|
14 | 14 | import java.io.FileInputStream; |
15 | 15 | import java.io.IOException; |
16 | 16 | import java.io.InputStream; |
17 | | -import java.nio.charset.StandardCharsets; |
18 | 17 | import java.security.KeyStore; |
19 | 18 | import java.security.KeyStoreException; |
20 | 19 | import java.security.NoSuchAlgorithmException; |
|
34 | 33 |
|
35 | 34 | import com.fasterxml.jackson.core.type.TypeReference; |
36 | 35 | import com.google.common.collect.ImmutableMap; |
37 | | -import com.google.common.io.BaseEncoding; |
38 | 36 | import com.nimbusds.jwt.SignedJWT; |
39 | 37 | import org.hamcrest.Matchers; |
40 | 38 | import org.junit.After; |
@@ -107,10 +105,6 @@ public class HTTPSamlAuthenticatorTest { |
107 | 105 | private static X509Certificate spSigningCertificate; |
108 | 106 | private static PrivateKey spSigningPrivateKey; |
109 | 107 |
|
110 | | - final static String signingKey = |
111 | | - "This is my super safe signing key that no one will ever be able to guess. It's would take billions of years and the world's most powerful quantum computer to crack"; |
112 | | - final static String signingKeyB64Encoded = BaseEncoding.base64().encode(signingKey.getBytes(StandardCharsets.UTF_8)); |
113 | | - |
114 | 108 | @Before |
115 | 109 | public void setUp() throws Exception { |
116 | 110 | mockSamlIdpServer = new MockSamlIdpServer(); |
@@ -139,7 +133,7 @@ public void testRawHMACSettings() throws Exception { |
139 | 133 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
140 | 134 | .put("roles_key", "roles") |
141 | 135 | .put("jwt.key.kty", "oct") |
142 | | - .put("jwt.key.k", signingKeyB64Encoded) |
| 136 | + .put("jwt.key.k", "abc") |
143 | 137 | .put("path.home", ".") |
144 | 138 | .build(); |
145 | 139 |
|
@@ -177,7 +171,7 @@ public void basicTest() throws Exception { |
177 | 171 | .put(IDP_METADATA_URL, mockSamlIdpServer.getMetadataUri()) |
178 | 172 | .put("kibana_url", "http://wherever") |
179 | 173 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
180 | | - .put("exchange_key", signingKeyB64Encoded) |
| 174 | + .put("exchange_key", "abc") |
181 | 175 | .put("roles_key", "roles") |
182 | 176 | .put("path.home", ".") |
183 | 177 | .build(); |
@@ -231,7 +225,7 @@ public void decryptAssertionsTest() throws Exception { |
231 | 225 | "sp.signature_private_key", |
232 | 226 | String.format(PRIVATE_KEY_PATTERN, Base64.getEncoder().encodeToString(spSigningPrivateKey.getEncoded())) |
233 | 227 | ) |
234 | | - .put("exchange_key", signingKeyB64Encoded) |
| 228 | + .put("exchange_key", "abc") |
235 | 229 | .put("roles_key", "roles") |
236 | 230 | .put("path.home", ".") |
237 | 231 | .build(); |
@@ -274,7 +268,7 @@ public void shouldUnescapeSamlEntitiesTest() throws Exception { |
274 | 268 | "sp.signature_private_key", |
275 | 269 | String.format(PRIVATE_KEY_PATTERN, Base64.getEncoder().encodeToString(spSigningPrivateKey.getEncoded())) |
276 | 270 | ) |
277 | | - .put("exchange_key", signingKeyB64Encoded) |
| 271 | + .put("exchange_key", "abc") |
278 | 272 | .put("roles_key", "roles") |
279 | 273 | .put("path.home", ".") |
280 | 274 | .build(); |
@@ -320,7 +314,7 @@ public void shouldUnescapeSamlEntitiesTest2() throws Exception { |
320 | 314 | "sp.signature_private_key", |
321 | 315 | String.format(PRIVATE_KEY_PATTERN, Base64.getEncoder().encodeToString(spSigningPrivateKey.getEncoded())) |
322 | 316 | ) |
323 | | - .put("exchange_key", signingKeyB64Encoded) |
| 317 | + .put("exchange_key", "abc") |
324 | 318 | .put("roles_key", "roles") |
325 | 319 | .put("path.home", ".") |
326 | 320 | .build(); |
@@ -365,7 +359,7 @@ public void shouldNotEscapeSamlEntities() throws Exception { |
365 | 359 | "sp.signature_private_key", |
366 | 360 | String.format(PRIVATE_KEY_PATTERN, Base64.getEncoder().encodeToString(spSigningPrivateKey.getEncoded())) |
367 | 361 | ) |
368 | | - .put("exchange_key", signingKeyB64Encoded) |
| 362 | + .put("exchange_key", "abc") |
369 | 363 | .put("roles_key", "roles") |
370 | 364 | .put("path.home", ".") |
371 | 365 | .build(); |
@@ -410,7 +404,7 @@ public void shouldNotTrimWhitespaceInJwtRoles() throws Exception { |
410 | 404 | "sp.signature_private_key", |
411 | 405 | String.format(PRIVATE_KEY_PATTERN, Base64.getEncoder().encodeToString(spSigningPrivateKey.getEncoded())) |
412 | 406 | ) |
413 | | - .put("exchange_key", signingKeyB64Encoded) |
| 407 | + .put("exchange_key", "abc") |
414 | 408 | .put("roles_key", "roles") |
415 | 409 | .put("path.home", ".") |
416 | 410 | .build(); |
@@ -452,7 +446,7 @@ public void testMetadataBody() throws Exception { |
452 | 446 | .put(IDP_METADATA_CONTENT, metadataBody) |
453 | 447 | .put("kibana_url", "http://wherever") |
454 | 448 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
455 | | - .put("exchange_key", signingKeyB64Encoded) |
| 449 | + .put("exchange_key", "abc") |
456 | 450 | .put("roles_key", "roles") |
457 | 451 | .put("path.home", ".") |
458 | 452 | .build(); |
@@ -510,7 +504,7 @@ public void unsolicitedSsoTest() throws Exception { |
510 | 504 | .put(IDP_METADATA_URL, mockSamlIdpServer.getMetadataUri()) |
511 | 505 | .put("kibana_url", "http://wherever") |
512 | 506 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
513 | | - .put("exchange_key", signingKeyB64Encoded) |
| 507 | + .put("exchange_key", "abc") |
514 | 508 | .put("roles_key", "roles") |
515 | 509 | .put("path.home", ".") |
516 | 510 | .build(); |
@@ -645,7 +639,7 @@ public void rolesTest() throws Exception { |
645 | 639 | .put(IDP_METADATA_URL, mockSamlIdpServer.getMetadataUri()) |
646 | 640 | .put("kibana_url", "http://wherever") |
647 | 641 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
648 | | - .put("exchange_key", signingKeyB64Encoded) |
| 642 | + .put("exchange_key", "abc") |
649 | 643 | .put("roles_key", "roles") |
650 | 644 | .put("path.home", ".") |
651 | 645 | .put("roles_seperator", ",") |
@@ -688,7 +682,7 @@ public void idpEndpointWithQueryStringTest() throws Exception { |
688 | 682 | .put(IDP_METADATA_URL, mockSamlIdpServer.getMetadataUri()) |
689 | 683 | .put("kibana_url", "http://wherever") |
690 | 684 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
691 | | - .put("exchange_key", signingKeyB64Encoded) |
| 685 | + .put("exchange_key", "abc") |
692 | 686 | .put("roles_key", "roles") |
693 | 687 | .put("path.home", ".") |
694 | 688 | .build(); |
@@ -738,7 +732,7 @@ private void commaSeparatedRoles(final String rolesAsString, final Settings.Buil |
738 | 732 | Settings settings = settingsBuilder.put(IDP_METADATA_URL, mockSamlIdpServer.getMetadataUri()) |
739 | 733 | .put("kibana_url", "http://wherever") |
740 | 734 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
741 | | - .put("exchange_key", signingKeyB64Encoded) |
| 735 | + .put("exchange_key", "abc") |
742 | 736 | .put("roles_key", "roles") |
743 | 737 | .put("path.home", ".") |
744 | 738 | .build(); |
@@ -843,7 +837,7 @@ public void initialConnectionFailureTest() throws Exception { |
843 | 837 | .put("idp.min_refresh_delay", 100) |
844 | 838 | .put("kibana_url", "http://wherever") |
845 | 839 | .put("idp.entity_id", mockSamlIdpServer.getIdpEntityId()) |
846 | | - .put("exchange_key", signingKeyB64Encoded) |
| 840 | + .put("exchange_key", "abc") |
847 | 841 | .put("roles_key", "roles") |
848 | 842 | .put("path.home", ".") |
849 | 843 | .build(); |
|
0 commit comments