Examples with RelyingPartyRegistrationResolver org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver used on opensource projects

Search in sources :

Example 1 with RelyingPartyRegistrationResolver

use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.

the class Saml2LoginConfigurer method getAuthenticationRequestContextResolver.

private Saml2AuthenticationRequestContextResolver getAuthenticationRequestContextResolver(B http) {
    Saml2AuthenticationRequestContextResolver resolver = getBeanOrNull(http, Saml2AuthenticationRequestContextResolver.class);
    if (resolver != null) {
        return resolver;
    }
    RelyingPartyRegistrationResolver registrationResolver = new DefaultRelyingPartyRegistrationResolver(this.relyingPartyRegistrationRepository);
    return new DefaultSaml2AuthenticationRequestContextResolver(registrationResolver);
}
Also used : DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)

Example 2 with RelyingPartyRegistrationResolver

use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.

the class Saml2LogoutConfigurer method createLogoutRequestProcessingFilter.

private Saml2LogoutRequestFilter createLogoutRequestProcessingFilter(RelyingPartyRegistrationResolver registrations) {
    LogoutHandler[] logoutHandlers = this.logoutHandlers.toArray(new LogoutHandler[0]);
    Saml2LogoutResponseResolver logoutResponseResolver = createSaml2LogoutResponseResolver(registrations);
    Saml2LogoutRequestFilter filter = new Saml2LogoutRequestFilter(registrations, this.logoutRequestConfigurer.logoutRequestValidator(), logoutResponseResolver, logoutHandlers);
    filter.setLogoutRequestMatcher(createLogoutRequestMatcher());
    return postProcess(filter);
}
Also used : Saml2LogoutRequestFilter(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutRequestFilter) Saml2LogoutResponseResolver(org.springframework.security.saml2.provider.service.web.authentication.logout.Saml2LogoutResponseResolver) CsrfLogoutHandler(org.springframework.security.web.csrf.CsrfLogoutHandler) LogoutSuccessEventPublishingLogoutHandler(org.springframework.security.web.authentication.logout.LogoutSuccessEventPublishingLogoutHandler) SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler) LogoutHandler(org.springframework.security.web.authentication.logout.LogoutHandler)

Example 3 with RelyingPartyRegistrationResolver

use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.

the class Saml2LogoutConfigurer method configure.

/**
 * {@inheritDoc}
 */
@Override
public void configure(H http) throws Exception {
    LogoutConfigurer<H> logout = http.getConfigurer(LogoutConfigurer.class);
    if (logout != null) {
        this.logoutHandlers = logout.getLogoutHandlers();
        this.logoutSuccessHandler = logout.getLogoutSuccessHandler();
    }
    RelyingPartyRegistrationResolver registrations = relyingPartyRegistrationResolver(http);
    http.addFilterBefore(createLogoutRequestProcessingFilter(registrations), CsrfFilter.class);
    http.addFilterBefore(createLogoutResponseProcessingFilter(registrations), CsrfFilter.class);
    http.addFilterBefore(createRelyingPartyLogoutFilter(registrations), LogoutFilter.class);
}
Also used : DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)

Example 4 with RelyingPartyRegistrationResolver

use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.

the class Saml2WebSsoAuthenticationRequestFilterTests method doFilterWhenPathStartsWithRegistrationIdThenPosts.

@Test
public void doFilterWhenPathStartsWithRegistrationIdThenPosts() throws Exception {
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().assertingPartyDetails((party) -> party.singleSignOnServiceBinding(Saml2MessageBinding.POST)).build();
    RequestMatcher matcher = new AntPathRequestMatcher("/{registrationId}/saml2/authenticate");
    DefaultRelyingPartyRegistrationResolver delegate = new DefaultRelyingPartyRegistrationResolver(this.repository);
    RelyingPartyRegistrationResolver resolver = (request, id) -> {
        String registrationId = matcher.matcher(request).getVariables().get("registrationId");
        return delegate.resolve(request, registrationId);
    };
    Saml2AuthenticationRequestContextResolver authenticationRequestContextResolver = new DefaultSaml2AuthenticationRequestContextResolver(resolver);
    Saml2PostAuthenticationRequest authenticationRequest = mock(Saml2PostAuthenticationRequest.class);
    given(authenticationRequest.getAuthenticationRequestUri()).willReturn("uri");
    given(authenticationRequest.getRelayState()).willReturn("relay");
    given(authenticationRequest.getSamlRequest()).willReturn("saml");
    given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
    given(this.factory.createPostAuthenticationRequest(any())).willReturn(authenticationRequest);
    this.filter = new Saml2WebSsoAuthenticationRequestFilter(authenticationRequestContextResolver, this.factory);
    this.filter.setRedirectMatcher(matcher);
    this.request.setPathInfo("/registration-id/saml2/authenticate");
    this.filter.doFilter(this.request, this.response, new MockFilterChain());
    verify(this.repository).findByRegistrationId("registration-id");
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) Saml2AuthenticationRequestRepository(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestRepository) ArgumentMatchers.any(org.mockito.ArgumentMatchers.any) BeforeEach(org.junit.jupiter.api.BeforeEach) MockFilterChain(org.springframework.mock.web.MockFilterChain) ArgumentMatchers.eq(org.mockito.ArgumentMatchers.eq) RelyingPartyRegistrationRepository(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository) Assertions.assertThat(org.assertj.core.api.Assertions.assertThat) Saml2AuthenticationRequestResolver(org.springframework.security.saml2.provider.service.web.authentication.Saml2AuthenticationRequestResolver) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) ServletException(jakarta.servlet.ServletException) MockHttpServletResponse(org.springframework.mock.web.MockHttpServletResponse) RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) HtmlUtils(org.springframework.web.util.HtmlUtils) Saml2MessageBinding(org.springframework.security.saml2.provider.service.registration.Saml2MessageBinding) Mockito.verifyNoInteractions(org.mockito.Mockito.verifyNoInteractions) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) BDDMockito.given(org.mockito.BDDMockito.given) AbstractSaml2AuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest) Saml2AuthenticationRequestContext(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestContext) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) Saml2RedirectAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2RedirectAuthenticationRequest) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) Saml2AuthenticationRequestFactory(org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory) ServletRequest(jakarta.servlet.ServletRequest) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) IOException(java.io.IOException) MockHttpServletRequest(org.springframework.mock.web.MockHttpServletRequest) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) StandardCharsets(java.nio.charset.StandardCharsets) Mockito.verify(org.mockito.Mockito.verify) Test(org.junit.jupiter.api.Test) TestSaml2X509Credentials(org.springframework.security.saml2.credentials.TestSaml2X509Credentials) ServletResponse(jakarta.servlet.ServletResponse) Assertions.assertThatIllegalArgumentException(org.assertj.core.api.Assertions.assertThatIllegalArgumentException) UriUtils(org.springframework.web.util.UriUtils) HttpServletResponse(jakarta.servlet.http.HttpServletResponse) TestSaml2AuthenticationRequestContexts(org.springframework.security.saml2.provider.service.authentication.TestSaml2AuthenticationRequestContexts) TestRelyingPartyRegistrations(org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) Mockito.mock(org.mockito.Mockito.mock) RequestMatcher(org.springframework.security.web.util.matcher.RequestMatcher) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) Saml2PostAuthenticationRequest(org.springframework.security.saml2.provider.service.authentication.Saml2PostAuthenticationRequest) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) DefaultRelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver) RelyingPartyRegistrationResolver(org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver) MockFilterChain(org.springframework.mock.web.MockFilterChain) DefaultSaml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver) Saml2AuthenticationRequestContextResolver(org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver) Test(org.junit.jupiter.api.Test)

Example 5 with RelyingPartyRegistrationResolver

use of org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver in project spring-security by spring-projects.

the class Saml2MetadataFilterTests method doFilterWhenPathStartsWithRegistrationIdThenServesMetadata.

@Test
public void doFilterWhenPathStartsWithRegistrationIdThenServesMetadata() throws Exception {
    RelyingPartyRegistration registration = TestRelyingPartyRegistrations.full().build();
    given(this.repository.findByRegistrationId("registration-id")).willReturn(registration);
    given(this.resolver.resolve(any())).willReturn("metadata");
    RelyingPartyRegistrationResolver resolver = new DefaultRelyingPartyRegistrationResolver((id) -> this.repository.findByRegistrationId("registration-id"));
    this.filter = new Saml2MetadataFilter(resolver, this.resolver);
    this.filter.setRequestMatcher(new AntPathRequestMatcher("/metadata"));
    this.request.setPathInfo("/metadata");
    this.filter.doFilter(this.request, this.response, new MockFilterChain());
    verify(this.repository).findByRegistrationId("registration-id");
}
Also used : RelyingPartyRegistration(org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration) AntPathRequestMatcher(org.springframework.security.web.util.matcher.AntPathRequestMatcher) MockFilterChain(org.springframework.mock.web.MockFilterChain) Test(org.junit.jupiter.api.Test)

Aggregations

DefaultRelyingPartyRegistrationResolver (org.springframework.security.saml2.provider.service.web.DefaultRelyingPartyRegistrationResolver)5 RelyingPartyRegistrationResolver (org.springframework.security.saml2.provider.service.web.RelyingPartyRegistrationResolver)5 MockFilterChain (org.springframework.mock.web.MockFilterChain)4 BeforeEach (org.junit.jupiter.api.BeforeEach)3 Test (org.junit.jupiter.api.Test)3 MockHttpServletRequest (org.springframework.mock.web.MockHttpServletRequest)3 MockHttpServletResponse (org.springframework.mock.web.MockHttpServletResponse)3 RelyingPartyRegistration (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistration)3 RelyingPartyRegistrationRepository (org.springframework.security.saml2.provider.service.registration.RelyingPartyRegistrationRepository)3 HttpServletResponse (jakarta.servlet.http.HttpServletResponse)2 Assertions.assertThatIllegalArgumentException (org.assertj.core.api.Assertions.assertThatIllegalArgumentException)2 BDDMockito.given (org.mockito.BDDMockito.given)2 Mockito.mock (org.mockito.Mockito.mock)2 Mockito.verify (org.mockito.Mockito.verify)2 Mockito.verifyNoInteractions (org.mockito.Mockito.verifyNoInteractions)2 AbstractSaml2AuthenticationRequest (org.springframework.security.saml2.provider.service.authentication.AbstractSaml2AuthenticationRequest)2 Saml2AuthenticationRequestFactory (org.springframework.security.saml2.provider.service.authentication.Saml2AuthenticationRequestFactory)2 TestRelyingPartyRegistrations (org.springframework.security.saml2.provider.service.registration.TestRelyingPartyRegistrations)2 DefaultSaml2AuthenticationRequestContextResolver (org.springframework.security.saml2.provider.service.web.DefaultSaml2AuthenticationRequestContextResolver)2 Saml2AuthenticationRequestContextResolver (org.springframework.security.saml2.provider.service.web.Saml2AuthenticationRequestContextResolver)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial