Removed the VSPremium test project.

- The relevant test for signatures without reference has been moved to normal test project.
- Fixes Sustainsys#192.

Kentor.AuthServices.Mvc/AuthServicesController.cs

@@ -5,6 +5,7 @@
 using Kentor.AuthServices.HttpModule;
 using Kentor.AuthServices.Configuration;
 using Kentor.AuthServices.WebSso;
+using System.Diagnostics.CodeAnalysis;
 
 namespace Kentor.AuthServices.Mvc
 {
@@ -68,6 +69,9 @@ public ActionResult Acs()
         /// SignOut action that signs out the current user.
         /// </summary>
         /// <returns>Redirect to base url / </returns>
+        // Exclude from code coverage as it a) is very simple and b) can't be
+        // tested without shims that are only available in VSPremium.
+        [ExcludeFromCodeCoverage]
         public ActionResult SignOut()
         {
             FederatedAuthentication.SessionAuthenticationModule.SignOut();

Kentor.AuthServices.Tests/Saml2P/Saml2ResponseTests.cs

@@ -532,6 +532,19 @@ public void Saml2Response_GetClaims_ThrowsOnIncorrectTransformsInSignature()
                 .WithMessage("Transform \"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\" found in XML signature is not allowed in SAML.");
         }
 
+        [TestMethod]
+        public void Saml2Response_Validate_ThrowsOnMissingReferenceInSignature()
+        {
+            var signedWithoutReference = @"<saml2p:Response xmlns:saml2p=""urn:oasis:names:tc:SAML:2.0:protocol"" xmlns:saml2=""urn:oasis:names:tc:SAML:2.0:assertion"" ID=""Saml2Response_Validate_FalseOnMissingReference"" Version=""2.0"" IssueInstant=""2013-01-01T00:00:00Z""><saml2:Issuer>https://idp.example.com</saml2:Issuer><saml2p:Status><saml2p:StatusCode Value=""urn:oasis:names:tc:SAML:2.0:status:Requester"" /></saml2p:Status><Signature xmlns=""http://www.w3.org/2000/09/xmldsig#""><SignedInfo><CanonicalizationMethod Algorithm=""http://www.w3.org/TR/2001/REC-xml-c14n-20010315"" /><SignatureMethod Algorithm=""http://www.w3.org/2000/09/xmldsig#rsa-sha1"" /></SignedInfo><SignatureValue>tYFIoYmrzmp3H7TXm9IS8DW3buBZIb6sI2ycrn+AOnVcdYnPTJpk3ntHlqQKXNEyXgXZNdqEuFpgI1I0P0TlhM+C3rBJnflkApkxZkak5RwnJzDWTHpsSDjYcm+/XgBy3JVZJuMWb2YPaV8GB6cjBMDrENUEaoKRg+FpzPUZO1EOMcqbocXp5cHie1CkPnD1OtT/cuzMBUMpBGZMxjZwdFpOO7R3CUXh/McxKfoGUQGC3DVpt5T8uGkpj4KqZVPS/qTCRhbPRDjg73BdWbdkFpFWge8G/FgkYxr9LBE1TsrxptppO9xoA5jXwJVZaWndSMvo6TuOjUgqY2w5RTkqhA==</SignatureValue></Signature></saml2p:Response>";
+
+            var samlResponse = Saml2Response.Read(signedWithoutReference);
+
+            Action a = () => samlResponse.GetClaims(Options.FromConfiguration);
+
+            a.ShouldThrow<Saml2ResponseFailedValidationException>()
+                .WithMessage("No reference found in Xml signature, it doesn't validate the Xml data.");
+        }
+
         [TestMethod]
         public void Saml2Response_GetClaims_ReturnsExistingResultOnSecondGetClaimsCall()
         {