From c8ea0ac0c8ef86050a4e8917bde59082caf33c42 Mon Sep 17 00:00:00 2001 From: Fumiaki Kinoshita Date: Wed, 10 May 2023 10:31:04 +0900 Subject: [PATCH] Add validation test, including a failing example --- package.yaml | 7 +++- tests/Parser.hs | 7 +++- tests/Validation.hs | 53 +++++++++++++++++++++++++ tests/data/azuread-signed-assertion.xml | 1 + tests/data/azuread-signed-response.xml | 1 + tests/data/azuread.crt | 3 ++ tests/data/okta-attributes.xml | 17 ++++++++ tests/data/okta.crt | 19 +++++++++ tests/main.hs | 12 ++++++ wai-saml2.cabal | 16 ++++++-- 10 files changed, 129 insertions(+), 7 deletions(-) create mode 100644 tests/Validation.hs create mode 100644 tests/data/azuread-signed-assertion.xml create mode 100644 tests/data/azuread-signed-response.xml create mode 100644 tests/data/azuread.crt create mode 100644 tests/data/okta-attributes.xml create mode 100644 tests/data/okta.crt create mode 100644 tests/main.hs diff --git a/package.yaml b/package.yaml index 5e316a2..1ec6066 100644 --- a/package.yaml +++ b/package.yaml @@ -49,8 +49,8 @@ library: - -W tests: - parser: - main: Parser.hs + wai-saml2-test: + main: main.hs source-dirs: tests ghc-options: -Wall -Wcompat dependencies: @@ -59,6 +59,9 @@ tests: - filepath - pretty-show - tasty + - tasty-expected-failure - tasty-golden + - tasty-hunit + - transformers - wai-saml2 - xml-conduit diff --git a/tests/Parser.hs b/tests/Parser.hs index 215c307..2378469 100644 --- a/tests/Parser.hs +++ b/tests/Parser.hs @@ -1,6 +1,9 @@ {-# LANGUAGE ScopedTypeVariables #-} {-# LANGUAGE AllowAmbiguousTypes #-} {-# LANGUAGE TypeApplications #-} + +module Parser where + import Network.Wai.SAML2.EntityDescriptor import Network.Wai.SAML2.Response import Network.Wai.SAML2.XML @@ -18,8 +21,8 @@ run src = do resp <- parseXML (fromDocument doc) pure $ BC.pack $ ppShow (resp :: t) -main :: IO () -main = defaultMain $ testGroup "Parse SAML2 response" +tests :: TestTree +tests = testGroup "Parse SAML2 response" [ mkGolden @Response $ prefix "keycloak.xml" , mkGolden @Response $ prefix "okta.xml" , mkGolden @Response $ prefix "google.xml" diff --git a/tests/Validation.hs b/tests/Validation.hs new file mode 100644 index 0000000..b8c8d59 --- /dev/null +++ b/tests/Validation.hs @@ -0,0 +1,53 @@ +module Validation where + +import Control.Monad.Trans.Except +import Crypto.PubKey.RSA (PublicKey) +import qualified Data.ByteString as B +import qualified Data.ByteString.Base64 as Base64 +import Data.Time.Format.ISO8601 +import qualified Data.X509 as X509 +import qualified Data.X509.Memory as X509 +import Network.Wai.SAML2 +import Network.Wai.SAML2.Validation +import System.FilePath +import Test.Tasty +import Test.Tasty.ExpectedFailure +import Test.Tasty.HUnit + +-- | Get a public key from a X.509 certificate +parseCertificate :: B.ByteString -> PublicKey +parseCertificate certificate = case X509.readSignedObjectFromMemory certificate of + [signedCert] -> case X509.certPubKey $ X509.signedObject $ X509.getSigned signedCert of + X509.PubKeyRSA key -> key + other -> error $ "Expected PubKeyRSA, but got " <> show other + xs -> error $ show xs + +run :: FilePath -> String -> FilePath -> IO () +run certPath timestamp respPath = do + cert <- B.readFile $ prefix certPath + xml <- B.readFile $ prefix respPath + now <- iso8601ParseM timestamp + + let pub = parseCertificate cert + cfg = saml2ConfigNoEncryption pub + + assertion <- runExceptT $ do + (responseXmlDoc, samlResponse) <- decodeResponse $ Base64.encode xml + validateSAMLResponse cfg responseXmlDoc samlResponse now + + case assertion of + Left err -> assertFailure $ show err + Right _ -> pure () + +prefix :: FilePath +prefix = "tests/data" + +tests :: TestTree +tests = testGroup "Validate SAML2 Response" + [ testCase "AzureAD signed response" + $ run "azuread.crt" "2023-05-10T01:20:00Z" "azuread-signed-response.xml" + , expectFail $ testCase "AzureAD signed assertion" + $ run "azuread.crt" "2023-05-09T16:00:00Z" "azuread-signed-assertion.xml" + -- , testCase "Okta with AttributeStatement" + -- $ run "okta.crt" "2023-06-16T06:43:00.000Z" "okta-attributes.xml" + ] diff --git a/tests/data/azuread-signed-assertion.xml b/tests/data/azuread-signed-assertion.xml new file mode 100644 index 0000000..7c36763 --- /dev/null +++ b/tests/data/azuread-signed-assertion.xml @@ -0,0 +1 @@ +https://sts.windows.net/b0a63ade-3ec7-4d8b-991f-87eb4336274a/https://sts.windows.net/b0a63ade-3ec7-4d8b-991f-87eb4336274a/SkxHylilOD37KOxJT4V0YLIsL3W3AYHWM+iIZHmbukc=EIg22vtTqnEhiwE3HYruwnWOTKQjs57aQSqeq4gnLV7yoqQw0jjPWkkGTto2/0TeHWomX58Gj2MDNCRjlwid2jQuy6jZQW2+wDBurElVAO7trcxrX48EaKnG9ZPh/1++40O1l970zVzSRwknFvnOHpghWQsib9NadrRWB6/ZbmwpVhCfYYAcfu8z/o8TdQQtE66I2dr6YD8kAPbBe/vEeHBVPycaZj+8fqia5sIpGBUnH7rTvaTnzBHol1zg1YYyK8O53p7baQaQQ8WEZ4agBNjtHeJGbo2bP8uvO14FnoVoUQqDATJKkDHq5rM+6tQ0RvZgSP6jjKoiw5pfchedpQ==MIIC8DCCAdigAwIBAgIQafqoqGZ3HoxNh23cdsDACjANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0yMjEwMjQwNDM3MzJaFw0yNTEwMjQwNDM3MzJaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIrXrPws5kjzFTAJbXa/pitQ2hZTs9CMOv48iFXJLRRr90GaIUikqbU0X4CL3bewMC0XVBlBQwTGpRIIWbYreZ6lfQYaP/ACGysQ96m2aknH8cUQdlUFCEo94LlzTLqkDf+JWfdBT6AWDS9aLjS/r25HZRUR7xBcdSYOfSEE2UcO8QBH9BvoOD/xBBwAvSo4rjOwr9ZaKAG3Axu7Dh/T2AAE5ZHbCIQEeMEEkofQbexitiTYt0c2CyWdAFoR6MlxEPhWE8sIko62PhDMBMuGu67ZCbBINIVj2CcDr1kBx6OVdgvZYum/A09RRzBTMuFMP2+WG3yCjaUMA3Gn5lpv2QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAO0/TzTx1OQYUTPGwafh2mHzVpc9Hk2LIY+YvV4bbVsUwnuV6HKVr2Sn3uLIUiSE/JjTdjy7KE/1LBN2KNMe7vs67gOIjOODf/LMQJMHqu7oJtZdt1omrpxJH6DkA/YmPGyUOcX7ADLbaw4cf2lTt8Pk97HP+EvAM31ZfjLtgyGDlREeWa/y2wWOHOdeO1CGwvK1BKz9Sdg7bAs7lBSX/1Qp8pnnOJb/2wNuc9vw6p5UCEFvlAzGyRRLPZfDiazDzTznTyYDPupzJ5pic3rcogzCGQGUWW5dGG7c6lM6EAYDKNAZ+cv4wWrMA4sAo+DdNkzs8sDSv8Jw1AXGRuOTzQfumieval@herpdev.onmicrosoft.comhttps://loopback.ja-sore.de:3443/b0a63ade-3ec7-4d8b-991f-87eb4336274a552200d7-3516-4d81-8ea1-a87b429f07effumievalhttps://sts.windows.net/b0a63ade-3ec7-4d8b-991f-87eb4336274a/http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/passwordfumieval@herpdev.onmicrosoft.comurn:oasis:names:tc:SAML:2.0:ac:classes:Password \ No newline at end of file diff --git a/tests/data/azuread-signed-response.xml b/tests/data/azuread-signed-response.xml new file mode 100644 index 0000000..652f34a --- /dev/null +++ b/tests/data/azuread-signed-response.xml @@ -0,0 +1 @@ +https://sts.windows.net/b0a63ade-3ec7-4d8b-991f-87eb4336274a/smKor6LEHK0P+AlWTo7tPay67uUlbAe+ab0i9SrP6l8=naCN4lVR8RyqmLg4k0xjV2iM3mauBfBvswhJC/y2ikUf/i61WnOzmwI6+71yM8KSWCwiclQeUdgQf1ZHlNUlqub/ovaHQw6h5PN5wNSxDXp1O/YJ7Mh+JgcIAqKS5lQyes0LO1KAIukEShcla1ml4CnnzEjVQl7dBDsmwu3hRmkYSOeLCh1Ln0kCclG1W5IFJiDd2IJLoomUGvUq3Ei5sS/dFCRgPizu8IdFYjAvo51WwFDJGMVJLFnfo/xf+FctUt9MWMtOJ4X0J2RefLgyAVyT9NFzQWMOEBPXHinHfmWp9bI1DtQz4UZJnwJW1IizNlKpdE0Yt8j0FqvmAFHwOA==MIIC8DCCAdigAwIBAgIQafqoqGZ3HoxNh23cdsDACjANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0yMjEwMjQwNDM3MzJaFw0yNTEwMjQwNDM3MzJaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIrXrPws5kjzFTAJbXa/pitQ2hZTs9CMOv48iFXJLRRr90GaIUikqbU0X4CL3bewMC0XVBlBQwTGpRIIWbYreZ6lfQYaP/ACGysQ96m2aknH8cUQdlUFCEo94LlzTLqkDf+JWfdBT6AWDS9aLjS/r25HZRUR7xBcdSYOfSEE2UcO8QBH9BvoOD/xBBwAvSo4rjOwr9ZaKAG3Axu7Dh/T2AAE5ZHbCIQEeMEEkofQbexitiTYt0c2CyWdAFoR6MlxEPhWE8sIko62PhDMBMuGu67ZCbBINIVj2CcDr1kBx6OVdgvZYum/A09RRzBTMuFMP2+WG3yCjaUMA3Gn5lpv2QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAO0/TzTx1OQYUTPGwafh2mHzVpc9Hk2LIY+YvV4bbVsUwnuV6HKVr2Sn3uLIUiSE/JjTdjy7KE/1LBN2KNMe7vs67gOIjOODf/LMQJMHqu7oJtZdt1omrpxJH6DkA/YmPGyUOcX7ADLbaw4cf2lTt8Pk97HP+EvAM31ZfjLtgyGDlREeWa/y2wWOHOdeO1CGwvK1BKz9Sdg7bAs7lBSX/1Qp8pnnOJb/2wNuc9vw6p5UCEFvlAzGyRRLPZfDiazDzTznTyYDPupzJ5pic3rcogzCGQGUWW5dGG7c6lM6EAYDKNAZ+cv4wWrMA4sAo+DdNkzs8sDSv8Jw1AXGRuOTzQhttps://sts.windows.net/b0a63ade-3ec7-4d8b-991f-87eb4336274a/fumieval@herpdev.onmicrosoft.comhttps://loopback.ja-sore.de:3443/b0a63ade-3ec7-4d8b-991f-87eb4336274a552200d7-3516-4d81-8ea1-a87b429f07effumievalhttps://sts.windows.net/b0a63ade-3ec7-4d8b-991f-87eb4336274a/http://schemas.microsoft.com/ws/2008/06/identity/authenticationmethod/passwordfumieval@herpdev.onmicrosoft.comurn:oasis:names:tc:SAML:2.0:ac:classes:Password \ No newline at end of file diff --git a/tests/data/azuread.crt b/tests/data/azuread.crt new file mode 100644 index 0000000..4bedcfe --- /dev/null +++ b/tests/data/azuread.crt @@ -0,0 +1,3 @@ +-----BEGIN CERTIFICATE----- +MIIC8DCCAdigAwIBAgIQafqoqGZ3HoxNh23cdsDACjANBgkqhkiG9w0BAQsFADA0MTIwMAYDVQQDEylNaWNyb3NvZnQgQXp1cmUgRmVkZXJhdGVkIFNTTyBDZXJ0aWZpY2F0ZTAeFw0yMjEwMjQwNDM3MzJaFw0yNTEwMjQwNDM3MzJaMDQxMjAwBgNVBAMTKU1pY3Jvc29mdCBBenVyZSBGZWRlcmF0ZWQgU1NPIENlcnRpZmljYXRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIrXrPws5kjzFTAJbXa/pitQ2hZTs9CMOv48iFXJLRRr90GaIUikqbU0X4CL3bewMC0XVBlBQwTGpRIIWbYreZ6lfQYaP/ACGysQ96m2aknH8cUQdlUFCEo94LlzTLqkDf+JWfdBT6AWDS9aLjS/r25HZRUR7xBcdSYOfSEE2UcO8QBH9BvoOD/xBBwAvSo4rjOwr9ZaKAG3Axu7Dh/T2AAE5ZHbCIQEeMEEkofQbexitiTYt0c2CyWdAFoR6MlxEPhWE8sIko62PhDMBMuGu67ZCbBINIVj2CcDr1kBx6OVdgvZYum/A09RRzBTMuFMP2+WG3yCjaUMA3Gn5lpv2QIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAO0/TzTx1OQYUTPGwafh2mHzVpc9Hk2LIY+YvV4bbVsUwnuV6HKVr2Sn3uLIUiSE/JjTdjy7KE/1LBN2KNMe7vs67gOIjOODf/LMQJMHqu7oJtZdt1omrpxJH6DkA/YmPGyUOcX7ADLbaw4cf2lTt8Pk97HP+EvAM31ZfjLtgyGDlREeWa/y2wWOHOdeO1CGwvK1BKz9Sdg7bAs7lBSX/1Qp8pnnOJb/2wNuc9vw6p5UCEFvlAzGyRRLPZfDiazDzTznTyYDPupzJ5pic3rcogzCGQGUWW5dGG7c6lM6EAYDKNAZ+cv4wWrMA4sAo+DdNkzs8sDSv8Jw1AXGRuOTzQ +-----END CERTIFICATE----- diff --git a/tests/data/okta-attributes.xml b/tests/data/okta-attributes.xml new file mode 100644 index 0000000..f5e6922 --- /dev/null +++ b/tests/data/okta-attributes.xml @@ -0,0 +1,17 @@ +http://www.okta.com/exk5qcxp4hc3aXlST697yE2k0Ez50kHpdaFnQdGIYs/fT18JtldMOhsgMfdBQ7c=PNuTkyHJKBlO0ZE53J/CicLGmSmDQK4RfIkMZyzDJHdtN2FOrLaMKYUIZIMt5dZsUGlRNe+p5b8TsMLzp+LQyf72JkrAtfoqin3TQXWJlxffW+ZkloWsyVxG/Prvox7PhgHgZDZDDCAdTPPLsLosCaptuC3m06DvEuSq7+p5UPtRqbkBaFEb27fe3NKGoGnOcBFZ/Le/ExJQ7thvB3RyvZk5RwVQ1R2M2jCLuZ5jlsc4FogRJ9V0tqj/PVxPK5fhhgnZbsZr3yNS8nWJNAIWwRt6sHEUKi5CrWUG5TuN9Hp/+kSbR7b0Ge1JKV1jZAUodeqzZ06luXipwIqBwV0Y2g==MIIDoDCCAoigAwIBAgIGAYiKK3aGMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzETMBEG +A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU +MBIGA1UECwwLU1NPUHJvdmlkZXIxETAPBgNVBAMMCGhlcnAtaW5jMRwwGgYJKoZIhvcNAQkBFg1p +bmZvQG9rdGEuY29tMB4XDTIzMDYwNTA2MDcwNFoXDTMzMDYwNTA2MDgwNFowgZAxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ0wCwYDVQQK +DARPa3RhMRQwEgYDVQQLDAtTU09Qcm92aWRlcjERMA8GA1UEAwwIaGVycC1pbmMxHDAaBgkqhkiG +9w0BCQEWDWluZm9Ab2t0YS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2YKQa +PDrssVNqBokKyT77wYUlXKkTnHNtbD1rdXhiIGTszmxmF/NuzLfS1TMvzqiMnpbAwswTnNMF6sx2 +M/gl9tWpL6OF4MvCQf78LvzyTOKvghojJkpE65XbkB4HETpOKYlXhvwwbCG4rskMqtFEosM2dxY6 +KWUPAJyL0Z9hpqavvq6Ct8nAjZxHCKFQGcYfCfMXxI55/+xYuetHHo4BTj417FGLvHBgJkgYsc// +KRPzC1rPkTjIGn8hlmnGfkZ7srp+UGrewhlPvj6rZVkrgQdL6PTqXvwbe7XHOKjt79vPfGZBp/jq +FRwKTO1fbvGWzF2/vIJFuR90p4a90x6pAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGOKuxgCynAU +YU5oX19FiXrITcj3/XmdWZ2yTF72T0a4edhiKM0E0adcywxplllihSQV75k90Z+fmVREHFU+WacC +s9X8WdBkuZFH94Mgd1o2yXvFoZsbu4U1awNsgVpzKMsE7tSNScp2adz0JoU7oXqojiX90ED7m0bW +veEoVep+q6qc1kymA+mw9N42vEUOAN0i7ZD7SFtx2F9/yQGZt9egdr1NtLh6/pRw+wjyCjWQAGqW +dR4LKvZeoxejw3h3NOPt/lcImoEOPzrmNgZe6PXaTVG5NB9RmUuhM28DlofFP5z+8LraE4zvVxNn +Kw4QKKQWq+GelzAysM/94owvTA0=http://www.okta.com/exk5qcxp4hc3aXlST697hiroqn@herp.co.jppanemagi.beta.ja-sore.deurn:oasis:names:tc:SAML:2.0:ac:classes:unspecifiednetwalkhiroqnhiroqn@herp.co.jppanemagi_access \ No newline at end of file diff --git a/tests/data/okta.crt b/tests/data/okta.crt new file mode 100644 index 0000000..6b5c60c --- /dev/null +++ b/tests/data/okta.crt @@ -0,0 +1,19 @@ +-----BEGIN CERTIFICATE----- +MIIDoDCCAoigAwIBAgIGAYiKK3aGMA0GCSqGSIb3DQEBCwUAMIGQMQswCQYDVQQGEwJVUzETMBEG +A1UECAwKQ2FsaWZvcm5pYTEWMBQGA1UEBwwNU2FuIEZyYW5jaXNjbzENMAsGA1UECgwET2t0YTEU +MBIGA1UECwwLU1NPUHJvdmlkZXIxETAPBgNVBAMMCGhlcnAtaW5jMRwwGgYJKoZIhvcNAQkBFg1p +bmZvQG9rdGEuY29tMB4XDTIzMDYwNTA2MDcwNFoXDTMzMDYwNTA2MDgwNFowgZAxCzAJBgNVBAYT +AlVTMRMwEQYDVQQIDApDYWxpZm9ybmlhMRYwFAYDVQQHDA1TYW4gRnJhbmNpc2NvMQ0wCwYDVQQK +DARPa3RhMRQwEgYDVQQLDAtTU09Qcm92aWRlcjERMA8GA1UEAwwIaGVycC1pbmMxHDAaBgkqhkiG +9w0BCQEWDWluZm9Ab2t0YS5jb20wggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC2YKQa +PDrssVNqBokKyT77wYUlXKkTnHNtbD1rdXhiIGTszmxmF/NuzLfS1TMvzqiMnpbAwswTnNMF6sx2 +M/gl9tWpL6OF4MvCQf78LvzyTOKvghojJkpE65XbkB4HETpOKYlXhvwwbCG4rskMqtFEosM2dxY6 +KWUPAJyL0Z9hpqavvq6Ct8nAjZxHCKFQGcYfCfMXxI55/+xYuetHHo4BTj417FGLvHBgJkgYsc// +KRPzC1rPkTjIGn8hlmnGfkZ7srp+UGrewhlPvj6rZVkrgQdL6PTqXvwbe7XHOKjt79vPfGZBp/jq +FRwKTO1fbvGWzF2/vIJFuR90p4a90x6pAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAGOKuxgCynAU +YU5oX19FiXrITcj3/XmdWZ2yTF72T0a4edhiKM0E0adcywxplllihSQV75k90Z+fmVREHFU+WacC +s9X8WdBkuZFH94Mgd1o2yXvFoZsbu4U1awNsgVpzKMsE7tSNScp2adz0JoU7oXqojiX90ED7m0bW +veEoVep+q6qc1kymA+mw9N42vEUOAN0i7ZD7SFtx2F9/yQGZt9egdr1NtLh6/pRw+wjyCjWQAGqW +dR4LKvZeoxejw3h3NOPt/lcImoEOPzrmNgZe6PXaTVG5NB9RmUuhM28DlofFP5z+8LraE4zvVxNn +Kw4QKKQWq+GelzAysM/94owvTA0= +-----END CERTIFICATE----- diff --git a/tests/main.hs b/tests/main.hs new file mode 100644 index 0000000..87c1e70 --- /dev/null +++ b/tests/main.hs @@ -0,0 +1,12 @@ +{-# LANGUAGE ScopedTypeVariables #-} +{-# LANGUAGE AllowAmbiguousTypes #-} +{-# LANGUAGE TypeApplications #-} +import Test.Tasty +import qualified Parser +import qualified Validation + +main :: IO () +main = defaultMain $ testGroup "wai-saml2 tests" + [ Parser.tests + , Validation.tests + ] diff --git a/wai-saml2.cabal b/wai-saml2.cabal index deb6681..74e8408 100644 --- a/wai-saml2.cabal +++ b/wai-saml2.cabal @@ -1,6 +1,6 @@ cabal-version: 1.12 --- This file has been generated from package.yaml by hpack version 0.35.1. +-- This file has been generated from package.yaml by hpack version 0.35.2. -- -- see: https://github.com/sol/hpack @@ -20,10 +20,15 @@ build-type: Simple extra-source-files: README.md CHANGELOG.md + tests/data/azuread-signed-assertion.xml + tests/data/azuread-signed-response.xml + tests/data/azuread.crt tests/data/google.xml tests/data/google.xml.expected tests/data/keycloak.xml tests/data/keycloak.xml.expected + tests/data/okta-attributes.xml + tests/data/okta.crt tests/data/okta.xml tests/data/okta.xml.expected tests/data/metadata/google.xml @@ -84,10 +89,12 @@ library , zlib >=0.6.0.0 && <0.7 default-language: Haskell2010 -test-suite parser +test-suite wai-saml2-test type: exitcode-stdio-1.0 - main-is: Parser.hs + main-is: main.hs other-modules: + Parser + Validation Paths_wai_saml2 hs-source-dirs: tests @@ -111,9 +118,12 @@ test-suite parser , network-uri >=2.0 && <3 , pretty-show , tasty + , tasty-expected-failure , tasty-golden + , tasty-hunit , text <2.1 , time >=1.9 && <2 + , transformers , vault >=0.3 && <1 , wai >=3.0 && <4 , wai-extra >=3.0 && <4