Examples with Saml2AuthenticationRequestContext - org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext

Example 1 with Saml2AuthenticationRequestContext

use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.

the class Saml2LoginConfigurerTests method saml2LoginWhenCustomAuthenticationRequestContextResolverThenUses.

@Test
public void saml2LoginWhenCustomAuthenticationRequestContextResolverThenUses() throws Exception {
    this.spring.register(CustomAuthenticationRequestContextResolver.class).autowire();
    Saml2AuthenticationRequestContext context = TestSaml2AuthenticationRequestContexts.authenticationRequestContext().build();
    Saml2AuthenticationRequestContextResolver resolver = this.spring.getContext().getBean(Saml2AuthenticationRequestContextResolver.class);
    given(resolver.resolve(any(HttpServletRequest.class))).willReturn(context);
    this.mvc.perform(get("/saml2/authenticate/registration-id")).andExpect(status().isFound());
    verify(resolver).resolve(any(HttpServletRequest.class));
}

Also used : MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) HttpServletRequest(jakarta.servlet.http.HttpServletRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) Test(org.junit.jupiter.api.Test)

Example 2 with Saml2AuthenticationRequestContext

use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenRelayStateThenRedirectDoesContainParameter.

@Test
public void doFilterWhenRelayStateThenRedirectDoesContainParameter() throws ServletException, IOException {
    Saml2AuthenticationRequestContext context = authenticationRequestContext().build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).contains("RelayState=relayState").startsWith(IDP_SSO_URL);
}

Also used : Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Test(org.junit.jupiter.api.Test)

Example 3 with Saml2AuthenticationRequestContext

use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenSignatureIsDisabledThenSignatureParametersAreNotInTheRedirectURL.

@Test
public void doFilterWhenSignatureIsDisabledThenSignatureParametersAreNotInTheRedirectURL() throws Exception {
    Saml2AuthenticationRequestContext context = authenticationRequestContext().build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).doesNotContain("SigAlg=").doesNotContain("Signature=").startsWith(IDP_SSO_URL);
}

Example 4 with Saml2AuthenticationRequestContext

use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenRedirectThenSaveRedirectRequest.

@Test
public void doFilterWhenRedirectThenSaveRedirectRequest() throws ServletException, IOException {
    Saml2AuthenticationRequestContext context = authenticationRequestContext().build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    verify(this.authenticationRequestRepository).saveAuthenticationRequest(any(Saml2RedirectAuthenticationRequest.class), eq(this.request), eq(this.response));
}

Example 5 with Saml2AuthenticationRequestContext

use of org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenRelayStateThatRequiresEncodingThenRedirectDoesContainsEncodedParameter.

@Test
public void doFilterWhenRelayStateThatRequiresEncodingThenRedirectDoesContainsEncodedParameter() throws Exception {
    String relayStateValue = "https://my-relay-state.example.com?with=param&other=param";
    String relayStateEncoded = UriUtils.encode(relayStateValue, StandardCharsets.ISO_8859_1);
    Saml2AuthenticationRequestContext context = authenticationRequestContext().relayState(relayStateValue).build();
    Saml2RedirectAuthenticationRequest request = redirectAuthenticationRequest(context).build();
    given(this.resolver.resolve(any())).willReturn(context);
    given(this.factory.createRedirectAuthenticationRequest(any())).willReturn(request);
    this.filter.doFilterInternal(this.request, this.response, this.filterChain);
    assertThat(this.response.getHeader("Location")).contains("RelayState=" + relayStateEncoded).startsWith(IDP_SSO_URL);
}

Aggregations

Test (org.junit.jupiter.api.Test)17 Saml2AuthenticationRequestContext (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)14 RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)13 AuthnRequest (org.opensaml.saml.saml2.core.AuthnRequest)9 Saml2RedirectAuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)9 Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)7 StandardCharsets (java.nio.charset.StandardCharsets)6 Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)4 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)4 BeforeEach (org.junit.jupiter.api.BeforeEach)4 BDDMockito.given (org.mockito.BDDMockito.given)4 Mockito.mock (org.mockito.Mockito.mock)4 Mockito.verify (org.mockito.Mockito.verify)4 SAMLConstants (org.opensaml.saml.common.xml.SAMLConstants)4 Converter (org.springframework.core.convert.converter.Converter)4 TestSaml2X509Credentials (org.springframework.security.saml2.credentials.TestSaml2X509Credentials)4 QueryParametersPartial (org.springframework.security.saml2.provider.service.authentication.OpenSamlSigningUtils.QueryParametersPartial)4 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)4 Instant (java.time.Instant)3 DateTime (org.joda.time.DateTime)3