Package net.shibboleth.idp.plugin.authn.duo.impl

Class DuoAuthnFlowTest

  • All Implemented Interfaces:
    junit.framework.Test
    public class DuoAuthnFlowTest
extends AbstractAuthnXmlFlowExecutionTests
    Test the Duo 2FA flow using SWF flow testing.

    Note, these test use JUnit, and work with the TestNG to JUnit bridge

    • Constructor Detail

      • DuoAuthnFlowTest

        public DuoAuthnFlowTest()

    • Method Detail

      • testDuoAuthnFlowDuoEndpointUnhealthy

        public void testDuoAuthnFlowDuoEndpointUnhealthy()
        Test the Duo flow when the health check returns unhealthy.

      • testDuoAuthnFlowToAuthorizationRequest

        public void testDuoAuthnFlowToAuthorizationRequest()
        Test the Duo flow up to the external authorization request.

      • testDuoAuthnFlowToAuthorizationRequestMultipleDuoIntegrationsFirst

        public void testDuoAuthnFlowToAuthorizationRequestMultipleDuoIntegrationsFirst()
        Test the Duo flow up to the external authorization request using the dynamically selected first Duo integration.

      • testDuoAuthnFlowToAuthorizationRequestMultipleDuoIntegrationsSecond

        public void testDuoAuthnFlowToAuthorizationRequestMultipleDuoIntegrationsSecond()
        Test the Duo flow up to the external authorization request using the dynamically selected second Duo integration.

      • testDuoAuthnFlowToAuthorizationRequestWithUserSpaceFactory

        public void testDuoAuthnFlowToAuthorizationRequestWithUserSpaceFactory()
        Test the Duo flow up to the external authorization request using a user space (in XML file) factory. Will fail if the default DuoSDKFactory is used - invalid_client.

      • testContextToPrincipalMappingStrategy

        public void testContextToPrincipalMappingStrategy()
                                           throws DuoClientException
        Test for https://issues.shibboleth.net/jira/browse/JDUO-47. A mapping strategy should correctly add the ACR to the set of principals.
        Throws:
        DuoClientException - on error.

      • testDuoAuthnFlowFromAuthorizationCallback

        public void testDuoAuthnFlowFromAuthorizationCallback()
                                               throws DuoClientException
        Test the Duo flow from the external authorization request to the end of the flow.
        Throws:
        DuoClientException - if the client can not be created.

      • testDuoAuthnFlowFromAuthorizationCallbackWithRPC

        public void testDuoAuthnFlowFromAuthorizationCallbackWithRPC()
                                                      throws DuoClientException
        Test the Duo flow from the external authorization request to the end of the flow with a requested principal set.
        Throws:
        DuoClientException - if the client can not be created.

      • testDuoAuthnFlowFromAuthorizationCallbackForceAuthnFailure

        public void testDuoAuthnFlowFromAuthorizationCallbackForceAuthnFailure()
                                                                throws DuoClientException
        Test the Duo flow from the external authorization request. This should fail, as forced authn is requested by the auth_time is from a previous authentication (to far in the past).
        Throws:
        DuoClientException - if the client can not be created.