Example 1 with Saml2PostAuthenticationRequest
use of org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest in project spring-security by spring-projects.
the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenPathStartsWithRegistrationIdThenPosts.
@Test
public void doFilterWhenPathStartsWithRegistrationIdThenPosts() throws Exception {
RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST)).build();
RequestMatcher matcher = new AntPathRequestMatcher("/{registrationId}/saml2/authenticate");
DefaultRelyingPartyRegistrationResolver delegate = new DefaultRelyingPartyRegistrationResolver(this.repository);
RelyingPartyRegistrationResolver resolver = (request, id) -> {
String registrationId = matcher.matcher(request).getVariables().get("registrationId");
return delegate.resolve(request, registrationId);
};
Saml2AuthenticationRequestContextResolver authenticationRequestContextResolver = new DefaultSaml2AuthenticationRequestContextResolver(resolver);
Saml2PostAuthenticationRequest authenticationRequest = mock(Saml2PostAuthenticationRequest.class);
given(authenticationRequest.getAuthenticationRequestUri()).willReturn("uri");
given(authenticationRequest.getRelayState()).willReturn("relay");
given(authenticationRequest.getSamlRequest()).willReturn("saml");
given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
given(this.factory.createPostAuthenticationRequest(any())).willReturn(authenticationRequest);
this.filter = new Saml2WebSsoAuthenticationRequestFilter(authenticationRequestContextResolver, this.factory);
this.filter.setRedirectMatcher(matcher);
this.request.setPathInfo("/registration-id/saml2/authenticate");
this.filter.doFilter(this.request, this.response, new MockFilterChain());
verify(this.repository).findByRegistrationId("registration-id");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository)
ArgumentMatchers.any(org.mockito.ArgumentMatchers.any)
BeforeEach(org.junit.jupiter.api.BeforeEach)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq)
RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
ServletException(jakarta.servlet.ServletException)
MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
HtmlUtils(org.springframework.web.util.HtmlUtils)
Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)
Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions)
Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)
BDDMockito.given(org.mockito.BDDMockito.given)
AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest)
Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext)
Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)
Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)
ServletRequest(jakarta.servlet.ServletRequest)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
IOException(java.io.IOException)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
StandardCharsets(java.nio.charset.StandardCharsets)
Mockito.verify(org.mockito.Mockito.verify)
Test(org.junit.jupiter.api.Test)
TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials)
ServletResponse(jakarta.servlet.ServletResponse)
Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException)
UriUtils(org.springframework.web.util.UriUtils)
HttpServletResponse(jakarta.servlet.http.HttpServletResponse)
TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
Mockito.mock(org.mockito.Mockito.mock)
RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)
AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)
RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)
MockFilterChain(org.springframework.mock.web.MockFilterChain)
DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)
Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)
Test(org.junit.jupiter.api.Test)
Example 2 with Saml2PostAuthenticationRequest
use of org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest in project spring-security by spring-projects.
the class OpenSaml4AuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses.
@Test
public void createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses() {
RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationBuilder.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT).build();
Saml2AuthenticationRequestContext context = this.contextBuilder.relyingPartyRegistration(relyingPartyRegistration).build();
Saml2PostAuthenticationRequest request = this.factory.createPostAuthenticationRequest(context);
String samlRequest = request.getSamlRequest();
String inflated = new String(Saml2Utils.samlDecode(samlRequest));
assertThat(inflated).contains("ProtocolBinding=\"" + SAMLConstants.SAML2_REDIRECT_BINDING_URI + "\"");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Test(org.junit.jupiter.api.Test)
Example 3 with Saml2PostAuthenticationRequest
use of org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest in project spring-security by spring-projects.
the class OpenSaml4AuthenticationRequestFactory method createPostAuthenticationRequest.
/**
* {@inheritDoc}
*/
@Override
public Saml2PostAuthenticationRequest createPostAuthenticationRequest(Saml2AuthenticationRequestContext context) {
AuthnRequest authnRequest = this.authenticationRequestContextConverter.convert(context);
RelyingPartyRegistration registration = context.getRelyingPartyRegistration();
if (registration.getAssertingPartyDetails().getWantAuthnRequestsSigned()) {
OpenSamlSigningUtils.sign(authnRequest, registration);
}
String xml = OpenSamlSigningUtils.serialize(authnRequest);
return Saml2PostAuthenticationRequest.withAuthenticationRequestContext(context).samlRequest(Saml2Utils.samlEncode(xml.getBytes(StandardCharsets.UTF_8))).build();
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
AuthnRequest(org.opensaml.saml.saml2.core.AuthnRequest)
Example 4 with Saml2PostAuthenticationRequest
use of org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest in project spring-security by spring-projects.
the class OpenSamlAuthenticationRequestResolverTests method resolveAuthenticationRequestWhenSignedPostThenSignsAndPosts.
@Test
public void resolveAuthenticationRequestWhenSignedPostThenSignsAndPosts() {
MockHttpServletRequest request = new MockHttpServletRequest();
request.setPathInfo("/saml2/authenticate/registration-id");
RelyingPartyRegistration registration = this.relyingPartyRegistrationBuilder.assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST)).build();
OpenSamlAuthenticationRequestResolver resolver = authenticationRequestResolver(registration);
Saml2PostAuthenticationRequest result = resolver.resolve(request, (r, authnRequest) -> {
assertThat(authnRequest.getAssertionConsumerServiceURL()).isEqualTo(registration.getAssertionConsumerServiceLocation());
assertThat(authnRequest.getProtocolBinding()).isEqualTo(registration.getAssertionConsumerServiceBinding().getUrn());
assertThat(authnRequest.getDestination()).isEqualTo(registration.getAssertingPartyDetails().getSingleSignOnServiceLocation());
assertThat(authnRequest.getIssuer().getValue()).isEqualTo(registration.getEntityId());
});
assertThat(result.getSamlRequest()).isNotEmpty();
assertThat(result.getRelayState()).isNotNull();
assertThat(result.getBinding()).isEqualTo(Saml2MessageBinding.POST);
assertThat(new String(Saml2Utils.samlDecode(result.getSamlRequest()))).contains("Signature");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Assertions.assertThat(org.assertj.core.api.Assertions.assertThat)
Saml2Exception(org.springframework.security.saml2.Saml2Exception)
Test(org.junit.Test)
Saml2X509Credential(org.springframework.security.saml2.core.Saml2X509Credential)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
TestSaml2X509Credentials(org.springframework.security.saml2.core.TestSaml2X509Credentials)
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)
Assertions.assertThatExceptionOfType(org.assertj.core.api.Assertions.assertThatExceptionOfType)
SignatureConstants(org.opensaml.xmlsec.signature.support.SignatureConstants)
TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)
Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)
Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)
Before(org.junit.Before)
Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)
MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest)
Test(org.junit.Test)
Example 5 with Saml2PostAuthenticationRequest
use of org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest in project spring-security by spring-projects.
the class OpenSamlAuthenticationRequestFactoryTests method createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses.
@Test
public void createPostAuthenticationRequestWhenAssertionConsumerServiceBindingThenUses() {
RelyingPartyRegistration relyingPartyRegistration = this.relyingPartyRegistrationBuilder.assertionConsumerServiceBinding(Saml2MessageBinding.REDIRECT).build();
Saml2AuthenticationRequestContext context = this.contextBuilder.relyingPartyRegistration(relyingPartyRegistration).build();
Saml2PostAuthenticationRequest request = this.factory.createPostAuthenticationRequest(context);
String samlRequest = request.getSamlRequest();
String inflated = new String(Saml2Utils.samlDecode(samlRequest));
assertThat(inflated).contains("ProtocolBinding=\"" + SAMLConstants.SAML2_REDIRECT_BINDING_URI + "\"");
}
Also used :
RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)
Test(org.junit.jupiter.api.Test)
Aggregations
RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)9
Assertions.assertThat (org.assertj.core.api.Assertions.assertThat)5
Test (org.junit.jupiter.api.Test)5
MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)5
Saml2PostAuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest)5
Saml2RedirectAuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest)5
Saml2MessageBinding (org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding)5
TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)5
ServletException (jakarta.servlet.ServletException)3
ServletRequest (jakarta.servlet.ServletRequest)3
ServletResponse (jakarta.servlet.ServletResponse)3
HttpServletResponse (jakarta.servlet.http.HttpServletResponse)3
IOException (java.io.IOException)3
StandardCharsets (java.nio.charset.StandardCharsets)3
Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)3
BeforeEach (org.junit.jupiter.api.BeforeEach)3
ArgumentMatchers.any (org.mockito.ArgumentMatchers.any)3
ArgumentMatchers.eq (org.mockito.ArgumentMatchers.eq)3
BDDMockito.given (org.mockito.BDDMockito.given)3
Mockito.mock (org.mockito.Mockito.mock)3
