset present');
$this
->assertText('Security Options', 'Security options fieldset present');
}
public function testMetadata() {
$web_user = $this
->drupalCreateUser([
'view sp metadata',
]);
$this
->drupalLogin($web_user);
$this
->drupalGet('saml/metadata');
$this
->assertResponse(200, 'SP metadata is accessible');
$this
->assertRaw('entityID="samlauth"', 'Entity ID found in the metadata');
}
public function testLoginNotAllowed() {
if ($this->loggedInUser) {
$this
->drupalLogout();
}
$this
->drupalGet('saml/login');
$url = Url::fromUri('https://idp.testshib.org:443/idp/Authn/UserPassword');
$this
->assertUrl($url, [], 'Correct iDP page loaded');
$this
->assertResponse(200, 'iDP page loaded successfully');
$this
->drupalPost('https://idp.testshib.org/idp/Authn/UserPassword', '*', array(
'j_username' => 'myself',
'j_password' => 'myself',
));
}
public function testDrupalLoginNotAllowed() {
$saml_user = $this
->createUser();
\Drupal::service('user.data')
->set('samlauth', $saml_user
->id(), 'saml_id', '12345');
$edit = array(
'name' => $saml_user
->getUsername(),
'pass' => $saml_user->pass_raw,
);
$this
->drupalPostForm('user/login', $edit, t('Log in'));
$this
->assert(!$this
->drupalUserIsLoggedIn($saml_user), 'SAML user is not logged in.');
$this
->assertText('SAML users must sign in with SSO', 'Error is displayed to the user.');
}
}